last executing test programs:

15m50.221744491s ago: executing program 32 (id=330):
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
io_setup(0x9, &(0x7f0000000000))
r0 = epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40088a01, &(0x7f0000000000)=0x10)

11m11.477923499s ago: executing program 33 (id=2963):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/vmstat\x00', 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x4e21, @multicast2}, 0x10)
sendfile(r1, r0, 0x0, 0x20000023893)

9m36.289581969s ago: executing program 34 (id=3744):
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000000d06010200000000000000000500000211000300686173683a69702c706f727400000000050001"], 0x38}, 0x1, 0x0, 0x0, 0x20008040}, 0x40048100)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x60042, 0x0)
syz_usb_connect$hid(0x6, 0x0, 0x0, 0x0)
write$binfmt_elf64(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="7f454c460e02fab7ff7f00000000000002000300fffeffffdf020000000000004000000000000000030300ef0000000000000000080038000100040004000d000300000000800000000000000000000007000000000000000800000000004000050000000000000002"], 0x78)
ioctl$SNDCTL_SEQ_SYNC(r0, 0x5101)

9m10.090300527s ago: executing program 3 (id=3930):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000097000/0x1000)=nil, 0x1000, 0x4, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

9m8.69402003s ago: executing program 3 (id=3924):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})

9m8.292788909s ago: executing program 3 (id=3926):
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2082)

9m7.08535785s ago: executing program 3 (id=3935):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101090, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
mount(0x0, &(0x7f0000000440)='./file0/../file0/../file0\x00', &(0x7f00000004c0)='devpts\x00', 0x0, 0x0)
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00')

9m6.65286438s ago: executing program 3 (id=3938):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

9m5.785498378s ago: executing program 3 (id=3940):
r0 = syz_io_uring_setup(0xefd, &(0x7f0000000080)={0x0, 0x8000, 0x1, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0, &(0x7f0000000180))
syz_io_uring_modify_offsets$generic(r1, r2, 0x2c, 0x10000)
io_uring_enter(r0, 0x1cc5, 0x22cb, 0x40, 0x0, 0x0)
io_uring_enter(r0, 0x24b7, 0xcb15, 0x21, 0x0, 0x0)
io_uring_enter(r0, 0x1, 0x1, 0x1, 0x0, 0x0)

9m5.035181451s ago: executing program 35 (id=3940):
r0 = syz_io_uring_setup(0xefd, &(0x7f0000000080)={0x0, 0x8000, 0x1, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0, &(0x7f0000000180))
syz_io_uring_modify_offsets$generic(r1, r2, 0x2c, 0x10000)
io_uring_enter(r0, 0x1cc5, 0x22cb, 0x40, 0x0, 0x0)
io_uring_enter(r0, 0x24b7, 0xcb15, 0x21, 0x0, 0x0)
io_uring_enter(r0, 0x1, 0x1, 0x1, 0x0, 0x0)

8m39.759255314s ago: executing program 8 (id=4100):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x300f401, 0x0, 0x2, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000540)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(0xffffffffffffff9c, &(0x7f00000003c0)='./cgroup\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000)

8m39.447967566s ago: executing program 8 (id=4102):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000000c0)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000080)={{@local, 0x2}, @local, 0x0, 0x0, 0x5e, 0x200000000000, 0x100000000000006})
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(r0, 0x7a4, &(0x7f0000000540)={{@local, 0x2}, 0x0, 0x9, 0xffffffff, 0x40})

8m38.863626187s ago: executing program 8 (id=4106):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x40441, 0x197)
r0 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x13)
tkill(r0, 0x12)
waitid(0x1, r0, 0x0, 0x8, &(0x7f0000000240))

8m37.688274324s ago: executing program 8 (id=4119):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3a09007, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0/../file0/../file0\x00')

8m37.167087521s ago: executing program 8 (id=4123):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd)
write$binfmt_aout(r0, &(0x7f0000000000)=ANY=[], 0xff2e)
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x1)

8m33.883719838s ago: executing program 8 (id=4145):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000400000009"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x1000, 0x0, r0}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r1}, &(0x7f0000000840), &(0x7f0000000880)=r0}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000180), &(0x7f00000002c0)=r0}, 0x20)

8m32.690702209s ago: executing program 36 (id=4145):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000400000009"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x4, 0x4, 0x1000, 0x0, r0}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r1}, &(0x7f0000000840), &(0x7f0000000880)=r0}, 0x20)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r1}, &(0x7f0000000180), &(0x7f00000002c0)=r0}, 0x20)

4m42.132545958s ago: executing program 2 (id=6103):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f00000000c0)='.\x00', 0x5000009)
fallocate(r0, 0x0, 0x1000000, 0x3)
mmap(&(0x7f00002d6000/0xe000)=nil, 0xe000, 0xc, 0x11, r0, 0xffff9000)

4m40.975087629s ago: executing program 2 (id=6111):
capset(&(0x7f0000000c00)={0x20071026}, &(0x7f0000000140))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000001c0)='\x00', 0x1}], 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000300), 0x0)
sendmmsg$unix(r0, &(0x7f0000005400)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)='+', 0x1}], 0x1, &(0x7f0000000880)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}}], 0x1, 0x11)

4m40.665599059s ago: executing program 2 (id=6113):
r0 = io_uring_setup(0x785a, &(0x7f0000000580)={0x0, 0xddf5, 0x80, 0xfffffe01, 0x183})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x2c, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
timer_create(0x0, 0x0, 0x0)
close_range(r0, r0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000080))

4m39.629783875s ago: executing program 2 (id=6122):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x40, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000340)='./file0/../file0/../file0\x00')

4m39.38639459s ago: executing program 2 (id=6124):
socket$unix(0x1, 0x2, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x80c42, 0x0)
r0 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0xc00, 0x0, 0x823}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0, &(0x7f0000000180)=<r3=>0x0)
syz_io_uring_submit(r1, r2, r3, &(0x7f0000000000)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x4004, @fd_index=0x4, 0x718a, 0x0, 0x0, 0x12, 0x1, {0x2}})
io_uring_enter(r0, 0x742f, 0x77ae, 0x1, 0x0, 0x100000)

4m37.165086885s ago: executing program 2 (id=6140):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x8, 0x94, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @hyper}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1f, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)

4m36.311842748s ago: executing program 37 (id=6140):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x8, 0x94, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @hyper}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1f, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)

3m41.721096999s ago: executing program 6 (id=6553):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x10040)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x32}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x67, 0x0, 0x2, 0x6, 0x0, @rand_addr=0x64010001, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2, 0x5, 0x0, 0x6}}}}}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000003c0)={@local, @random="333d973b1769", @val={@void, {0x8100, 0x0, 0x0, 0x4}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x67, 0x0, 0x2, 0x6, 0x0, @rand_addr=0x64010001, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0x2, 0x0, 0x0, 0x0, {[@mss={0x2, 0x4, 0xfff}]}}}}}}}, 0x0)

3m41.188337172s ago: executing program 6 (id=6562):
write$binfmt_register(0xffffffffffffffff, &(0x7f00000009c0)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x1, 0x3a, '#%\\h*@#Lw\x9e5\x9f6k\x886\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeahJ\xee\'X\x9a\xd4\xfeI6\xd9\x1b\xc8\x14.\xfa\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfei\xf0\xa2\x9c3\xee/\xcf\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\f\xef\x8a\x95\xdd\xac\xab\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d\xdc\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaa\xdbe\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a', 0x3a, '#%\\x6\xafm\xa0\b\x81\xdc\xd1\x8f\x93r2\x0eeu}\xf7\"\xbd&-~\xeah\x00\x00\xb8\x03\x16\x96\x11\xa8\x90{\xc5\xe2\xf1u\xd1\xca\x8a>\xc3\x84\xd3\xcf\xa7\x1f\xc1\xb5\x12\xd0\x1e\x98\xce+\x12\xaex{\x91\xc7bw\xcaC\xe1/\x19\xfe\xfd\xff\xff\xff\xff\xff\xff\xff\xdew \x1c\xc7=\xfb\xb8\x88\x132\xf9\xbf7K\x8d\x16\xa6\xbf4\v\xces\xa4\x13\xb1\x14\x89\xa0\x14P\x97\x81%)\xa1\x0e)2a2\xa2\xef\xff#T}`\x88r\xb3\xd8\x19\x06\xde\xb7\xf0GR.?i|\xafhs\x1d)\x12\x85!\xaaqg\x10\xec\x1b\xcb\xfc6\xba\xde\x13\xdf\xc6Z+\r\xb4\x9a\xe8V1\x82\xce\xdd\xddx\xe7H\xa3N\x92\xdb\xaae\xc1\x05P\b<\x1e\xd6\x92\x89\xaa\xbe\xda\\|\xcf\xaf$.\x10\x8d\x9aie\xd3W\x1e\xd2L\xfa\xcc\xfb\xc2\x90\x99\xa9\x9f\xcd\xfasX\x9d\xbb\x8f\x1a\x00'/246, 0x3a, './file1'}, 0x225)
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x1f}, 0x3}, 0x1c)
r1 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000019200)=@raw={'raw\x00', 0x8, 0x3, 0x4d8, 0x180, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x408, 0xffffffff, 0xffffffff, 0x408, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@loopback, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x158, 0x180, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@iprange={{0x68}, {@ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4=@multicast2, @ipv6=@loopback, @ipv6=@empty}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x538)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xff8a}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

3m39.638587199s ago: executing program 6 (id=6576):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000040)=0x95, 0x4)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000080)=ANY=[], 0x158)
connect$inet6(r0, &(0x7f0000002140)={0xa, 0x4e25, 0x1, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000000)='wg2\x00', 0x4)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)

3m37.972579985s ago: executing program 6 (id=6592):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x3, &(0x7f0000000000)={[{@user_xattr}, {@nobarrier}, {@norecovery}, {@errors_remount}, {@grpid}]}, 0x8, 0x638, &(0x7f0000000940)="$eJzs3c9rVNceAPDvnZn8MHnvJcrjvedbPAOPh8KriYlapBSqexH7Y9dVaqJYo5EkpY0VGsFuCqWbFgpddVH7D3TdCoWuuui2i266KoIUyaIWqVPunR9OJpn8GGdyY/L54HXuuWfmnnOTfHPOnJxzJ4A9ayT9rxBxMCKuJxFDDXmlqGaOVJ63/ODmheUH6bFy+dVfk7j5XrLUeK6k+jhYffEfQ5H8UIg4UFxd7vzijSuTMzPTc9X02MLV62PzizeOXr46eWn60vS1iecnTp08cfLU+LH2L66Y/as7e/vNt4c+OPf6F589Ssa//OlcEqfjcfUJ6bU1v7yv/ZIzIzES5YqHjcfTr+uppzz3TvHbUO3n5Imk+QA71sXqz2NPRPwzhqLY8N0civdfzrVyQFeVk6i1UcCek7QV//2drwiwzWr9gMp7+8q2ca+h0OVeCbAd7p+pDABUYr8nImrxX6qMDUZ/NjYwsJysGOdJIuIpRubq0jK+//bc7XSLpnG4FcOGn3SgMGCFpVvZKHct1Bra/ySLzeHoz1IDy4UV8V9o2NLjr7RZ/khTenP9D6ATlm5FxL+q7X/v1uJ/pCH+32izfPEPAAAAAAAAnXP3TEQ8t9b8v0J9/s93X5XLzfN/BiPidAfK3/jvf4V71Z2kA8UBDe6fiXhxzfm/9Tm+w8Vq6q/ZfICe5OLlmeljEfG3iDgSPX1perzpvI0zhI9+eODTVuU3zv9Lt7T82lzA6pnulZoW4k5NLkw+7XUDEfdvRfw7m/97qHpk5fyftP1P1pj/m8b39U2WceB/d863yts4/oFuKX8ecXjN9v9JdztZ//4cY1l/YKzWK1jtP+9+9HWr8sU/5Cdt/wcq8d8ba8d/X9J4v575rZ2/NyKOL5bKrfLb7f/3Jq8VYyk7f20R48LceERvcrZYKzf1zuTCwtzE1uoMu1UtHrLH8Ur8H/nv+uN/9f5/Qxzui4ilTZb5j8eDP7fK0/5DftL4n1q//z+8sv3f+s7EneFvWhSfnN9U+38ia9OPVI8Y/4NGq+/HsdkAzaW6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCMK0TEXyIpjNb3C4XR0YjBiPh7DBRmZucX/n9x9q1rU2le9vn/hdon/Q5V0knt8/+HI6InItL0RDVdyz8eEfsj4uPiviw9emF2ZirviwcAAAAAAAAAAAAAAAAAAIAdYjBb81/ua17/n/qlmHftgK4rVR/FO+w9pbZfWe7raEWAbdd+/APPus3Hf09X6wFsv9bx//BRObOt1QG2kf4/7F1txr8/F8AuoP2HvWqTY3r93a4HkAftPwAAAAAA7Cr7D939MYmIpRf2ZVuqt5pnsj/sboW8KwDkxhxe2LtKs3nXAMhLO+/xB7pQDyA/SX3v9zUX+7ee/Z90p0IAAAAAAAAAAAAAwCqHD1r/D3vV+uv/ze2H3Wyd9f9rBb/bBcAu0vqjP7T9sNt5jw8kG/wisP4fAAAAAAAAAAAAAHaA/htXJmdmpufmF5+9nZfaeFVf3pVfmtwJX7rO7jzuzpl7ImJnXGCndpKIqB2JUusn127BkWNVc/69BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1P0ZAAD//07JJFQ=")
mkdirat(0xffffffffffffff9c, 0x0, 0xe)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x2a050ca, 0x0)
pivot_root(&(0x7f0000000340)='./file0/../file0\x00', &(0x7f0000000240)='./file0/../file0\x00')

3m36.533017903s ago: executing program 6 (id=6603):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_SET_FEATURE(r0, &(0x7f0000001140)={0x0, 0x100000058, &(0x7f0000000080)={&(0x7f0000000040)={0x33fe0}, 0x33fe0}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004"], 0x48)
sendmsg$AUDIT_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x3c, 0x3e9, 0x200, 0x70bd2c, 0x0, {0x0, 0x0, 0x1}}, 0x3c}}, 0x2400c0c0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

3m31.657215399s ago: executing program 6 (id=6636):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x8001)
fcntl$setsig(r1, 0xa, 0x31)
r2 = getpgid(0x0)
fcntl$setownex(r1, 0xf, &(0x7f0000000140)={0x2, r2})
sendmmsg$unix(r0, &(0x7f0000011500)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)="11", 0x1}], 0x1, 0x0, 0x0, 0x4004040}}], 0x1, 0x40015)

3m30.746878186s ago: executing program 38 (id=6636):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x8001)
fcntl$setsig(r1, 0xa, 0x31)
r2 = getpgid(0x0)
fcntl$setownex(r1, 0xf, &(0x7f0000000140)={0x2, r2})
sendmmsg$unix(r0, &(0x7f0000011500)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)="11", 0x1}], 0x1, 0x0, 0x0, 0x4004040}}], 0x1, 0x40015)

18.786711961s ago: executing program 4 (id=8358):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000100)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x5, 0x7fc00007}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x2007})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000140))

17.720817764s ago: executing program 4 (id=8366):
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r0, &(0x7f00000000c0)="8f2a0a65bd8c602b0304000e0580a7b6070d63e286a5cefe", 0x5ac)

17.442112837s ago: executing program 4 (id=8368):
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendto$packet(0xffffffffffffffff, &(0x7f00000000c0)="3f03fe7fee", 0x5, 0x0, 0x0, 0x0)
r2 = dup(r1)
getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x20, 0x6d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r3}}, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

14.977202391s ago: executing program 4 (id=8385):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r0 = syz_io_uring_setup(0x208c, &(0x7f0000000200)={0x0, 0xcb14, 0x10100, 0x3, 0x4001bf}, &(0x7f0000000040), &(0x7f0000000000), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000380)=""/113, 0x71}], 0x1)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

14.012922365s ago: executing program 4 (id=8394):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000600)={'macvtap0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="340000001400010000000000fbdbdf250a00a100", @ANYRES32=r2, @ANYBLOB="14000100ff05000000000000dfce00000000000108000800026e"], 0x34}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000015"], 0x34}, 0x1, 0x0, 0x0, 0x41c1}, 0x4040800)

12.806489345s ago: executing program 4 (id=8401):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000040)={0x2a, 0x1, 0xfffffffe}, 0xc)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000ac0), 0x40001de, 0x10002, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0x1, 0x4000}, 0xc)
writev(r1, &(0x7f0000000340)=[{&(0x7f0000000080)="fb", 0x1}], 0x1)

4.889478298s ago: executing program 7 (id=8460):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x0, @private2={0xfc, 0x2, '\x00', 0xff}}]}, &(0x7f0000000180)=0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000080)=r2, 0x4)

4.640520292s ago: executing program 7 (id=8463):
r0 = open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fcntl$lock(r0, 0x410, &(0x7f00000000c0)={0x1, 0x1, 0x1, 0xfffa})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x790f0000)
rename(&(0x7f0000000140)='./file0\x00', &(0x7f0000001900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
close(0x3)

4.510390862s ago: executing program 9 (id=8464):
r0 = io_uring_setup(0x3aa5, &(0x7f00000002c0)={0x0, 0x32b6, 0x80, 0x0, 0x16a})
r1 = syz_open_dev$media(&(0x7f0000000040), 0x7fdffffe, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f0000000080)=<r2=>0xffffffffffffffff)
r3 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_G_EXT_CTRLS(r3, 0xc0205648, &(0x7f0000000000)={0xf010000, 0x0, 0x0, r2, 0x0, 0x0})
close_range(r0, 0xffffffffffffffff, 0x0)

4.256761583s ago: executing program 9 (id=8466):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r1 = creat(&(0x7f0000000000)='./file1\x00', 0xf8)
r2 = fanotify_init(0xf00, 0x1)
fanotify_mark(r2, 0x105, 0x40009975, r1, 0x0)
fallocate(r0, 0x0, 0x1000000, 0x3)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)

4.210447491s ago: executing program 1 (id=8467):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r0 = io_uring_setup(0xd71, &(0x7f0000000080)={0x0, 0xb9d8, 0x2})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000002700)=""/4096, 0x2500}], 0x0, 0xa}, 0x20)

4.086199385s ago: executing program 0 (id=8468):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3.749279583s ago: executing program 0 (id=8470):
r0 = socket(0x40000000015, 0x5, 0x0)
recvmmsg(r0, &(0x7f0000007d80)=[{{0x0, 0x0, &(0x7f0000002640)=[{0x0}, {&(0x7f0000001440)=""/100, 0x64}], 0x2}, 0xfffe}], 0x1, 0x2, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
recvmmsg(r0, &(0x7f0000001740)=[{{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000400)=""/4096, 0x10c4}], 0x1}}], 0x4000210, 0x2, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[], 0xc4}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

3.748995169s ago: executing program 1 (id=8471):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)="00940a37", 0x4)
sendto$unix(r1, &(0x7f0000000440)="36d9a32e92c131d730b1abaedb51eb66fd2d5b1f7eda4f0e859fdaf294bad70673813533d8bf1c6a77b65a7afdc01b29e73571071a68d5def5d7df839810da130b9348f4d9d407eb478d5bfb298c552a498271af70914e14ba9476fd2a0e47984c25ea20afab3064a748add27a7149e9c4705475bda2ecec9ec30214f28c5e16fd3f50f604f20232c534409e52bff64fc6ca0f5e254083aec2794b7216e002e87caf3d0fa7d04ff9e3b03e81595a04979594ff6ea888bf13de8e8f74c6178e31e47593732ae1a501ad3641d423195a788efdb643f50a8c8b9794a62f7b8dfa0fa7da9d391b92ce2a7f9fe0f9d584a3775f", 0x703d59595f6742a8, 0x800, 0x0, 0x0)
recvfrom(r1, &(0x7f00000030c0)=""/4117, 0xffffffffffffffbf, 0x1, 0x0, 0xffffffffffffffb5)

3.420878728s ago: executing program 0 (id=8472):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000240), 0xa7c, r0}, 0x38)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)

3.420562149s ago: executing program 5 (id=8473):
r0 = socket$pppoe(0x18, 0x1, 0x0)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x1, @empty, 'ip_vti0\x00'}}, 0x1e)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x1, @empty, 'ip6tnl0\x00'}}, 0x1e)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000080)={0x18, 0x0, {0x1, @empty, 'ip_vti0\x00'}}, 0x1e)

3.202776561s ago: executing program 5 (id=8474):
openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="b800b5", @ANYRES16=0x0, @ANYBLOB="04002bbd7000fbdbdf2501"], 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x40001)
r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000080), &(0x7f0000000000)="15", 0x1, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r1}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'streebog512-generic\x00'}})

3.018027933s ago: executing program 9 (id=8475):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)=@newlink={0x3c, 0x10, 0x401, 0xfffffffc, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x1203, 0x48a4d}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x3, 0x0, 0x0)

3.006235025s ago: executing program 7 (id=8476):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x21081e, &(0x7f0000000240)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80000}}, {@quota}]}, 0x1, 0x50f, &(0x7f0000000fc0)="$eJzs3UFsI1cZAODfTpw42bRJSw8FQbu0hQWt1km8bVT1AOWEEKqE6BGkbUi8URQ7jmKnNGEP6ZkrEpU4wZELN849ceeC4MalHJAWiEAbJA5GM54k3qy9sTaJncbfJ41m3ryx//9tMu+tX2y/AEbWzYjYj4iJiPggImaz87lsi3fbW3Ldo4MHK4cHD1Zy0Wq9/89cWp+ci47HJG5kz1mMiB9+N+InuSfjNnb3Npar1cp2Vp5v1rbmG7t7d9Zry2uVtcpmuby0uLTw9t23yhfW1ldrE9nRVz774/43f5akNZOd6WzHRWo3vXAcJzEeEd+/jGBDMJa1Z2LYifBM8hHxYkS8lt7/szGW/jQBgOus1ZqN1mxnGQC47vLpHFguX8rmAmYiny+V2nN4L8V0vlpvNG/fr+9srrbnyuaikL+/Xq0sZHOFc1HIJeXF9PikXD5VvhsRL0TELyan0nJppV5dHeZ/fABghN04Nf7/Z7I9/gMA11xx2AkAAANn/AeA0WP8B4DRY/wHgNHTHv+nhp0GADBAXv8DwOgx/gPASPnBe+8lW+sw+/7r1Q93dzbqH95ZrTQ2SrWdldJKfXurtFavr6Xf2VM76/mq9frW4pux89Hct7YazfnG7t69Wn1ns3kv/V7ve5VCetX+AFoGAPTywquf/iWXjMjvTKVbdKzlUBhqZsBlyw87AWBoxoadADA0VvuC0XWO1/imB+DzrsvavN0Uu31AqNVqtS4hJWAwbn3R/D+Mqo75f+8ChhFj/h9Gl/l/GF2tVq7fNf+j3wsBgKvNHD/Q420AL2b732Z/HPjx6ukrPrnMrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBqO1r/t5StBT4T+XypFPFcRMxFIXd/vVpZiIjnI+LPk4XJpLw45JwBgPPK/z2Xrf91a/aNmceqXrlxfDgRET/91fu//Gi52dz+U8RE7l+TR+ebn2Tny4PPHgA429E4ne47Xsg/OniwcrQNMp+H34mIYjv+4cFEHB7HH4/xdF+MQkRM/zuXldtyHXMX57H/cUS83K39uZhJ50DaK5+ejp/Efm6g8fOPxc+nde198m/xhQvIBUbNp0n/8263+y8fN9N95/1/slp6Me2hzi/r/5KnWjlM+8CT+Ef931iP/u9mvzHe/MP32kdT2YNPVnt++HHEl8YjjmIfdvQ/R/FzPeK/0Wf8v375ldd61bV+HXErusfvjDXfrG3NN3b37qzXltcqa5XNcnlpcWnh7btvlefTOer53qPBP965/XyvuqT90z3iF89o/9f6bP9v/vfBj776lPjfeL1b/Hy89JT4yW/i1/uMvzz9+2KvuiT+ao/2n/Xzv91n/M/+tvfEsuEAwPA0dvc2lqvVyvaIHvzuaqQxYgfj8YwPT35lh518r4Nv93/xy+eKNRHdq37+evuePlXVaj1TrF49xkXMugFXwfFNHxH/HXYyAAAAAAAAAAAAAABAV4P4dNSw2wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD19f8AAAD//+7Mzkc=")
r0 = creat(&(0x7f0000000080)='./file1\x00', 0x8)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa0c42, 0x100)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r2, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0xd6a, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x2, 0x0, 0x0, 0xfffffffffe000001})

2.824086338s ago: executing program 5 (id=8477):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x789, &(0x7f0000000fc0)="$eJzs3c1rXFUbAPDnTpKmTfu+iSBo3RgQNFA6MTW2CgoVFyJYKOjadphMQ80kUzKT0oSALSK4EVRcCLrpyoUfdefWj63+Fy7EUjUtVlxI5E5m0kkzk07SZCaa3w9u5px77+ScZ879ODPncm8Ae9Zw+icTcTgi3ksiBmvzk4joq6Z6I06urHd7aTGfTkksL7/6W1Jd59bSYj4a3pM6WMs8HBHfvR1xJLO+3PL8wlSuWCzM1vKjlekLo+X5haPnp3OThcnCzPGx8fFjJ54+cXz7Yv3jx4VD199/6YkvT/711kPX3v0+iZNxqLasMY4te35tdjiGa59JX/oRrvHifRe2uyTdrgBbku6aPSt7eRyOweippgCA/7I3I2IZANhjEud/ANhj6r8D3FpazNen7v4i0Vk3XoiI/Svx18c3V5b01sbs9lfHQQduJWtGRpKIGNqG8ocj4pOvX/88nWK7xiEB2nD5SkScHRpef/xP1l2zsFlPbrBsX+11+K75aflGoKEzvkn7P8806/9lVvs/0aT/099k392KZvt/EnF5dcaBbShkAzc+jXiu4dq22w3x1wz11HL/q/b5+pJz54uF9Nj2/4gYib7+ND+2QRkjN/++2WpZY//v9w/e+CwtP329s0bml97+te+ZyFVy9xNzoxtXIh7pbRZ/str+SYv+7+k2y3j52Xc+brUsjT+Ntz6ti7/a/jt3Rli+GvF40/a/c0VbsuH1iaPVzWG0vlE08dVPHw20Kr+x/dMpLb/+XaAT0vYf2Dj+oaTxes3y5sv44ergt62W3Tv+5tv/vuS1arrej7iUq1RmxyL2Ja+sn3/sznsv5R6tpVbWT+Mfeaz5/r/R9p9+JzzbZvy913/9Yuvx76w0/olNtf/mE9duT/W0Kr+99h+vpkZqc9o5/rVbwfv57AAAAAAAAAAAAAAAAAAAAAAAAACgXZmIOBRJJruazmSy2ZVneD8YA5liqVw5cq40NzMR1WdlD0Vfpn6ry8GG+6GO1e6HX88fuyv/VEQ8EBEf9h9I6vdRnOhy7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQd7DF8/9TP/d3u3YAwI7Z3+0KAAAd5/wPAHuP8z8A7D3tnf97drweAEDn+P4PAHuP8z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA77PSpU+m0/OfSYj7NT1ycn5sqXTw6UShPZafn8tl8afZCdrJUmiwWsvnS9L3+X7FUujAeM3OXRiuFcmW0PL9wZro0N1M5c346N1k4U+jrSFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDnl+YWpXLFYmJXYQmJ5d1Sj+4me2ua0W+rT0USyO6qxzYkuH5gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/iX+CQAA//8vWSHt")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c0002800500010000000000080007"], 0x64}}, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000201010100000000000000000200000004000180180002801400018008000100b04c94a708000200ac1414aa140019800800010004000000080002"], 0x44}}, 0x0)

2.728778572s ago: executing program 9 (id=8478):
r0 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000000)={0x1, 0x4, 0x60, 0x7f, 0x17, "9f9413a4d68de2d71b63e573229ac6de50806c"})
mount$9p_fd(0x0, &(0x7f0000000280)='./cgroup\x00', &(0x7f0000000340), 0x8401, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r2}})

2.652094272s ago: executing program 9 (id=8479):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000009c0)={0x40, r2, 0x1, 0x78bd26, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa5}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x7}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x5}]}, 0x40}}, 0x20)

2.576371233s ago: executing program 1 (id=8480):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x1562, &(0x7f0000000040)={0x0, 0x36d, 0xc000, 0xc, 0xa0002f5})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pwritev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='0', 0x1}], 0x1, 0x1, 0x0)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

2.472930761s ago: executing program 9 (id=8481):
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000024d00)={0x0, 0x0, &(0x7f0000024cc0)={&(0x7f0000001600)=@delchain={0xec4, 0x65, 0x200, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x5, 0xc}, {0xfff3, 0x4}, {0x0, 0x2}}, [@f_rsvp6={{0xa}, {0xe94, 0x2, [@TCA_RSVP_CLASSID={0x8, 0x1, {0xe, 0xffea}}, @TCA_RSVP_SRC={0x14, 0x3, @empty}, @TCA_RSVP_PINFO={0x20, 0x4, {{0x4, 0xd48e, 0x1}, {0x10, 0x0, 0x4c}, 0x32, 0x8, 0x7}}, @TCA_RSVP_ACT={0xe54, 0x6, [@m_pedit={0xe50, 0x8, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x6, 0x5, 0xdf1162e24d7f6227, 0xc, 0x7ca}, 0xd, 0xf6}, [{0x10000000, 0x3, 0x1, 0x6, 0x80000000, 0x8}, {0xa, 0x0, 0x5, 0x7, 0x3, 0x7fffffff}, {0xff, 0x7, 0xc84, 0x2, 0x1, 0x3}, {0x1, 0x2, 0x100, 0x5, 0x40, 0xfffffffc}, {0x1, 0x4, 0x790, 0xfffffc00, 0x0, 0x8f7}, {0x4, 0x1000, 0x1, 0x5, 0x4cfb, 0x90}, {0x8, 0x6, 0x6, 0x2414, 0x10001, 0x7c46}, {0x3ff, 0x7, 0x3eb57221, 0x101, 0x8, 0x7}, {0x4, 0x6, 0x1, 0xffff, 0x2, 0x7}, {0x8, 0x6, 0x1, 0x9, 0x9, 0x7}, {0x10000, 0x81, 0xd, 0x401, 0x70e64856, 0x8}, {0xff, 0x91, 0x88, 0x1, 0x10000, 0x4}, {0x27c0a2f2, 0x100, 0xfffffff8, 0x7872, 0x1000}, {0xfffffff0, 0x4, 0x3ff, 0x7fffffff, 0x401, 0xfffffffb}, {0x9, 0x1000, 0x7, 0x8abb, 0x2, 0x2}, {0x8000, 0x3, 0x63f, 0xfffffffb, 0x6f, 0x8}, {0x3ff, 0x4, 0xfffffffd, 0x200, 0x2fbb, 0x5}, {0x5d3, 0x6, 0x8822, 0x4, 0x4840efa0, 0x401}, {0x4, 0x3, 0x80, 0x400000, 0x10000, 0x9}, {0x4, 0x7ff, 0xc8, 0x609, 0x3, 0x7}, {0xc, 0xa, 0x6bc9, 0xd75a, 0x3, 0x1}, {0x816c, 0x2ca, 0x0, 0x5471, 0x7fff, 0x9}, {0x1ff, 0x41a, 0x6, 0xfffffffd, 0x4, 0xfffffffa}, {0xb7, 0x100, 0x80, 0x3, 0x80000001, 0x9}, {0x2, 0x55f2, 0x10000, 0xffe000, 0xfffffffe, 0x3}, {0x1, 0x2b, 0xa59, 0x8501, 0x9, 0x6}, {0xbaec, 0x39, 0x0, 0x5, 0x7ff}, {0x40, 0x7, 0x9, 0x5, 0x1, 0x7ff}, {0x7ff, 0xb37, 0x9, 0xfb, 0x3, 0x1ff}, {0xfc, 0x4, 0xffff749d, 0xd, 0x5, 0x3}, {0x5, 0x1, 0x6, 0x10, 0x6, 0x80}, {0x2, 0x8, 0x38, 0x7, 0xaa, 0x8000}, {0x4, 0x80, 0x5, 0x9, 0x9, 0xd5}, {0x6, 0x1f10000, 0x0, 0x4, 0x2e495bb3, 0x1}, {0x7, 0xfffffffc, 0x910, 0x6, 0x5, 0xb}, {0x6, 0x34e, 0xffff, 0x160000, 0x9, 0x2}, {0x8, 0x6, 0x3, 0x6, 0x68, 0x8}, {0x3, 0x7, 0x1, 0xa1d7, 0x2, 0x9}, {0x6e, 0xa, 0x0, 0x7c0, 0x3, 0x1}, {0x0, 0xd7, 0x8000, 0xd7a1, 0x1, 0x800}, {0xb, 0xfffffff8, 0x2, 0x1f, 0x4, 0x4}, {0xe, 0x2, 0x7fffffff, 0xfffffffd, 0x5, 0x2}, {0x2, 0x0, 0xfffffffa, 0x93f9, 0xfffffe00, 0x1}, {0x9, 0x7, 0x2, 0x0, 0x3, 0x3}, {0xffffffff, 0x7fffffff, 0x9, 0x4, 0x2, 0x8a86}, {0x6, 0x6, 0x5, 0x7000000, 0xfffffff5, 0x200}, {0x4, 0x100, 0x4, 0x6, 0x7, 0x9}, {0x1ff, 0x101, 0xe10d, 0xf, 0x0, 0x3ba9}, {0xffffb72d, 0x0, 0x259, 0x401, 0x0, 0x10}, {0x80000001, 0x8, 0x3, 0x1, 0x9, 0x3}, {0x4, 0x1, 0x8, 0x80000001, 0x70b, 0x7ff}, {0x7, 0xace, 0x4, 0x4, 0x1, 0x7065cb9c}, {0xfffffffd, 0x5, 0x4, 0x7, 0x6, 0x7}, {0x7fff, 0x3, 0x0, 0x34, 0x8, 0x7}, {0x8, 0x2, 0x1000, 0x3, 0xd31, 0x6}, {0x4, 0x1, 0x10001, 0x9, 0x7, 0x844}, {0x4, 0x0, 0x54a, 0x5, 0x0, 0x1}, {0x80000000, 0x4, 0xfffffbff, 0xffffffff, 0x9, 0x5}, {0x3, 0x80, 0x3, 0x1, 0xc0000000, 0x4}, {0x3, 0x8, 0x3, 0x1, 0x1, 0xf}, {0x1, 0x6, 0x8, 0x0, 0xfffffffe, 0x6}, {0x0, 0x1000, 0x5, 0x6f19, 0x7}, {0xd, 0x5, 0x6, 0x1, 0x0, 0xd}, {0x7, 0x8, 0x8001, 0x80000000, 0x5, 0xbbc6}, {0xfff, 0x0, 0xed99, 0x2b, 0x7f, 0x1}, {0x1, 0x2, 0x28000, 0x9, 0x8}, {0x40, 0x6, 0xb, 0x80, 0x9, 0x1}, {0x9, 0x3, 0x1, 0x3, 0xf, 0x6e80}, {0xff, 0xb0a, 0x80, 0xd, 0x7, 0x14c}, {0x7aaf, 0x1, 0x9, 0x0, 0x8, 0x1}, {0x5, 0x5, 0x4, 0x2, 0xb5b}, {0x4, 0x80000000, 0x9, 0x2, 0x3, 0x9}, {0x7, 0x0, 0x460, 0x800, 0x9, 0x7}, {0x3, 0x81, 0x4, 0x4, 0x7, 0x3}, {0x94f, 0x8, 0x5d99, 0x0, 0xd, 0x7}, {0xf8, 0x1, 0x5, 0x2, 0x1, 0x80000001}, {0x38, 0x5, 0x2, 0x1, 0x2, 0x884}, {0x1, 0xfffffffe, 0xffffefc5, 0x10, 0x5, 0x9}, {0x5, 0x16, 0xfffffffd, 0x19, 0x5, 0x80000000}, {0x143, 0x0, 0x7, 0x9, 0x101, 0x3}, {0x0, 0x5, 0x3, 0x4d, 0x3, 0x3}, {0x2, 0x9, 0x401, 0x6, 0x6, 0xfffffffd}, {0xff, 0x380, 0x5, 0x7, 0x2, 0x3086}, {0xfffff800, 0x8, 0x8, 0x84c, 0x4, 0xc9}, {0x2, 0x8, 0x9, 0xb, 0xff, 0xc}, {0x3, 0x3, 0x3, 0x4, 0xd, 0xfffffffd}, {0xc5, 0x0, 0xffffffd6, 0xffff, 0xfff, 0x4d}, {0x1, 0x6, 0x101, 0x100, 0x9, 0x31}, {0x4d, 0x5, 0xff, 0x9, 0xf, 0xffffffff}, {0x9, 0x3, 0xd, 0xe, 0x101, 0x5}, {0x9, 0x1, 0x4, 0x3, 0x7, 0xe559}, {0x7, 0x4, 0x0, 0x9, 0x7, 0x1000}, {0x401, 0x8, 0x2, 0x8, 0xd, 0x59}, {0x5, 0x8f, 0x8, 0x10, 0x9, 0x8}, {0x7, 0x3, 0xce, 0xdb99, 0x78, 0x81}, {0xfffffffe, 0x10001, 0x1, 0x0, 0x0, 0x7}, {0x5, 0xfffff602, 0x400, 0x484b}, {0x7fff, 0x5, 0x1, 0x8, 0x1, 0x2}, {0x100, 0xed5, 0x8000, 0x6, 0x2155, 0x200}, {0x8, 0x34, 0x0, 0x10001, 0x7f, 0x9}, {0x1a1, 0x6, 0x8, 0x8, 0xff, 0x81}, {0x7, 0xffffffff, 0x6, 0x80, 0x0, 0x5}, {0xe, 0x8, 0xd, 0x100, 0x95a4, 0x80}, {0x5, 0x2, 0x7, 0x401, 0x1, 0x401}, {0x3, 0x2, 0x9, 0x4, 0x7ff, 0x1}, {0xb, 0x1, 0x8, 0x2, 0x7, 0x3}, {0x8, 0x2, 0xc42d, 0x4, 0x4, 0xffff}, {0xfffffffa, 0x0, 0xfffffe00, 0x1, 0x80000001, 0x7}, {0x4, 0x9, 0xb21, 0x9, 0x38, 0x4}, {0x8, 0x9, 0x2, 0x16, 0x100, 0x7}, {0x4, 0x2, 0x7, 0x6, 0xdccb, 0x4}, {0x0, 0x6, 0x7, 0x9, 0x3, 0x6}, {0x4a0a, 0x3, 0x6, 0xfffffc00, 0xd43a, 0x2}, {0x0, 0x6, 0x7, 0x80000001, 0x400, 0x5}, {0x0, 0x5, 0x1000, 0xf4cf, 0x3, 0x5}, {0x800, 0xc5d, 0x2, 0x0, 0xef, 0x8}, {0x6, 0x7ff, 0xd45, 0x101, 0x8, 0x8}, {0x200, 0x57a, 0xe1, 0xffffffff, 0xe1, 0x6}, {0xb44, 0x5, 0x4bac, 0x3e3, 0x4, 0xffff1c94}, {0x8, 0x8a4, 0xdc74, 0x4}, {0x0, 0xdfa, 0x9, 0x4, 0xcfea, 0x1}, {0x0, 0x48, 0x5d5, 0x3, 0x3, 0x2}, {0x80000001, 0x68, 0x0, 0x1, 0x3, 0xfd72}, {0x1, 0x80000000, 0x4, 0x6, 0x7, 0x70b}, {0x45ec, 0x200, 0x7, 0x5, 0xfed, 0x8}, {0xfff, 0x5, 0x3b22, 0x9, 0x0, 0x8}, {0x1, 0x5, 0x1000, 0x1, 0x2, 0x10000}, {0x7, 0x8, 0x4, 0x6, 0x2}], [{0x3, 0x1}, {0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x2}, {0x2}, {0x3, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x2}, {}, {0x3}, {0x4, 0x1}, {0x4}, {0x0, 0x8bfae17b4fe9ca8d}, {}, {0x0, 0x7b612c70bcccfe08}, {0x3, 0x1}, {0x3}, {0x4}, {0x0, 0x1}, {0x0, 0x1}, {}, {0x5, 0x1}, {0x4}, {}, {0x3, 0x1}, {0x3, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x5}, {0x3}, {0x4, 0x1}, {0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x5}, {0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x3}, {0x0, 0x1}, {0x5}, {0x2, 0x1}, {0x2, 0x1}, {0x1}, {}, {0x6}, {}, {0x4}, {0x1, 0x1}, {0x1}, {0x5, 0x1}, {0x5}, {}, {0x5}, {0x0, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {}, {0x3}, {0x199770ca245ea55e, 0x1}, {0x2}, {0x4}, {0x3, 0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x3, 0x7ca8be81dfa35eb5}, {0x5, 0x1}, {0x1}, {0x0, 0x1}, {0x3, 0x1}, {0x4}, {0x5}, {0x2, 0x1}, {0x1, 0x1}, {0x4}, {0x5}, {0x5}, {0x1, 0x1}, {0x1}, {0x2, 0x1}, {0x3}, {0x5, 0x1}, {0x3}, {0x1}, {0x3}, {0x0, 0x1}, {0x5}, {0x1}, {0x1, 0x1}, {0x4}, {}, {0x3}, {0x0, 0x1}, {0x1, 0x1}, {0x3}, {0x4}, {0x4, 0x1}, {0x4}, {0x2}, {0x5}, {0x4}, {0x4, 0x1}, {0x3}, {0x4}, {0x0, 0x1}, {0x3}, {0x4}, {0x5}, {0x5, 0x1}, {0x5}, {}, {0x0, 0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x2}, {}, {0x4}, {0x5, 0x1}, {0x5, 0x1}, {}, {0x2, 0x1}, {0x0, 0x1}, {0x1, 0x1}]}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0xec4}, 0x1, 0x0, 0x0, 0x810}, 0x41)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

2.296650597s ago: executing program 7 (id=8482):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000019400))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x66)

2.12618644s ago: executing program 0 (id=8483):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1}, 0x18)
sendmmsg(r0, &(0x7f0000003e40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000001c0)="b875a1431a05b9319c", 0x9}], 0x1}}], 0xa19afd5e7047374e, 0x4)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x14, &(0x7f0000000040), 0x10, &(0x7f0000000480)=""/230}}], 0x2, 0x0, 0x0)

1.983428874s ago: executing program 1 (id=8484):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000006000/0x2000)=nil, &(0x7f000000d000/0x4000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff3000/0x3000)=nil, &(0x7f0000ff6000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc8a2, 0xc000, 0x1, 0xf3})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@deltfilter={0xe, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x3}, {0x0, 0xb}}}, 0x24}, 0x1, 0x0, 0x0, 0x8010}, 0x0)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0xc, &(0x7f0000000100)=[{0x1, 0x36, 0x5, 0x537}, {0x27, 0x8, 0x9}, {0xe49, 0x2, 0xfa, 0x4}, {0x5b6, 0x8, 0x1, 0x2}, {0x2, 0xe, 0x80, 0x1000003}, {0x1ff, 0x5, 0x10, 0xf}, {0x2, 0x0, 0x1, 0x9}]})

1.861467009s ago: executing program 5 (id=8485):
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0700000001000000ffffffffffff"], 0x50)
syz_emit_ethernet(0x5e, &(0x7f0000000000)=ANY=[@ANYBLOB="bbbbbbbbbbbbfdf9a684a51b86dd60108ffffe8000000000000000000000000000bbfe8000000000000000000000000000aa890090780000000001000000000000"], 0x0)
unshare(0x22020400)
socket$tipc(0x1e, 0x5, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x600, 0x0, 0x0, 0x6}, [@IFLA_ADDRESS={0xa, 0x3, @random="99fa3a1c872f"}, @IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}]}, 0x44}}, 0x0)

1.515142146s ago: executing program 1 (id=8486):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000001980)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7", 0x24}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52", 0x1c}, {&(0x7f0000000080)="99393690c33571106a4d784c4c7d411b6b52e6ac66e9ab6856a6655c104eed76483f0476252aec3507f9a0", 0x2b}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg$can_bcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000680)=""/106, 0x6a}], 0x1}, 0x12153)

1.084412298s ago: executing program 1 (id=8487):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x19}}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='nv', 0x2)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

1.084008392s ago: executing program 5 (id=8488):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000005d40)='./file0\x00', 0x4000, &(0x7f0000001e40)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5ff2cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb69658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d96700e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bed545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177df97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b808451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f5035d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fb4d8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c400"/2303], 0xff, 0x5e5c, &(0x7f0000005d80)="$eJzs3U9vHGcdB/Df/vH6T2kbVagKEQc3hdJSmv8JlH9NOXCAA0ioZxK5bhVIASUB0SoirnJAXICXAJdeOPQt8AL6GhAvgEg2px4og8Z+nmQ8XmcdEu/s+vl8JGfmN8+O95l8PZ5dz8w+AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADED77/k7O9iLjym7TgWMTnYhDRj1iu69WoZy7nxw8j4nhsN8fzETFYjKjX3/7n2YgLEfHJMxGbW7fX6sXnDtiPi2du3fjsh9/7x+//dPf4z97+6Uft9h9//vzHf7gTcexHr3/82Z0ns+0AAABQiqqqql56m38ivb/vd90pAGAq8vG/SvJytVqtVj/R+o/92eqPutC6qRrvTrOIiI3mOvVrBqfjAWDObMSnXXeBDsm/aMOIeKrrTgAzrdd1BzgUm1u313op317zeLC6057/Trkr/43e/fs79ptO0r7GZFo/X3djEM/t05/lKfVhluT8++38r+y0j9LjDjv/adkv/9HOrU/FyfkP2vm37Mr/zxExt/n3x+Zfqpz/8FHy3xjM8f4vfwAAAAAAjr789/9jHZ//XXz8TTmQh53/XZ1SHwAAAAAAAADgSXvc8f/uM/4fAAAAzKz6vXrtL888WLbfZ7HVy9/qRTzdejxQmNXGhwMCAAAAAAAAAAAAANMxjFhJ1/UvRMTTKytVVdVfTe36UT3u+vOu9O2HknX9Sx4AAHZ88kzrXv5exFJEvJU+629hZWWlqpaWV6qVankxv54dLS5Vy433tXlaL1scHeAF8XBU1d9sqbFe06T3y5Pa29+vfq5RNThAx6ajw8ABICJ2jkabjkhHTFU9G12/ymE+2P+PHvs/B9H1zykAAABw+Kqqqnrp47xPpHP+/a47BQBMRT7+t88LqNVqtVqtPnp1UzXenWYRERvNderXDIbjB4A5sxGfdt0FOiT/og0j4njXnQBmWq/rDnAoNrdur/VSvr3m8WB1pz1fC7Ir/43e9np5/XHTSdrXmEzr5+tuDOK5ffrz/JT6MEty/v12/ld22vMQ/4ed/7Tsl3+9ncc66E/Xcv6Ddv4tRyf//tj8S5XzHz5S/gP5AwAAAADADMt//z/m/G/eZAAAAAAAAACYO5tbt9fyfa/5/P8Xxzyu15xz/+eRkfPvHTh/9/8eJTn/fjv/1gU5g8b8vTcf5P/vrdtrH9361xfydObzXxiM6ude6PUHw3TNT7XwTlyL67EeZ/Y8frir/eye9oVd7ecmtJ/f0z6q25dz+6lYi1/G9Xj7fvvihAujlia0VxPac/4D+3+Rcv7Dxled/0pq77WmtXsf9vfs983puOe5/Lf/vLR375q+uzG4v21N9fad7KA/2/8nT43i1zfXb5z67dVbt26cjTTZtfRcpMkTlvNfSF85/5df3GnPv/eb++u9D0ePnP+suBvDffN/sTFfb+8rU+5bF3L+o/SV889HoPH7/zznv//+/2oH/QEAAAAAAAAAAAAAAICHqapq+xbRyxFxKd3/09W9mQDAdOXjf5Xk5Wq1Wq1Wq49e3VSN90aziIi/N9epXzP8btw3AwBm2X8j4p9dd4LOyL9g+fP+6umXuu4MMFU33//g51evX1+/cbPrngAAAAAAAAAA/688/udqY/zn7euAWuNG7xr/9c1YndvxP/ujwfZY52mDXoiHj/99Mh4+/vdwwvMtTGgfTWhfnNC+NKF97I0eDTn/F1LGOf8TacNKGv/15Q7607Wc/8k01nPO/yutxzXzr/46z/n3d+V/+tZ7vzp98/0PXrv23tV3199d/8XZM5cunL944fzFi6ffuXZ9/czOvx32+HDl/PPY164DLUvOP2cu/7Lk/L+cavmXJef/UqrlX5acf369J/+y5Pzzex/5lyXn/0qq5V+WnP9XUy3/suT8X021/MuS8/9aquVflpz/a6mWf1ly/qdSLf+y5PxPp1r+Zcn55zNc8i9Lzj9f2SD/suT8z6Va/mXJ+Z9PtfzLkvO/kGr5lyXnfzHV8i9Lzv9SquVflpz/11Mt/7Lk/L+RavmXJef/eqrlX5ac/zdTLf+y5Py/lWr5lyXn/+1Uy78sOf/vpFr+Zcn5fzfV8i9Lzv+NVMu/LA8+/9+MGTNm8kzXv5kAAAAAAAAAAAAAgLZpXE7c9TYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuLkbO87wf+7sleGwL+hzNxwDYnAwu76xM4xGCSkD8lPVAS0qYlNY69Nk58qnfNSahsCm2JglSk9oJeNCVRGkVqK1AVqalEI6RGau+aq0bcRK3EhS+gclBSNVVgq3fmeR7PzM7OrLHHnnmfzyfCP3vmfWeeeeed2f1u9J0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGq3/5MyfDBVFUf5X+2NNUVxY/n1VsbP85/y2871CAAAA4Ey9V/vzby9OF+xcxk4N2/zLNf/2vYWFhYXiS++eeP/PFhbSFeuKYmRlUdSui/71Fz9faNwmeK4YHxpu+Pdwl7sf6XL9aJfrx7pcv6LL9Su7XD/e5fpFB2CRVfWfx9Ru7PraX9fUD2lxaTFWu+76Nns9N7RyeDj+LKdmqLbPwti+4kBxsJgpphbtM1T7X1G8vr68r/uLeF/DDfe1tiiKkz99Zk9cw1A4xtcXTXdW0/jcvXNvse7dnz6z5ztzb1/VbnY9DItWWhQbN5TrfL4oTv24qhgqVqZjEtc53LDOtW3WOdK0zqHafuXfW9d5cpnrjI97PKzzRx3WuTZc9uR1RVHMF0tu0+q5YrhY3XKv6XiP18+I8jbKp/LDxehpnSfrl3GelPu8dV3zedJ6Tsbjvz4ck9El1tD4dLzz1RWLjvsHPU/KR90P52p52w+Wdzo+3vij1aZztdzmmRuWPgfaPndtzoF0LjecAxu6nQPDK0Zq58DwqTVvaDoHphftM1wM1e7rxA2dz4HJuUNHJ2efevq2A4d275/ZP3N4emrbls1bt2zeunVy34GDM1P1P0/vkA6Q1cVwOgc3hPeaeA7e1LJt4ym58M2z9zoY75PXQfnYP3djuaALh4slzvFym+c3nvnrIH3db3gdjDa8Dtq+p7Z5HYwu43VQbnNy4/K+Zo42/NduDb16L1zTcA6cz6+H5X0+cvPS74Vrw7peuOV0vx6OLDoH4sMaCq+98pL0/d74neG4LD4vri6vuGBFcXx25tjtT+6emzs2XYRxTlzS8Fy1ni+rGx5Tseh8GT7t82Xn3/zyxqvbXL4mHKvxWzs/V+U2WyY6P1e1d/f2x7Pp0k1FGGfZuT6e7b6alcczZYkOx7Pc5vnbzvx7wZRLGt7/xrq9/42Mjdbf/0bS0Rhrev9b/NSM1FZWFCdvW97731j471y//13aJ+9/5bF65PbO50C5zQuTp3sOjHZ8/7suzKGwnptDYhhvyP3v166fr5+mDc9l1/NmdHQsnDej8R6bz5vNi/Ypb628741TH+y82Xhd83PV9H1LBc+b8lj9+VTn86bc5o3pM3/vWBX/2vDesaLbOTA2sqJc71g6Cervdwur4jlwe7GnOFIcLPamfcpnubyviU3LOwdWhP/O9XvHlX1yDpTH6uVNnc+Bcpsfbj673zttDJekbRq+d2r9+cJSmf/q0VO313rYznbmL9f5qS2dfzZUbvP2ltPNGZ2P063hkgvaHKfW189S5/Te4twcpyvDOg9u7fyzqXKbS7ct83zaWRTFm9Nv1n7eFX6++/fH//17TT/3bfcz5Ten33xg8qEfn876AQD44N6v/Tm/ov69ZsP/Y72c//8fAAAAGAgx9w+Hmcj/AAAAUBkx94+Emcj/AAAAUBkx94+GmWSS/x+7c/ur7z1bpE8DXAji9fEwPHh3fbvY8Z4P/163cEp5+Se+Pfbq155d3n0PF0Xxywc+0nb7x+6O66o7Gtf5sebLF7ny2mXd/6MPn9qu8fMTTm6v3358PMs9DWJX+fXJTbXbXffUdG2+8UBRmw/Nv/Bc/fbr/47bn9hc3/4vw4eW7Nw31LT/xrCe68NcFz5T5sGdp45DOeN+r6695p8v+fyp+4v7DW24qPYwX/6D+u3Gz4h66ZL69vFxL7X+f/r6d18tt3/yhvbrf3a4/fpPhNt9K8xf7Khv33jMv9aw/j8K64/3F/e7/Vs/aLv+166ob/9aOC9eCbN1/ff+6Uffa/d8xfvZeVd9v3j/U/+9pbZfvL14+63rH392uul4tN7+G+/Wb2fH4z8badw+Xh7vJ3r0rubzeyg8v0098qIovvvHRdNxLj5e3+8fW9Yfb+/oXe3Xf2vLOo8OXVvb/9TjWdP0uL7x15vaPt64np1/t6bp8bx0Xzh+707+sLzdEw+F8zFc/78/qt9e62eZvnZf8/tN3P6VNfXXbby9yZb1v9Sy/vlry2PXff33v1tf/2v3rGxa/85Ph/Pp/vrstv79f3Vx0/7f/E79+Tj2xMThI7PHD+xtOKqNr+OV46tWX3Dhhy66OLyXtv5715G5x2aOrZtaN1UU6wbwIwN7vf5vhflf9TF/9u+h7sc/q593L36m/nXrpp/X//1SuPzR8HzGr4/f+IuxpvO19Xmfv6c+z3T9t4R1LNcVX//Pa5e14Ykvvn78H/7w7dbvC+LjOXrZeO3xvbz+8tp1Q2/Ur299v+rmPy5rfl3/ZHSqNr8fjutC+GTmDZfX76/19uNnk7z42frrN34nF/cvWj5PZM1I8+M40/X/JHwf84Mrm9//4vnx/WdbPs15TTFULmE+vD8U8/Xr41bxeL948vK29xc/h6eYv+p0lrmk2admJw8eOHz8ycm5mdm5ydmnnt516Mjxw3O7ap9duuvL3fY/9fpeXXt9753ZtqWovdqP1EePne/1H314z947pm7cO7Nv9/F9cw8fnTm2f8/s7J6ZvbM37t63b+aJbvsf2LtjetP2zXdsmth/YO+OO7dv37x94sDhI+Uy6ovqYtvUVyYOH9tV22V2x5bt01u3bpmaOHRk78yOO6amJo5327/2tWmi3PvxiWMzB3fPHTg0MzF74OmZHdPbt23b1PXTHw8d3Te7bvLY8cOTx2dnjk3WH8u6udrF5de+bvuTh9kj4f2uxVD47vwLt25Ln49b+vZXl7yp+ibN354W74TPgopf37r9O+b+sTCTTPI/AAAA5CDm/vDB/6eukP8BAACgMmLuXxlmIv8DAABAZcTcPx5mkkn+1//X/9f/1//X/9f/7yX9f/3/TvT/9f8Hef36//r/dNdv/f+Y+1cVRZb5HwAAAHIQc//qMBP5HwAAACoj5v4LwkzkfwAAAKiMmPsvDDPJI/+Ptf5V/1//X/+/sf8ft9X/L/T/9f8/IP1//f9O9P/1/wd5/X3Y/1+l/0+/6bf+f8z9HwozySP/AwAAQBZi7r8ozET+BwAAgMqIuf/iMBP5HwAAACoj5v41YSaZ5H+//1//X//f7//X/9f/P8uaDrH+v/5/J/r/+v+DvP4+7P/7/f/0nX7r/8fc///CTDLJ/wAAAJCDmPs/HGYi/wMAAEBlxNx/SZiJ/A8AAACVEXP/pWEmmeR//X/9f/1//X/9f/3/XtL/1//vRP9f/3+Q16//r/9Pd/3W/4+5/7Iwk0zyPwAAAOQg5v7Lw0zkfwAAAKiMmPuvCDOR/wEAAKAyYu6/Mswkk/yv/6//r/+v/6//r//fS/r/+v+d6P/r/w/y+vX/9f/prt/6/zH3XxVmkkn+BwAAgBzE3H91mIn8DwAAAJURc/9HwkzkfwAAAKiMmPvXhplkkv/1//X/9f/1//X/9f97abD6/8NLXqP/X6f/30z/X/9f/1//n876rf8fc/9Hw0wyyf8AAACQg5j7rwkzkf8BAACgMmLuvzbMRP4HAACAyoi5f12YSSb5X/9f/1//X/9f/1//v5cGq/+/NP3/Ov3/Zvr/+v/6//r/dNZv/f+Y+9eHmWSS/wEAACAHMfdvCDOR/wEAAKAyYu6/LsxE/gcAAIDKiLn/+jCTTPK//r/+v/6//r/+v/5/L+n/6/93ov+v/z/I69f/X17/f0W3G6LS+q3/H3P/DWEmmeR/AAAAyEHM/TeGmcj/AAAAUBkx998UZiL/AwAAQGXE3L8xzCST/K//r/+v/6//r/+v/99L+v+L+v9v/U+h/x/p/+v/D/L69f/9/n+667f+f8z9N4eZZJL/AQAAIAcx998SZiL/AwAAQGXE3H9rmIn8DwAAAJURc/9EmEkm+V//X/9f/1//X/9f/7+Xqtr/T++jfv+//r/+v/6//r/+P0vqt/5/zP23hZlkkv8BAAAgBzH33x5mIv8DAABAZcTcPxlmIv8DAABAZcTcPxVmkkn+1//X/9f/1//X/9f/76Wq9v/P4Pf/6/830P/X/x/k9ev/6//TXb/1/2Punw4zyST/AwAAQA5i7t8UZiL/AwAAQGXE3L85zET+BwAAgMqIuX9LmEkm+V//X/9f/1//X/9f/7+X9P/1/zvR/9f/H+T16//r/9NsuM1l/db/j7l/a5hJJvkfAAAAchBz/7YwE/kfAAAAKiPm/jvCTOR/AAAAqIyY++8MM8kk/+v/6//r/+v/6//r//eS/r/+fyf6//r/g7x+/X/9f7rrt/5/zP3bw0wyyf8AAACQg5j7PxZmIv8DAABAZcTcf1eYifwPAAAAA6Xd7yGMYu7/eJhJJvlf/7/q/f+Flfr/+v/6/53Xr//fW/r/+v+d6P/r/w/y+vX/9f/prt/6/zH37wgzyST/AwAAQA5i7r87zET+BwAAgMqIuf+eMBP5HwAAACoj5v6dYSaZ5H/9/6r3//3+f/1//f9u69f/7y39f/3/TvT/B7P/H75t0f8/N/3/8aX2b+z/l+eQ/j/9qN/6/zH33xtmkkn+BwAAgBzE3P+JMBP5HwAAACoj5v5PhpnI/wAAAFAZMfd/Kswkk/yv/6//r/+v/6//r//fS/r/+v+d6P8PZv8/0v/3+//1/+mm3/r/MfffF2aSSf4HAACAHMTc/+kwE/kfAAAAKiPm/v8fZiL/AwAAQGXE3H9/mEkm+V//X/9f/1//X/9f/7+X9P/1/zvR/9f/H+T16//r/9Ndv/X/Y+7/lTCTTPI/AAAA5CDm/gfCTOR/AAAAqIyY+z8TZiL/AwAAQGXE3P+rYSaZ5H/9/3PT/x9Ot6//r/+v/6//r/9/Nun/6/8X+v8f2Pnuzw/6+vX/9f/prt/6/zH3/1qYSSb5HwAAAHIQc/+vh5nI/wAAAFAZMff/RpiJ/A8AAACVEXP/g2EmmeR//X+//1//X/9f/1//v5f0//X/O9H/1/8f5PXr/+v/012/9f9j7v/NMJNM8j8AAADkIOb+h8JM5H8AAACojJj7PxtmIv8DAABAZcTc/7kwk0zyv/6//r/+v/6//r/+fy/p/+v/d6L/r/8/yOvX/9f/p7t+6//H3P9wmEkm+R8AAAByEHP/58NM5H8AAACojJj7fyvMRP4HAACAyoi5/7fDTDLJ//r/+v/6//r/+v/6/72k/7+4/1++h53P/v+K5Wyo/78s+v/6//r/+v901m/9/5j7vxBmkkn+BwAAgBzE3P87YSbyPwAAAFRGzP2/G2Yi/wMAAEBlxNz/SJhJJvlf/1//X/9f/1//X/+/l/T//f7/TvT/9f8Hef36//r/dNdv/f+Y+78YZpJJ/gcAAIAcxNz/e2Em8j8AAABURsz9u8JM5H8AAACojJj7Hw0zyST/6//r/+v/6//r/+v/95L+v/5/J/r/+v+DvH79f/1/uuu3/n/M/bvDTDLJ/wAAAJCDmPu/FGYi/wMAAEBlxNy/J8xE/gcAAIDKiLl/b5hJJvlf/1//X/9f/1//X/+/l/T/9f870f/X/x/k9ev/6//TXb/1/2PunwkzyST/AwAAQA5i7t8XZiL/AwAAQGXE3L8/zET+BwAAgMqIuf+xMJNM8r/+v/6//r/+v/6//n8v6f/r/3ei/6//P8jr1//X/6e7fuv/x9x/IMwkk/wPAAAAOYi5/8thJvI/AAAAVEbM/V8JM5H/AQAAoDJi7j8YZpJJ/tf/1//X/9f/1//X/+8l/X/9/070//X/B3n9+v/6/3TXb/3/mPsPhZlkkv8BAAAgBzH3Hw4zkf8BAACgMmLuPxJmIv8DAABAZcTcfzTMJJP8r/+v/6//r/+v/6//30v6//r/nej/6/8P8vr1//X/6a7f+v8x9/9+mEkm+R8AAAByEHP/sTAT+R8AAAAqI+b+2TAT+R8AAAAqI+b+uTCTTPK//r/+v/6//r/+v/5/L+n/6/93ov+v/z/I69f/1/+nu37r/8fcfzzMJJP8DwAAADmIuf/xMBP5HwAAACoj5v4nwkzkfwAAAKiMmPufDDPJJP/r/+v/6/+f6v+/sr9++Xnq/9d7fv/H3l3vanZWcRx/y2SAhBCuhSvgErgGLgN3Ke7u7u7u7u7uUCiuSUmYtdaB6XTvc9529332sz6ff1bamUyfdpImv0y+2fp//b/+/0L0//r/g/7/aKfu5/f+fv2//p91o/X/ufvvHbc02f8AAADQQe7++8Qt9j8AAABMI3f/feMW+x8AAACmkbv/fnFLk/2v/9f/6/99/1//r//fkv5f/79E/6//3/P79f/6f9aN1v/n7r9/3NJk/wMAAEAHufsfELfY/wAAADCN3P0PjFvsfwAAAJhG7v4HxS1N9r/+X/+v/9f/6//1/1vS/+v/l+j/9f97fr/+X//PutH6/9z9D45bmux/AAAA6CB3/0PiFvsfAAAAppG7/6Fxi/0PAAAA08jd/7C4pcn+1//r//X/+n/9v/5/S/p//f8S/b/+f8/v1//r/1k3Wv+fu//hcUuT/Q8AAAAd5O5/RNxi/wMAAMA0cvc/Mm6x/wEAAGAaufsfFbc02f/6f/2//l//r//X/29J/6//X6L/1//v+f36f/0/6zbv/+95/X/vefv/3P3Xxy1N9j8AAAB0kLv/0XGL/Q8AAADTyN3/mLjF/gcAAIBp5O5/bNzSZP/r//X/Z/3/Tdfp//X/+v+zv6//v23o//X/S/T/o/b/5/svof/X/+v/WbN5/7/S+1/917n7Hxe3NNn/AAAA0EHu/sfHLfY/AAAATCN3/xPiFvsfAAAAppG7/4lxS5P9r//X//v+v/5f/6//35L+X/+/RP8/av/v+/+3tv+/xzner/+ng9H6/9z9T4pbmux/AAAA6CB3/5PjFvsfAAAAppG7/ylxi/0PAAAA08jd/9S4pcn+1//r//X/+n/9v/5/S/p//f8S/b/+f8/v9/1//T/rRuv/c/c/LW5psv8BAACgg9z9T49b7H8AAACYRu7+Z8Qt9j8AAABMI3f/M+OWJvtf/6//1//r/29V/39J/6//X6b/1/8v0f/r//f8fv2//p91o/X/ufufFbc02f8AAADQQe7+Z8ct9j8AAABMI3f/c+IW+x8AAACmkbv/uXFLk/2v/9f/6//1/77/r//fkv5/uv7/Ov3/Gf2//l//r/9n2Wj9f+7+58UtTfY/AAAAdJC7//lxi/0PAAAA08jd/4K4xf4HAACAaeTuf2Hc0mT/6//1//p//b/+X/+/Jf3/dP2/7///D/2//l//r/9n2Wj9f+7+F8Uta8Pv8sqPAwAAAMPI3f/iuKXJn/8DAABAB7n7XxK32P8AAAAwjdz9L41bmux//b/+X/+v/9f/6/+3pP/X/y/R/1+7/7/zLfzz9P9jvV//r/9n3Wj9f+7+l8UtTfY/AAAAdJC7/+Vxi/0PAAAA08jd/4q4xf4HAACAaeTuf2Xc0mT/31L/f+Ndrvy4/v989P/Xfr/+X/+v/9f/6//1/0v0/77/v+f36//1/6wbrf/P3f+quKXJ/gcAAIAOcve/Om6x/wEAAGAauftfE7fY/wAAADCN3P2vjVua7H/f/9f/6//1//p//f+W9P/6/yX6f/3/nt+v/9f/s260/j93/+vilib7HwAAADrI3f/6uMX+BwAAgGnk7n9D3GL/AwAAwDRy978xbmmy//X/+v+T9/930P8n/X/8vur/9f8XoP/X/x/0/0c7dT+/9/fr//X/rBut/8/d/6a4pcn+BwAAgA5y9785brH/AQAAYBq5+98St9j/AAAAMI3c/W+NW5rsf/2//v/k/b/v/xf9f/y+6v/1/xeg/9f/H/T/Rzt1P7/39+v/9f+sG63/z93/trilyf4HAACADnL3vz1usf8BAABgGrn73xG32P8AAAAwjdz974xbmux//b/+X/+v/9f/6/+3pP/X/y/R/+v/9/x+/b/+n3Wj9f+5+98VtzTZ/wAAANBB7v53xy32PwAAAEwjd/974hb7HwAAAKaRu/+9cUuT/a//33v/f68b4gX6f/2//l//PyT9v/5/if5f/7/n9+v/9f+sG63/z93/vrilyf4HAACADnL3vz9usf8BAABgGrn7PxC32P8AAAAwjdz9H4xbmuz/Hv3/5Zv9tHn6f9//1//r//X/Y9P/6/+X6P/1/3t+v/5f/8+60fr/3P0filua7H8AAADoIHf/h+MW+x8AAACmkbv/I3GL/Q8AAADTyN3/0bilyf7v0f/fXIP+P/+1bt/+/6a76f/1/0X/r/8/6P/1/yv0//r/Pb9f/6//Z91o/X/u/o/FLU32PwAAAHSQu//jcYv9DwAAANPI3f+JuMX+BwAAgGnk7v9k3HD3u57uSbcr/f+0/b/v/+v/9f/6/yHo//X/S/T/+v89v1//r/9n3Wj9f+7+T8Ut/vwfAAAAppG7/9Nxi/0PAAAA08jd/5m4xf4HAACAaeTu/2zc0mT/6//1//p//b/+X/+/Jf2//n+J/l//v+f36//1/6wbrf/P3f+5uKXJ/gcAAIAOcvd/Pm6x/wEAAGAaufu/ELfY/wAAADCN3P1fjFua7H/9v/5f/3+b9f+Xr/719f/6f/2//l//v0z/r//f8/v1//p/1o3W/+fu/1Lc0mT/AwAAQAe5+78ct9j/AAAAMI3c/V+JW+x/AAAAmEbu/q/GLU32v/5f/6//9/1//b/+f0v6f/3/Ev2//n/P79f/6/9ZN1r/n7v/a3FLk/0PAAAAHeTu/3rcYv8DAADANHL3fyNusf8BAABgGrn7vxm3NNn/M/f/Sz9N/3+F/l//f9D/6/83pv/X/y/R/+v/9/x+/b/+n3Wj9f+5+78VtzTZ/wAAANBB7v5vxy32PwAAAEwjd/934hb7HwAAAKaRu/+7cUuT/T9z/79E/3+F/l//f9D/6/83pv/X/y/R/+v/9/x+/b/+n3Wj9f+5+78XtzTZ/wAAANBB7v7vxy32PwAAAEwjd/8P4hb7HwAAAKaRu/+HcUuT/a//1//r//X/+n/9/5b0//r/Jfp//f+e36//1/+zbrT+P3f/j+KWJvsfAAAAOsjd/+O4xf4HAACAaeTu/0ncYv8DAADANHL3/zRuabL/9f/6f/3/UP3/Ha/+dfT/+n/9/zL9v/7/oP8/2qn7+b2/X/+v/2fdaP1/7v6fxS1N9j8AAAB0kLv/53GL/Q8AAADTyN3/i7jF/gcAAIBp5O7/ZdzSZP/r//X/+v+j+/9LB9///7/36P/1/9ei/9f/L9H/6//3/H79v/6fdaP1/7n7fxW3NNn/AAAA0EHu/l/HLfY/AAAATCN3/2/iFvsfAAAAppG7/7dxS5P9r//X/+v/h/r+v/5f/6//vyD9v/7/oP8/2qn7+b2/X/+v/2fdaP1/7v4b4pYm+x8AAAA6yN3/u7jF/gcAAIBp5O7/fdxi/wMAAMA0cvffGLc02f/6f/3/lP3/nfT/+n/9/yj0//r/Jfp//f+e36//1/+zbrT+P3f/H+KWJvsfAAAAOsjd/8e4xf4HAACAaeTu/1PcYv8DAADANHL3/zluabL/9f/6/yn7f9//1//vrf+/dPY/YP3/xej/9f8H/f/RTt3P7/39+n/9P+tG6/9z9/8lbmmy/wEAAKCD3P1/jVvsfwAAAJhG7v6/xS32PwAAAEwjd//f45Ym+1//r//X/+v/9f8D9P++/380/b/+/6D/P9qp+/m9v1//r/9n3Wj9f+7+f8QtTfY/AAAAdJC7/59xi/0PAAAA08jd/6+4xf4HAACAaeTu/3fc0mT/6//1//p//b/+X/+/Jf2//n+J/l//v+f36//1/6wbrf/P3f+fAAAA//9nkS0F")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x101002, 0x0)
sendfile(r0, r1, 0x0, 0x20fffe82)

947.507623ms ago: executing program 7 (id=8489):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x208d03, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000000))
r2 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000100)={0x0, r2})

929.097787ms ago: executing program 0 (id=8490):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_int(r0, 0x0, 0x33, &(0x7f0000000040)=0x80000003, 0x4)
listen(r0, 0x3)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f00000000c0)=0x80000003, 0x4)
connect$inet(r1, &(0x7f0000000080)={0x2, 0x4e20, @empty}, 0x10)

516.490479ms ago: executing program 0 (id=8491):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442a, &(0x7f0000004480)="$eJzs3c9vVNUeAPBzb/seLQ94LY8FLzFxEkk0apqWlVoSSymUFioGhRg3w7QdoDrtkHZqXLCoOxJXJi6MC6KJu65IF27xT3DjEtckunBjQkKsmZk7be/tTDrWTivk80nonXt+z3znnjl3cTlxonJ7bik3t5QrLOTKMzeXTuc+KZeW54sh3icH3T/t6UScxP7gXDl34b3rp0P4Yfanx+vr6+uhqjs0NbTl9e+/3Z3ZemyIM3Wq7TZvba98GEI4sW1cVV0hhA++DyEKIZxN0kaTY28I4Vio512/+/mN3B6N5sGj4pn806l7a8OnJlfvr7V+71EIX5f+//qt+V9e6hr++dU96h4AAAAAAAAAAAAAAAAAgGfc+NUr194dHAoPo9C9Gm1/Xnc8ObZ6PnZ9z7zY1nifJKX/7vsGAAAAAAAAAAAAAAAAAACAf5LN5/9z0fEmz/+PJceRFvXX3+78GOmciXeujJ0fHEr2f4+25b+RJP16tiv0N9n3Pbv/+9lM/eb7v2/vZ7ca42v02xeieCB1HscDAyF8m2z8fjI6HJfKS5XXbpaXF2b3bBjPrHT867v3p6KTbOjfbvxHM+13fv///237NlXPb+zdV+y5lo5/V8ty330WtRX/c5l6+xF/di8d/+5aWu/WAiP1CaAa/y+6d47/WKb9TsX/WAghF1XHmkvNANU1TDW91XqFtHT8/1VLS02dyQfZ6vp/kon/+Uz7BzX/r2R/iGgqHf9/19J6UiU2r//+eOfr/0Km/YOIf3X8K37/25KO/6F6YneqSO2TbHf+H8+036n4X4uTcR6LUt+A1aie3ur/qyMtHf+ebfmb939xW+u/i5n6+3X/1+i3cf/XmP5fier3fzSXjn9vy3LtXv8TmXqdnv9Haus/disd/8O1tPTaua/2t934T2ba71T8a6uSnkb8N+eTPw7V07+x/mtLOv7/qSfGW0us1P7W1n/Rzuv/S5n2D2L9Vx3/StzZXp8X6fgfaVmuGv8f2/j9v5yp1/n4hzBorb9r6fgfbVmudv337Bz/qUy9Tsf/5U42DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAMGE2OfSGKB1LncTwwEMK55PxkOBxNF2bz06XyzMdLIYwl6blwPLpVKk8XSvm5hfJsMV8olcozIZxP8k+EnmipVK7k5wt3Lmy01RvdLhYWK9PFQiWEMJ6kvxCONtqanqvMF+6EEC5u5P03Li/euV1YyM/OLb41ODg4GCY2xtAfFT+tFBcq9d7ruSFMbtTti7YMrpZ9aWMsR6KPysuLC4VSLf3yljql8kyhtKXOVJL3ZeiPKovLCzOFSjFfKt9q9HeQRpLj2MTV969eHtqWfyOqH0f3d1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/EUPh9/8KoTQXT+LQwi5KHkRJf9SHjwqnsk/nbq3NnxqcvX+2uNmZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzSP0oDQRQH4DdjoaXHsFp2O9sVRbRwRfAEegwPo0fxEt7BIkXaFCGQzELYP7BNUn1f82B+zLwH8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACWe3zr3l/rJiLF1fYy4vfz7/84fy71+276/sUZZuR0nl66+4e6Kf+eRvltOVq1eZ9u1l8fMVF7P4M9Ge7TwbjP0Ny+zc3X972OlKuIaEt+k3KuqmVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCwAAAAAI87eOom8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0OnJ0Q=")
r0 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000300)='.\x00', 0x100000, 0x0)
flock(r0, 0x1)
flock(r1, 0x1)
flock(r1, 0x2)

432.0271ms ago: executing program 7 (id=8492):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000180), 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="05"], 0x48}, 0x1, 0x0, 0x0, 0x50}, 0x0)
sendmsg$can_bcm(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x5, 0x802, 0x0, {}, {0x77359400}, {0x0, 0x0, 0x0, 0x1}, 0x1, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "cb7d302847bb1a28e8a4004b789607ed47df355645f2178a039ed508ff76df3536741848cc6cb65c6e77aad714472cb8856fcdd536f9d9655dcf800549436e96"}}, 0x80}}, 0x800)
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 5 (id=8493):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a000000070000000080000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r2, 0x2000000, 0xe, 0x0, &(0x7f0000000940)="63eced8e46dc92b18236457ee3c8", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

kernel console output (not intermixed with test programs):

sb 6-1: Product: syz
[  850.742627][T13994] usb 6-1: Manufacturer: syz
[  850.757459][T13994] usb 6-1: SerialNumber: syz
[  850.786833][T13994] usb 6-1: config 0 descriptor??
[  850.820106][T13994] visor 6-1:0.0: Sony Clie 3.5 converter detected
[  851.046506][T13994] usb 6-1: clie_3_5_startup: get config number failed: -71
[  851.076425][T13994] visor 6-1:0.0: probe with driver visor failed with error -71
[  851.126135][T13994] usb 6-1: USB disconnect, device number 63
[  851.147489][T23096] netlink: 51 bytes leftover after parsing attributes in process `syz.6.6346'.
[  851.188802][T23101] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6348'.
[  851.223739][T23101] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6348'.
[  852.435727][T23098] syz.7.6347 (23098): drop_caches: 2
[  852.776296][T23147] loop6: detected capacity change from 0 to 128
[  852.865470][T23147] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  853.191195][    C0] net_ratelimit: 7 callbacks suppressed
[  853.191222][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  853.205297][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  853.213687][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  853.381049][T22460] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  853.647670][T23169] loop6: detected capacity change from 0 to 1024
[  853.705524][T23169] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback.
[  853.779781][T23169] EXT4-fs error (device loop6): ext4_map_blocks:833: inode #15: comm syz.6.6368: lblock 0 mapped to illegal pblock 0 (length 2)
[  853.895254][T23169] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 117
[  853.917267][T23169] EXT4-fs (loop6): This should not happen!! Data will be lost
[  853.917267][T23169] 
[  854.073171][T16846] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  854.151336][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  854.159846][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  854.168250][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  854.176640][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  854.185014][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  854.500835][T23194] veth0: entered promiscuous mode
[  854.521691][T23194] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6373'.
[  854.798320][T22689] EXT4-fs error (device loop6): ext4_validate_block_bitmap:440: comm kworker/u8:10: bg 0: block 112: padding at end of block bitmap is not set
[  854.858675][T22689] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1945 with error 28
[  854.895858][T22689] EXT4-fs (loop6): This should not happen!! Data will be lost
[  854.895858][T22689] 
[  854.910622][T22689] EXT4-fs (loop6): Total free blocks count 0
[  854.917194][T22689] EXT4-fs (loop6): Free/Dirty block details
[  854.923448][T22689] EXT4-fs (loop6): free_blocks=0
[  854.928563][T22689] EXT4-fs (loop6): dirty_blocks=1952
[  854.948288][T22689] EXT4-fs (loop6): Block reservation details
[  855.080236][T22460] EXT4-fs warning (device loop6): ext4_evict_inode:195: inode #15: comm syz-executor: data will be lost
[  855.381141][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  855.440601][T23213] netlink: 428 bytes leftover after parsing attributes in process `syz.5.6379'.
[  855.488779][ T5827] hid-generic 0000:0000:0000.0030: unknown main item tag 0x0
[  855.489915][T23213] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6379'.
[  855.571367][ T5827] hid-generic 0000:0000:0000.0030: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  855.726656][T23219] loop4: detected capacity change from 0 to 512
[  855.829701][T23219] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  856.064435][   T37] tipc: Subscription rejected, illegal request
[  856.215082][T17120] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  857.753085][T23274] loop7: detected capacity change from 0 to 4096
[  857.789255][T23274] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[  857.843273][T23284] netlink: 'syz.4.6401': attribute type 19 has an invalid length.
[  857.878883][T23284] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6401'.
[  857.954863][T23274] ntfs3(loop7): failed to convert name for inode 1.
[  857.976761][T23274] ntfs3(loop7): failed to convert name for inode a.
[  858.014795][T23284] netlink: 'syz.4.6401': attribute type 19 has an invalid length.
[  858.049043][T23284] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6401'.
[  859.726199][T23331] netlink: 'syz.9.6417': attribute type 39 has an invalid length.
[  859.795458][T23334] Bluetooth: MGMT ver 1.23
[  860.081229][    C1] net_ratelimit: 9 callbacks suppressed
[  860.081255][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  860.095269][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  860.103685][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  860.112102][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  860.252762][T23344] netlink: 120 bytes leftover after parsing attributes in process `syz.6.6423'.
[  860.471359][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  860.479752][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  860.488182][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  860.496567][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  860.504960][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  860.577577][T23348] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  860.940478][T23323] loop7: detected capacity change from 0 to 32768
[  861.065808][T23323] JBD2: Ignoring recovery information on journal
[  861.228843][T23365] loop6: detected capacity change from 0 to 512
[  861.265975][T23323] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  861.351904][T23365] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  861.609985][T14584] tipc: Subscription rejected, illegal request
[  861.866088][T22460] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  861.888426][T13657] ocfs2: Unmounting device (7,7) on (node local)
[  862.442551][T23383] loop6: detected capacity change from 0 to 32768
[  862.454374][T23383] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.6434 (23383)
[  862.512549][T23383] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  862.522856][T23383] BTRFS info (device loop6): using sha256 checksum algorithm
[  862.647539][T23383] BTRFS info (device loop6): enabling ssd optimizations
[  862.655552][T23383] BTRFS info (device loop6): turning on async discard
[  862.662430][T23383] BTRFS info (device loop6): enabling free space tree
[  862.920609][T22460] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  865.279179][T23466] net_ratelimit: 285 callbacks suppressed
[  865.279207][T23466] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  865.366671][T23466] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  865.423778][T23466] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  865.490644][T23471] loop7: detected capacity change from 0 to 4096
[  865.503085][T23476] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  865.574877][T23471] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  865.636262][T23476] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  865.801748][T23464] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  866.019937][T23488] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6457'.
[  866.439831][T13657] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  866.791157][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  866.799618][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  866.807999][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  867.346248][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  867.511445][T16846] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  867.699503][T16846] usb 5-1: config 0 has an invalid interface number: 127 but max is 0
[  867.730461][T16846] usb 5-1: config 0 has no interface number 0
[  867.770304][T16846] usb 5-1: config 0 interface 127 has no altsetting 0
[  867.822662][T16846] usb 5-1: string descriptor 0 read error: -71
[  867.856985][T16846] usb 5-1: New USB device found, idVendor=112a, idProduct=0005, bcdDevice=fe.2d
[  867.910547][T16846] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  867.969006][T16846] usb 5-1: config 0 descriptor??
[  867.999145][T16846] usb 5-1: can't set config #0, error -71
[  868.043473][T16846] usb 5-1: USB disconnect, device number 16
[  868.741980][T23551] loop7: detected capacity change from 0 to 512
[  868.836786][T23551] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  869.093953][T13993] IPVS: starting estimator thread 0...
[  869.222824][T23565] IPVS: using max 25 ests per chain, 60000 per kthread
[  869.436772][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  869.444223][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  869.516048][T13657] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  869.961120][T16846] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  870.158567][T16846] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  870.189626][T16846] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  870.223577][T16846] usb 5-1: config 0 descriptor??
[  870.249301][T16846] cp210x 5-1:0.0: cp210x converter detected
[  870.378249][T23596] netlink: 'syz.7.6493': attribute type 8 has an invalid length.
[  870.394578][T23596] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6493'.
[  870.433888][T23596] bond0: entered promiscuous mode
[  870.467223][T23596] gretap0: entered promiscuous mode
[  870.651338][T23596] bond0: left promiscuous mode
[  870.660149][T23596] gretap0: left promiscuous mode
[  870.712823][T16846] cp210x 5-1:0.0: failed to get vendor val 0x000e size 3: -32
[  870.936155][T23604] loop6: detected capacity change from 0 to 512
[  870.977410][T16846] usb 5-1: cp210x converter now attached to ttyUSB0
[  870.994801][T23604] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  871.065353][T23604] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  871.206129][   T10] usb 5-1: USB disconnect, device number 17
[  871.235584][T23604] EXT4-fs error (device loop6): ext4_readdir:263: inode #2: block 3: comm syz.6.6496: path /34/file0: bad entry in directory: directory entry overrun - offset=12, inode=514, rec_len=2048, size=2048 fake=0
[  871.271192][    C0] net_ratelimit: 383 callbacks suppressed
[  871.271218][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  871.318898][   T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  871.337611][   T10] cp210x 5-1:0.0: device disconnected
[  871.447885][T22460] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  872.128373][T23641] syzkaller1: entered promiscuous mode
[  872.160761][T23641] syzkaller1: entered allmulticast mode
[  872.974535][T16846] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  873.154008][T16846] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  873.207747][T16846] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  873.254671][T16846] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  873.293711][T16846] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  873.315124][T16846] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  873.347515][T16846] usb 5-1: config 0 descriptor??
[  873.511173][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  873.519620][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  873.528043][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  873.680817][T23674] netlink: 208240 bytes leftover after parsing attributes in process `syz.0.6520'.
[  873.787445][T16846] plantronics 0003:047F:FFFF.0031: reserved main item tag 0xd
[  873.816197][T16846] plantronics 0003:047F:FFFF.0031: unknown main item tag 0x0
[  873.854146][T16846] plantronics 0003:047F:FFFF.0031: unknown main item tag 0x0
[  873.877581][T16846] plantronics 0003:047F:FFFF.0031: unknown main item tag 0x0
[  873.905622][T16846] plantronics 0003:047F:FFFF.0031: unknown main item tag 0x0
[  873.932512][T16846] plantronics 0003:047F:FFFF.0031: unknown main item tag 0x0
[  873.993571][T16846] plantronics 0003:047F:FFFF.0031: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  874.050289][T16846] usb 5-1: USB disconnect, device number 18
[  874.185367][T23685] loop5: detected capacity change from 0 to 128
[  874.315457][T23685] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  874.363322][T23686] fido_id[23686]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  874.668295][ T5848] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  874.800152][T23702] loop4: detected capacity change from 0 to 164
[  874.838382][T23702] isofs_fill_super: get root inode failed
[  875.251278][T16846] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  875.422020][T16846] usb 5-1: Using ep0 maxpacket: 16
[  875.445522][T16846] usb 5-1: config 8 has an invalid interface number: 57 but max is 0
[  875.470082][T16846] usb 5-1: config 8 has no interface number 0
[  875.494109][T16846] usb 5-1: config 8 interface 57 altsetting 5 endpoint 0x9 has an invalid bInterval 0, changing to 7
[  875.538876][T16846] usb 5-1: config 8 interface 57 altsetting 5 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  875.592941][T16846] usb 5-1: config 8 interface 57 has no altsetting 0
[  875.634826][T16846] usb 5-1: New USB device found, idVendor=3909, idProduct=8f68, bcdDevice=dd.44
[  875.656433][T16846] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  875.701006][T16846] usb 5-1: Product: syz
[  875.708299][T16846] usb 5-1: Manufacturer: syz
[  875.722346][T16846] usb 5-1: SerialNumber: syz
[  875.983270][T16846] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  876.014890][T16846] usb 5-1: MIDIStreaming interface descriptor not found
[  876.189396][T16846] usb 5-1: USB disconnect, device number 19
[  876.257123][T23711] syz.5.6534 (23711): drop_caches: 2
[  876.385647][ T6110] udevd[6110]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:8.57/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  876.405524][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  876.405806][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  876.548112][T23727] netlink: 32 bytes leftover after parsing attributes in process `syz.0.6540'.
[  876.871239][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  876.879732][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  876.888214][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  877.704357][T23766] binder: 23765:23766 ioctl 4018620d 0 returned -22
[  877.763842][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  877.790380][ T5922] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  878.070348][T23777] xt_hashlimit: size too large, truncated to 1048576
[  878.621783][   T30] audit: type=1800 audit(16912595.849:1615): pid=23792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.6568" name="nullb0" dev="tmpfs" ino=6075 res=0 errno=0
[  878.656263][T23790] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check.
[  879.049706][T23801] fuse: fd is not a fuse device
[  879.502762][T23805] loop7: detected capacity change from 0 to 4096
[  879.548964][T23805] ntfs3(loop7): Different NTFS sector size (1024) and media sector size (512).
[  879.691700][T23819] netlink: 'syz.5.6580': attribute type 30 has an invalid length.
[  879.979576][   T30] audit: type=1326 audit(16912597.209:1616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23824 comm="syz.9.6582" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f92fc79c819 code=0x0
[  880.231353][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  880.239818][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  881.030450][T23858] loop4: detected capacity change from 0 to 16
[  881.087990][T23858] erofs (device loop4): mounted with root inode @ nid 36.
[  881.523144][T23868] loop6: detected capacity change from 0 to 1024
[  881.585589][T23868] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  881.658472][T23868] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  881.870976][   T30] audit: type=1326 audit(16912599.099:1617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23880 comm="syz.5.6597" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8b6e19c819 code=0x0
[  882.044747][T23868] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  882.458291][T23898] xt_hashlimit: size too large, truncated to 1048576
[  882.496697][T22460] EXT4-fs error (device loop6): htree_dirblock_to_tree:1077: inode #2: block 48: comm syz-executor: bad entry in directory: directory entry overrun - offset=76, inode=16, rec_len=65540, size=1024 fake=0
[  882.641992][T22460] EXT4-fs (loop6): Remounting filesystem read-only
[  883.129349][T22460] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  883.591314][    C1] net_ratelimit: 2 callbacks suppressed
[  883.591341][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  883.605395][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  883.613817][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  883.823009][T23929] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  883.842871][T23929] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  883.863050][T23929] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  884.029644][T23926] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  884.084170][T23926] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  884.448875][T23948] overlayfs: failed to clone upperpath
[  884.518556][   T30] audit: type=1326 audit(16912601.749:1618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23950 comm="syz.4.6617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  884.567433][T14584] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  884.618846][   T30] audit: type=1326 audit(16912601.749:1619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23950 comm="syz.4.6617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  884.719856][   T30] audit: type=1326 audit(16912601.779:1620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23950 comm="syz.4.6617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  884.820308][   T30] audit: type=1326 audit(16912601.779:1621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23950 comm="syz.4.6617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  884.936095][   T30] audit: type=1326 audit(16912601.789:1622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23950 comm="syz.4.6617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  885.064171][   T30] audit: type=1326 audit(16912601.799:1623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23950 comm="syz.4.6617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  885.189670][   T30] audit: type=1326 audit(16912601.799:1624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23950 comm="syz.4.6617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  885.263158][   T30] audit: type=1326 audit(16912601.799:1625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23950 comm="syz.4.6617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  885.340197][   T30] audit: type=1326 audit(16912601.799:1626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23950 comm="syz.4.6617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  885.362934][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  885.599158][T23960] ceph: No mds server is up or the cluster is laggy
[  885.619925][   T30] audit: type=1326 audit(16912601.809:1627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23950 comm="syz.4.6617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  885.659718][T23964] ceph: No mds server is up or the cluster is laggy
[  886.059526][T14584] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  886.755780][T24016] overlayfs: failed to resolve './file0': -2
[  886.878344][T14584] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  886.896066][T24021] netlink: 28 bytes leftover after parsing attributes in process `syz.7.6629'.
[  886.950827][T24021] netlink: 'syz.7.6629': attribute type 7 has an invalid length.
[  886.951180][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  886.990692][T24021] netlink: 'syz.7.6629': attribute type 8 has an invalid length.
[  887.018713][T24021] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6629'.
[  887.319587][T14584] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  888.403790][T14584] bridge_slave_1: left allmulticast mode
[  888.427927][T14584] bridge_slave_1: left promiscuous mode
[  888.449342][T14584] bridge0: port 2(bridge_slave_1) entered disabled state
[  888.453287][T24058] netlink: 'syz.7.6651': attribute type 13 has an invalid length.
[  888.544289][T14584] bridge_slave_0: left allmulticast mode
[  888.569541][T14584] bridge_slave_0: left promiscuous mode
[  888.591887][T14584] bridge0: port 1(bridge_slave_0) entered disabled state
[  888.779597][T24061] loop5: detected capacity change from 0 to 4096
[  888.865143][T24061] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  888.882454][ T5856] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  888.900295][ T5856] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  888.909292][ T5856] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  888.935402][ T5856] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  888.944720][ T5856] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  889.306909][ T5848] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  889.431319][    C0] net_ratelimit: 4 callbacks suppressed
[  889.431347][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  889.448048][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  889.550168][T14584] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  889.564492][T14584] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  889.588701][T14584] bond0 (unregistering): Released all slaves
[  890.143385][T24058] gretap0: refused to change device tx_queue_len
[  890.185752][T24058] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  890.471197][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  890.479627][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  890.488016][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  890.969754][   T30] kauditd_printk_skb: 67 callbacks suppressed
[  890.969781][   T30] audit: type=1800 audit(16912608.199:1695): pid=24113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.6664" name="nullb0" dev="tmpfs" ino=2633 res=0 errno=0
[  891.031003][ T5856] Bluetooth: hci3: command tx timeout
[  891.082597][T14584] hsr_slave_0: left promiscuous mode
[  891.111461][T14584] hsr_slave_1: left promiscuous mode
[  891.122835][T14584] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  891.136519][T14584] batman_adv: batadv0: Removing interface: batadv_slave_0
[  891.155428][T14584] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  891.170710][T14584] batman_adv: batadv0: Removing interface: batadv_slave_1
[  891.230833][T14584] veth1_macvtap: left promiscuous mode
[  891.238686][T24122] loop5: detected capacity change from 0 to 2048
[  891.263076][T14584] veth0_macvtap: left promiscuous mode
[  891.282757][T24122] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  891.283148][T14584] veth1_vlan: left promiscuous mode
[  891.318532][T24122] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  891.329547][T14584] veth0_vlan: left promiscuous mode
[  891.338933][T24122] UDF-fs: Scanning with blocksize 512 failed
[  891.394171][T24122] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  892.430665][T14584] team0 (unregistering): Port device team_slave_1 removed
[  892.523155][T14584] team0 (unregistering): Port device team_slave_0 removed
[  892.911049][T24119] macsec1: entered promiscuous mode
[  892.917886][T24119] macsec1: entered allmulticast mode
[  892.935484][ T5499] 8021q: adding VLAN 0 to HW filter on device eth5
[  893.121612][ T5856] Bluetooth: hci3: command tx timeout
[  893.282439][T24067] chnl_net:caif_netlink_parms(): no params data found
[  893.639271][T24067] bridge0: port 1(bridge_slave_0) entered blocking state
[  893.662300][T24067] bridge0: port 1(bridge_slave_0) entered disabled state
[  893.684811][T24067] bridge_slave_0: entered allmulticast mode
[  893.734492][T24067] bridge_slave_0: entered promiscuous mode
[  893.755243][T24067] bridge0: port 2(bridge_slave_1) entered blocking state
[  893.771681][T24067] bridge0: port 2(bridge_slave_1) entered disabled state
[  893.784348][T24067] bridge_slave_1: entered allmulticast mode
[  893.814528][T24067] bridge_slave_1: entered promiscuous mode
[  893.831323][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  893.839771][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  893.848244][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  894.017114][T24067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  894.068439][T24067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  894.136161][T14584] IPVS: stop unused estimator thread 0...
[  894.160662][T24197] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  894.324901][   T30] audit: type=1326 audit(16912611.559:1696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24203 comm="syz.7.6687" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f87eb79c819 code=0x0
[  894.333858][T24067] team0: Port device team_slave_0 added
[  894.430459][T24067] team0: Port device team_slave_1 added
[  894.714663][T24067] batman_adv: batadv0: Adding interface: batadv_slave_0
[  894.751868][T24067] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  894.834488][T24067] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  894.892274][T24067] batman_adv: batadv0: Adding interface: batadv_slave_1
[  894.911007][T24067] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  894.977891][T24067] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  895.008748][T24219] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6692'.
[  895.018833][T24219] netlink: 'syz.5.6692': attribute type 5 has an invalid length.
[  895.030539][T24219] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6692'.
[  895.091646][T24219] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6692'.
[  895.121939][T24219] netlink: 'syz.5.6692': attribute type 5 has an invalid length.
[  895.165670][T24219] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6692'.
[  895.191234][ T5856] Bluetooth: hci3: command tx timeout
[  895.322123][ T5499] 8021q: adding VLAN 0 to HW filter on device eth6
[  895.381748][T24067] hsr_slave_0: entered promiscuous mode
[  895.404921][T24067] hsr_slave_1: entered promiscuous mode
[  895.430073][T24067] debugfs: 'hsr0' already exists in 'hsr'
[  895.456708][T24067] Cannot create hsr debugfs directory
[  896.143021][T24246] xt_hashlimit: size too large, truncated to 1048576
[  896.506611][T24254] loop7: detected capacity change from 0 to 1024
[  896.531847][T24254] EXT4-fs: Ignoring removed i_version option
[  896.555414][T24254] ext4: Unknown parameter 'nouser_xattr'
[  897.192328][    C1] net_ratelimit: 4 callbacks suppressed
[  897.192354][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  897.206427][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  897.214856][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  897.273383][ T5856] Bluetooth: hci3: command tx timeout
[  897.349702][T24273] overlayfs: failed to clone upperpath
[  897.445534][T24278] loop5: detected capacity change from 0 to 136
[  898.447337][ T5499] 8021q: adding VLAN 0 to HW filter on device eth7
[  899.009345][T24067] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  899.226973][T24067] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  899.362045][T24067] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  899.410643][T24067] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  899.455452][T24067] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  899.497184][T24067] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  899.537530][T24067] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  899.600154][T24067] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  899.963035][T24067] 8021q: adding VLAN 0 to HW filter on device bond0
[  900.054301][T24067] 8021q: adding VLAN 0 to HW filter on device team0
[  900.115649][T23999] bridge0: port 1(bridge_slave_0) entered blocking state
[  900.122869][T23999] bridge0: port 1(bridge_slave_0) entered forwarding state
[  900.224624][T23999] bridge0: port 2(bridge_slave_1) entered blocking state
[  900.231884][T23999] bridge0: port 2(bridge_slave_1) entered forwarding state
[  900.551325][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  900.559835][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  900.568300][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  900.670034][ T5499] 8021q: adding VLAN 0 to HW filter on device eth8
[  901.151953][T24369] batadv_slave_0: entered promiscuous mode
[  901.187932][T24369] batadv_slave_0: left promiscuous mode
[  901.504532][T24067] 8021q: adding VLAN 0 to HW filter on device batadv0
[  901.599702][T24383] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6743'.
[  901.648369][T24383] netlink: 4 bytes leftover after parsing attributes in process `syz.9.6743'.
[  901.853334][T24067] veth0_vlan: entered promiscuous mode
[  901.926077][T24067] veth1_vlan: entered promiscuous mode
[  902.112628][T24067] veth0_macvtap: entered promiscuous mode
[  902.134899][T24067] veth1_macvtap: entered promiscuous mode
[  902.216679][T24067] batman_adv: batadv0: Interface activated: batadv_slave_0
[  902.277204][T24067] batman_adv: batadv0: Interface activated: batadv_slave_1
[  902.322085][   T37] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  902.346154][   T37] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  902.394596][   T37] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  902.426827][   T37] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  902.818709][T23991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  902.854117][T23991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  903.010649][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  903.020458][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  903.249230][T24425] xt_hashlimit: size too large, truncated to 1048576
[  903.340108][   T30] audit: type=1326 audit(16912620.569:1697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24426 comm="syz.1.6639" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3b6739c819 code=0x0
[  903.388976][T24434] netlink: 'syz.4.6758': attribute type 10 has an invalid length.
[  903.604406][T24434] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  903.665762][   T30] audit: type=1326 audit(16912620.899:1698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24439 comm="syz.9.6760" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f92fc79c819 code=0x0
[  903.911173][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  903.919618][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  903.928012][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  904.589363][T24461] loop5: detected capacity change from 0 to 1024
[  904.619735][T24461] EXT4-fs: Ignoring removed i_version option
[  904.641935][T24461] ext4: Unknown parameter 'nouser_xattr'
[  905.986452][T24500] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  906.054115][T24499] xt_hashlimit: size too large, truncated to 1048576
[  906.088480][T24500] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  906.171146][T24500] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  906.234968][T23999] wlan1: Trigger new scan to find an IBSS to join
[  906.241726][T24500] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  906.305929][T24500] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  906.374745][T24500] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  906.438848][T24500] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  906.675266][T24523] netlink: 36 bytes leftover after parsing attributes in process `syz.9.6786'.
[  907.183883][T24534] netlink: 16178 bytes leftover after parsing attributes in process `syz.5.6790'.
[  908.134388][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058b7d400: rx timeout, send abort
[  908.254592][T24570] ip6tnl1: entered promiscuous mode
[  908.545646][   T30] audit: type=1326 audit(16912625.779:1699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24576 comm="syz.0.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1fc19c819 code=0x7ffc0000
[  908.613691][   T30] audit: type=1326 audit(16912625.779:1701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24576 comm="syz.0.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1fc19c819 code=0x7ffc0000
[  908.636799][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058b7f400: rx timeout, send abort
[  908.645536][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058b7d400: abort rx timeout. Force session deactivation
[  908.749661][   T30] audit: type=1326 audit(16912625.779:1700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24576 comm="syz.0.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1fc19c819 code=0x7ffc0000
[  908.801773][   T30] audit: type=1326 audit(16912625.799:1703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24576 comm="syz.0.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7fa1fc19c819 code=0x7ffc0000
[  908.912523][   T30] audit: type=1326 audit(16912625.779:1702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24576 comm="syz.0.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1fc19c819 code=0x7ffc0000
[  908.949194][   T30] audit: type=1326 audit(16912625.799:1704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24576 comm="syz.0.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa1fc19c819 code=0x7ffc0000
[  908.976491][   T30] audit: type=1326 audit(16912625.849:1705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24576 comm="syz.0.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa1fc15d04e code=0x7ffc0000
[  909.013580][   T30] audit: type=1326 audit(16912625.849:1706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24576 comm="syz.0.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa1fc15d04e code=0x7ffc0000
[  909.087180][   T30] audit: type=1326 audit(16912625.849:1707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24576 comm="syz.0.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa1fc15d04e code=0x7ffc0000
[  909.136923][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058b7f400: abort rx timeout. Force session deactivation
[  909.164893][   T30] audit: type=1326 audit(16912625.849:1708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24576 comm="syz.0.6806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fa1fc15d04e code=0x7ffc0000
[  909.196044][T14584] wlan1: Trigger new scan to find an IBSS to join
[  909.341264][T24601] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6813'.
[  909.415674][T24601] netlink: 12 bytes leftover after parsing attributes in process `syz.9.6813'.
[  909.486382][T24601] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6813'.
[  909.550246][T24601] netlink: 12 bytes leftover after parsing attributes in process `syz.9.6813'.
[  909.587827][T24606] netlink: 'syz.0.6815': attribute type 3 has an invalid length.
[  910.536265][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058d0fc00: rx timeout, send abort
[  910.631295][    C0] net_ratelimit: 1020 callbacks suppressed
[  910.631323][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  910.645649][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  910.654127][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  911.036386][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058d0d000: rx timeout, send abort
[  911.044771][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058d0fc00: abort rx timeout. Force session deactivation
[  911.544679][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058d0d000: abort rx timeout. Force session deactivation
[  911.606100][T24673] xt_hashlimit: size too large, truncated to 1048576
[  911.623183][T13993] usb 6-1: new high-speed USB device number 64 using dummy_hcd
[  911.811721][T13993] usb 6-1: Using ep0 maxpacket: 16
[  911.845837][T13993] usb 6-1: config 0 has an invalid interface number: 49 but max is 0
[  911.874158][T13993] usb 6-1: config 0 has no interface number 0
[  911.897448][T13993] usb 6-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[  911.940232][T13993] usb 6-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0x3E, changing to 0xE
[  911.974808][T13993] usb 6-1: config 0 interface 49 altsetting 0 bulk endpoint 0xE has invalid maxpacket 92
[  912.042337][T13993] usb 6-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[  912.062369][T13993] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  912.086351][T13993] usb 6-1: Product: syz
[  912.114253][T13993] usb 6-1: Manufacturer: syz
[  912.138079][T13993] usb 6-1: SerialNumber: syz
[  912.152701][T14584] wlan1: Trigger new scan to find an IBSS to join
[  912.180806][T13993] usb 6-1: config 0 descriptor??
[  912.199757][T24666] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  912.264054][T24666] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  912.602099][T13993] qcserial 6-1:0.49: Qualcomm USB modem converter detected
[  912.664833][T13993] usb 6-1: Qualcomm USB modem converter now attached to ttyUSB0
[  912.721575][T13993] usb 6-1: USB disconnect, device number 64
[  912.774548][ T5843] udevd[5843]: setting mode of /dev/ttyUSB0 to 020660 failed: No such file or directory
[  912.784787][T13993] qcserial ttyUSB0: Qualcomm USB modem converter now disconnected from ttyUSB0
[  912.827601][T13993] qcserial 6-1:0.49: device disconnected
[  912.835413][ T5843] udevd[5843]: setting owner of /dev/ttyUSB0 to uid=0, gid=18 failed: No such file or directory
[  913.329510][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807bb02800: rx timeout, send abort
[  913.401763][T24718] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  913.463012][  T155] wlan1: Creating new IBSS network, BSSID e6:72:bf:88:9d:c2
[  913.830027][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807bb00000: rx timeout, send abort
[  913.838369][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807bb02800: abort rx timeout. Force session deactivation
[  914.338332][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807bb00000: abort rx timeout. Force session deactivation
[  914.601853][T24758] netlink: 'syz.0.6863': attribute type 10 has an invalid length.
[  914.646070][T24758] bond0: (slave wlan1): Enslaving as an active interface with a down link
[  916.262925][   T30] kauditd_printk_skb: 64 callbacks suppressed
[  916.262951][   T30] audit: type=1326 audit(16912889.500:1773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24803 comm="syz.4.6877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  916.382224][   T30] audit: type=1326 audit(16912889.500:1774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24803 comm="syz.4.6877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  916.467935][   T57] Bluetooth: hci6: Frame reassembly failed (-84)
[  916.473063][   T30] audit: type=1326 audit(16912889.500:1775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24803 comm="syz.4.6877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  916.496940][   T57] Bluetooth: hci6: Frame reassembly failed (-84)
[  916.505339][   T30] audit: type=1326 audit(16912889.500:1776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24803 comm="syz.4.6877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  916.528659][   T30] audit: type=1326 audit(16912889.500:1777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24803 comm="syz.4.6877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  916.599908][   T30] audit: type=1326 audit(16912889.500:1778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24803 comm="syz.4.6877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x7ffc0000
[  916.690513][   T30] audit: type=1326 audit(16912889.550:1779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24803 comm="syz.4.6877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f6aadf5d04e code=0x7ffc0000
[  916.778613][   T30] audit: type=1326 audit(16912889.560:1780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24803 comm="syz.4.6877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f6aadf5d04e code=0x7ffc0000
[  916.905819][   T30] audit: type=1326 audit(16912889.560:1781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24803 comm="syz.4.6877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f6aadf5d04e code=0x7ffc0000
[  917.025720][   T30] audit: type=1326 audit(16912889.560:1782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24803 comm="syz.4.6877" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f6aadf5d04e code=0x7ffc0000
[  918.470953][ T5857] Bluetooth: hci6: command 0x1003 tx timeout
[  918.481690][ T5856] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  918.879054][T24855] xt_hashlimit: size too large, truncated to 1048576
[  921.047313][T24915] xt_hashlimit: size too large, truncated to 1048576
[  922.144506][T24942] veth0_virt_wifi: entered allmulticast mode
[  922.641028][T13993] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  922.821044][T13993] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  922.864776][T13993] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  922.897004][T13993] usb 2-1: Product: syz
[  922.913782][T13993] usb 2-1: Manufacturer: syz
[  922.937451][T13993] usb 2-1: SerialNumber: syz
[  922.986055][T13993] usb 2-1: config 0 descriptor??
[  923.619646][T24985] hsr0: entered promiscuous mode
[  923.651938][T24985] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6927'.
[  923.671444][T24985] hsr_slave_0: left promiscuous mode
[  923.701216][T24985] hsr_slave_1: left promiscuous mode
[  923.728837][T24985] hsr0 (unregistering): left promiscuous mode
[  924.085389][T13993] usb 2-1: unexpected transceiver, part 0xf6 version 0x03
[  924.163171][   T30] kauditd_printk_skb: 36 callbacks suppressed
[  924.163196][   T30] audit: type=1326 audit(16912897.400:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24994 comm="syz.4.6930" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6aadf9c819 code=0x0
[  924.304140][T13993] usb 2-1: Firmware version (0.0) predates our first public release.
[  924.430484][T13993] usb 2-1: Please update to version 0.2 or newer
[  924.466556][T13993] usb 2-1: atusb_probe: initialization failed, error = -19
[  924.539898][T13993] usb 2-1: USB disconnect, device number 29
[  927.446041][T25051] netlink: 51 bytes leftover after parsing attributes in process `syz.9.6951'.
[  927.503884][T25053] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6952'.
[  928.488515][T25084] netlink: 92 bytes leftover after parsing attributes in process `syz.7.6965'.
[  929.365132][T25111] loop7: detected capacity change from 0 to 2048
[  929.407224][T25111] UDF-fs: error (device loop7): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  929.474863][T25111] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  929.625670][T25118] loop5: detected capacity change from 0 to 128
[  929.731845][T25118] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  929.744696][T25118] hpfs: filesystem error: improperly stopped
[  929.752423][T25118] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  929.791210][T25118] hpfs: You really don't want any checks? You are crazy...
[  929.830979][T25118] hpfs: Code page index out of array
[  929.856627][T25118] hpfs: code page support is disabled
[  929.885731][T25118] hpfs: hpfs_map_4sectors(): unaligned read
[  929.917598][T25118] hpfs: hpfs_map_4sectors(): unaligned read
[  929.953954][T25118] hpfs: filesystem error: unable to find root dir
[  929.975567][T25121] ubi31: attaching mtd0
[  930.059670][T25121] ubi31: scanning is finished
[  930.067483][T25121] ubi31: empty MTD device detected
[  930.379115][T25134] overlayfs: failed to clone upperpath
[  930.488184][T25136] ipvlan2: entered allmulticast mode
[  930.502594][T25136] syz_tun: entered allmulticast mode
[  930.527690][T25141] netlink: 'syz.0.6989': attribute type 39 has an invalid length.
[  930.599107][T25121] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  930.638926][T25121] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  930.668918][T25121] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  930.685578][T25121] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  930.696741][T25121] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  930.703938][T25121] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  930.712580][T25121] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3600201672
[  930.730932][T25121] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  930.771226][T25142] ubi31: background thread "ubi_bgt31d" started, PID 25142
[  930.875381][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  930.890468][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  931.447851][T25154] smbdirect: ib_dev[syz1]: added: RNIC max_fast_reg_page_list_len=256 device_cap_flags=0x200000 kernel_cap_flags=0x10 page_size_cap=0x1000
[  931.467631][T25154] smbdirect: ib_dev[syz1]: num_ports=1 max_qp_rd_atom=128 max_qp_init_rd_atom=128 max_sgl_rd=0 max_sge_rd=1 max_cqe=3276800 max_qp_wr=32768 max_send_sge=6 max_recv_sge=6
[  931.496919][T25154] smbdirect: ib_dev[syz1]PORT[1]: iwarp=1 ib=0 roce=0 v1=0 v2=0 core_cap_flags=0x400008
[  931.523743][T25154] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  931.546017][T25154] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  932.349993][T25172] xt_hashlimit: size too large, truncated to 1048576
[  933.179906][T25214] input: syz1 as /devices/virtual/input/input59
[  933.417020][T25224] sctp: [Deprecated]: syz.5.7021 (pid 25224) Use of struct sctp_assoc_value in delayed_ack socket option.
[  933.417020][T25224] Use struct sctp_sack_info instead
[  933.456271][   T30] audit: type=1326 audit(16912906.690:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25221 comm="syz.0.7020" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa1fc19c819 code=0x0
[  933.649240][T25236] netlink: 'syz.5.7025': attribute type 9 has an invalid length.
[  933.657392][T25236] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7025'.
[  933.678833][T25236] netlink: 'syz.5.7025': attribute type 9 has an invalid length.
[  933.697205][T25236] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7025'.
[  934.322376][T25245] loop5: detected capacity change from 0 to 32768
[  934.334932][T25245] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.7029 (25245)
[  934.403310][T25245] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  934.415262][T25245] BTRFS info (device loop5): using crc32c checksum algorithm
[  934.528906][T25245] BTRFS info (device loop5): enabling ssd optimizations
[  934.536053][T25245] BTRFS info (device loop5): turning on flush-on-commit
[  934.543683][T25245] BTRFS info (device loop5): enabling free space tree
[  934.550541][T25245] BTRFS info (device loop5): enabling auto defrag
[  934.557069][T25245] BTRFS info (device loop5): use lzo compression, level 1
[  934.564897][T25245] BTRFS info (device loop5): max_inline set to 4096
[  935.303866][ T5848] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  936.044786][T25302] netlink: 164 bytes leftover after parsing attributes in process `syz.1.7046'.
[  936.105332][T25302] netlink: 36 bytes leftover after parsing attributes in process `syz.1.7046'.
[  936.337262][T25309] netlink: 'syz.5.7039': attribute type 4 has an invalid length.
[  936.516360][T25317] ipvlan2: entered allmulticast mode
[  936.531006][T25317] syz_tun: entered allmulticast mode
[  937.095619][T25340] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7055'.
[  937.532459][T25349] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7058'.
[  937.545802][T25350] fuse: fd is not a fuse device
[  937.601891][T25349] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7058'.
[  937.723765][T25356] ubi: mtd0 is already attached to ubi31
[  938.159600][T25376] overlayfs: failed to clone upperpath
[  940.509777][T25445] loop5: detected capacity change from 0 to 1024
[  940.565994][T25445] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  940.717324][   T30] audit: type=1800 audit(16912913.950:1821): pid=25445 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.7087" name="file1" dev="loop5" ino=15 res=0 errno=0
[  940.897025][T25460] loop7: detected capacity change from 0 to 128
[  940.912761][ T5848] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  941.037307][T25460] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  941.123456][T25460] hpfs: filesystem error: improperly stopped
[  941.152446][T25460] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  941.179103][T25468] netlink: 'syz.5.7093': attribute type 3 has an invalid length.
[  941.190518][T25460] hpfs: You really don't want any checks? You are crazy...
[  941.223874][T25460] hpfs: Code page index out of array
[  941.244991][T25460] hpfs: code page support is disabled
[  941.264213][T25460] hpfs: hpfs_map_4sectors(): unaligned read
[  941.278927][T25460] hpfs: hpfs_map_4sectors(): unaligned read
[  941.310539][T25460] hpfs: filesystem error: unable to find root dir
[  941.939615][T25492] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7101'.
[  942.018160][T25492] netlink: 24 bytes leftover after parsing attributes in process `syz.7.7101'.
[  943.195137][T16846] page_pool_release_retry() stalled pool shutdown: id 178, 1 inflight 60 sec
[  943.249951][T25529] loop7: detected capacity change from 0 to 512
[  943.263501][T25531] overlayfs: failed to resolve './cgroup': -2
[  943.291499][T25529] EXT4-fs: Ignoring removed mblk_io_submit option
[  943.378718][T25529] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  943.467880][T25529] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  943.490460][T23991] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  943.603636][   T30] audit: type=1800 audit(16912916.840:1822): pid=25529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.7114" name="file2" dev="loop7" ino=16 res=0 errno=0
[  943.819210][T13657] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  944.238355][T25562] siw: device registration error -23
[  944.790084][T25576] xt_hashlimit: size too large, truncated to 1048576
[  944.874820][T25579] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7132'.
[  945.556263][T25589] netlink: 'syz.5.7137': attribute type 22 has an invalid length.
[  945.576970][T25589] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7137'.
[  945.646071][T25589] netlink: 'syz.5.7137': attribute type 22 has an invalid length.
[  945.647629][T23999] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  945.675753][T25589] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7137'.
[  945.712544][T23999] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  945.743488][T23999] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  945.770124][T23999] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  946.089665][T25593] bond2: entered allmulticast mode
[  947.126230][T25621] team0: entered allmulticast mode
[  947.274169][T25627] fuse: Bad value for 'fd'
[  947.379476][T25630] loop5: detected capacity change from 0 to 64
[  947.447461][T25632] 9pnet: p9_errstr2errno: server reported unknown error 0x0000
[  947.958763][T25653] tls_set_device_offload_rx: netdev not found
[  948.958145][T25685] syzkaller1: entered promiscuous mode
[  948.971016][T25685] syzkaller1: entered allmulticast mode
[  950.151793][T25725] overlayfs: failed to clone upperpath
[  950.169810][T25725] overlayfs: failed to clone upperpath
[  951.156918][T25729] loop7: detected capacity change from 0 to 32768
[  951.209439][T25729] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  951.457823][T25729] XFS (loop7): Ending clean mount
[  951.696128][T25770] loop5: detected capacity change from 0 to 4096
[  951.982168][T13657] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  952.456246][T25789] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  952.969184][T25802] overlayfs: failed to clone upperpath
[  953.482300][T25818] input: syz1 as /devices/virtual/input/input60
[  953.620719][T25819] bond1: (slave vlan0): Enslaving as a backup interface with an up link
[  953.639792][T25826] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7234'.
[  953.930573][T25831] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  954.014646][T25831] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  954.071619][T13992] page_pool_release_retry() stalled pool shutdown: id 181, 1 inflight 60 sec
[  954.525497][T25855] loop7: detected capacity change from 0 to 512
[  954.571684][T25855] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  954.633393][T25855] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  955.098271][T13657] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  955.725430][T25883] netlink: 168 bytes leftover after parsing attributes in process `syz.4.7254'.
[  955.787512][T16846] usb 6-1: new high-speed USB device number 65 using dummy_hcd
[  955.953155][T16846] usb 6-1: New USB device found, idVendor=5543, idProduct=004d, bcdDevice= 0.00
[  955.976284][T16846] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  956.008972][T16846] usb 6-1: config 0 descriptor??
[  956.449922][T16846] hid (null): global environment stack underflow
[  956.470323][T16846] hid (null): unknown global tag 0xc
[  956.653135][T16846] usb 6-1: string descriptor 0 read error: -71
[  956.675717][T16846] uclogic 0003:5543:004D.0032: failed retrieving string descriptor #200: -71
[  956.702954][T16846] uclogic 0003:5543:004D.0032: failed retrieving pen parameters: -71
[  956.720398][T16846] uclogic 0003:5543:004D.0032: failed probing pen v2 parameters: -71
[  956.736995][T16846] uclogic 0003:5543:004D.0032: failed probing parameters: -71
[  956.746953][T16846] uclogic 0003:5543:004D.0032: probe with driver uclogic failed with error -71
[  956.784127][T16846] usb 6-1: USB disconnect, device number 65
[  957.150388][   T30] audit: type=1326 audit(16912930.380:1823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25921 comm="syz.0.7270" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa1fc19c819 code=0x0
[  957.669786][   T30] audit: type=1326 audit(16912930.900:1824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25937 comm="syz.5.7277" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8b6e19c819 code=0x0
[  958.223131][T13992] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  958.398366][T13992] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  958.418325][T13992] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  958.437245][T13992] usb 2-1: Product: syz
[  958.451458][T13992] usb 2-1: Manufacturer: syz
[  958.463662][T13992] usb 2-1: SerialNumber: syz
[  958.490357][T13992] usb 2-1: config 0 descriptor??
[  958.942277][T13992] usb 2-1: Firmware: major: 50, minor: 195, hardware type: UNKNOWN (85)
[  959.146996][T13992] usb 2-1: no permanent extended address found, random address set
[  959.169582][T13992] usb 2-1: atusb_probe: initialization failed, error = -524
[  959.193499][T13992] atusb 2-1:0.0: probe with driver atusb failed with error -524
[  959.370303][   T29] usb 2-1: USB disconnect, device number 30
[  959.738546][T25960] delete_channel: no stack
[  960.874667][T16846] usb 6-1: new high-speed USB device number 66 using dummy_hcd
[  961.076081][T16846] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  961.105461][T16846] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[  961.146937][T16846] usb 6-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  961.176667][T16846] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  961.201026][T16846] usb 6-1: Product: syz
[  961.208703][T16846] usb 6-1: Manufacturer: syz
[  961.217146][T16846] usb 6-1: SerialNumber: syz
[  961.232544][T16846] usb 6-1: config 0 descriptor??
[  961.267963][T26005] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  961.291422][T26005] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  961.526689][T26005] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  961.546638][T26005] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  961.765171][T16846] Error reading MAC address
[  961.792124][T16846] usb 6-1: USB disconnect, device number 66
[  962.095542][T26042] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7320'.
[  962.119353][T26042] netlink: 12 bytes leftover after parsing attributes in process `syz.9.7320'.
[  962.135182][T26042] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7320'.
[  962.147329][T26042] netlink: 8 bytes leftover after parsing attributes in process `syz.9.7320'.
[  962.157914][T26042] netlink: 12 bytes leftover after parsing attributes in process `syz.9.7320'.
[  962.167447][T26042] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7320'.
[  962.432338][   T29] libceph: connect (1)[c::]:6789 error -101
[  962.450383][T26055] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7327'.
[  962.462393][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  962.530675][   T29] libceph: connect (1)[c::]:6789 error -101
[  962.548012][   T29] libceph: mon0 (1)[c::]:6789 connect error
[  962.772892][T16846] libceph: connect (1)[c::]:6789 error -101
[  962.796451][T16846] libceph: mon0 (1)[c::]:6789 connect error
[  962.861516][T16846] libceph: connect (1)[c::]:6789 error -101
[  962.880410][T16846] libceph: mon0 (1)[c::]:6789 connect error
[  963.202837][T26052] ceph: No mds server is up or the cluster is laggy
[  963.220520][T26058] ceph: No mds server is up or the cluster is laggy
[  963.564401][   T30] audit: type=1800 audit(16912936.800:1825): pid=26088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.7339" name="nullb0" dev="tmpfs" ino=2633 res=0 errno=0
[  963.571715][T26090] netlink: 20 bytes leftover after parsing attributes in process `syz.1.7338'.
[  964.224745][T26115] netlink: 'syz.5.7349': attribute type 7 has an invalid length.
[  964.240131][T26115] netlink: 'syz.5.7349': attribute type 7 has an invalid length.
[  964.252608][T26117] netlink: 'syz.9.7348': attribute type 15 has an invalid length.
[  964.268197][T26117] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7348'.
[  964.312840][T26117] netlink: 'syz.9.7348': attribute type 15 has an invalid length.
[  964.322323][T26119] geneve2: entered promiscuous mode
[  964.332131][T26117] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7348'.
[  964.340822][   T37] netdevsim netdevsim9 netdevsim0: set [0, 1] type 1 family 0 port 2816 - 0
[  964.341479][   T37] netdevsim netdevsim9 netdevsim1: set [0, 1] type 1 family 0 port 2816 - 0
[  964.423498][T14584] netdevsim netdevsim9 netdevsim2: set [0, 1] type 1 family 0 port 2816 - 0
[  964.448300][T14584] netdevsim netdevsim9 netdevsim3: set [0, 1] type 1 family 0 port 2816 - 0
[  964.485212][T14584] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 49446 - 0
[  964.521580][T14584] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 49446 - 0
[  964.572402][T14584] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 49446 - 0
[  964.584962][T14584] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 49446 - 0
[  968.084219][T26206] overlayfs: failed to clone upperpath
[  968.376857][T26213] fuse: Bad value for 'fd'
[  968.432023][   T10] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  968.612706][   T10] usb 2-1: Using ep0 maxpacket: 32
[  968.634367][   T10] usb 2-1: config 0 has an invalid interface number: 188 but max is 0
[  968.665059][   T10] usb 2-1: config 0 has no interface number 0
[  968.688634][   T10] usb 2-1: config 0 interface 188 altsetting 0 endpoint 0x82 has invalid maxpacket 65535, setting to 1024
[  968.727343][   T10] usb 2-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  968.770140][   T10] usb 2-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  968.789974][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  968.810239][   T10] usb 2-1: Product: syz
[  968.816467][   T10] usb 2-1: Manufacturer: syz
[  968.827154][T26202] loop5: detected capacity change from 0 to 32768
[  968.835761][   T10] usb 2-1: SerialNumber: syz
[  968.846207][   T10] usb 2-1: config 0 descriptor??
[  968.876881][T26208] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  968.893815][T26202] XFS (loop5): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  969.166520][T26208] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  969.254507][T26202] XFS (loop5): Starting recovery (logdev: internal)
[  969.320478][T26202] XFS (loop5): Ending recovery (logdev: internal)
[  969.470456][T26202] XFS (loop5): Corruption warning: Metadata has LSN (8192:64) ahead of current LSN (1:192). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  969.539461][T26202] XFS (loop5): Metadata CRC error detected at xfs_allocbt_read_verify+0x26/0xe0, xfs_bnobt block 0x4 
[  969.601180][T26202] XFS (loop5): Unmount and run xfs_repair
[  969.622523][T26202] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  969.672971][T26202] 00000000: 53 55 4d 59 00 00 00 02 ff ff ff ff ff ff ff ff  SUMY............
[  969.732866][T26202] 00000010: 00 00 00 00 00 00 00 04 00 00 20 00 00 00 00 40  .......... ....@
[  969.811876][T26202] 00000020: 9f 91 83 2a 3b 79 45 c3 9d 6d ed 0b c7 35 7f e4  ...*;yE..m...5..
[  969.845088][T26202] 00000030: 00 00 00 00 25 47 cc 81 00 00 00 0d 00 00 00 03  ....%G..........
[  969.877314][T26202] 00000040: 00 00 0e a8 00 00 11 58 00 00 00 00 00 00 00 00  .......X........
[  969.903354][T26202] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  969.923042][T26202] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  969.940927][T26202] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  969.968127][T26202] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x24e/0x520" at daddr 0x4 len 4 error 74
[  970.014454][T26202] XFS (loop5): page discard on page ffffea000149c6c0, inode 0x1d09, pos 0.
[  970.104127][ T5848] XFS (loop5): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  970.116695][ T5848] XFS (loop5): Uncorrected metadata errors detected; please run xfs_repair.
[  970.247184][   T10] asix 2-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  970.288649][   T10] asix 2-1:0.188: probe with driver asix failed with error -71
[  970.316290][   T10] usb 2-1: USB disconnect, device number 31
[  970.500412][T26252] __nla_validate_parse: 3 callbacks suppressed
[  970.500440][T26252] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.7406'.
[  970.519994][T26252] netlink: Unknown conntrack attr (0)
[  971.537131][T26283] input: syz1 as /devices/virtual/input/input61
[  971.838635][   T30] audit: type=1326 audit(16912945.070:1826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26289 comm="syz.0.7422" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa1fc19c819 code=0x0
[  972.500911][T26308] netlink: 'syz.4.7428': attribute type 1 has an invalid length.
[  972.557472][T26308] 8021q: adding VLAN 0 to HW filter on device bond2
[  973.387971][T26324] bond3: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  973.436809][T26324] bond3: (slave lo): Enslaving as an active interface with an up link
[  973.585010][T26324] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  974.311393][T16846] page_pool_release_retry() stalled pool shutdown: id 190, 1 inflight 60 sec
[  974.498007][T14584] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  975.067599][T26367] netlink: 207952 bytes leftover after parsing attributes in process `syz.5.7450'.
[  975.483471][T26374] loop5: detected capacity change from 0 to 256
[  975.620393][T26374] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[  975.790118][T26358] loop7: detected capacity change from 0 to 131072
[  975.816831][T26358] F2FS-fs (loop7): invalid crc value
[  975.956890][T26358] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  975.973141][T26358] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[  976.022636][T26358] F2FS-fs (loop7): Stopped filesystem due to reason: 0
[  976.041359][T26358] F2FS-fs (loop7): f2fs_lookup: inode (ino=4) has zero i_nlink
[  977.765887][T26419] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7469'.
[  977.792742][T26419] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7469'.
[  977.813231][T26419] netlink: 'syz.4.7469': attribute type 6 has an invalid length.
[  977.841046][T16846] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  977.866066][T26417] overlayfs: statfs failed on './file0'
[  977.981626][T26419] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7469'.
[  978.020701][T26425] netlink: 28 bytes leftover after parsing attributes in process `syz.0.7472'.
[  978.020947][T26419] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7469'.
[  978.045723][T16846] usb 2-1: Using ep0 maxpacket: 32
[  978.070274][T16846] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  978.071729][T26419] netlink: 'syz.4.7469': attribute type 6 has an invalid length.
[  978.094114][T16846] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  978.139669][T16846] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  978.174936][T16846] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  978.196928][T16846] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  978.213108][T16846] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  978.253402][T16846] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  978.283494][T16846] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  978.331793][T16846] usb 2-1: config 0 descriptor??
[  978.484476][T26433] 9pnet: p9_errstr2errno: server reported unknown error 0x00000
[  978.598169][T16846] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 32 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  978.876837][   T10] usb 2-1: USB disconnect, device number 32
[  978.962883][   T10] usblp0: removed
[  982.428891][T26509] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.7508'.
[  983.812637][T26528] netlink: 'syz.4.7517': attribute type 1 has an invalid length.
[  983.821776][T26528] netlink: 'syz.4.7517': attribute type 22 has an invalid length.
[  984.577705][T26528] bridge0: port 2(bridge_slave_1) entered disabled state
[  984.585237][T26528] bridge0: port 1(bridge_slave_0) entered disabled state
[  985.087919][T26545] netlink: 12 bytes leftover after parsing attributes in process `syz.1.7524'.
[  985.150563][T26545] ipvlan2: entered allmulticast mode
[  985.178502][T26545] syz_tun: entered allmulticast mode
[  985.302683][T26552] fuse: fd is not a fuse device
[  985.583861][T26555] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7528'.
[  985.606639][T26555] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7528'.
[  985.627422][T26555] netlink: 8 bytes leftover after parsing attributes in process `syz.5.7528'.
[  985.647188][T26555] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7528'.
[  986.441897][T26575] 9pnet_fd: p9_fd_create_tcp (26575): problem connecting socket to 127.0.0.1
[  987.095657][T26595] fuse: fd is not a fuse device
[  987.119958][T26575] 9pnet_fd: p9_fd_create_tcp (26575): problem connecting socket to 127.0.0.1
[  987.147812][T26595] overlayfs: failed to clone lowerpath
[  987.188828][T26597] netlink: 'syz.0.7545': attribute type 1 has an invalid length.
[  987.201589][T26595] overlayfs: failed to clone lowerpath
[  987.280143][T26597] 8021q: adding VLAN 0 to HW filter on device bond5
[  987.660528][T26608] fuse: Bad value for 'fd'
[  989.475485][T26653] rtc_cmos PNP0B00:00: Alarms can be up to one day in the future
[  989.876210][T26673] overlayfs: failed to clone upperpath
[  990.295956][   T30] audit: type=1326 audit(16912963.530:1827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26685 comm="syz.5.7583" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8b6e19c819 code=0x0
[  990.511816][T26692] 9pnet_fd: p9_fd_create_tcp (26692): problem connecting socket to 127.0.0.1
[  991.232178][T26692] 9pnet_fd: p9_fd_create_tcp (26692): problem connecting socket to 127.0.0.1
[  991.621353][T13992] usb 6-1: new high-speed USB device number 67 using dummy_hcd
[  991.801683][T13992] usb 6-1: Using ep0 maxpacket: 8
[  991.848188][T13992] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  991.878410][T13992] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  991.900984][T13992] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  991.936399][T13992] usb 6-1: config 0 descriptor??
[  992.190283][T13992] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  992.317088][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[  992.323594][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[  992.662382][T16846] usb 6-1: USB disconnect, device number 67
[  993.392743][T26766] netlink: 51 bytes leftover after parsing attributes in process `syz.1.7616'.
[  993.708928][   T30] audit: type=1326 audit(16912966.940:1828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26751 comm="syz.9.7611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92fc79c819 code=0x7fc00000
[  994.609490][T26769] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  994.626757][T26769] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  994.767078][T23991] netdevsim netdevsim5 eth0: unset [0, 0] type 1 family 0 port 8472 - 0
[  994.798606][T23991] netdevsim netdevsim5 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  994.825243][T23991] netdevsim netdevsim5 eth1: unset [0, 0] type 1 family 0 port 8472 - 0
[  994.838331][T23991] netdevsim netdevsim5 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  994.858841][T23991] netdevsim netdevsim5 eth2: unset [0, 0] type 1 family 0 port 8472 - 0
[  994.885129][T23991] netdevsim netdevsim5 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  994.914848][T23991] netdevsim netdevsim5 eth3: unset [0, 0] type 1 family 0 port 8472 - 0
[  994.943966][T23991] netdevsim netdevsim5 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  995.323523][T26808] loop5: detected capacity change from 0 to 32768
[  995.367628][T26808] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  995.387840][T26815] netlink: 'syz.1.7628': attribute type 18 has an invalid length.
[  995.429509][T26815] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7628'.
[  995.474736][T26808] XFS (loop5): Ending clean mount
[  995.483567][T26808] XFS (loop5): Quotacheck needed: Please wait.
[  995.552036][T26808] XFS (loop5): Quotacheck: Done.
[  995.577181][T26815] netlink: 'syz.1.7628': attribute type 18 has an invalid length.
[  995.588550][  T155] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  995.674271][T26815] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7628'.
[  995.684007][  T155] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  995.750631][  T155] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  995.786881][  T155] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  996.035366][ T5848] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  996.936142][T26858] input: syz0 as /devices/virtual/input/input62
[  998.012192][T26883] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  998.747655][T26903] netlink: 52 bytes leftover after parsing attributes in process `syz.7.7663'.
[  999.695424][T26926] netlink: 52 bytes leftover after parsing attributes in process `syz.9.7672'.
[  999.746728][T26929] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7672'.
[  999.794247][T26928] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1000.620809][T26944] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7682'.
[ 1000.807236][T26944] ipvlan2: entered allmulticast mode
[ 1000.831100][T26944] syz_tun: entered allmulticast mode
[ 1001.591421][ T8447] usb 6-1: new high-speed USB device number 68 using dummy_hcd
[ 1001.838398][ T8447] usb 6-1: Using ep0 maxpacket: 8
[ 1001.857442][ T8447] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[ 1001.894466][ T8447] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1001.943688][ T8447] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1001.960930][ T8447] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1001.981030][ T8447] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1002.032782][ T8447] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1002.065685][ T8447] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1002.364372][ T8447] usb 6-1: usb_control_msg returned -32
[ 1002.378322][ T8447] usbtmc 6-1:16.0: can't read capabilities
[ 1003.197480][T27001] usbtmc 6-1:16.0: usb_control_msg returned -32
[ 1003.313728][T27005] overlayfs: failed to clone upperpath
[ 1003.415403][ T8447] usb 6-1: USB disconnect, device number 68
[ 1004.029347][   T30] audit: type=1326 audit(16912977.260:1829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27002 comm="syz.1.7702" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6739c819 code=0x7fc00000
[ 1005.427840][T27042] netlink: 4 bytes leftover after parsing attributes in process `syz.9.7718'.
[ 1005.731314][T27045] syz.1.7720 (27045) used greatest stack depth: 18312 bytes left
[ 1005.797228][T27059] tipc: Started in network mode
[ 1005.803392][T27059] tipc: Node identity 7f000001, cluster identity 4711
[ 1005.812979][T27059] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1006.013852][T13993] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[ 1006.139617][  T136] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1006.172665][T27069] ip6gre1: entered promiscuous mode
[ 1006.193728][T13993] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1006.225949][T13993] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1006.304748][T13993] usb 2-1: config 0 descriptor??
[ 1006.327888][T13993] cp210x 2-1:0.0: cp210x converter detected
[ 1006.750428][T13993] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32
[ 1006.798218][T13993] usb 2-1: cp210x converter now attached to ttyUSB0
[ 1006.984508][T16846] usb 2-1: USB disconnect, device number 33
[ 1007.016910][T16846] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1007.093103][T16846] cp210x 2-1:0.0: device disconnected
[ 1007.189810][T27091] loop7: detected capacity change from 0 to 512
[ 1007.280719][T27091] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1007.486451][T27091] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1314: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[ 1007.577104][T27091] Quota error (device loop7): write_blk: dquota write failed
[ 1007.636990][T27091] Quota error (device loop7): qtree_write_dquot: Error -28 occurred while creating quota
[ 1007.713705][T27091] EXT4-fs error (device loop7): ext4_acquire_dquot:7032: comm syz.7.7739: Failed to acquire dquot type 1
[ 1007.968164][T27103] netlink: 'syz.0.7743': attribute type 23 has an invalid length.
[ 1008.008821][T27103] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1008.057726][T27103] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1008.065034][T27103] IPv6: NLM_F_CREATE should be set when creating new route
[ 1008.076605][T27089] comedi comedi2: reset error (fatal)
[ 1008.093191][T27104] netlink: 'syz.0.7743': attribute type 23 has an invalid length.
[ 1008.105663][T13657] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1008.118268][T27104] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1009.573906][T27127] netlink: 'syz.7.7753': attribute type 1 has an invalid length.
[ 1009.613821][T27127] netlink: 224 bytes leftover after parsing attributes in process `syz.7.7753'.
[ 1011.192591][T27173] netlink: 'syz.0.7769': attribute type 3 has an invalid length.
[ 1012.590905][T16846] usb 6-1: new high-speed USB device number 69 using dummy_hcd
[ 1012.728081][T27185] loop7: detected capacity change from 0 to 131072
[ 1012.761794][T16846] usb 6-1: Using ep0 maxpacket: 16
[ 1012.769733][T27185] F2FS-fs (loop7): Wrong CP boundary, start(512) end(1536) blocks(0)
[ 1012.780976][T27185] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1012.791806][T16846] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1012.807820][T16846] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7
[ 1012.820922][T27185] F2FS-fs (loop7): invalid crc value
[ 1012.937114][T27185] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1012.958395][T16846] usb 6-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40
[ 1012.975054][T27185] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 1012.986099][T27185] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[ 1013.000912][T16846] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1013.009626][T16846] usb 6-1: Product: syz
[ 1013.014638][T16846] usb 6-1: Manufacturer: syz
[ 1013.019385][T16846] usb 6-1: SerialNumber: syz
[ 1013.145302][   T30] audit: type=1800 audit(16912986.380:1830): pid=27185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.7774" name="file1" dev="loop7" ino=7 res=0 errno=0
[ 1013.302409][T16846] usb 6-1: Audio class v2/v3 interfaces need an interface association
[ 1013.326357][T16846] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1013.863081][T16846] usb 6-1: USB disconnect, device number 69
[ 1013.989106][T26827] udevd[26827]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.1/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1014.871291][T15807] Bluetooth: hci3: command 0x0406 tx timeout
[ 1016.516109][T27269] netlink: 'syz.0.7805': attribute type 1 has an invalid length.
[ 1016.686850][T27269] bond6: entered promiscuous mode
[ 1016.703455][T27269] 8021q: adding VLAN 0 to HW filter on device bond6
[ 1016.925110][T27271] veth3: entered promiscuous mode
[ 1016.997651][T27271] bond6: (slave veth3): making interface the new active one
[ 1017.135356][T27271] bond6: (slave veth3): Enslaving as an active interface with an up link
[ 1017.719887][T27288] loop5: detected capacity change from 0 to 1024
[ 1017.744742][T27288] EXT4-fs: Ignoring removed bh option
[ 1017.815352][T27288] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1018.062954][ T5848] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1018.487171][T16846] libceph: connect (1)[c::]:6789 error -101
[ 1018.501676][T16846] libceph: mon0 (1)[c::]:6789 connect error
[ 1018.524117][T27303] ceph: No mds server is up or the cluster is laggy
[ 1020.646990][T27329] loop5: detected capacity change from 0 to 32768
[ 1020.732577][T27329] JBD2: Ignoring recovery information on journal
[ 1020.744060][T27352] overlayfs: failed to clone lowerpath
[ 1020.918142][T27329] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[ 1021.444166][ T5848] ocfs2: Unmounting device (7,5) on (node local)
[ 1021.487862][T27369] netlink: 52 bytes leftover after parsing attributes in process `syz.4.7845'.
[ 1021.573064][T27370] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7845'.
[ 1022.187563][T27379] loop5: detected capacity change from 0 to 128
[ 1022.235982][T27379] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[ 1022.282061][T27379] hpfs: filesystem error: improperly stopped
[ 1022.325463][T27379] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[ 1022.368522][T27379] hpfs: You really don't want any checks? You are crazy...
[ 1022.416251][T27379] hpfs: hpfs_map_sector(): read error
[ 1022.451991][T27379] hpfs: code page support is disabled
[ 1022.470631][T27379] hpfs: hpfs_map_4sectors(): unaligned read
[ 1022.520992][T27379] hpfs: hpfs_map_4sectors(): unaligned read
[ 1022.535688][T27379] hpfs: filesystem error: unable to find root dir
[ 1022.661208][T27379] hpfs: hpfs_map_4sectors(): unaligned read
[ 1022.697843][T27379] hpfs: hpfs_map_sector(): read error
[ 1022.736370][T27387] hpfs: hpfs_map_4sectors(): unaligned read
[ 1022.758049][T27387] hpfs: hpfs_map_sector(): read error
[ 1022.766437][T27391] overlayfs: failed to clone lowerpath
[ 1024.997495][T27442] netlink: 'syz.5.7870': attribute type 1 has an invalid length.
[ 1025.237939][T27442] bond2: entered promiscuous mode
[ 1025.275812][T27442] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1025.471312][T27446] bond2: (slave bridge1): making interface the new active one
[ 1025.504590][T27446] bridge1: entered promiscuous mode
[ 1025.549894][T27446] bond2: (slave bridge1): Enslaving as an active interface with an up link
[ 1025.845027][T27468] overlayfs: failed to resolve './file0': -2
[ 1026.249949][   T30] audit: type=1326 audit(16912999.470:1831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27482 comm="syz.7.7878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1026.396481][   T30] audit: type=1326 audit(16912999.470:1832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27482 comm="syz.7.7878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1026.468780][   T30] audit: type=1326 audit(16912999.480:1833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27482 comm="syz.7.7878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1026.572479][   T30] audit: type=1326 audit(16912999.480:1834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27482 comm="syz.7.7878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1026.595742][T13992] usb 6-1: new high-speed USB device number 70 using dummy_hcd
[ 1026.699470][   T30] audit: type=1326 audit(16912999.530:1835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27482 comm="syz.7.7878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1026.761839][   T30] audit: type=1326 audit(16912999.530:1836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27482 comm="syz.7.7878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1026.829463][T13992] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1026.854249][T13992] usb 6-1: config 0 has no interface number 0
[ 1026.877860][   T30] audit: type=1326 audit(16912999.590:1837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27482 comm="syz.7.7878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f87eb75d04e code=0x7ffc0000
[ 1026.927459][T13992] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1026.948385][T13992] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1026.970328][   T30] audit: type=1326 audit(16912999.600:1838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27482 comm="syz.7.7878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f87eb75d04e code=0x7ffc0000
[ 1026.996627][T13992] usb 6-1: Product: syz
[ 1027.010661][T13992] usb 6-1: Manufacturer: syz
[ 1027.027847][T13992] usb 6-1: SerialNumber: syz
[ 1027.058835][T13992] usb 6-1: config 0 descriptor??
[ 1027.067440][   T30] audit: type=1326 audit(16912999.610:1839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27482 comm="syz.7.7878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f87eb75d04e code=0x7ffc0000
[ 1027.136244][   T30] audit: type=1326 audit(16912999.610:1840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27482 comm="syz.7.7878" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f87eb75d04e code=0x7ffc0000
[ 1027.337369][T13992] usb 6-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 1027.362287][T13992] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1027.433696][T13992] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[ 1027.483658][T13992] usb 6-1: media controller created
[ 1027.623967][T13992] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1028.251575][T27522] bond2: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1028.338830][T27522] bond2: (slave lo): Enslaving as an active interface with an up link
[ 1028.384852][T27522] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[ 1028.741386][T13992] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[ 1028.932383][T13992] usb 6-1: USB disconnect, device number 70
[ 1029.460952][T16846] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[ 1029.637545][T16846] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 1029.658820][T16846] usb 2-1: config 0 has no interface number 0
[ 1029.679246][T16846] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1029.709235][T16846] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1029.731216][T16846] usb 2-1: config 0 descriptor??
[ 1029.757538][T16846] cp210x 2-1:0.1: cp210x converter detected
[ 1030.157245][T16846] cp210x 2-1:0.1: failed to get vendor val 0x000e size 3: -32
[ 1030.423426][T16846] usb 2-1: cp210x converter now attached to ttyUSB0
[ 1030.603081][T16846] usb 2-1: USB disconnect, device number 34
[ 1030.633557][T16846] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1030.695647][T16846] cp210x 2-1:0.1: device disconnected
[ 1030.918344][T27587] netlink: 'syz.4.7918': attribute type 4 has an invalid length.
[ 1030.999794][T27587] netlink: 'syz.4.7918': attribute type 4 has an invalid length.
[ 1031.182120][T27594] loop7: detected capacity change from 0 to 1024
[ 1031.214980][T27594] EXT4-fs: Ignoring removed bh option
[ 1031.288672][T27594] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1031.803293][T27605] loop5: detected capacity change from 0 to 32768
[ 1031.810596][T27605] btrfs: Deprecated parameter 'usebackuproot'
[ 1031.817364][T27605] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[ 1031.831347][T27605] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.7936 (27605)
[ 1031.897227][T27605] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1031.907425][T27605] BTRFS info (device loop5): using crc32c checksum algorithm
[ 1031.915638][T27605] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1032.012077][T23994] BTRFS warning (device loop5): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb0e5ffa5 level 0
[ 1032.073640][T27605] BTRFS warning (device loop5): couldn't read tree root
[ 1032.080645][T27605] BTRFS warning (device loop5): try to load backup roots slot 1
[ 1032.093167][T23999] BTRFS warning (device loop5): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x32d10ca2 level 0
[ 1032.137222][T13657] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1032.274653][T27605] BTRFS warning (device loop5): couldn't read tree root
[ 1032.283486][T27605] BTRFS warning (device loop5): try to load backup roots slot 2
[ 1032.292275][   T37] BTRFS warning (device loop5): checksum verify failed on logical 5255168 mirror 1 wanted 0x9df47653 found 0x6344b7f5 level 1
[ 1032.363424][T27605] BTRFS warning (device loop5): couldn't read tree root
[ 1032.370438][T27605] BTRFS warning (device loop5): try to load backup roots slot 3
[ 1032.396250][T27605] BTRFS info (device loop5): rebuilding free space tree
[ 1032.536019][T27605] BTRFS info (device loop5): disabling free space tree
[ 1032.543066][T27605] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1032.552872][T27605] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1032.568454][T27605] BTRFS info (device loop5): checking UUID tree
[ 1032.576747][T27605] BTRFS info (device loop5): enabling ssd optimizations
[ 1032.583804][T27605] BTRFS info (device loop5): turning off barriers
[ 1032.590256][T27605] BTRFS info (device loop5): turning on sync discard
[ 1032.597037][T27605] BTRFS info (device loop5): enabling disk space caching
[ 1032.604319][T27605] BTRFS info (device loop5): force clearing of disk cache
[ 1032.611553][T27605] BTRFS info (device loop5): enabling auto defrag
[ 1032.617980][T27605] BTRFS info (device loop5): trying to use backup root at mount time
[ 1032.626079][T27605] BTRFS info (device loop5): max_inline set to 0
[ 1033.304784][T27643] netlink: 'syz.7.7934': attribute type 11 has an invalid length.
[ 1033.316567][ T5848] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1034.020360][T27652] loop7: detected capacity change from 0 to 1024
[ 1034.072096][T27652] EXT4-fs: inline encryption not supported
[ 1034.210469][T27652] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1034.370111][   T30] kauditd_printk_skb: 65 callbacks suppressed
[ 1034.370141][   T30] audit: type=1800 audit(16913007.600:1906): pid=27652 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.7941" name="file1" dev="loop7" ino=15 res=0 errno=0
[ 1034.422546][ T5827] usb 6-1: new high-speed USB device number 71 using dummy_hcd
[ 1034.601220][ T5827] usb 6-1: Using ep0 maxpacket: 16
[ 1034.627808][ T5827] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[ 1034.710015][ T5827] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1034.774216][ T5827] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1034.823939][ T5827] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[ 1034.862573][ T5827] usb 6-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[ 1034.887366][ T5827] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1034.937176][ T5827] usb 6-1: config 0 descriptor??
[ 1035.053721][T13657] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1035.288356][T27673] netlink: 'syz.0.7949': attribute type 10 has an invalid length.
[ 1035.342939][T27673] veth0_vlan: left promiscuous mode
[ 1035.372340][T27673] veth0_vlan: entered promiscuous mode
[ 1035.413938][ T5827] input: HID 0458:5013 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5013.0033/input/input63
[ 1035.428674][T27673] team0: Device veth0_vlan failed to register rx_handler
[ 1035.904945][ T5827] input: HID 0458:5013 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0458:5013.0033/input/input64
[ 1036.201501][ T5827] kye 0003:0458:5013.0033: input,hiddev0,hidraw0: USB HID vff.fa Device [HID 0458:5013] on usb-dummy_hcd.5-1/input0
[ 1036.324398][ T5827] usb 6-1: USB disconnect, device number 71
[ 1036.750260][T27691] fido_id[27691]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[ 1037.168325][T23997] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1038.035557][T27737] netlink: 52 bytes leftover after parsing attributes in process `syz.7.7971'.
[ 1038.124125][T27737] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7971'.
[ 1039.275520][T27765] netlink: 20 bytes leftover after parsing attributes in process `syz.7.7982'.
[ 1039.372778][T27768] fuse: Bad value for 'fd'
[ 1039.496031][T27770] fuse: Bad value for 'fd'
[ 1039.707176][T27775] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7987'.
[ 1041.025833][T27810] bond3: entered promiscuous mode
[ 1041.881046][ T5827] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[ 1041.982971][T27820] loop7: detected capacity change from 0 to 32768
[ 1042.001607][T27820] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.8008 (27820)
[ 1042.050937][ T5827] usb 2-1: Using ep0 maxpacket: 32
[ 1042.082680][T27820] BTRFS info (device loop7): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1042.083980][ T5827] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1042.116532][T27820] BTRFS info (device loop7): using blake2b checksum algorithm
[ 1042.124866][ T5827] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1042.147367][ T5827] usb 2-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[ 1042.186935][ T5827] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1042.227069][ T5827] usb 2-1: config 0 descriptor??
[ 1042.378758][T27820] BTRFS info (device loop7): enabling ssd optimizations
[ 1042.400023][T27820] BTRFS info (device loop7): turning on async discard
[ 1042.446289][T27820] BTRFS info (device loop7): enabling free space tree
[ 1042.477213][T27820] BTRFS info (device loop7): use zstd compression, level 3
[ 1042.586878][   T30] audit: type=1800 audit(16913015.820:1907): pid=27820 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.8008" name="file1" dev="loop7" ino=260 res=0 errno=0
[ 1042.735513][T27855] fuse: fd is not a fuse device
[ 1042.786108][ T5827] nintendo 0003:057E:200E.0034: hidraw0: USB HID v80.00 Device [HID 057e:200e] on usb-dummy_hcd.1-1/input0
[ 1042.872548][ T5827] nintendo 0003:057E:200E.0034: Failed charging grip handshake
[ 1042.926062][ T5827] nintendo 0003:057E:200E.0034: Failed to initialize controller; ret=-110
[ 1042.996105][ T5827] nintendo 0003:057E:200E.0034: probe - fail = -110
[ 1043.047673][ T5827] nintendo 0003:057E:200E.0034: probe with driver nintendo failed with error -110
[ 1043.124657][ T5827] usb 2-1: USB disconnect, device number 35
[ 1043.296065][T13657] BTRFS info (device loop7): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1044.260981][T26793] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 1044.431901][T26793] usb 2-1: Using ep0 maxpacket: 8
[ 1044.451198][T26793] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1044.482987][T26793] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1044.518172][T26793] usb 2-1: New USB device found, idVendor=04b4, idProduct=de61, bcdDevice= 0.00
[ 1044.559039][T26793] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1044.581781][T26793] usb 2-1: config 0 descriptor??
[ 1044.664199][   T30] audit: type=1326 audit(16913017.890:1908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27904 comm="syz.7.8038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1044.762902][   T30] audit: type=1326 audit(16913017.890:1909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27904 comm="syz.7.8038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1044.837294][   T30] audit: type=1326 audit(16913017.890:1910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27904 comm="syz.7.8038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1044.946933][   T30] audit: type=1326 audit(16913017.890:1911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27904 comm="syz.7.8038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1045.038891][   T30] audit: type=1326 audit(16913017.890:1912): auid=4294967295 uid=384 gid=0 ses=4294967295 subj=unconfined pid=27904 comm="syz.7.8038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1045.069101][T26793] cypress 0003:04B4:DE61.0035: item fetching failed at offset 2/41
[ 1045.105124][T26793] cypress 0003:04B4:DE61.0035: parse failed
[ 1045.141012][T26793] cypress 0003:04B4:DE61.0035: probe with driver cypress failed with error -22
[ 1045.142711][   T30] audit: type=1326 audit(16913017.890:1913): auid=4294967295 uid=384 gid=0 ses=4294967295 subj=unconfined pid=27904 comm="syz.7.8038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1045.211706][T27915] overlayfs: failed to clone upperpath
[ 1045.252691][   T30] audit: type=1326 audit(16913017.890:1914): auid=4294967295 uid=384 gid=0 ses=4294967295 subj=unconfined pid=27904 comm="syz.7.8038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1045.315069][   T30] audit: type=1326 audit(16913017.890:1915): auid=4294967295 uid=384 gid=0 ses=4294967295 subj=unconfined pid=27904 comm="syz.7.8038" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87eb79c819 code=0x7ffc0000
[ 1045.347857][T26793] usb 2-1: USB disconnect, device number 36
[ 1046.126641][T27932] xt_hashlimit: size too large, truncated to 1048576
[ 1046.868001][T27945] fuse: fd is not a fuse device
[ 1047.634953][T27959] fuse: Bad value for 'fd'
[ 1047.657083][T27959] fuse: Bad value for 'fd'
[ 1051.394481][T28013] block device autoloading is deprecated and will be removed.
[ 1051.406413][T24067] block device autoloading is deprecated and will be removed.
[ 1051.947966][T28029] overlayfs: failed to clone upperpath
[ 1053.101372][ T5827] usb 6-1: new high-speed USB device number 72 using dummy_hcd
[ 1053.281480][ T5827] usb 6-1: Using ep0 maxpacket: 16
[ 1053.305047][ T5827] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1053.347786][ T5827] usb 6-1: New USB device found, idVendor=28bd, idProduct=0078, bcdDevice= 0.00
[ 1053.386581][ T5827] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.432847][ T5827] usb 6-1: config 0 descriptor??
[ 1053.474239][ T5827] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[ 1053.615330][T28058] bond2: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1053.695349][T28058] bond2: (slave lo): Enslaving as an active interface with an up link
[ 1053.763092][ T1309] ieee802154 phy0 wpan0: encryption failed: -22
[ 1053.763708][T28058] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[ 1053.769577][ T1309] ieee802154 phy1 wpan1: encryption failed: -22
[ 1053.785068][T28054] Bluetooth: hci0: load_link_keys: too big key_count value 48400
[ 1053.894638][T13992] usb 6-1: USB disconnect, device number 72
[ 1054.051412][T28062] ipvlan2: entered allmulticast mode
[ 1054.070275][T28062] dummy0: entered allmulticast mode
[ 1054.310654][T28070] batadv_slave_0: entered promiscuous mode
[ 1054.334372][T28069] batadv_slave_0: left promiscuous mode
[ 1054.893071][T28084] loop1: detected capacity change from 0 to 512
[ 1054.952814][T28084] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1054.997780][T28084] EXT4-fs error (device loop1): ext4_orphan_get:1423: comm syz.1.8110: bad orphan inode 131083
[ 1055.026234][T28084] loop1: lost filesystem error report for type 5 error -117
[ 1055.040562][T28084] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1055.157738][T28084] EXT4-fs (loop1): shut down requested (1)
[ 1055.358317][T24067] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1056.171718][T13992] hid-generic 0000:0000:0000.0036: unknown main item tag 0x0
[ 1056.205777][T13992] hid-generic 0000:0000:0000.0036: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1056.239589][T28120] netlink: 'syz.9.8124': attribute type 21 has an invalid length.
[ 1056.267633][T28120] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8124'.
[ 1056.287670][T28123] netlink: 'syz.0.8125': attribute type 1 has an invalid length.
[ 1056.375413][T28123] 8021q: adding VLAN 0 to HW filter on device bond7
[ 1056.398865][T28120] netlink: 'syz.9.8124': attribute type 21 has an invalid length.
[ 1056.407549][T28120] netlink: 4 bytes leftover after parsing attributes in process `syz.9.8124'.
[ 1056.562763][T28125] bond7: (slave geneve2): making interface the new active one
[ 1056.590132][T28125] bond7: (slave geneve2): Enslaving as an active interface with an up link
[ 1056.616848][   T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.658808][   T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.697447][   T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1056.733053][   T12] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1058.116292][T28159] overlayfs: failed to clone upperpath
[ 1059.472226][T28184] netlink: 'syz.5.8150': attribute type 1 has an invalid length.
[ 1059.720170][T28184] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1059.944109][T28187] bond4: (slave geneve2): making interface the new active one
[ 1060.005177][T28187] bond4: (slave geneve2): Enslaving as an active interface with an up link
[ 1060.048778][T22689] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1060.093980][T22689] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1060.129107][T22689] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1060.159921][T22689] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.818592][T28258] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8176'.
[ 1062.907657][T28258] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8176'.
[ 1062.969954][T28258] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8176'.
[ 1063.027484][T28258] netlink: 12 bytes leftover after parsing attributes in process `syz.4.8176'.
[ 1063.271536][T28267] netlink: 'syz.7.8180': attribute type 1 has an invalid length.
[ 1063.545787][T28267] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1063.681666][T28271] bond3: (slave geneve3): making interface the new active one
[ 1063.735273][T28271] bond3: (slave geneve3): Enslaving as an active interface with an up link
[ 1064.663156][T28305] binder: 28304:28305 ioctl c0306201 200000000080 returned -14
[ 1064.717980][T28308] binder: 28304:28308 ioctl c0306201 2000000003c0 returned -14
[ 1067.085938][T28368] netlink: 'syz.4.8223': attribute type 1 has an invalid length.
[ 1067.484163][T28371] 8021q: adding VLAN 0 to HW filter on device bond5
[ 1067.523009][T28371] bond4: (slave bond5): making interface the new active one
[ 1067.557741][T28371] bond4: (slave bond5): Enslaving as an active interface with an up link
[ 1067.812821][T28376] xt_hashlimit: size too large, truncated to 1048576
[ 1068.193911][   T37] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1068.734543][T28389] loop7: detected capacity change from 0 to 2048
[ 1068.769889][T28389] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1068.876907][   T30] audit: type=1804 audit(16913042.110:1916): pid=28389 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.8229" name="/newroot/765/file0/file1" dev="loop7" ino=1367 res=1 errno=0
[ 1069.166796][T28396] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8232'.
[ 1069.351408][T13992] usb 6-1: new high-speed USB device number 73 using dummy_hcd
[ 1069.523949][T13992] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 959
[ 1069.540933][T13992] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1069.551086][T13992] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1069.563678][T13992] usb 6-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=e5.38
[ 1069.573053][T13992] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1069.581179][T13992] usb 6-1: Product: syz
[ 1069.585492][T13992] usb 6-1: Manufacturer: syz
[ 1069.590126][T13992] usb 6-1: SerialNumber: syz
[ 1069.599422][T13992] usb 6-1: config 0 descriptor??
[ 1069.606955][T28395] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1069.661636][T28413] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.8237'.
[ 1069.857767][T13992] usb 6-1: USB disconnect, device number 73
[ 1071.368244][  T136] Bluetooth: hci6: Frame reassembly failed (-84)
[ 1072.436150][T28405] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1072.727712][T28489] netlink: 212348 bytes leftover after parsing attributes in process `syz.9.8272'.
[ 1073.248106][T28510] fuse: Bad value for 'fd'
[ 1073.433910][T15807] Bluetooth: hci6: command 0x1003 tx timeout
[ 1073.449144][ T5856] Bluetooth: hci6: Opcode 0x1003 failed: -110
[ 1073.547124][T28517] netlink: 10 bytes leftover after parsing attributes in process `syz.0.8284'.
[ 1073.837553][T28526] overlayfs: failed to clone upperpath
[ 1073.845596][T28524] loop7: detected capacity change from 0 to 1024
[ 1073.862718][T28526] overlayfs: failed to clone upperpath
[ 1073.878851][T28524] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1073.933233][T28524] EXT4-fs (loop7): revision level too high, forcing read-only mode
[ 1073.970730][T28524] EXT4-fs (loop7): orphan cleanup on readonly fs
[ 1074.104020][T28524] EXT4-fs error (device loop7): __ext4_get_inode_loc:4884: comm syz.7.8289: Invalid inode table block 0 in block_group 0
[ 1074.175591][T28524] loop7: lost filesystem error report for type 5 error -117
[ 1074.177601][T28524] EXT4-fs (loop7): Remounting filesystem read-only
[ 1074.185013][    C1] EXT4-fs (loop7): error count since last fsck: 1
[ 1074.185046][    C1] EXT4-fs (loop7): initial error at time 16913047: __ext4_get_inode_loc:4884
[ 1074.185090][    C1] EXT4-fs (loop7): last error at time 16913047: __ext4_get_inode_loc:4884
[ 1074.262504][T28524] Quota error (device loop7): write_blk: dquota write failed
[ 1074.292510][T28524] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[ 1074.321068][T28524] EXT4-fs (loop7): 1 truncate cleaned up
[ 1074.362875][T28524] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1074.566559][T13657] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1075.514475][T28550] overlayfs: statfs failed on './file0'
[ 1075.576471][T28570] fuse: Bad value for 'fd'
[ 1076.818151][T28604] netlink: 'syz.9.8318': attribute type 4 has an invalid length.
[ 1076.826195][T28604] netlink: 17 bytes leftover after parsing attributes in process `syz.9.8318'.
[ 1076.841071][T28604] netlink: 14601 bytes leftover after parsing attributes in process `syz.9.8318'.
[ 1077.300932][T26793] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1077.322964][T28612] loop5: detected capacity change from 0 to 4096
[ 1077.331077][T28612] EXT4-fs: inline encryption not supported
[ 1077.338504][T28612] EXT4-fs (loop5): unsupported descriptor size 0
[ 1077.376807][T28612] overlayfs: invalid redirect ((null))
[ 1077.472385][T26793] usb 2-1: Using ep0 maxpacket: 32
[ 1077.495788][T26793] usb 2-1: config 2 has an invalid interface number: 88 but max is 0
[ 1077.522008][T26793] usb 2-1: config 2 has no interface number 0
[ 1077.538675][T26793] usb 2-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256
[ 1077.557855][T26793] usb 2-1: config 2 interface 88 has no altsetting 0
[ 1077.584600][T26793] usb 2-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[ 1077.609217][T26793] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1077.628824][T26793] usb 2-1: Product: syz
[ 1077.646825][T26793] usb 2-1: Manufacturer: syz
[ 1077.658976][T26793] usb 2-1: SerialNumber: syz
[ 1077.677874][T28609] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1077.849810][    C0] vcan0: j1939_tp_rxtimer: 0xffff888031ef9800: rx timeout, send abort
[ 1077.858376][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888031ef9800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1077.968009][T28609] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1079.031709][T26793] asix 2-1:2.88 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1079.082672][T26793] asix 2-1:2.88: probe with driver asix failed with error -71
[ 1079.164172][T26793] usb 2-1: USB disconnect, device number 37
[ 1079.820318][T13992] libceph: connect (1)[c::]:6789 error -101
[ 1079.861217][T13992] libceph: mon0 (1)[c::]:6789 connect error
[ 1079.904569][T28691] loop1: detected capacity change from 0 to 16
[ 1079.905564][T28683] ceph: No mds server is up or the cluster is laggy
[ 1079.959869][T28691] erofs (device loop1): mounted with root inode @ nid 36.
[ 1080.065994][ T5856] erofs (device loop1): failed to decompress (lz4) corrupted compressed data @ pa 4096 size 4096 => 9000
[ 1080.121940][T28691] erofs (device loop1): failed to decompress (lz4) unexpected end of stream @ pa 4096 size 4096 => 8192
[ 1080.133901][T28691] erofs (device loop1): read error -117 @ 1 of nid 89
[ 1080.143618][   T30] audit: type=1800 audit(16913053.380:1917): pid=28691 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.8355" name="file2" dev="loop1" ino=89 res=0 errno=0
[ 1080.209777][T26773] libceph: connect (1)[c::]:6789 error -101
[ 1080.233109][T26773] libceph: mon0 (1)[c::]:6789 connect error
[ 1080.625594][T28701] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8359'.
[ 1081.379964][T28714] 9p: Unknown uid 00000000004294967295
[ 1082.091369][T28729] fuse: fd is not a fuse device
[ 1082.219011][T28727] loop5: detected capacity change from 0 to 4096
[ 1082.417797][T28727] ntfs3(loop5): ino=1a, mi_enum_attr
[ 1082.437909][T28733] netlink: 'syz.9.8374': attribute type 1 has an invalid length.
[ 1082.450996][T28727] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[ 1083.004854][T28727] ntfs3(loop5): ino=21, "file1" failed to extend initialized size to 8000c61.
[ 1083.593196][T28749] loop5: detected capacity change from 0 to 512
[ 1083.619025][T28749] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[ 1083.632717][T28696] geneve2: left promiscuous mode
[ 1083.675323][T28749] EXT4-fs (loop5): 1 truncate cleaned up
[ 1083.707576][T28696] macsec1: left promiscuous mode
[ 1083.726014][T28749] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1083.840453][T28696] ip6gre1: left promiscuous mode
[ 1083.929244][T28701] xfrm1: entered promiscuous mode
[ 1083.939180][T28701] xfrm1: entered allmulticast mode
[ 1083.949689][T28701] netlink: 12 bytes leftover after parsing attributes in process `syz.1.8359'.
[ 1083.962060][T28733] workqueue: Failed to create a rescuer kthread for wq "bond3": -EINTR
[ 1084.031779][T23994] netdevsim netdevsim7 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1084.114571][T23994] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.159496][T23994] netdevsim netdevsim7 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1084.169654][T23994] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.194218][T23994] netdevsim netdevsim7 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1084.222895][T23994] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.259013][T23994] netdevsim netdevsim7 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1084.306392][T23994] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.376393][ T5848] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1084.839186][T28779] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8391'.
[ 1086.167699][T28781] loop5: detected capacity change from 0 to 131072
[ 1086.285488][T28781] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1086.306659][T28781] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1086.356233][T28781] F2FS-fs (loop5): lookup inode (7) has corrupted xattr
[ 1086.372033][   T30] audit: type=1800 audit(16913059.610:1918): pid=28781 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.8392" name="file2" dev="loop5" ino=8 res=0 errno=0
[ 1086.606728][T28806] xt_hashlimit: size too large, truncated to 1048576
[ 1086.682955][T28811] netlink: 'syz.1.8402': attribute type 1 has an invalid length.
[ 1086.798641][T28811] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1086.824933][T28813] bond3: (slave gretap1): making interface the new active one
[ 1086.835270][T28813] bond3: (slave gretap1): Enslaving as an active interface with an up link
[ 1087.127436][T28819] loop7: detected capacity change from 0 to 256
[ 1087.435491][T28823] netlink: 'syz.7.8407': attribute type 14 has an invalid length.
[ 1087.481784][T28823] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8407'.
[ 1087.576686][   T12] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1087.587198][T28823] netlink: 'syz.7.8407': attribute type 14 has an invalid length.
[ 1087.613619][   T12] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1087.632985][T28823] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8407'.
[ 1087.653360][   T12] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1087.676309][   T12] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1088.460653][T28842] 9p: Unknown uid 00000000004294967295
[ 1088.781434][T28848] netlink: 'syz.1.8417': attribute type 13 has an invalid length.
[ 1088.815780][T28848] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8417'.
[ 1088.871975][T28848] netlink: 'syz.1.8417': attribute type 13 has an invalid length.
[ 1088.912322][T28848] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8417'.
[ 1088.930395][T28852] netlink: 212328 bytes leftover after parsing attributes in process `syz.9.8419'.
[ 1088.977615][T28852] netlink: Conntrack attr has 4 unknown bytes
[ 1089.177773][   T30] audit: type=1804 audit(16913062.410:1919): pid=28856 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.8421" name="/newroot/793/file1" dev="tmpfs" ino=4266 res=1 errno=0
[ 1089.460563][T28862] tipc: Started in network mode
[ 1089.483360][T28862] tipc: Node identity ac14140f, cluster identity 4711
[ 1089.518511][T28862] tipc: Enabled bearer <udp:syz2>, priority 10
[ 1089.579871][T28868] loop1: detected capacity change from 0 to 512
[ 1089.629018][T28868] EXT4-fs error (device loop1): ext4_xattr_inode_iget:441: inode #12: comm syz.1.8427: missing EA_INODE flag
[ 1089.695643][T28868] loop1: lost file I/O error report for ino 12 type 5 pos 0x0 len 0x0 error -117
[ 1089.697420][T28868] EXT4-fs error (device loop1): ext4_xattr_inode_iget:444: comm syz.1.8427: error while reading EA inode 12 err=-117
[ 1089.706655][    C1] EXT4-fs (loop1): error count since last fsck: 1
[ 1089.706688][    C1] EXT4-fs (loop1): initial error at time 16913062: ext4_xattr_inode_iget:441: inode 12
[ 1089.706745][    C1] EXT4-fs (loop1): last error at time 16913062: ext4_xattr_inode_iget:441: inode 12
[ 1089.761071][T28868] loop1: lost filesystem error report for type 5 error -117
[ 1089.762941][T28868] EXT4-fs (loop1): 1 orphan inode deleted
[ 1089.828859][T28868] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1090.336983][T28882] loop5: detected capacity change from 0 to 128
[ 1090.476085][T24067] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1090.631569][T13992] tipc: Node number set to 2886997007
[ 1092.544385][T28911] netlink: 'syz.5.8445': attribute type 4 has an invalid length.
[ 1092.577320][T28911] netlink: 'syz.5.8445': attribute type 4 has an invalid length.
[ 1092.820458][T13992] libceph: connect (1)[c::]:6789 error -101
[ 1092.846378][T13992] libceph: mon0 (1)[c::]:6789 connect error
[ 1092.895495][T28916] ceph: No mds server is up or the cluster is laggy
[ 1093.133386][T13992] usb 6-1: new high-speed USB device number 74 using dummy_hcd
[ 1093.362933][T13992] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1093.390127][T13992] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1093.440598][T13992] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1093.454295][T13992] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1093.485492][T13992] usb 6-1: Manufacturer: syz
[ 1093.513509][T13992] usb 6-1: config 0 descriptor??
[ 1094.092991][T28945] ipvlan2: entered allmulticast mode
[ 1094.119451][T28945] dummy0: entered allmulticast mode
[ 1094.345736][T13992] uclogic 0003:256C:006D.0037: failed retrieving string descriptor #100: -71
[ 1094.373629][T13992] uclogic 0003:256C:006D.0037: failed retrieving pen parameters: -71
[ 1094.408878][T13992] uclogic 0003:256C:006D.0037: failed probing pen v1 parameters: -71
[ 1094.444101][T13992] uclogic 0003:256C:006D.0037: failed probing parameters: -71
[ 1094.474521][T13992] uclogic 0003:256C:006D.0037: probe with driver uclogic failed with error -71
[ 1094.524778][T13992] usb 6-1: USB disconnect, device number 74
[ 1095.159062][T28969] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8469'.
[ 1095.270323][T28970] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8469'.
[ 1095.332477][T28970] netlink: 20 bytes leftover after parsing attributes in process `syz.5.8469'.
[ 1096.174563][T28988] loop7: detected capacity change from 0 to 512
[ 1096.180032][T28986] ipvlan2: entered allmulticast mode
[ 1096.187538][T28986] dummy0: entered allmulticast mode
[ 1096.284451][T28988] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1096.508284][T28997] loop5: detected capacity change from 0 to 2048
[ 1096.580434][T28997] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1096.782836][T13657] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1097.144176][ T5848] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1098.420242][T29027] loop5: detected capacity change from 0 to 32768
[ 1098.448572][   T30] audit: type=1800 audit(16913071.680:1920): pid=29027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.8488" name="file1" dev="loop5" ino=7 res=0 errno=0
[ 1099.116021][  T116] ==================================================================
[ 1099.124127][  T116] BUG: KASAN: slab-use-after-free in jfs_lazycommit+0x9a8/0xab0
[ 1099.131798][  T116] Read of size 4 at addr ffff8880348f4294 by task jfsCommit/116
[ 1099.139440][  T116] 
[ 1099.141772][  T116] CPU: 0 UID: 0 PID: 116 Comm: jfsCommit Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1099.141830][  T116] Tainted: [L]=SOFTLOCKUP
[ 1099.141846][  T116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1099.141870][  T116] Call Trace:
[ 1099.141883][  T116]  <TASK>
[ 1099.141898][  T116]  dump_stack_lvl+0x100/0x190
[ 1099.141942][  T116]  print_report+0x13d/0x4b0
[ 1099.142000][  T116]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1099.142049][  T116]  ? __virt_addr_valid+0x239/0x430
[ 1099.142092][  T116]  ? jfs_lazycommit+0x9a8/0xab0
[ 1099.142135][  T116]  kasan_report+0xdf/0x1d0
[ 1099.142200][  T116]  ? jfs_lazycommit+0x9a8/0xab0
[ 1099.142258][  T116]  jfs_lazycommit+0x9a8/0xab0
[ 1099.142308][  T116]  ? __pfx_jfs_lazycommit+0x10/0x10
[ 1099.142352][  T116]  ? rcu_is_watching+0x12/0xc0
[ 1099.142409][  T116]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1099.142458][  T116]  ? __pfx_default_wake_function+0x10/0x10
[ 1099.142523][  T116]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1099.142572][  T116]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1099.142619][  T116]  ? __kthread_parkme+0x18c/0x230
[ 1099.142686][  T116]  ? kthread+0x13a/0x450
[ 1099.142726][  T116]  ? __pfx_jfs_lazycommit+0x10/0x10
[ 1099.142770][  T116]  kthread+0x370/0x450
[ 1099.142811][  T116]  ? __pfx_kthread+0x10/0x10
[ 1099.142854][  T116]  ret_from_fork+0x72b/0xd50
[ 1099.142902][  T116]  ? __pfx_ret_from_fork+0x10/0x10
[ 1099.142949][  T116]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1099.142997][  T116]  ? __switch_to+0x800/0x1100
[ 1099.143053][  T116]  ? __switch_to_asm+0x39/0x70
[ 1099.143105][  T116]  ? __pfx_kthread+0x10/0x10
[ 1099.143149][  T116]  ret_from_fork_asm+0x1a/0x30
[ 1099.143233][  T116]  </TASK>
[ 1099.143248][  T116] 
[ 1099.307650][  T116] Allocated by task 29027:
[ 1099.312061][  T116]  kasan_save_stack+0x30/0x50
[ 1099.316762][  T116]  kasan_save_track+0x14/0x30
[ 1099.321454][  T116]  __kasan_kmalloc+0xaa/0xb0
[ 1099.326064][  T116]  jfs_fill_super+0xca/0xf50
[ 1099.330674][  T116]  get_tree_bdev_flags+0x38c/0x620
[ 1099.335812][  T116]  vfs_get_tree+0x92/0x320
[ 1099.340268][  T116]  path_mount+0x7d0/0x23d0
[ 1099.344696][  T116]  __x64_sys_mount+0x293/0x310
[ 1099.349487][  T116]  do_syscall_64+0x10b/0xf80
[ 1099.354106][  T116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1099.360008][  T116] 
[ 1099.362321][  T116] Freed by task 5848:
[ 1099.366289][  T116]  kasan_save_stack+0x30/0x50
[ 1099.371154][  T116]  kasan_save_track+0x14/0x30
[ 1099.375850][  T116]  kasan_save_free_info+0x3b/0x70
[ 1099.380884][  T116]  __kasan_slab_free+0x5f/0x80
[ 1099.385666][  T116]  kfree+0x223/0x6c0
[ 1099.389562][  T116]  generic_shutdown_super+0x167/0x360
[ 1099.394947][  T116]  kill_block_super+0x3b/0xa0
[ 1099.399638][  T116]  deactivate_locked_super+0xc1/0x1b0
[ 1099.405027][  T116]  deactivate_super+0xe7/0x110
[ 1099.409811][  T116]  cleanup_mnt+0x21f/0x450
[ 1099.414254][  T116]  task_work_run+0x150/0x240
[ 1099.418857][  T116]  exit_to_user_mode_loop+0x100/0x4a0
[ 1099.424248][  T116]  do_syscall_64+0x706/0xf80
[ 1099.428865][  T116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1099.434862][  T116] 
[ 1099.437183][  T116] The buggy address belongs to the object at ffff8880348f4200
[ 1099.437183][  T116]  which belongs to the cache kmalloc-256 of size 256
[ 1099.451234][  T116] The buggy address is located 148 bytes inside of
[ 1099.451234][  T116]  freed 256-byte region [ffff8880348f4200, ffff8880348f4300)
[ 1099.465036][  T116] 
[ 1099.467348][  T116] The buggy address belongs to the physical page:
[ 1099.473750][  T116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x348f4
[ 1099.482508][  T116] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1099.491003][  T116] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[ 1099.498543][  T116] page_type: f5(slab)
[ 1099.502527][  T116] raw: 00fff00000000040 ffff88813fe86b40 dead000000000100 dead000000000122
[ 1099.511119][  T116] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 1099.519708][  T116] head: 00fff00000000040 ffff88813fe86b40 dead000000000100 dead000000000122
[ 1099.528381][  T116] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[ 1099.537060][  T116] head: 00fff00000000001 ffffffffffffff81 00000000ffffffff 00000000ffffffff
[ 1099.545915][  T116] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[ 1099.554579][  T116] page dumped because: kasan: bad access detected
[ 1099.560987][  T116] page_owner tracks the page as allocated
[ 1099.566687][  T116] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5847, tgid 5847 (syz-executor), ts 96317378448, free_ts 96297996380
[ 1099.588068][  T116]  post_alloc_hook+0x153/0x170
[ 1099.592843][  T116]  get_page_from_freelist+0x11a6/0x33b0
[ 1099.598406][  T116]  __alloc_frozen_pages_noprof+0x27c/0x2bc0
[ 1099.604311][  T116]  new_slab+0xa6/0x6c0
[ 1099.608383][  T116]  refill_objects+0x277/0x420
[ 1099.613072][  T116]  __pcs_replace_empty_main+0x375/0x650
[ 1099.618631][  T116]  __kmalloc_noprof+0x688/0x850
[ 1099.623500][  T116]  __register_sysctl_table+0xbe4/0x1650
[ 1099.629059][  T116]  __devinet_sysctl_register+0x1b9/0x360
[ 1099.634711][  T116]  devinet_sysctl_register+0x17b/0x210
[ 1099.640191][  T116]  inetdev_event+0xefb/0x17f0
[ 1099.644883][  T116]  notifier_call_chain+0x99/0x400
[ 1099.649929][  T116]  call_netdevice_notifiers_info+0xbe/0x110
[ 1099.655844][  T116]  netif_change_name+0x4d9/0x830
[ 1099.660820][  T116]  do_setlink.isra.0+0x31db/0x3e50
[ 1099.665941][  T116]  rtnl_newlink+0x11c2/0x2380
[ 1099.670621][  T116] page last free pid 5847 tgid 5847 stack trace:
[ 1099.676941][  T116]  __free_frozen_pages+0x747/0x1040
[ 1099.682149][  T116]  rcu_core+0x5a2/0x10d0
[ 1099.686405][  T116]  handle_softirqs+0x1ea/0xa00
[ 1099.691183][  T116]  __irq_exit_rcu+0x162/0x210
[ 1099.695876][  T116]  irq_exit_rcu+0x9/0x30
[ 1099.700146][  T116]  sysvec_apic_timer_interrupt+0xa3/0xc0
[ 1099.705806][  T116]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1099.711799][  T116] 
[ 1099.714113][  T116] Memory state around the buggy address:
[ 1099.719733][  T116]  ffff8880348f4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1099.727794][  T116]  ffff8880348f4200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1099.735856][  T116] >ffff8880348f4280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 1099.743919][  T116]                          ^
[ 1099.748500][  T116]  ffff8880348f4300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1099.756556][  T116]  ffff8880348f4380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1099.764610][  T116] ==================================================================
[ 1099.772659][  T116] Disabling lock debugging due to kernel taint
[ 1099.801832][  T136] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)