last executing test programs:

6.068936321s ago: executing program 1 (id=746):
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x20)

5.895716315s ago: executing program 2 (id=747):
socket(0x2c, 0x80805, 0x0)
syz_mount_image$ext4(&(0x7f0000000300)='ext3\x00', &(0x7f00000001c0)='./file0\x00', 0xc0ed0006, &(0x7f0000000240)={[{@jqfmt_vfsold}, {@jqfmt_vfsv0}, {@bh}, {@noload}, {@data_err_ignore}, {@noblock_validity}]}, 0xfe, 0x445, &(0x7f0000000900)="$eJzs3MtvG0UYAPBv7Tz6JKGUR0MLgYKIeCRN+qAHLiCQOICEBIciTiFJq1C3QU2QaBVB4BCOqBJ3xBGJv4ATXBBwQuIKd1SpQrm0cDJaezd1HTuNE6cu8e8nbTvjHXfm293xzs7YDaBrDad/JBH7IuKPiBioZm8vMFz96+bK4tQ/K4tTSZTLb/+dVMrdWFmcyovm79tbzZTLWb6/Qb3L70VMlkozl7L82MKFD8fmL195YfbC5LmZczMXJ9J/7UjfqYmTbYkzjevG0Cdzhw+9/u7VN6fOXH3/l+/SGvZl+2vjaJfh6tFt6Ol2V9Zh+2vSSU8HG0JLihGRnq7eSv8fiGLsXt03EK993tHGAduqXC6XG92fM0tlYAdLotMtADojv9Gnz7/5dpeGHveE6y9XH4DSuG9mW3VPTxSyMr11z7ftNBwRZ5b+/TrdYpvmIQAAav2Qjn+ebzT+K8RDNeXuy9ZQBiPi/og4EBEPRMTBiHgwolL24Yh4pMX661dI1o5/Ctc2FdgGpeO/l7K1rdvHf/noLwaLWW5/Jf7e5OxsaeZYdkxGorc/zY+vU8ePr/7+ZbN9teO/dEvrz8eCWTuu9dRN0E1PLkxuJeZa1z+LGOppFH8S+TJOEhGHImJok3XMPvvt4Wb77hz/OtqwzlT+JuKZ6vlfirr4c0nD9cnTp08cH3/x1MTJsV1Rmjk2ll8Va/362/JbzerfUvxtkJ7/PQ2v/9X4B5NdEfOXr5yvrNfOt17H8p9fNH2m2ez135e8U0n3Za99PLmwcGk8oi95Y+3rE7fem+fz8mn8I0cb9/8DcetIPBoR6UV8JCIei4jHs7Y/ERFPRsTRdeL/+ZWnPmg9/nVm5dsojX/6Tuc/as9/64ni+Z++bz3+XHr+T1RSI9krG/n822gDt3LsAAAA4P+iUPkOfFIYXU0XCqOj1e/wH4w9hdLc/MJzZ+c+ujhd/a78YPQW8pmugZr50PFsbjjPT9Tlj2fzxl8Vd1fyo1NzpelOBw9dbm+T/p/6q9jp1gHbzu+1oHvV9f/yp51qCHDXuf9D99L/oXvp/9C9GvV/cwDQHdz/oXvp/9C99H/oXvo/dKWmv40vbOkn/xI7PhGFe6IZOz/Rs+H/zGKTif6Guzr9yQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAe/wUAAP//ziLlLw==")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setgroups(0x0, 0x0)
modify_ldt$write(0x1, &(0x7f0000000040), 0x10)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
r5 = syz_open_pts(r4, 0x0)
dup3(r5, r4, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0x3)
lseek(0xffffffffffffffff, 0x7fff, 0x0)

5.846339499s ago: executing program 1 (id=748):
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
close(0xffffffffffffffff)
mount(&(0x7f00000001c0)=@filename='./file0\x00', 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a", @ANYRES32=0x0, @ANYRES32=0x0], 0xfc}}, 0x0)
sendmsg$nl_xfrm(r2, 0x0, 0x0)

4.771984565s ago: executing program 0 (id=752):
syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502", @ANYRES8=r1], 0x3c}}, 0x10)

4.651163295s ago: executing program 2 (id=753):
socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x1, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = syz_open_dev$audion(&(0x7f0000000100), 0x1, 0x8000)
setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f0000000580)={'filter\x00', 0x7, 0x4, 0x418, 0x0, 0x0, 0x110, 0x330, 0x330, 0x330, 0x4, 0x0, {[{{@arp={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffff00, 0x0, 0x6, 0x7, {@empty, {[0x0, 0xff, 0x0, 0xff, 0xff, 0xff]}}, {@mac=@local, {[0xff, 0x0, 0xff, 0x0, 0xff]}}, 0x5, 0x7ff, 0xe, 0x800, 0x7, 0xf, 'batadv_slave_0\x00', 'batadv0\x00', {}, {0xff}, 0x0, 0x8}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @empty, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x2, 0x1}}}, {{@arp={@rand_addr=0x64010100, @local, 0xff000000, 0xffffff00, 0x4, 0x3, {@empty, {[0x0, 0x0, 0x0, 0xff]}}, {@empty, {[0x0, 0xff, 0x0, 0x0, 0xff, 0xff]}}, 0x6, 0xc9dc, 0xe00, 0x6, 0x4, 0xaff, 'wg2\x00', 'rose0\x00', {0xff}, {0xff}, 0x0, 0x40}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @dev={0xac, 0x14, 0x14, 0x1f}, @multicast1, 0xd, 0x1}}}, {{@arp={@broadcast, @dev={0xac, 0x14, 0x14, 0xf}, 0x0, 0xff, 0x8, 0x8, {@mac=@remote, {[0xff, 0x0, 0x0, 0xff, 0xff]}}, {@mac=@remote, {[0x0, 0xff, 0x0, 0x0, 0xff]}}, 0x5, 0xe34, 0x1ff, 0x3, 0x7f, 0x9, 'macvlan1\x00', 'pim6reg0\x00', {0xff}, {0xff}, 0x0, 0xd1}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x28}, 0xf, 0xffffffff}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x468)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000040000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000"], 0xfc}}, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f0000000440)=ANY=[])
read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020}, 0x2020)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r4}, 0x10)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)

4.524370545s ago: executing program 0 (id=754):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r0, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, &(0x7f0000000480)=[{&(0x7f0000000180)="f7", 0x101d0}], 0x1}, 0x0)

4.439934102s ago: executing program 3 (id=755):
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x408cd, 0x3)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000640)=0x10)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@random="e33110495bfd", @dev, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "a7751a", 0x0, 0x3a, 0x30d66df472e0f96c, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2}}}}, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{0x1}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000180)={0x7, 0x100, {r3}, {}, 0x0, 0x8})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000300)={{@hyper, 0x800000}, @my=0x1, 0x0, 0x0, 0x2, 0xfffffffffffffffe})

4.348969569s ago: executing program 0 (id=756):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x8000000, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xfffffffd, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x7}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd29, 0x80000, {0x0, 0x0, 0x0, r6, {0x0, 0x11}, {0xffe6, 0xb}, {0xb, 0xc}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x6, 0x1, 0xffff, 0x0, 0xffffffff, 0x75, 0x46b, 0x9, 0x9}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4000000)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

3.498726708s ago: executing program 3 (id=757):
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, 0x0, 0x4, 0x4002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee7, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(0xffffffffffffffff, 0x84, 0x1c, 0x0, &(0x7f0000000180))

1.753523268s ago: executing program 3 (id=758):
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00'})

1.664839246s ago: executing program 0 (id=759):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0x511e36599023629, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0)
r1 = syz_io_uring_setup(0x24fa, &(0x7f00000002c0)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000200)=<r3=>0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB='2'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x20000000, 0x1})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

1.528038857s ago: executing program 3 (id=760):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'ip_vti0\x00', 0x0})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000080)={'syztnl0\x00', 0x0})
write$UHID_CREATE2(r1, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
ioctl$HIDIOCGFEATURE(r2, 0xc0404807, &(0x7f00000000c0)={0xfe, "da40e9044a70415fce6641fd75ff409d746f058b7b22543213c93d6ce45aa95e13c9c6410bf4878961f81db5dd236ff681b54866d4ca438a7a151f7adcb1ef9c"})
ioctl$HIDIOCGRAWPHYS(r2, 0x4004480d, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.379853839s ago: executing program 2 (id=761):
setsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000900)={0x0, 0x0, 0x8, 0x207, 0x1ffd, 0x2}, 0x14)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)="98a591c63a6efdecc4194d99634ff4eb90c266e83fff7dfbd3568c", 0x1b}, {&(0x7f0000000200)="da467702e2520108dcebc5560e4f93142974b51221138c2cdf5b4d5781b800c423ace69c1eba8d0c505baa2acdddff4bc6e17bd735b3576550a4b33160cad82f3df56db53fbf5fbad6125c8b7932af43ba88cd499a6c421696d57ff38d5231dc712a114aaeae76812b1375a1b59f2b669bcf1f5a39f4241eef5d48ba4a16fb354031b55dd47512d0b1c6d02dce620d1cd5bad3ff8d69fe0a9e54", 0x9a}], 0x2, 0x0, 0x0, 0x4000}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB="01000000000000e14f003b000000", @ANYRES32=r5, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.251190529s ago: executing program 0 (id=762):
io_setup(0xc, &(0x7f0000000100))
syz_mount_image$ocfs2(&(0x7f00000006c0), &(0x7f0000000040)='./file3\x00', 0x12008c8, &(0x7f0000000cc0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c726573765f6c6576656c3d30303030303030303030303030303030303030302c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c646174613d77726974656261636b2c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c00149e0cb4c679a55808f10855fc0d9b9d7241cc60c5c0b35a9ce6bd73d50a863d736b7f64cdbf2582b25c868128f5a0c3ca71ea7a85f79743e17bbb32912ec43eb49fcfcab9a806f939773a5895370494ec438f24b77c23cb13a0c7c11503d4e4a25d5e8142cc163f75ca2557bc5b3dd2856dbf2f4fbffb092b1a8d3f410d0daefab8a2f41a23713a02fa9349bc76bc637fe28f733ee38a6de0e2174f54e7f4ebc705a06c4b7d76bcc94f8985dbf4791afe238c9f24f48c0f98d3898ad1f3597c15fdc241ce161617ca162b1d4a17900f12843677d372e706", @ANYRESDEC], 0x1, 0x442f, &(0x7f0000004480)="$eJzs3c9vVNUeAPBzb8uj5QGv5ZEXXvKSN8kjeUZN07JSS2IphdJCxaAQ42aYtgNUpx3STo0LFnVH4srEhXFBNHHXFenCLf4JblzimkQXbkxMiDUzc6ftvZ2xY9NpBT+fRe/c83v43nvm3MXlxInKnbml3NxSrrCQK8/cWjqT+6BcWp4vhnifNO3/0P71T3s6cZ0c9LX3V3b1/MW3bpwJ4ZvZ756sr6+vh6ru0NTQls8//3RvZuuxIc7UqbbbvLW98m4I4eS2cVV1hRDe+TqEKIRwLkkbTY69IYRjoZ53497HN3N7NJqHj4tn80+n7q8Nn55cfbDW+rtHIXxe+vfLt+d/+F/X8Pcv7lH3AAAAAAAAAAAAAAAAAAA848avXb3+5uBQeBSF7tVo+/u648mx1fux63vmv53/sgAAAAAAAAAAAAAAAAAAAPAntfn+fy460eT9/7HkONKi/vrrnR8jnTPxxtWxC4NDyf7v0bb8V5KkH891hf4m+75n938/l6nffP/37f3sVmN8jX77QhQPpM7jeGAghC+Tjd9PRUfiUnmp8tKt8vLC7J4N45mVjn999/5UdJIN/duN/2im/c7v///PbVdT9fzm3l1iz7V0/Ltalvvqo6it+J/P1NuP+LN76fh319J6txYYqU8A1fh/0r1z/Mcy7Xcq/sdDCLmoOtZcagaormGq6a3WK6Sl43+olpaaOkfCv7p/5/7/JRP/C5n2D2r+X8n+ENFUOv5/q6X1pEps3v/98c73/8VM+wcR/+r4V/z+tyUd/8P1xO5Ukdq/ZLvz/3im/U7F/3qcjPN4lLoCVqN6eqv/r460dPx7tuVvPv/Fba3/LmXq79fzX6PfxvNfY/p/Iao//9FcOv69Lcu1e/9PZOp1ev4fqa3/2K10/I/U0tJr577a33bjP5lpv1Pxr61Kehrx35xPfj1cT//C+q8t6fj/vZ4Yby2xUvtbW/9FO6//L2faP4j1X3X8K3Fne31epON/tGW5avy/beP3/0qmXufjH8Kgtf6upeN/rGW52v3fs3P8pzL1Oh3//3eycQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBnwGhy7AtRPJA6j+OBgRDOJ+enwpFoujCbny6VZ95fCmEsSc+FE9HtUnm6UMrPLZRni/lCqVSeCeFCkn8y9ERLpXIlP1+4e3Gjrd7oTrGwWJkuFiohhPEk/T/hWKOt6bnKfOFuCOHSRt4/4vLi3TuFhfzs3OJrg4ODg2FiYwz9UfHDSnGhUu+9nhvC5EbdvmjL4GrZlzfGcjR6r7y8uFAo1dKvbKlTKs8USlvqTCV5n4b+qLK4vDBTqBTzpfLtRn8HaSQ5jk1ce/valaFt+Tej+nF0f4cFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwB/0aPjVz0II3fWzOIQw0vgQNSv/8HHxbP7p1P214dOTqw/WnrQqBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwG/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYZeOURoIojAAvxkLtfMYVstuZ7uiiBauCJ5Aj+Fh9ChewjukSJE2RQgksxA2u7BNUn1f82B+Zt6DeQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADzPL13H291E5HianMZ8ff1vzjMX0r9uR+/f3GGGTmd59fu4bFuyr+no/yuHC3bvEvXq+/PGKm938GeDPdpr+9zPTnX1L5Nzdf3vYmUq4hoS36bcq6qeW8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAW3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8raPo2wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgVwAAAP//e7wfKg==")
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
pread64(r0, &(0x7f0000002280)=""/4096, 0x1000, 0xd33)

1.068067334s ago: executing program 2 (id=763):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(r0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f0000000180)=[@in={0x2, 0x4e23, @rand_addr=0x64010180}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x7d, &(0x7f0000000100)=@assoc_value={r2, 0x1}, 0x8)

1.040464386s ago: executing program 1 (id=764):
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x88f}, [@call={0x85, 0x0, 0x0, 0x4f}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

942.532044ms ago: executing program 1 (id=765):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
io_getevents(0x0, 0x1, 0x0, 0x0, 0x0)

868.04847ms ago: executing program 2 (id=766):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='contention_begin\x00'}, 0x18)
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_TRIM(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x3f7, 0x200, 0x70bd29, 0x25dfdbff}, 0x10}, 0x1, 0x0, 0x0, 0x4004801}, 0x20020000)

804.425085ms ago: executing program 2 (id=767):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x1c802, &(0x7f0000002740)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5fd0cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb6d658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d967206115b492d825751fcc00000000000000e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bebb749daef202e0412a73d545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177de97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b8f8451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f50520f91fbf7201fc9621d0aee9735d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c40000005e538c77b2b14f63d253705363846bc4e9cd3284ff329330812d2211ae34106e0306376a2b1cfe60a09becae2b05ec9adcac47612af85f598a880fa97891a7a290b6e730800542aea761aeb463f5ff5bdf5099ae8ad4afe99db9e9c4e703cb900e9ae272742fe2ff81d1a4f15668392cdafd2e1757706f47f9f84e532f25e2737cb6f6e89378f8d79ab8507b109c7f1f3653a5bc9d54ccc633de6263526eac10519274"], 0x1, 0x5f55, &(0x7f000000efc0)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiSw8kReIBZdHgE02LPIi4RUQD4AlD6tIEArVzDl2TU2Pexx7urrn/H7SuOrr0zV9yv+pqe6pywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIL733R+f7kXE5V+nBw5HfCYGEf2I5bo+FvXMxfz8YUQcic3meC4iBosR9fKb/zwTcS4iPjoUcW/j1mr98Jk99uP8qZvXP/n+d/7xuz/dOfLTN3/yQbv9R589++Hvb0cc/uFrH35y+8msOwAAAJSiqqqqlz7mH02f7/tddwoAmIq8/6+S/LharVarn2j9x/5s9UddaN1UjXe7WUTEenOZ+j2Dw/EAMGfW4+Ouu0CH5F+0YUQ81XUngJnW67oD7It7G7dWeynfXnN/cGyrPf+dclv+673713fsNp2kfY7JtH6+7sQgnt2lP8tT6sMsyfn32/lf3mofpeftd/7Tslv+o61Ln4qT8x+082/Zlv+fI2Ju8++Pzb9UOf/ho+S/Ppjj7V/+AAAAAAAcfPnv/4c7Pv67+PirsicPO/57bEp9AAAAAAAAAIAn7XHH/7vP+H8AAAAws+rP6rW/HHrw2G73Yqsfv9SLeLr1fKAw6WKZla77AQAAAAAAAAAAAAAlGW6dw3upF7EQEU+vrFRVVX81tetH9bjLz7vS1x9K1vUveQAA2PLRoda1/L2IpYi4lO71t7CyslJVS8sr1Uq1vJjfz44Wl6rlxufaPK0fWxzt4Q3xcFTV32ypsVzTpM/Lk9rb369+rVE12EPHpqPDwAEgIrb2RvfskQ6Yqnomun6Xw3yw/R88tn/2ouufUwAAAGD/VVVV9dLtvI+mY/79rjsFAEzDUt7/t48LqNVqtVqtPnh1UzXe7WYREevNZer3DIbjB4A5sx4fd90FOiT/og0j4kjXnQBmWq/rDrAv7m3cWu2lfHvN/UEa3z2fC7It//Xe5nJ5+XHTSdrnmEzr5+tODOLZXfrz3JT6MEty/v12/pe32kfpefud/7Tsln+9noc76E/Xcv6Ddv4tByf//tj8S5XzHz5S/gP5AwAAAADADMt//z9c/PFfdz0AAAAAAAAAYH7d27i1mq97zcf/Pz/meb3mnOs/D4ycf2/P+bv+9yDJ+ffb+bdOyBk05u++8SD/f2/cWv3g5r8+l6czn//CYFS/9kKvPxim05yqhbfialyLtTi14/nDbe2nd7QvbGs/M6H97I72Ud2+nNtPxGr8Iq7Fm/fbFyecGLU0ob2a0J7zH9j+i5TzHza+6vxXUnuvNa3dfb+/Y7tvTse9zsW//ffFnVvX9N2Jwf11a6rX73gH/dn8P3lqFL+6sXb9xG+u3Lx5/XSkybZHz0SaPGE5/4X0lfN/6YWt9vx7v7m93n1/9Mj5z4o7Mdw1/xca8/X6vjzlvnUh5z9KXzn/vAcav/3Pc/67b/+vdNAfAAAAAAAAAAAAAAAAeJiqqjYvEb0YERfS9T/uhA8ARfjDD9JMlYRarVar1eoDWzdV473eLGJp+zIXIuK3474ZADDL/hcR/+y6E3RG/gXL9/urp1/oujPAVN14972fXbl2be36ja57AgAAAAAAAAB8Wnn8z2ON8Z83zwNqjRu9bfzXN+LY3I7/2R8NNsc6Tyv0fDx8/O/j8fDxv4cTXm9hQvtoQvvihPalCe1jL/RoyPk/nzLO+R9NK1bS+K8vddCfruX8j6exnnP+X2o9r5l/9dd5zr+/Lf+TN9/55ckb77736tV3rry99vbaz0+funDu7PlzZ8+fP/nW1Wtrp7b+7bDH+yvnn8e+dh5oWXL+OXP5lyXn/8VUy78sOf8XUy3/suT88/s9+Zcl558/+8i/LDn/l1Mt/7Lk/L+cavmXJef/SqrlX5ac/1dSLf+y5PxfTbX8y5LzP5Fq+Zcl538y1fIvS84/H+GSf1ly/vnMBvmXJed/JtXyL0vO/2yq5V+WnP+5VMu/LDn/86mWf1ly/hdSLf+y5Py/mmr5lyXn/7VUy78sOf/XUi3/suT8v55q+Zcl5/+NVMu/LDn/b6Za/mXJ+X8r1fIvS87/26mWf1ly/q+nWv5leXD/fzNTnvnP3yNmoBtmzIyb6fo3EwAAAAAAAAAAAADQNo3TibteRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7PDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd3cxcpX3GcDPftlrQ4IbCCHECWtjiAOLd9df4BCDSUJKSZtSEtKmJTWOvTZO/FXvOgGEylJoSxSkIrUX9KJpEqVRpLYCRZGaSjRCaqT2rlwl4iZqJS4sFSoHJZVSBbY6M+/77szs7Mz6Y+3z8fsh/PfOnJl558yZ2X3WemYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBWGz42/ecDWZbl/zf+WJdll+d/X5Ptyb+c23mpVwgAAACcr7caf/7DFemEPcu4UMs2//aB//j+/Pz8fPaFN0+//Zfz8+mMsSwbWp1ljfOif//lL+ZbtwmeykYHBlu+Huxz80N9zh/uc/5In/NX9Tl/dZ/zR/ucv2gHLLKm+fuYxpVtavx1XXOXZldlI43zNnW51FMDqwcH4+9yGgYal5kfOZgdzo5k09nkossMNP7Lspc25Ld1TxZva7DlttZnWXbmZ4/vj2sYCPt4U9Z2Yw2tj90bd2Vjb/7s8f3fmX39vd1m392waKVZtnljvs6ns2zh11XZQLY67ZO4zsGWda7vss6htnUONC6X/71znWeWuc54v0fDOl/psc714bRHrs+ybC5bcptOT2WD2dqOW037e7R5ROTXkT+U78qGz+o42bCM4yS/zGvXtx8nncdk3P8bwj4ZXmINrQ/HG0+uWrTfz/U4ye91EY7V/Lrvy290dLT1V6ttx2q+zeM3LH0MdH3suhwD6VhuOQY29jsGBlcNNY6BwYU1b2w7BqYWXWYwG2jc1ukbeh8DE7NHT0zMPPrYLYeP7js0fWj62NTkzu3bdmzftmPHxMHDR6Ynm3+e3S4tkbXZYDoGN4bXmngMfrBj29ZDcv6bF+55MFqQ50F+3z9zY76gywezJY7xfJunN5//8yB93295Hgy3PA+6vqZ2eR4ML+N5kG9zZvPyvmcOt/zfbQ0r9Vq4ruUYuJTfD/PbfPBDS78Wrg/reuams/1+OLToGIh3ayA89/JT0s97o7eF/bL4uLg2P+OyVdmpmemTWx7ZNzt7cioL46K4suWx6jxe1rbcp2zR8TJ41sfLnr//1Y3Xdjl9XdhXozf3fqzybbaP936sGq/u7ftzVdbcn22nbs3CuMAu9v7s9t0s358pS/TYn/k2T99y/j8LplzS8vo30u/1b2hkuPn6N5T2xkjb69/ih2aosbIsO3PL8l7/RsL/F/v176qCvP7l++rBLb2PgXybZybO9hgY7vn6d32YA2E9HwqJYbQl97/dOH+ueZi2PJZ9j5vh4ZFw3AzHW2w/brYtukx+bfltb548t+Nm8/Xtj1Xbzy0VPG7yffVXk72Pm3ybl6fO/7VjTfxry2vHqn7HwMjQqny9I+kgaL7eza+Jx8CWbH92PDuSHUiXyR/l/LbGty7vGFgV/r/Yrx3XFOQYyPfV81t7HwP5Nj/admF/dtocTknbtPzs1Pn7haUy/7XDC9fXudsudObP1/nxH38qndYtQ+TbvL79bHNG7/10czjlsi77qfP5s9QxfSC7OPvpmrDOIzt6/24q3+aqncs8nvZkWfbq1KuN33eF3+9+79SPv9/2e99uv1N+derVeyfu/8nZrB8AgHP3duPPuVXNnzVb/sV6Of/+DwAAAJRCzP2DYSbyPwAAAFRGzP1DYSbyPwAAAFRGzP3DYSY1yf8P37brhbeeyNK7Ac4H8fy4G+67o7ld7HjPha/H5hfkp3/02yMvfPWJ5d32YJZlv7r3fV23f/iOuK6mE3GdH24/fZFrrlvW7T/0wMJ2re+fcGZX8/rj/VnuYRC7yi9NbG1c79ijU4358r1ZY94/98xTzetvfh23P72tuf3fhDct2XNwoO3ym8N6NoU5Ft5T5r49C/shn/FyL6z/wL9e+dmF24uXG9j4zsbdfP6Pm9cb3yPquSub28f7vdT6/+Vr330h3/6RG7qv/4nB7us/Ha73tTB/ubu5fes+/2rL+v80rD/eXrzclm/9sOv6X3xPc/sXw3HxjTA713/XX7z/rW6PV7ydPbc3Lxdvf/J/tzcuF68vXn/n+kefmGrbH53X//KbzevZ/eWfD7VuH0+PtxM9dHv78T0QHt+2HnmWZd/9s6xtP2cfaV7unzvWH6/vxO3d139zxzpPDFzXuPzC/VnXdr++/ndbu97fuJ49/7iu7f48d3fYf29O/Ci/3tP3h+MxnP9/rzSvr/O9TF+8u/31Jm7/jXXN5228vomO9T/Xsf656/J913/997zZXP+Ld65uW/+eT4Tj6Z7m7Lf+Q397Rdvlv/md5uNx8ivjx47PnDp8oGWvtj6PV4+uWXvZ5e945xXhtbTz673HZx+ePjk2OTaZZWMlfMvAlV7/t8L8n+aYu/C30PSTnzePu2c/2fy+9cFfNL9+Lpz+UHg84/fHr//1SNvx2vm4z93ZnOe7/pvCOpbrPV/7r+uWteHpz7906p/+5PXOnwvi/Tnx7tHG/Xt+w9WN8wZebp7f+XrVz3++u/15/dPhycb8Qdiv8+GdmTde3by9zuuP703y7Kebz9/4k1y8fNbxfiLrhtrvx/mu/6fh55gfXtP++hePjx880fFuzuuygXwJc+H1IZtrnh+3ivv72TNXd729+D482dx7z2aZS5p5dGbiyOFjpx6ZmJ2emZ2YefSxvUePnzo2u7fx3qV7v9jv8gvP77WN5/eB6Z3bs8az/XhzrLBLvf4TD+w/cOvkjQemD+47dXD2gRPTJw/tn5nZP31g5sZ9Bw9Of6Xf5Q8f2D21dde2W7eOHzp8YPdtu3Zt2zV++NjxfBnNRfWxc/JL48dO7m1cZGb39l1TO3Zsnxw/evzA9O5bJyfHT/W7fON703h+6S+Pn5w+sm/28NHp8ZnDj03vntq1c+fWvu/+ePTEwZmxiZOnjk2cGp4+OdG8L2OzjZPz7339Lk89zBwPr3cdBsJP55+7eWd6f9zct59c8qqam7T/eJq9Ed4LKn5/6/d1zP0jYSY1yf8AAABQBzH3hzf+XzhD/gcAAIDKiLl/dZiJ/A8AAACVEXN/M/mPpo9/r0v+v1D9/yf1/xv0//X/M/3/RP9f/z/T/9f/70P/X/+/zOvX/0/9/xn9f5ZStP5/yP3Zmizz7/8AAABQUTH3rw0zkf8BAACgMmLuvyzMRP4HAACAyoi5//Iwk5rkf5//r/+v/9+r/x+31f/P9P+L0P/f9N/6/4vo/+v/Z/r/5+xS9+fLvv4C9v/X6P9TNEXr/8fc/44wk5rkfwAAAKiDmPvfGWYi/wMAAEBlxNx/RZiJ/A8AAACVEXP/ujCTmuR//X/9f/1/n/+v/1+a/r/P/+9C/1//P9P/P2eXuj9f9vUXsP/v8/8pnKL1/2Pu/7Uwk5rkfwAAAKiDmPvfFWYi/wMAAEBlxNx/ZZiJ/A8AAACVEXP/VWEmNcn/9ez/v5Zlmf5/pv+v/9+xTv1//f+VoP+v/9+L/r/+f5nXr/+v/09/Rev/x9z/7jCTmuR/AAAAqIOY+68OM5H/AQAAoDJi7n9PmIn8DwAAAJURc/81YSY1yf/17P/7/H/9/yb9//Z16v/r/68E/X/9/170/5fR/x9e+Kv+f7HWr/+v/09/Rev/x9z/3jCTmuR/AAAAqIOY+68NM5H/AQAAoDJi7n9fmIn8DwAAAJURc//6MJOa5H/9f/1//X/9f/1//f+VVK7+/+CS5+j/N+n/t7tw/f+5hQX4/P/SrF//X/+f/orW/4+5//1hJjXJ/wAAAFAHMfd/IMxE/gcAAIDKiLn/ujAT+R8AAAAqI+b+sTCTmuR//X/9f/1//X/9f/3/lVSu/v/S9P+b9P/bXZTP/2+h/1+s9ev/6//TX9H6/zH3bwgzqUn+BwAAgDqIuX9jmIn8DwAAAJURc//1YSbyPwAAAFRGzP2bwkxqkv/1//X/9f/1//X/9f9Xkv6//n8v+v/6/2Vev/6//j/9Fa3/H3P/DWEmNcn/AAAAUAcx998YZiL/AwAAQGXE3P/BMBP5HwAAACoj5v7NYSY1yf/6//r/+v8l7v8P6f9n+v+Fp/+v/9+L/r/+f5nXr/+v/09/Rev/x9z/oTCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7r85zET+BwAAgMqIuX88zKQm+V//X/9f/7/E/X+f/9+2fv3/YtL/1//vRf9f/7/M69f/1/+nv6L1/2PuvyXMpCb5HwAAAOog5v4tYSbyPwAAAFRGzP0TYSbyPwAAAFRGzP2TYSY1yf/6//r/+v/6//r/+v8rSf9f/78X/X/9/zKvX/9f/5/+itb/j7l/KsykJvkfAAAA6iDm/q1hJvI/AAAAVEbM/dvCTOR/AAAAqIyY+7eHmdQk/5ek/78lFaD0//X/9f/1//X/S0X/X/+/F/1//f8yr1//X/+fdoNdTita/z/m/h1hJjXJ/wAAAFAHMffvDDOR/wEAAKAyYu6/NcxE/gcAAIDKiLn/tjCTmuT/kvT/ff6//r/+fwv9f/3/MtH/1//vRf9f/7/M69f/1/+nv6L1/2Pu3xVmUpP8DwAAAHUQc/+Hw0zkfwAAAKiMmPtvDzOR/wEAAKBUun0OYRRz/0fCTGqS//X/q97/n1+t/6//r//fe/36/ytL/1//vxf9f/3/Mq9f/1//n/6K1v+PuX93mElN8j8AAADUQcz9d4SZyP8AAABQGTH33xlmIv8DAABAZcTcvyfMpCb5X/+/6v1/n/+v/6//32/9+v8rS/9f/78X/f9y9v/Djy36/wXq/+fHkP4/RVS0/n/M/XeFmdQk/wMAAEAdxNz/0TAT+R8AAAAqI+b+j4WZyP8AAABQGTH3fzzMpCb5X/9f/1//X/9f/1//fyXp/69Y/7/xUljk/v+aZdyM/n85+/+R/n9x+v8+/5+iKlr/P+b+u8NMapL/AQAAoA5i7v9EmIn8DwAAAJURc/+vh5nI/wAAAFAZMfffE2ZSk/yv/6//r/+v/6//r/+/kvT/ff5/L/r/+v9lXr/+v/4//RWt/x9z/2+EmdQk/wMAAEAdxNx/b5iJ/A8AAACVEXP/J8NM5H8AAAAomVVLnhNz/2+GmdQk/5ev/z9Wyv7/YLp+/X/9f/1//X/9/wtJ/1//P9P/P2eXuj9f9vXr/+v/01/R+v8x9/9WmElN8j8AAADUQcz9nwozkf8BAACgMmLu/+0wE/kfAAAAKiPm/vvCTGqS/y90/7/z8r34/H/9/0z/X/9f/1///zzp/+v/Z/r/5+xS9+fLvn79f/1/+ita/z/m/t8JM6lJ/gcAAIA6iLn//jAT+R8AAAAK6uGzvkTM/Z8OM5H/AQAAoDJi7v9MmElN8n/5Pv9f/1//X/9f/1//v0z0//X/e9H/1/8v8/r1//X/6a9o/f+Y+x8IM6lJ/gcAAIA6iLn/s2Em8j8AAABURsz9vxtmIv8DAABAZcTc/3thJj3y/9KVhPLR/9f/1//X/9f/1/9fSfr/i/v/+WuY/n+T/r/+f5nXr/+v/09/Rev/x9z/uTAT//4PAAAAlRFz/++Hmcj/AAAAUBkx9/9BmIn8DwAAAJURc/+DYSY1yf/6//r/+v/6//r/+v8rSf/f5//3ov+v/1/m9ev/6//TX9H6/zH3fz7MpCb5HwAAAOog5v4/DDOR/wEAAKAyYu7fG2Yi/wMAAEBlxNz/UJhJTfK//r/+v/6//r/+v/7/StL/1//vRf9f/7/M69f/1/+nv6L1/2Pu3xdmsqf9ZgAAAIDyirn/C2EmNfn3fwAAAKiDmPv3h5nI/wAAAFAZMfcfCDOpSf7X/9f/1//X/9f/1/9fSfr/+v+96P/r/5d5/fr/+v/0V7T+f8z902EmNcn/AAAAUAcx9x8MM5H/AQAAoDJi7j8UZiL/AwAAQGXE3P9wmElN8r/+v/6//n9t+/+vfK9jnfr/+v8rQf9f/78X/X/9/zKvX/9f/5/+itb/j7n/cJhJTfI/AAAA1EHM/V8MM5H/AQAAoDJi7v9SmIn8DwAAAJURc/+RMJOa5H/9f/1//f/a9v+X9/n/axZuV/9f//9c6P/r//ei/6//X+b16//r/9Nf0fr/MfcfDTOpSf4HAACAOoi5/1iYifwPAAAAlRFz//EwE/kfAAAAKiPm/hNhJjXJ//r/Z9X/XzWwRDdQ/7/7+vX/K9D/b6H/r/9/LvT/9f970f/X/y/z+vX/9f/pr2j9/5j7/yjMpCb5HwAAAOog5v6TYSbyPwAAAFRGzP0zYSbyPwAAAFRGzP2zYSY1yf/6/z7/X/9f/1//X/9/Jen/6//3ov+v/1/m9ev/6//TX9H6/zH3nwozqUn+B4D/Z+8+c/U6qz4OP6/zOiRCwBTCEGACDIExIDEGeknooUPovYXeQofQe++99x4IvUpB8VlrhWPsvW2f8/jc+17X9SELTpB8RzEf/kp+2gAAHeTuv1/cYv8DAADANHL33z9usf8BAABgGrn7HxC3NNn/+n/9v/5f/6//1//vk/5f/79E/6//3/L79f/6f9aN1v/n7n9g3NJk/wMAAEAHufsfFLfY/wAAADCN3P0PjlvsfwAAAJhG7v6HxC1N9r/+X/+v/9f/6//1//uk/9f/L9H/6/+3/H79v/6fdaP1/7n7Hxq3NNn/AAAA0EHu/ofFLfY/AAAATCN3/8PjFvsfAAAAppG7/9q4pcn+1//r//X/G+z//1//r//fDv2//n+J/l//v+X36//1/6wbrf/P3X9d3NJk/wMAAEAHufsfEbfY/wAAADCN3P2PjFvsfwAAAJhG7v5HxS1N9r/+X/+v/99g/+/7//r/DdH/6/+X6P/1/1t+v/5f/8+60fr/3P2Pjlua7H8AAADoIHf/Y+IW+x8AAACmkbv/sXGL/Q8AAADTyN3/uLilyf7X/+v/9f/6f/2//n+f9P/6/yX6f/3/lt+v/9f/s27v/f+9rz9zL7T/z91/fdzSZP8DAABAB7n7Hx+32P8AAAAwjdz9T4hb7H8AAACYRu7+J8YtTfa//l//f0f/f9v/6f/1//r/O36u/z8e+n/9/xL9v/5/y+/X/+v/Wbf3/n+l9z/7v+fuf1Lc0mT/AwAAQAe5+58ct9j/AAAAMI3c/U+JW+x/AAAAmEbu/qfGLU32v/5f/+/7//p//b/+f5/0/8P2/2f/X+8w/f8F0f/r/8/X/9/rAt6v/6eD0fr/3P1Pi1ua7H8AAADoIHf/0+MW+x8AAACmkbv/hrjF/gcAAIBp5O5/RtzSZP/r//X/+n/9/+H+/1TL/v/2n+n/90P/P2z/v0z/f0H0//p/3//X/7NstP4/d/8z45Ym+x8AAAA6yN3/rLjF/gcAAIBp5O5/dtxi/wMAAMA0cvc/J25psv/1//p//b/+/0jf/79ijv7f9//3R/+v/1+i/9f/b/n9+n/9P+tG6/9z9z83bmmy/wEAAGB6p3a1+58Xt9j/AAAAMI3c/c+PW+x/AAAAmEbu/hfELU32v/5f/6//1/8fqf+f5Pv/+v/90f/r/5dcaP+/0//XX4v+f5z36//1/6wbrf/P3f/CuKXJ/gcAAIAOcve/KG6x/wEAAGAauftfHLfY/wAAADCN3P0viVua7H/9v/5f/6//1//r//dJ/6//X+L7//r/Lb9f/6//Z91o/X/u/pfGLU32PwAAAHSQu/9lcYv9DwAAANPI3f/yuMX+BwAAgGnk7n9F3HL2/j91OV91+ej/9f/6f/2//l//v0/6f/3/Ev3/ufv/q87z6+n/x3q//l//z7rR+v/c/TfGLf75PwAAAEwjd/8r4xb7HwAAAKaRu/9VcYv9DwAAANPI3f/quKXJ/j9f/3/rnQ/+vP7/wuj/z/1+/b/+X/+v/9f/6/+X6P99/3/L79f/6/9ZN1r/n7v/NXFLk/0PAAAAHeTuf23cYv8DAADANHL3vy5usf8BAABgGrn7Xx+3NNn/x//9/2v0//p//X9c/b/+X/+v/9f/L9P/6/+3/H79v/6fdaP1/7n73xC3NNn/AAAA0EHu/jfGLfY/AAAATCN3/5viFvsfAAAAppG7/81xS5P9f/z9v+//6/8vsv8/pf9P+v/4+6r/1/9fBP2//n+n/79kJ93Pb/39+n/9P+tG6/9z9990Zur12/8AAADQwU1n/njV7i1xi/0PAAAA08jd/9a4xf4HAACAaeTuf1vc0mT/6//1/yfe//v+f9H/x99X/b/+/yLo//X/O/3/JTvpfn7r79f/6/9ZN1r/n7v/7XFLk/0PAAAAHeTuf0fcYv8DAADANGL3H/zL7/Y/AAAATOmdZ/541e5dcUuT/d+4/7/mqP3/1f/1n/X/536//v9Y+v+bzv69p//X/2+J/l//v0T/r//f8vvH6f/jB9fq/xnPaP1/7v53xy1N9j8AAAB0kLv/PXGL/Q8AAADTyN1/c9xi/wMAAMA0cve/N25psv8b9/+TfP//PrfEC/T/8/b/vv8fV/+v/z8X/b/+f6f/v2Qn3c9v/f3j9P++/8+4Ruv/c/e/L25psv8BAACgg9z9749b7H8AAACYRu7+D8Qt9j8AAABMI3f/B+OWJvtf/7/1/t/3//X/+n/9/9j0//r/Jfp//f+W36//1/+zbrT+P3f/h+KWJvsfAAAAOsjd/+G4xf4HAACAaeTu/0jcYv8DAADANHL3fzRuabL/9f/6/331/7f/Ivr/Jv3/dfr/nf7/vPT/+v8l+n/9/5bfr//X/7NutP4/d//H4pYm+x8AAAA6yN3/8bjF/gcAAIBp5O7/RNxi/wMAAMA0cvd/Mm64x11O7knH6/R5fh69uf5f/+/7//p/3//X/++T/l//v0T/r//f8vv1//p/1o3W/+fu/1Tc4p//AwAAwDRy9386brH/AQAAYBq5+z8Tt9j/AAAAMI3c/Z+NW5rsf/2//l//v9n+/2r9/+H36//HpP/X/y/R/+v/t/x+/b/+n3Wj9f+5+z8XtzTZ/wAAANBB7v7Pxy32PwAAAEwjd/8X4hb7HwAAAKaRu/+LcUuT/a//1//r/zfb//v+/1nv1/+PSf+v/1+i/9f/b/n9+n/9P+tG6/9z938pbmmy/wEAAKCD3P1fjlvsfwAAAJhG7v6vxC32PwAAAEwjd/9X45Ym+1//r//X/+v/9f/6/33S/+v/l+j/9f9bfr/+X//PutH6/9z9X4tbmux/AAAA6CB3/9fjFvsfAAAAppG7/xtxi/0PAAAA08jd/824pcn+n7n/X/qf6f8P6P/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7NutP4/d/+34pYm+x8AAAA6yN3/7bjF/gcAAIBp5O7/Ttxi/wMAAMA0cvd/N25psv9n7v+X6P8P6P/1/zv9v/5/z/T/+v8l+n/9/5bfr//X/7PuhPr/07vz9P+5+78XtzTZ/wAAANBB7v7vxy32PwAAAEwjd/8P4hb7HwAAAKaRu/+Hccs8+/++Ny/8Sf3/sff/Z34T6f/1/7sh+//Th96p/z+g/98v/b/+f4n+X/+/5ffr//X/rBvt+/+5+38Ut8yz/wEAAKC93P0/jlvsfwAAAJhG7v6fxC32PwAAAEwjd/9P45Ym+1//7/v/+v9O/f89r9j5/r/+/zLT/+v/l+j/9f9bfr/+X//PutH6/9z9P4tbmux/AAAA6CB3/8/jFvsfAAAAppG7/xdxi/0PAAAA08jd/8u4pcn+1//r//X/rfr/Q+/X/x/Q/++X/l//v0T/r//f8vuz/8/fd/p//T//a7T+P3f/r+KWJvsfAAAAOsjd/+u4xf4HAACAaeTu/03cYv8DAADANHL3/zZuabL/9f/6f/1/m/7/trvtdvp//f9lN1D/f+VRfh39/wH9/2H6f/2/7//r/1k2Wv+fu/+WuKXJ/gcAAIAOcvf/Lm6x/wEAAGAauft/H7fY/wAAADCN3P23xi1N9r/+X/8/Zf9/J/2/7//r/0cxUP9/JPr/A/r/w/T/+n/9v/6fZaP1/7n7/xC3NNn/AAAA0EHu/j/GLfY/AAAATCN3/5/iFvsfAAAAppG7/89xS5P9r//X/198/3+6/rqH7f99/1//r/8fxrz9/5X6f/3/kfv/G248+LH+f5vv1//r/1k3Wv+fu/8vcUuT/Q8AAAAd5O7/a9xi/wMAAMA0cvf/LW6x/wEAAGAaufv/Hrc02f/T9P93v+vB1f/7/r/+X/8fP9f/j2He/t/3//X/vv+v/9f/6/9ZM1r/n7v/H3FLk/0PAAAAHeTu/2fcYv8DAADANHL3/ytusf8BAABgGrn7/x23NNn/0/T/Sf+v/9f/6//j5/r/Mej/9f9L9P/6/y2/X/+v/2fdaP1/7v7/BAAA//9RaTCH")
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x20000, 0x0, 0x0, 0x0, &(0x7f0000000100))
mount(0x0, &(0x7f0000000000)='.\x00', 0x0, 0x2236824, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4400, 0x0)

740.72304ms ago: executing program 1 (id=768):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3b9601000000000000003b00000008000300", @ANYRES32, @ANYBLOB="4500330040000000080211000000080211000001505050505050900001"], 0x70}, 0x1, 0x0, 0x0, 0x8011}, 0x10)

543.974706ms ago: executing program 1 (id=769):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
sendfile(r3, r2, 0x0, 0x100000500)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec)
ioctl$sock_inet6_SIOCDIFADDR(0xffffffffffffffff, 0x8936, &(0x7f0000000200)={@private0, 0x77})
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x400000000000000, 0x0, 0x0)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)

414.702306ms ago: executing program 3 (id=770):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x201008, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000001180)='./bus\x00')
rmdir(&(0x7f0000000440)='./file0\x00')

186.674215ms ago: executing program 3 (id=771):
socket$inet6_sctp(0xa, 0x5, 0x84)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0, 0x1, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = syz_open_dev$audion(&(0x7f0000000100), 0x1, 0x8000)
setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f0000000580)={'filter\x00', 0x7, 0x4, 0x418, 0x0, 0x0, 0x110, 0x330, 0x330, 0x330, 0x4, 0x0, {[{{@arp={@loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xffffff00, 0x0, 0x6, 0x7, {@empty, {[0x0, 0xff, 0x0, 0xff, 0xff, 0xff]}}, {@mac=@local, {[0xff, 0x0, 0xff, 0x0, 0xff]}}, 0x5, 0x7ff, 0xe, 0x800, 0x7, 0xf, 'batadv_slave_0\x00', 'batadv0\x00', {}, {0xff}, 0x0, 0x8}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@multicast, @empty, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x2, 0x1}}}, {{@arp={@rand_addr=0x64010100, @local, 0xff000000, 0xffffff00, 0x4, 0x3, {@empty, {[0x0, 0x0, 0x0, 0xff]}}, {@empty, {[0x0, 0xff, 0x0, 0x0, 0xff, 0xff]}}, 0x6, 0xc9dc, 0xe00, 0x6, 0x4, 0xaff, 'wg2\x00', 'rose0\x00', {0xff}, {0xff}, 0x0, 0x40}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @dev={0xac, 0x14, 0x14, 0x1f}, @multicast1, 0xd, 0x1}}}, {{@arp={@broadcast, @dev={0xac, 0x14, 0x14, 0xf}, 0x0, 0xff, 0x8, 0x8, {@mac=@remote, {[0xff, 0x0, 0x0, 0xff, 0xff]}}, {@mac=@remote, {[0x0, 0xff, 0x0, 0x0, 0xff]}}, 0x5, 0xe34, 0x1ff, 0x3, 0x7f, 0x9, 'macvlan1\x00', 'pim6reg0\x00', {0xff}, {0xff}, 0x0, 0xd1}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x28}, 0xf, 0xffffffff}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x468)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000040000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000"], 0xfc}}, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f0000000440)=ANY=[])
read$FUSE(0xffffffffffffffff, &(0x7f0000006380)={0x2020}, 0x2020)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x18, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r4}, 0x10)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000100)={0x18, 0x1404, 0x1, 0x70bd2d, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x18}, 0x1, 0x0, 0x0, 0x671ec167a4b72164}, 0x0)

0s ago: executing program 0 (id=772):
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
close(0xffffffffffffffff)
mount(&(0x7f00000001c0)=@filename='./file0\x00', 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a", @ANYRES32=0x0, @ANYRES32=0x0], 0xfc}}, 0x0)
sendmsg$nl_xfrm(r2, 0x0, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.48' (ED25519) to the list of known hosts.
[   58.066410][ T5773] cgroup: Unknown subsys name 'net'
[   58.234779][ T5773] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   59.612469][ T5773] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   61.408018][ T5784] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   61.428089][ T5784] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   61.447211][ T5784] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   61.455282][ T5784] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   61.467599][ T5784] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   61.475046][ T5784] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   61.491956][ T5788] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   61.550595][ T5795] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   61.551941][ T5105] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   61.559212][ T5795] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   61.566864][ T5105] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   61.572989][ T5795] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   61.586977][ T5105] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   61.587416][ T5795] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   61.594777][ T5105] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   61.610020][ T5105] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   61.610998][ T5795] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   61.625568][ T5105] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   61.625613][ T5795] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   61.633520][ T5105] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   61.646916][ T5795] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   61.662873][ T5105] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   61.672224][ T5795] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   61.686282][ T5105] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   61.999875][ T5782] chnl_net:caif_netlink_parms(): no params data found
[   62.132874][ T5782] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.140776][ T5782] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.149719][ T5782] bridge_slave_0: entered allmulticast mode
[   62.156460][ T5782] bridge_slave_0: entered promiscuous mode
[   62.172604][ T5792] chnl_net:caif_netlink_parms(): no params data found
[   62.184797][ T5782] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.193526][ T5782] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.201357][ T5782] bridge_slave_1: entered allmulticast mode
[   62.210359][ T5782] bridge_slave_1: entered promiscuous mode
[   62.275660][ T5782] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.289137][ T5786] chnl_net:caif_netlink_parms(): no params data found
[   62.316418][ T5782] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.424703][ T5782] team0: Port device team_slave_0 added
[   62.454300][ T5782] team0: Port device team_slave_1 added
[   62.485466][ T5792] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.492694][ T5792] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.500117][ T5792] bridge_slave_0: entered allmulticast mode
[   62.506826][ T5792] bridge_slave_0: entered promiscuous mode
[   62.526752][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state
[   62.534119][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.541484][ T5786] bridge_slave_0: entered allmulticast mode
[   62.548747][ T5786] bridge_slave_0: entered promiscuous mode
[   62.555916][ T5785] chnl_net:caif_netlink_parms(): no params data found
[   62.568240][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_0
[   62.575200][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.601590][ T5782] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   62.613305][ T5792] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.620937][ T5792] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.628272][ T5792] bridge_slave_1: entered allmulticast mode
[   62.635085][ T5792] bridge_slave_1: entered promiscuous mode
[   62.642189][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state
[   62.649724][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.656959][ T5786] bridge_slave_1: entered allmulticast mode
[   62.663879][ T5786] bridge_slave_1: entered promiscuous mode
[   62.684980][ T5782] batman_adv: batadv0: Adding interface: batadv_slave_1
[   62.691985][ T5782] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   62.718040][ T5782] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   62.764914][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.776702][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.802264][ T5792] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   62.845488][ T5792] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   62.892841][ T5786] team0: Port device team_slave_0 added
[   62.927797][ T5782] hsr_slave_0: entered promiscuous mode
[   62.934063][ T5782] hsr_slave_1: entered promiscuous mode
[   62.943233][ T5786] team0: Port device team_slave_1 added
[   62.951953][ T5792] team0: Port device team_slave_0 added
[   62.961264][ T5792] team0: Port device team_slave_1 added
[   63.015745][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.023269][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.031021][ T5785] bridge_slave_0: entered allmulticast mode
[   63.039237][ T5785] bridge_slave_0: entered promiscuous mode
[   63.070754][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.077974][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.104935][ T5792] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.116286][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.123803][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.131272][ T5785] bridge_slave_1: entered allmulticast mode
[   63.138591][ T5785] bridge_slave_1: entered promiscuous mode
[   63.156904][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.163937][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.189899][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.212728][ T5792] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.219839][ T5792] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.246290][ T5792] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.273301][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.283245][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.290938][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.317118][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.350897][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   63.434585][ T5792] hsr_slave_0: entered promiscuous mode
[   63.441493][ T5792] hsr_slave_1: entered promiscuous mode
[   63.449060][ T5792] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   63.456964][ T5792] Cannot create hsr debugfs directory
[   63.476250][ T5785] team0: Port device team_slave_0 added
[   63.510382][ T5786] hsr_slave_0: entered promiscuous mode
[   63.516856][ T5786] hsr_slave_1: entered promiscuous mode
[   63.523705][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   63.531343][ T5786] Cannot create hsr debugfs directory
[   63.539126][ T5785] team0: Port device team_slave_1 added
[   63.594989][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0
[   63.602027][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.628513][ T5784] Bluetooth: hci0: command tx timeout
[   63.634235][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   63.652177][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1
[   63.659386][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   63.685658][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   63.697569][ T5784] Bluetooth: hci2: command tx timeout
[   63.698105][ T5105] Bluetooth: hci3: command tx timeout
[   63.767612][ T5105] Bluetooth: hci1: command tx timeout
[   63.805899][ T5785] hsr_slave_0: entered promiscuous mode
[   63.814454][ T5785] hsr_slave_1: entered promiscuous mode
[   63.820918][ T5785] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   63.829226][ T5785] Cannot create hsr debugfs directory
[   64.043465][ T5782] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   64.063786][ T5782] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   64.079760][ T5782] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   64.091978][ T5782] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   64.155087][ T5786] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   64.164770][ T5786] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   64.187368][ T5786] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   64.199129][ T5786] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   64.290961][ T5792] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   64.301771][ T5792] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   64.312180][ T5792] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   64.322646][ T5792] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   64.396125][ T5785] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   64.418588][ T5785] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   64.428096][ T5785] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   64.439962][ T5785] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   64.507698][ T5782] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.573107][ T5782] 8021q: adding VLAN 0 to HW filter on device team0
[   64.602982][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.615942][  T134] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.623343][  T134] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.660545][  T134] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.667708][  T134] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.686888][ T5792] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.739429][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[   64.764324][ T5792] 8021q: adding VLAN 0 to HW filter on device team0
[   64.779222][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.786401][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.800216][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0
[   64.825327][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.832462][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   64.842170][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.849425][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.861121][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.868343][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   64.904515][ T5785] 8021q: adding VLAN 0 to HW filter on device team0
[   64.963894][ T2990] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.971079][ T2990] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.012784][ T2990] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.020008][ T2990] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.091922][ T5786] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   65.256120][ T5782] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.361785][ T5782] veth0_vlan: entered promiscuous mode
[   65.384344][ T5782] veth1_vlan: entered promiscuous mode
[   65.452814][ T5782] veth0_macvtap: entered promiscuous mode
[   65.491825][ T5782] veth1_macvtap: entered promiscuous mode
[   65.521246][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.567733][ T5792] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.586354][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.603995][ T5782] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.627451][ T5782] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.636383][ T5782] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.645727][ T5782] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.655062][ T5782] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.687970][ T5105] Bluetooth: hci0: command tx timeout
[   65.721826][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.754271][ T5786] veth0_vlan: entered promiscuous mode
[   65.767787][ T5105] Bluetooth: hci3: command tx timeout
[   65.767871][ T5784] Bluetooth: hci2: command tx timeout
[   65.812013][ T5792] veth0_vlan: entered promiscuous mode
[   65.826943][ T5792] veth1_vlan: entered promiscuous mode
[   65.847838][ T5784] Bluetooth: hci1: command tx timeout
[   65.865264][ T5786] veth1_vlan: entered promiscuous mode
[   65.880238][ T2990] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.888749][ T2990] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.933443][ T5786] veth0_macvtap: entered promiscuous mode
[   65.959063][ T5786] veth1_macvtap: entered promiscuous mode
[   65.974805][ T5785] veth0_vlan: entered promiscuous mode
[   66.003635][ T2990] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.005309][ T5785] veth1_vlan: entered promiscuous mode
[   66.022240][ T2990] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.032193][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   66.044384][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.058316][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.067467][ T5792] veth0_macvtap: entered promiscuous mode
[   66.089109][ T5792] veth1_macvtap: entered promiscuous mode
[   66.102155][ T5786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.114707][ T5786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.126627][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.164874][ T5786] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.174385][ T5786] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.183324][ T5786] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.192301][ T5786] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.217706][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   66.233470][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.244192][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   66.264216][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.280788][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.291560][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.305548][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.326785][ T5792] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.338442][ T5792] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.350263][ T5792] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.360335][ T5785] veth0_macvtap: entered promiscuous mode
[   66.373308][ T5785] veth1_macvtap: entered promiscuous mode
[   66.393833][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   66.404570][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.426032][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   66.439760][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.455587][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   66.466622][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.482821][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.511439][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.522441][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.532810][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.551098][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.561244][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   66.572653][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   66.583958][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.600215][ T5792] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.609978][ T5792] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.620498][ T5792] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.630216][ T5792] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.654357][ T5785] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.664720][ T5785] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.673831][ T5785] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.682986][ T5785] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.773567][  T134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.790222][  T134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.838945][ T2968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.846850][ T2968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.886412][  T134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.896087][  T134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.946690][   T48] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.964357][   T48] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.044429][ T2990] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.070636][ T2990] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.168087][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.197824][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   67.284000][ T5873] netlink: 'syz.3.4': attribute type 29 has an invalid length.
[   67.352427][ T5875] tipc: Started in network mode
[   67.371665][ T5875] tipc: Node identity 8ea493fc5eff, cluster identity 4711
[   67.381571][ T5875] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   67.395005][ T5875] syzkaller0: entered promiscuous mode
[   67.401711][ T5875] syzkaller0: entered allmulticast mode
[   67.518671][ T5875] tipc: Resetting bearer <eth:syzkaller0>
[   67.565874][ T5874] tipc: Resetting bearer <eth:syzkaller0>
[   67.592922][ T5874] tipc: Disabling bearer <eth:syzkaller0>
[   67.667388][ T5787] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   67.769129][ T5784] Bluetooth: hci0: command tx timeout
[   67.863375][ T5105] Bluetooth: hci3: command tx timeout
[   67.869053][ T5784] Bluetooth: hci2: command tx timeout
[   67.887086][ T5787] usb 1-1: Using ep0 maxpacket: 8
[   67.898651][ T5787] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   67.914414][ T5787] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[   67.923786][ T5787] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x76, skipping
[   67.937531][ T5784] Bluetooth: hci1: command tx timeout
[   67.960581][ T5787] usb 1-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[   67.970262][ T5787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   67.999711][ T5787] hub 1-1:1.0: bad descriptor, ignoring hub
[   68.006033][ T5787] hub: probe of 1-1:1.0 failed with error -5
[   68.025774][ T5787] cdc_wdm 1-1:1.0: skipping garbage
[   68.033749][ T5787] cdc_wdm 1-1:1.0: skipping garbage
[   68.062569][ T5787] cdc_wdm: probe of 1-1:1.0 failed with error -22
[   68.253152][ T5787] usb 1-1: USB disconnect, device number 2
[   70.403808][ T5901] xt_hashlimit: max too large, truncated to 1048576
[   70.521888][ T5784] Bluetooth: hci0: command tx timeout
[   70.536217][ T5790] Bluetooth: hci3: command tx timeout
[   70.538119][ T5795] Bluetooth: hci1: command tx timeout
[   70.569221][ T5105] Bluetooth: hci2: command tx timeout
[   70.972357][ T5918] netlink: 'syz.3.15': attribute type 29 has an invalid length.
[   71.049798][ T5919] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   71.614940][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[   71.621601][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[   71.968965][ T5932] syz.1.22[5932]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   72.662872][    T9] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   72.796607][ T5932] loop1: detected capacity change from 0 to 8192
[   72.805039][ T5932] =======================================================
[   72.805039][ T5932] WARNING: The mand mount option has been deprecated and
[   72.805039][ T5932]          and is ignored by this kernel. Remove the mand
[   72.805039][ T5932]          option from the mount to silence this warning.
[   72.805039][ T5932] =======================================================
[   72.860054][    T9] usb 3-1: Using ep0 maxpacket: 8
[   72.879184][    T9] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[   72.897904][    T9] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   72.916719][    T9] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   72.935000][    T9] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   72.946824][    T9] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   73.007218][    T9] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   73.026685][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.155994][ T5786] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[   73.189833][ T5786] FAT-fs (loop1): Filesystem has been set read-only
[   73.267293][    T9] usb 3-1: usb_control_msg returned -32
[   73.285849][    T9] usbtmc 3-1:16.0: can't read capabilities
[   73.853237][ T5951] xt_hashlimit: max too large, truncated to 1048576
[   74.919886][ T5961] xt_hashlimit: max too large, truncated to 1048576
[   75.573900][ T5963] loop0: detected capacity change from 0 to 256
[   75.601881][ T5963] exfat: Deprecated parameter 'utf8'
[   75.621545][    T9] usb 3-1: USB disconnect, device number 2
[   75.629232][ T5963] exfat: Deprecated parameter 'utf8'
[   75.648556][ T5967] netlink: 'syz.1.29': attribute type 29 has an invalid length.
[   75.705593][ T5963] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7b823c56, utbl_chksum : 0xe619d30d)
[   76.433922][ T5972] loop1: detected capacity change from 0 to 40427
[   76.453116][ T5972] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[   76.461139][ T5972] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   76.475991][ T5972] F2FS-fs (loop1): invalid crc value
[   76.527396][ T5972] F2FS-fs (loop1): Found nat_bits in checkpoint
[   76.597387][ T5972] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   76.604716][ T5972] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   76.757265][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   77.064476][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   77.371695][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   77.495759][    T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   78.097362][    T9] usb 3-1: Using ep0 maxpacket: 16
[   78.122056][    T9] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   78.155483][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[   78.168756][ T5988] loop3: detected capacity change from 0 to 64
[   78.177122][    T9] usb 3-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[   78.220042][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.261030][    T9] usb 3-1: config 0 descriptor??
[   78.266232][ T5988] hfs: unable to locate alternate MDB
[   78.269190][ T2952] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   78.281572][ T5988] hfs: continuing without an alternate MDB
[   78.343033][ T2952] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   78.797619][    T9] nzxt-smart2 0003:1E71:2009.0001: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.2-1/input0
[   79.262405][ T5828] usb 3-1: USB disconnect, device number 3
[   79.683448][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   79.877174][    T9] usb 4-1: Using ep0 maxpacket: 8
[   79.896346][ T6008] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   79.911346][    T9] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[   79.922341][    T9] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   80.061141][ T6010] xt_hashlimit: max too large, truncated to 1048576
[   80.602641][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   80.612746][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   80.622934][    T9] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   80.687084][    T9] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   80.706446][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.974555][    T9] usb 4-1: usb_control_msg returned -32
[   80.997215][    T9] usbtmc 4-1:16.0: can't read capabilities
[   81.467419][    T0] NOHZ tick-stop error: local softirq work is pending, handler #1c2!!!
[   81.476233][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   81.569808][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   81.578466][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   81.672140][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   81.680749][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   81.849117][    T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!!
[   81.850553][  T969] cfg80211: failed to load regulatory.db
[   82.089531][ T6017] loop0: detected capacity change from 0 to 32768
[   82.116334][ T6027] usbtmc 4-1:16.0: usb_control_msg returned -32
[   82.196789][ T6017] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[   82.332745][ T6026] loop2: detected capacity change from 0 to 4096
[   82.446770][ T6026] ntfs3: loop2: failed to replay log file. Can't mount rw!
[   82.662740][ T6033] loop1: detected capacity change from 0 to 256
[   82.670919][ T6017] (syz.0.43,6017,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = 0
[   82.681543][ T6033] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   82.714534][ T6033] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[   82.735690][ T6017] syz.0.43 (6017) used greatest stack depth: 20136 bytes left
[   82.747976][ T6033] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   82.922377][ T5782] ocfs2: Unmounting device (7,0) on (node local)
[   83.346731][   T23] usb 4-1: USB disconnect, device number 2
[   83.877764][ T6043] netlink: 68 bytes leftover after parsing attributes in process `syz.0.47'.
[   84.113430][ T6043] netlink: 'syz.0.47': attribute type 1 has an invalid length.
[   85.891485][ T6059] xt_hashlimit: max too large, truncated to 1048576
[   86.963581][ T6068] tipc: Started in network mode
[   86.971734][ T6069] loop1: detected capacity change from 0 to 512
[   87.007244][ T6068] tipc: Node identity 26d22c4fcdb2, cluster identity 4711
[   87.014593][ T6068] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   87.023075][ T6068] syzkaller0: entered promiscuous mode
[   87.029177][ T6068] syzkaller0: entered allmulticast mode
[   87.075129][ T6069] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.121098][ T6068] tipc: Resetting bearer <eth:syzkaller0>
[   87.169247][ T6069] ext4 filesystem being mounted at /18/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.180991][ T6066] tipc: Resetting bearer <eth:syzkaller0>
[   87.254110][ T6066] tipc: Disabling bearer <eth:syzkaller0>
[   87.712781][ T6078] loop0: detected capacity change from 0 to 4096
[   88.087296][  T969] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   88.100644][ T6078] ntfs3: loop0: failed to replay log file. Can't mount rw!
[   88.130174][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.297092][  T969] usb 3-1: Using ep0 maxpacket: 8
[   88.305439][  T969] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[   88.321265][  T969] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   88.346897][  T969] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   88.394432][  T969] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   88.435216][  T969] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   88.494808][  T969] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   88.534545][  T969] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.610415][ T6087] loop3: detected capacity change from 0 to 8192
[   88.751035][ T6091] fuse: Unknown parameter 'user_id00000000000000000000'
[   88.807864][  T969] usb 3-1: usb_control_msg returned -32
[   88.823718][  T969] usbtmc 3-1:16.0: can't read capabilities
[   89.132997][ T6103] loop3: detected capacity change from 0 to 512
[   89.164289][ T6103] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.192034][ T6103] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.240302][ T6103] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 3: comm syz.3.66: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[   89.241603][ T6108] loop0: detected capacity change from 0 to 512
[   89.268296][ T6103] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 12: comm syz.3.66: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   89.295663][ T6103] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 13: comm syz.3.66: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   89.321984][ T6103] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 14: comm syz.3.66: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   89.346289][ T6109] EXT4-fs error (device loop3): ext4_search_dir:1549: inode #2: block 3: comm syz.3.66: bad entry in directory: rec_len is smaller than minimal - offset=16444, inode=113, rec_len=0, size=2048 fake=0
[   89.348247][ T6108] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.382628][ T6108] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.399910][ T6103] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 15: comm syz.3.66: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   89.426683][ T6103] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 16: comm syz.3.66: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   89.486829][ T6103] EXT4-fs error (device loop3): ext4_readdir:263: inode #2: block 17: comm syz.3.66: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   89.519436][ T6103] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #2: block 18: comm syz.3.66: lblock 23 mapped to illegal pblock 18 (length 1)
[   89.540851][ T6113] usbtmc 3-1:16.0: usb_control_msg returned -32
[   89.604847][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.234634][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.641719][   T23] usb 3-1: USB disconnect, device number 4
[   90.973531][ T6128] loop0: detected capacity change from 0 to 8192
[   92.172836][ T6160] netlink: 'syz.1.83': attribute type 29 has an invalid length.
[   92.197473][  T787] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   92.413997][ T6165] loop3: detected capacity change from 0 to 8192
[   92.537081][  T787] usb 1-1: Using ep0 maxpacket: 8
[   92.544169][  T787] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[   92.561508][  T787] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   92.596700][  T787] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   92.745483][  T787] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   92.971752][  T787] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   93.279857][  T787] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   93.289352][  T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.491486][ T6175] fuse: Bad value for 'fd'
[   93.601702][  T787] usb 1-1: usb_control_msg returned -32
[   93.608009][  T787] usbtmc 1-1:16.0: can't read capabilities
[   93.648882][ T6179] loop2: detected capacity change from 0 to 64
[   93.674629][ T6179] hfs: unable to locate alternate MDB
[   93.712587][ T6179] hfs: continuing without an alternate MDB
[   94.395190][ T6185] usbtmc 1-1:16.0: usb_control_msg returned -32
[   94.992607][ T6190] xt_hashlimit: max too large, truncated to 1048576
[   95.602590][ T5828] usb 1-1: USB disconnect, device number 3
[   96.658409][ T6204] loop2: detected capacity change from 0 to 512
[   96.723129][ T6204] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.732948][ T6210] fuse: Bad value for 'fd'
[   96.763443][ T6204] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.830065][ T6213] loop0: detected capacity change from 0 to 4096
[   97.083328][ T6212] loop1: detected capacity change from 0 to 32768
[   97.090977][ T6212] XFS: ikeep mount option is deprecated.
[   97.156240][ T6213] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[   97.248928][ T6212] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   97.554585][ T6213] ntfs3: loop0: Failed to load $Extend (-22).
[   97.589684][ T6213] ntfs3: loop0: Failed to initialize $Extend.
[   97.612223][ T6212] XFS (loop1): Ending clean mount
[   97.628664][ T6212] XFS (loop1): Quotacheck needed: Please wait.
[   97.741863][ T6212] XFS (loop1): Quotacheck: Done.
[   97.804426][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.827806][ T5828] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   98.057503][   T28] audit: type=1800 audit(1755690828.467:2): pid=6226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.99" name="file1" dev="loop1" ino=9286 res=0 errno=0
[   98.128722][ T5786] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   98.288006][ T5828] usb 4-1: Using ep0 maxpacket: 8
[   98.302737][ T5828] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[   98.325073][ T5828] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   98.357762][ T5828] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   98.402369][ T5828] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   98.425412][ T5828] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   98.464211][ T5828] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[   98.503111][ T5828] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.755154][ T5828] usb 4-1: usb_control_msg returned -32
[   98.761338][ T5828] usbtmc 4-1:16.0: can't read capabilities
[   98.976803][ T6231] loop2: detected capacity change from 0 to 32768
[   99.056017][ T6231] 
[   99.056017][ T6231]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   99.056017][ T6231] 
[   99.168241][ T6235] xt_hashlimit: max too large, truncated to 1048576
[   99.789445][ T6231] 
[   99.789445][ T6231]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   99.789445][ T6231] 
[   99.803807][ T6231] 
[   99.803807][ T6231]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   99.803807][ T6231] 
[   99.825018][  T112] 
[   99.825018][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   99.825018][  T112] 
[   99.966188][   T42] 
[   99.966188][   T42]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   99.966188][   T42] 
[   99.977949][   T42] 
[   99.977949][   T42]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   99.977949][   T42] 
[   99.992967][  T111] 
[   99.992967][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   99.992967][  T111] 
[  100.729165][ T5785] 
[  100.729165][ T5785]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  100.729165][ T5785] 
[  100.787505][ T5785] 
[  100.787505][ T5785]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  100.787505][ T5785] 
[  100.792461][    T9] usb 4-1: USB disconnect, device number 3
[  101.879267][ T6254] fuse: Bad value for 'fd'
[  102.796574][ T6267] netlink: 12 bytes leftover after parsing attributes in process `syz.0.110'.
[  102.996796][ T6269] xt_hashlimit: max too large, truncated to 1048576
[  103.617922][ T6273] fuse: Bad value for 'fd'
[  103.912649][ T6281] overlayfs: failed to resolve './file1': -2
[  104.201457][  T787] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  104.511986][  T787] usb 3-1: Using ep0 maxpacket: 8
[  104.544977][  T787] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  104.571540][  T787] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  104.585625][ T6286] loop0: detected capacity change from 0 to 512
[  104.615083][  T787] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  104.657687][ T6286] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.670413][ T6286] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.696049][  T787] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  104.755914][  T787] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  104.828349][  T787] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  104.901627][  T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.376574][  T787] usb 3-1: usb_control_msg returned -32
[  105.597602][  T787] usbtmc 3-1:16.0: can't read capabilities
[  105.696194][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.944457][ T6308] netlink: 'syz.0.122': attribute type 1 has an invalid length.
[  105.984451][ T6308] 8021q: adding VLAN 0 to HW filter on device bond1
[  106.020035][ T6308] bond1: (slave geneve2): making interface the new active one
[  106.031851][ T6308] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  106.149785][ T6312] fuse: Bad value for 'fd'
[  106.166510][ T6313] loop0: detected capacity change from 0 to 256
[  106.167868][ T6314] usbtmc 3-1:16.0: INDICATOR_PULSE returned 0
[  106.193899][ T6313] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  107.145062][ T6326] overlayfs: failed to resolve './file1': -2
[  107.736563][    T8] usb 3-1: USB disconnect, device number 5
[  108.025386][ T6342] fuse: Unknown parameter '0x0000000000000003'
[  108.203979][ T6334] loop2: detected capacity change from 0 to 8192
[  109.848494][    T8] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  110.023605][ T6365] overlayfs: failed to resolve './file1': -2
[  110.037317][    T8] usb 4-1: Using ep0 maxpacket: 8
[  110.111336][    T8] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  110.301138][    T8] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  110.458169][    T8] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  110.584048][    T8] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  110.670375][    T8] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  110.714126][    T8] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  110.746940][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.973020][    T8] usb 4-1: usb_control_msg returned -32
[  110.982322][    T8] usbtmc 4-1:16.0: can't read capabilities
[  111.194001][ T6391] loop0: detected capacity change from 0 to 64
[  111.214122][ T6391] hfs: unable to locate alternate MDB
[  111.221020][ T6391] hfs: continuing without an alternate MDB
[  111.992816][ T6399] usbtmc 4-1:16.0: INDICATOR_PULSE returned 0
[  112.295009][ T6403] loop0: detected capacity change from 0 to 64
[  112.325772][ T6403] hfs: unable to parse mount options
[  113.267332][   T27] usb 4-1: USB disconnect, device number 4
[  113.795655][ T6413] loop3: detected capacity change from 0 to 4096
[  114.626465][ T6419] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  114.793770][ T6421] fuse: Bad value for 'fd'
[  114.800811][   T28] audit: type=1800 audit(1755690845.217:3): pid=6413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.155" name="file1" dev="loop3" ino=15 res=0 errno=0
[  114.882872][   T28] audit: type=1800 audit(1755690845.227:4): pid=6413 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.155" name="file1" dev="loop3" ino=15 res=0 errno=0
[  115.135666][ T6428] loop0: detected capacity change from 0 to 64
[  115.548039][ T6428] hfs: unable to locate alternate MDB
[  115.617221][ T6428] hfs: continuing without an alternate MDB
[  116.275571][ T6434] loop1: detected capacity change from 0 to 64
[  116.290210][ T6434] hfs: unable to parse mount options
[  116.532000][ T5797] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  116.915134][ T5869] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  117.957111][ T5869] usb 4-1: Using ep0 maxpacket: 8
[  117.964675][ T5869] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  117.973098][ T5869] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  117.982936][ T5869] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  117.992764][ T5869] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  118.002833][ T5869] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  118.015939][ T5869] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  118.037212][ T5869] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.323313][ T5869] usb 4-1: usb_control_msg returned -32
[  118.330538][ T5869] usbtmc 4-1:16.0: can't read capabilities
[  119.108936][ T6464] usbtmc 4-1:16.0: INDICATOR_PULSE returned 0
[  119.886711][ T6479] loop0: detected capacity change from 0 to 256
[  119.899590][ T6479] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  119.925848][ T6479] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  119.951508][ T6479] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  120.417361][ T6484] fuse: Unknown parameter '0x0000000000000003'
[  120.534810][    T8] usb 4-1: USB disconnect, device number 5
[  122.164243][ T6500] loop3: detected capacity change from 0 to 8192
[  122.391680][ T6513] loop2: detected capacity change from 0 to 256
[  122.447309][ T6515] fuse: Unknown parameter '0x0000000000000003'
[  122.470921][ T6513] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  122.514640][ T6513] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  122.534983][ T6511] loop1: detected capacity change from 0 to 4096
[  122.565979][ T6513] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  122.622244][ T6511] ntfs3: loop1: failed to replay log file. Can't mount rw!
[  124.751983][ T6530] loop2: detected capacity change from 0 to 512
[  124.868972][ T6530] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.039888][ T6530] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.345793][ T6553] fuse: Unknown parameter 'fd0x0000000000000003'
[  126.353580][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.400286][ T6551] loop1: detected capacity change from 0 to 8192
[  126.708936][ T6560] loop1: detected capacity change from 0 to 256
[  126.744297][ T6560] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  126.755548][ T6560] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  126.791284][ T6560] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  129.621961][ T6589] fuse: Unknown parameter 'fd0x0000000000000003'
[  130.007881][ T6596] loop0: detected capacity change from 0 to 4096
[  130.403711][ T6601] loop1: detected capacity change from 0 to 8192
[  130.626223][ T6604] loop1: detected capacity change from 0 to 256
[  130.641347][ T6604] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  130.655817][ T6604] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  130.686623][ T6604] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  131.558300][ T6617] xt_hashlimit: max too large, truncated to 1048576
[  132.878330][ T6624] fuse: Unknown parameter 'fd0x0000000000000003'
[  133.053246][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  133.059730][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  133.812119][ T6632] loop1: detected capacity change from 0 to 8192
[  133.876584][ T6632] fuse: Bad value for 'fd'
[  134.171965][ T6642] loop1: detected capacity change from 0 to 64
[  134.211486][ T6642] hfs: unable to parse mount options
[  135.021530][ T6646] loop3: detected capacity change from 0 to 4096
[  135.122431][ T6646] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  135.237642][ T6646] ntfs3: loop3: Failed to load $Extend (-22).
[  135.257852][ T6646] ntfs3: loop3: Failed to initialize $Extend.
[  135.286527][ T6656] netlink: 68 bytes leftover after parsing attributes in process `syz.1.225'.
[  135.374509][ T6655] netlink: 'syz.1.225': attribute type 1 has an invalid length.
[  135.648057][ T6663] overlayfs: missing 'lowerdir'
[  135.691415][ T6655] 8021q: adding VLAN 0 to HW filter on device bond1
[  136.264104][ T6656] bond1: (slave geneve2): making interface the new active one
[  136.296057][ T6656] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  136.408410][ T6666] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  137.839467][ T6683] loop0: detected capacity change from 0 to 512
[  137.935915][ T6683] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.985862][ T6683] ext4 filesystem being mounted at /54/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.256010][ T6691] loop2: detected capacity change from 0 to 256
[  138.268859][ T6691] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  138.284211][ T6691] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  138.329176][ T6691] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  139.216565][ T6706] overlayfs: missing 'lowerdir'
[  140.259173][ T6712] tipc: Started in network mode
[  140.264102][ T6712] tipc: Node identity 36b4c5f40d62, cluster identity 4711
[  140.287251][ T6712] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  140.308150][ T6712] syzkaller0: entered promiscuous mode
[  140.313645][ T6712] syzkaller0: entered allmulticast mode
[  140.355721][ T6712] tipc: Resetting bearer <eth:syzkaller0>
[  140.365537][ T6714] netlink: 68 bytes leftover after parsing attributes in process `syz.2.238'.
[  140.379272][ T6711] tipc: Resetting bearer <eth:syzkaller0>
[  140.429110][ T6711] tipc: Disabling bearer <eth:syzkaller0>
[  140.463422][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.497369][ T6714] netlink: 'syz.2.238': attribute type 1 has an invalid length.
[  140.599609][ T6714] 8021q: adding VLAN 0 to HW filter on device bond1
[  140.730684][ T6720] loop0: detected capacity change from 0 to 8192
[  140.768178][ T6720] fuse: Bad value for 'fd'
[  141.072134][   T28] audit: type=1326 audit(1755690871.497:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.0.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e1718ebe9 code=0x7ffc0000
[  141.134087][   T28] audit: type=1326 audit(1755690871.497:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.0.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e1718ebe9 code=0x7ffc0000
[  141.207583][   T28] audit: type=1326 audit(1755690871.527:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.0.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f6e1718ebe9 code=0x7ffc0000
[  141.232835][ T6735] loop0: detected capacity change from 0 to 2368
[  141.271146][   T28] audit: type=1326 audit(1755690871.527:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.0.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6e1718ec23 code=0x7ffc0000
[  141.346040][   T28] audit: type=1326 audit(1755690871.587:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.0.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f6e1718d69f code=0x7ffc0000
[  141.394768][ T6737] loop2: detected capacity change from 0 to 4096
[  141.415796][   T28] audit: type=1326 audit(1755690871.637:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.0.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f6e1718ec77 code=0x7ffc0000
[  141.467849][   T28] audit: type=1326 audit(1755690871.637:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.0.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6e1718d550 code=0x7ffc0000
[  141.505578][   T28] audit: type=1326 audit(1755690871.657:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.0.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6e1718e7eb code=0x7ffc0000
[  141.511997][ T6737] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  141.539563][   T28] audit: type=1326 audit(1755690871.687:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.0.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6e1718d84a code=0x7ffc0000
[  141.574776][   T28] audit: type=1326 audit(1755690871.687:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6732 comm="syz.0.244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f6e1718d84a code=0x7ffc0000
[  141.752718][ T6737] ntfs3: loop2: Failed to load $Extend (-22).
[  141.753787][ T6739] overlayfs: missing 'lowerdir'
[  141.781868][ T6737] ntfs3: loop2: Failed to initialize $Extend.
[  141.887480][ T6741] loop3: detected capacity change from 0 to 512
[  141.952414][ T6741] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.398199][ T6741] ext4 filesystem being mounted at /52/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.345557][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.381455][ T6755] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  143.447766][ T6756] syzkaller0: entered promiscuous mode
[  143.482210][ T6756] syzkaller0: entered allmulticast mode
[  143.535318][ T6755] tipc: Resetting bearer <eth:syzkaller0>
[  143.560228][ T6754] tipc: Resetting bearer <eth:syzkaller0>
[  143.606167][ T6754] tipc: Disabling bearer <eth:syzkaller0>
[  143.789348][ T6762] netlink: 68 bytes leftover after parsing attributes in process `syz.3.253'.
[  143.802341][ T6762] netlink: 'syz.3.253': attribute type 1 has an invalid length.
[  143.840702][ T6762] 8021q: adding VLAN 0 to HW filter on device bond1
[  143.865962][ T6762] bond1: (slave geneve2): making interface the new active one
[  143.875740][ T6762] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  144.342766][ T6773] loop0: detected capacity change from 0 to 4096
[  144.402573][ T6773] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  144.451151][ T6773] ntfs3: loop0: Failed to load $Extend (-22).
[  144.467734][ T6773] ntfs3: loop0: Failed to initialize $Extend.
[  145.398222][ T6783] xt_hashlimit: max too large, truncated to 1048576
[  146.872341][ T6791] netlink: 68 bytes leftover after parsing attributes in process `syz.2.264'.
[  146.953974][ T6791] netlink: 'syz.2.264': attribute type 1 has an invalid length.
[  147.087989][ T6791] 8021q: adding VLAN 0 to HW filter on device bond2
[  147.118724][ T6797] bond2: (slave geneve2): making interface the new active one
[  147.157375][ T6797] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  147.500386][ T6803] loop2: detected capacity change from 0 to 128
[  147.544831][ T6803] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  147.564752][ T6803] ext4 filesystem being mounted at /69/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  147.892021][ T5785] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  148.099131][ T6816] loop2: detected capacity change from 0 to 4096
[  148.217325][ T6816] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  148.262371][ T6816] ntfs3: loop2: Failed to load $Extend (-22).
[  148.283098][ T6816] ntfs3: loop2: Failed to initialize $Extend.
[  148.581280][ T6823] loop3: detected capacity change from 0 to 256
[  148.606122][ T6823] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  148.619010][ T6823] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  148.662828][ T6823] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  149.001506][ T6829] xt_hashlimit: max too large, truncated to 1048576
[  149.098420][   T23] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  149.307424][   T23] usb 1-1: Using ep0 maxpacket: 8
[  149.413275][   T23] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  149.577341][   T23] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  149.623015][   T23] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  149.667183][   T23] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  149.711854][   T23] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  149.755166][   T23] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  149.786421][   T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.046705][   T23] usb 1-1: usb_control_msg returned -32
[  150.052888][   T23] usbtmc 1-1:16.0: can't read capabilities
[  150.221498][ T6841] netlink: 16 bytes leftover after parsing attributes in process `syz.1.277'.
[  150.454531][ T6845] loop1: detected capacity change from 0 to 4096
[  150.768674][ T6849] usbtmc 1-1:16.0: INDICATOR_PULSE returned 0
[  150.844207][ T6844] loop3: detected capacity change from 0 to 32768
[  150.844908][ T6845] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  150.878914][ T6844] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  150.912749][ T6845] ntfs3: loop1: Failed to load $Extend (-22).
[  150.926399][ T6845] ntfs3: loop1: Failed to initialize $Extend.
[  151.050579][ T6844] XFS (loop3): Ending clean mount
[  151.062069][ T6844] XFS (loop3): Quotacheck needed: Please wait.
[  151.268931][ T6844] XFS (loop3): Quotacheck: Done.
[  152.273088][ T5792] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  152.339571][ T5787] usb 1-1: USB disconnect, device number 4
[  152.616412][ T6871] loop0: detected capacity change from 0 to 256
[  152.697149][ T6871] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  152.727444][ T6871] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  152.785889][ T6871] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  153.697040][ T6886] xt_hashlimit: max too large, truncated to 1048576
[  154.809195][ T6890] loop1: detected capacity change from 0 to 4096
[  155.682074][ T6899] loop2: detected capacity change from 0 to 512
[  155.858229][ T6899] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.871140][ T6890] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  155.937193][ T6899] ext4 filesystem being mounted at /77/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.966411][ T6890] ntfs3: loop1: Failed to load $Extend (-22).
[  155.983377][ T6890] ntfs3: loop1: Failed to initialize $Extend.
[  156.216917][   T23] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  156.367258][ T5787] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  156.430042][   T23] usb 1-1: Using ep0 maxpacket: 16
[  156.442635][   T23] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  156.476166][   T23] usb 1-1: config 0 interface 0 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  156.503859][   T23] usb 1-1: config 0 interface 0 has no altsetting 0
[  156.523764][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.534302][   T23] usb 1-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  156.549431][   T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.572414][   T23] usb 1-1: config 0 descriptor??
[  156.579550][ T5787] usb 4-1: Using ep0 maxpacket: 8
[  156.603536][ T5787] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  156.612469][   T23] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  156.627331][ T5787] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  156.652384][ T5787] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  156.671583][ T5787] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  156.692934][ T5787] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  156.707698][ T5787] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  156.720402][ T5787] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.782331][ T6915] netlink: 68 bytes leftover after parsing attributes in process `syz.1.297'.
[  156.859096][ T6915] netlink: 'syz.1.297': attribute type 1 has an invalid length.
[  156.913105][ T6915] 8021q: adding VLAN 0 to HW filter on device bond2
[  156.949515][ T5787] usb 4-1: usb_control_msg returned -32
[  156.955151][ T5787] usbtmc 4-1:16.0: can't read capabilities
[  157.672022][ T6925] usbtmc 4-1:16.0: INDICATOR_PULSE returned 0
[  157.716682][ T6927] netlink: 16 bytes leftover after parsing attributes in process `syz.2.299'.
[  157.832632][ T6931] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  157.840593][ T6931] syzkaller0: entered promiscuous mode
[  157.846187][ T6931] syzkaller0: entered allmulticast mode
[  157.870590][ T6930] tipc: Resetting bearer <eth:syzkaller0>
[  157.892598][ T6930] tipc: Disabling bearer <eth:syzkaller0>
[  158.082846][ T6935] loop2: detected capacity change from 0 to 8192
[  158.203124][ T6937] loop1: detected capacity change from 0 to 4096
[  158.854048][ T5787] usb 1-1: USB disconnect, device number 5
[  159.120208][   T27] usb 4-1: USB disconnect, device number 6
[  159.424225][ T6952] netlink: 16 bytes leftover after parsing attributes in process `syz.1.308'.
[  159.860742][ T6962] xt_hashlimit: max too large, truncated to 1048576
[  160.681411][ T6968] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  160.726490][ T6967] tipc: Disabling bearer <eth:syzkaller0>
[  161.017311][  T969] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  161.187096][    T8] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  161.227325][  T969] usb 1-1: Using ep0 maxpacket: 16
[  161.241755][  T969] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  161.252484][  T969] usb 1-1: config 0 interface 0 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  161.266054][  T969] usb 1-1: config 0 interface 0 has no altsetting 0
[  161.273025][  T969] usb 1-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  161.282497][  T969] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.294092][  T969] usb 1-1: config 0 descriptor??
[  161.318969][  T969] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  161.377044][    T8] usb 2-1: Using ep0 maxpacket: 8
[  161.390445][    T8] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  161.415582][    T8] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  161.444458][    T8] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  161.470221][    T8] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  161.495925][    T8] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  161.537297][    T8] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  161.563392][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.719399][ T6985] netlink: 16 bytes leftover after parsing attributes in process `syz.3.319'.
[  161.817556][    T8] usb 2-1: usb_control_msg returned -32
[  161.824678][    T8] usbtmc 2-1:16.0: can't read capabilities
[  163.353794][ T6996] xt_hashlimit: max too large, truncated to 1048576
[  163.618682][ T7003] usbtmc 2-1:16.0: INDICATOR_PULSE returned 0
[  163.782440][    T8] usb 1-1: USB disconnect, device number 6
[  164.021147][ T7012] netlink: 'syz.2.326': attribute type 29 has an invalid length.
[  164.063916][ T7012] netlink: 8 bytes leftover after parsing attributes in process `syz.2.326'.
[  164.668955][ T7019] netlink: 16 bytes leftover after parsing attributes in process `syz.3.328'.
[  164.881433][   T27] usb 2-1: USB disconnect, device number 2
[  165.411583][ T7039] xt_hashlimit: max too large, truncated to 1048576
[  165.727486][   T27] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  166.133431][ T7046] fuse: Bad value for 'group_id'
[  166.157125][   T27] usb 2-1: Using ep0 maxpacket: 16
[  166.190051][   T27] usb 2-1: config 0 interface 0 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  166.223426][   T27] usb 2-1: config 0 interface 0 has no altsetting 0
[  166.243714][   T27] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  166.256518][   T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.273606][   T27] usb 2-1: config 0 descriptor??
[  166.283806][   T27] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  166.452082][ T7052] loop0: detected capacity change from 0 to 1024
[  166.527052][ T5775] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  166.837875][ T7056] netlink: 16 bytes leftover after parsing attributes in process `syz.3.339'.
[  166.854056][ T7050] loop2: detected capacity change from 0 to 32768
[  166.894767][ T7050] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  166.980396][ T7050] XFS (loop2): Ending clean mount
[  167.085387][ T5785] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  167.227056][   T27] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  167.407423][   T27] usb 4-1: Using ep0 maxpacket: 8
[  167.414565][   T27] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  167.423512][   T27] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  167.433776][   T27] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  167.444044][   T27] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  167.454561][   T27] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  167.468061][   T27] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  167.481588][   T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.557680][ T7074] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  167.569259][ T7074] syzkaller0: entered promiscuous mode
[  167.575292][ T7074] syzkaller0: entered allmulticast mode
[  167.607413][ T7073] tipc: Resetting bearer <eth:syzkaller0>
[  167.653206][ T7073] tipc: Disabling bearer <eth:syzkaller0>
[  167.719086][ T7078] fuse: Bad value for 'group_id'
[  167.722790][   T27] usb 4-1: usb_control_msg returned -32
[  167.735051][   T27] usbtmc 4-1:16.0: can't read capabilities
[  167.825226][ T7082] netlink: 'syz.0.346': attribute type 29 has an invalid length.
[  167.833787][ T7082] netlink: 8 bytes leftover after parsing attributes in process `syz.0.346'.
[  168.079963][ T7088] netlink: 16 bytes leftover after parsing attributes in process `syz.2.348'.
[  168.298191][    T9] usb 2-1: USB disconnect, device number 3
[  168.768968][ T7098] netlink: 60 bytes leftover after parsing attributes in process `syz.1.350'.
[  169.008167][ T7098] netlink: 'syz.1.350': attribute type 1 has an invalid length.
[  169.155712][ T7098] 8021q: adding VLAN 0 to HW filter on device bond3
[  170.124181][  T969] usb 4-1: USB disconnect, device number 7
[  170.296670][ T7115] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  170.329976][ T7115] tipc: Resetting bearer <eth:syzkaller0>
[  170.379654][ T7114] tipc: Disabling bearer <eth:syzkaller0>
[  170.593491][ T7125] loop0: detected capacity change from 0 to 256
[  170.607417][ T7125] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  170.618358][ T7125] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  170.642950][ T7125] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  170.947154][  T787] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  172.013626][  T787] usb 4-1: Using ep0 maxpacket: 16
[  172.041068][  T787] usb 4-1: config 0 interface 0 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  172.057986][  T787] usb 4-1: config 0 interface 0 has no altsetting 0
[  172.065778][  T787] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  172.075732][  T787] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.087361][  T787] usb 4-1: config 0 descriptor??
[  172.103401][  T787] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  174.277094][  T787] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  174.471132][  T787] usb 1-1: Using ep0 maxpacket: 8
[  174.481488][  T787] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  174.490623][  T787] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  174.500536][  T787] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  174.530224][  T787] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  174.618206][  T787] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  174.742661][  T787] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  174.835490][  T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.247969][  T787] usb 1-1: usb_control_msg returned -32
[  175.253829][  T787] usbtmc 1-1:16.0: can't read capabilities
[  175.462016][  T787] usb 4-1: USB disconnect, device number 8
[  175.592524][ T7171] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  175.621006][ T7171] tipc: Resetting bearer <eth:syzkaller0>
[  175.640205][ T7170] tipc: Disabling bearer <eth:syzkaller0>
[  176.040224][ T7178] usbtmc 1-1:16.0: INDICATOR_PULSE returned 0
[  176.242861][ T7182] overlayfs: missing 'lowerdir'
[  178.836254][ T5787] usb 1-1: USB disconnect, device number 7
[  179.050791][ T7204] netlink: 68 bytes leftover after parsing attributes in process `syz.0.377'.
[  179.082155][ T7204] netlink: 'syz.0.377': attribute type 1 has an invalid length.
[  179.141505][ T7204] 8021q: adding VLAN 0 to HW filter on device bond2
[  179.789787][ T7222] overlayfs: missing 'lowerdir'
[  182.777040][ T7250] netlink: 'syz.1.389': attribute type 1 has an invalid length.
[  182.831141][ T7250] 8021q: adding VLAN 0 to HW filter on device bond4
[  183.069875][ T7261] loop2: detected capacity change from 0 to 64
[  183.095660][ T7261] syz.2.393: attempt to access beyond end of device
[  183.095660][ T7261] loop2: rw=0, sector=268435468, nr_sectors = 2 limit=64
[  183.114350][ T7261] Buffer I/O error on dev loop2, logical block 134217734, async page read
[  183.133134][ T7261] Trying to free block not in datazone
[  183.144125][ T7263] netlink: 'syz.1.392': attribute type 29 has an invalid length.
[  186.344989][ T7290] netlink: 'syz.0.401': attribute type 1 has an invalid length.
[  187.105924][ T7290] 8021q: adding VLAN 0 to HW filter on device bond3
[  187.217060][ T5790] Bluetooth: hci2: command 0x0406 tx timeout
[  187.223115][ T5790] Bluetooth: hci3: command 0x0406 tx timeout
[  187.252165][ T7302] ksmbd: Unknown IPC event: 4, ignore.
[  187.261657][ T5796] Bluetooth: hci1: command 0x0406 tx timeout
[  187.267072][   T50] Bluetooth: hci0: command 0x0406 tx timeout
[  187.847805][ T7310] loop0: detected capacity change from 0 to 512
[  187.975720][ T7310] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.071534][ T7310] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  188.761503][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.096896][ T7322] overlayfs: missing 'workdir'
[  189.925632][ T7331] loop0: detected capacity change from 0 to 64
[  189.969974][ T7331] hfs: unable to locate alternate MDB
[  189.975395][ T7331] hfs: continuing without an alternate MDB
[  190.992216][ T7345] netlink: 'syz.0.414': attribute type 1 has an invalid length.
[  191.141197][ T7345] 8021q: adding VLAN 0 to HW filter on device bond4
[  192.207224][ T7355] loop1: detected capacity change from 0 to 256
[  192.227242][ T7355] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  192.243323][ T7355] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  192.272100][ T7355] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  193.137926][ T7370] fuse: Unknown parameter 'grou00000000000000000000'
[  194.558000][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  196.704386][ T7397] loop2: detected capacity change from 0 to 512
[  196.929625][ T7397] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  197.018919][ T7397] ext4 filesystem being mounted at /123/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.130803][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.018132][ T7424] netlink: 60 bytes leftover after parsing attributes in process `syz.1.436'.
[  199.077112][ T7424] netlink: 60 bytes leftover after parsing attributes in process `syz.1.436'.
[  199.087026][ T7423] netlink: 60 bytes leftover after parsing attributes in process `syz.1.436'.
[  199.120061][ T7423] netlink: 60 bytes leftover after parsing attributes in process `syz.1.436'.
[  199.391763][ T7431] loop0: detected capacity change from 0 to 512
[  199.813587][ T7431] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  200.058013][ T7431] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.892747][ T7465] xt_hashlimit: max too large, truncated to 1048576
[  203.087651][ T7468] fuse: Unknown parameter 'group_i00000000000000000000'
[  203.550777][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.775950][ T7492] netlink: 32 bytes leftover after parsing attributes in process `syz.3.455'.
[  205.574789][ T7498] fuse: Unknown parameter 'group_i00000000000000000000'
[  205.631323][ T7497] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.457'.
[  205.671552][ T7500] loop0: detected capacity change from 0 to 512
[  205.722911][ T7500] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.789523][ T7500] ext4 filesystem being mounted at /106/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  208.095061][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.235268][ T7534] fuse: Unknown parameter 'group_i00000000000000000000'
[  208.314779][ T7528] loop3: detected capacity change from 0 to 32768
[  208.421365][ T7536] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.469'.
[  208.497850][ T7528] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  208.741617][ T5792] ocfs2: Unmounting device (7,3) on (node local)
[  209.651851][ T7561] loop3: detected capacity change from 0 to 512
[  209.745636][ T7561] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.792445][ T7561] ext4 filesystem being mounted at /103/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  209.804057][ T7566] fuse: Unknown parameter 'group_id00000000000000000000'
[  210.053687][ T7569] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.478'.
[  210.383191][ T7580] loop2: detected capacity change from 0 to 256
[  210.403669][ T7580] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  211.802771][ T7590] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  211.850799][ T7590] tipc: Resetting bearer <eth:syzkaller0>
[  211.889825][ T7578] loop0: detected capacity change from 0 to 32768
[  211.943949][ T7578] 
[  211.943949][ T7578]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  211.943949][ T7578] 
[  211.963077][ T7589] tipc: Disabling bearer <eth:syzkaller0>
[  212.101368][ T7578] 
[  212.101368][ T7578]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.101368][ T7578] 
[  212.136892][ T7578] 
[  212.136892][ T7578]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.136892][ T7578] 
[  212.168935][  T111] 
[  212.168935][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.168935][  T111] 
[  212.245520][ T1304] 
[  212.245520][ T1304]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.245520][ T1304] 
[  212.296988][ T1304] 
[  212.296988][ T1304]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.296988][ T1304] 
[  212.357022][ T5782] 
[  212.357022][ T5782]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.357022][ T5782] 
[  212.388556][  T112] 
[  212.388556][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.388556][  T112] 
[  212.421694][ T5782] 
[  212.421694][ T5782]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.421694][ T5782] 
[  212.427721][ T7597] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.488'.
[  212.741619][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.787984][ T7602] fuse: Unknown parameter 'group_id00000000000000000000'
[  215.567850][ T7627] fuse: Unknown parameter 'group_id00000000000000000000'
[  216.568884][ T7632] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  216.721334][ T7632] tipc: Resetting bearer <eth:syzkaller0>
[  217.475568][ T7631] tipc: Disabling bearer <eth:syzkaller0>
[  218.023495][ T7648] Zero length message leads to an empty skb
[  218.803419][ T7638] loop0: detected capacity change from 0 to 32768
[  218.846607][ T7638] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  219.101044][ T5782] ocfs2: Unmounting device (7,0) on (node local)
[  219.797790][ T7668] fuse: Bad value for 'user_id'
[  220.978374][ T7675] loop1: detected capacity change from 0 to 4096
[  222.224520][ T7698] fuse: Bad value for 'user_id'
[  224.310554][ T7717] loop3: detected capacity change from 0 to 4096
[  225.046507][ T7729] xt_hashlimit: max too large, truncated to 1048576
[  226.093121][ T7740] fuse: Bad value for 'user_id'
[  226.338009][ T7744] tipc: Started in network mode
[  226.365562][ T7744] tipc: Node identity 827791428d2b, cluster identity 4711
[  226.392131][ T7744] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  226.511422][ T7744] tipc: Resetting bearer <eth:syzkaller0>
[  226.563085][ T7743] tipc: Disabling bearer <eth:syzkaller0>
[  228.624478][ T7764] xt_hashlimit: max too large, truncated to 1048576
[  230.021502][ T7785] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  232.368281][ T7783] loop1: detected capacity change from 0 to 32768
[  232.375797][ T7783] XFS: ikeep mount option is deprecated.
[  232.418322][ T7783] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  232.607279][ T7783] XFS (loop1): Ending clean mount
[  232.671396][ T7783] XFS (loop1): Quotacheck needed: Please wait.
[  232.779896][ T7783] XFS (loop1): Quotacheck: Done.
[  233.104280][ T5786] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  233.310131][ T7813] loop3: detected capacity change from 0 to 40427
[  233.336080][ T7817] loop0: detected capacity change from 0 to 32768
[  233.401619][ T7813] F2FS-fs (loop3): invalid crc value
[  233.494820][ T7817] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  233.505192][ T7813] F2FS-fs (loop3): Found nat_bits in checkpoint
[  234.365157][ T7813] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  234.391970][ T5782] ocfs2: Unmounting device (7,0) on (node local)
[  234.839429][ T5792] syz-executor: attempt to access beyond end of device
[  234.839429][ T5792] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  234.905259][ T5792] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  235.530752][ T7850] loop1: detected capacity change from 0 to 4096
[  235.629641][ T7856] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  236.589246][   T28] kauditd_printk_skb: 35 callbacks suppressed
[  236.589260][   T28] audit: type=1800 audit(1755690967.017:50): pid=7850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.552" name="file1" dev="loop1" ino=15 res=0 errno=0
[  236.660473][   T28] audit: type=1800 audit(1755690967.037:51): pid=7851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.552" name="file1" dev="loop1" ino=15 res=0 errno=0
[  238.163533][ T7872] loop3: detected capacity change from 0 to 8192
[  238.249825][ T7878] xt_hashlimit: max too large, truncated to 1048576
[  239.407408][   T27] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  240.987075][   T27] usb 1-1: Using ep0 maxpacket: 16
[  241.032184][   T27] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  241.048082][   T27] usb 1-1: config 0 interface 0 has no altsetting 0
[  241.055003][   T27] usb 1-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  241.064214][   T27] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.097768][   T27] usb 1-1: config 0 descriptor??
[  241.430211][ T7908] loop3: detected capacity change from 0 to 256
[  241.999905][ T7908] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  243.237351][ T7908] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  243.366483][ T7903] block device autoloading is deprecated and will be removed.
[  243.376599][ T7903] syz.2.569: attempt to access beyond end of device
[  243.376599][ T7903] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  243.551367][ T7908] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  243.591107][   T27] usbhid 1-1:0.0: can't add hid device: -71
[  243.597204][   T27] usbhid: probe of 1-1:0.0 failed with error -71
[  243.679048][   T27] usb 1-1: USB disconnect, device number 8
[  244.078474][ T7925] loop1: detected capacity change from 0 to 8
[  244.585087][ T7925] SQUASHFS error: lzo decompression failed, data probably corrupt
[  244.595572][ T7925] SQUASHFS error: Failed to read block 0x144: -5
[  244.602070][ T7925] SQUASHFS error: Unable to read metadata cache entry [142]
[  244.609575][ T7925] SQUASHFS error: Unable to read inode 0x11f
[  245.699575][ T7932] loop3: detected capacity change from 0 to 8192
[  248.487021][ T5869] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  248.682954][ T5869] usb 2-1: Using ep0 maxpacket: 16
[  248.764006][ T5869] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  248.922493][ T5869] usb 2-1: config 0 interface 0 has no altsetting 0
[  248.986025][ T5869] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  249.007480][ T5869] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.035550][ T5869] usb 2-1: config 0 descriptor??
[  249.164054][ T7963] loop3: detected capacity change from 0 to 256
[  249.176407][ T7963] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  249.203261][ T7963] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  249.239959][ T7963] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  250.064714][ T5869] usbhid 2-1:0.0: can't add hid device: -71
[  250.076633][ T5869] usbhid: probe of 2-1:0.0 failed with error -71
[  250.104877][ T5869] usb 2-1: USB disconnect, device number 4
[  250.299926][ T7974] loop3: detected capacity change from 0 to 8192
[  250.538894][ T7980] xt_hashlimit: max too large, truncated to 1048576
[  250.985765][ T5792] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  251.004803][ T5792] FAT-fs (loop3): Filesystem has been set read-only
[  251.286742][ T7993] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  251.302849][ T7993] syzkaller0: entered promiscuous mode
[  251.320185][ T7993] syzkaller0: entered allmulticast mode
[  251.538347][ T7993] tipc: Resetting bearer <eth:syzkaller0>
[  252.183372][ T7992] tipc: Resetting bearer <eth:syzkaller0>
[  252.266733][ T7992] tipc: Disabling bearer <eth:syzkaller0>
[  252.469804][ T8001] loop3: detected capacity change from 0 to 256
[  252.487913][ T8001] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  252.516476][ T8001] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  252.543791][ T8001] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  254.345393][ T8017] syz.0.599: attempt to access beyond end of device
[  254.345393][ T8017] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  254.818584][ T8023] loop3: detected capacity change from 0 to 8192
[  255.425339][ T8034] overlayfs: failed to resolve './file0': -2
[  255.940734][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  256.107779][ T5792] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  256.144026][ T5792] FAT-fs (loop3): Filesystem has been set read-only
[  258.370385][ T8069] netlink: 28 bytes leftover after parsing attributes in process `syz.0.613'.
[  259.678947][ T8081] xt_hashlimit: max too large, truncated to 1048576
[  259.922751][ T8080] loop2: detected capacity change from 0 to 8192
[  260.561616][ T8093] netlink: 1624 bytes leftover after parsing attributes in process `syz.0.621'.
[  260.582692][ T5785] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000e1b1)
[  260.707298][ T5785] FAT-fs (loop2): Filesystem has been set read-only
[  261.422479][ T8098] loop3: detected capacity change from 0 to 512
[  261.933855][ T8098] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.168731][ T8098] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  263.047528][ T8121] veth1_to_hsr: entered promiscuous mode
[  263.053283][ T8121] macsec1: entered promiscuous mode
[  263.058799][ T8121] macsec1: entered allmulticast mode
[  263.064107][ T8121] veth1_to_hsr: entered allmulticast mode
[  263.713739][ T8117] netlink: 96 bytes leftover after parsing attributes in process `syz.1.626'.
[  263.993721][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.599112][ T8133] netlink: 1624 bytes leftover after parsing attributes in process `syz.3.632'.
[  265.469249][ T8140] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  265.775370][ T8145] loop2: detected capacity change from 0 to 1024
[  266.681801][ T8155] xt_hashlimit: max too large, truncated to 1048576
[  267.072649][ T8168] loop0: detected capacity change from 0 to 512
[  267.088851][ T8161] netlink: 'syz.3.639': attribute type 72 has an invalid length.
[  267.098564][ T8166] netlink: 1624 bytes leftover after parsing attributes in process `syz.2.641'.
[  267.287692][ T8168] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.332759][ T8168] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  267.576808][ T8182] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  268.233521][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.448650][ T8200] xt_hashlimit: max too large, truncated to 1048576
[  268.616097][ T8199] loop0: detected capacity change from 0 to 4096
[  268.650933][ T8199] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  268.967612][ T8199] ntfs3: loop0: Failed to load $Extend (-22).
[  268.986585][ T8199] ntfs3: loop0: Failed to initialize $Extend.
[  268.988797][ T8204] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.650'.
[  269.490129][ T8215] random: crng reseeded on system resumption
[  269.557274][ T8216] netlink: 68 bytes leftover after parsing attributes in process `syz.3.652'.
[  270.399106][ T8223] loop0: detected capacity change from 0 to 512
[  270.473180][ T8223] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.502250][ T8223] ext4 filesystem being mounted at /158/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  270.631060][ T8227] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  270.649641][ T8227] tipc: Resetting bearer <eth:syzkaller0>
[  270.695794][ T8226] tipc: Disabling bearer <eth:syzkaller0>
[  271.397148][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.408752][ T8231] loop1: detected capacity change from 0 to 764
[  272.079849][ T8238] netlink: 28 bytes leftover after parsing attributes in process `syz.1.660'.
[  272.730788][ T8243] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.661'.
[  273.000547][ T8250] fuse: Unknown parameter 'use00000000000000000000'
[  273.061096][ T8253] loop2: detected capacity change from 0 to 512
[  273.127858][ T8256] xt_hashlimit: max too large, truncated to 1048576
[  273.140376][ T8253] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.215452][ T8253] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  274.382934][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.553810][ T8255] loop3: detected capacity change from 0 to 40427
[  274.574344][ T8255] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  274.597124][ T8255] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  274.808368][ T8271] lo speed is unknown, defaulting to 1000
[  274.814846][ T8271] lo speed is unknown, defaulting to 1000
[  274.839795][ T8271] lo speed is unknown, defaulting to 1000
[  274.882505][ T8271] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  274.950413][ T8271] infiniband 3yz0: RDMA CMA: cma_listen_on_dev, error -98
[  275.165542][ T8271] lo speed is unknown, defaulting to 1000
[  275.173885][ T8271] lo speed is unknown, defaulting to 1000
[  275.178744][ T8255] F2FS-fs (loop3): invalid crc value
[  275.181034][ T8271] lo speed is unknown, defaulting to 1000
[  275.192048][ T8271] lo speed is unknown, defaulting to 1000
[  275.294220][ T8255] F2FS-fs (loop3): Found nat_bits in checkpoint
[  275.487680][ T8280] loop1: detected capacity change from 0 to 256
[  275.569943][ T8255] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  275.624674][ T8255] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  275.632277][ T8280] loop1: detected capacity change from 0 to 1024
[  275.650386][ T8280] EXT4-fs (loop1): unsupported inode size: 16384
[  275.656752][ T8280] EXT4-fs (loop1): blocksize: 1024
[  275.756633][   T28] audit: type=1800 audit(1755691006.177:52): pid=8255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.666" name="file1" dev="loop3" ino=10 res=0 errno=0
[  275.840139][ T8283] netlink: 68 bytes leftover after parsing attributes in process `syz.2.670'.
[  277.745218][ T8295] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.675'.
[  277.816035][ T8297] fuse: Unknown parameter 'use00000000000000000000'
[  278.400228][ T8302] netlink: 12 bytes leftover after parsing attributes in process `syz.3.672'.
[  278.586566][ T8305] loop1: detected capacity change from 0 to 512
[  278.742736][ T8305] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  278.821760][ T8305] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  279.728727][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.729577][ T8320] loop3: detected capacity change from 0 to 256
[  279.760786][ T8320] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  280.115419][ T8326] mmap: syz.3.683 (8326) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  280.167045][  T787] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  280.207071][ T5869] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  280.388041][  T787] usb 3-1: Using ep0 maxpacket: 16
[  280.401947][  T787] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  280.417087][ T5869] usb 2-1: Using ep0 maxpacket: 16
[  280.454040][ T5869] usb 2-1: unable to get BOS descriptor or descriptor too short
[  280.465954][  T787] usb 3-1: config 0 interface 0 has no altsetting 0
[  280.476870][ T5869] usb 2-1: unable to read config index 0 descriptor/start: -71
[  280.485101][ T5869] usb 2-1: can't read configurations, error -71
[  280.492586][  T787] usb 3-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  280.506520][  T787] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.518815][  T787] usb 3-1: config 0 descriptor??
[  280.933724][  T787] nzxt-smart2 0003:1E71:2009.0002: unknown main item tag 0x0
[  280.978969][  T787] nzxt-smart2 0003:1E71:2009.0002: unknown main item tag 0x0
[  281.005753][  T787] nzxt-smart2 0003:1E71:2009.0002: unknown main item tag 0x0
[  281.015850][  T787] nzxt-smart2 0003:1E71:2009.0002: unknown main item tag 0x0
[  281.035052][  T787] nzxt-smart2 0003:1E71:2009.0002: unknown main item tag 0x0
[  281.055480][  T787] nzxt-smart2 0003:1E71:2009.0002: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.2-1/input0
[  281.234035][  T787] usb 3-1: USB disconnect, device number 6
[  281.299760][ T8338] fido_id[8338]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  282.512064][ T8349] loop1: detected capacity change from 0 to 512
[  282.846080][ T8352] loop0: detected capacity change from 0 to 64
[  283.072274][ T8352] hfs: unable to locate alternate MDB
[  283.122018][ T8352] hfs: continuing without an alternate MDB
[  283.715434][ T8349] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.904647][ T8349] ext4 filesystem being mounted at /181/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  284.954056][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.080281][ T8361] loop0: detected capacity change from 0 to 256
[  285.115919][ T8361] exFAT-fs (loop0): error, invalid access to FAT (entry 0x00000005) bogus content (0x00000001)
[  285.164164][ T8363] overlayfs: failed to resolve './file1/file0': -2
[  285.166982][ T8361] exFAT-fs (loop0): failed to load upcase table
[  285.384107][ T8361] exFAT-fs (loop0): failed to recognize exfat type
[  286.949764][ T8375] netlink: 12 bytes leftover after parsing attributes in process `syz.2.697'.
[  287.167781][ T8384] loop0: detected capacity change from 0 to 512
[  287.263725][ T8384] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.021827][ T8384] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.699: bg 0: block 425: padding at end of block bitmap is not set
[  288.090063][ T8391] loop1: detected capacity change from 0 to 512
[  288.122356][ T8384] EXT4-fs (loop0): Remounting filesystem read-only
[  288.163304][ T8393] loop2: detected capacity change from 0 to 64
[  288.205902][ T8393] hfs: unable to locate alternate MDB
[  288.234678][ T8393] hfs: continuing without an alternate MDB
[  288.251110][ T5782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.271327][ T8391] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  288.294730][ T8391] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  288.897335][ T8399] netlink: 8 bytes leftover after parsing attributes in process `syz.2.702'.
[  289.509695][ T5786] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.680334][ T8404] overlayfs: failed to resolve './file1/file0': -2
[  290.565692][ T8421] netlink: 68 bytes leftover after parsing attributes in process `syz.1.708'.
[  290.885428][ T8418] 8021q: adding VLAN 0 to HW filter on device bond3
[  291.291316][ T8427] netlink: 12 bytes leftover after parsing attributes in process `syz.0.710'.
[  291.311522][ T8429] loop3: detected capacity change from 0 to 512
[  291.358348][ T8429] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  291.405171][ T8429] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  292.531503][ T5792] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.187011][    T9] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  296.037562][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  296.058129][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  296.081631][    T9] usb 2-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  296.092979][ T8466] 8021q: adding VLAN 0 to HW filter on device bond2
[  296.129191][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.176562][    T9] usb 2-1: config 0 descriptor??
[  296.323154][ T8471] loop2: detected capacity change from 0 to 512
[  296.341260][ T8471] EXT4-fs: Ignoring removed bh option
[  296.365153][ T8463] loop0: detected capacity change from 0 to 40427
[  296.376659][ T8471] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  296.413112][    T9] usb 2-1: USB disconnect, device number 7
[  296.457252][ T8463] F2FS-fs (loop0): invalid crc value
[  296.470863][ T8471] EXT4-fs (loop2): 1 truncate cleaned up
[  296.480136][ T8471] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.494782][ T8463] F2FS-fs (loop0): Found nat_bits in checkpoint
[  296.708663][ T8463] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  297.364728][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.424759][   T28] audit: type=1800 audit(1755691027.787:53): pid=8463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.719" name="bus" dev="loop0" ino=10 res=0 errno=0
[  297.495297][ T5782] syz-executor: attempt to access beyond end of device
[  297.495297][ T5782] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  297.515332][ T5782] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  297.701578][ T8491] loop2: detected capacity change from 0 to 4096
[  297.751712][ T8491] ntfs3: loop2: ino=b, Correct links count -> 1.
[  297.764749][ T8491] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  297.778518][ T8492] netlink: 68 bytes leftover after parsing attributes in process `syz.3.725'.
[  297.803683][   T28] audit: type=1800 audit(1755691028.227:54): pid=8491 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.726" name="file1" dev="loop2" ino=33 res=0 errno=0
[  298.161605][ T8494] 8021q: adding VLAN 0 to HW filter on device bond5
[  299.195055][ T8514] loop2: detected capacity change from 0 to 512
[  299.219836][ T8514] EXT4-fs: Ignoring removed bh option
[  299.238627][ T8514] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  299.294867][ T8514] EXT4-fs (loop2): 1 truncate cleaned up
[  299.320525][ T8514] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.326913][    C0] sched: RT throttling activated
[  300.366319][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.854059][ T8529] loop1: detected capacity change from 0 to 40427
[  300.913886][ T8529] F2FS-fs (loop1): LFS is not compatible with checkpoint=disable
[  301.082389][ T8533] netlink: 'syz.0.737': attribute type 4 has an invalid length.
[  301.391370][ T8538] netlink: 'syz.2.739': attribute type 10 has an invalid length.
[  301.479210][ T8538] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.518826][ T8538] bridge_slave_1: left allmulticast mode
[  301.545049][ T8538] bridge_slave_1: left promiscuous mode
[  301.560715][ T8538] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.584468][ T8538] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  301.630984][ T8539] netlink: 'syz.0.737': attribute type 4 has an invalid length.
[  301.819814][ T8539] syz.0.737 (8539) used greatest stack depth: 20072 bytes left
[  301.910420][ T8545] syzkaller0: entered promiscuous mode
[  301.915940][ T8545] syzkaller0: entered allmulticast mode
[  302.187769][ T8535] loop3: detected capacity change from 0 to 32768
[  302.992540][ T5869] IPVS: starting estimator thread 0...
[  303.167927][ T8553] IPVS: using max 34 ests per chain, 81600 per kthread
[  303.213585][ T8559] loop2: detected capacity change from 0 to 512
[  303.231257][ T8559] EXT4-fs: Ignoring removed bh option
[  303.249812][ T8559] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  303.357071][ T8559] EXT4-fs (loop2): 1 truncate cleaned up
[  303.385713][ T8559] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  303.593538][ T8565] netlink: 68 bytes leftover after parsing attributes in process `syz.1.748'.
[  303.673092][ T8568] netlink: 1688 bytes leftover after parsing attributes in process `syz.0.750'.
[  304.338945][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.533617][ T8587] syzkaller0: entered promiscuous mode
[  305.572541][ T8587] syzkaller0: entered allmulticast mode
[  307.558296][  T787] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  307.646542][  T787] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  307.799307][ T8605] netlink: 1688 bytes leftover after parsing attributes in process `syz.2.761'.
[  308.326186][ T8620] netlink: 12 bytes leftover after parsing attributes in process `syz.1.768'.
[  308.599774][ T8607] loop0: detected capacity change from 0 to 32768
[  308.684211][ T8628] overlayfs: failed to resolve './file1/file0': -2
[  308.704568][ T8607] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  308.837178][ T8618] loop2: detected capacity change from 0 to 32768
[  308.991402][ T8618] ERROR: (device loop2): duplicateIXtree: 
[  308.991402][ T8618] 
[  309.018975][ T8618] ERROR: (device loop2): remounting filesystem as read-only
[  309.023371][ T5782] ocfs2: Unmounting device (7,0) on (node local)
[  309.054185][ T8618] BUG: Bad page state in process syz.2.767  pfn:7f62d
[  309.092459][ T8618] page:ffffea0001fd8b40 refcount:0 mapcount:0 mapping:0000000000000000 index:0x33 pfn:0x7f62d
[  309.133122][ T8618] flags: 0xfff0000000800c(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[  309.135038][ T8633] ERROR: (device loop2): dtSearch: stack overrun!
[  309.135038][ T8633] 
[  309.192970][ T8633] btstack dump:
[  309.202159][ T8633] bn = 0, index = 0
[  309.214013][ T8633] bn = 2d, index = 0
[  309.226804][ T8633] bn = 0, index = 0
[  309.228972][ T8618] page_type: 0xffffffff()
[  309.245681][ T8633] bn = 2d, index = 0
[  309.255422][ T8618] raw: 00fff0000000800c ffffea0001fd8b08 ffffc9000fb6f940 0000000000000000
[  309.257112][ T8633] bn = 0, index = 0
[  309.290444][ T8618] raw: 0000000000000033 ffff888079c12c98 00000000ffffffff 0000000000000000
[  309.338229][ T8633] bn = 2d, index = 0
[  309.399826][ T8618] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  309.420547][ T8618] page_owner tracks the page as allocated
[  309.656694][ T8638] netlink: 68 bytes leftover after parsing attributes in process `syz.0.772'.
[  309.667740][ T8618] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 8618, tgid 8617 (syz.2.767), ts 309045530353, free_ts 305559212583
[  309.728657][ T8633] bn = 0, index = 0
[  309.732487][ T8633] bn = 0, index = 0
[  309.736319][ T8633] jfs_lookup: dtSearch returned -5
[  309.748295][ T8618]  post_alloc_hook+0x1cd/0x210
[  309.812126][ T8618]  get_page_from_freelist+0x195c/0x19f0
[  309.818187][ T8618]  __alloc_pages+0x1e3/0x460
[  309.823569][ T8618]  folio_alloc+0x1e/0x30
[  309.828415][ T8618]  filemap_alloc_folio+0xdf/0x470
[  309.833555][ T8618]  __filemap_get_folio+0x3ee/0xbc0
[  309.833666][ T8634] ERROR: (device loop2): dtSearch: stack overrun!
[  309.833666][ T8634] 
[  309.839785][ T8618]  pagecache_get_page+0x2a/0x250
[  309.857217][ T8618]  __get_metapage+0x2a8/0xfa0
[  309.862039][ T8618]  diNewExt+0xa81/0x3120
[  309.866396][ T8618]  diAllocAG+0xe7a/0x1de0
[  309.871803][ T8618]  diAlloc+0x1d5/0x1660
[  309.876101][ T8618]  ialloc+0x8c/0x950
[  309.890391][ T8618]  jfs_mkdir+0x191/0xa30
[  309.907084][ T8634] btstack dump:
[  309.910654][ T8634] bn = 0, index = 0
[  309.928235][ T8634] bn = 2d, index = 0
[  309.941753][ T8618]  vfs_mkdir+0x296/0x440
[  309.946177][ T8634] bn = 0, index = 0
[  309.950559][ T8618]  do_mkdirat+0x1d4/0x440
[  309.955044][ T8634] bn = 2d, index = 0
[  309.964447][ T8618]  __x64_sys_mkdirat+0x89/0xa0
[  309.969466][ T8634] bn = 0, index = 0
[  309.973378][ T8634] bn = 2d, index = 0
[  309.977513][ T8634] bn = 0, index = 0
[  309.981538][ T8634] bn = 0, index = 0
[  309.981583][ T8618] page last free stack trace:
[  309.985502][ T8634] jfs_lookup: dtSearch returned -5
[  309.996733][ T8618]  free_unref_page_prepare+0x7ce/0x8e0
[  310.003786][ T8618]  free_unref_page+0x32/0x2e0
[  310.012197][ T8618]  vfree+0x1a6/0x320
[  310.016219][ T8618]  snd_pcm_lib_free_pages+0x1e8/0x2a0
[  310.023356][ T8618]  snd_pcm_release_substream+0x2a2/0x460
[  310.034134][ T8618]  snd_pcm_oss_release+0x184/0x240
[  310.040873][ T8618]  __fput+0x234/0x970
[  310.045102][ T8618]  task_work_run+0x1ce/0x250
[  310.053365][ T8618]  exit_to_user_mode_loop+0xe6/0x110
[  310.060288][ T8618]  exit_to_user_mode_prepare+0xb1/0x140
[  310.065937][ T8618]  syscall_exit_to_user_mode+0x1a/0x50
[  310.075478][ T8618]  do_syscall_64+0x61/0xb0
[  310.082104][ T8618]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  310.102566][ T8618] Modules linked in:
[  310.106508][ T8618] CPU: 0 PID: 8618 Comm: syz.2.767 Not tainted 6.6.102-syzkaller #0
[  310.114652][ T8618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  310.124710][ T8618] Call Trace:
[  310.127987][ T8618]  <TASK>
[  310.130932][ T8618]  dump_stack_lvl+0x16c/0x230
[  310.135604][ T8618]  ? show_regs_print_info+0x20/0x20
[  310.140804][ T8618]  ? swiotlb_print_info+0x70/0x70
[  310.145817][ T8618]  ? dump_page+0xba7/0x14d0
[  310.150323][ T8618]  bad_page+0x14b/0x170
[  310.154478][ T8618]  free_unref_page_prepare+0x887/0x8e0
[  310.159954][ T8618]  free_unref_page_list+0xbe/0x860
[  310.165098][ T8618]  ? __folio_memcg+0x63/0x160
[  310.169794][ T8618]  ? folio_memcg+0x127/0x480
[  310.174416][ T8618]  release_pages+0x1fa0/0x2220
[  310.179207][ T8618]  ? lru_cache_disable+0x30/0x30
[  310.184165][ T8618]  ? mlock_drain_local+0x79/0x490
[  310.189200][ T8618]  ? mlock_drain_local+0x79/0x490
[  310.194235][ T8618]  ? mlock_drain_local+0x28d/0x490
[  310.199364][ T8618]  __folio_batch_release+0x71/0xe0
[  310.204495][ T8618]  truncate_inode_pages_range+0x358/0xf00
[  310.210248][ T8618]  ? mapping_evict_folio+0x510/0x510
[  310.215675][ T8618]  ? __static_call_return0+0x9/0x10
[  310.220894][ T8618]  ? shrink_dentry_list+0x685/0x6a0
[  310.226121][ T8618]  ? sync_filesystem+0x107/0x220
[  310.231087][ T8618]  jfs_remount+0x33b/0x5b0
[  310.235535][ T8618]  ? jfs_statfs+0x550/0x550
[  310.240067][ T8618]  reconfigure_super+0x21e/0x880
[  310.245026][ T8618]  path_mount+0xd19/0xfe0
[  310.249381][ T8618]  __se_sys_mount+0x2da/0x3c0
[  310.254077][ T8618]  ? __x64_sys_mount+0xc0/0xc0
[  310.258859][ T8618]  ? lockdep_hardirqs_on+0x98/0x150
[  310.264071][ T8618]  ? __x64_sys_mount+0x20/0xc0
[  310.268851][ T8618]  do_syscall_64+0x55/0xb0
[  310.273276][ T8618]  ? clear_bhb_loop+0x40/0x90
[  310.277964][ T8618]  ? clear_bhb_loop+0x40/0x90
[  310.282664][ T8618]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  310.288590][ T8618] RIP: 0033:0x7f1489b8ebe9
[  310.293029][ T8618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.312652][ T8618] RSP: 002b:00007f148aae6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  310.321086][ T8618] RAX: ffffffffffffffda RBX: 00007f1489db5fa0 RCX: 00007f1489b8ebe9
[  310.329070][ T8618] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[  310.337057][ T8618] RBP: 00007f1489c11e19 R08: 0000000000000000 R09: 0000000000000000
[  310.345044][ T8618] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000
[  310.353122][ T8618] R13: 00007f1489db6038 R14: 00007f1489db5fa0 R15: 00007ffc4f2d5bc8
[  310.361127][ T8618]  </TASK>
[  310.376009][ T8618] Disabling lock debugging due to kernel taint
[  310.384605][ T8618] BUG: Bad page state in process syz.2.767  pfn:7f62c
[  310.391747][ T8618] page:ffffea0001fd8b00 refcount:0 mapcount:0 mapping:0000000000000000 index:0x32 pfn:0x7f62c
[  310.402286][ T8618] flags: 0xfff0000000800c(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[  310.412084][ T8618] page_type: 0xffffffff()
[  310.416427][ T8618] raw: 00fff0000000800c ffffea0000bb94c8 ffffc9000fb6f940 0000000000000000
[  310.425347][ T8618] raw: 0000000000000032 ffff888079c12ba0 00000000ffffffff 0000000000000000
[  310.434858][ T8618] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  310.442403][ T8618] page_owner tracks the page as allocated
[  310.448348][ T8618] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 8618, tgid 8617 (syz.2.767), ts 309045478833, free_ts 305559197973
[  310.466680][ T8618]  post_alloc_hook+0x1cd/0x210
[  310.471813][ T8618]  get_page_from_freelist+0x195c/0x19f0
[  310.479350][ T8618]  __alloc_pages+0x1e3/0x460
[  310.483971][ T8618]  folio_alloc+0x1e/0x30
[  310.488987][ T8618]  filemap_alloc_folio+0xdf/0x470
[  310.494037][ T8618]  __filemap_get_folio+0x3ee/0xbc0
[  310.500117][ T8618]  pagecache_get_page+0x2a/0x250
[  310.505076][ T8618]  __get_metapage+0x2a8/0xfa0
[  310.510071][ T8618]  diNewExt+0xa81/0x3120
[  310.514327][ T8618]  diAllocAG+0xe7a/0x1de0
[  310.519001][ T8618]  diAlloc+0x1d5/0x1660
[  310.523176][ T8618]  ialloc+0x8c/0x950
[  310.527407][ T8618]  jfs_mkdir+0x191/0xa30
[  310.531680][ T8618]  vfs_mkdir+0x296/0x440
[  310.536514][ T8618]  do_mkdirat+0x1d4/0x440
[  310.541920][ T8618]  __x64_sys_mkdirat+0x89/0xa0
[  310.546709][ T8618] page last free stack trace:
[  310.551697][ T8618]  free_unref_page_prepare+0x7ce/0x8e0
[  310.561588][ T8618]  free_unref_page+0x32/0x2e0
[  310.566590][ T8618]  vfree+0x1a6/0x320
[  310.570813][ T8618]  snd_pcm_lib_free_pages+0x1e8/0x2a0
[  310.576198][ T8618]  snd_pcm_release_substream+0x2a2/0x460
[  310.582444][ T8618]  snd_pcm_oss_release+0x184/0x240
[  310.588894][ T8618]  __fput+0x234/0x970
[  310.592990][ T8618]  task_work_run+0x1ce/0x250
[  310.598584][ T8618]  exit_to_user_mode_loop+0xe6/0x110
[  310.603891][ T8618]  exit_to_user_mode_prepare+0xb1/0x140
[  310.609608][ T8618]  syscall_exit_to_user_mode+0x1a/0x50
[  310.615159][ T8618]  do_syscall_64+0x61/0xb0
[  310.619643][ T8618]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  310.625646][ T8618] Modules linked in:
[  310.629599][ T8618] CPU: 0 PID: 8618 Comm: syz.2.767 Tainted: G    B              6.6.102-syzkaller #0
[  310.639050][ T8618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  310.649112][ T8618] Call Trace:
[  310.652387][ T8618]  <TASK>
[  310.655330][ T8618]  dump_stack_lvl+0x16c/0x230
[  310.659995][ T8618]  ? show_regs_print_info+0x20/0x20
[  310.665264][ T8618]  ? swiotlb_print_info+0x70/0x70
[  310.670270][ T8618]  ? dump_page+0xba7/0x14d0
[  310.674753][ T8618]  bad_page+0x14b/0x170
[  310.678891][ T8618]  free_unref_page_prepare+0x887/0x8e0
[  310.684339][ T8618]  free_unref_page_list+0xbe/0x860
[  310.689436][ T8618]  ? __folio_memcg+0x63/0x160
[  310.694099][ T8618]  ? folio_memcg+0x127/0x480
[  310.698668][ T8618]  release_pages+0x1fa0/0x2220
[  310.703426][ T8618]  ? lru_cache_disable+0x30/0x30
[  310.708349][ T8618]  ? mlock_drain_local+0x79/0x490
[  310.713352][ T8618]  ? mlock_drain_local+0x79/0x490
[  310.718355][ T8618]  ? mlock_drain_local+0x28d/0x490
[  310.723443][ T8618]  __folio_batch_release+0x71/0xe0
[  310.728565][ T8618]  truncate_inode_pages_range+0x358/0xf00
[  310.734265][ T8618]  ? mapping_evict_folio+0x510/0x510
[  310.739545][ T8618]  ? __static_call_return0+0x9/0x10
[  310.744786][ T8618]  ? shrink_dentry_list+0x685/0x6a0
[  310.749975][ T8618]  ? sync_filesystem+0x107/0x220
[  310.754903][ T8618]  jfs_remount+0x33b/0x5b0
[  310.759307][ T8618]  ? jfs_statfs+0x550/0x550
[  310.763797][ T8618]  reconfigure_super+0x21e/0x880
[  310.768719][ T8618]  path_mount+0xd19/0xfe0
[  310.773033][ T8618]  __se_sys_mount+0x2da/0x3c0
[  310.777694][ T8618]  ? __x64_sys_mount+0xc0/0xc0
[  310.782439][ T8618]  ? lockdep_hardirqs_on+0x98/0x150
[  310.787623][ T8618]  ? __x64_sys_mount+0x20/0xc0
[  310.792381][ T8618]  do_syscall_64+0x55/0xb0
[  310.796868][ T8618]  ? clear_bhb_loop+0x40/0x90
[  310.801529][ T8618]  ? clear_bhb_loop+0x40/0x90
[  310.806195][ T8618]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  310.812082][ T8618] RIP: 0033:0x7f1489b8ebe9
[  310.816479][ T8618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.836064][ T8618] RSP: 002b:00007f148aae6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  310.844461][ T8618] RAX: ffffffffffffffda RBX: 00007f1489db5fa0 RCX: 00007f1489b8ebe9
[  310.852418][ T8618] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[  310.860475][ T8618] RBP: 00007f1489c11e19 R08: 0000000000000000 R09: 0000000000000000
[  310.868447][ T8618] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000
[  310.876419][ T8618] R13: 00007f1489db6038 R14: 00007f1489db5fa0 R15: 00007ffc4f2d5bc8
[  310.884384][ T8618]  </TASK>
[  310.891274][ T8618] BUG: Bad page state in process syz.2.767  pfn:2ee53
[  310.898900][ T8618] page:ffffea0000bb94c0 refcount:0 mapcount:0 mapping:0000000000000000 index:0x31 pfn:0x2ee53
[  310.909302][ T8618] flags: 0xfff0000000800c(referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[  310.918929][ T8618] page_type: 0xffffffff()
[  310.923282][ T8618] raw: 00fff0000000800c ffffea000096b588 ffffc9000fb6f940 0000000000000000
[  310.932249][ T8618] raw: 0000000000000031 ffff888079c12aa8 00000000ffffffff 0000000000000000
[  310.940912][ T8618] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  310.948652][ T8618] page_owner tracks the page as allocated
[  310.954382][ T8618] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 8618, tgid 8617 (syz.2.767), ts 309045425087, free_ts 309042094500
[  310.972775][ T8618]  post_alloc_hook+0x1cd/0x210
[  310.977607][ T8618]  get_page_from_freelist+0x195c/0x19f0
[  310.983162][ T8618]  __alloc_pages+0x1e3/0x460
[  310.987825][ T8618]  folio_alloc+0x1e/0x30
[  310.992084][ T8618]  filemap_alloc_folio+0xdf/0x470
[  310.998773][ T8618]  __filemap_get_folio+0x3ee/0xbc0
[  311.003897][ T8618]  pagecache_get_page+0x2a/0x250
[  311.008905][ T8618]  __get_metapage+0x2a8/0xfa0
[  311.013591][ T8618]  diNewExt+0xa81/0x3120
[  311.017885][ T8618]  diAllocAG+0xe7a/0x1de0
[  311.022220][ T8618]  diAlloc+0x1d5/0x1660
[  311.026365][ T8618]  ialloc+0x8c/0x950
[  311.030307][ T8618]  jfs_mkdir+0x191/0xa30
[  311.034552][ T8618]  vfs_mkdir+0x296/0x440
[  311.038867][ T8618]  do_mkdirat+0x1d4/0x440
[  311.043195][ T8618]  __x64_sys_mkdirat+0x89/0xa0
[  311.048532][ T8618] page last free stack trace:
[  311.053210][ T8618]  free_unref_page_prepare+0x7ce/0x8e0
[  311.058899][ T8618]  free_unref_page_list+0xbe/0x860
[  311.064016][ T8618]  release_pages+0x1fa0/0x2220
[  311.068830][ T8618]  tlb_flush_mmu+0x368/0x4f0
[  311.073429][ T8618]  tlb_finish_mmu+0xc3/0x1d0
[  311.078098][ T8618]  unmap_region+0x2ed/0x340
[  311.082607][ T8618]  do_vmi_align_munmap+0xffe/0x1660
[  311.087849][ T8618]  do_vmi_munmap+0x252/0x2d0
[  311.092448][ T8618]  __vm_munmap+0x193/0x3c0
[  311.096852][ T8618]  __x64_sys_munmap+0x60/0x70
[  311.101587][ T8618]  do_syscall_64+0x55/0xb0
[  311.106014][ T8618]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  311.112369][ T8618] Modules linked in:
[  311.116282][ T8618] CPU: 0 PID: 8618 Comm: syz.2.767 Tainted: G    B              6.6.102-syzkaller #0
[  311.125762][ T8618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  311.135812][ T8618] Call Trace:
[  311.139086][ T8618]  <TASK>
[  311.142020][ T8618]  dump_stack_lvl+0x16c/0x230
[  311.146704][ T8618]  ? show_regs_print_info+0x20/0x20
[  311.151893][ T8618]  ? swiotlb_print_info+0x70/0x70
[  311.157178][ T8618]  ? dump_page+0xba7/0x14d0
[  311.161679][ T8618]  bad_page+0x14b/0x170
[  311.165820][ T8618]  free_unref_page_prepare+0x887/0x8e0
[  311.171286][ T8618]  free_unref_page_list+0xbe/0x860
[  311.176404][ T8618]  ? __folio_memcg+0x63/0x160
[  311.181088][ T8618]  ? folio_memcg+0x127/0x480
[  311.185672][ T8618]  release_pages+0x1fa0/0x2220
[  311.190426][ T8618]  ? lru_cache_disable+0x30/0x30
[  311.195348][ T8618]  ? mlock_drain_local+0x79/0x490
[  311.200354][ T8618]  ? mlock_drain_local+0x79/0x490
[  311.205366][ T8618]  ? mlock_drain_local+0x28d/0x490
[  311.210459][ T8618]  __folio_batch_release+0x71/0xe0
[  311.215568][ T8618]  truncate_inode_pages_range+0x358/0xf00
[  311.221276][ T8618]  ? mapping_evict_folio+0x510/0x510
[  311.226554][ T8618]  ? __static_call_return0+0x9/0x10
[  311.231764][ T8618]  ? shrink_dentry_list+0x685/0x6a0
[  311.236956][ T8618]  ? sync_filesystem+0x107/0x220
[  311.241887][ T8618]  jfs_remount+0x33b/0x5b0
[  311.246290][ T8618]  ? jfs_statfs+0x550/0x550
[  311.250776][ T8618]  reconfigure_super+0x21e/0x880
[  311.255701][ T8618]  path_mount+0xd19/0xfe0
[  311.260016][ T8618]  __se_sys_mount+0x2da/0x3c0
[  311.264713][ T8618]  ? __x64_sys_mount+0xc0/0xc0
[  311.269461][ T8618]  ? lockdep_hardirqs_on+0x98/0x150
[  311.274647][ T8618]  ? __x64_sys_mount+0x20/0xc0
[  311.279399][ T8618]  do_syscall_64+0x55/0xb0
[  311.283801][ T8618]  ? clear_bhb_loop+0x40/0x90
[  311.288460][ T8618]  ? clear_bhb_loop+0x40/0x90
[  311.293118][ T8618]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  311.299000][ T8618] RIP: 0033:0x7f1489b8ebe9
[  311.303398][ T8618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.323074][ T8618] RSP: 002b:00007f148aae6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  311.331475][ T8618] RAX: ffffffffffffffda RBX: 00007f1489db5fa0 RCX: 00007f1489b8ebe9
[  311.339431][ T8618] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[  311.347389][ T8618] RBP: 00007f1489c11e19 R08: 0000000000000000 R09: 0000000000000000
[  311.355343][ T8618] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000
[  311.363386][ T8618] R13: 00007f1489db6038 R14: 00007f1489db5fa0 R15: 00007ffc4f2d5bc8
[  311.371351][ T8618]  </TASK>
[  311.377875][ T8618] BUG: Bad page state in process syz.2.767  pfn:25e45
[  311.384664][ T8618] page:ffffea0000979140 refcount:0 mapcount:0 mapping:0000000000000000 index:0xd pfn:0x25e45
[  311.394862][ T8618] flags: 0xfff0800000820c(referenced|uptodate|workingset|private|node=0|zone=1|lastcpupid=0x7ff)
[  311.406057][ T8618] page_type: 0xffffffff()
[  311.410773][ T8618] raw: 00fff0800000820c ffffea0000b03ec8 ffffea000077cc88 0000000000000000
[  311.420041][ T8618] raw: 000000000000000d ffff888079c126c8 00000000ffffffff 0000000000000000
[  311.428994][ T8618] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  311.436266][ T8618] page_owner tracks the page as allocated
[  311.442637][ T8618] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 8618, tgid 8617 (syz.2.767), ts 308909040903, free_ts 305561651970
[  311.462231][ T8618]  post_alloc_hook+0x1cd/0x210
[  311.467277][ T8618]  get_page_from_freelist+0x195c/0x19f0
[  311.472950][ T8618]  __alloc_pages+0x1e3/0x460
[  311.478934][ T8618]  folio_alloc+0x1e/0x30
[  311.483190][ T8618]  filemap_alloc_folio+0xdf/0x470
[  311.488479][ T8618]  do_read_cache_folio+0x36c/0x7e0
[  311.493600][ T8618]  do_read_cache_page+0x32/0x250
[  311.498812][ T8618]  __get_metapage+0x31a/0xfa0
[  311.503501][ T8618]  diReadSpecial+0x25b/0x710
[  311.508128][ T8618]  jfs_mount+0x3d1/0x860
[  311.512384][ T8618]  jfs_fill_super+0x4e2/0xac0
[  311.517130][ T8618]  mount_bdev+0x22b/0x2d0
[  311.521463][ T8618]  legacy_get_tree+0xea/0x180
[  311.526125][ T8618]  vfs_get_tree+0x8c/0x280
[  311.530590][ T8618]  do_new_mount+0x24b/0xa40
[  311.535093][ T8618]  __se_sys_mount+0x2da/0x3c0
[  311.539803][ T8618] page last free stack trace:
[  311.544468][ T8618]  free_unref_page_prepare+0x7ce/0x8e0
[  311.549979][ T8618]  free_unref_page+0x32/0x2e0
[  311.554673][ T8618]  vfree+0x1a6/0x320
[  311.558633][ T8618]  snd_pcm_lib_free_pages+0x1e8/0x2a0
[  311.564295][ T8618]  snd_pcm_release_substream+0x2a2/0x460
[  311.569986][ T8618]  snd_pcm_oss_release+0x184/0x240
[  311.575102][ T8618]  __fput+0x234/0x970
[  311.579141][ T8618]  task_work_run+0x1ce/0x250
[  311.583730][ T8618]  exit_to_user_mode_loop+0xe6/0x110
[  311.589153][ T8618]  exit_to_user_mode_prepare+0xb1/0x140
[  311.594720][ T8618]  syscall_exit_to_user_mode+0x1a/0x50
[  311.600365][ T8618]  do_syscall_64+0x61/0xb0
[  311.604798][ T8618]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  311.610758][ T8618] Modules linked in:
[  311.614651][ T8618] CPU: 0 PID: 8618 Comm: syz.2.767 Tainted: G    B              6.6.102-syzkaller #0
[  311.624092][ T8618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  311.634136][ T8618] Call Trace:
[  311.637406][ T8618]  <TASK>
[  311.640325][ T8618]  dump_stack_lvl+0x16c/0x230
[  311.645006][ T8618]  ? show_regs_print_info+0x20/0x20
[  311.650189][ T8618]  ? swiotlb_print_info+0x70/0x70
[  311.655298][ T8618]  ? dump_page+0xba7/0x14d0
[  311.659791][ T8618]  bad_page+0x14b/0x170
[  311.663932][ T8618]  free_unref_page_prepare+0x887/0x8e0
[  311.669391][ T8618]  free_unref_page_list+0xbe/0x860
[  311.674496][ T8618]  ? __folio_memcg+0x63/0x160
[  311.679157][ T8618]  ? folio_memcg+0x127/0x480
[  311.683734][ T8618]  release_pages+0x1fa0/0x2220
[  311.688497][ T8618]  ? lru_cache_disable+0x30/0x30
[  311.693418][ T8618]  ? mlock_drain_local+0x79/0x490
[  311.698423][ T8618]  ? mlock_drain_local+0x79/0x490
[  311.703431][ T8618]  ? mlock_drain_local+0x28d/0x490
[  311.708526][ T8618]  __folio_batch_release+0x71/0xe0
[  311.713619][ T8618]  truncate_inode_pages_range+0x358/0xf00
[  311.719324][ T8618]  ? mapping_evict_folio+0x510/0x510
[  311.724603][ T8618]  ? __static_call_return0+0x9/0x10
[  311.729798][ T8618]  ? shrink_dentry_list+0x685/0x6a0
[  311.734989][ T8618]  ? sync_filesystem+0x107/0x220
[  311.739917][ T8618]  jfs_remount+0x33b/0x5b0
[  311.744328][ T8618]  ? jfs_statfs+0x550/0x550
[  311.748820][ T8618]  reconfigure_super+0x21e/0x880
[  311.753743][ T8618]  path_mount+0xd19/0xfe0
[  311.758063][ T8618]  __se_sys_mount+0x2da/0x3c0
[  311.762734][ T8618]  ? __x64_sys_mount+0xc0/0xc0
[  311.767486][ T8618]  ? lockdep_hardirqs_on+0x98/0x150
[  311.772676][ T8618]  ? __x64_sys_mount+0x20/0xc0
[  311.777426][ T8618]  do_syscall_64+0x55/0xb0
[  311.781826][ T8618]  ? clear_bhb_loop+0x40/0x90
[  311.786486][ T8618]  ? clear_bhb_loop+0x40/0x90
[  311.791150][ T8618]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  311.797035][ T8618] RIP: 0033:0x7f1489b8ebe9
[  311.801433][ T8618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.821028][ T8618] RSP: 002b:00007f148aae6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  311.829436][ T8618] RAX: ffffffffffffffda RBX: 00007f1489db5fa0 RCX: 00007f1489b8ebe9
[  311.837391][ T8618] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[  311.845343][ T8618] RBP: 00007f1489c11e19 R08: 0000000000000000 R09: 0000000000000000
[  311.853298][ T8618] R10: 0000000002236824 R11: 0000000000000246 R12: 0000000000000000
[  311.861264][ T8618] R13: 00007f1489db6038 R14: 00007f1489db5fa0 R15: 00007ffc4f2d5bc8
[  311.869337][ T8618]  </TASK>
[  311.885190][  T112] BUG: Bad page state in process jfsCommit  pfn:25e96
[  311.892123][  T112] page:ffffea000097a580 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2d pfn:0x25e96
[  311.902434][  T112] flags: 0xfff0000000800d(locked|referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[  311.912695][  T112] page_type: 0xffffffff()
[  311.917045][  T112] raw: 00fff0000000800d dead000000000100 dead000000000122 0000000000000000
[  311.925637][  T112] raw: 000000000000002d ffff888079c12d90 00000000ffffffff 0000000000000000
[  311.934366][  T112] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set
[  311.941660][  T112] page_owner tracks the page as allocated
[  311.947399][  T112] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 8618, tgid 8617 (syz.2.767), ts 309046774631, free_ts 305559169161
[  311.965938][  T112]  post_alloc_hook+0x1cd/0x210
[  311.971105][  T112]  get_page_from_freelist+0x195c/0x19f0
[  311.976673][  T112]  __alloc_pages+0x1e3/0x460
[  311.982441][  T112]  folio_alloc+0x1e/0x30
[  311.986701][  T112]  filemap_alloc_folio+0xdf/0x470
[  311.991745][  T112]  __filemap_get_folio+0x3ee/0xbc0
[  311.996858][  T112]  pagecache_get_page+0x2a/0x250
[  312.001848][  T112]  __get_metapage+0x2a8/0xfa0
[  312.006528][  T112]  dtSplitRoot+0x203/0x16b0
[  312.011126][  T112]  dtInsert+0xeec/0x5f40
[  312.015387][  T112]  jfs_mkdir+0x6c6/0xa30
[  312.019707][  T112]  vfs_mkdir+0x296/0x440
[  312.023995][  T112]  do_mkdirat+0x1d4/0x440
[  312.028377][  T112]  __x64_sys_mkdirat+0x89/0xa0
[  312.033169][  T112]  do_syscall_64+0x55/0xb0
[  312.037619][  T112]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  312.043542][  T112] page last free stack trace:
[  312.048237][  T112]  free_unref_page_prepare+0x7ce/0x8e0
[  312.053705][  T112]  free_unref_page+0x32/0x2e0
[  312.058398][  T112]  vfree+0x1a6/0x320
[  312.062289][  T112]  snd_pcm_lib_free_pages+0x1e8/0x2a0
[  312.067693][  T112]  snd_pcm_release_substream+0x2a2/0x460
[  312.073579][  T112]  snd_pcm_oss_release+0x184/0x240
[  312.078742][  T112]  __fput+0x234/0x970
[  312.082730][  T112]  task_work_run+0x1ce/0x250
[  312.087820][  T112]  exit_to_user_mode_loop+0xe6/0x110
[  312.093123][  T112]  exit_to_user_mode_prepare+0xb1/0x140
[  312.099698][  T112]  syscall_exit_to_user_mode+0x1a/0x50
[  312.105182][  T112]  do_syscall_64+0x61/0xb0
[  312.109751][  T112]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  312.115752][  T112] Modules linked in:
[  312.119691][  T112] CPU: 1 PID: 112 Comm: jfsCommit Tainted: G    B              6.6.102-syzkaller #0
[  312.129057][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  312.139110][  T112] Call Trace:
[  312.142374][  T112]  <TASK>
[  312.145288][  T112]  dump_stack_lvl+0x16c/0x230
[  312.149977][  T112]  ? show_regs_print_info+0x20/0x20
[  312.155160][  T112]  ? swiotlb_print_info+0x70/0x70
[  312.160173][  T112]  ? dump_page+0xba7/0x14d0
[  312.164667][  T112]  bad_page+0x14b/0x170
[  312.168809][  T112]  free_unref_page_prepare+0x887/0x8e0
[  312.174265][  T112]  free_unref_page+0x32/0x2e0
[  312.178944][  T112]  ? __folio_put+0xef/0x210
[  312.183434][  T112]  txUnlock+0x27e/0xcb0
[  312.187601][  T112]  jfs_lazycommit+0x570/0xa60
[  312.192277][  T112]  ? txFreelock+0x5a0/0x5a0
[  312.196791][  T112]  ? do_task_dead+0xd0/0xd0
[  312.201315][  T112]  ? __kthread_parkme+0x7a/0x1c0
[  312.206277][  T112]  kthread+0x2fa/0x390
[  312.210336][  T112]  ? txFreelock+0x5a0/0x5a0
[  312.214824][  T112]  ? kthread_blkcg+0xd0/0xd0
[  312.219399][  T112]  ret_from_fork+0x48/0x80
[  312.223802][  T112]  ? kthread_blkcg+0xd0/0xd0
[  312.228385][  T112]  ret_from_fork_asm+0x11/0x20
[  312.233136][  T112]  </TASK>
[  312.237385][  T112] page:ffffea000097a580 refcount:0 mapcount:0 mapping:0000000000000000 index:0x2d pfn:0x25e96
[  312.249023][  T112] flags: 0xfff0000000800d(locked|referenced|uptodate|private|node=0|zone=1|lastcpupid=0x7ff)
[  312.259543][  T112] page_type: 0xffffffff()
[  312.263932][  T112] raw: 00fff0000000800d dead000000000100 dead000000000122 0000000000000000
[  312.272544][  T112] raw: 000000000000002d ffff888079c12d90 00000000ffffffff 0000000000000000
[  312.281426][  T112] page dumped because: VM_BUG_ON_FOLIO(((unsigned int) folio_ref_count(folio) + 127u <= 127u))
[  312.291791][  T112] page_owner tracks the page as allocated
[  312.297774][  T112] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x140c40(GFP_NOFS|__GFP_COMP|__GFP_HARDWALL), pid 8618, tgid 8617 (syz.2.767), ts 309046774631, free_ts 305559169161
[  312.315968][  T112]  post_alloc_hook+0x1cd/0x210
[  312.320771][  T112]  get_page_from_freelist+0x195c/0x19f0
[  312.326308][  T112]  __alloc_pages+0x1e3/0x460
[  312.330927][  T112]  folio_alloc+0x1e/0x30
[  312.335171][  T112]  filemap_alloc_folio+0xdf/0x470
[  312.340224][  T112]  __filemap_get_folio+0x3ee/0xbc0
[  312.345340][  T112]  pagecache_get_page+0x2a/0x250
[  312.350497][  T112]  __get_metapage+0x2a8/0xfa0
[  312.355173][  T112]  dtSplitRoot+0x203/0x16b0
[  312.359699][  T112]  dtInsert+0xeec/0x5f40
[  312.363946][  T112]  jfs_mkdir+0x6c6/0xa30
[  312.368209][  T112]  vfs_mkdir+0x296/0x440
[  312.372457][  T112]  do_mkdirat+0x1d4/0x440
[  312.376786][  T112]  __x64_sys_mkdirat+0x89/0xa0
[  312.381942][  T112]  do_syscall_64+0x55/0xb0
[  312.386361][  T112]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  312.392268][  T112] page last free stack trace:
[  312.396960][  T112]  free_unref_page_prepare+0x7ce/0x8e0
[  312.402428][  T112]  free_unref_page+0x32/0x2e0
[  312.407235][  T112]  vfree+0x1a6/0x320
[  312.411130][  T112]  snd_pcm_lib_free_pages+0x1e8/0x2a0
[  312.416483][  T112]  snd_pcm_release_substream+0x2a2/0x460
[  312.422141][  T112]  snd_pcm_oss_release+0x184/0x240
[  312.427295][  T112]  __fput+0x234/0x970
[  312.431306][  T112]  task_work_run+0x1ce/0x250
[  312.435882][  T112]  exit_to_user_mode_loop+0xe6/0x110
[  312.441212][  T112]  exit_to_user_mode_prepare+0xb1/0x140
[  312.446759][  T112]  syscall_exit_to_user_mode+0x1a/0x50
[  312.452256][  T112]  do_syscall_64+0x61/0xb0
[  312.456673][  T112]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  312.462844][  T112] ------------[ cut here ]------------
[  312.468309][  T112] kernel BUG at include/linux/mm.h:1447!
[  312.473945][  T112] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  312.480010][  T112] CPU: 1 PID: 112 Comm: jfsCommit Tainted: G    B              6.6.102-syzkaller #0
[  312.489371][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  312.499501][  T112] RIP: 0010:put_metapage+0x253/0x340
[  312.504781][  T112] Code: 38 c1 0f 8c 32 ff ff ff 4c 89 ef e8 57 98 dd fe e9 25 ff ff ff e8 3d 51 86 fe 48 8b 3c 24 48 c7 c6 00 f4 e3 8a e8 7d 13 c6 fe <0f> 0b f3 0f 1e fa 4c 8b 2c 24 4c 89 ee 48 81 e6 ff 0f 00 00 31 ff
[  312.524376][  T112] RSP: 0018:ffffc90002cd7cc0 EFLAGS: 00010246
[  312.530425][  T112] RAX: d7671a7d25f29800 RBX: ffff888079c12d90 RCX: d7671a7d25f29800
[  312.538385][  T112] RDX: 0000000000000000 RSI: ffffffff8afc66a0 RDI: ffffffff8afc6660
[  312.546339][  T112] RBP: 000000000000007f R08: ffffffff8e4a882f R09: 1ffffffff1c95105
[  312.554294][  T112] R10: dffffc0000000000 R11: fffffbfff1c95106 R12: ffff888079c12db8
[  312.562256][  T112] R13: ffffea000097a5b4 R14: 1ffff1100f3825b7 R15: 1ffff1100f3825c4
[  312.570214][  T112] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  312.579128][  T112] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  312.585696][  T112] CR2: 00007ffc4f2d4e6c CR3: 000000002eb10000 CR4: 00000000003506e0
[  312.593677][  T112] Call Trace:
[  312.596965][  T112]  <TASK>
[  312.599903][  T112]  txUnlock+0x427/0xcb0
[  312.604079][  T112]  jfs_lazycommit+0x570/0xa60
[  312.608747][  T112]  ? txFreelock+0x5a0/0x5a0
[  312.613334][  T112]  ? do_task_dead+0xd0/0xd0
[  312.617835][  T112]  ? __kthread_parkme+0x7a/0x1c0
[  312.622775][  T112]  kthread+0x2fa/0x390
[  312.626836][  T112]  ? txFreelock+0x5a0/0x5a0
[  312.631323][  T112]  ? kthread_blkcg+0xd0/0xd0
[  312.635897][  T112]  ret_from_fork+0x48/0x80
[  312.640302][  T112]  ? kthread_blkcg+0xd0/0xd0
[  312.644876][  T112]  ret_from_fork_asm+0x11/0x20
[  312.649639][  T112]  </TASK>
[  312.652644][  T112] Modules linked in:
[  312.663966][  T112] ---[ end trace 0000000000000000 ]---
[  312.669470][  T112] RIP: 0010:put_metapage+0x253/0x340
[  312.674763][  T112] Code: 38 c1 0f 8c 32 ff ff ff 4c 89 ef e8 57 98 dd fe e9 25 ff ff ff e8 3d 51 86 fe 48 8b 3c 24 48 c7 c6 00 f4 e3 8a e8 7d 13 c6 fe <0f> 0b f3 0f 1e fa 4c 8b 2c 24 4c 89 ee 48 81 e6 ff 0f 00 00 31 ff
[  312.695314][  T112] RSP: 0018:ffffc90002cd7cc0 EFLAGS: 00010246
[  312.701460][  T112] RAX: d7671a7d25f29800 RBX: ffff888079c12d90 RCX: d7671a7d25f29800
[  312.709472][  T112] RDX: 0000000000000000 RSI: ffffffff8afc66a0 RDI: ffffffff8afc6660
[  312.717479][  T112] RBP: 000000000000007f R08: ffffffff8e4a882f R09: 1ffffffff1c95105
[  312.725453][  T112] R10: dffffc0000000000 R11: fffffbfff1c95106 R12: ffff888079c12db8
[  312.733458][  T112] R13: ffffea000097a5b4 R14: 1ffff1100f3825b7 R15: 1ffff1100f3825c4
[  312.741468][  T112] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  312.750422][  T112] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  312.757075][  T112] CR2: 00007ffc4f2d4e6c CR3: 000000000cb30000 CR4: 00000000003506e0
[  312.765051][  T112] Kernel panic - not syncing: Fatal exception
[  312.771339][  T112] Kernel Offset: disabled
[  312.775653][  T112] Rebooting in 86400 seconds..