last executing test programs:

19.327146686s ago: executing program 1 (id=3576):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x1c6, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv6={0x86dd, @dccp_packet={0x0, 0x6, "922ff5", 0x190, 0x21, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, @local, {[@fragment={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64}, @hopopts={0x11, 0x23, '\x00', [@calipso={0x7, 0x18, {0x0, 0x4, 0x0, 0x0, [0x0, 0x0]}}, @calipso={0x7, 0x18, {0x0, 0x4, 0x0, 0x0, [0x0, 0x0]}}, @generic={0x0, 0xe3, "9a406896431cf8cebb1379b1cfca3ce3334fb0cd81c12766ff8351be2d961c40ce922dd8423e2de93ba96a5c90f772216e5e60c7d2a67cbcbc1d3b195d538eb920fc058775cc06baf8a87b4736fa0cf5161d47d4416aa6a1099c3aa4a927c4d93bcf1f4a781cbde0ee829f1276818415e192376437a6d4854c3c3ad346c7df7dfea9cd0463aa441a1b9cd514fedb8172d54cbf1353cf5f63fe58465c2d0e165df05ada44174919aaffc29df43606f9d49bcc571525c7aecc77ad523da96156400a63d03f15e4254c95ecb66cda9310041006d9d10e6b8a38bbdcac75348fe624c73bd8"}]}, @hopopts={0x0, 0x0, '\x00', [@enc_lim]}], {{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "114f84", 0x0, "8e269c"}, "c52104e4fbd8be11e86055d5cec119bfa161827fb675e43744d104b96e26ecb84a318c4c1d7b4f70305e74abd64694eddc8e552b811b2a1c63e32b811f4e8296"}}}}}}, 0x0)

18.52273073s ago: executing program 1 (id=3584):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000340)='./file0\x00', 0xc000, &(0x7f0000000380), 0x2, 0x24d, &(0x7f0000000440)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==")
r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000100)='.pending_reads\x00', 0x149240, 0x0)
pread64(r0, &(0x7f000001a240)=""/102400, 0x19000, 0x80000000000000)

17.81168548s ago: executing program 1 (id=3591):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
syz_clone(0x20003000, 0x0, 0x0, 0x0, 0x0, 0x0)

17.274834011s ago: executing program 1 (id=3597):
io_setup(0x4, &(0x7f0000000000)=<r0=>0x0)
r1 = openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
io_submit(r0, 0x1, &(0x7f0000000380)=[&(0x7f0000000480)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

16.695419539s ago: executing program 1 (id=3601):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_ipv6_tunnel_SIOCCHG6RD(r1, 0x89fb, &(0x7f0000001240)={'sit0\x00', &(0x7f0000001200)={@empty, @empty, 0x0, 0x1}})

16.159198708s ago: executing program 1 (id=3605):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x21081e, &(0x7f0000000200), 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
flock(0xffffffffffffffff, 0x0)
quotactl$Q_SYNC(0xffffffff80000101, 0x0, 0x0, 0x0)

11.849690374s ago: executing program 0 (id=3625):
timer_create(0x2, 0x0, &(0x7f0000000880)=<r0=>0x0)
timer_settime(r0, 0x1, &(0x7f00000008c0)={{}, {0x0, 0x989680}}, 0x0)
timer_settime(r0, 0x1, &(0x7f0000000000)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f0000000040))

10.276032122s ago: executing program 0 (id=3639):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x300000a, &(0x7f0000000240)={[{@nodatacow}, {@thread_pool={'thread_pool', 0x3d, 0x3}}, {@nodiscard}, {@thread_pool={'thread_pool', 0x3d, 0x4}}, {@max_inline={'max_inline', 0x3d, [0x78, 0x33, 0x39, 0x65, 0x34, 0x2d, 0x38]}}, {@acl}, {@nobarrier}, {@thread_pool={'thread_pool', 0x3d, 0x8}}, {@nodiscard}, {@enospc_debug}, {@ssd_spread}, {@nossd}]}, 0x3, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0xfffffffffffffffe, 0x29)

7.787623133s ago: executing program 4 (id=3664):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc0585609, &(0x7f00000002c0)=@multiplanar_mmap={0x4000000, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "fafc00"}, 0x0, 0x1, {0x0}})

7.3750519s ago: executing program 4 (id=3669):
r0 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000002}, 0xc)
getsockname(r0, 0x0, &(0x7f0000000000))

7.058607571s ago: executing program 4 (id=3672):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port1\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})

6.957134017s ago: executing program 0 (id=3674):
syz_mount_image$udf(&(0x7f0000000640), &(0x7f0000000680)='./file1\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="007b59564476625696f49730c45f334737ea148afe6240b55a96f20e787050ed1ce9d2c7b73ea3a3d6c8446ac247d5f432ba9f5c09feebecdeae8c1647e3c9d70d343cef5e3f6839dc77a9142ae6b552d00b67790bd5f0a614628d0a9894007f2d226eee1ac7178ebbdc0fa3a919edfc900205000000f7cb2b848e81dce2f5bf161fccd4317ddf07d8d69034633aee348f677a90e977068ac167640a07cd4a199b84744cffbf88a1496c2c5316e8045671cb1521581cf19170b1b473bd9c539156a9eaad54c3a95d12d89fcd89973a132891c9b40e51181a2992f3dfe84c6a692e6722a081024ec53b95fdece05e6128466dfa81cf753a9ca2ab6d0081faaf75d1dd9f6c73a0cfa931cd1fb25b56f61f36d53a1da58102c1cf5332c38974afa8bc30800dd98c8f180b4c770d0c693207f02f6f3ccd77b8"], 0x1, 0x61c, &(0x7f0000000700)="$eJzs3UtsXFcZAOD/+HrssZvHJG3TgII0EqqIAo1iJylJ0wqFGIuKiEhN3A1IkMaTYOpHGiclDgh1icQOsaA7JBqpAoHECgESAiGxQ6CIBTskFll14bLhsQB0r+887Dh4gh9TO98XJefMuf/MnHsXkf7zmgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIj79mbPHRlKvewEAAABsps9ffOXYcfk/AAAA7GiXzP8DAAAAAAAAwHaXIouZSPH0q4tpV/F6SfX81Oyt2xNj46u/bShFir7Iivj8b3Vk9PiJk89/8lSz/N/v32gfigsXL52tn5ubuX6jMT/fmKxPzE5dmZtsdP0J633/SkeKB1Cfef3W5NWr8/XRo8eXXb5duz/4xIHamVMX0rPN2Imx8fGLHTH9lf/72x9ghQcAAMDjbSCyeC5SfO8PP0m7I6Iv1p8LrzF2sNmGopbn38VNTIyNFzcyPXV59mZ+MfWVUbXlOfFAM0feglx8Xb4fsT/v64CMHgAAgO5VIotfR4p79xfTnojImnnwx4uDAdf+gNoWdHIVeT8PRUQ9tkHODgAAAD02GFn8KVK8//Na7M1z5mb+fyzixV53DgAAANgQ/ZHFQqSYS4upVqwHiIgjE2Pj9fOv1l+evTrXEZv6yhn17b4/YCtZmwAAAMAHQDWy2FPM+C+mfb3uDAAAALAphiKLX0SK0++9WZwrF8W59HvPnB4YPdx5wtwza3xOHns0othD0M2e/Ep51mDqy/9s/H0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADweKmmLL4UKd7+abV4XY+I/qL27//0uGsAAADARklZvB0pRt5YTCkibtfuDz5xoHbm1IX0bBZZ5G2pM/7CxUtn6+fmZq7faMzPNybrE7NTV+YmG91+XfX81Oyt2xNj45tyM2sa2uT+D1XPzV1fuDF17Ss3V70+XD372vzNG5evrH45hqIeUelsOVJ0eGJsvOj09NTl2eKtqe8hHaxFPOwSAAAAj69KyuKlSHH/B++288Zayuu7V8be/UZ7LOBwWTZfd44bPKyeVuvAkSKhzhPc8Ysdzf2VB0Or5ff2r+uOAQAAAAAAAGDnSSmLr0WK337nYDGvnmK4OATAGnIAAADYOSopi39Eirl777b3nS+t/39gmf3dF9vjAtVyMX9rTX+xzn9Psc5/qb73zOnK6Mc66xux/j//3sF13TEAAAAAAAAA7DwpZfH1SPHFfx0s5tWb6/9XTr/ncW9Gipf7D5VxfQNRW5qTj6Vj5yOienVqunEsj30/UvxmsBkbRewTZeyT7diRPPaPkWLxZ8tjd5WxT7VjR/PYNyLFO++sHvt0O/Z4Hns3Uvz+R/Vm7HAeWytjD7Rjj16Zm57ctAcMAAAAHwDDKYv3IsVffvzZ1Mzll84BaK7/z1qxnef/v7WibHnI2v9H2hOwmjX2CdQ62t4qxyu+HSl++cODxRhFMa5RW31coxYppu8cKuOWxhSGyuv7in/b4xqvRYrBkeWxw2Xs/nbsSLe3BQAAAFshz/+/FSlOvfLX/mbOW+b/Zaq8ev7/4f7lZUuP8v99HW15n+YX7rx+eXq6cUNFRUWlVXmE/xwBAGCHyfP/v0WKg7/qS8157DL/L5fVt/P/v3+znf+/sKJs6VH+v7+j7YXyXMJKf0T15sz1yoGI6vzCneemZi5fa1xrzI4eO3F89OTzJ05WBppz++1a148OAAAAto08//9npFj47r3W/vxu5v+HV5QtPcr/n+y8p+ic/+/6UQAAAMCONVye//fS5/7cOkdvef7fztDz/L/5+3+HP7q8bI0S9Cj/f6qjrVb2a/cjPgsAAAAAAAAAAAAAAAAAAADoleGUxUyk+MLvPpGav6Hfzfl/kyvKlh7t/z/Q0TYZW/P7f10/ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA3QF1l8NVJ85JnF9Km84csRuzpLAAAAYNv7bwAAAP//GaU/8A==")
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b8000000190001"], 0xb8}}, 0x0)

6.707701784s ago: executing program 4 (id=3676):
syz_mount_image$jfs(&(0x7f0000005d00), &(0x7f0000005d40)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00f3a8929fc27e9dcd22d51bc8178a85fe247e5d60c9724dd81995e63092466cbd720fb20cc28881"], 0x1, 0x5d17, &(0x7f000000bac0)="$eJzs3U1vHVcZB/Dnvvj6pbSNKlSFiEWaQmkpzXsC5a0pCxawAAllTSLXrQIpoMQgWlnElReIFV8BNt2w6FfgA/QzID4AkWxWXVAGjX1OMh5f5zokvnPt8/tJzswz547vmfw9nns9M/cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/+uHPLvQi4sbv0oITEV+IQUQ/YrGuT0c9cy0/fhgRJ2O7OV6MiMF8RL3+9j/PR1yOiE+fi9jcWluuF188YD+unF+98/mPf/CPP/554+Qv3vn5x+32n37x0id/uhdx4idvfvL5vaez7QAAAFCKqqqqXnqbfyq9v+933SkAYCry8b9K8nK1Wq1Wq9XHr26qxrvXLCJivblO/ZrB6XgAOGLW47Ouu0CH5F+0YUQ803UngJnW67oDHIrNrbXlXsq31zwenN5pz9eC7Mp/vffg/o79ppO0rzGZ1s/XRgzihX36szilPsySnH+/nf+NnfZRetxh5z8t++U/2rn1qTg5/0E7/5bjk39/bP6lyvkPHyv/gfwBAAAAAGCG5b//n+j4/O/8k2/KgTzq/O/pKfUBAAAAAAAAAJ62Jx3/7wHj/wEAAMDMqt+r1/7y3MNl+30WW738ei/i2dbjgcKkm2WWuu4HAAAAAAAAAAAAAJRkuHMN7/VexFxEPLu0VFVV/dXUrh/Xk65/1JW+/VCyrn/JAwDAjk+fa93L34tYiIjr6bP+5paWlqpqYXGpWqoW5/Pr2dH8QrXYeF+bp/Wy+dEBXhAPR1X9zRYa6zVNer88qb39/ernGlWDA3RsOjoMHAAiYudotOmIdMxU1fPR9ascjgb7//Fj/+cguv45BQAAAA5fVVVVL32c96l0zr/fdacAgKnIx//2eQG1Wq1Wq9XHr26qxrvXLCJivblO/ZrBcPwAcMSsx2ddd4EOyb9ow4g42XUngJnW67oDHIrNrbXlXsq31zwepPHd87Ugu/Jf722vl9cfN52kfY3JtH6+NmIQL+zTnxen1IdZkvPvt/O/sdM+So877PynZb/86+080UF/upbzH7Tzbzk++ffH5l+qnP/wsfIfyB8AAAAAAGZY/vv/Ced/8yYDAAAAAAAAwJGzubW2nO97zef/vzzmce7/PJ5y/j35Fynn32/n37ogZ9CYv//2w/z/vbW2/PHqv76UpzOf/9xgVD/3XK8/GKZrfqq5d+NW3I6VOL/n8cNd7Rf2tM/tar84of3SnvZR3b6Y28/Gcvw6bsc7D9rnJ1wYtTChvZrQnvMf2P+LlPMfNr7q/JdSe681rd3/qL9nv29Oxz3Ptb/955W9e9f0bcTgwbY11dt3poP+bP+fPDOK395duXP29zdXV+9ciDTZtfRipMlTlvOfS185/1df3mnPv/eb++v9j0aPnf+s2Ijhvvm/3Jivt/e1KfetCzn/UfrK+ecj0Pj9/yjnv//+/3oH/QEAAAAAAAAAAAAAAIBHqapq+xbRaxFxNd3/09W9mQDAdOXjf5Xk5Wq1Wq1Wq49f3VSN91aziIi/N9epXzP8Ydw3AwBm2X8j4p9dd4LOyL9g+fP+6ulXuu4MMFV3P/jwlzdv3165c7frngAAAAAAAAAA/688/ufpxvjP29cBtcaN3jX+69tx+siO/9kfDbbHOk8b9FI8evzvM/Ho8b+HE55vbkL7aEL7/IT2hQntY2/0aMj5v5QyzvmfShtW0vivr3bQn67l/M+ksZ5z/l9rPa6Zf/XXo5x/f1f+51bf/825ux98+Mat92++t/Leyq8unL96+dKVy5euXDn37q3bK+d3/u2wx4cr55/HvnYdaFly/jlz+Zcl5//VVMu/LDn/V1It/7Lk/PPrPfmXJeef3/vIvyw5/9dSLf+y5Py/nmr5lyXn/3qq5V+WnP83Ui3/suT830i1/MuS8z+bavmXJed/LtXyL0vOP5/hkn9Zcv75ygb5lyXnfzHV8i9Lzv9SquVflpz/5VTLvyw5/yupln9Zcv5XUy3/suT8v5lq+Zcl5/+tVMu/LDn/N1Mt/7Lk/L+davmXJef/nVTLvyw5/++mWv5lyfl/L9XyL0vO//upln9Zcv5vpVr+ZXn4+f9mzJgxk2e6/s0EAAAAAAAAAAAAALRN43LirrcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe/cWI1d93wH87M1eGwJuuBMHbHMzsLC7voFDDCYJKSW9UBLSpiU1jr02Tnyrd81NqGwKbYmCVKT2gT40TaI0itRWoCpSU4lGSI3UvjVPjXiJWikPfoDKQUmlVIGtzsz///fM7HrOGnvwzPl/PpH9886cM/OfM2dm97vRdwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotf7jM382VBRF+afx15qiuLD896piZ/nl/LbzvUIAAADgbL3T+PvvL04X7FzGTi3b/Ns1//HdhYWFheILb5949y8WFtIV64piZGVRNK6L/v0XP19o3SZ4rhgfGm75erji7kcqrh+tuH6s4voVFdevrLh+vOL6RQdgkVXN38c0buz6xj/XNA9pcWkx1rju+iX2em5o5fBw/F1Ow1Bjn4WxfcWB4mAxU0wt2meo8b+ieG19eV/3F/G+hlvua21RFCd/+syeuIahcIyvL9rurKH1uXvr3mLd2z99Zs+35968aqlZeRgWrbQoNm4o1/l8UZz6dVUxVKxMxySuc7hlnWuXWOdI2zqHGvuV/+5c58llrjM+7vGwzh92WefacNmT1xVFMV+cdptOzxXDxeqOe03He7x5RpS3UT6VHyxGz+g8Wb+M86Tc5yfXtZ8nnedkPP7rwzEZPc0aWp+Ot768YtFxf6/nSfmo++FcLW/7wfJOx8dbf7Xadq6W2zxzw+nPgSWfuyXOgXQut5wDG6rOgeEVI41zYPjUmje0nQPTi/YZLoYa93Xihu7nwOTcoaOTs089fduBQ7v3z+yfOTw9tW3L5q1bNm/dOrnvwMGZqebfZ3ZIB8jqYjidgxvCe008B2/q2Lb1lFz4xrl7HYz3yeugfOyfubFc0IXDxWnO8XKb5zee/esgfd9veR2MtrwOlnxPXeJ1MLqM10G5zcmNy/ueOdryZ6k19Oq9cE3LOXA+vx+W9/nIzad/L1wb1vXCLWf6/XBk0TkQH9ZQeO2Vl6Sf98bvDMdl8XlxdXnFBSuK47Mzx25/cvfc3LHpIoz3xSUtz1Xn+bK65TEVi86X4TM+X3b+3S9vvHqJy9eEYzV+a/fnqtxmy0T356rx7r708Wy7dFMRxjn2fh/Ppb6blcczZYkux7Pc5vnbzv5nwZRLWt7/xqre/0bGRpvvfyPpaIy1vf8tfmpGGisripO3Le/9byz8eb/f/y7tk/e/8lg9cnv3c6Dc5oXJMz0HRru+/10X5lBYz80hMYy35P53G9fPN0/Tluey8rwZHR0L581ovMf282bzon3KWyvve+PUeztvNl7X/ly1/dxSw/OmPFZ/OdX9vCm3eX367N87VsV/trx3rKg6B8ZGVpTrHUsnQfP9bmFVPAduL/YUR4qDxd60T/ksl/c1sWl558CK8Of9fu+4sk/OgfJYvbyp+zlQbvODzef2Z6eN4ZK0TcvPTp2/Xzhd5r969NTtdR62c535y3V+Ykv33w2V27y55UxzRvfjdGu45IIljlPn6+d05/Te4v05TleGdR7c2v13U+U2l25b5vm0syiKN6bfaPy+K/x+9x+P/+d3237vu9TvlN+YfuOByYd+dCbrBwDgvXu38ff8iubPmi3/j/Vy/v9/AAAAYCDE3D8cZiL/AwAAQG3E3D8SZiL/AwAAQG3E3D8aZpJJ/n/szu2vvPNskT4NcCGI18fD8ODdze1ix3s+fL1u4ZTy8o99a+yVrzy7vPseLorilw98aMntH7s7rqvpaFznR9ovX+TKa5d1/48+fGq71s9POLm9efvx8Sz3NIhd5dcmNzVud91T0435+gNFYz40/8Jzzdtvfh23P7G5uf1fhw8t2blvqG3/jWE914e5LnymzIM7Tx2Hcsb9Xll7zb9e8tlT9xf3G9pwUeNhvvxHzduNnxH10iXN7ePjPt36/+Wr33ml3P7JG5Ze/7PDS6//RLjdn4T5ix3N7VuP+Vda1v8nYf3x/uJ+t3/z+0uu/9Urmtu/Gs6Lr4fZuf57//zD7yz1fMX72XlXc794/1P/u6WxX7y9ePud6x9/drrteHTe/utvN29nx+M/G2ndPl4e7yd69K7283soPL9tPfKiKL7zp0XbcS4+2tzvnzvWH2/v6F1Lr//WjnUeHbq2sf+px7Om7XF97W83Lfl443p2/sOatsfz0n3h+L09+YPydk88FM7HcP3//bB5e52fZfrqfe3vN3H7r69pvm7j7U12rP+ljvXPX1seu+r13/92c/2v3rOybf07PxnOp/ubs2r9+//m4rb9v/Ht5vNx7ImJw0dmjx/Y23JUW1/HK8dXrb7gwg9cdHF4L+38eteRucdmjq2bWjdVFOsG8CMDe73+b4b5P80xf+7voelHP2uedy9+qvl966afN79+KVz+aHg+4/fHr/3VWNv52vm8z9/TnGe7/lvCOpbriq/+97XL2vDE5187/k9//GbnzwXx8Ry9bLzx+F5ef3njuqHXm9d3vl9V+a/L2l/XPx6daszvheO6ED6ZecPlzfvrvP342SQvfrr5+o0/ycX9i47PE1kz0v44znb9Pw4/x3z/yvb3v3h+fO/Zjk9zXlMMlUuYD+8PxXzz+rhVPN4vnrx8yfuLn8NTzF91Jss8rdmnZicPHjh8/MnJuZnZucnZp57edejI8cNzuxqfXbrri1X7n3p9r268vvfObNtSNF7tR5qjx873+o8+vGfvHVM37p3Zt/v4vrmHj84c279ndnbPzN7ZG3fv2zfzRNX+B/bumN60ffMdmyb2H9i7487t2zdvnzhw+Ei5jOaiKmyb+tLE4WO7GrvM7tiyfXrr1i1TE4eO7J3ZccfU1MTxqv0b35smyr0fnzg2c3D33IFDMxOzB56e2TG9fdu2TZWf/njo6L7ZdZPHjh+ePD47c2yy+VjWzTUuLr/3Ve1PHmaPhPe7DkPhp/PP3botfT5u6VtfPu1NNTdp//G0eCt8FlT8/lb1dcz9Y2EmmeR/AAAAyEHM/eGD/09dIf8DAABAbcTcvzLMRP4HAACA2oi5fzzMJJP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/qdZv/f+Y+1cVRZb5HwAAAHIQc//qMBP5HwAAAGoj5v4LwkzkfwAAAKiNmPsvDDPJJP/r/+v/6//r/+v/6//3kv6//n83+v/6/4O8fv1//X+q9Vv/P+b+D4SZZJL/AQAAIAcx918UZiL/AwAAQG3E3H9xmIn8DwAAALURc/+aMJNM8r/+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dav/X/Y+7/lTCTTPI/AAAA5CDm/g+Gmcj/AAAAUBsx918SZiL/AwAAQG3E3H9pmEkm+V//X/9f/1//X/9f/7+X9P/1/7vR/9f/H+T16//r/1Ot3/r/MfdfFmaSSf4HAACAHMTcf3mYifwPAAAAtRFz/xVhJvI/AAAA1EbM/VeGmWSS//X/9f/1//X/9f/1/3tJ/1//vxv9f/3/QV6//r/+P9X6rf8fc/9VYSaZ5H8AAADIQcz9V4eZyP8AAABQGzH3fyjMRP4HAACA2oi5f22YSSb5X/9f/1//X/9f/1//v5f0//X/u9H/1/8f5PXr/+v/U63f+v8x9384zCST/A8AAAA5iLn/mjAT+R8AAABqI+b+a8NM5H8AAACojZj714WZZJL/9f/1//X/9f/1//X/e0n/X/+/G/1//f9BXr/+v/4/1fqt/x9z//owk0zyPwAAAOQg5v4NYSbyPwAAANRGzP3XhZnI/wAAAFAbMfdfH2aSSf7X/9f/1//X/9f/1//vJf1//f9u9P/1/wd5/fr/+v9U67f+f8z9N4SZZJL/AQAAIAcx998YZiL/AwAAQG3E3H9TmIn8DwAAALURc//GMJNM8r/+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dav/X/Y+6/Ocwkk/wPAAAAOYi5/5YwE/kfAAAAaiPm/lvDTOR/AAAAqI2Y+yfCTDLJ//r/+v/6//r/+v/6/72k/6//343+v/7/IK9f/1//n2r91v+Puf+2MJNM8j8AAADkIOb+28NM5H8AAACojZj7J8NM5H8AAACojZj7p8JMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5fzrMJJP8DwAAADmIuX9TmIn8DwAAALURc//mMBP5HwAAAGoj5v4tYSaZ5H/9f/1//X/9f/1//f9e0v/X/+9G/1//f5DXr/+v/0+1fuv/x9y/Ncwkk/wPAAAAOYi5f1uYifwPAAAAtRFz/x1hJvI/AAAA1EbM/XeGmWSS//X/9f/1//X/9f/1/3tJ/1//vxv9f/3/QV6//r/+P9X6rf8fc//2MJNM8j8AAADkIOb+j4SZyP8AAABQGzH33xVmIv8DAABAbcTc/9Ewk0zyv/6//r/+v/6//r/+fy+d7/7/+Dm6H/3/Jv3/dvr/+v/6//r/dNdv/f+Y+3eEmWSS/wEAACAHMfffHWYi/wMAAEBtxNx/T5iJ/A8AAAC1EXP/zjCTTPK//r/+v/6//r/+v/5/L53v/v+5ov/fpP/fTv9f/1//X/+f7vqt/x9z/71hJpnkfwAAAMhBzP0fCzOR/wEAAKA2Yu7/eJiJ/A8AAAC1EXP/J8JMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/74wk0zyPwAAAOQg5v5PhpnI/wAAAFAbMff/apiJ/A8AAAC1EXP//WEmmeR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PtX7r/8fc/2thJpnkfwAAAMhBzP0PhJnI/wAAAFAbMfd/KsxE/gcAAIDaiLn/18NMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/zfCTDLJ/wAAAJCDmPt/M8xE/gcAAIDaiLn/t8JM5H8AAACojZj7HwwzyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/t8OM8kk/wMAAEAOYu5/KMxE/gcAAIDaiLn/02Em8j8AAADURsz9nwkzyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/ofDTDLJ/wAAAJCDmPs/G2Yi/wMAAEBtxNz/O2Em8j8AAADURsz9vxtmkkn+1//X/9f/1//X/9f/7yX9f/3/bvT/9f8Hef36//r/VOu3/n/M/Z8LM8kk/wMAAEAOYu7/vTAT+R8AAABqI+b+3w8zkf8BAACgNmLufyTMJJP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/qdZv/f+Y+z8fZpJJ/gcAAIAcxNz/B2Em8j8AAADURsz9u8JM5H8AAACojZj7Hw0zyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/t1hJpnkfwAAAMhBzP1fCDOR/wEAAKA2Yu7fE2Yi/wMAAEBtxNy/N8wkk/yv/6//r/+v/6//r//fS/r/+v/d6P/r/w/y+vX/9f+p1m/9/5j7Z8JMMsn/AAAAkIOY+/eFmcj/AAAAUBsx9+8PM5H/AQAAoDZi7n8szCST/K//r/+v/6//r/+v/99L+v/6/93o/+v/D/L69f/1/6nWb/3/mPsPhJlkkv8BAAAgBzH3fzHMRP4HAACA2oi5/0thJvI/AAAA1EbM/QfDTDLJ/2fQ/19R6P+flv7/0uvX/9f/1//X/9f/1//vRv9f/3+Q16//r/9PtX7r/8fcfyjMJJP8DwAAADmIuf9wmIn8DwAAALURc/+RMBP5HwAAAGoj5v6jYSaZ5H///X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PtX7r/8fc/4dhJpnkfwAAAMhBzP3HwkzkfwAAAKiNmPtnw0zkfwAAAKiNmPvnwkwyyf/6//r/+v/Z9P/TG5z+fzv9/97S/9f/70b/X/9/kNev/6//T7V+6//H3H88zCST/A8AAAA5iLn/8TAT+R8AAABqI+b+J8JM5H8AAACojZj7nwwzyST/6//r/+v/Z9P/99//1/8/L/T/9f+70f/X/x/k9ev/6/9Trd/6/zH3PxVmkkn+BwAAgBzE3P90mIn8DwD8P3t3zQPAkcNxtL7PfMzMzMzMzMzMzHdh5iJFbKeItFutMmO/17idaqV/8dMCAG3k7n9i3GL/AwAAQBu5+58UtwzZ//p//b/+X/+v/9f/X0n/r/8/ov/X/+/8fv2//p9zq/X/ufufHLcM2f8AAAAwQe7+p8Qt9j8AAAC0kbv/qXGL/Q8AAABt5O5/WtwyZP/r//X/+n/9v/5f/38l/b/+/4j+X/+/8/v1//p/zq3W/+fuf3rcMmT/AwAAwAS5+58Rt9j/AAAA0Ebu/mfGLfY/AAAAtJG7/1lxy5D9r//X/+v/9f/6f/3/lfT/+v8j+n/9/87v1//r/zm3Wv+fu//ZccuQ/Q8AAAAT5O5/Ttxi/wMAAEAbufufG7fY/wAAANBG7v7nxS1D9r/+X/+v/9f/6//1/1fS/+v/H/1qP5b+X/+/8/v1//p/zq3W/+fuf37cMmT/AwAAwAS5+18Qt9j/AAAA0Ebu/hfGLfY/AAAAtJG7/0Vxy5D9r//X/+v/9f/6f/3/lfT/+v8j+n/9/87vf9z6/yc8cvT/7GC1/j93/4vjliH7HwAAACbI3f+SuMX+BwAAgDZy9780brH/AQAAoI3c/S+LW4bsf/2//l//r//X/+v/r6T/1/8f0f/r/3d+v///6/85t1r/n7v/5XHLkP0PAAAAE+Tuf0XcYv8DAABAG7n7Xxm32P8AAADQRu7+V8UtQ/a//l//r//X/+v/9f9X0v/r/4/o//X/O79f/6//59xq/X/u/lfHLUP2PwAAAEyQu/81cYv9DwAAAG3k7n9t3GL/AwAAQBu5+18XtwzZ//p//b/+X/+v/9f/X0n/r/8/ov/X/+/8fv2//p9zq/X/uftfH7cM2f8AAAAwQe7+N8Qt9j8AAAC0kbv/jXGL/Q8AAABt5O5/U9wyZP/r//X/+n/9v/5f/38l/b/+/4j+X/+/8/v1//p/zq3W/+fuf3PcMmT/AwAAwAS5+98St9j/AAAA0Ebu/rfGLfY/AAAAtJG7/21xy5D9r//X/+v/9f/6f/3/lfT/+v8j+n/9/87v1//r/zm3Wv+fu//tccuQ/Q8AAAAT5O5/R9xi/wMAAEAbufvfGbfY/wAAANBG7v53xS1D9r/+X/+v/9f/6//1/1fS/+v/j+j/9f87v1//r//n3Gr9f+7+d8ctQ/Y/AAAATJC7/z1xi/0PAAAAbeTuf2/cYv8DAABAG7n73xe3DNn/+n/9v/5f/6//1/9fSf+v/z+i/9f/7/x+/b/+n3Or9f+5+98ftwzZ/wAAADBB7v4PxC32PwAAALSRu/+DcYv9DwAAAG3k7v9Q3DJk/+v/9f/6f/2//l//fyX9v/7/iP5f/7/z+/X/+n/Ordb/5+7/cNwyZP8DAADABLn7PxK32P8AAADQRu7+j8Yt9j8AAAC0kbv/Y3HLkP2v/9f/6//1//p//f+V9P/6/yP6f/3/zu/X/+v/Obda/5+7/+Nxy5D9DwAAABPk7v9E3GL/AwAAQBu5+z8Zt9j/AAAA0Ebu/k/FLUP2v/5f/6//1//r//X/V9L/6/+P6P/1/zu/X/+v/+fcav1/7v5Pxy1D9j8AAABMkLv/M3GL/Q8AAABt5O7/bNxi/wMAAEAbufs/F7cM2f/6f/2//l//r//X/19J/6//P6L/1//v/H79v/6fc6v1/7n7Px+3DNn/AAAAMEHu/i/ELfY/AAAAtJG7/4txi/0PAAAAbeTu/1LcMmT/6//1//p//b/+X/9/Jf2//v+I/l//v/P79f/6f86t1v/n7v9y3DJk/wMAAMAEufu/ErfY/wAAANBG7v6vxi32PwAAALSRu/9rccuQ/a//1//r//X/+n/9/5X0//r/I/p//f/O79f/6/85t1r/n7v/63HLkP0PAAAAE+Tu/0bcYv8DAABAG7n7vxm32P8AAADQRu7+b8UtQ/a//l//r//X/+v/9f9X0v/r/4/o//X/O79f/6//59xq/X/u/m/HLUP2PwAAAEyQu/87cYv9DwAAAG3k7v9u3GL/AwAAQBu5+78XtwzZ//p//b/+X/+v/9f/X0n/r/8/ov/X/+/8fv2//p9zq/X/ufu/H7cM2f8AAAAwQe7+H8Qt9j8AAAC0kbv/h3GL/Q8AAABt5O7/UdwyZP/r//X/+n/9v/5f/38l/b/+/4j+X/+/8/v1//p/zq3W/+fu/3HcMmT/AwAAwAS5+38St9j/AAAA0Ebu/p/GLfY/AAAAtJG7/2dxy5D9r//X/+v/9f/6f/3/lfT/+v8j+n/9/87v1//r/zm3Wv+fu//nccuQ/Q8AAAAT5O7/Rdxi/wMAAEAbuft/GbfY/wAAANBG7v5fxS1D9r/+X/+v/9f/6//1/1fS/+v/j+j/9f87v1//r//n3Gr9f+7+X8ctQ/Y/AAAATJC7/zdxi/0PAAAAbeTu/23cYv8DAABAG7n7fxe3DNn/+n/9v/5f/6//1/9fSf+v/z+i/9f/7/x+/b/+n3Or9f+5+38ftwzZ/wAAADBB7v4/xC32PwAAALSRu/+PcYv9DwAAAG3k7v9T3DJk/+v/9f/6f/2//l//fyX9v/7/iP5f/7/z+/X/+n/Ordb/5+7/c9wyZP8DAADABLn7/xK32P8AAADQRu7+v8Yt9j8AAAC0kbv/b3HLkP2v/9f/6//1//p//f+V9P/6/yP6f/3/zu/X/+v/Obda/5+7/+9xy5D9DwAAABPk7v9H3GL/AwAAQBu5+/8Zt9j/AAAA0Ebu/n/FLUP2v/5f/6//1//r//X/V9L/6/+P6P/1/zu/X/+v/+fcav1/7v5/xy1D9j8AAABMkLv/P3GL/Q8AAABt5O7/b9xi/wMAAEAbufv/F7cM2f/6f/2//l//r//X/19J/6//P6L/1//v/H79v/6fc6v1/7n7/x+3DNn/AAAAMEHu/hviFvsfAAAA2sjdf2PcYv8DAABAG7n7b4pbhux//b/+X/+v/9f/6/+vpP/X/x/R/+v/d36//l//z7nV+v/c/TfHLUP2PwAAAEyQu/+WuMX+BwAAgDZy998at9j/AAAA0Ebu/tviliH7X/+v/9f/6//1//r/K+n/9f9H9P/6/53fr//X/3Nutf4/d//tccuQ/Q8AAAAT5O6/I26x/wEAAKCN3P13xi32PwAAALSRu/+uuGXI/tf/6//1//p//b/+/0r6f/3/Ef2//n/n9+v/9f+cW63/z91/d9wyZP8DAADABLn774lb7H8AAABoI3f/vXGL/Q8AAABt5O6/L24Zsv/1//p//b/+X/+v/7+S/l//f0T/r//f+f36f/0/51br/3P33x+3DNn/AAAAMEHu/gfiFvsfAAAA2sjd/2DcYv8DAABAG7n7H4pbhux//b/+X/+v/9f/6/+vpP/X/x/R/+v/d36//l//z7nV+v/c/Q8HAAD//1hEP40=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x58)

4.364371955s ago: executing program 0 (id=3688):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000180), r0)
sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x1c, r1, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x1c}}, 0x4)

3.711667344s ago: executing program 0 (id=3691):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000002080)={0xc, {"a2e3ad204fc752f91b5d36f70b06d038e7ff7fc6e5539b325d098b089b3b08381a090890e0878f0e1ac6e7049b3344959b5d9a240d5b67f3988f7e0319520100ffe8d178708c523c921b1b5b31330d095d0636cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08c4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e800ba9abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40d4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889632b3570243f989cce3803f465e41e610c2021d653a5520094ec79553299388b0000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c2d88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d606495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07840900000000000000f5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b19bb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0545359bafffa45237f104b98110403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae2d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e709000000000000004fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83000000000000010058b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c000003716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff7544130700000000000000f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc6c71737b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f9354b9094f22b625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c558069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e0090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c73144f8e4a737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c10613d17ca51075f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb401000000608d6f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655bff4801784c416b22f73d32d678e2724f43f1fe687c7e8a605fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d7000bdbfc43c10ec23ea6283994a7dde4dcb61fea6b611fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f4820000000000000900a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2e0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47afed367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15f2dbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af500ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)

3.335612416s ago: executing program 4 (id=3694):
r0 = socket(0x10, 0x803, 0x0)
unshare(0x2000400)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)

2.487969857s ago: executing program 2 (id=3698):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d40)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8946, &(0x7f0000000900)={'wlan1\x00', @random='\x00\x00\x00 \x00'})

2.316312494s ago: executing program 0 (id=3699):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000080))
ioctl$PPPIOCGNPMODE(r0, 0x4008744b, &(0x7f0000000000)={0x2b})

2.176741687s ago: executing program 3 (id=3700):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @none}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, 0x0, 0x0)

1.934874948s ago: executing program 5 (id=3701):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x60, &(0x7f0000001ec0)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cedd00", 0x2a, 0x3a, 0xff, @remote={0xfe, 0xe0}, @private1={0xfc, 0x1, '\x00', 0x1}, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @dev={0xfe, 0x80, '\x00', 0x34}, @mcast2, [{0x2}]}}}}}}, 0x0)

1.826853588s ago: executing program 4 (id=3702):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000000080)={'vcan0\x00'})

1.816858118s ago: executing program 3 (id=3703):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000140)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/PaZZ2a866wmwP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3kLHDO9u1PRvW9uMZWcSDJZ/x6Q+urQGF2Eh2NfVzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/fz/uW6yer5/uc50it7z/yd62+r0MTS355oPDzUOAAAAAAAAABiNrz/JkyznZC/fKaq/+Z+rMqfzRSf5Ut7Pgyzkfi5mOfNZylLu53KSqb6OJpbnl5buX15vWRre8srQlldG9YoBAAAAAAAA4H/SL9Pa+Ps/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcB0Uy1l1Vy+l6nak0mtkoy0ryzyQTRx3vPhTDNj4cfRwAAADwTCafos2Xn+RJlnOyl+8U1Xv+r1Tvlyfzfu5mKYtZSjsLuVm/hy7f9TfWVmfba6uzd8qlzA/2+/1/7yuMibqHsSo3bM9nqxqt3MpiteViblTB3Eyju+/zydlePH1x9fmojKn4Xm2PkTXrYS139vvtPkU4EIMfRTR2qNnaCC5ZH5GZOray5anuCBTVBzXJ5pHY9eg0B3JTVa/j63u6nMb6Jz+nD2HMT9Tr8vX85lDHfL/WR6KRaiSu9GZfec7sPBLJN/76p7dvt+++e/vWgwvH5yXtYmyb7ZvnxGzfSLzyXI9Ec5/1Z6qROLOev54f5Se5kOm8mftZzE8zn6UspFOXz9fzufw5tfNIzQ3k3twtkon6uHSP2V5ims4Pq9R8zlVtT2YxRe7lZhbyevXvSi7n27maq7nWd4TPbBt39dqqs76x+azvHem/DQ3+/DfrRHl1++3GVW5up1e83ew8KN1rfzmup/rGtTvrH6/XOtV3Hsz0jdJLvdEZH9r501wbm1+tE+U+frXLfWK0puqRKE+g3l2iF93L3ZFoVveirfP8D52yXdp3O53b8+9t0//Kpvxr9bqcVqtf2612z/BDcbDK+fJSJusryeDsKMteXr/K9JV1NuZyt2zwjlu2O1OVFUXvTP1x7lUTYOuZOlH/Dre1pytV2StDy2arsrN9ZQO/b+Ve2rk5gvED4Gn84+315FROTLT+1fq09Unr163brTcmf/DCd154dSLjfx//bnNm7LXGq8Vf8kl+vvH+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHoPPvjw3fl2e+H+8ERj+6KBRCubt+zW86ZEUT/QZ3+tjm9iMsnAluo5RyMPo7U5jC2Jzi+SkY9P7yGCw+v8rkw0t8yoYYm5gS1/3trhR/uMsNjbeXGIiUZGu9OxDJ8AR3hRAkbi0tKd9y49+ODDby3emX9n4Z2Fu+NXr16buXb19dlLtxbbCzPdn0cdJXAYNm76Rx0JAAAAAAAAAAAAsFfDvhhw7sXdvjSyp+94+J+FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIG4fiHNhylyeebiTJlfW51tl0svvVGzmaTRSIqfJcWjZC7dJVN93RX546N0huzn48Vrb332eO3zjb6a3fpJo15vb+fSJCv1kukkY/X6GQz0d+OZ+yv+03sN5YB90el05p4tPjgY/w0AAP//Pp71UA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fstatfs(r0, 0x0)

1.764422221s ago: executing program 2 (id=3704):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000000200)={[{@nouid32}]}, 0x7, 0x530, &(0x7f0000000240)="$eJzs3U9vI2cZAPBnJnbS3U2xq3IolWgjCspWsE7S0Dbi0nLiVASUI1KIEieK4sSrxNluogqy4huglUDixB2JD4CE9iMgpJXgjhYJhNhd9sAFjMYe7ybBXies/9Dk95PGfmfe8TzPm0lez+uZeAK4tGYi4sOI+CAi3o6IUr48zac4ak/Zeo8ffbqaTUk0mx//PYkkX9bZVpI/X8tf9lJEfO9bEfGw2Twdd+/gcGulVqvu5vNzje2bc3sHhzc2t1c2qhvVncXFhfeW3l96d2n+f27brWPlckRM5OXffu2TPy3/9fqPkrz9caodeeoD0f6ZFE9ssHAsl8+6iQet35IoZg93x50NAAD9pPmx6Jdax/+lmGgdnQIAAAAXSfOD6da5myYAAABwYaURMR1JWsmvBZiONK1U2tfwfj6uprX6XuOr6/X9nbWsLqIcxXR9s1adz68VLkcxyeYX8mtsO/PvnJpfjIhXIuJu6UprvrJar62N+8MPAAAAuCSunRr/Pym1x/9nkg45OQAAAGBwyuNOAAAAABg6438AAAC4+Iz/AQAA4EL7zkcfZVOzc//rtVsH+1v1WzfWqntble391cpqffdmZaNe32h9Z992v+3V6vWbX4+d/dtzjepeY27v4HB5u76/01jeHNw9tQEAAIDzeeXNe39MIuLoG1daUyQRk3ldccy5AcN1rq/w/PPT0uQwcgFGa2LcCQBjU+i7xssjyQMYPWN8IOlT3/Pind8NPhcAAGA4Zr9w6vx/REyW2nU+G4CL7dy38PxB1ltMDScZYKSc/4fLq8v5//6XBAAXQtERAFx6wz//32yeKyEAAGDgpltTklbyc4HTkaaVSvu/fspRTNY3a9X5iPhcRPyhVJzK5hdar0z6jhkAAAAAAAAAAAAAAAAAAAAAAAAAgLZmM4lmd1O9KjJPnlMHAAAA/H+JSP+S5Pf/mi19efr05wOTyT9LreeI+OQXH//s9kqjsbuQLX/4dHnj5/nyd/p82HDum40DAAAAZ1Z4VuyM0zvjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpMePPl3tTF2qJ4cV92/fjIhyt/iFeKn13H68+o8kCsdel0TExADiH92JiNe6xU+ytKLcI34aEVfGHP/aAOLDZXYv638+7Pb3l8ZM67n7318hn17U8f4v6w6Ox+/0fxM9+r+Xzxjj9fu/nusZ/07E64Xu/U8nftIj/ls9I06d+OH88PuHh73WbP4yYrbL+0/zWeeeZLHmGtneODi8sbm9slHdqO4sLi68t/T+0rtL83Prm7Vq/tg1xk+/+Jt/twpp9/Zf7fr+l0T51ee0/xw7/1/3bz96tV0s/nf8N+P6Wyfjz+R1r0UnfqGVTydkmr/3fSUvZ/nNdspH7fJxb/zq92/kxW+XurR/7UT70zPv/+tnbP/b3/3JgzOuCgCMwN7B4dZKrVbdHXLhxzHTvapzRDSSNDoj9pE0+cIUipEXkgFvebnU3u8TcbIqeeHdlA2lsi2crMoOW/u93O9GXhhPfwQAAAzPs4P+M6x84oT71PCSAgAAAAAAAAAAAAAAAAAAgEtmFF8ndjrm0XiaCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwXP8JAAD//zPuvHs=")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)

1.368698483s ago: executing program 3 (id=3705):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f000001aa80)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000340000000e0001006e657464657673696d0000000f0002"], 0x44}}, 0x0)

1.165195381s ago: executing program 5 (id=3706):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x282a2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000200)=0x12)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5008, 0x0)

1.04525052s ago: executing program 2 (id=3707):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x17}]}}}, {0x1c, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0x8}]}}}]}]}], {0x14}}, 0x98}, 0x1, 0x0, 0x0, 0x24040800}, 0x0)

1.032409982s ago: executing program 3 (id=3708):
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000007180)=[{{&(0x7f0000000500)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000001a80)}}], 0x1, 0x0)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r0, 0x40186f40, 0x20000502)

832.418694ms ago: executing program 5 (id=3709):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x5f, 0xffffffffffffffff, {0x29}}, './file0\x00'})

777.333712ms ago: executing program 3 (id=3710):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000001880)={0x0, 0x0, &(0x7f0000001840)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}, @ETHTOOL_A_FEATURES_HEADER={0x4}]}, 0x1c}}, 0x0)

603.367035ms ago: executing program 2 (id=3711):
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x74, 0x3, 0x1, 0x301, 0x0, 0x0, {0x0, 0x0, 0x3}, [@CTA_TUPLE_ORIG={0x14, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}, @CTA_FILTER={0x14, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x300}, @CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x2}]}, @CTA_PROTOINFO={0x10, 0x4, 0x0, 0x1, @CTA_PROTOINFO_DCCP={0xc, 0x2, 0x0, 0x1, [@CTA_PROTOINFO_DCCP_ROLE={0x5, 0x2, 0x3}]}}, @CTA_PROTOINFO={0x20, 0x4, 0x0, 0x1, @CTA_PROTOINFO_SCTP={0x1c, 0x3, 0x0, 0x1, [@CTA_PROTOINFO_SCTP_VTAG_ORIGINAL={0x8, 0x2, 0x1, 0x0, 0x4}, @CTA_PROTOINFO_SCTP_VTAG_ORIGINAL={0x8, 0x2, 0x1, 0x0, 0x5}, @CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0xd3}]}}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x9}]}, 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x20000804)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="340000003b0007010000000000000000047c0000ec0000000c00018006000600800a0000100002800c0014"], 0x34}}, 0xc000)

567.448617ms ago: executing program 3 (id=3712):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)={0x50, r1, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "61cce2444181321f0e8c4ae529500443"}, @NL802154_KEY_ATTR_ID={0x10, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x4}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x8}, 0x20000810)

425.580442ms ago: executing program 5 (id=3713):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010026000000000000000c0017f73b78cc7907490000000000"], &(0x7f0000001f80)=""/226, 0x26, 0x81, 0x2, 0x0, 0x0, @void, @value}, 0x20)

389.031419ms ago: executing program 2 (id=3714):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)

214.180432ms ago: executing program 2 (id=3715):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x200000005c831, 0xffffffffffffffff, 0x0)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000200)=[{{0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}}], 0x8)

134.211665ms ago: executing program 5 (id=3716):
r0 = socket$kcm(0x29, 0x2, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2c, &(0x7f00000001c0), 0x4)
setsockopt$sock_attach_bpf(r0, 0x1, 0x1b, &(0x7f00000000c0), 0x4)

0s ago: executing program 5 (id=3717):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="070000000000000000001b22004018000180140002"], 0x2c}}, 0x0)

kernel console output (not intermixed with test programs):

121: inode #15: comm syz.4.2493: corrupted inode contents
[  284.112218][T11864] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2500'.
[  284.151473][ T5231] EXT4-fs warning (device loop4): ext4_evict_inode:259: couldn't mark inode dirty (err -117)
[  284.193022][ T5231] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.718788][   T33] team0 (unregistering): Port device team_slave_1 removed
[  284.832389][   T33] team0 (unregistering): Port device team_slave_0 removed
[  284.842347][T11863] loop0: detected capacity change from 0 to 32768
[  284.913480][T11863] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  284.940821][T11866] loop5: detected capacity change from 0 to 32768
[  284.980211][T11863] XFS (loop0): Ending clean mount
[  284.999223][T11863] XFS (loop0): Quotacheck needed: Please wait.
[  285.017303][T11866] gfs2: fsid=statfs_quantum: Trying to join cluster "lock_nolock", "statfs_quantum"
[  285.028326][T11866] gfs2: fsid=statfs_quantum: Now mounting FS (format 1801)...
[  285.068769][T11866] gfs2: fsid=statfs_quantum.s: journal 0 mapped with 16 extents in 0ms
[  285.112890][T11863] XFS (loop0): Quotacheck: Done.
[  285.184829][T11866] gfs2: fsid=statfs_quantum.s: first mount done, others may mount
[  285.288050][ T7084] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  285.972996][T11887] loop5: detected capacity change from 0 to 4096
[  285.980706][T11887] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512).
[  286.035795][T11883] loop0: detected capacity change from 0 to 32768
[  286.042831][T11887] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  286.058878][T11883] bcachefs: bch2_parse_one_mount_opt() Invalid mount option str_hash: invalid selection
[  286.199571][T11851] tipc: Started in network mode
[  286.221313][T11851] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  286.241345][T11851] tipc: Enabled bearer <eth:team0>, priority 25
[  286.721578][T11911] netlink: 'syz.3.2518': attribute type 29 has an invalid length.
[  286.744640][T11911] netlink: 'syz.3.2518': attribute type 29 has an invalid length.
[  287.003619][ T5287] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  287.231300][ T5287] usb 5-1: Using ep0 maxpacket: 8
[  287.255559][ T5385] tipc: Node number set to 11578026
[  287.256038][ T5287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  287.284852][ T5287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 26056, setting to 1024
[  287.306448][ T5287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  287.331365][ T5287] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  287.353847][ T5287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  287.383633][ T5287] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  287.413062][ T5287] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8d.58
[  287.441204][ T5287] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.482949][ T5287] usb 5-1: config 0 descriptor??
[  287.489346][T11906] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  287.535771][ T5233] Bluetooth: hci6: urb ffff8880251b6100 submission failed (90)
[  287.543481][T11909] loop1: detected capacity change from 0 to 40427
[  287.560288][T11909] F2FS-fs (loop1): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  287.587791][T11909] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  287.628971][T11909] F2FS-fs (loop1): invalid crc value
[  287.653084][T11909] F2FS-fs (loop1): Found nat_bits in checkpoint
[  287.738970][ T5287] usb 5-1: USB disconnect, device number 20
[  287.832495][T11909] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  287.839679][T11909] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  287.866136][T11908] loop2: detected capacity change from 0 to 40427
[  287.874391][T11908] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  287.882209][T11908] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  287.893632][T11908] F2FS-fs (loop2): invalid crc value
[  287.918753][T11941] loop3: detected capacity change from 0 to 256
[  287.927928][T11908] F2FS-fs (loop2): Found nat_bits in checkpoint
[  287.945712][T11909] syz.1.2515: attempt to access beyond end of device
[  287.945712][T11909] loop1: rw=2051, sector=36912, nr_sectors = 8144 limit=40427
[  287.981375][T11909] syz.1.2515: attempt to access beyond end of device
[  287.981375][T11909] loop1: rw=2051, sector=45096, nr_sectors = 85976 limit=40427
[  287.989374][T11941] FAT-fs (loop3): Directory bread(block 64) failed
[  288.016320][T11941] FAT-fs (loop3): Directory bread(block 65) failed
[  288.023676][T11941] FAT-fs (loop3): Directory bread(block 66) failed
[  288.030230][T11941] FAT-fs (loop3): Directory bread(block 67) failed
[  288.036922][T11941] FAT-fs (loop3): Directory bread(block 68) failed
[  288.044200][T11941] FAT-fs (loop3): Directory bread(block 69) failed
[  288.046116][T11908] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  288.050779][T11941] FAT-fs (loop3): Directory bread(block 70) failed
[  288.050820][T11941] FAT-fs (loop3): Directory bread(block 71) failed
[  288.072117][T11941] FAT-fs (loop3): Directory bread(block 72) failed
[  288.078788][T11941] FAT-fs (loop3): Directory bread(block 73) failed
[  288.085733][T11909] F2FS-fs (loop1): Issue discard(4614, 4614, 1018) failed, ret: -5
[  288.087780][T11908] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  288.105899][T11909] F2FS-fs (loop1): Issue discard(5637, 5637, 10747) failed, ret: -5
[  288.275522][T11945] loop5: detected capacity change from 0 to 4096
[  288.334995][T11947] loop3: detected capacity change from 0 to 1024
[  288.499424][T11945] ntfs3(loop5): Failed to load $Extend (-22).
[  288.513839][T11952] loop2: detected capacity change from 0 to 128
[  288.538221][T11953] loop4: detected capacity change from 0 to 512
[  288.545331][T11952] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  288.583937][T11945] ntfs3(loop5): Failed to initialize $Extend.
[  288.584563][T11952] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  288.592237][T11953] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  288.651277][T11953] ext4 filesystem being mounted at /483/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  288.756684][T11960] loop2: detected capacity change from 0 to 256
[  288.801238][ T5287] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  288.909334][ T5231] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.962666][ T5287] usb 4-1: Using ep0 maxpacket: 16
[  288.989739][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  289.014592][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  289.035094][ T5287] usb 4-1: New USB device found, idVendor=1294, idProduct=1320, bcdDevice= 0.00
[  289.052232][T11967] loop2: detected capacity change from 0 to 4096
[  289.058683][ T5287] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.074026][ T5287] usb 4-1: config 0 descriptor??
[  289.125098][T11973] loop4: detected capacity change from 0 to 512
[  289.175878][T11975] sp0: Synchronizing with TNC
[  289.197246][T11973] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.222296][T11973] ext4 filesystem being mounted at /484/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  289.440867][ T5231] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.493551][T11985] loop2: detected capacity change from 0 to 4096
[  289.506658][ T5287] hid-led 0003:1294:1320.0040: hidraw0: USB HID v0.00 Device [HID 1294:1320] on usb-dummy_hcd.3-1/input0
[  289.540972][ T5287] hid-led 0003:1294:1320.0040: Riso Kagaku Webmail Notifier initialized
[  289.609056][T11992] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  289.716051][T11996] loop1: detected capacity change from 0 to 512
[  289.739398][  T931] usb 4-1: USB disconnect, device number 26
[  289.749748][ T5290] leds riso_kagaku0:blue: Setting an LED's brightness failed (-38)
[  289.752324][T12000] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.2553'.
[  289.769833][ T5385] leds riso_kagaku0:green: Setting an LED's brightness failed (-38)
[  289.783297][ T5290] leds riso_kagaku0:red: Setting an LED's brightness failed (-38)
[  289.786247][T11996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.818818][T11995] loop5: detected capacity change from 0 to 4096
[  289.835935][T12000] openvswitch: netlink: VXLAN extension message has 13 unknown bytes.
[  289.850541][T11996] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  289.903363][T12005] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2556'.
[  290.053965][ T7063] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.072784][T12011] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2561'.
[  290.346817][T12025] loop1: detected capacity change from 0 to 1024
[  290.422000][T12025] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  290.812969][T12038] loop2: detected capacity change from 0 to 32768
[  290.831430][T12038] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.2571 (12038)
[  290.881303][T12038] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  290.924986][T12038] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  290.944809][T12038] BTRFS info (device loop2): using free-space-tree
[  291.117138][T12073] loop3: detected capacity change from 0 to 2048
[  291.148236][T10285] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  291.164878][T12073] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  291.188416][T12073] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  291.216008][T12073] ./file0: Can't lookup blockdev
[  291.429088][   T29] audit: type=1326 audit(1728797391.764:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000
[  291.451888][   T29] audit: type=1326 audit(1728797391.764:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000
[  291.457464][T12087] loop3: detected capacity change from 0 to 128
[  291.474617][   T29] audit: type=1326 audit(1728797391.764:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000
[  291.503599][   T29] audit: type=1326 audit(1728797391.764:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000
[  291.526600][   T29] audit: type=1326 audit(1728797391.774:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000
[  291.549213][   T29] audit: type=1326 audit(1728797391.774:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000
[  291.571782][   T29] audit: type=1326 audit(1728797391.774:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000
[  291.594648][   T29] audit: type=1326 audit(1728797391.774:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12084 comm="syz.1.2590" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f49d517dff9 code=0x7ffc0000
[  291.772339][T12095] netlink: 164 bytes leftover after parsing attributes in process `syz.4.2593'.
[  291.806723][T12097] loop2: detected capacity change from 0 to 256
[  291.840138][T12097] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xadbf5ead, utbl_chksum : 0xe619d30d)
[  292.438079][T12106] loop2: detected capacity change from 0 to 32768
[  292.855697][T12128] loop1: detected capacity change from 0 to 32768
[  292.863009][T12128] XFS: ikeep mount option is deprecated.
[  292.868693][T12128] XFS: ikeep mount option is deprecated.
[  292.926316][T12128] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  293.069974][T12128] XFS (loop1): Ending clean mount
[  293.093046][T12128] XFS (loop1): Quotacheck needed: Please wait.
[  293.136215][T12128] XFS (loop1): Quotacheck: Done.
[  293.207810][ T7063] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  293.706934][T12181] loop2: detected capacity change from 0 to 128
[  293.745472][T12181] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (16076!=39978)
[  293.770054][T12181] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  293.804889][T12188] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2633'.
[  293.821287][T10285] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  294.012948][T12200] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2640'.
[  294.061230][ T5286] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  294.087164][T12204] loop5: detected capacity change from 0 to 1024
[  294.106285][T12204] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.106353][T12208] loop0: detected capacity change from 0 to 64
[  294.215341][T11106] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.233205][ T5385] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  294.282732][ T5286] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  294.293270][ T5286] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  294.302478][ T5288] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  294.310197][ T5286] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.324565][ T5286] gspca_main: stv0680-2.14.0 probing 041e:4007
[  294.349076][T12215] loop5: detected capacity change from 0 to 1024
[  294.422763][ T5385] usb 4-1: Using ep0 maxpacket: 32
[  294.432533][ T5385] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  294.443665][ T5385] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  294.481227][ T5288] usb 3-1: Using ep0 maxpacket: 32
[  294.486421][ T5385] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  294.486454][ T5385] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.523466][ T5288] usb 3-1: unable to get BOS descriptor or descriptor too short
[  294.530585][   T71] hfsplus: b-tree write err: -5, ino 4
[  294.550415][ T5288] usb 3-1: config 127 has an invalid interface number: 25 but max is 0
[  294.558011][ T5385] usb 4-1: config 0 descriptor??
[  294.559706][ T5288] usb 3-1: config 127 has no interface number 0
[  294.580388][ T5288] usb 3-1: config 127 interface 25 has no altsetting 0
[  294.605854][ T5288] usb 3-1: New USB device found, idVendor=1110, idProduct=9000, bcdDevice=f4.11
[  294.624800][ T5288] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.636048][ T5288] usb 3-1: Product: syz
[  294.640244][ T5288] usb 3-1: Manufacturer: syz
[  294.651227][ T5288] usb 3-1: SerialNumber: syz
[  294.881298][ T5288] usb 3-1: [ueagle-atm] ADSL device founded vid (0X1110) pid (0X9000) Rev (0XF411): ADI930
[  295.010718][ T5385] savu 0003:1E7D:2D5A.0041: unbalanced collection at end of report description
[  295.022058][ T5385] savu 0003:1E7D:2D5A.0041: parse failed
[  295.027948][ T5385] savu 0003:1E7D:2D5A.0041: probe with driver savu failed with error -22
[  295.075501][T12233] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2653'.
[  295.219997][ T5290] usb 4-1: USB disconnect, device number 27
[  295.352926][ T5286] stv0680 5-1:4.0: STV(e): camera ping failed!!
[  295.522485][ T5288] usb 3-1: reset high-speed USB device number 20 using dummy_hcd
[  295.556139][ T5286] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  295.564906][ T5286] stv0680 5-1:4.0: last error: 0,  command = 0x0
[  295.572874][ T5286] usb 5-1: USB disconnect, device number 21
[  295.651260][ T5385] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  295.684491][ T5288] usb 3-1: unable to get BOS descriptor or descriptor too short
[  295.695526][ T5288] usb 3-1: device firmware changed
[  295.705666][ T5288] ueagle-atm 3-1:127.25: usbatm_usb_probe: bind failed: -19!
[  295.715349][ T5288] usb 3-1: USB disconnect, device number 20
[  295.776969][T12245] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2659'.
[  295.814713][ T5385] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.832194][ T5385] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  295.843892][ T5286] IPVS: starting estimator thread 0...
[  295.849378][ T5385] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  295.849415][ T5385] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.851509][ T5385] usb 2-1: config 0 descriptor??
[  295.971273][T12248] IPVS: using max 16 ests per chain, 38400 per kthread
[  296.110178][T12256] loop3: detected capacity change from 0 to 256
[  296.143209][T12256] FAT-fs (loop3): Directory bread(block 64) failed
[  296.162390][T12256] FAT-fs (loop3): Directory bread(block 65) failed
[  296.169442][T12256] FAT-fs (loop3): Directory bread(block 66) failed
[  296.176481][T12256] FAT-fs (loop3): Directory bread(block 67) failed
[  296.183757][T12256] FAT-fs (loop3): Directory bread(block 68) failed
[  296.190963][T12256] FAT-fs (loop3): Directory bread(block 69) failed
[  296.200507][T12256] FAT-fs (loop3): Directory bread(block 70) failed
[  296.207304][T12256] FAT-fs (loop3): Directory bread(block 71) failed
[  296.214261][T12256] FAT-fs (loop3): Directory bread(block 72) failed
[  296.220948][T12256] FAT-fs (loop3): Directory bread(block 73) failed
[  296.293894][ T5385] kone 0003:1E7D:2CED.0042: item fetching failed at offset 2/5
[  296.314363][ T5385] kone 0003:1E7D:2CED.0042: parse failed
[  296.320475][ T5385] kone 0003:1E7D:2CED.0042: probe with driver kone failed with error -22
[  296.340409][ T5286] kernel write not supported for file /snd/pcmC0D0p (pid: 5286 comm: kworker/1:3)
[  296.356319][T12262] loop2: detected capacity change from 0 to 1024
[  296.382684][T12262] EXT4-fs: Ignoring removed bh option
[  296.394576][T12262] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  296.436226][T12262] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.528823][T10285] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.540332][ T5286] usb 2-1: USB disconnect, device number 15
[  296.600367][T12269] loop3: detected capacity change from 0 to 1024
[  296.646531][T12271] netlink: 'syz.2.2670': attribute type 2 has an invalid length.
[  296.664302][T12273] [U] #! ./file1 GMÝu
[  296.707016][   T33] hfsplus: b-tree write err: -5, ino 4
[  296.735706][ T5288] IPVS: starting estimator thread 0...
[  296.841217][T12276] IPVS: using max 16 ests per chain, 38400 per kthread
[  296.891214][T12284] binder: 12283:12284 ioctl c0306201 20000580 returned -22
[  296.940621][T12288] ebtables: ebtables: counters copy to user failed while replacing table
[  297.004139][T12291] netlink: 134732 bytes leftover after parsing attributes in process `syz.4.2680'.
[  297.300560][T12305] loop4: detected capacity change from 0 to 2048
[  297.471618][ T5231] UDF-fs: warning (device loop4): udf_evict_inode: Inode 1347 (mode 100755) has inode size 9000 different from extent length 9216. Filesystem need not be standards compliant.
[  297.572079][ T5286] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  297.724193][ T5286] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  297.759310][ T5286] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  297.794230][ T5286] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  297.817157][ T5286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.861728][T12309] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  297.874046][ T5286] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  297.954727][T12332] loop0: detected capacity change from 0 to 256
[  297.975245][T12333] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2701'.
[  298.146552][ T5385] usb 2-1: USB disconnect, device number 16
[  298.292819][T12348] loop3: detected capacity change from 0 to 64
[  298.605843][T12369] loop4: detected capacity change from 0 to 256
[  298.668002][T12369] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  299.012309][T12382] loop3: detected capacity change from 0 to 1024
[  299.048564][T12382] EXT4-fs: Ignoring removed nomblk_io_submit option
[  299.349919][T12366] loop5: detected capacity change from 0 to 32768
[  299.421356][  T931] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  299.459477][T12366] XFS (loop5): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  299.527351][T12416] loop2: detected capacity change from 0 to 256
[  299.535513][T12416] exfat: Deprecated parameter 'utf8'
[  299.540863][T12416] exfat: Deprecated parameter 'namecase'
[  299.548178][T12416] exfat: Deprecated parameter 'utf8'
[  299.560404][T12416] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  299.591603][  T931] usb 2-1: Using ep0 maxpacket: 16
[  299.598497][  T931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  299.602111][T12419] netlink: 'syz.4.2740': attribute type 3 has an invalid length.
[  299.610105][  T931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  299.627897][  T931] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  299.641034][  T931] usb 2-1: New USB device found, idVendor=056a, idProduct=0022, bcdDevice= 0.00
[  299.650178][  T931] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.662886][  T931] usb 2-1: config 0 descriptor??
[  299.670407][T12420] loop3: detected capacity change from 0 to 2048
[  299.691326][T12366] XFS (loop5): Ending clean mount
[  299.738674][T12421] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  299.808088][T11106] XFS (loop5): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  300.022278][T12431] nbd: couldn't find device at index 50432
[  300.174993][  T931] wacom 0003:056A:0022.0043: Unknown device_type for 'HID 056a:0022'. Assuming pen.
[  300.272181][  T931] wacom 0003:056A:0022.0043: hidraw0: USB HID v0.00 Device [HID 056a:0022] on usb-dummy_hcd.1-1/input0
[  300.300181][  T931] input: Wacom Intuos 9x12 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0022.0043/input/input23
[  300.401655][  T931] usb 2-1: USB disconnect, device number 17
[  300.540207][T12452] loop2: detected capacity change from 0 to 256
[  300.580318][T12452] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  300.935128][T12472] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  301.168203][T12484] netlink: 766 bytes leftover after parsing attributes in process `syz.2.2769'.
[  301.214753][T12482] loop3: detected capacity change from 0 to 1024
[  301.231946][T12482] EXT4-fs: Ignoring removed nomblk_io_submit option
[  301.265883][T12482] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  301.412506][ T5224] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.663504][T12509] loop3: detected capacity change from 0 to 2048
[  301.731031][T12515] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  301.767666][T12505] loop2: detected capacity change from 0 to 4096
[  301.788401][T12505] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  301.940868][T12505] ntfs3(loop2): ino=1b, "file0" failed to parse mft record
[  301.960796][T12505] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  301.989629][T12521] mkiss: ax0: crc mode is auto.
[  302.012322][T12505] ntfs3(loop2): ino=1b, "file0" attr_set_size
[  302.018382][T12523] loop1: detected capacity change from 0 to 256
[  302.026260][T12523] exfat: Deprecated parameter 'namecase'
[  302.037274][T12523] exfat: Deprecated parameter 'utf8'
[  302.058561][T12523] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  302.276507][T12514] loop5: detected capacity change from 0 to 40427
[  302.301205][T12514] F2FS-fs (loop5): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  302.310377][T12514] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  302.321758][T12514] F2FS-fs (loop5): invalid crc value
[  302.332588][T12514] F2FS-fs (loop5): Found nat_bits in checkpoint
[  302.412244][T12536] loop2: detected capacity change from 0 to 64
[  302.459791][T12514] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  302.470254][T12514] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  302.505702][T12514] syz.5.2781: attempt to access beyond end of device
[  302.505702][T12514] loop5: rw=2051, sector=36912, nr_sectors = 8144 limit=40427
[  302.520710][T12514] syz.5.2781: attempt to access beyond end of device
[  302.520710][T12514] loop5: rw=2051, sector=45096, nr_sectors = 85976 limit=40427
[  302.540317][T12534] loop3: detected capacity change from 0 to 4096
[  302.561380][T12514] F2FS-fs (loop5): Issue discard(4614, 4614, 1018) failed, ret: -5
[  302.569341][T12514] F2FS-fs (loop5): Issue discard(5637, 5637, 10747) failed, ret: -5
[  302.581524][T12534] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  302.655242][   T29] audit: type=1326 audit(1728797403.034:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12539 comm="syz.2.2793" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f60eb17dff9 code=0x0
[  302.662352][T12541] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  302.701518][T12541] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  302.710548][T12541] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  302.720885][T12541] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  302.738092][T12541] geneve2: entered promiscuous mode
[  302.760260][T12541] geneve2: entered allmulticast mode
[  302.806334][T12541] netdevsim netdevsim1 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  302.817994][T12541] netdevsim netdevsim1 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  302.828307][T12541] netdevsim netdevsim1 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  302.838715][T12541] netdevsim netdevsim1 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  303.350385][   T29] audit: type=1326 audit(1728797403.724:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb7f37dff9 code=0x7ffc0000
[  303.391252][   T29] audit: type=1326 audit(1728797403.724:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb7f37dff9 code=0x7ffc0000
[  303.418255][T12566] loop5: detected capacity change from 0 to 256
[  303.448617][   T29] audit: type=1326 audit(1728797403.794:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fbb7f37dff9 code=0x7ffc0000
[  303.525740][   T29] audit: type=1326 audit(1728797403.794:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbb7f37e033 code=0x7ffc0000
[  303.578790][   T29] audit: type=1326 audit(1728797403.794:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbb7f37cadf code=0x7ffc0000
[  303.607472][T12566] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xff532d92, utbl_chksum : 0xe619d30d)
[  303.641283][   T29] audit: type=1326 audit(1728797403.794:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fbb7f37e087 code=0x7ffc0000
[  303.725919][   T29] audit: type=1326 audit(1728797403.794:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbb7f37c990 code=0x7ffc0000
[  303.783141][   T29] audit: type=1326 audit(1728797403.794:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbb7f37dbfb code=0x7ffc0000
[  303.921999][   T29] audit: type=1326 audit(1728797403.824:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12565 comm="syz.5.2806" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbb7f37cc8a code=0x7ffc0000
[  304.058554][T12580] loop3: detected capacity change from 0 to 32768
[  304.107799][T12580] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  304.142164][T12605] loop0: detected capacity change from 0 to 256
[  304.249995][T12580] XFS (loop3): Ending clean mount
[  304.389250][ T5224] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  304.406216][T12612] loop0: detected capacity change from 0 to 1024
[  304.419269][T12612] EXT4-fs: Ignoring removed nomblk_io_submit option
[  304.504370][T12612] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  304.761891][ T7084] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.820989][T12629] CIFS: Unable to determine destination address
[  305.521475][T12671] loop4: detected capacity change from 0 to 1024
[  305.619505][T12675] loop5: detected capacity change from 0 to 256
[  305.947136][T12694] loop2: detected capacity change from 0 to 256
[  306.010906][T12694] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  306.023840][T12703] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2867'.
[  306.079604][T12703] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2867'.
[  306.139042][T12706] loop0: detected capacity change from 0 to 64
[  306.141769][T12707] dlm: non-version read from control device 2147479540
[  306.235697][T12709] loop4: detected capacity change from 0 to 512
[  306.310802][T12709] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.382533][T12709] ext4 filesystem being mounted at /546/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  306.704153][ T5231] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.882274][T12737] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  307.004698][T12702] loop3: detected capacity change from 0 to 32768
[  307.077143][T12702] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  307.122459][T12755] loop4: detected capacity change from 0 to 512
[  307.257916][T12755] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.270843][T12755] ext4 filesystem being mounted at /549/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.341453][T12732] loop0: detected capacity change from 0 to 32768
[  307.571166][T12761] loop1: detected capacity change from 0 to 32768
[  307.619145][T12755] EXT4-fs error (device loop4): ext4_empty_dir:3105: inode #12: block 31: comm syz.4.2887: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=1, rec_len=6, size=1024 fake=1
[  307.654282][T12755] EXT4-fs (loop4): Remounting filesystem read-only
[  307.660943][T12755] EXT4-fs warning (device loop4): ext4_empty_dir:3107: inode #12: comm syz.4.2887: directory missing '..'
[  307.723650][ T5231] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.744761][T12732] JBD2: Ignoring recovery information on journal
[  307.847034][T12761] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  307.913321][T12702] XFS (loop3): Ending clean mount
[  307.919694][T12732] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  307.979630][T12702] XFS (loop3): Quotacheck needed: Please wait.
[  308.005515][ T7084] ocfs2: Unmounting device (7,0) on (node local)
[  308.054163][T12761] XFS (loop1): Ending clean mount
[  308.176133][T12702] XFS (loop3): Quotacheck: Done.
[  308.197517][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  308.197540][   T29] audit: type=1800 audit(1728797408.574:164): pid=12702 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2865" name="file1" dev="loop3" ino=9286 res=0 errno=0
[  308.240119][ T7063] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  308.420115][T12806] loop0: detected capacity change from 0 to 1024
[  308.433511][ T5224] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  308.554197][  T969] hfsplus: b-tree write err: -5, ino 4
[  309.189386][T12829] netlink: 'syz.3.2917': attribute type 4 has an invalid length.
[  309.369111][T12833] loop3: detected capacity change from 0 to 512
[  309.432111][T12833] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  309.484545][T12833] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  309.526313][T12833] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2919: Corrupt directory, running e2fsck is recommended
[  309.548260][T12833] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[  309.558973][T12833] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.2919: corrupted in-inode xattr: invalid ea_ino
[  309.562246][T12841] binder: BINDER_SET_CONTEXT_MGR already set
[  309.581967][T12833] EXT4-fs (loop3): Remounting filesystem read-only
[  309.593847][T12833] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.621284][T12841] binder: 12840:12841 ioctl 40046207 0 returned -16
[  309.629295][T12833] EXT4-fs warning (device loop3): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  309.647165][T12833] EXT4-fs warning (device loop3): dx_probe:881: Enable large directory feature to access it
[  309.658681][T12833] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.2919: Corrupt directory, running e2fsck is recommended
[  309.712141][T12814] loop4: detected capacity change from 0 to 40427
[  309.729079][T12814] F2FS-fs (loop4): invalid crc value
[  309.742556][T12814] F2FS-fs (loop4): Found nat_bits in checkpoint
[  309.836867][ T5224] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.921838][T12814] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  310.056887][T12854] loop3: detected capacity change from 0 to 4096
[  310.080633][T12858] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  310.170322][T12863] NILFS error (device loop3): nilfs_dotdot: directory #12 missing '.'
[  310.353646][T12863] Remounting filesystem read-only
[  310.431418][T12867] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2929'.
[  310.511792][ T5224] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer
[  310.586003][T12835] loop1: detected capacity change from 0 to 32768
[  310.699075][T12835] XFS (loop1): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  310.858946][T12887] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2939'.
[  310.858976][T12887] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2939'.
[  310.858999][T12887] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2939'.
[  310.859018][T12887] netlink: 88 bytes leftover after parsing attributes in process `syz.3.2939'.
[  310.902749][T12835] XFS (loop1): Ending clean mount
[  310.918704][T12835] syz.1.2920: attempt to access beyond end of device
[  310.918704][T12835] loop1: rw=4096, sector=5772848362684415, nr_sectors = 1 limit=32768
[  310.975877][T12865] loop0: detected capacity change from 0 to 32768
[  311.044585][ T7063] XFS (loop1): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  311.128050][T12897] openvswitch: netlink: Actions may not be safe on all matching packets
[  311.150836][T12865] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  311.240458][T12865] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  311.323669][T12865] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  311.476001][T12865] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  311.818060][T12922] loop3: detected capacity change from 0 to 4096
[  311.942502][T12929] netlink: 'syz.4.2955': attribute type 29 has an invalid length.
[  311.950880][T12926] netlink: 'syz.4.2955': attribute type 29 has an invalid length.
[  312.061504][T12935] can0: slcan on ttyS3.
[  312.127147][T12918] loop5: detected capacity change from 0 to 32768
[  312.218112][T12918] 
[  312.218112][T12918]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  312.218112][T12918] 
[  312.239103][T12936] can0 (unregistered): slcan off ttyS3.
[  312.276273][T12918] 
[  312.276273][T12918]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  312.276273][T12918] 
[  312.287257][T12918] 
[  312.287257][T12918]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  312.287257][T12918] 
[  312.311450][T12918] 
[  312.311450][T12918]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  312.311450][T12918] 
[  312.335108][T12918] 
[  312.335108][T12918]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  312.335108][T12918] 
[  312.350707][T12945] 
[  312.350707][T12945]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  312.350707][T12945] 
[  312.380235][T12918] 
[  312.380235][T12918]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  312.380235][T12918] 
[  312.420423][T12945] 
[  312.420423][T12945]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  312.420423][T12945] 
[  312.440055][T12918] 
[  312.440055][T12918]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  312.440055][T12918] 
[  312.441257][ T5288] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  312.497632][  T111] 
[  312.497632][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  312.497632][  T111] 
[  312.561980][T11106] 
[  312.561980][T11106]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  312.561980][T11106] 
[  312.582536][T11106] 
[  312.582536][T11106]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  312.582536][T11106] 
[  312.648978][ T5288] usb 3-1: Using ep0 maxpacket: 8
[  312.675452][ T5288] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  312.691209][ T5288] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.710517][ T5288] usb 3-1: Product: syz
[  312.719997][ T5288] usb 3-1: Manufacturer: syz
[  312.727880][ T5288] usb 3-1: SerialNumber: syz
[  312.752333][ T5288] usb 3-1: config 0 descriptor??
[  312.966722][ T5288] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  313.265896][T12947] loop1: detected capacity change from 0 to 32768
[  313.334956][T12947] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  313.370668][ T5288] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  313.389105][ T5288] usb 3-1: USB disconnect, device number 21
[  313.468661][ T7063] ocfs2: Unmounting device (7,1) on (node local)
[  313.926741][T12986] loop0: detected capacity change from 0 to 1024
[  313.926752][T12968] loop5: detected capacity change from 0 to 40427
[  313.929548][T12968] F2FS-fs (loop5): build fault injection attr: rate: 690, type: 0x1fffff
[  313.948438][T12968] F2FS-fs (loop5): Image doesn't support compression
[  313.955453][T12968] F2FS-fs (loop5): Image doesn't support compression
[  313.962225][T12968] F2FS-fs (loop5): build fault injection attr: rate: 0, type: 0x4
[  313.972417][T12968] F2FS-fs (loop5): invalid crc value
[  313.986742][T12968] F2FS-fs (loop5): Found nat_bits in checkpoint
[  314.001554][T12986] hfsplus: xattr searching failed
[  314.051193][  T931] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  314.089542][T12968] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  314.136945][T12994] loop0: detected capacity change from 0 to 128
[  314.206910][T11106] syz-executor: attempt to access beyond end of device
[  314.206910][T11106] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  314.252074][T11106] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  314.261834][  T931] usb 2-1: Using ep0 maxpacket: 8
[  314.333521][  T931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  314.353512][  T931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  314.401276][  T931] usb 2-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[  314.410386][  T931] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.503538][  T931] usb 2-1: config 0 descriptor??
[  314.671608][ T5290] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  314.791715][ T5385] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  314.808968][T13018] loop0: detected capacity change from 0 to 512
[  314.824571][ T5290] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  314.836516][ T5290] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  314.849419][ T5290] usb 3-1: New USB device found, idVendor=056a, idProduct=0027, bcdDevice= 0.00
[  314.871133][ T5290] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.889275][T13018] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  314.899281][ T5290] usb 3-1: config 0 descriptor??
[  314.902502][T13018] ext4 filesystem being mounted at /334/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  314.928372][  T931] greenasia 0003:0E8F:0012.0044: hidraw0: USB HID v0.00 Device [HID 0e8f:0012] on usb-dummy_hcd.1-1/input0
[  314.928414][  T931] greenasia 0003:0E8F:0012.0044: no inputs found
[  314.974676][ T5385] usb 4-1: New USB device found, idVendor=0458, idProduct=5005, bcdDevice= 0.00
[  314.974714][ T5385] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.977319][ T5385] usb 4-1: config 0 descriptor??
[  315.002465][ T7084] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  315.163289][ T5287] usb 2-1: USB disconnect, device number 18
[  315.369030][ T5290] wacom 0003:056A:0027.0045: Unknown device_type for 'HID 056a:0027'. Assuming pen.
[  315.390681][ T5290] wacom 0003:056A:0027.0045: hidraw0: USB HID v0.00 Device [HID 056a:0027] on usb-dummy_hcd.2-1/input0
[  315.394623][T13033] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3002'.
[  315.414463][ T5385] kye 0003:0458:5005.0046: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  315.433145][ T5290] input: Wacom Intuos5 touch M Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:056A:0027.0045/input/input26
[  315.452597][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0
[  315.461264][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0
[  315.469736][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0
[  315.476581][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0
[  315.488513][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0
[  315.498860][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0
[  315.500201][T13035] usb usb8: usbfs: process 13035 (syz.4.3003) did not claim interface 0 before use
[  315.511141][ T5385] kye 0003:0458:5005.0046: unknown main item tag 0x0
[  315.541488][ T5385] kye 0003:0458:5005.0046: hidraw1: USB HID v0.00 Device [HID 0458:5005] on usb-dummy_hcd.3-1/input0
[  315.561155][ T5385] kye 0003:0458:5005.0046: tablet-enabling feature report not found
[  315.601134][ T5385] kye 0003:0458:5005.0046: tablet enabling failed
[  315.619214][ T5290] usb 3-1: USB disconnect, device number 22
[  315.631251][ T5385] usb 4-1: USB disconnect, device number 28
[  315.746512][T13043] loop4: detected capacity change from 0 to 2048
[  315.775109][T13043] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  315.820021][T13049] netlink: 56 bytes leftover after parsing attributes in process `syz.1.3010'.
[  315.830824][T13049] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3010'.
[  316.054947][T13057] loop5: detected capacity change from 0 to 256
[  316.110871][T13057] FAT-fs (loop5): Directory bread(block 64) failed
[  316.126615][T13057] FAT-fs (loop5): Directory bread(block 65) failed
[  316.154126][T13057] FAT-fs (loop5): Directory bread(block 66) failed
[  316.162409][T13057] FAT-fs (loop5): Directory bread(block 67) failed
[  316.177319][T13057] FAT-fs (loop5): Directory bread(block 68) failed
[  316.189947][T13057] FAT-fs (loop5): Directory bread(block 69) failed
[  316.223689][T13057] FAT-fs (loop5): Directory bread(block 70) failed
[  316.272125][T13057] FAT-fs (loop5): Directory bread(block 71) failed
[  316.300099][T13057] FAT-fs (loop5): Directory bread(block 72) failed
[  316.331334][T13057] FAT-fs (loop5): Directory bread(block 73) failed
[  316.462885][T13071] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3020'.
[  316.636437][ T1263] ieee802154 phy0 wpan0: encryption failed: -22
[  316.643849][ T1263] ieee802154 phy1 wpan1: encryption failed: -22
[  317.328547][T13067] loop1: detected capacity change from 0 to 32768
[  317.449959][T13097] loop2: detected capacity change from 0 to 256
[  317.564032][T13097] FAT-fs (loop2): Directory bread(block 64) failed
[  317.570617][T13097] FAT-fs (loop2): Directory bread(block 65) failed
[  317.593824][T13097] FAT-fs (loop2): Directory bread(block 66) failed
[  317.608999][T13097] FAT-fs (loop2): Directory bread(block 67) failed
[  317.621350][T13097] FAT-fs (loop2): Directory bread(block 68) failed
[  317.638314][T13097] FAT-fs (loop2): Directory bread(block 69) failed
[  317.648537][T13097] FAT-fs (loop2): Directory bread(block 70) failed
[  317.665435][T13097] FAT-fs (loop2): Directory bread(block 71) failed
[  317.681317][T13097] FAT-fs (loop2): Directory bread(block 72) failed
[  317.691200][T13097] FAT-fs (loop2): Directory bread(block 73) failed
[  317.775948][T13089] loop4: detected capacity change from 0 to 32768
[  317.808939][T13089] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3028 (13089)
[  317.854235][T13089] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  317.885219][T13089] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm
[  317.914161][T13089] BTRFS info (device loop4): using free-space-tree
[  318.315824][T13099] loop3: detected capacity change from 0 to 40427
[  318.326520][T13099] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  318.334617][T13099] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  318.349113][T13099] F2FS-fs (loop3): Found nat_bits in checkpoint
[  318.410918][T13099] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  318.427674][T13099] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  318.484420][ T5231] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  319.009379][T13101] loop2: detected capacity change from 0 to 40427
[  319.033775][T13101] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  319.042255][T13101] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  319.075140][T13101] F2FS-fs (loop2): invalid crc value
[  319.093056][T13101] F2FS-fs (loop2): Found nat_bits in checkpoint
[  319.317358][T13101] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  319.331162][T13101] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  319.454956][T13101] syz.2.3034: attempt to access beyond end of device
[  319.454956][T13101] loop2: rw=2051, sector=36912, nr_sectors = 8144 limit=40427
[  319.479593][T13101] syz.2.3034: attempt to access beyond end of device
[  319.479593][T13101] loop2: rw=2051, sector=45096, nr_sectors = 85976 limit=40427
[  319.561589][T13101] F2FS-fs (loop2): Issue discard(4614, 4614, 1018) failed, ret: -5
[  319.590102][T13101] F2FS-fs (loop2): Issue discard(5637, 5637, 10747) failed, ret: -5
[  319.966937][T13111] syz.1.3045: vmalloc error: size 3584000, failed to allocated page array size 7000, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  320.021602][T13148] netlink: 216 bytes leftover after parsing attributes in process `syz.5.3046'.
[  320.052848][T13150] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3048'.
[  320.081320][T13111] CPU: 1 UID: 0 PID: 13111 Comm: syz.1.3045 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  320.092138][T13111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  320.102206][T13111] Call Trace:
[  320.105520][T13111]  <TASK>
[  320.108461][T13111]  dump_stack_lvl+0x241/0x360
[  320.113161][T13111]  ? __pfx_dump_stack_lvl+0x10/0x10
[  320.118374][T13111]  ? __pfx__printk+0x10/0x10
[  320.123002][T13111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  320.128647][T13111]  ? __rcu_read_unlock+0xa1/0x110
[  320.133699][T13111]  warn_alloc+0x278/0x410
[  320.138048][T13111]  ? __pfx_warn_alloc+0x10/0x10
[  320.142962][T13111]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  320.149305][T13111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  320.154957][T13111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  320.160607][T13111]  ? __get_vm_area_node+0x23d/0x270
[  320.166105][T13111]  __vmalloc_node_range_noprof+0x691/0x13f0
[  320.172060][T13111]  ? __kmalloc_cache_node_noprof+0x1d3/0x300
[  320.178061][T13111]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  320.184401][T13111]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  320.190578][T13111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  320.196324][T13111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  320.201967][T13111]  ? __get_vm_area_node+0x23d/0x270
[  320.207313][T13111]  __vmalloc_node_range_noprof+0x59c/0x13f0
[  320.213219][T13111]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  320.219472][T13111]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  320.225227][T13111]  ? rcu_is_watching+0x15/0xb0
[  320.230005][T13111]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  320.236352][T13111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  320.241999][T13111]  ? rcu_is_watching+0x15/0xb0
[  320.246888][T13111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  320.252538][T13111]  ? __kmalloc_node_noprof+0x247/0x440
[  320.258027][T13111]  ? __kvmalloc_node_noprof+0x72/0x190
[  320.263592][T13111]  __kvmalloc_node_noprof+0x142/0x190
[  320.268979][T13111]  ? __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  320.275152][T13111]  __v4l2_ctrl_modify_dimensions+0x43b/0xb60
[  320.281156][T13111]  ? tpg_update_mv_step+0x361/0x4f0
[  320.286430][T13111]  vivid_update_format_cap+0x133c/0x2090
[  320.292188][T13111]  ? __pfx_vivid_update_format_cap+0x10/0x10
[  320.298183][T13111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  320.303857][T13111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  320.309528][T13111]  vivid_vid_cap_s_dv_timings+0x535/0x1230
[  320.315414][T13111]  __video_do_ioctl+0xc25/0xdd0
[  320.320394][T13111]  ? __pfx___video_do_ioctl+0x10/0x10
[  320.325793][T13111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  320.331443][T13111]  ? __might_fault+0xc6/0x120
[  320.336138][T13111]  video_usercopy+0x89d/0x1180
[  320.340931][T13111]  ? __pfx___video_do_ioctl+0x10/0x10
[  320.346411][T13111]  ? __pfx_video_usercopy+0x10/0x10
[  320.351731][T13111]  ? __fget_files+0x29/0x470
[  320.356337][T13111]  ? __fget_files+0x3f3/0x470
[  320.361041][T13111]  v4l2_ioctl+0x18b/0x1e0
[  320.365435][T13111]  ? __pfx_v4l2_ioctl+0x10/0x10
[  320.370311][T13111]  __se_sys_ioctl+0xfb/0x170
[  320.374926][T13111]  do_syscall_64+0xf3/0x230
[  320.379443][T13111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.385358][T13111] RIP: 0033:0x7f49d517dff9
[  320.389803][T13111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.409616][T13111] RSP: 002b:00007f49d5ff3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  320.418130][T13111] RAX: ffffffffffffffda RBX: 00007f49d5335f80 RCX: 00007f49d517dff9
[  320.426312][T13111] RDX: 0000000020000200 RSI: 00000000c0845657 RDI: 0000000000000003
[  320.434294][T13111] RBP: 00007f49d51f0296 R08: 0000000000000000 R09: 0000000000000000
[  320.442274][T13111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  320.450338][T13111] R13: 0000000000000000 R14: 00007f49d5335f80 R15: 00007ffd05a46578
[  320.458334][T13111]  </TASK>
[  320.475015][T13111] Mem-Info:
[  320.481236][T13111] active_anon:9068 inactive_anon:1 isolated_anon:0
[  320.481236][T13111]  active_file:1524 inactive_file:38691 isolated_file:0
[  320.481236][T13111]  unevictable:768 dirty:568 writeback:0
[  320.481236][T13111]  slab_reclaimable:6147 slab_unreclaimable:100302
[  320.481236][T13111]  mapped:24590 shmem:6750 pagetables:847
[  320.481236][T13111]  sec_pagetables:0 bounce:0
[  320.481236][T13111]  kernel_misc_reclaimable:0
[  320.481236][T13111]  free:1266314 free_pcp:1786 free_cma:0
[  320.556814][T13111] Node 0 active_anon:34372kB inactive_anon:4kB active_file:6096kB inactive_file:154692kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:98360kB dirty:2272kB writeback:0kB shmem:23764kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10520kB pagetables:3188kB sec_pagetables:0kB all_unreclaimable? no
[  320.623294][T13111] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  320.780170][T13161] loop5: detected capacity change from 0 to 1024
[  320.787411][T13161] EXT4-fs: Ignoring removed bh option
[  320.804486][T13111] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  320.843584][T13111] lowmem_reserve[]: 0 2465 2466 0 0
[  320.849073][T13111] Node 0 DMA32 free:1128636kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB active_anon:28436kB inactive_anon:4kB active_file:6096kB inactive_file:153868kB unevictable:1536kB writepending:2272kB present:3129332kB managed:2552500kB mlocked:0kB bounce:0kB free_pcp:5556kB local_pcp:4480kB free_cma:0kB
[  320.925103][T13139] loop3: detected capacity change from 0 to 32768
[  320.936967][T13161] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  320.963292][T13139] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  320.981302][T13111] lowmem_reserve[]: 0 0 0 0 0
[  320.986325][T13139] JBD2: Ignoring recovery information on journal
[  321.026531][T13111] 
[  321.028934][T13111] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:824kB unevictable:0kB writepending:0kB present:1048580kB managed:876kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB
[  321.056440][T13111] lowmem_reserve[]: 0 0 0 0 0
[  321.061333][T13111] Node 1 Normal free:3930944kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:252kB local_pcp:252kB free_cma:0kB
[  321.091463][T13111] lowmem_reserve[]: 0 0 0 0 0
[  321.096279][T13111] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  321.125407][T13111] Node 0 DMA32: 2*4kB (UM) 28*8kB (E) 124*16kB (E) 222*32kB (UME) 135*64kB (UME) 91*128kB (UME) 53*256kB (ME) 26*512kB (UME) 12*1024kB (ME) 8*2048kB (UME) 254*4096kB (M) = 1125544kB
[  321.145304][T13111] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  321.157289][T13111] Node 1 Normal: 162*4kB (U) 41*8kB (UE) 19*16kB (UME) 168*32kB (UME) 93*64kB (UME) 32*128kB (UME) 20*256kB (UME) 9*512kB (UME) 3*1024kB (UME) 3*2048kB (UE) 951*4096kB (M) = 3930944kB
[  321.166919][T13139] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  321.176148][T13111] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  321.231214][T13111] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  321.240546][T13111] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  321.257614][T13171] loop0: detected capacity change from 0 to 4096
[  321.264052][T13111] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  321.275903][T13111] 46145 total pagecache pages
[  321.281358][T13111] 1 pages in swap cache
[  321.285532][T13111] Free swap  = 124472kB
[  321.289797][T13111] Total swap = 124996kB
[  321.299923][T13171] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  321.309187][T13111] 2097051 pages RAM
[  321.321500][T13111] 0 pages HighMem/MovableOnly
[  321.326528][   T29] audit: type=1800 audit(1728797421.674:165): pid=13139 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3041" name="file1" dev="loop3" ino=16946 res=0 errno=0
[  321.351381][T13111] 427076 pages reserved
[  321.355729][T13111] 0 pages cma reserved
[  321.423159][ T5224] ocfs2: Unmounting device (7,3) on (node local)
[  321.702509][T13171] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  321.759000][T11106] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  321.786941][T13171] ntfs3(loop0): ino=1e, "file1" failed to parse mft record
[  321.841309][T13171] ntfs3(loop0): ino=1e, "file1" attr_set_size
[  322.204640][T13168] loop4: detected capacity change from 0 to 40427
[  322.257131][T13168] F2FS-fs (loop4): heap/no_heap options were deprecated
[  322.258731][T13181] loop2: detected capacity change from 0 to 32768
[  322.306258][T13168] F2FS-fs (loop4): invalid crc value
[  322.322673][T13181] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  322.336829][T13168] F2FS-fs (loop4): Found nat_bits in checkpoint
[  322.527263][T10285] ocfs2: Unmounting device (7,2) on (node local)
[  322.684620][T13206] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3068'.
[  323.111240][T13168] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  323.223249][ T5231] syz-executor: attempt to access beyond end of device
[  323.223249][ T5231] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  323.239365][ T5385] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  323.260812][ T5231] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  323.407738][ T5385] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  323.419051][ T5385] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  323.441405][ T5385] usb 4-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[  323.471398][ T5385] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  323.502790][ T5385] usb 4-1: config 0 descriptor??
[  323.939021][ T5385] logitech 0003:046D:C294.0047: hidraw0: USB HID v0.00 Device [HID 046d:c294] on usb-dummy_hcd.3-1/input0
[  323.991137][ T5385] logitech 0003:046D:C294.0047: no inputs found
[  324.090070][T13226] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3077'.
[  324.146954][ T5385] usb 4-1: USB disconnect, device number 29
[  325.348218][T13233] loop1: detected capacity change from 0 to 32768
[  325.364939][T13233] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3079 (13233)
[  325.477539][T13233] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  325.698478][T13233] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  325.720988][T13233] BTRFS info (device loop1): using free-space-tree
[  326.046255][T13273] loop0: detected capacity change from 0 to 1024
[  326.083646][T13273] hfsplus: Filesystem is marked locked, mounting read-only.
[  326.288142][T13241] loop4: detected capacity change from 0 to 40427
[  326.337584][T13241] F2FS-fs (loop4): Found nat_bits in checkpoint
[  326.338249][ T7063] BTRFS info (device loop1): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  326.466692][T13241] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  326.658939][T13286] loop2: detected capacity change from 0 to 32768
[  326.690342][ T5231] syz-executor: attempt to access beyond end of device
[  326.690342][ T5231] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  326.736004][ T5231] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  327.063377][T13304] ptrace attach of "./syz-executor exec"[7063] was attempted by "./syz-executor exec"[13304]
[  327.068609][T13305] loop0: detected capacity change from 0 to 1024
[  327.473124][T13314] loop2: detected capacity change from 0 to 16
[  327.513589][T13314] erofs: (device loop2): mounted with root inode @ nid 36.
[  327.530187][T13293] loop3: detected capacity change from 0 to 32768
[  327.548435][T13293] XFS: noikeep mount option is deprecated.
[  327.577642][T13293] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  327.766586][T13333] random: crng reseeded on system resumption
[  327.770857][T13334] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3116'.
[  327.783877][T13334] openvswitch: netlink: Actions may not be safe on all matching packets
[  327.794275][T13293] XFS (loop3): Ending clean mount
[  327.816258][T13293] XFS (loop3): Quotacheck needed: Please wait.
[  327.880125][T13293] XFS (loop3): Quotacheck: Done.
[  327.968742][ T5224] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  328.139973][T13342] loop1: detected capacity change from 0 to 512
[  328.183283][T13342] EXT4-fs: Ignoring removed orlov option
[  328.244150][T13342] EXT4-fs error (device loop1): ext4_orphan_get:1388: inode #15: comm syz.1.3120: casefold flag without casefold feature
[  328.291200][T13342] EXT4-fs (loop1): Remounting filesystem read-only
[  328.357975][T13342] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.464440][T13356] loop3: detected capacity change from 0 to 128
[  328.481276][T13356] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  328.510209][T13333] Unrecognized hibernate image header format!
[  328.529355][T13333] PM: hibernation: Image mismatch: architecture specific data
[  328.542971][ T7063] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.830033][T13365] loop5: detected capacity change from 0 to 64
[  328.875650][T13354] loop2: detected capacity change from 0 to 32768
[  328.892858][T13354] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3123 (13354)
[  328.911754][T13369] loop1: detected capacity change from 0 to 1024
[  328.937846][T13354] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  328.948650][T13354] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  328.959412][T13354] BTRFS info (device loop2): using free-space-tree
[  328.992323][T13369] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  329.153625][ T7063] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.171461][T10285] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  330.130892][T13432] loop3: detected capacity change from 0 to 1024
[  330.207078][T13432] hfsplus: bad catalog entry type
[  330.294937][ T4323] hfsplus: b-tree write err: -5, ino 4
[  330.334330][T13442] loop0: detected capacity change from 0 to 1024
[  330.370213][T13442] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  330.408953][T13408] loop5: detected capacity change from 0 to 32768
[  330.417138][T13442] ext4 filesystem being mounted at /361/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  330.509291][T13408] JBD2: Ignoring recovery information on journal
[  330.562513][T13408] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  330.630415][ T7084] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.731187][ T5286] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  330.866803][T11106] ocfs2: Unmounting device (7,5) on (node local)
[  330.884100][ T5286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  330.884141][ T5286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  330.884181][ T5286] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00
[  330.884248][ T5286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.886310][ T5286] usb 2-1: config 0 descriptor??
[  331.324728][ T5286] konepure 0003:1E7D:2DB4.0048: unknown main item tag 0x0
[  331.355989][ T5286] konepure 0003:1E7D:2DB4.0048: hidraw0: USB HID v0.00 Device [HID 1e7d:2db4] on usb-dummy_hcd.1-1/input0
[  331.391260][ T5288] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  331.554377][ T5287] usb 2-1: USB disconnect, device number 19
[  331.569006][ T5288] usb 4-1: config 0 has an invalid interface number: 27 but max is 0
[  331.597678][ T5288] usb 4-1: config 0 has no interface number 0
[  331.618104][ T5288] usb 4-1: config 0 interface 27 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  331.639901][ T5288] usb 4-1: config 0 interface 27 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  331.671016][ T5288] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  331.697307][ T5288] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.702136][T13486] loop4: detected capacity change from 0 to 32768
[  331.716721][T13486] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3178 (13486)
[  331.742199][ T5288] usb 4-1: config 0 descriptor??
[  331.760341][T13486] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  331.784327][T13486] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  331.804134][T13486] BTRFS info (device loop4): using free-space-tree
[  331.991025][ T5231] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  332.030481][T13511] loop5: detected capacity change from 0 to 1024
[  332.047925][T13511] EXT4-fs: Ignoring removed orlov option
[  332.056128][T13511] EXT4-fs (loop5): Test dummy encryption mode enabled
[  332.063278][T13511] EXT4-fs (loop5): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  332.109646][T13488] loop2: detected capacity change from 0 to 32768
[  332.138520][T13488] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3180 (13488)
[  332.172440][T13511] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.177060][T13488] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  332.195554][T13488] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm
[  332.204281][T13488] BTRFS info (device loop2): using free-space-tree
[  332.252589][T11106] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.349181][ T5288] uclogic 0003:256C:006D.0049: interface is invalid, ignoring
[  332.472180][    T9] usb 4-1: USB disconnect, device number 30
[  332.571389][T13540] loop1: detected capacity change from 0 to 2048
[  332.621204][T13544] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  332.772570][T13549] loop5: detected capacity change from 0 to 1024
[  332.782662][   T12] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared)
[  332.837688][   T12] hfsplus: b-tree write err: -5, ino 4
[  332.975762][T10285] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  333.214877][T13563] loop5: detected capacity change from 0 to 2048
[  333.221559][    T9] usb 2-1: new low-speed USB device number 20 using dummy_hcd
[  333.405185][    T9] usb 2-1: config index 0 descriptor too short (expected 6427, got 27)
[  333.414218][    T9] usb 2-1: config 0 has an invalid interface number: 21 but max is 0
[  333.422600][    T9] usb 2-1: config 0 has no interface number 0
[  333.428741][    T9] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[  333.438953][    T9] usb 2-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  333.448989][    T9] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  333.458100][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.469601][T13567] netlink: 'syz.5.3203': attribute type 1 has an invalid length.
[  333.479118][    T9] usb 2-1: config 0 descriptor??
[  333.493941][T13567] netlink: 9364 bytes leftover after parsing attributes in process `syz.5.3203'.
[  333.503302][T13567] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3203'.
[  333.890220][T13589] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3212'.
[  334.059855][T13598] loop5: detected capacity change from 0 to 128
[  334.064990][T13599] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3217'.
[  334.108002][T13598] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  334.113269][    T9] usb 2-1: USB disconnect, device number 20
[  334.131041][T13598] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  334.416669][ T5385] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[  334.512907][T13621] loop0: detected capacity change from 0 to 256
[  334.533664][T13621] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x2fab2b20, utbl_chksum : 0xe619d30d)
[  334.596994][ T5385] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  334.611101][ T5385] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  334.626959][ T5385] usb 3-1: New USB device found, idVendor=056a, idProduct=00cc, bcdDevice= 0.00
[  334.636567][ T5385] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.692570][ T5385] usb 3-1: config 0 descriptor??
[  335.152304][ T5385] wacom 0003:056A:00CC.004A: hidraw0: USB HID v0.00 Device [HID 056a:00cc] on usb-dummy_hcd.2-1/input0
[  335.152882][T13615] loop5: detected capacity change from 0 to 32768
[  335.273178][T13615] XFS (loop5): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  335.382357][ T5385] usb 3-1: USB disconnect, device number 23
[  335.405618][T13615] XFS (loop5): Starting recovery (logdev: internal)
[  335.454756][T13615] XFS (loop5): Ending recovery (logdev: internal)
[  335.574452][T11106] XFS (loop5): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  335.873671][T13679] netlink: 'syz.3.3255': attribute type 12 has an invalid length.
[  335.926972][T13679] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.3255'.
[  335.937007][T13681] netlink: 'syz.0.3252': attribute type 10 has an invalid length.
[  335.988377][T13675] loop1: detected capacity change from 0 to 4096
[  335.991374][T13681] netlink: 55 bytes leftover after parsing attributes in process `syz.0.3252'.
[  336.065618][T13681] tipc: Resetting bearer <eth:vlan0>
[  336.089925][T13685] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  336.317291][T13696] loop3: detected capacity change from 0 to 164
[  336.361734][T13700] loop5: detected capacity change from 0 to 128
[  336.495675][T13681] tipc: Disabling bearer <eth:vlan0>
[  336.543557][T13708] loop3: detected capacity change from 0 to 512
[  336.572185][T13708] EXT4-fs: Ignoring removed nobh option
[  336.618367][T13708] fscrypt (loop3, inode 2): Error -61 getting encryption context
[  336.637955][T13708] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -61
[  336.657121][T13708] EXT4-fs error (device loop3): ext4_orphan_get:1388: inode #13: comm syz.3.3265: casefold flag without casefold feature
[  336.678696][T13708] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.3265: couldn't read orphan inode 13 (err -117)
[  336.702728][T13708] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  336.838431][ T5224] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.060674][T13706] loop2: detected capacity change from 0 to 32768
[  337.090085][T13706] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3266 (13706)
[  337.166571][T13706] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  337.185064][T13706] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  337.220778][T13706] BTRFS info (device loop2): using free-space-tree
[  337.248201][T13724] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3273'.
[  337.259059][T13729] 
@ÿÿÿ: renamed from veth0_vlan (while UP)
[  337.319706][T13737] xt_CT: You must specify a L4 protocol and not use inversions on it
[  337.410707][T13750] loop0: detected capacity change from 0 to 256
[  337.425774][T13750] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  337.448004][T13751] loop1: detected capacity change from 0 to 1024
[  337.720125][T10285] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  337.785886][T13774] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3289'.
[  338.021759][T13772] loop5: detected capacity change from 0 to 32768
[  338.031333][T13772] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3288 (13772)
[  338.050037][T13772] BTRFS info (device loop5): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  338.062133][T13772] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  338.093693][T13781] loop4: detected capacity change from 0 to 256
[  338.094174][T13772] BTRFS info (device loop5): using free-space-tree
[  338.254713][T13791] loop4: detected capacity change from 0 to 256
[  338.303663][T13791] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  338.499975][T13810] netlink: 165 bytes leftover after parsing attributes in process `syz.1.3301'.
[  338.597501][T13814] tmpfs: Cannot change global quota limit on remount
[  338.779303][T11106] BTRFS info (device loop5): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  338.844207][T13831] loop2: detected capacity change from 0 to 256
[  338.852109][T13831] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  338.961699][T13834] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3313'.
[  339.041213][ T5287] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  339.107804][T13838] loop5: detected capacity change from 0 to 1024
[  339.201652][ T5287] usb 4-1: Using ep0 maxpacket: 16
[  339.225603][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  339.249203][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  339.261307][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  339.272518][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  339.282643][ T5287] usb 4-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  339.292051][ T5287] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.324445][ T5287] usb 4-1: config 0 descriptor??
[  339.376466][T13832] loop4: detected capacity change from 0 to 32768
[  339.438172][T13832] JBD2: Ignoring recovery information on journal
[  339.534664][T13832] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  339.727297][ T5231] ocfs2: Unmounting device (7,4) on (node local)
[  339.760936][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: unknown main item tag 0x0
[  339.770425][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: unknown main item tag 0x0
[  339.778311][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: unknown main item tag 0x0
[  339.797932][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: unknown main item tag 0x0
[  339.808058][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: unknown main item tag 0x0
[  339.836103][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: hidraw0: USB HID v0.00 Device [HID 10c4:8acf] on usb-dummy_hcd.3-1/input0
[  339.849039][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: U2F Zero LED initialised
[  339.856704][ T5287] hid-u2fzero 0003:10C4:8ACF.004B: U2F Zero RNG initialised
[  339.871346][ T5288] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  339.921224][ T5286] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  339.959249][T13865] netlink: 'syz.4.3323': attribute type 1 has an invalid length.
[  339.968011][T13865] netlink: 191384 bytes leftover after parsing attributes in process `syz.4.3323'.
[  339.984263][ T5287] usb 4-1: USB disconnect, device number 31
[  340.021269][ T5288] usb 3-1: Using ep0 maxpacket: 16
[  340.028065][ T5288] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  340.047270][ T5288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  340.071366][ T5288] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  340.089873][ T5288] usb 3-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.00
[  340.099236][ T5288] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.111583][ T5288] usb 3-1: config 0 descriptor??
[  340.122809][ T5286] usb 2-1: Using ep0 maxpacket: 16
[  340.130593][ T5286] usb 2-1: unable to get BOS descriptor or descriptor too short
[  340.140028][ T5286] usb 2-1: config 0 has an invalid interface number: 193 but max is 0
[  340.148558][ T5286] usb 2-1: config 0 has no interface number 0
[  340.155281][ T5286] usb 2-1: config 0 interface 193 altsetting 4 endpoint 0xC has invalid maxpacket 1023, setting to 64
[  340.166500][ T5286] usb 2-1: config 0 interface 193 has no altsetting 0
[  340.178100][ T5286] usb 2-1: New USB device found, idVendor=0499, idProduct=1034, bcdDevice=50.3a
[  340.201148][ T5286] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.209294][ T5286] usb 2-1: Product: syz
[  340.219518][ T5286] usb 2-1: Manufacturer: syz
[  340.231756][ T5286] usb 2-1: SerialNumber: syz
[  340.238930][ T5286] usb 2-1: config 0 descriptor??
[  340.347350][T13877] loop4: detected capacity change from 0 to 1024
[  340.394483][T13877] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.453519][T13877] EXT4-fs: Ignoring removed nobh option
[  340.460767][T13877] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[  340.476331][ T5286] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  340.520775][ T5286] snd-usb-audio 2-1:0.193: probe with driver snd-usb-audio failed with error -2
[  340.540341][ T5231] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.581194][ T5286] usb 2-1: USB disconnect, device number 21
[  340.603067][ T5288] lenovo 0003:17EF:60EE.004C: hidraw0: USB HID v0.04 Device [HID 17ef:60ee] on usb-dummy_hcd.2-1/input0
[  340.785426][ T5288] lenovo 0003:17EF:60EE.004C: Failed to switch F7/9/11 mode: -71
[  340.794306][ T5288] lenovo 0003:17EF:60EE.004C: Failed to switch middle button: -71
[  340.805593][ T5288] lenovo 0003:17EF:60EE.004C: Fn-lock setting failed: -71
[  340.821583][ T5288] lenovo 0003:17EF:60EE.004C: Sensitivity setting failed: -71
[  340.838040][ T5288] usb 3-1: USB disconnect, device number 24
[  341.330926][T13916] loop5: detected capacity change from 0 to 256
[  341.371905][T13916] exfat: Deprecated parameter 'utf8'
[  341.398507][T13916] exfat: Deprecated parameter 'namecase'
[  341.428997][T13916] exfat: Deprecated parameter 'namecase'
[  341.436712][T13920] loop1: detected capacity change from 0 to 64
[  341.462800][T13916] exfat: Deprecated parameter 'utf8'
[  341.538546][T13916] exFAT-fs (loop5): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  342.163287][T13934] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.263631][T13934] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.325413][T13940] program syz.2.3360 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  342.378851][T13892] loop4: detected capacity change from 0 to 131072
[  342.391405][T13892] F2FS-fs (loop4): Test dummy encryption mode enabled
[  342.452499][T13938] loop5: detected capacity change from 0 to 4096
[  342.463833][T13892] F2FS-fs (loop4): invalid crc value
[  342.500189][T13944] loop3: detected capacity change from 0 to 64
[  342.615845][T13936] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.624115][T13936] bridge0: port 1(bridge_slave_0) entered forwarding state
[  342.627439][T13922] loop0: detected capacity change from 0 to 32768
[  342.674195][T13922] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section replicas_v0: invalid device 1 in entry btree: 1/84 [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 2 2 4 5 5 5 6 8 10 108]
[  342.674195][T13922] replicas_v0 (size 24):
[  342.674195][T13922] btree: 84 [0 2 1 0 4 1 0 0 0 0 0 0 0 0 108 1 0 0 6 0 0 0 0 0 0 0 0 0 0 0 10 0 0 0 0 0 0 0 1 0 1 0 5 0 0 0 8 0 0 0 0 0 0 0 1 0 2 0 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 5 0 0 0 0 0 0 0 0 0]
[  342.674195][T13922] 
[  342.716041][T13936] bridge0: port 2(bridge_slave_1) entered blocking state
[  342.728781][T13892] F2FS-fs (loop4): Found nat_bits in checkpoint
[  342.734211][T13936] bridge0: port 2(bridge_slave_1) entered forwarding state
[  342.778398][T13922] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[  342.859335][T13938] ntfs3: Cannot use different iocharset when remounting!
[  342.879329][T13892] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  342.880931][T13949] loop3: detected capacity change from 0 to 4096
[  342.964300][T13949] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  343.146614][T13949] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  343.386097][T13968] netlink: 68 bytes leftover after parsing attributes in process `syz.5.3371'.
[  343.632681][T13979] sp0: Synchronizing with TNC
[  343.692239][T13983] loop1: detected capacity change from 0 to 512
[  343.699287][T13983] EXT4-fs: Ignoring removed mblk_io_submit option
[  343.713177][T13983] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  343.758420][T13983] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  343.767373][T13983] System zones: 1-12
[  343.923619][T13983] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.3380: corrupted in-inode xattr: e_value size too large
[  343.979661][T13983] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.3380: couldn't read orphan inode 15 (err -117)
[  344.059962][T13983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  344.261356][ T7063] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.401927][T14014] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3392'.
[  344.485841][T14018] loop0: detected capacity change from 0 to 256
[  344.523195][T14021] loop5: detected capacity change from 0 to 512
[  344.543654][T14018] FAT-fs (loop0): Directory bread(block 64) failed
[  344.559410][T14018] FAT-fs (loop0): Directory bread(block 65) failed
[  344.598745][T14021] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  344.621355][T14018] FAT-fs (loop0): Directory bread(block 66) failed
[  344.630629][T14021] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  344.677993][T14018] FAT-fs (loop0): Directory bread(block 67) failed
[  344.730591][T14018] FAT-fs (loop0): Directory bread(block 68) failed
[  344.790281][T14018] FAT-fs (loop0): Directory bread(block 69) failed
[  344.811647][T14018] FAT-fs (loop0): Directory bread(block 70) failed
[  344.841194][T14018] FAT-fs (loop0): Directory bread(block 71) failed
[  344.855323][T14018] FAT-fs (loop0): Directory bread(block 72) failed
[  344.856706][T14021] EXT4-fs: Cannot change quota options when quota turned on
[  344.881128][T14018] FAT-fs (loop0): Directory bread(block 73) failed
[  345.041967][T14001] loop4: detected capacity change from 0 to 40427
[  345.058523][T11106] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  345.068657][T14035] loop1: detected capacity change from 0 to 24
[  345.110750][T14035] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  345.126239][T14001] F2FS-fs (loop4): Found nat_bits in checkpoint
[  345.162858][T14035] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  345.208918][T14041] loop5: detected capacity change from 0 to 256
[  345.259646][T14044] loop2: detected capacity change from 0 to 22
[  345.285882][T14044] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  345.307715][T14001] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  345.351799][T14044] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  345.451896][ T5231] syz-executor: attempt to access beyond end of device
[  345.451896][ T5231] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  345.499195][ T5231] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  345.749719][T14048] loop1: detected capacity change from 0 to 40427
[  345.762014][T14048] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  345.769879][T14048] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  345.898232][T14048] F2FS-fs (loop1): Found nat_bits in checkpoint
[  346.055303][T14048] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  346.064007][T14048] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  346.199028][T14069] loop5: detected capacity change from 0 to 8
[  346.298361][T14031] loop3: detected capacity change from 0 to 32768
[  346.531407][T14079] netlink: 'syz.4.3419': attribute type 30 has an invalid length.
[  346.971182][ T5286] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  347.010102][T14067] loop0: detected capacity change from 0 to 32768
[  347.060070][T14067] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  347.081621][T14067] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  347.122245][ T5286] usb 4-1: Using ep0 maxpacket: 8
[  347.148227][T14067] gfs2: fsid=syz:syz.0: journal 0 mapped with 16 extents in 0ms
[  347.202168][ T5286] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  347.209575][  T931] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  347.211021][ T5286] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  347.218009][  T931] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  347.228076][ T5286] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  347.250670][T14090] loop2: detected capacity change from 0 to 4096
[  347.280619][T14082] loop1: detected capacity change from 0 to 32768
[  347.314879][ T5286] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  347.324779][ T5286] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.337713][  T931] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 119ms
[  347.344478][T14082] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  347.345819][  T931] gfs2: fsid=syz:syz.0: jid=0: Done
[  347.360585][ T5286] usb 4-1: Product: syz
[  347.364044][T14067] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  347.364947][ T5286] usb 4-1: Manufacturer: syz
[  347.376947][ T5286] usb 4-1: SerialNumber: syz
[  347.428208][T14099] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  347.487252][T14082] XFS (loop1): Ending clean mount
[  347.504581][T14082] XFS (loop1): Quotacheck needed: Please wait.
[  347.609219][T14082] XFS (loop1): Quotacheck: Done.
[  347.795734][ T7063] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  347.805915][T14109] loop0: detected capacity change from 0 to 512
[  347.841571][T14109] EXT4-fs error (device loop0): ext4_orphan_get:1388: inode #17: comm syz.0.3426: iget: bogus i_mode (0)
[  347.856958][ T5286] usb 4-1: 0:2 : does not exist
[  347.861905][T14109] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.3426: couldn't read orphan inode 17 (err -117)
[  347.863073][T14109] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  347.898062][T14113] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3427'.
[  347.963863][ T7084] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.091254][ T5288] usb 4-1: USB disconnect, device number 32
[  348.595417][T14119] loop4: detected capacity change from 0 to 32768
[  348.612588][T14119] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3431 (14119)
[  348.643934][T14119] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  348.662101][T14119] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  348.670869][T14119] BTRFS info (device loop4): using free-space-tree
[  348.917809][ T5231] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  349.020102][T14118] loop2: detected capacity change from 0 to 65536
[  349.100234][T14118] XFS (loop2): Mounting V5 Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5
[  349.430983][T14118] XFS (loop2): Ending clean mount
[  349.530697][T14180] loop0: detected capacity change from 0 to 256
[  349.699852][T10285] XFS (loop2): Unmounting Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5
[  349.772549][T14190] loop1: detected capacity change from 0 to 64
[  349.988834][T14201] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3459'.
[  350.647831][T14218] overlayfs: conflicting options: nfs_export=on,metacopy=on
[  350.724977][T14220] loop3: detected capacity change from 0 to 16
[  350.732906][T14220] erofs: (device loop3): mounted with root inode @ nid 36.
[  351.395637][T14230] loop1: detected capacity change from 0 to 32768
[  351.423820][T14230] XFS (loop1): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  351.461482][ T5346] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  351.474551][T14230] XFS (loop1): Ending clean mount
[  351.483484][T14230] XFS (loop1): Quotacheck needed: Please wait.
[  351.540395][T14263] loop0: detected capacity change from 0 to 2048
[  351.620332][T14230] XFS (loop1): Quotacheck: Done.
[  351.627514][T14267] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  351.650502][T14263] NILFS (loop0): unable to set label with more than 80 bytes
[  351.661178][ T5346] usb 4-1: Using ep0 maxpacket: 16
[  351.694049][ T5346] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  351.711244][ T5346] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.728982][ T5346] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  351.767265][ T5346] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice= 0.00
[  351.767303][ T5346] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.770082][ T5346] usb 4-1: config 0 descriptor??
[  351.845811][ T7063] XFS (loop1): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  352.188170][T14283] loop1: detected capacity change from 0 to 512
[  352.197154][ T5346] shield 0003:0955:7214.004D: item fetching failed at offset 4/5
[  352.210885][ T5346] shield 0003:0955:7214.004D: Parse failed
[  352.212614][T14283] EXT4-fs: Ignoring removed nomblk_io_submit option
[  352.227890][ T5346] shield 0003:0955:7214.004D: probe with driver shield failed with error -22
[  352.237294][T14286] loop5: detected capacity change from 0 to 64
[  352.245655][ T5235] Bluetooth: hci2: command 0x0405 tx timeout
[  352.272987][T14283] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  352.294834][T14286] hfs: request for non-existent node 293 in B*Tree
[  352.326478][T14283] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  352.340039][T14286] hfs: request for non-existent node 293 in B*Tree
[  352.349568][T14286] hfs: get root inode failed
[  352.358344][T14283] EXT4-fs (loop1): 1 truncate cleaned up
[  352.365365][T14283] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.448451][ T5346] usb 4-1: USB disconnect, device number 33
[  352.489229][T14283] EXT4-fs error (device loop1): ext4_map_blocks:671: inode #2: block 4: comm syz.1.3489: lblock 0 mapped to illegal pblock 4 (length 1)
[  352.507500][T14283] EXT4-fs (loop1): Remounting filesystem read-only
[  352.572519][ T7063] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.445444][T14306] loop2: detected capacity change from 0 to 4096
[  353.763506][T14312] loop3: detected capacity change from 0 to 512
[  353.894843][T14312] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.944627][T14306] ntfs3(loop2): Failed to load $MFT (-22).
[  354.013754][T14312] ext4 filesystem being mounted at /584/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  354.316091][ T5233] Bluetooth: hci2: command 0x0405 tx timeout
[  354.372067][T14298] loop0: detected capacity change from 0 to 40427
[  354.424256][ T5224] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.460464][T14295] loop5: detected capacity change from 0 to 32768
[  354.473145][T14298] F2FS-fs (loop0): Small segment_count (9 < 1 * 24)
[  354.501633][T14298] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  354.542036][T14295] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3497 (14295)
[  354.615588][T14321] loop2: detected capacity change from 0 to 512
[  354.660047][T14298] F2FS-fs (loop0): Found nat_bits in checkpoint
[  354.690429][T14295] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  354.731460][T14321] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  354.738877][T14321] UDF-fs: Scanning with blocksize 512 failed
[  354.771628][T14295] BTRFS info (device loop5): using sha256 (sha256-ni) checksum algorithm
[  354.830075][T14295] BTRFS info (device loop5): using free-space-tree
[  354.839587][T14321] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  354.871459][T14321] UDF-fs: Scanning with blocksize 1024 failed
[  354.959128][T14325] loop3: detected capacity change from 0 to 2048
[  354.967895][T14321] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  355.002103][T14321] UDF-fs: Scanning with blocksize 2048 failed
[  355.045863][T14321] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  355.056741][T14298] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  355.093089][T14295] BTRFS info (device loop5): rebuilding free space tree
[  355.100151][T14298] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  355.124621][T14321] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  355.138313][T14325] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.256928][T14325] ext4 filesystem being mounted at /585/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.306080][T14321] UDF-fs: error (device loop2): udf_verify_fi: directory (ino 21) has entry at pos 172 with incorrect tag 0
[  355.370552][T14308] loop1: detected capacity change from 0 to 32768
[  355.410531][T14325] fscrypt (loop3, inode 13): Error -61 getting encryption context
[  355.449830][ T7084] syz-executor: attempt to access beyond end of device
[  355.449830][ T7084] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  355.471445][T14308] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3502 (14308)
[  355.494130][T14304] loop4: detected capacity change from 0 to 40427
[  355.553320][ T7084] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  355.590815][T14308] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  355.603860][T14304] F2FS-fs (loop4): invalid crc value
[  355.664354][T11106] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  355.683354][T14308] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  355.703371][T14304] F2FS-fs (loop4): Found nat_bits in checkpoint
[  355.723577][ T5224] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.770402][T14308] BTRFS info (device loop1): using free-space-tree
[  355.962377][T14304] F2FS-fs (loop4): Start checkpoint disabled!
[  356.415770][T14369] loop3: detected capacity change from 0 to 256
[  356.438808][T14369] exfat: Deprecated parameter 'namecase'
[  356.491463][T14369] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d)
[  356.553851][T14308] BTRFS error (device loop1): open_ctree failed
[  357.661456][T14384] netlink: 191416 bytes leftover after parsing attributes in process `syz.3.3519'.
[  358.954724][T14400] netlink: 'syz.3.3527': attribute type 31 has an invalid length.
[  359.194547][T14377] loop5: detected capacity change from 0 to 32768
[  359.313477][T14377] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3509 (14377)
[  359.397101][T14377] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  359.433342][T14406] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3530'.
[  359.450482][T14402] loop1: detected capacity change from 0 to 4096
[  359.466473][T14377] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  359.525969][T14377] BTRFS info (device loop5): using free-space-tree
[  359.541156][T14402] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  360.211867][T14388] loop2: detected capacity change from 0 to 32768
[  360.242231][T11106] BTRFS info (device loop5): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  360.288031][T14388] XFS (loop2): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  360.385221][T14440] loop3: detected capacity change from 0 to 8
[  360.386434][T14440] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  360.476065][T14388] XFS (loop2): Ending clean mount
[  360.486371][T14388] XFS (loop2): Quotacheck needed: Please wait.
[  360.637486][T14388] XFS (loop2): Quotacheck: Done.
[  360.926966][T10285] XFS (loop2): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  361.081186][  T931] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  361.276147][  T931] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  361.328310][  T931] usb 4-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[  361.400001][  T931] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.539979][  T931] usb 4-1: config 0 descriptor??
[  361.557768][T14455] loop1: detected capacity change from 0 to 256
[  361.656268][T14455] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f50, chksum : 0xa6aae999, utbl_chksum : 0xe619d30d)
[  361.954174][T14460] omfs: Invalid superblock (0)
[  362.023325][  T931] hid-steam 0003:28DE:1205.004E: : USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.3-1/input0
[  362.098936][T14462] loop5: detected capacity change from 0 to 256
[  362.144077][  T931] hid-steam 0003:28DE:1205.004E: Steam Controller 'XXXXXXXXXX' connected
[  362.214682][  T931] input: Steam Deck as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28DE:1205.004E/input/input33
[  362.370872][  T931] input: Steam Deck Motion Sensors as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:28DE:1205.004E/input/input34
[  362.574499][  T931] hid-steam 0003:28DE:1205.004F: hidraw0: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.3-1/input0
[  362.734605][  T931] usb 4-1: USB disconnect, device number 34
[  363.173811][T14476] loop1: detected capacity change from 0 to 64
[  363.395637][T14472] loop5: detected capacity change from 0 to 8192
[  363.541447][   T29] audit: type=1800 audit(1728797463.914:166): pid=14472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3549" name="file0" dev="loop5" ino=1048905 res=0 errno=0
[  363.565125][  T931] hid-steam 0003:28DE:1205.004E: Steam Controller 'XXXXXXXXXX' disconnected
[  363.990870][T14494] loop0: detected capacity change from 0 to 2048
[  364.167983][T14494] Alternate GPT is invalid, using primary GPT.
[  364.204907][T14494]  loop0: p1 p2 p3
[  365.220200][T14524] loop4: detected capacity change from 0 to 4096
[  365.261284][T14524] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  365.338633][T14524] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  365.378112][T14524] ntfs3(loop4): Failed to load $Extend (-22).
[  365.410274][T14524] ntfs3(loop4): Failed to initialize $Extend.
[  366.556025][T14554] loop1: detected capacity change from 0 to 128
[  366.649013][T14554] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  366.714003][T14563] loop4: detected capacity change from 0 to 64
[  366.736418][T14564] loop2: detected capacity change from 0 to 512
[  366.765145][T14554] ext4 filesystem being mounted at /469/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  366.818989][T14564] EXT4-fs: Ignoring removed mblk_io_submit option
[  366.836808][T14563] Trying to free block not in datazone
[  366.866611][T14564] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  366.881215][T14563] Trying to free block not in datazone
[  366.912365][T14563] Trying to free block not in datazone
[  366.949597][T14563] Trying to free block not in datazone
[  366.971570][T14564] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  366.993050][T14563] minix_free_block (loop4:6): bit already cleared
[  367.021413][T14564] System zones: 1-12
[  367.036243][T14564] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2240: inode #15: comm syz.2.3587: corrupted in-inode xattr: e_value size too large
[  367.055276][T14563] Trying to free block not in datazone
[  367.084017][ T7063] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  367.101583][T14563] Trying to free block not in datazone
[  367.136444][T14564] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.3587: couldn't read orphan inode 15 (err -117)
[  367.228818][T14564] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  367.563025][T10285] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.967390][T14585] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  369.108686][T14599] loop1: detected capacity change from 0 to 512
[  369.276887][T14599] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  369.463028][T14599] ext4 filesystem being mounted at /473/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  370.491456][T14620] tipc: Started in network mode
[  370.506861][T14620] tipc: Node identity ac1414aa, cluster identity 4711
[  370.527267][T14620] tipc: New replicast peer: 100.1.1.1
[  370.548791][T14618] loop2: detected capacity change from 0 to 4096
[  370.566090][T14620] tipc: Enabled bearer <udp:syz2>, priority 10
[  370.628039][T14618] NILFS (loop2): invalid segment: Checksum error in segment payload
[  370.699189][T14618] NILFS (loop2): trying rollback from an earlier position
[  370.813641][T14618] NILFS (loop2): recovery complete
[  370.860408][T14622] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  371.349501][T14604] loop4: detected capacity change from 0 to 32768
[  371.463574][T14604] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  371.596701][T14627] loop5: detected capacity change from 0 to 4096
[  371.656178][T14639] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3616'.
[  371.677167][T14627] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  371.699091][    T9] tipc: Node number set to 2886997162
[  371.774055][T14604] XFS (loop4): Ending clean mount
[  371.915232][T14627] ntfs3(loop5): ino=1e, "file1" attr_set_size
[  371.964475][T14627] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  372.044727][T14627] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  372.078392][T14611] loop0: detected capacity change from 0 to 40427
[  372.112587][ T5231] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  372.171464][T14611] F2FS-fs (loop0): Image doesn't support compression
[  372.240384][T14611] F2FS-fs (loop0): invalid crc value
[  372.273928][T14611] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  372.302320][T14646] loop2: detected capacity change from 0 to 256
[  372.326193][   T33] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22.
[  372.380749][T14646] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x72684843, utbl_chksum : 0xe619d30d)
[  372.718037][T14611] F2FS-fs (loop0): Start checkpoint disabled!
[  372.789802][T14611] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  373.338449][T14661] xt_CT: No such helper "syz1"
[  373.930464][T14678] loop2: detected capacity change from 0 to 128
[  373.997158][T14678] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  374.093186][T14678] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  375.035394][ T5235] Bluetooth: hci4: command 0x0406 tx timeout
[  375.396679][T14708] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3645'.
[  376.423482][T14728] loop5: detected capacity change from 0 to 1024
[  376.606571][T14696] loop0: detected capacity change from 0 to 32768
[  376.694472][T14696] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3639 (14696)
[  376.758692][   T33] hfsplus: b-tree write err: -5, ino 4
[  376.978423][T14739] loop5: detected capacity change from 0 to 64
[  377.048342][T14741] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3662'.
[  377.114376][T14741] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3662'.
[  377.379895][T14696] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  377.436283][T14696] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm
[  377.457107][T14751] loop5: detected capacity change from 0 to 24
[  377.484296][T14696] BTRFS info (device loop0): using free-space-tree
[  377.511615][T14751] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  377.552714][T14751] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  377.969387][ T7084] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  378.091600][ T1263] ieee802154 phy0 wpan0: encryption failed: -22
[  378.098306][ T1263] ieee802154 phy1 wpan1: encryption failed: -22
[  379.318485][T14795] loop0: detected capacity change from 0 to 512
[  379.462661][T14795] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[  379.541267][T14795] UDF-fs: Scanning with blocksize 512 failed
[  379.618346][T14795] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[  379.663962][T14795] UDF-fs: Scanning with blocksize 1024 failed
[  379.736303][T14795] UDF-fs: warning (device loop0): udf_load_vrs: No VRS found
[  379.820203][T14795] UDF-fs: Scanning with blocksize 2048 failed
[  379.910306][T14795] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  380.076998][T14795] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  380.662226][ T5235] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  380.692065][ T5235] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  380.702186][ T5235] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  380.710581][ T5235] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  380.718936][ T5235] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  380.726328][ T5235] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  381.176903][T14783] loop4: detected capacity change from 0 to 32768
[  381.306357][T14786] loop5: detected capacity change from 0 to 32768
[  381.569487][T14821] loop3: detected capacity change from 0 to 512
[  381.611872][T14821] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  381.673098][T14821] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  381.673204][T14821] ext4 filesystem being mounted at /638/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  381.989290][ T5224] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.029957][T14805] chnl_net:caif_netlink_parms(): no params data found
[  382.791477][ T5235] Bluetooth: hci6: command tx timeout
[  383.299786][T14855] loop3: detected capacity change from 0 to 1024
[  383.307693][T14856] loop2: detected capacity change from 0 to 512
[  383.364281][T14856] EXT4-fs (loop2): filesystem is read-only
[  383.406795][T14856] EXT4-fs (loop2): filesystem is read-only
[  383.444048][T14856] EXT4-fs (loop2): orphan cleanup on readonly fs
[  383.484939][T14856] EXT4-fs error (device loop2): ext4_orphan_get:1414: comm syz.2.3704: bad orphan inode 16
[  383.532055][T14856] ext4_test_bit(bit=15, block=3) = 0
[  383.558219][T14856] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  383.661817][T14856] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #2: block 3: comm syz.2.3704: lblock 0 mapped to illegal pblock 3 (length 1)
[  383.707002][T14860] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3705'.
[  383.855870][T10285] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.220238][T14869] loop5: detected capacity change from 0 to 2048
[  384.283159][T14869] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  384.493431][T11106] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.872548][ T5235] Bluetooth: hci6: command tx timeout
[  386.951532][ T5235] Bluetooth: hci6: command tx timeout
[  389.031397][ T5235] Bluetooth: hci6: command tx timeout
[  393.776570][ T5233] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  393.789642][ T5233] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  393.797919][ T5233] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  393.806650][ T5233] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  393.816841][ T5233] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  393.824329][ T5233] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  394.079762][ T5235] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  394.092288][ T5235] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  394.103403][ T5235] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  394.126695][ T5235] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  394.135949][ T5235] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  394.143437][ T5235] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  394.858520][ T5233] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  394.871391][ T5233] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  394.879263][ T5233] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  394.887197][ T5233] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  394.894930][ T5233] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  394.902354][ T5233] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  395.701874][ T5235] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  395.712007][ T5235] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  395.720319][ T5235] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  395.730381][ T5235] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  395.738918][ T5235] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  395.749521][ T5235] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  395.797520][ T5233] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  395.809382][ T5233] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  395.818606][ T5233] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  395.826865][ T5233] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  395.837218][ T5233] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  395.844675][ T5233] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  395.911410][ T5233] Bluetooth: hci7: command tx timeout
[  396.231455][ T5233] Bluetooth: hci8: command tx timeout
[  396.951688][ T5233] Bluetooth: hci9: command tx timeout
[  397.832482][ T5233] Bluetooth: hci10: command tx timeout
[  397.911657][ T5233] Bluetooth: hci11: command tx timeout
[  397.991319][ T5233] Bluetooth: hci7: command tx timeout
[  398.311475][ T5233] Bluetooth: hci8: command tx timeout
[  399.036079][ T5233] Bluetooth: hci9: command tx timeout
[  399.915860][ T5233] Bluetooth: hci10: command tx timeout
[  399.991579][ T5233] Bluetooth: hci11: command tx timeout
[  400.071374][ T5233] Bluetooth: hci7: command tx timeout
[  400.391547][ T5233] Bluetooth: hci8: command tx timeout
[  401.111304][ T5233] Bluetooth: hci9: command tx timeout
[  401.991299][ T5233] Bluetooth: hci10: command tx timeout
[  402.071578][ T5233] Bluetooth: hci11: command tx timeout
[  402.151272][ T5233] Bluetooth: hci7: command tx timeout
[  402.471483][ T5233] Bluetooth: hci8: command tx timeout
[  403.191384][ T5233] Bluetooth: hci9: command tx timeout
[  404.071439][ T5233] Bluetooth: hci10: command tx timeout
[  404.151561][ T5233] Bluetooth: hci11: command tx timeout
[  417.037383][T14805] bridge0: port 1(bridge_slave_0) entered blocking state
[  417.073012][T14805] bridge0: port 1(bridge_slave_0) entered disabled state
[  417.080306][T14805] bridge_slave_0: entered allmulticast mode
[  417.412770][T14805] bridge_slave_0: entered promiscuous mode
[  439.538987][ T1263] ieee802154 phy0 wpan0: encryption failed: -22
[  439.545623][ T1263] ieee802154 phy1 wpan1: encryption failed: -22
[  441.134067][ T5235] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  441.151419][ T5235] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  441.161850][ T5235] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  441.169964][ T5235] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  441.177616][ T5235] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  441.185188][ T5235] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  443.271821][ T5235] Bluetooth: hci1: command tx timeout
[  445.351862][ T5235] Bluetooth: hci1: command tx timeout
[  447.431681][ T5235] Bluetooth: hci1: command tx timeout
[  449.001044][    C1] sched: DL replenish lagged too much
[  449.511655][ T5235] Bluetooth: hci1: command tx timeout
[  454.892406][ T5233] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  454.911624][ T5233] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  454.923051][ T5233] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  454.935685][ T5233] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  454.946138][ T5233] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  454.954263][ T5233] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  454.988152][ T5235] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  455.003614][ T5235] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  455.013107][ T5235] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  455.032313][ T5235] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  455.041364][ T5235] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  455.049255][ T5235] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  455.499650][ T5233] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  455.510834][ T5233] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  455.529386][ T5233] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  455.539152][ T5233] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  455.551238][ T5233] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  455.560901][ T5233] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  455.862130][ T5235] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  455.873585][ T5235] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  455.882080][ T5235] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  455.890147][ T5235] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  455.898071][ T5235] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  455.910674][ T5235] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  456.191883][ T5233] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[  456.206639][ T5233] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[  456.215634][ T5233] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[  456.223881][ T5233] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[  456.231846][ T5233] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3
[  456.239391][ T5233] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[  457.031489][ T5233] Bluetooth: hci12: command tx timeout
[  457.111380][ T5233] Bluetooth: hci13: command tx timeout
[  457.591369][ T5233] Bluetooth: hci14: command tx timeout
[  457.991354][ T5233] Bluetooth: hci15: command tx timeout
[  458.311357][ T5233] Bluetooth: hci16: command tx timeout
[  459.121657][ T5233] Bluetooth: hci12: command tx timeout
[  459.192347][ T5233] Bluetooth: hci13: command tx timeout
[  459.671626][ T5233] Bluetooth: hci14: command tx timeout
[  460.071294][ T5233] Bluetooth: hci15: command tx timeout
[  460.399136][ T5233] Bluetooth: hci16: command tx timeout
[  461.191522][ T5233] Bluetooth: hci12: command tx timeout
[  461.271565][ T5235] Bluetooth: hci13: command tx timeout
[  461.751457][ T5233] Bluetooth: hci14: command tx timeout
[  462.151491][ T5233] Bluetooth: hci15: command tx timeout
[  462.474193][ T5233] Bluetooth: hci16: command tx timeout
[  463.271451][ T5233] Bluetooth: hci12: command tx timeout
[  463.351417][ T5233] Bluetooth: hci13: command tx timeout
[  463.831803][ T5233] Bluetooth: hci14: command tx timeout
[  464.232500][ T5233] Bluetooth: hci15: command tx timeout
[  464.551350][ T5233] Bluetooth: hci16: command tx timeout
[  477.511496][T14922] Bluetooth: hci2: command 0x0405 tx timeout
[  500.662636][T14922] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[  500.675114][T14922] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[  500.683996][T14922] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[  500.694947][T14922] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[  500.711516][T14922] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3
[  500.719565][T14922] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[  500.958365][ T1263] ieee802154 phy0 wpan0: encryption failed: -22
[  500.964970][ T1263] ieee802154 phy1 wpan1: encryption failed: -22
[  502.791396][T14922] Bluetooth: hci17: command tx timeout
[  503.042154][T14922] Bluetooth: hci6: command 0x0406 tx timeout
[  504.871379][ T5233] Bluetooth: hci17: command tx timeout
[  506.951426][ T5233] Bluetooth: hci17: command tx timeout
[  509.031481][ T5233] Bluetooth: hci17: command tx timeout
[  515.520837][T14922] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1
[  515.534608][T14922] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9
[  515.543204][T14922] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9
[  515.551900][T14922] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4
[  515.570872][T14922] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3
[  515.602986][T14922] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2
[  515.788627][T14922] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1
[  515.800264][T14922] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9
[  515.809396][T14922] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9
[  515.817513][T14922] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4
[  515.831484][T14922] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3
[  515.842945][T14922] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2
[  516.226122][T14922] Bluetooth: hci20: unexpected cc 0x0c03 length: 249 > 1
[  516.238139][T14922] Bluetooth: hci20: unexpected cc 0x1003 length: 249 > 9
[  516.252110][T14922] Bluetooth: hci20: unexpected cc 0x1001 length: 249 > 9
[  516.271707][T14922] Bluetooth: hci20: unexpected cc 0x0c23 length: 249 > 4
[  516.279463][T14922] Bluetooth: hci20: unexpected cc 0x0c25 length: 249 > 3
[  516.286976][T14922] Bluetooth: hci20: unexpected cc 0x0c38 length: 249 > 2
[  516.649082][T14948] Bluetooth: hci21: unexpected cc 0x0c03 length: 249 > 1
[  516.670426][T14948] Bluetooth: hci21: unexpected cc 0x1003 length: 249 > 9
[  516.688841][T14948] Bluetooth: hci21: unexpected cc 0x1001 length: 249 > 9
[  516.702287][T14948] Bluetooth: hci21: unexpected cc 0x0c23 length: 249 > 4
[  516.714343][T14948] Bluetooth: hci21: unexpected cc 0x0c25 length: 249 > 3
[  516.723274][T14948] Bluetooth: hci21: unexpected cc 0x0c38 length: 249 > 2
[  516.941508][T14946] Bluetooth: hci22: unexpected cc 0x0c03 length: 249 > 1
[  516.952420][T14946] Bluetooth: hci22: unexpected cc 0x1003 length: 249 > 9
[  516.961299][T14946] Bluetooth: hci22: unexpected cc 0x1001 length: 249 > 9
[  516.970822][T14946] Bluetooth: hci22: unexpected cc 0x0c23 length: 249 > 4
[  516.978587][T14946] Bluetooth: hci22: unexpected cc 0x0c25 length: 249 > 3
[  516.987485][T14946] Bluetooth: hci22: unexpected cc 0x0c38 length: 249 > 2
[  517.671847][T14946] Bluetooth: hci18: command tx timeout
[  517.911310][T14946] Bluetooth: hci19: command tx timeout
[  518.424047][T14948] Bluetooth: hci8: command 0x0406 tx timeout
[  518.430123][T14948] Bluetooth: hci9: command 0x0406 tx timeout
[  518.451149][T14946] Bluetooth: hci7: command 0x0406 tx timeout
[  518.457202][T14946] Bluetooth: hci10: command 0x0406 tx timeout
[  518.463437][T14948] Bluetooth: hci20: command tx timeout
[  518.470540][T14948] Bluetooth: hci11: command 0x0406 tx timeout
[  518.791343][T14944] Bluetooth: hci21: command tx timeout
[  519.031723][T14944] Bluetooth: hci22: command tx timeout
[  519.751282][T14944] Bluetooth: hci18: command tx timeout
[  519.991359][T14944] Bluetooth: hci19: command tx timeout
[  520.561750][T14944] Bluetooth: hci20: command tx timeout
[  520.871455][T14944] Bluetooth: hci21: command tx timeout
[  521.111529][T14944] Bluetooth: hci22: command tx timeout
[  521.831435][T14944] Bluetooth: hci18: command tx timeout
[  522.073534][ T5233] Bluetooth: hci19: command tx timeout
[  522.631348][ T5233] Bluetooth: hci20: command tx timeout
[  522.951352][ T5233] Bluetooth: hci21: command tx timeout
[  523.191431][ T5233] Bluetooth: hci22: command tx timeout
[  523.911343][ T5233] Bluetooth: hci18: command tx timeout
[  524.151327][ T5233] Bluetooth: hci19: command tx timeout
[  524.711350][ T5233] Bluetooth: hci20: command tx timeout
[  525.031301][ T5233] Bluetooth: hci21: command tx timeout
[  525.272718][ T5233] Bluetooth: hci22: command tx timeout
[  531.032066][   T30] INFO: task syz.2.3715:14881 blocked for more than 143 seconds.
[  531.039932][   T30]       Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  531.058326][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  531.067059][   T30] task:syz.2.3715      state:D stack:23808 pid:14881 tgid:14881 ppid:10285  flags:0x00000004
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  531.085207][   T30] Call Trace:
[  531.088513][   T30]  <TASK>
[  531.111289][   T30]  __schedule+0x1895/0x4b30
[  531.115914][   T30]  ? __pfx___schedule+0x10/0x10
[  531.120859][   T30]  ? __pfx_lock_release+0x10/0x10
[  531.212314][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  531.217911][   T30]  ? schedule+0x90/0x320
[  531.301033][   T30]  schedule+0x14b/0x320
[  531.332837][   T30]  schedule_preempt_disabled+0x13/0x30
[  531.338381][   T30]  __mutex_lock+0x6a7/0xd70
[  531.381050][   T30]  ? __mutex_lock+0x52a/0xd70
[  531.385830][   T30]  ? raw_release+0x1b8/0x8b0
[  531.390461][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  531.431258][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  531.437235][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  531.471254][   T30]  raw_release+0x1b8/0x8b0
[  531.475749][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  531.511265][   T30]  sock_close+0xbe/0x240
[  531.515609][   T30]  ? __pfx_sock_close+0x10/0x10
[  531.520515][   T30]  __fput+0x241/0x880
[  531.568950][   T30]  task_work_run+0x251/0x310
[  531.581215][   T30]  ? __pfx_task_work_run+0x10/0x10
[  531.586487][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  531.621045][   T30]  syscall_exit_to_user_mode+0x168/0x370
[  531.626863][   T30]  do_syscall_64+0x100/0x230
[  531.648755][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.661165][   T30] RIP: 0033:0x7f60eb17dff9
[  531.665610][   T30] RSP: 002b:00007ffe6f73b888 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  531.701030][   T30] RAX: 0000000000000000 RBX: 000000000005deeb RCX: 00007f60eb17dff9
[  531.709048][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  531.751086][   T30] RBP: 00007f60eb337a80 R08: 0000000000000001 R09: 00007ffe6f73bb7f
[  531.759120][   T30] R10: 00007f60eb000000 R11: 0000000000000246 R12: 000000000005df30
[  531.798976][   T30] R13: 00007ffe6f73b990 R14: 0000000000000032 R15: ffffffffffffffff
[  531.829635][   T30]  </TASK>
[  531.838589][   T30] INFO: task syz.5.3717:14886 blocked for more than 144 seconds.
[  531.868327][   T30]       Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  531.881047][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  531.889778][   T30] task:syz.5.3717      state:D stack:27392 pid:14886 tgid:14885 ppid:11106  flags:0x00000004
[  531.910663][   T30] Call Trace:
[  531.914319][   T30]  <TASK>
[  531.919443][   T30]  __schedule+0x1895/0x4b30
[  531.931136][   T30]  ? __pfx___schedule+0x10/0x10
[  531.936225][   T30]  ? __pfx_lock_release+0x10/0x10
[  531.948978][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  531.955955][   T30]  ? schedule+0x90/0x320
[  531.960246][   T30]  schedule+0x14b/0x320
[  531.972287][   T30]  schedule_preempt_disabled+0x13/0x30
[  531.977802][   T30]  __mutex_lock+0x6a7/0xd70
[  531.987982][   T30]  ? __mutex_lock+0x52a/0xd70
[  531.995200][   T30]  ? genl_rcv_msg+0x121/0xec0
[  532.000005][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  532.010604][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  532.018570][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  532.031213][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  532.036887][   T30]  ? __local_bh_enable_ip+0x168/0x200
[  532.049971][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  532.055820][   T30]  ? radix_tree_lookup+0x238/0x290
[  532.069327][   T30]  genl_rcv_msg+0x121/0xec0
[  532.076180][   T30]  ? mark_lock+0x9a/0x360
[  532.080555][   T30]  ? __lock_acquire+0x1384/0x2050
[  532.091033][   T30]  ? __pfx_genl_rcv_msg+0x10/0x10
[  532.096121][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  532.109020][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  532.114287][   T30]  ? __pfx___might_resched+0x10/0x10
[  532.119626][   T30]  netlink_rcv_skb+0x1e5/0x430
[  532.131112][   T30]  ? __pfx_genl_rcv_msg+0x10/0x10
[  532.136272][   T30]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  532.148927][   T30]  ? __netlink_deliver_tap+0x77e/0x7c0
[  532.154729][   T30]  genl_rcv+0x28/0x40
[  532.158747][   T30]  netlink_unicast+0x7f8/0x990
[  532.172339][   T30]  ? __pfx_netlink_unicast+0x10/0x10
[  532.177688][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  532.190085][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  532.197069][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  532.209432][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  532.215298][   T30]  ? __check_object_size+0x48e/0x900
[  532.220802][   T30]  netlink_sendmsg+0x8e4/0xcb0
[  532.235949][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  532.243652][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  532.249618][   T30]  ? aa_sock_msg_perm+0x91/0x160
[  532.260526][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  532.268510][   T30]  ? __pfx_netlink_sendmsg+0x10/0x10
[  532.279543][   T30]  __sock_sendmsg+0x223/0x270
[  532.287050][   T30]  __sys_sendto+0x39b/0x4f0
[  532.297533][   T30]  ? __pfx___sys_sendto+0x10/0x10
[  532.305198][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  532.310868][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  532.321108][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  532.337136][   T30]  ? exc_page_fault+0x590/0x8c0
[  532.343422][   T30]  __x64_sys_sendto+0xde/0x100
[  532.348226][   T30]  do_syscall_64+0xf3/0x230
[  532.359972][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.367126][   T30] RIP: 0033:0x7fbb7f37fe8c
[  532.378608][   T30] RSP: 002b:00007fbb80247ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  532.388380][   T30] RAX: ffffffffffffffda RBX: 00007fbb80247fc0 RCX: 00007fbb7f37fe8c
[  532.401030][   T30] RDX: 0000000000000020 RSI: 00007fbb80248010 RDI: 0000000000000004
[  532.409032][   T30] RBP: 0000000000000000 R08: 00007fbb80247f14 R09: 000000000000000c
[  532.425067][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  532.438775][   T30] R13: 00007fbb80247f68 R14: 00007fbb80248010 R15: 0000000000000000
[  532.455196][   T30]  </TASK>
[  532.458322][   T30] 
[  532.458322][   T30] Showing all locks held in the system:
[  532.474339][   T30] 3 locks held by kworker/u8:0/11:
[  532.479471][   T30]  #0: ffff88802ddee148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  532.499040][   T30]  #1: ffffc90000107d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  532.523037][   T30]  #2: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  532.540371][   T30] 1 lock held by khungtaskd/30:
[  532.547503][   T30]  #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  532.558501][   T30] 3 locks held by kworker/u8:2/33:
[  532.571137][   T30]  #0: ffff88801ac81148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  532.590889][   T30]  #1: ffffc90000a97d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  532.610066][   T30]  #2: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  532.619324][   T30] 2 locks held by getty/4975:
[  532.624209][   T30]  #0: ffff888031cc00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  532.646442][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  532.660578][   T30] 5 locks held by kworker/1:3/5286:
[  532.670255][   T30] 3 locks held by kworker/1:5/5288:
[  532.679265][   T30]  #0: ffff88801ac78948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  532.691181][   T30]  #1: ffffc900040d7d00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  532.709363][   T30]  #2: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[  532.731120][   T30] 1 lock held by syz.1.3605/14599:
[  532.738509][   T30]  #0: ffff88814c80c0e0 (&type->s_umount_key#32){++++}-{3:3}, at: super_lock+0x27c/0x400
[  532.756982][   T30] 1 lock held by syz-executor/14805:
[  532.763457][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  532.780040][   T30] 1 lock held by syz.0.3699/14839:
[  532.786465][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  532.806855][   T30] 2 locks held by syz.4.3702/14857:
[  532.813369][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  532.829239][   T30]  #1: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0
[  532.850753][   T30] 3 locks held by syz.3.3712/14876:
[  532.856364][   T30]  #0: ffffffff8fd37e70 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  532.876683][   T30]  #1: ffffffff8fd37d28 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0
[  532.893654][   T30]  #2: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: nl802154_pre_doit+0xb5/0xac0
[  532.907777][   T30] 2 locks held by syz.2.3715/14881:
[  532.916554][   T30]  #0: ffff888060fa6208 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: sock_close+0x90/0x240
[  532.931205][   T30]  #1: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: raw_release+0x1b8/0x8b0
[  532.940174][   T30] 2 locks held by syz.5.3717/14886:
[  532.955368][   T30]  #0: ffffffff8fd37e70 (cb_lock){++++}-{3:3}, at: genl_rcv+0x19/0x40
[  532.967035][   T30]  #1: ffffffff8fd37d28 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg+0x121/0xec0
[  532.984701][   T30] 1 lock held by syz-executor/14890:
[  532.990010][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.007574][   T30] 1 lock held by syz-executor/14892:
[  533.014154][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.030363][   T30] 1 lock held by syz-executor/14895:
[  533.037045][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.051114][   T30] 1 lock held by syz-executor/14899:
[  533.056426][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.073196][   T30] 1 lock held by syz-executor/14901:
[  533.078503][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.096330][   T30] 1 lock held by syz-executor/14905:
[  533.104044][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.121108][   T30] 1 lock held by syz-executor/14910:
[  533.126413][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.143488][   T30] 1 lock held by syz-executor/14912:
[  533.155869][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.168905][   T30] 1 lock held by syz-executor/14915:
[  533.179222][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.192212][   T30] 1 lock held by syz-executor/14918:
[  533.197704][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.211107][   T30] 1 lock held by syz-executor/14920:
[  533.216430][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.233301][   T30] 1 lock held by syz-executor/14930:
[  533.238625][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.255880][   T30] 1 lock held by syz-executor/14935:
[  533.264766][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.282747][   T30] 1 lock held by syz-executor/14938:
[  533.288082][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.305473][   T30] 1 lock held by syz-executor/14941:
[  533.310789][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.323352][   T30] 1 lock held by syz-executor/14947:
[  533.328663][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.341031][   T30] 1 lock held by syz-executor/14950:
[  533.346346][   T30]  #0: ffffffff8fcd2108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[  533.365977][   T30] 
[  533.368337][   T30] =============================================
[  533.368337][   T30] 
[  533.379571][   T30] NMI backtrace for cpu 0
[  533.383920][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  533.394440][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  533.404513][   T30] Call Trace:
[  533.407805][   T30]  <TASK>
[  533.410773][   T30]  dump_stack_lvl+0x241/0x360
[  533.415495][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  533.420813][   T30]  ? __pfx__printk+0x10/0x10
[  533.425461][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  533.430435][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  533.435921][   T30]  ? _printk+0xd5/0x120
[  533.440112][   T30]  ? __pfx__printk+0x10/0x10
[  533.444743][   T30]  ? __wake_up_klogd+0xcc/0x110
[  533.449625][   T30]  ? __pfx__printk+0x10/0x10
[  533.454252][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.459909][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  533.464974][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  533.470998][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  533.477015][   T30]  watchdog+0xff4/0x1040
[  533.481292][   T30]  ? watchdog+0x1ea/0x1040
[  533.485751][   T30]  ? __pfx_watchdog+0x10/0x10
[  533.490563][   T30]  kthread+0x2f2/0x390
[  533.494661][   T30]  ? __pfx_watchdog+0x10/0x10
[  533.499541][   T30]  ? __pfx_kthread+0x10/0x10
[  533.504155][   T30]  ret_from_fork+0x4d/0x80
[  533.508604][   T30]  ? __pfx_kthread+0x10/0x10
[  533.513217][   T30]  ret_from_fork_asm+0x1a/0x30
[  533.518032][   T30]  </TASK>
[  533.522230][   T30] Sending NMI from CPU 0 to CPUs 1:
[  533.527462][    C1] NMI backtrace for cpu 1
[  533.527477][    C1] CPU: 1 UID: 0 PID: 5286 Comm: kworker/1:3 Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  533.527504][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  533.527519][    C1] Workqueue: events nsim_dev_trap_report_work
[  533.527551][    C1] RIP: 0010:unwind_next_frame+0x179b/0x22d0
[  533.527577][    C1] Code: d0 48 c1 e8 03 0f b6 04 28 84 c0 0f 85 93 0a 00 00 48 0f bf 03 48 8b 34 24 48 01 c6 49 8d 55 40 4c 89 ef e8 37 0e 00 00 84 c0 <0f> 84 66 01 00 00 49 bc 00 00 00 00 00 fc ff df 48 8b 44 24 20 42
[  533.527597][    C1] RSP: 0018:ffffc90000a170d0 EFLAGS: 00000202
[  533.527616][    C1] RAX: 1ffff92000142e01 RBX: ffffffff912b2462 RCX: 0000000000000000
[  533.527633][    C1] RDX: dffffc0000000000 RSI: ffffc90000a11000 RDI: ffffc90000a17d18
[  533.527651][    C1] RBP: dffffc0000000000 R08: ffffc90000a17d18 R09: ffffc90000a171f0
[  533.527668][    C1] R10: dffffc0000000000 R11: fffff52000142e40 R12: ffffc90000a19000
[  533.527702][    C1] R13: ffffc90000a171a0 R14: ffffffff8a1e0199 R15: ffffc90000a171f0
[  533.527723][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  533.527743][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  533.527759][    C1] CR2: 00007fff9f664ecc CR3: 000000000e734000 CR4: 0000000000350ef0
[  533.527777][    C1] Call Trace:
[  533.527785][    C1]  <NMI>
[  533.527794][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  533.527824][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  533.527862][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  533.527890][    C1]  ? nmi_handle+0x2a/0x5a0
[  533.527925][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  533.527957][    C1]  ? nmi_handle+0x151/0x5a0
[  533.527981][    C1]  ? nmi_handle+0x2a/0x5a0
[  533.528006][    C1]  ? unwind_next_frame+0x179b/0x22d0
[  533.528028][    C1]  ? default_do_nmi+0x63/0x160
[  533.528059][    C1]  ? exc_nmi+0x123/0x1f0
[  533.528092][    C1]  ? end_repeat_nmi+0xf/0x53
[  533.528115][    C1]  ? ip_route_output_flow+0x29/0x140
[  533.528154][    C1]  ? unwind_next_frame+0x179b/0x22d0
[  533.528177][    C1]  ? unwind_next_frame+0x179b/0x22d0
[  533.528201][    C1]  ? unwind_next_frame+0x179b/0x22d0
[  533.528224][    C1]  </NMI>
[  533.528232][    C1]  <IRQ>
[  533.528246][    C1]  ? ip_route_output_key_hash+0x193/0x2b0
[  533.528282][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  533.528312][    C1]  arch_stack_walk+0x11c/0x150
[  533.528342][    C1]  ? ip_route_output_flow+0x29/0x140
[  533.528376][    C1]  stack_trace_save+0x118/0x1d0
[  533.528406][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  533.528435][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.528466][    C1]  save_stack+0xfb/0x1f0
[  533.528490][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.528514][    C1]  ? mark_lock+0x9a/0x360
[  533.528537][    C1]  ? __pfx_save_stack+0x10/0x10
[  533.528560][    C1]  ? post_alloc_hook+0x1f3/0x230
[  533.528593][    C1]  ? get_page_from_freelist+0x3045/0x3190
[  533.528618][    C1]  ? __alloc_pages_noprof+0x292/0x710
[  533.528642][    C1]  ? alloc_pages_mpol_noprof+0x3e8/0x680
[  533.528670][    C1]  ? alloc_slab_page+0x6a/0x120
[  533.528693][    C1]  ? allocate_slab+0x5a/0x2f0
[  533.528714][    C1]  ? ___slab_alloc+0xcd1/0x14b0
[  533.528748][    C1]  ? __slab_alloc+0x58/0xa0
[  533.528780][    C1]  ? kmem_cache_alloc_noprof+0x1c1/0x2a0
[  533.528809][    C1]  ? dst_alloc+0x12b/0x190
[  533.528830][    C1]  ? ip_route_output_key_hash_rcu+0x13cc/0x2390
[  533.528865][    C1]  ? ip_route_output_key_hash+0x193/0x2b0
[  533.528908][    C1]  __set_page_owner+0x92/0x800
[  533.528931][    C1]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  533.528964][    C1]  ? get_page_from_freelist+0x87d/0x3190
[  533.528990][    C1]  ? __pfx_lock_release+0x10/0x10
[  533.529025][    C1]  ? __pfx___set_page_owner+0x10/0x10
[  533.529056][    C1]  post_alloc_hook+0x1f3/0x230
[  533.529096][    C1]  get_page_from_freelist+0x3045/0x3190
[  533.529141][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.529177][    C1]  __alloc_pages_noprof+0x292/0x710
[  533.529201][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.529228][    C1]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  533.529260][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.529285][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.529315][    C1]  alloc_pages_mpol_noprof+0x3e8/0x680
[  533.529347][    C1]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  533.529378][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  533.529414][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.529438][    C1]  ? alloc_pages_noprof+0x43/0x170
[  533.529468][    C1]  alloc_slab_page+0x6a/0x120
[  533.529491][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.529518][    C1]  allocate_slab+0x5a/0x2f0
[  533.529543][    C1]  ___slab_alloc+0xcd1/0x14b0
[  533.529579][    C1]  ? dst_alloc+0x12b/0x190
[  533.529605][    C1]  ? dst_alloc+0x12b/0x190
[  533.529625][    C1]  __slab_alloc+0x58/0xa0
[  533.529660][    C1]  ? dst_alloc+0x12b/0x190
[  533.529681][    C1]  kmem_cache_alloc_noprof+0x1c1/0x2a0
[  533.529715][    C1]  dst_alloc+0x12b/0x190
[  533.529738][    C1]  ip_route_output_key_hash_rcu+0x13cc/0x2390
[  533.529784][    C1]  ip_route_output_key_hash+0x193/0x2b0
[  533.529818][    C1]  ? ip_route_output_key_hash+0xdf/0x2b0
[  533.529853][    C1]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  533.529891][    C1]  ? __pfx_lock_release+0x10/0x10
[  533.529925][    C1]  ? __asan_memset+0x23/0x50
[  533.529967][    C1]  ip_route_output_flow+0x29/0x140
[  533.530000][    C1]  ip_route_me_harder+0x80d/0x1300
[  533.530039][    C1]  ? __pfx_ip_route_me_harder+0x10/0x10
[  533.530075][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.530100][    C1]  ? __kmalloc_node_track_caller_noprof+0x242/0x440
[  533.530147][    C1]  synproxy_send_tcp+0x356/0x6c0
[  533.530186][    C1]  synproxy_send_client_synack+0x8b8/0xf30
[  533.530228][    C1]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  533.530260][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.530288][    C1]  ? synproxy_pernet+0x45/0x270
[  533.530322][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.530349][    C1]  nft_synproxy_eval_v4+0x3ca/0x610
[  533.530388][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  533.530425][    C1]  ? nf_ip_checksum+0x13a/0x500
[  533.530464][    C1]  nft_synproxy_do_eval+0x362/0xa60
[  533.530503][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  533.530537][    C1]  ? ip_vs_conn_hashkey_param+0x3ad/0x6b0
[  533.530573][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  533.530610][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.530635][    C1]  ? ip_vs_conn_out_get+0xba6/0xc00
[  533.530671][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.530700][    C1]  nft_do_chain+0x4af/0x1da0
[  533.530740][    C1]  ? tcp_conn_schedule+0x45e/0x880
[  533.530776][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  533.530829][    C1]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[  533.530854][    C1]  ? __pfx_ip_vs_in_hook+0x10/0x10
[  533.530881][    C1]  nft_do_chain_inet+0x418/0x6b0
[  533.530918][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  533.530964][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  533.531003][    C1]  nf_hook_slow+0xc5/0x220
[  533.531040][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  533.531073][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  533.531102][    C1]  NF_HOOK+0x29e/0x450
[  533.531128][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.531158][    C1]  ? NF_HOOK+0x9a/0x450
[  533.531184][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  533.531215][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  533.531248][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.531276][    C1]  ? ip_rcv_finish+0x406/0x560
[  533.531306][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  533.531335][    C1]  NF_HOOK+0x3a6/0x450
[  533.531361][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.531388][    C1]  ? __lock_acquire+0x1384/0x2050
[  533.531427][    C1]  ? NF_HOOK+0x9a/0x450
[  533.531455][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  533.531481][    C1]  ? ip_rcv_core+0x801/0xd10
[  533.531511][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  533.531545][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  533.531575][    C1]  __netif_receive_skb+0x2bf/0x650
[  533.531609][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  533.531646][    C1]  ? __pfx___netif_receive_skb+0x10/0x10
[  533.531675][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  533.531710][    C1]  ? __pfx_lock_release+0x10/0x10
[  533.531746][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  533.531788][    C1]  process_backlog+0x662/0x15b0
[  533.531823][    C1]  ? process_backlog+0x33b/0x15b0
[  533.531860][    C1]  ? __pfx_process_backlog+0x10/0x10
[  533.531890][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  533.531928][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  533.531966][    C1]  __napi_poll+0xcd/0x490
[  533.531996][    C1]  net_rx_action+0x89b/0x1240
[  533.532042][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  533.532077][    C1]  ? __pfx_tmigr_handle_remote+0x10/0x10
[  533.532135][    C1]  handle_softirqs+0x2c7/0x980
[  533.532170][    C1]  ? __irq_exit_rcu+0xf4/0x1c0
[  533.532204][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  533.532237][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.532262][    C1]  ? irqtime_account_irq+0xd4/0x1e0
[  533.532287][    C1]  __irq_exit_rcu+0xf4/0x1c0
[  533.532318][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  533.532353][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.532379][    C1]  irq_exit_rcu+0x9/0x30
[  533.532409][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  533.532443][    C1]  </IRQ>
[  533.532450][    C1]  <TASK>
[  533.532459][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  533.532482][    C1] RIP: 0010:kasan_check_range+0x6a/0x290
[  533.532511][    C1] Code: 00 00 00 00 00 fc ff df 4e 8d 1c 13 49 ff c8 4d 89 c1 49 c1 e9 03 49 be 01 00 00 00 00 fc ff df 4f 8d 3c 31 4c 89 fd 4c 29 dd <48> 83 fd 10 7f 29 48 85 ed 0f 84 3e 01 00 00 4c 89 cd 48 f7 d5 48
[  533.532530][    C1] RSP: 0018:ffffc900040f7460 EFLAGS: 00000202
[  533.532550][    C1] RAX: ffffc900040f7901 RBX: 1ffff9200081eeba RCX: ffffffff8141732b
[  533.532568][    C1] RDX: 0000000000000001 RSI: 0000000000000010 RDI: ffffc900040f75d0
[  533.532584][    C1] RBP: 0000000000000002 R08: ffffc900040f75df R09: 1ffff9200081eebb
[  533.532600][    C1] R10: dffffc0000000000 R11: fffff5200081eeba R12: ffffc900040f8000
[  533.532617][    C1] R13: ffffc900040f7580 R14: dffffc0000000001 R15: fffff5200081eebc
[  533.532640][    C1]  ? unwind_next_frame+0xcfb/0x22d0
[  533.532669][    C1]  __asan_memset+0x23/0x50
[  533.532703][    C1]  ? __kmalloc_node_track_caller_noprof+0x225/0x440
[  533.532737][    C1]  unwind_next_frame+0xcfb/0x22d0
[  533.532764][    C1]  ? __kasan_kmalloc+0x98/0xb0
[  533.532791][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  533.532821][    C1]  arch_stack_walk+0x11c/0x150
[  533.532850][    C1]  ? __kmalloc_node_track_caller_noprof+0x225/0x440
[  533.532901][    C1]  stack_trace_save+0x118/0x1d0
[  533.532931][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  533.532958][    C1]  ? stack_trace_save+0x118/0x1d0
[  533.532986][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  533.533012][    C1]  ? arch_stack_walk+0x11c/0x150
[  533.533042][    C1]  kasan_save_track+0x3f/0x80
[  533.533064][    C1]  ? kasan_save_track+0x3f/0x80
[  533.533090][    C1]  ? __kasan_kmalloc+0x98/0xb0
[  533.533145][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.533172][    C1]  __kasan_kmalloc+0x98/0xb0
[  533.533198][    C1]  __kmalloc_node_track_caller_noprof+0x225/0x440
[  533.533231][    C1]  ? __alloc_skb+0x1f3/0x440
[  533.533256][    C1]  ? __alloc_skb+0x1f3/0x440
[  533.533277][    C1]  kmalloc_reserve+0x111/0x2a0
[  533.533302][    C1]  __alloc_skb+0x1f3/0x440
[  533.533323][    C1]  ? kasan_quarantine_put+0xdc/0x230
[  533.533345][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.533373][    C1]  ? __pfx___alloc_skb+0x10/0x10
[  533.533395][    C1]  ? nsim_dev_trap_report_work+0x6d0/0xaa0
[  533.533422][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.533448][    C1]  ? nsim_dev_trap_report_work+0x765/0xaa0
[  533.533478][    C1]  nsim_dev_trap_report_work+0x254/0xaa0
[  533.533515][    C1]  ? process_scheduled_works+0x976/0x1850
[  533.533549][    C1]  process_scheduled_works+0xa65/0x1850
[  533.533599][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  533.533638][    C1]  ? assign_work+0x364/0x3d0
[  533.533672][    C1]  worker_thread+0x870/0xd30
[  533.533707][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.533734][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  533.533759][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  533.533796][    C1]  ? __kthread_parkme+0x169/0x1d0
[  533.533832][    C1]  ? __pfx_worker_thread+0x10/0x10
[  533.533866][    C1]  kthread+0x2f2/0x390
[  533.533888][    C1]  ? __pfx_worker_thread+0x10/0x10
[  533.533920][    C1]  ? __pfx_kthread+0x10/0x10
[  533.533944][    C1]  ret_from_fork+0x4d/0x80
[  533.533978][    C1]  ? __pfx_kthread+0x10/0x10
[  533.534001][    C1]  ret_from_fork_asm+0x1a/0x30
[  533.534043][    C1]  </TASK>
[  534.798772][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  534.805772][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  534.816310][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  534.826391][   T30] Call Trace:
[  534.829685][   T30]  <TASK>
[  534.832631][   T30]  dump_stack_lvl+0x241/0x360
[  534.837342][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  534.842568][   T30]  ? __pfx__printk+0x10/0x10
[  534.847193][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  534.853218][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  534.858878][   T30]  ? vscnprintf+0x5d/0x90
[  534.863236][   T30]  panic+0x349/0x880
[  534.867168][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  534.872918][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  534.879110][   T30]  ? __pfx_panic+0x10/0x10
[  534.883600][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  534.889010][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  534.894675][   T30]  ? __irq_work_queue_local+0x137/0x410
[  534.900273][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  534.905932][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  534.911332][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  534.917516][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  534.923712][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  534.929375][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  534.935565][   T30]  watchdog+0x1033/0x1040
[  534.939933][   T30]  ? watchdog+0x1ea/0x1040
[  534.944479][   T30]  ? __pfx_watchdog+0x10/0x10
[  534.949275][   T30]  kthread+0x2f2/0x390
[  534.953370][   T30]  ? __pfx_watchdog+0x10/0x10
[  534.958087][   T30]  ? __pfx_kthread+0x10/0x10
[  534.962712][   T30]  ret_from_fork+0x4d/0x80
[  534.967174][   T30]  ? __pfx_kthread+0x10/0x10
[  534.971793][   T30]  ret_from_fork_asm+0x1a/0x30
[  534.976622][   T30]  </TASK>
[  534.979893][   T30] Kernel Offset: disabled
[  534.984273][   T30] Rebooting in 86400 seconds..