last executing test programs:

20.480421657s ago: executing program 4 (id=1696):
r0 = syz_io_uring_setup(0x231, 0x0, &(0x7f0000000100), &(0x7f0000000140))
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
syz_emit_ethernet(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, 0x0, 0x20050800)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e24, 0x4, @empty}, 0x1c)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r4, 0xfffffffc)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)

18.467119477s ago: executing program 4 (id=1699):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, 0x0, 0x0)
r3 = socket(0x1d, 0x80000, 0xffffffc8)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000080)=0x55a, 0x4)
sendmmsg(r3, 0x0, 0x0, 0x24044015)
recvmmsg(r3, &(0x7f0000000440)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a80)=""/137, 0x89}, 0xa6}], 0x1, 0x2002, 0x0)
ioprio_get$uid(0x3, 0xee01)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002600)='/proc/bus/input/devices\x00', 0x0, 0x0)
r6 = syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0xd2dc, 0x1000, 0x0, 0x26b, 0x0, r5}, &(0x7f0000000300)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x5, r5, 0x0, 0x0, 0x0, 0x80000})
io_uring_enter(r6, 0x2f20, 0xd3cf, 0x0, 0x0, 0x0)
r9 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$uinput_user_dev(r5, &(0x7f0000000980)={'syz0\x00', {}, 0xe, [0x0, 0x0, 0x0, 0x10001, 0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffff9, 0x0, 0x0, 0x2, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x10000000, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x100, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0xfffffffc, 0x6, 0x0, 0x0, 0x7, 0x80000000], [0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x2, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x400003, 0xfffffffd, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x5, 0x800, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x5, 0x0, 0xffffffff, 0x55f8, 0xffffffff, 0x100000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, 0x1, 0x7, 0x2, 0xe0, 0x0, 0x0, 0x0, 0x0, 0x62, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffff, 0x800000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x8, 0x0, 0x0, 0x10000000, 0x0, 0x20000, 0x0, 0xfffffffd, 0x0, 0x1, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x65, 0x0, 0x0, 0x4, 0xffc, 0x0, 0x0, 0x2, 0xfffffffd, 0x0, 0x0, 0x1]}, 0x45c)
ioctl$UI_DEV_SETUP(r9, 0x5501, 0x0)

16.20662484s ago: executing program 2 (id=1706):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x21800, 0x0)
r3 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000040)={0x8, 0x9, 0x4, {0x2, @vbi={0x9, 0x1, 0x7, 0x34565559, [0x34565348, 0xb22], [0x7], 0x1}}, 0x8})
r4 = socket(0x1d, 0x2, 0x6)
recvfrom$l2tp6(r4, &(0x7f00000002c0)=""/75, 0x4b, 0x0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @local}, 0x20)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}, 0x1, 0x0, 0x0, 0x4805}, 0x20000050)
sendmsg$NFT_BATCH(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELFLOWTABLE={0x2c, 0x18, 0xa, 0x5, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x94}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={0x0, 0xffffffffffffff8a}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056842bb002552d2", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e00000018000280140011"], 0x48}}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r6, &(0x7f0000000140), 0x4924b68, 0x0)
r7 = socket(0x10, 0x803, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x3c}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002480)=@newtfilter={0x8c4, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x890, 0x2, [@TCA_U32_POLICE={0x868, 0x6, [@TCA_POLICE_RATE={0x404, 0x2, [0x80000, 0x3, 0xf, 0xfdb, 0x1, 0x80, 0x7, 0x7, 0x40000000, 0xaa04, 0x80000001, 0x99, 0x8000, 0x1000, 0x3, 0x0, 0x7fffffff, 0x80, 0x1, 0x7, 0x0, 0x9, 0x4, 0x5, 0x80000001, 0x2, 0xe0, 0x9, 0x1, 0x80000000, 0x1, 0xffff8001, 0x9, 0x10001, 0x7, 0x10000, 0x30, 0x803, 0x1000, 0xfff, 0x7, 0x2, 0x5, 0x48a, 0x9, 0x1000, 0x7, 0x7198, 0x8, 0x80000001, 0x20001, 0x101, 0x3, 0x7, 0x2, 0x8, 0x10001, 0x2, 0x1, 0x0, 0x6, 0x9, 0x13, 0x2, 0xffff, 0x80, 0xbf77, 0x8, 0xc52, 0x6, 0x9, 0x7, 0x9, 0x5, 0x8, 0x3, 0x8, 0x5, 0x8, 0x1, 0x3, 0x7fffffff, 0x8, 0x2845, 0x2, 0xe9, 0x2a, 0x3, 0x891, 0x8, 0x1, 0x12, 0x6, 0xfff, 0xbfffc9b5, 0x4, 0x2, 0x6, 0x6, 0xaa, 0x0, 0x8, 0x0, 0x0, 0x5, 0x1, 0x2, 0x40, 0x4, 0x7, 0xa, 0x8000, 0x4, 0xffffff2d, 0x0, 0xffff7fff, 0x2, 0x3, 0x6, 0xebb, 0x8, 0xfcb, 0x8, 0x1, 0x9, 0x6fe68a84, 0x200, 0x1, 0xfffffff9, 0xb, 0x1, 0xab, 0x9, 0x7, 0x0, 0xe, 0x10001, 0x8, 0xa, 0x6, 0x0, 0xa1, 0x4, 0xffff519d, 0x9, 0x4, 0x2, 0x3, 0x1, 0x2, 0x9, 0x4ae, 0x8, 0x1e9, 0x9, 0x101, 0x200, 0x4, 0x4, 0x1, 0x5, 0x5, 0x7, 0x5, 0x400, 0x7, 0x80, 0x2, 0x2, 0x1, 0x5, 0x101, 0x7, 0x4, 0x9, 0x7e32, 0x8800, 0x4, 0xf85f, 0x10000, 0x800, 0xffffffff, 0x7, 0x4af, 0x7e21, 0x1, 0x5027, 0x8, 0x10000, 0x4, 0x3, 0x7, 0x680, 0xc1, 0x2, 0x7, 0x8, 0x401, 0x74dc, 0x400000, 0x3fd, 0x92c, 0xffff32d2, 0x4, 0xafcf, 0x7f, 0x5, 0xffff0000, 0x0, 0x8, 0x200, 0x4a, 0x4000, 0x0, 0x9, 0x10000, 0x4d4fbb35, 0xb2, 0x4, 0x5, 0x0, 0x100, 0x8001, 0x6, 0xfffffff8, 0x9, 0x2, 0x7f, 0x2, 0xc, 0xa, 0x94, 0x3b0, 0x401, 0x118966c9, 0xe56, 0x8, 0x4, 0x1800000, 0x6a, 0x9d6, 0x200, 0x2, 0x40, 0x7, 0x8000, 0x7e, 0x84, 0x5, 0x7, 0x4, 0x3, 0xff, 0xe, 0x4, 0x5]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x9, 0x1, 0x5, 0x53e5, 0x7f, 0x4, 0x3000000, 0x0, 0xf0000000, 0x3, 0xfff, 0xe, 0x7, 0xf6, 0x1fc, 0x3, 0x800001, 0xfffffffb, 0x8001, 0xff, 0x3, 0xfff, 0x80, 0x1, 0x5, 0xffff, 0x6, 0x1, 0x7, 0x9, 0x2, 0x0, 0x5, 0xe184, 0x4, 0x1, 0xadd, 0x1, 0x16, 0x4, 0xa35c, 0xc, 0x80, 0xff, 0x6, 0x2, 0xd, 0x4, 0x4003, 0x5, 0x4, 0x401, 0x4, 0x4, 0x6, 0x3, 0x8, 0xfffffffc, 0x3, 0xc1, 0x2, 0xffff, 0x80, 0xfffffff1, 0x7ff, 0x9, 0xfffffffe, 0x2, 0x6, 0x200080, 0x200, 0x1000, 0xb11a, 0x0, 0x5, 0x8, 0xf49d, 0x5, 0x3361, 0x435, 0x7fffffff, 0x2, 0x6, 0xc4, 0x9, 0x0, 0xee2, 0x2, 0x401, 0xfffffffa, 0x8004, 0x2, 0x0, 0x5, 0x5dd3c81c, 0xffffffff, 0x7, 0x3, 0x81, 0x9, 0x5, 0xfffffffc, 0x2, 0x1, 0x8, 0x6, 0x0, 0x6, 0xc, 0x8, 0x6, 0x100, 0x1, 0xb5a, 0xa, 0x4, 0x18, 0x8, 0x31, 0x1ff, 0x4, 0x9, 0x400, 0x2, 0x6, 0x7, 0x9, 0x91e7, 0x5, 0x7, 0x81eb, 0x400, 0xffff, 0x9, 0x9, 0x6, 0x7, 0x6, 0xea, 0x3, 0x9, 0x4, 0x3, 0x7, 0x0, 0x8, 0x1, 0xbf0, 0x7, 0x7, 0x66, 0x7, 0x6, 0x3, 0x9, 0x0, 0x9c4, 0x7fff, 0x7, 0x800, 0x5, 0x9, 0x10001, 0x4, 0x2a64aeea, 0x0, 0x5, 0x2, 0x1, 0xf, 0x1ff, 0x400, 0x3, 0x3ff, 0x8000b, 0x39, 0x0, 0x8, 0xffffffff, 0x0, 0x8, 0x6, 0x9, 0x2, 0xffffffff, 0x401, 0x9, 0x800, 0x9, 0xeb, 0x8, 0x6ed, 0x5, 0x2004, 0x4c3e, 0x1ff, 0x381, 0x4282, 0x4, 0x7, 0x1, 0x4, 0xfffffff7, 0x5, 0x7, 0x0, 0x46, 0x9, 0x3, 0x3, 0x6, 0x9, 0x4, 0x1, 0x4, 0xfffeffff, 0xe, 0x3ff, 0x80000000, 0x7, 0x80, 0x7, 0x42b, 0x7, 0x7, 0xfff, 0x5, 0x8, 0xffffffff, 0xffff671f, 0x7, 0x4, 0x80, 0x6, 0x4, 0xd, 0x1, 0xff, 0x2, 0x5be228d5, 0x2, 0x0, 0x8, 0xaff0, 0x8001, 0x3, 0x1, 0x7, 0x0, 0x51e, 0x2, 0x6, 0x4, 0xfffffffc, 0xd97, 0xa8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x4, 0x4, 0x6, 0x0, {0x7, 0x2, 0x3, 0x10, 0x4, 0x8}, {0x6, 0x2, 0x9, 0xe23, 0x100, 0x5}, 0x7, 0x99, 0xef2}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xadd1}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x9}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x8}, @TCA_POLICE_RESULT={0x8, 0x5, 0x3ff}]}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x0, 0x20008000, 0x4, 0x1}]}}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0xe}}]}, 0x8c4}, 0x1, 0x0, 0x0, 0x4000000}, 0x24040084)
ioctl$EVIOCGEFFECTS(0xffffffffffffffff, 0x80044584, &(0x7f0000000380)=""/196)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, 0x0)
io_uring_setup(0x598, 0x0)

12.984647181s ago: executing program 3 (id=1710):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$rtc(&(0x7f0000000400), 0x1, 0xcc42)
shutdown(0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'veth1_to_team\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=@ipv6_newnexthop={0x40, 0x68, 0x1, 0x70bd25, 0xfffffffe, {}, [@NHA_ENCAP={0x18, 0x8, 0x0, 0x1, @SEG6_IPTUNNEL_SRH={0x14, 0x1, {{0x1, {0x87, 0x0, 0x4, 0x0, 0x10, 0x8, 0x8}}}}}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x7}, @NHA_OIF={0x8, 0x5, r2}]}, 0x40}}, 0x40040d0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', <r10=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x403, 0x10000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646, 0x1}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r10}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x44}, 0x1, 0x0, 0x0, 0x600}, 0x20000800)

11.561474192s ago: executing program 1 (id=1712):
r0 = socket$netlink(0x10, 0x3, 0xc)
r1 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000200), 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)={0x58, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x58}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="3800000003010101"], 0x38}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x64, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0xffff639c}]}, 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000002011d04000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001"], 0x38}}, 0x0)

11.306805164s ago: executing program 3 (id=1713):
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mremap(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x3000, 0x7, &(0x7f0000ffd000/0x3000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000500)=0x6)
socket$packet(0x11, 0x2, 0x300)
io_setup(0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000040)=0xd0)
close_range(r1, r1, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r2, 0x29, 0x46, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x6, 0x0, 0x8100, 0x0, {0xc3}, {}, {0xe, 0x10}}, [@TCA_RATE={0x6}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x4c014)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = dup(r4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r4, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x4}, 0x1c, 0x0}, 0x48043)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f0000000280)={0x0, 0x2}, 0x8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x6a855000)
ioctl$DRM_IOCTL_MODE_ATOMIC(0xffffffffffffffff, 0xc03864bc, 0x0)

11.222780299s ago: executing program 4 (id=1714):
openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

10.19657542s ago: executing program 4 (id=1715):
r0 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r1, 0xa, 0x12)
readv(r2, &(0x7f0000000400)=[{&(0x7f00000004c0)=""/157, 0x9d}], 0x1)
dup2(r1, r2)
fcntl$setown(r1, 0x8, r0)
tkill(r0, 0x13)

9.78669203s ago: executing program 1 (id=1716):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

9.692509365s ago: executing program 2 (id=1717):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r0}, 0x8)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001580)=ANY=[@ANYBLOB="600000000206030000000000b8791fa80000000014000780080012400000000005001500010000000500010006000000050005000200000005000400000000000900020073797a310000000012000300686173683a6e65742c706f7274"], 0x60}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4620}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x34040017}, 0x80)

9.031239598s ago: executing program 2 (id=1718):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x202)
r1 = syz_io_uring_setup(0x49a, &(0x7f0000000140)={0x0, 0x79af, 0x3180, 0x1, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000200)=0xffa, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_WRITE={0x17, 0x48, 0x4007, @fd=r0, 0x87, 0x0, 0x0, 0x16})
io_uring_enter(r1, 0x627, 0x4c1, 0x63, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r4 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)

8.658698837s ago: executing program 1 (id=1719):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x38}}, 0x0)

8.336307963s ago: executing program 0 (id=1720):
r0 = socket(0x1, 0x2, 0x0)
getsockname$packet(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40408c4)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_SET_RESERVED_SIZE(r4, 0x2275, &(0x7f0000000100)=0x2c0000)
ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x20000, 0x0}, &(0x7f0000000240)="948d7acda0b2", 0x0, 0x0, 0x0, 0x0, 0x0})

8.302532355s ago: executing program 1 (id=1721):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0201000000000000140003006e657464657673696d3000000000000034001680300001"], 0x68}}, 0xc001)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0100fdb023414c7a1b5bf9269517aa27bd70000000000001000000000000000b000000000c000000000000000000009477d0ea3710e6642bfab195e4eedbca576df46afa7052f3bdc2e280a9d3e7f8d0e0e31eaf33acc425d4121b8813857015"], 0x28}}, 0x1)
syz_emit_ethernet(0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaaaa08004500006000000000002f9078640101000000000024806558000000000000000010000800000086dd"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=@newtaction={0xd0, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0xbc, 0x1, [@m_skbmod={0xb8, 0x17, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x20, 0x2, {{0xffffffbe, 0x5, 0x10000000, 0x80, 0x80}, 0x8}}]}, {0x69, 0x6, "316d84874838cbf1def7a93d4019a0209ae92ca3f84a9add33ee2c0dd5551190a53da8d5f70d01c1826cf2bbe68e627a4e3d8c7d5d03e3d983f6af7a3a0a9a84a0bb7d22b4eb517fb8ae0569534673e3a4537c25b67dc8e8547008b9c2ace48e294e954d9a"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1}}}}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xe4776000)
r0 = eventfd2(0x3, 0x800)
read$eventfd(r0, &(0x7f0000000040), 0x8)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb45, 0x100000000009, 0xa, 0x0, 0x3}, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x101a03)
ioctl$MON_IOCX_MFETCH(r2, 0xc00c9207, &(0x7f0000000080)={0x0})
ioctl$sock_SIOCADDRT(r1, 0x890b, &(0x7f0000000040)={0x0, @l2tp={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x3}, @ax25={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0xb}, @in={0x2, 0x4e20, @private=0xa010100}, 0x501, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x200000, 0x0, 0x300})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x8000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01010000000000000000070000010900010073797a300000000050020000080a010100000000000000000a00000004010740132ddf84b0469205e77ab5b60ab98037dc04a4de30b602cb1af9bf25921e53f7219703012297afed30eb97ca4ff50fcf5704c43d83e462027f120800000079986f0e5b8e68d44c863136b21909000000000000003aebece4115c60ec68ba2bd189dd0ab44f6fe74f8ea92aea204a24ec27a49be2a1f489844b6b695cab98c4efcfd9c8ee78407d550990670900000000000000002baab4d5ceffdd84faf4e0c86d1fcca3000000000000000000000000000097d51079f07f7be9ef0637b7cc8de31b38d9e860fc7580d50151cc291f2076408e60aa9f8c37349abb6b9b870e50638b869e63e83a6af8e33a541be6ecafd906cfbe62c9f2ba004a798b044ea92554000480240001800a000100696e6e65720000001409028008000440000000400800024000000011140001800b00010074707200040002800c000180080001006f7366000c00018008000100647570000c000580080001400000002fd000074039080eded856cdbc09da6c2c66bad7e0b520e0cd0f2a3c678155d7bfb5a9b5b2c61b37c5ab985f1cb7ed86d4e08fdb79e26c28a534b2bb6a4d20e16786c7ed69420fa033025fccf83954070c70417fa5d2731c3d1c453a851296259e8e2665934b0229bacab918269abc53cb4ab8bfe9456a9f7ec3acb2e60ee8fc9826f2784ac0f99a45bc7d61d78f46b28acdf5d3dee004d88bd8cf7f228fdd765fa550f8b2afe6ac06564071fa96dcb23b5befe12260b31de49f06e64b6a0b8f7c8bb3d551b6444181718cc15f7e243c0608000b4000000004140000001000010000000000000000000084000a99e864939f1939c9d4b63bae8872c3294f85f46cb95b6b98efe28ee31edd5d9f97aff5fc42c6f37fcbc4fb917637d0882a47d4b94b947b92d7053447e6dcbc21c9ca6a88511c18f3"], 0x298}}, 0x0)
listen(0xffffffffffffffff, 0x0)
timerfd_create(0x0, 0x0)
openat2$dir(0xffffff9c, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x15927ad4726aaf2c}, 0x18)
openat$tun(0xffffff9c, &(0x7f0000000140), 0x4002, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000000c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

8.224593838s ago: executing program 3 (id=1722):
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x101e01, 0x0)
r2 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$FS_IOC_FSSETXATTR(r2, 0x7040, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
syz_open_dev$sg(0x0, 0x200000000a2, 0xa0104)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = epoll_create1(0x0)
epoll_create1(0x0)
ioctl$RTC_PIE_OFF(r2, 0x7006)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x2000})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r4, 0xffffffffffffffff, 0x0)

7.065116037s ago: executing program 0 (id=1723):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$rtc(&(0x7f0000000400), 0x1, 0xcc42)
shutdown(0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'veth1_to_team\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0xffffffffffffffff, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=@ipv6_newnexthop={0x40, 0x68, 0x1, 0x70bd25, 0xfffffffe, {}, [@NHA_ENCAP={0x18, 0x8, 0x0, 0x1, @SEG6_IPTUNNEL_SRH={0x14, 0x1, {{0x1, {0x87, 0x0, 0x4, 0x0, 0x10, 0x8, 0x8}}}}}, @NHA_ENCAP_TYPE={0x6, 0x7, 0x7}, @NHA_OIF={0x8, 0x5, r2}]}, 0x40}}, 0x40040d0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r5, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r9 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', <r10=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x403, 0x10000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646, 0x1}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r10}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x44}, 0x1, 0x0, 0x0, 0x600}, 0x20000800)

7.034660618s ago: executing program 2 (id=1724):
r0 = syz_io_uring_setup(0x231, 0x0, &(0x7f0000000100), &(0x7f0000000140))
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
syz_emit_ethernet(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$bt_BT_SNDMTU(0xffffffffffffffff, 0x112, 0xc, 0x0, 0x0)
sendmsg$NFT_BATCH(r2, 0x0, 0x20050800)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x1, 0x0)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e24, 0x4, @empty}, 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(0xffffffffffffffff, 0xfffffffc)
socket$nl_generic(0x10, 0x3, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
close_range(r3, 0xffffffffffffffff, 0x0)

6.661536147s ago: executing program 3 (id=1725):
socket$inet6_icmp(0xa, 0x2, 0x3a)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x1a1003)
r1 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$vhost_msg_v2(r1, &(0x7f0000000180)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
r2 = syz_open_procfs(0xffffffffffffffff, 0x0)
sendfile(r2, r2, &(0x7f0000000240)=0x3, 0x8f)
r3 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x28, &(0x7f0000000080)={@multicast1, @local}, 0xc)

6.090239126s ago: executing program 3 (id=1726):
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0xb81, 0x80, 0x8002, 0x25f}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_open_dev$I2C(0x0, 0x1, 0x2603)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x4919, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x68, 0x3, r0, 0x0, 0x0, 0x0, 0x1, 0x0, {0x2}})
io_uring_enter(r0, 0x6e2, 0x620, 0x1, 0x0, 0x0)

5.679201405s ago: executing program 0 (id=1727):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x4000, &(0x7f0000000200)=ANY=[], 0xff, 0x60c0, &(0x7f000000d800)="$eJzs3U1vHVf9B/DfffC147RpVP1V5R+xcFMeWkrznEB5asqCBSxAQl2TyHWrlBRQEhCtIuLKC8QGeAmw6YZFJV4BL6CvASGxJVLSVReUQWOf44xvrn3tJp659vl8pJuZ35w7vmfyveOZ65m5EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/OD7PznXi4irv04Tjkc8FYOIfsSRul6KeuRKfv4wIk7EenM8FxGD+Yh6/vV/nom4GBEfH4u4/+DOcj35/C77cens7Zuf/fB7//jdH9dOvPPmTz8cb//x/1346Pd3I47/6NWPPrv7ZJYdAAAASlFVVdVLH/NPps/3/a47BQC0Im//qyRPV6vVavUTrf/Q38vznzradX/Vh7Ruqia72ywiYrU5T73P4HA8ABwwq/Fp112gQ/Iv2jAijnbdCWCm9bruAPvi/oM7y72Ub6+5PVjaaM9/p9yS/2pv8/qO7YbTjJ9j0tb7ay0G8ew2/TnSUh9mSc6/P57/1Y32UXrefufflu3yH21c+lScnP9gPP8xW/L/U0Qc2Pz7E/MvVc5/uJf8VwcHeP2XPwAAAAAAh1/++//xjo//zj/+ouzKTsd/l1rqAwAAAAAAAAA8aY97/79N7v8HAAAAM6v+rF7787GH07b7LrZ6+hu9iKfHng8UZqnx5YAAAAAAAAAAAAAAQDuGEYvpvP65iHh6cbGqqvrRNF7v1ePOf9CVvvxQsq5/yQMAwIaPj41dy9+LWIiIN9J3/c0tLi5W1VxELFZH5vP+7Gh+oTrS+Fybh/W0+dEudoiHo6r+YQuN+ZqmfV6e1j7+8+rXGlWDXXSsHR0GDgARsbE1um+LdMhU1TPR9V4OB4P1//Cx/rMbXb9PAQAAgP1XVVXVS1/nfTId8+933SkAoBV5+z9+XECtVquLqT/ZmDgz/VGr97Fuqia72ywiYrU5T73P4Hb8AHDArManXXeBDsm/aMOIONF1J4CZ1uu6A+yL+w/uLPdSvr3m9mBpoz2fC7Il/9Xe+nx5/knDacbPMWnr/bUWg3h2m/4811IfZknOvz+e/9WN9nyL/818FvYn/7Zsl3+9nMc76E/Xcv6D8fzH7Pf635a16E/Mv1Q5/+Ge8h/IHwAAAAAAZlj++/9xx3/zIgMAAAAAAADAgXP/wZ3lfN1rPv7/hQnP6zXHXP95aOT8e7vO3/W/h0nOvz+e/9gJOYPG+L3XH+b/yYM7yx/e/vf/5+HM5z83GNWvPdfrD4bpnJ9q7q24HjdiJc4+8vzhlvZzj7TPbWk/P6X9wiPto7r9SG4/Hcvxi7gRb262z085MWphSns1pT3nP7D+FynnP2w86vwXU3tvbFi790H/kfW+OZz0Olf++p8vP7p2tWG4pVqLweayNRyr/znVWp8eWv8/OTqKX91auXn6N9du3755LtJgy9TzkQZPWM5/Lj1y/i++sNGef+8319d7H4z2nP+sWIvhpPzX398vNMbr5X2p5b51Iec/So+cf94CTV7/D3L+E9f/9eV7uYP+AAAAAAAAAAAAAAAAwE6qqlq/RPRKRFxO1/90dW0mANCuvP2vkjxdre6g/tffZqs/arVavbXuzVh/PkfdVE32WrOIiL8356n3GX476YcBALPsvxHxz647QWfkX7D8fX/18ItddwZo1a333v/ZtRs3Vm7e6ronAAAAAAAAAMDnle//udS4//P6eUBj943ecv/X12PpwN7/sz8arN/rPC3Q87Hz/b9Pxc73/x5Oeb25Ke2jKe3zU9oXprRPvNCjIef/fMo4538yLVhJ9399sYP+dC3nfyrd6znn/5Wx5zXzr/5ykPPvb8n/zO13f3nm1nvvv3L93Wtvr7y98vNzZy9fvHDp4oVLl868df3GytmNfzvs8f7K+ed7XzsPtCw5/5y5/MuS8/9SquVflpT/5m6o/MuS1/+8vyf/suT882cf+Zcl5/9SquVflpz/V1Mt/7Lk/F9OtfzLkvP/WqrlX5ac/yupln9Zcv6nUy3/suT8z6Ra/mXJ+ecjXPIvS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/cqrlX5ac/9dTLf+y5Py/kWr5lyXn/2qq5V+WnP83Uy3/suT8v5Vq+Zcl5//tVO+U/zst9ot25Py/k2rrf1ly/t9NtfzLkvN/LdXyL8vD7/83sueRxdnoRpsjVRUxA90wsu8jXf9mAgAAAAAAAAAAAADGtXE6cdfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jVGrrO+H/izV6+TQPwnIYQQiO1cMGST3fUtMcFgrv809JIGQksLdYy9dgy+1buGBKFmaWgLAqmR2hf0RSkgQEhtlahCKpUoilSk9k1VXhVFlVArIdWVoDIRVKICtjpznufZmdnZmV3vrj1zzueD4p+9M2fmmTNnZve76DsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuNts380FEIo/mv8sS2E64q/bw2Hin8u7L/aKwQAAADW6+eNP//q+vyFQ6vYqOk6//iaf/n64uLiYvjgixd/8SeLi/mC7SGMbAmhcVnyTz/9yWLzdaKnw8TQcNO/h3vc/UiPy0d7XD7W4/LxHpdv6XH5RI/Ll+2AZbaWv49p3Ngdjb9uK3dpuDGMNS67o8NWTw9tGR5Ov8tpGGpsszh2PJwMp8JsmF62zVDjfyF8c0dxXw+GdF/DTfd1awjh0o8+fjStYSju4ztCy501ND93P3xL2P7ijz5+9KvzP3hlp9lzNyxbaQi7dhbr/GQIS7+uCkNhS94naZ3DTeu8tcM6R1rWOdTYrvh7+zovrXKd6XFPxHV+p8s6b41fe+L2EMJCWPE67Z4Ow+GatnvN+3uiPCKK2yieypeF0TUdJztWcZwU23z/9tbjpP2YTPt/R9wnoyusofnp+OEnxpft98s9TopH3Q/HanHbDxd3OjHR/KvVlmO1uM7H71z5GOj43HU4BvKx3HQM7Ox1DAyPjzSOgeGlNe9sOQZmlm0zHIYa93Xxzu7HwNT86XNTc09+7J6Tp4+cmD0xe2Zmev/ePfv27tm3b+r4yVOz0+Wfa9ulA+SaMJyPwZ3xvSYdg69tu27zIbn4xY17HUz0yeugeOzvuatY0HXDYYVjvLjOJ3et/3WQv+83vQ5Gm14HHd9TO7wORlfxOiiuc2nX6r5njjb912kNm/VeuK3pGLia3w+L+3z/61Z+L7w1rutTr1/r98ORZcdAelhD8bVXfCX/vDdxf9wvy4+LW4oLrh0PF+Zmz9/7xJH5+fMzIY4r4oam56r9eLmm6TGFZcfL8JqPl0N/+bO7bunw9W1xX03cvfRcjXd4Horr7J3s/lw13t0778+Wr+4OcWywK70/O303K/ZnzhJdjv3iOp+8Z/0/C+Zc0vT+N9br/W9kbLR8/xvJe2Os5f1v+VMz0lhZCJfuWd3731j870q//93YJ+9/xb56/73dj4HiOp+aWusxMNr1/e/2OIfiel4XE8NEU+7/RePyhfIwbXouex43o6Nj8bgZTffYetzsWbZNcWvFfe+avrzjZtftrc9Vy88tFTxuin31p9Pdj5viOs/PrP+9Y2v6a9N7x3ivY2BsZLxY71g+CMr3u8Wt6Ri4NxwNZ8OpcCxvUzzLxX1N7l7dMTAe/7vS7x0398kxUOyrz+3ufgwU1/n2no392WlX/Eq+TtPPTu2/X1gp898yunR77bttozN/sc637+3+u6HiOj/Yu9ac0X0/3R2/cm2H/dT++lnpmD4Wrsx+ujmu89S+7r+bKq5z4/5VHk+HQggvzLzQ+H1X/P3u31z416+3/N630++UX5h54aGpR767lvUDAHD5ftH4c2G8/Fmz6f+xXs3//w8AAAAMhJT7h+PM5H8AAACojJT7R+LM5H8AAACojJT7R+PMapL/H7//wLM/fyrkTwNcjNLlaTc8/KbyeqnjvRD/vX1xSfH1t3557NlPP7W6+x4OIfzsoVd1vP7jb0rrKp1L63xD69eXufm2Vd3/Y48uXa/58xMuHShvPz2e1R4Gqav8zandjdvd/uRMYz7/UGjMRxY+9XR5++W/0/Uv7imv/+fxQ0sOHR9q2X5XXM8dcW6Pnynz8KGl/VDMtN2zt77mH25479L9pe2Gdr608TA/93vl7abPiHrmhvL66XGvtP6//8zXni2u/8Sdndf/1HDn9V+Mt/v9OH96sLx+8z7/dNP6/yCuP91f2u7eL32r4/qfe0V5/eficfGFONvX/5Y/fvXPOz1f6X4OPVBul+5/+n/2NrZLt5duv339E0/NtOyP9tt//sXydg5+5McjzddPX0/3kzz2QOvxPRSf35YeeQjha38YWvZzeGO53d+1rT/d3rkHOq//7rZ1nhu6rbH90uPZ1vK4Pv+V3R0fb1rPob/e1vJ4nnlH3H8vTn27uN2Lj8TjMV7+v98pb6/9s0yfe0fr+026/he2la/bdHtTbet/pm39C7cV+673+h98sVz/c2/e0rL+Q++Mx9OD5ey1/hN/cX3L9l/8avl8nP/o5JmzcxdOHosPZlvb63jLxNZrrr3uJS+9Pr6Xtv/78Nn5x2fPb5/ePh3C9gH8yMDNXv+X4vzvcixs/D2Uvvvj8rj77LvK71uv/Un572fi1x+Lz2f6/vj5PxtrOV7bn/eFN5dzvet/fVzHar3iM/9xW4cv/+eyz/y9+IFvXvjb3/9B+88F6fGce/lE4/F9bsdNjcuGni8vb3+/6uXfX976uv7e6HRjfiPu18X4ycw7byrvr/3202eTfPbd5es3/SSXtg9tnyeybaT1cax3/d+LP8d86+bW9790fHzjqbZPc94WhoolLMT3h7BQXp6ulfb3Zy/d1PH+0ufwhIVXrmWZK5p7cm7q1MkzF56Ymp+dm5+ae/Jjh0+fvXBm/nDjs0sPf6jX9kuv72sar+9js/v3hsar/Ww5NtnVXv+5R48eu2/6rmOzx49cOD7/6LnZ8yeOzs0dnT02d9eR48dnP9pr+5PHDs7sPrDnvt2TJ04eO3j/gQN7DkyePHO2WEa5qB72T3948sz5w41N5g7uPTCzb9/e6cnTZ4/NHrxvenryQq/tG9+bJoutPzJ5fvbUkfmTp2cn505+bPbgzIH9+3f3/PTH0+eOz22fOn/hzNSFudnzU+Vj2T7f+HLxva/X9tTD3Nn4ftdmKP50/r679+fPxy18+RMr3lR5ldYfT8MP42dBpe9vvf6dcv9YnFlN8j8AAADUQcr98YP/ly6Q/wEAAKAyUu7fEmcm/wMAAEBlpNw/EWdWk/yv/6//r/+v/6//fwX7/0H/f6Pp/29I/385/f9V0f/X/9f/1/+nu37r/6fcvzWEWuZ/AAAAqIOU+6+JM5P/AQAAoDJS7r82zkz+BwAAgMpIuf+6OLN65P+x9r/q/+v/6/839//TdfX/g/6//v9l0v/X/+9G/1//f5DX34f9/636//Sbfuv/p9z/kjizeuR/AAAAqIWU+18aZyb/AwAAQGWk3H99nJn8DwAAAJWRcv+2OLOa5P8NPP//Z+JF+v/6/4Pe/z+djmPn/9f/1/9fP/1//f9u9P/1/wd5/X3Y/3f+f/pOv/X/U+7/f3FmNcn/AAAAUAcp978szkz+BwAAgMpIuf+GODP5HwAAACoj5f4b48xqkv83sP/v/P/6/1Xp/zed/1//v5n+v/7/5dD/1//vRv9f/3/j1z8Uf0zQ/++1vf4/V0K/9f9T7n95nFlN8j8AAADUQcr9N8WZyf8AAABQGSn3vyLOTP4HAACAyki5/+Y4s5rkf/1//X/9f/1//X/9/82k/6//343+v/7/IK9f/1//n976rf+fcv8r48xqkv8BAACgDlLuvyXOTP4HAACAyki5/1VxZvI/AAAAVEbK/bfGmdUk/+v/91X//8mg/7+8/z+s/6//X1pr/79hoff69f8312D1/4dXvET/v6T/30r/X/9f/1//n+76rf+fcv+r48xqkv8BAACgDlLuf02cmfwPAAAAlZFy/21xZvI/AAAAVEbK/dvjzGqS//X/+6r/7/z/zv+v/+/8/0v9//kh/f9VcP5//f+g/3/ZrnZ/ftDXr/+v/09v/db/T7l/R5xZTfI/AAAA1EHK/TvjzOR/AAAAqIyU+2+PM5P/AQAAoDJS7r8jzqwm+V///zL7/1tb/6n/33n9+v/6//r/zv+v/6//343+v/7/IK9f/391/f/xXjdEpfVb/z/l/jvjzGqS/wEAAKAOUu6/K85M/gcAAIDKSLn/tXFm8j8AAABURsr9u+LMapL/9f+d/1//X/9f/1//fzPp/6+6/7/1cta1Kf3/9Car/9+T/r/+/6D0/yc6bO/8/1wJ/db/T7n/dXFmNcn/AAAAUAcp978+zkz+BwAAgMpIuf/uODP5HwAAACoj5f7JOLOa5H/9f/1//X/9f/1//f/NVNX+f34fdf5//X/9f/3/Te7/f2WF7Qfl/P/UW7/1/1PuvyfOrCb5HwAAAOog5f5748zkfwAAAKiMlPun4szkfwAAAKiMlPun48xqkv+r3/9vbxaX9P9L+v/6/0H/X/9/k1W1/99+/v8Qgv6//n+m/6//32/n/+9E/58rYf39//G8SePPdfb/U+6fiTOrSf4HAACAOki5f3ecmfwPAAAAlZFy/544M/kfAAAAKiPl/r1xZjXJ/9Xv/3em/1/S/9f/D/r/+v+brC79f+f/Ly/X/y/p/+v/6//r/9fRcIevrb//v7RJ48919v9T7t8XZ1aT/A8AAAB1kHL//jgz+R8AAAAqI+X+++LM5H8AAACojJT7748zq0n+1//X/9f/1//v3/5/6/1vXv//v/T/N5H+v/5/N/r/+v+DvH79f/1/etvY/v/16+7/p9x/IM6sJvkfAAAA6iDl/jfEmcn/AAAAUBkp9z8QZyb/AwAAwEDpdB7CJOX+N8aZ1ST/6/9Xvf+/uEX/X/9/cPv/rfvT+f/1/zuJb5/6/6tUr/7/1mX3p//f6mr35wd9/fr/+v/0trH9/2U/nq65/59y/8E4s5rkfwAAAKiDlPvfFGcm/wMAAEBlpNz/5jgz+R8AAAAqI+X+Q3FmNcn/+v9V7//33/n/h8Lg9v9H9f/1//X/18z5//X/u3H+/8Hs/6fP3dD/75/+f3EM6f/Tj/qt/59y/1vizGqS/wEAAKAOUu5/a5yZ/A8AAACVkXL/2+LM5H8AAACojJT73x5nVpP8r/+v/+/8/87/r/+v/7+Z9P/1/7vR/x/M/n+i/98//X/n/6df9Vv/P+X+d8SZ1ST/AwAAQB2k3P/OODP5HwAAACoj5f7/H2cm/wMAAEBlpNz/YJxZTfJ/hfr/Y3Hq/+v/6//r/zfo//cH/X/9/270//X/B3n9+v/6//TWb/3/lPt/Kc6sJvkfAAAA6iDl/ofizOR/AAAAqIyU+98VZyb/AwAAQGWk3P/LcWY1yf8V6v+X+vT8/8P59vX/9f/1//X/9f830oD2/yf0/0v6//r/g7x+/X/9f3rrt/5/yv2/EmdWk/wPAAAAdZBy/6/Gmcn/AAAAUBkp9/9anJn8DwAAAJWRcv/DcWY1yf/6/87/r/+v/9+3/f/R1v2p/6//38mA9v+d/z/S/9f/H+T16//r/9Nbv/X/U+7/9TizmuR/AAAAqIOU+x+JM5P/AQAAoDJS7n93nJn8DwAAAJWRcv974sxqkv/1//X/9f/1//u2/9+2P/X/+7X//29dL9X/1//vRv9f/3+Q16//r/9Pb/3W/0+5/9E4s5rkfwAAAKiDlPvfG2cm/wMAAEBlpNz/G3Fm8j8AAABURsr9vxlnNpj5f3itG+j/6//r/+v/r7r/vxBC0P/X/18j/f/l/f/iPexq9v/HV3NF/f9V0f/X/9f/1/+nu37r/6fc/744s8HM/wAAAEAHKff/VpyZ/A8AAACVkXL/b8eZyf8AAABQGSn3vz/OrCb5X/9f/1//X//f+f/1/zeT/n+9zv8/HvT/g/6//r/+v/4/Wb/1/1Pu/0CcWU3yPwAAANRByv2/E2cm/wMAAEBlpNx/OM5M/gcAAIDKSLn/sTizmuR//f+r1P/fWl5f/1//vzr9/0X9f/3/jvT/69X/d/7/kv6//r/+v/4/pX7r/6fcfyTOrCb5HwAAAOog5f4PxpnJ/wAAAFAZKfcfjTOT/wEAAKAyUu4/FmdWk/yv/+/8//r/+v/O/6//v5n0//X/u9H/1/8f5PXr/+v/01u/9f9T7p+NM6tJ/gcAAIA6SLn/eJyZ/A8AAACVkXL/iTgz+R8AAAAqI+X+x+PMapL/9f/1/1fV/x8L+v/6//r/+v+XRf9f/78b/X/9/0Fev/6//j+9bVz//583pP+fcv/JOLOa5H8AAACog5T7PxRnJv8DAABAZaTc/+E4M/kfAAAAKiPl/lNxZjXJ//r/+v/O/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+ltKGxU/z9sSP8/5f7TcWY1yf8AAABQByn3n4kzk/8BAACgMlLuPxtnJv8DAABAZaTcfy7OrCb5X/9f/1//v4L9f+f/b9D/7w/6//r/3ej/6/8P8vr1//X/6W3jzv+/Mf3/lPt/N86sJvkfAAAA6iDl/v9j7z6a5LyrPY63riWPVK5bd3X3vAV27OAd+DWwYUuRc44GTE4m55yTiSbnnIPJORlMBkOVKWvOOfZIPd2t0fT08/zP57PgMGaseayhxvUr1beee8ct9j8AAAAMI3f/feIW+x8AAACGkbv/vnFLk/2v/9f/6//1//p//f826f/1/6vo/+fT/59Z8vfr//X/+n/WmVr/n7v/fnFLk/0PAAAAHeTuv3/cYv8DAADAMHL3PyBusf8BAABgGLn7Hxi3NNn/+n/9v/5/Mv3/fuen/9f/6/8vif5f/7/Ydf9/Lj4YvP9fRv+v/9f/s87U+v/c/Q+KW5rsfwAAAOggd/+D4xb7HwAAAIaRu/8hcYv9DwAAAMPI3f/QuKXJ/tf/6//H7f/35tb/e/9/fl9H7P9P3f5l9f/HS/+v/1/suv9v8v7/ZfT/+n/9P+tMrf/P3f+wuKXJ/gcAAIAOcvc/PG6x/wEAAGAYufsfEbfY/wAAADCM3P2PjFua7H/9v/5/3P5/du//1//n93WI/v9c/Tre/6//1/8fTv+v/5/z8+v/9f+sN7X+P3f/o+KWJvsfAAAAOsjd/+i4xf4HAACAYeTuf0zcYv8DAADAMHL3PzZuabL/9f/6f/2//l//fwLv/9f/6//1/0vp//X/c35+/b/+n/Wm1v/n7n9c3NJk/wMAAEAHufsfH7fY/wAAADCM3P1PiFvsfwAAABhG7v4nxi1N9v+l9f+n9P+H0P8vf379v/5f/6//1//r/1fR/+v/5/z8+n/9P+ttvf+/+przd9P+P3f/NXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/S/r/KxYzfv//2c2+tP4/vv7B/v/WU/p//f80+/9b4qeM/l//f7F59/9n9f876//39P8r+/nNfif0//p//T/rbL3/X9P7X/hx7v5r45Ym+x8AAAA6yN3/1LjF/gcAAIBh5O5/Wtxi/wMAAMAwcvc/PW5psv8v7f3/0+//vf9/t+//z193C/3/mWXPr//v0v/v8/5//f8y8+7/vf9/i/3/PfI30/v/D7frfn7uz7+q/7/rBs+v/6eDqfX/ufufEbc02f8AAADQQe7+Z8Yt9j8AAAAMI3f/s+IW+x8AAACGkbv/2XFLg/1/Wv9fz5H0/97/v1H/f27/79f/H3we/b/+fxn9v/5/ld29/1//v5hAPz/35/f+//X9/1XrfhGGN7X+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVv9/xTb6/9NLfz/1//r/ZfT/+v+F/v/Idt3Pz/359f/e/896U+v/c/dfF7fU8Dt9hH9KAAAAYEpy978gbmny5/8AAADQQe7+F8Yt9j8AAAAMI3f/i+KWJvtf/6//1//r/73/X/+/Tfr/4fr/U/r/2+n/9f/6f/0/q02t/8/d/+K4pcn+BwAAgA5y978kbrH/AQAAYBi5+18at9j/AAAAMIzc/S+LW5rsf/2//l//r//X/+v/t0n/P1z/7/3/d6D/1//r//X/rDa1/j93/8vjlib7HwAAADrI3f+KuMX+BwAAgGHk7n9l3GL/AwAAwDBy978qbpnd/r+woN2M/l//r//X/+v/9f/bNP3+/8xGn6X/36f/P2hb/f/ZQ76e/n9az388/X9+9/X/jGkC/f/d7vhx7v5Xxy2z2/8AAADAYXL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/w/r/m6/a/9/X9P/5G6b/j6v/1/8v9P9F/6//X8yi/9+M/n+f/v8g7//X/3v/v/6f1SbQ/x/4OHf/6+OWJvsfAAAAOsjd/4a4xf4HAACAYeTuf2PcYv8DAADAMHL3vyluabL/vf9f/6//1//r//X/26T/1/+vMqP+f2/ZX9T/6//1//p/Vpta/5+7/81xS5P9DwAAAB3k7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//f/O+///GbL/P/+I+n/9v/5f/6//X21G/f9S+n/9v/5f/89qU+v/c/e/PW5psv8BAACgg9z974hb7H8AAAAYRu7+d8Yt9j8AAAAMI3f/u+KWJvtf/6//33n/7/3/Rf8f31f9v/7/Euj/9f8L/f+R7bqfn/vz6//1/6w3tf4/d/+745Ym+x8AAAA6yN3/nrjF/gcAAIBh5O6/Pm6x/wEAAGAYufvfG7c02f/6f/2//l//r//X/2+T/l//v8rJ9v/X3qz/P2jX/fzcn1//r/9nvan1/7n73xe3NNn/AAAA0EHu/vfHLfY/AAAADCN3/wfiFvsfAAAAhpG7/4NxS5P9r/+fe/9/95viCabW/+en6P/1/yv7/73FxfT/+v9Lof/X/y+28v7/C39SLKf/1//r//X/rHZi/f89r77XXW77L2v6/9z9H4pbmux/AAAA6CB3/w1xi/0PAAAAw8jd/+G4xf4HAACAYeTu/0jc0mT/9+j/z1z0aeP0/97/r/+fdP+fP1S9/1//r//X/y813f5/M/p//b/+X//PalN7/3/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk//fo/y+m/9937P3/rf+n/9f/l03e/6//1/9fLv2//n+h/z+yXffzc3/+ofv/Uwv9P8diav1/7v5Pxi1N9j8AAAB0kLv/U3GL/Q8AAADDyN3/6bjF/gcAAIBh5O7/TNxw5//d3SOdKP2//t/7//X/+n/9/zbp/4/Q/586vfFz6f/36f+PZtf9/Nyff+j+3/v/OSZT6/9z9382bvHn/wAAADCM3P2fi1vsfwAAABhG7v7Pxy32PwAAAAxgv3fP3f+FuKXJ/l/T/+/l5x25/z93+NfW/+v/F/p//b/+X/9/mYbs/y+B/n+f/v9odt3Pz/35Z9f/X3/wQ/0/J2FJ/3/+J/Gu+v/c/V+MW5rsfwAAAOggd/+X4hb7HwAAAIaRu//LcYv9DwAAAMPI3f+VuKXJ/l/a/+95/7/+X/+v/1/o//X/x0L/r/9fRf+v/5/z88+u/7+A/p+TMLX3/+fu/2rc0mT/AwAAQAe5+78Wt9j/AAAAMIzc/V+PW+x/AAAAGEbu/m/ELU32/5r3/+v/N/tH0f/r/5f+/0H/r//fsP8/s9D/H5n+X/+/0P8f2a77+bk//+X0/+f0/zQxtf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBh5O7/dtxi/wMAAMAwcvd/J25psv9H7v9XfZr+f5/+X/+/0P9Pof/3/v/LoP/X/y/0/0e2635+7s/v/f/6f9abWv+fu/+7cUuT/Q8AAAAd5O7/Xtxi/wMAAMAwcvffuFjcYP8DAADAmG48/59nF9+PW5rs/5H7/1X0//v0//r/hf5f/79l+n/9/yr6f/3/nJ9f/6//Z72p9f+5+38QtzTZ/wAAANBB7v4fxi32PwAAAAwjd/+P4hb7HwAAAIaRu//HcUuT/a//1//r//X/+n/9/zbp//X/q+j/9f9zfn79v/6f9abW/+fu/0nc0mT/AwAAQAe5+38at9j/AAAAMIzc/T+LW+x/AAAAGEbu/p/HLU32v/5f/6//1//r//X/26T/1/+vov/X/8/5+fX/+n/Wm1r/n7v/F3FLk/0PAAAAHeTu/2XcYv8DAADAMHL3/ypusf8BAABgGLn7fx23NNn/+v/bnuNc/XX9v/5f/6//T/r/49G2/7/tX6v6/7X0//r/OT+//l//z3pT6/9z9/8mbmmy/wEAAKCD3P2/jVvsfwAAABhG7v7fxS32PwAAAAwjd//v45Ym+1//7/3/+n/9/zz6/yv1//r/pSbb/3v//0b0//r/OT+//l//z3pT6/9z998UtzTZ/wAAANBB7v4/xC32PwAAAAwjd/8f4xb7HwAAAIaRu//muKXJ/tf/6/+H7P/39P/j9f/e/z/L/v9O+n/9/2r6f/3/nJ9f/6//Z72p9f+5+/8UtzTZ/wAAANBB7v4/xy32PwAAAAwjd/9f4hb7HwAAAIaRu/+vcUuT/a//1/8P2f97/7/+X/8/Gfp//f8q+n/9/5yfX/+v/2e9qfX/ufv/Frc02f8AAADQQe7+v8ct9j8AAAAMI3f/P+IW+x8AAACGkbv/n3FLk/2v/9f/6//1//p//f826f/n2/9fuThC/3/dQv+v/9f/6//1/5Sp9f+5+/8VtzTZ/wAAANBB7v5b4pal+///T+ipAAAAgOOUu//fcYs//wcAAIBh5O7/T9zSZP/r//X/+n/9v/5f/79N+v/59v/e/7+e/l//r//X/7Pa1Pr/3P3/DQAA///E7/7M")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc6081, 0xcc)
mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x2000001, 0x4010933, r0, 0xb4b40000)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x82200, 0x0)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendfile(r1, r2, 0x0, 0x20fffe85)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000140)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xc, 0x0, &(0x7f0000000000))

5.631392878s ago: executing program 1 (id=1728):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
getsockopt$bt_BT_POWER(r0, 0x12, 0x4, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x10000005)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0b000000ff000000324900007f00000001"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000000100)=0x7d8, &(0x7f0000000140)='%pi6   \x00'}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380), &(0x7f0000000300), 0x2, r6}, 0x38)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, 0x0, 0x0)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, 0x0, 0x44049)

5.545308392s ago: executing program 2 (id=1729):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x1a1003)
r2 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$vhost_msg_v2(r2, &(0x7f0000000180)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
io_uring_setup(0xd, 0x0)
move_pages(0x0, 0x0, 0x0, &(0x7f0000001180), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
r3 = syz_open_procfs(0xffffffffffffffff, 0x0)
sendfile(r3, r3, &(0x7f0000000240)=0x3, 0x8f)
setsockopt$inet6_int(r0, 0x29, 0xcb, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x28, &(0x7f0000000080)={@multicast1, @local}, 0xc)

5.294937175s ago: executing program 4 (id=1730):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup(r0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x3}}, './file0/../file0\x00'})
getsockname$inet6(r1, &(0x7f0000000240)={0xa, 0x0, 0x0, @private0}, &(0x7f0000000280)=0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x0, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x8, &(0x7f00000000c0)=0x20007, 0x4)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000010, 0x0, 0x0)
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20004882)
r5 = socket(0x10, 0x803, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x3c}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002480)=@newtfilter={0x8b4, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xf}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x880, 0x2, [@TCA_U32_POLICE={0x858, 0x6, [@TCA_POLICE_RATE={0x404, 0x2, [0x80000, 0x3, 0xf, 0xfdb, 0x1, 0x80, 0x7, 0x7, 0x40000000, 0xaa04, 0x80000001, 0x99, 0x8000, 0x1000, 0x3, 0x0, 0x7fffffff, 0x80, 0x1, 0x7, 0x0, 0x9, 0x4, 0x5, 0x80000001, 0x2, 0xe0, 0x9, 0x1, 0x80000000, 0x1, 0xffff8001, 0x9, 0x10001, 0x7, 0x10000, 0x30, 0x807, 0x1000, 0xfff, 0x7, 0x2, 0x5, 0x48a, 0x9, 0x1000, 0x7, 0x7198, 0x8, 0x80000001, 0x1, 0x101, 0x3, 0x7, 0x2, 0x8, 0x10000, 0x2, 0x1, 0x2, 0x6, 0x9, 0x13, 0x2, 0xffff, 0x80, 0xbf77, 0x8, 0xc52, 0x6, 0x9, 0x7, 0x9, 0x5, 0x8, 0x3, 0x8, 0x5, 0x8, 0x1, 0x3, 0x7fffffff, 0x8, 0x2845, 0x2, 0xe9, 0x2a, 0x3, 0x891, 0x8, 0x1, 0x12, 0x6, 0xfff, 0xffffc9b5, 0x80000000, 0x2, 0x6, 0x6, 0xaa, 0x0, 0x8, 0x0, 0x0, 0x5, 0x1, 0x2, 0x40, 0x4, 0x7, 0xa, 0x8000, 0x4, 0xffffff2d, 0x0, 0xffff7fff, 0x2, 0x3, 0x6, 0x2f1e, 0x8, 0xfcb, 0x8, 0x1, 0x9, 0x6fe68a84, 0x200, 0x1, 0xfffffff9, 0xb, 0x1, 0xab, 0x9, 0x7, 0x0, 0xe, 0x10001, 0x8, 0xa, 0x6, 0x0, 0xa1, 0x7, 0xffff519d, 0x9, 0x4, 0x2, 0x3, 0x1, 0x2, 0x9, 0x4ae, 0x8, 0x1e9, 0x9, 0x101, 0x200, 0x4, 0x4, 0x1, 0x5, 0x5, 0x7, 0x5, 0x0, 0x7, 0x80, 0x2, 0x2, 0x1, 0x5, 0x101, 0x7, 0x4, 0x9, 0x7e32, 0x8800, 0x4, 0xf85f, 0x10000, 0x800, 0xffffffff, 0x7, 0x4af, 0x7e21, 0x1, 0x5027, 0x8, 0x10000, 0x4, 0x3, 0x7, 0x680, 0xc1, 0x2, 0x7, 0x8, 0x401, 0x74dc, 0x400000, 0x401, 0x92c, 0xffff32d2, 0x4, 0xafcf, 0x7f, 0x5, 0xffff0000, 0x0, 0x8, 0x200, 0x4a, 0x4000, 0x0, 0x9, 0x10000, 0x4d4fbb35, 0xb2, 0x4, 0x5, 0x0, 0x100, 0x8001, 0x6, 0xfffffff8, 0x9, 0x2, 0x81, 0x2, 0xc, 0xa, 0x94, 0x3b0, 0x401, 0x118966c9, 0xe56, 0x8, 0x4, 0x1800000, 0x6a, 0x9d6, 0x200, 0x2, 0x40, 0x7, 0x8000, 0x7e, 0x6, 0x5, 0x7, 0x4, 0x3, 0xff, 0xe, 0x80, 0x5]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x9, 0x1, 0x5, 0x53e5, 0x7f, 0x4, 0x3000000, 0x0, 0xf0000000, 0x3, 0xfff, 0xe, 0x7, 0xf8, 0x1ff, 0x3, 0x800001, 0xfffffffb, 0x8001, 0xff, 0x0, 0xfff, 0x80, 0x1, 0x5, 0xffff, 0x6, 0x1, 0x7, 0x9, 0x10000, 0x0, 0x5, 0xe184, 0x4, 0x1, 0xadd, 0x1, 0x16, 0x4, 0xa35c, 0xc, 0x80, 0xff, 0x6, 0x2, 0xd, 0x1, 0x3, 0x5, 0x4, 0x401, 0x4, 0x4, 0x1, 0x3, 0x8, 0xfffffffc, 0x3, 0xc1, 0x2, 0xffff, 0x80, 0xfffffff1, 0x7ff, 0x9, 0xfffffffe, 0x2, 0x6, 0x80, 0x200, 0x1000, 0xb11a, 0x0, 0x5, 0x8, 0xf49d, 0x5, 0x3361, 0x435, 0x7fffffff, 0x2, 0x2, 0xc4, 0x9, 0x0, 0xee2, 0x4, 0x401, 0xfffffffa, 0x8000, 0x2, 0x0, 0x5, 0x5dd3c81c, 0xffffffff, 0x7, 0x3, 0x81, 0x9, 0x5, 0xfffffffc, 0x2, 0x1, 0x8, 0x6, 0x0, 0x6, 0xc, 0x8, 0x6, 0x100, 0x1, 0xb5a, 0x7, 0x4, 0x18, 0x8, 0x31, 0x1ff, 0x4, 0x9, 0x400, 0x2, 0x6, 0x7, 0x9, 0x91e7, 0x5, 0x7, 0x81eb, 0x400, 0xffff, 0x9, 0x9, 0x6, 0x7, 0x6, 0xea, 0x3, 0x9, 0x4, 0x3, 0x7, 0x80, 0x8, 0x1, 0xbf0, 0x7, 0x7, 0x66, 0x7, 0x6, 0x3, 0x9, 0x0, 0x9c4, 0x7fff, 0x7, 0x800, 0x5, 0x9, 0x10001, 0x4, 0x2a64aeea, 0x0, 0x5, 0x2, 0x1, 0xf, 0x1ff, 0x400, 0x3, 0x3ff, 0xb, 0x39, 0x0, 0x8, 0xffffffff, 0x0, 0x8, 0x6, 0x9, 0x2, 0xffffffff, 0x401, 0x9, 0x800, 0x9, 0xeb, 0x8, 0x6ed, 0x5, 0x2004, 0x4c3e, 0x1bd, 0x381, 0x4282, 0x4, 0x7, 0x1, 0x4, 0xfffffff7, 0x5, 0x7, 0x0, 0x46, 0x9, 0x3, 0x3, 0x6, 0x9, 0x4, 0x1, 0x4, 0xfffeffff, 0xe, 0x3ff, 0x80000000, 0x7, 0x80, 0x7, 0x10042b, 0x7, 0x7, 0xfff, 0x5, 0x8, 0xffffffff, 0xffff671f, 0x7, 0x4, 0x80, 0x6, 0x4, 0xd, 0x1, 0xff, 0x2, 0x5be228d5, 0x2, 0x0, 0x8, 0xaff0, 0x8001, 0x3, 0x1, 0x7, 0x0, 0x51e, 0x2, 0x6, 0x4, 0xfffffffc, 0xd97, 0xa8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x4, 0x4, 0x6, 0x0, {0x7, 0x2, 0x3, 0x10, 0x4, 0x8}, {0x6, 0x2, 0x9, 0xe23, 0x100, 0x5}, 0x7, 0x99, 0xef2}}, @TCA_POLICE_AVRATE={0x8, 0x4, 0xadd1}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x9}]}, @TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0x6, 0x20008000, 0x4, 0x1}]}}]}}, @TCA_RATE={0x6, 0x5, {0x2, 0xe}}]}, 0x8b4}, 0x1, 0x0, 0x0, 0x4000000}, 0x24040084)

2.970704831s ago: executing program 4 (id=1731):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000008c0)={0x94, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}]}, 0x94}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x38}}, 0x0)

2.900813295s ago: executing program 0 (id=1732):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

1.572602851s ago: executing program 0 (id=1733):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x4000, &(0x7f0000000200)=ANY=[], 0xff, 0x60c0, &(0x7f000000d800)="$eJzs3U1vHVf9B/DfffC147RpVP1V5R+xcFMeWkrznEB5asqCBSxAQl2TyHWrlBRQEhCtIuLKC8QGeAmw6YZFJV4BL6CvASGxJVLSVReUQWOf44xvrn3tJp659vl8pJuZ35w7vmfyveOZ65m5EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/OD7PznXi4irv04Tjkc8FYOIfsSRul6KeuRKfv4wIk7EenM8FxGD+Yh6/vV/nom4GBEfH4u4/+DOcj35/C77cens7Zuf/fB7//jdH9dOvPPmTz8cb//x/1346Pd3I47/6NWPPrv7ZJYdAAAASlFVVdVLH/NPps/3/a47BQC0Im//qyRPV6vVavUTrf/Q38vznzradX/Vh7Ruqia72ywiYrU5T73P4HA8ABwwq/Fp112gQ/Iv2jAijnbdCWCm9bruAPvi/oM7y72Ub6+5PVjaaM9/p9yS/2pv8/qO7YbTjJ9j0tb7ay0G8ew2/TnSUh9mSc6/P57/1Y32UXrefufflu3yH21c+lScnP9gPP8xW/L/U0Qc2Pz7E/MvVc5/uJf8VwcHeP2XPwAAAAAAh1/++//xjo//zj/+ouzKTsd/l1rqAwAAAAAAAAA8aY97/79N7v8HAAAAM6v+rF7787GH07b7LrZ6+hu9iKfHng8UZqnx5YAAAAAAAAAAAAAAQDuGEYvpvP65iHh6cbGqqvrRNF7v1ePOf9CVvvxQsq5/yQMAwIaPj41dy9+LWIiIN9J3/c0tLi5W1VxELFZH5vP+7Gh+oTrS+Fybh/W0+dEudoiHo6r+YQuN+ZqmfV6e1j7+8+rXGlWDXXSsHR0GDgARsbE1um+LdMhU1TPR9V4OB4P1//Cx/rMbXb9PAQAAgP1XVVXVS1/nfTId8+933SkAoBV5+z9+XECtVquLqT/ZmDgz/VGr97Fuqia72ywiYrU5T73P4Hb8AHDArManXXeBDsm/aMOIONF1J4CZ1uu6A+yL+w/uLPdSvr3m9mBpoz2fC7Il/9Xe+nx5/knDacbPMWnr/bUWg3h2m/4811IfZknOvz+e/9WN9nyL/818FvYn/7Zsl3+9nMc76E/Xcv6D8fzH7Pf635a16E/Mv1Q5/+Ge8h/IHwAAAAAAZlj++/9xx3/zIgMAAAAAAADAgXP/wZ3lfN1rPv7/hQnP6zXHXP95aOT8e7vO3/W/h0nOvz+e/9gJOYPG+L3XH+b/yYM7yx/e/vf/5+HM5z83GNWvPdfrD4bpnJ9q7q24HjdiJc4+8vzhlvZzj7TPbWk/P6X9wiPto7r9SG4/Hcvxi7gRb262z085MWphSns1pT3nP7D+FynnP2w86vwXU3tvbFi790H/kfW+OZz0Olf++p8vP7p2tWG4pVqLweayNRyr/znVWp8eWv8/OTqKX91auXn6N9du3755LtJgy9TzkQZPWM5/Lj1y/i++sNGef+8319d7H4z2nP+sWIvhpPzX398vNMbr5X2p5b51Iec/So+cf94CTV7/D3L+E9f/9eV7uYP+AAAAAAAAAAAAAAAAwE6qqlq/RPRKRFxO1/90dW0mANCuvP2vkjxdre6g/tffZqs/arVavbXuzVh/PkfdVE32WrOIiL8356n3GX476YcBALPsvxHxz647QWfkX7D8fX/18ItddwZo1a333v/ZtRs3Vm7e6ronAAAAAAAAAMDnle//udS4//P6eUBj943ecv/X12PpwN7/sz8arN/rPC3Q87Hz/b9Pxc73/x5Oeb25Ke2jKe3zU9oXprRPvNCjIef/fMo4538yLVhJ9399sYP+dC3nfyrd6znn/5Wx5zXzr/5ykPPvb8n/zO13f3nm1nvvv3L93Wtvr7y98vNzZy9fvHDp4oVLl868df3GytmNfzvs8f7K+ed7XzsPtCw5/5y5/MuS8/9SquVflpT/5m6o/MuS1/+8vyf/suT882cf+Zcl5/9SquVflpz/V1Mt/7Lk/F9OtfzLkvP/WqrlX5ac/yupln9Zcv6nUy3/suT8z6Ra/mXJ+ecjXPIvS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/cqrlX5ac/9dTLf+y5Py/kWr5lyXn/2qq5V+WnP83Uy3/suT8v5Vq+Zcl5//tVO+U/zst9ot25Py/k2rrf1ly/t9NtfzLkvN/LdXyL8vD7/83sueRxdnoRpsjVRUxA90wsu8jXf9mAgAAAAAAAAAAAADGtXE6cdfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jVGrrO+H/izV6+TQPwnIYQQiO1cMGST3fUtMcFgrv809JIGQksLdYy9dgy+1buGBKFmaWgLAqmR2hf0RSkgQEhtlahCKpUoilSk9k1VXhVFlVArIdWVoDIRVKICtjpznufZmdnZmV3vrj1zzueD4p+9M2fmmTNnZve76DsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuNts380FEIo/mv8sS2E64q/bw2Hin8u7L/aKwQAAADW6+eNP//q+vyFQ6vYqOk6//iaf/n64uLiYvjgixd/8SeLi/mC7SGMbAmhcVnyTz/9yWLzdaKnw8TQcNO/h3vc/UiPy0d7XD7W4/LxHpdv6XH5RI/Ll+2AZbaWv49p3Ngdjb9uK3dpuDGMNS67o8NWTw9tGR5Ov8tpGGpsszh2PJwMp8JsmF62zVDjfyF8c0dxXw+GdF/DTfd1awjh0o8+fjStYSju4ztCy501ND93P3xL2P7ijz5+9KvzP3hlp9lzNyxbaQi7dhbr/GQIS7+uCkNhS94naZ3DTeu8tcM6R1rWOdTYrvh7+zovrXKd6XFPxHV+p8s6b41fe+L2EMJCWPE67Z4Ow+GatnvN+3uiPCKK2yieypeF0TUdJztWcZwU23z/9tbjpP2YTPt/R9wnoyusofnp+OEnxpft98s9TopH3Q/HanHbDxd3OjHR/KvVlmO1uM7H71z5GOj43HU4BvKx3HQM7Ox1DAyPjzSOgeGlNe9sOQZmlm0zHIYa93Xxzu7HwNT86XNTc09+7J6Tp4+cmD0xe2Zmev/ePfv27tm3b+r4yVOz0+Wfa9ulA+SaMJyPwZ3xvSYdg69tu27zIbn4xY17HUz0yeugeOzvuatY0HXDYYVjvLjOJ3et/3WQv+83vQ5Gm14HHd9TO7wORlfxOiiuc2nX6r5njjb912kNm/VeuK3pGLia3w+L+3z/61Z+L7w1rutTr1/r98ORZcdAelhD8bVXfCX/vDdxf9wvy4+LW4oLrh0PF+Zmz9/7xJH5+fMzIY4r4oam56r9eLmm6TGFZcfL8JqPl0N/+bO7bunw9W1xX03cvfRcjXd4Horr7J3s/lw13t0778+Wr+4OcWywK70/O303K/ZnzhJdjv3iOp+8Z/0/C+Zc0vT+N9br/W9kbLR8/xvJe2Os5f1v+VMz0lhZCJfuWd3731j870q//93YJ+9/xb56/73dj4HiOp+aWusxMNr1/e/2OIfiel4XE8NEU+7/RePyhfIwbXouex43o6Nj8bgZTffYetzsWbZNcWvFfe+avrzjZtftrc9Vy88tFTxuin31p9Pdj5viOs/PrP+9Y2v6a9N7x3ivY2BsZLxY71g+CMr3u8Wt6Ri4NxwNZ8OpcCxvUzzLxX1N7l7dMTAe/7vS7x0398kxUOyrz+3ufgwU1/n2no392WlX/Eq+TtPPTu2/X1gp898yunR77bttozN/sc637+3+u6HiOj/Yu9ac0X0/3R2/cm2H/dT++lnpmD4Wrsx+ujmu89S+7r+bKq5z4/5VHk+HQggvzLzQ+H1X/P3u31z416+3/N630++UX5h54aGpR767lvUDAHD5ftH4c2G8/Fmz6f+xXs3//w8AAAAMhJT7h+PM5H8AAACojJT7R+LM5H8AAACojJT7R+PMapL/H7//wLM/fyrkTwNcjNLlaTc8/KbyeqnjvRD/vX1xSfH1t3557NlPP7W6+x4OIfzsoVd1vP7jb0rrKp1L63xD69eXufm2Vd3/Y48uXa/58xMuHShvPz2e1R4Gqav8zandjdvd/uRMYz7/UGjMRxY+9XR5++W/0/Uv7imv/+fxQ0sOHR9q2X5XXM8dcW6Pnynz8KGl/VDMtN2zt77mH25479L9pe2Gdr608TA/93vl7abPiHrmhvL66XGvtP6//8zXni2u/8Sdndf/1HDn9V+Mt/v9OH96sLx+8z7/dNP6/yCuP91f2u7eL32r4/qfe0V5/eficfGFONvX/5Y/fvXPOz1f6X4OPVBul+5/+n/2NrZLt5duv339E0/NtOyP9tt//sXydg5+5McjzddPX0/3kzz2QOvxPRSf35YeeQjha38YWvZzeGO53d+1rT/d3rkHOq//7rZ1nhu6rbH90uPZ1vK4Pv+V3R0fb1rPob/e1vJ4nnlH3H8vTn27uN2Lj8TjMV7+v98pb6/9s0yfe0fr+026/he2la/bdHtTbet/pm39C7cV+673+h98sVz/c2/e0rL+Q++Mx9OD5ey1/hN/cX3L9l/8avl8nP/o5JmzcxdOHosPZlvb63jLxNZrrr3uJS+9Pr6Xtv/78Nn5x2fPb5/ePh3C9gH8yMDNXv+X4vzvcixs/D2Uvvvj8rj77LvK71uv/Un572fi1x+Lz2f6/vj5PxtrOV7bn/eFN5dzvet/fVzHar3iM/9xW4cv/+eyz/y9+IFvXvjb3/9B+88F6fGce/lE4/F9bsdNjcuGni8vb3+/6uXfX976uv7e6HRjfiPu18X4ycw7byrvr/3202eTfPbd5es3/SSXtg9tnyeybaT1cax3/d+LP8d86+bW9790fHzjqbZPc94WhoolLMT3h7BQXp6ulfb3Zy/d1PH+0ufwhIVXrmWZK5p7cm7q1MkzF56Ymp+dm5+ae/Jjh0+fvXBm/nDjs0sPf6jX9kuv72sar+9js/v3hsar/Ww5NtnVXv+5R48eu2/6rmOzx49cOD7/6LnZ8yeOzs0dnT02d9eR48dnP9pr+5PHDs7sPrDnvt2TJ04eO3j/gQN7DkyePHO2WEa5qB72T3948sz5w41N5g7uPTCzb9/e6cnTZ4/NHrxvenryQq/tG9+bJoutPzJ5fvbUkfmTp2cn505+bPbgzIH9+3f3/PTH0+eOz22fOn/hzNSFudnzU+Vj2T7f+HLxva/X9tTD3Nn4ftdmKP50/r679+fPxy18+RMr3lR5ldYfT8MP42dBpe9vvf6dcv9YnFlN8j8AAADUQcr98YP/ly6Q/wEAAKAyUu7fEmcm/wMAAEBlpNw/EWdWk/yv/6//r/+v/6//fwX7/0H/f6Pp/29I/385/f9V0f/X/9f/1/+nu37r/6fcvzWEWuZ/AAAAqIOU+6+JM5P/AQAAoDJS7r82zkz+BwAAgMpIuf+6OLN65P+x9r/q/+v/6/839//TdfX/g/6//v9l0v/X/+9G/1//f5DX34f9/636//Sbfuv/p9z/kjizeuR/AAAAqIWU+18aZyb/AwAAQGWk3H99nJn8DwAAAJWRcv+2OLOa5P8NPP//Z+JF+v/6/4Pe/z+djmPn/9f/1/9fP/1//f9u9P/1/wd5/X3Y/3f+f/pOv/X/U+7/f3FmNcn/AAAAUAcp978szkz+BwAAgMpIuf+GODP5HwAAACoj5f4b48xqkv83sP/v/P/6/1Xp/zed/1//v5n+v/7/5dD/1//vRv9f/3/j1z8Uf0zQ/++1vf4/V0K/9f9T7n95nFlN8j8AAADUQcr9N8WZyf8AAABQGSn3vyLOTP4HAACAyki5/+Y4s5rkf/1//X/9f/1//X/9/82k/6//343+v/7/IK9f/1//n976rf+fcv8r48xqkv8BAACgDlLuvyXOTP4HAACAyki5/1VxZvI/AAAAVEbK/bfGmdUk/+v/91X//8mg/7+8/z+s/6//X1pr/79hoff69f8312D1/4dXvET/v6T/30r/X/9f/1//n+76rf+fcv+r48xqkv8BAACgDlLuf02cmfwPAAAAlZFy/21xZvI/AAAAVEbK/dvjzGqS//X/+6r/7/z/zv+v/+/8/0v9//kh/f9VcP5//f+g/3/ZrnZ/ftDXr/+v/09v/db/T7l/R5xZTfI/AAAA1EHK/TvjzOR/AAAAqIyU+2+PM5P/AQAAoDJS7r8jzqwm+V///zL7/1tb/6n/33n9+v/6//r/zv+v/6//343+v/7/IK9f/391/f/xXjdEpfVb/z/l/jvjzGqS/wEAAKAOUu6/K85M/gcAAIDKSLn/tXFm8j8AAABURsr9u+LMapL/9f+d/1//X/9f/1//fzPp/6+6/7/1cta1Kf3/9Car/9+T/r/+/6D0/yc6bO/8/1wJ/db/T7n/dXFmNcn/AAAAUAcp978+zkz+BwAAgMpIuf/uODP5HwAAACoj5f7JOLOa5H/9f/1//X/9f/1//f/NVNX+f34fdf5//X/9f/3/Te7/f2WF7Qfl/P/UW7/1/1PuvyfOrCb5HwAAAOog5f5748zkfwAAAKiMlPun4szkfwAAAKiMlPun48xqkv+r3/9vbxaX9P9L+v/6/0H/X/9/k1W1/99+/v8Qgv6//n+m/6//32/n/+9E/58rYf39//G8SePPdfb/U+6fiTOrSf4HAACAOki5f3ecmfwPAAAAlZFy/544M/kfAAAAKiPl/r1xZjXJ/9Xv/3em/1/S/9f/D/r/+v+brC79f+f/Ly/X/y/p/+v/6//r/9fRcIevrb//v7RJ48919v9T7t8XZ1aT/A8AAAB1kHL//jgz+R8AAAAqI+X+++LM5H8AAACojJT7748zq0n+1//X/9f/1//v3/5/6/1vXv//v/T/N5H+v/5/N/r/+v+DvH79f/1/etvY/v/16+7/p9x/IM6sJvkfAAAA6iDl/jfEmcn/AAAAUBkp9z8QZyb/AwAAwEDpdB7CJOX+N8aZ1ST/6/9Xvf+/uEX/X/9/cPv/rfvT+f/1/zuJb5/6/6tUr/7/1mX3p//f6mr35wd9/fr/+v/0trH9/2U/nq65/59y/8E4s5rkfwAAAKiDlPvfFGcm/wMAAEBlpNz/5jgz+R8AAAAqI+X+Q3FmNcn/+v9V7//33/n/h8Lg9v9H9f/1//X/18z5//X/u3H+/8Hs/6fP3dD/75/+f3EM6f/Tj/qt/59y/1vizGqS/wEAAKAOUu5/a5yZ/A8AAACVkXL/2+LM5H8AAACojJT73x5nVpP8r/+v/+/8/87/r/+v/7+Z9P/1/7vR/x/M/n+i/98//X/n/6df9Vv/P+X+d8SZ1ST/AwAAQB2k3P/OODP5HwAAACoj5f7/H2cm/wMAAEBlpNz/YJxZTfJ/hfr/Y3Hq/+v/6//r/zfo//cH/X/9/270//X/B3n9+v/6//TWb/3/lPt/Kc6sJvkfAAAA6iDl/ofizOR/AAAAqIyU+98VZyb/AwAAQGWk3P/LcWY1yf8V6v+X+vT8/8P59vX/9f/1//X/9f830oD2/yf0/0v6//r/g7x+/X/9f3rrt/5/yv2/EmdWk/wPAAAAdZBy/6/Gmcn/AAAAUBkp9/9anJn8DwAAAJWRcv/DcWY1yf/6/87/r/+v/9+3/f/R1v2p/6//38mA9v+d/z/S/9f/H+T16//r/9Nbv/X/U+7/9TizmuR/AAAAqIOU+x+JM5P/AQAAoDJS7n93nJn8DwAAAJWRcv974sxqkv/1//X/9f/1//u2/9+2P/X/+7X//29dL9X/1//vRv9f/3+Q16//r/9Pb/3W/0+5/9E4s5rkfwAAAKiDlPvfG2cm/wMAAEBlpNz/G3Fm8j8AAABURsr9vxlnNpj5f3itG+j/6//r/+v/r7r/vxBC0P/X/18j/f/l/f/iPexq9v/HV3NF/f9V0f/X/9f/1/+nu37r/6fc/744s8HM/wAAAEAHKff/VpyZ/A8AAACVkXL/b8eZyf8AAABQGSn3vz/OrCb5X/9f/1//X//f+f/1/zeT/n+9zv8/HvT/g/6//r/+v/4/Wb/1/1Pu/0CcWU3yPwAAANRByv2/E2cm/wMAAEBlpNx/OM5M/gcAAIDKSLn/sTizmuR//f+r1P/fWl5f/1//vzr9/0X9f/3/jvT/69X/d/7/kv6//r/+v/4/pX7r/6fcfyTOrCb5HwAAAOog5f4PxpnJ/wAAAFAZKfcfjTOT/wEAAKAyUu4/FmdWk/yv/+/8//r/+v/O/6//v5n0//X/u9H/1/8f5PXr/+v/01u/9f9T7p+NM6tJ/gcAAIA6SLn/eJyZ/A8AAACVkXL/iTgz+R8AAAAqI+X+x+PMapL/9f/1/1fV/x8L+v/6//r/+v+XRf9f/78b/X/9/0Fev/6//j+9bVz//583pP+fcv/JOLOa5H8AAACog5T7PxRnJv8DAABAZaTc/+E4M/kfAAAAKiPl/lNxZjXJ//r/+v/O/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+ltKGxU/z9sSP8/5f7TcWY1yf8AAABQByn3n4kzk/8BAACgMlLuPxtnJv8DAABAZaTcfy7OrCb5X/9f/1//v4L9f+f/b9D/7w/6//r/3ej/6/8P8vr1//X/6W3jzv+/Mf3/lPt/N86sJvkfAAAA6iDl/v9j7z6a5LyrPY63riWPVK5bd3X3vAV27OAd+DWwYUuRc44GTE4m55yTiSbnnIPJORlMBkOVKWvOOfZIPd2t0fT08/zP57PgMGaseayhxvUr1beee8ct9j8AAAAMI3f/feIW+x8AAACGkbv/vnFLk/2v/9f/6//1//p//f826f/1/6vo/+fT/59Z8vfr//X/+n/WmVr/n7v/fnFLk/0PAAAAHeTuv3/cYv8DAADAMHL3PyBusf8BAABgGLn7Hxi3NNn/+n/9v/5/Mv3/fuen/9f/6/8vif5f/7/Ydf9/Lj4YvP9fRv+v/9f/s87U+v/c/Q+KW5rsfwAAAOggd/+D4xb7HwAAAIaRu/8hcYv9DwAAAMPI3f/QuKXJ/tf/6//H7f/35tb/e/9/fl9H7P9P3f5l9f/HS/+v/1/suv9v8v7/ZfT/+n/9P+tMrf/P3f+wuKXJ/gcAAIAOcvc/PG6x/wEAAGAYufsfEbfY/wAAADCM3P2PjFua7H/9v/5/3P5/du//1//n93WI/v9c/Tre/6//1/8fTv+v/5/z8+v/9f+sN7X+P3f/o+KWJvsfAAAAOsjd/+i4xf4HAACAYeTuf0zcYv8DAADAMHL3PzZuabL/9f/6f/2//l//fwLv/9f/6//1/0vp//X/c35+/b/+n/Wm1v/n7n9c3NJk/wMAAEAHufsfH7fY/wAAADCM3P1PiFvsfwAAABhG7v4nxi1N9v+l9f+n9P+H0P8vf379v/5f/6//1//r/1fR/+v/5/z8+n/9P+ttvf+/+przd9P+P3f/NXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/S/r/KxYzfv//2c2+tP4/vv7B/v/WU/p//f80+/9b4qeM/l//f7F59/9n9f876//39P8r+/nNfif0//p//T/rbL3/X9P7X/hx7v5r45Ym+x8AAAA6yN3/1LjF/gcAAIBh5O5/Wtxi/wMAAMAwcvc/PW5psv8v7f3/0+//vf9/t+//z193C/3/mWXPr//v0v/v8/5//f8y8+7/vf9/i/3/PfI30/v/D7frfn7uz7+q/7/rBs+v/6eDqfX/ufufEbc02f8AAADQQe7+Z8Yt9j8AAAAMI3f/s+IW+x8AAACGkbv/2XFLg/1/Wv9fz5H0/97/v1H/f27/79f/H3we/b/+fxn9v/5/ld29/1//v5hAPz/35/f+//X9/1XrfhGGN7X+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVv9/xTb6/9NLfz/1//r/ZfT/+v+F/v/Idt3Pz/359f/e/896U+v/c/dfF7fU8Dt9hH9KAAAAYEpy978gbmny5/8AAADQQe7+F8Yt9j8AAAAMI3f/i+KWJvtf/6//1//r/73/X/+/Tfr/4fr/U/r/2+n/9f/6f/0/q02t/8/d/+K4pcn+BwAAgA5y978kbrH/AQAAYBi5+18at9j/AAAAMIzc/S+LW5rsf/2//l//r//X/+v/t0n/P1z/7/3/d6D/1//r//X/rDa1/j93/8vjlib7HwAAADrI3f+KuMX+BwAAgGHk7n9l3GL/AwAAwDBy978qbpnd/r+woN2M/l//r//X/+v/9f/bNP3+/8xGn6X/36f/P2hb/f/ZQ76e/n9az388/X9+9/X/jGkC/f/d7vhx7v5Xxy2z2/8AAADAYXL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/w/r/m6/a/9/X9P/5G6b/j6v/1/8v9P9F/6//X8yi/9+M/n+f/v8g7//X/3v/v/6f1SbQ/x/4OHf/6+OWJvsfAAAAOsjd/4a4xf4HAACAYeTuf2PcYv8DAADAMHL3vyluabL/vf9f/6//1//r//X/26T/1/+vMqP+f2/ZX9T/6//1//p/Vpta/5+7/81xS5P9DwAAAB3k7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//f/O+///GbL/P/+I+n/9v/5f/6//X21G/f9S+n/9v/5f/89qU+v/c/e/PW5psv8BAACgg9z974hb7H8AAAAYRu7+d8Yt9j8AAAAMI3f/u+KWJvtf/6//33n/7/3/Rf8f31f9v/7/Euj/9f8L/f+R7bqfn/vz6//1/6w3tf4/d/+745Ym+x8AAAA6yN3/nrjF/gcAAIBh5O6/Pm6x/wEAAGAYufvfG7c02f/6f/2//l//r//X/2+T/l//v8rJ9v/X3qz/P2jX/fzcn1//r/9nvan1/7n73xe3NNn/AAAA0EHu/vfHLfY/AAAADCN3/wfiFvsfAAAAhpG7/4NxS5P9r/+fe/9/95viCabW/+en6P/1/yv7/73FxfT/+v9Lof/X/y+28v7/C39SLKf/1//r//X/rHZi/f89r77XXW77L2v6/9z9H4pbmux/AAAA6CB3/w1xi/0PAAAAw8jd/+G4xf4HAACAYeTu/0jc0mT/9+j/z1z0aeP0/97/r/+fdP+fP1S9/1//r//X/y813f5/M/p//b/+X//PalN7/3/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk//fo/y+m/9937P3/rf+n/9f/l03e/6//1/9fLv2//n+h/z+yXffzc3/+ofv/Uwv9P8diav1/7v5Pxi1N9j8AAAB0kLv/U3GL/Q8AAADDyN3/6bjF/gcAAIBh5O7/TNxw5//d3SOdKP2//t/7//X/+n/9/zbp/4/Q/586vfFz6f/36f+PZtf9/Nyff+j+3/v/OSZT6/9z9382bvHn/wAAADCM3P2fi1vsfwAAABhG7v7Pxy32PwAAAAxgv3fP3f+FuKXJ/l/T/+/l5x25/z93+NfW/+v/F/p//b/+X/9/mYbs/y+B/n+f/v9odt3Pz/35Z9f/X3/wQ/0/J2FJ/3/+J/Gu+v/c/V+MW5rsfwAAAOggd/+X4hb7HwAAAIaRu//LcYv9DwAAAMPI3f+VuKXJ/l/a/+95/7/+X/+v/1/o//X/x0L/r/9fRf+v/5/z88+u/7+A/p+TMLX3/+fu/2rc0mT/AwAAQAe5+78Wt9j/AAAAMIzc/V+PW+x/AAAAGEbu/m/ELU32/5r3/+v/N/tH0f/r/5f+/0H/r//fsP8/s9D/H5n+X/+/0P8f2a77+bk//+X0/+f0/zQxtf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBh5O7/dtxi/wMAAMAwcvd/J25psv9H7v9XfZr+f5/+X/+/0P9Pof/3/v/LoP/X/y/0/0e2635+7s/v/f/6f9abWv+fu/+7cUuT/Q8AAAAd5O7/Xtxi/wMAAMAwcvffuFjcYP8DAADAmG48/59nF9+PW5rs/5H7/1X0//v0//r/hf5f/79l+n/9/yr6f/3/nJ9f/6//Z72p9f+5+38QtzTZ/wAAANBB7v4fxi32PwAAAAwjd/+P4hb7HwAAAIaRu//HcUuT/a//1//r//X/+n/9/zbp//X/q+j/9f9zfn79v/6f9abW/+fu/0nc0mT/AwAAQAe5+38at9j/AAAAMIzc/T+LW+x/AAAAGEbu/p/HLU32v/5f/6//1//r//X/26T/1/+vov/X/8/5+fX/+n/Wm1r/n7v/F3FLk/0PAAAAHeTu/2XcYv8DAADAMHL3/ypusf8BAABgGLn7fx23NNn/+v/bnuNc/XX9v/5f/6//T/r/49G2/7/tX6v6/7X0//r/OT+//l//z3pT6/9z9/8mbmmy/wEAAKCD3P2/jVvsfwAAABhG7v7fxS32PwAAAAwjd//v45Ym+1//7/3/+n/9/zz6/yv1//r/pSbb/3v//0b0//r/OT+//l//z3pT6/9z998UtzTZ/wAAANBB7v4/xC32PwAAAAwjd/8f4xb7HwAAAIaRu//muKXJ/tf/6/+H7P/39P/j9f/e/z/L/v9O+n/9/2r6f/3/nJ9f/6//Z72p9f+5+/8UtzTZ/wAAANBB7v4/xy32PwAAAAwjd/9f4hb7HwAAAIaRu/+vcUuT/a//1/8P2f97/7/+X/8/Gfp//f8q+n/9/5yfX/+v/2e9qfX/ufv/Frc02f8AAADQQe7+v8ct9j8AAAAMI3f/P+IW+x8AAACGkbv/n3FLk/2v/9f/6//1//p//f826f/n2/9fuThC/3/dQv+v/9f/6//1/5Sp9f+5+/8VtzTZ/wAAANBB7v5b4pal+///T+ipAAAAgOOUu//fcYs//wcAAIBh5O7/T9zSZP/r//X/+n/9v/5f/79N+v/59v/e/7+e/l//r//X/7Pa1Pr/3P3/DQAA///E7/7M")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc6081, 0xcc)
mmap(&(0x7f0000afc000/0x1000)=nil, 0x1000, 0x2000001, 0x4010933, r0, 0xb4b40000)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x82200, 0x0)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendfile(r1, r2, 0x0, 0x20fffe85)
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000140)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0xc, 0x0, &(0x7f0000000000))
creat(&(0x7f0000000040)='./bus\x00', 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002c80)={0x2020}, 0x1c93)

1.453245147s ago: executing program 2 (id=1734):
syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000002a40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xaf6, &(0x7f0000002b80)="$eJzs3V2IXFcdAPBzd3c2u2lrNjXRNY1tYrWt2m6azRqrQZOSIBiaIL4Uii8h3dZgjNAKaimY5Mk3W0oKPvmBT30pVQQLIqFPvhRsoAh5qoI+NEQs+FCjycjO3DNz78lM7s5md2Zn5/eDu2fuPefO/9zZO3fu17knACNrrPF3YWE2C+HCm68cef+Bf0wvTTnYKjHT+DtRGKuFELJ8fCJ5v/fGm+n1D1482SnNwnzjbxwPx6+25r0jhHA27AoXw0zYceHSy2/PP3Hs3NHzu9957cCVtVl6AAAYLd+4eGBh+1//fM/Wa6/feyhsak2P++czccJUc7//UL7jH/f/x0J5fCndejkJ0n7b0nHD0jA2XS463qFcMU4tKTfRIf7SMJlUodal3KZw6/jjhWmdlhuGWVyPZ0I2NhdC2NwaHxubm2sek4fGcf1kNnfm1Olnnh9QRYFV9+/7Qgi7CsPh8+Xx9TYcXAd1WOFQXwd1GMrhUP9iXas3DXyZ+zTUtwx6CwTQlF4vvMnZbFXjtd5tYnnxrz4+1nl+WAX9Xv97ij95U/zpvsYPA17+dRD/1+dscVg9G3VtissVv0d35uPpdYT0/qVX/1Cery290lGeml6PqC2znt2uIwzL9YVu9Rzvcz1Wqlv90/Vio/pKnsbP4aul3PtK35/0fzos/2Ogsw/T8/8GwxoOj70/+DoM/RBK47Xbea/6gLc/wPqV3jdXj9dHc5MV+Zsq8qcq8qcr8jdX5N9RkQ+j7Lff/2l4KWuf70qP6Xs9Hx7Ps92Vpx/psT7p+che46f3/fbqduOn9xPDevb7E08uPvb0U5ea9/9nrfX/Rr6+x8ONmfy7dTEvEM8XpufV43317YYD5fy03N1Jfe7qUL7xelu5XLat/T6hsJ25qR6z5fm2dCu3s1xuJik3nQ9TSX3T/ZPNyXxx/yNuV+PnNZEsby1ZjsmkHnG7sjVP03rASsT1sXH/f+GiVbz/P66fs6GWPXPq9OKj+XhcT/80Xtu0NH1vPysNrIq0/U97vNz+ZzaU2//c2ZpeGytuF7a0p2fN7cIb+fuVp8+34hSmF37U4u/ct8enG+XnTn7v9NOrvOww6p7/0QvfOXH69OJzXqz4xdfWRzV6eREPW9ZLfbzo9cWutQ4x4A0TsOb2/Li5E/DIqe+eeHbx2cUz+/bv3zc/v/9L+xZCY79+T3HvvujsAGoLrKbmb/2mxec81wMAAAAAAAAAAACGxg+OHrn07ltfvNxs/99u/xfb/8c7f2P7/58k7f/TdvKxHXxsB7i1Q36jTPKA1cmkXC0fPprUd1sSZ3sy38fytNWPX97+P4ZLn+sa6/PxZHqty2jyOIGbnpcymTyDJO0v8FN5ej5PfxVggLLOj/BP19sOz7fOPiys6/H5FIUmvHXPBx4e8f/WWBsKjzSK7b87PtepQ3tthks/WiwOehmBzv45Us///ld7wXuY7+GB13vUhon+xvtZ7+vERhnqXffSl9uDDcDqGHT/n38Pzbjx/OeZP359ammIxa4+Xt5eps8vhV785d3y+Hrvf3Kt46f99vU7/qCXv9/9f7b6v8u3f3G71337l/SYN7OyuP/5+ZXLhbBhx3Ljp8sfnwO9rbf41/L4cWkeDMuLX/9lEj+9ILRM/03ib15m/JuWf+fK4v8vjx8/tofuX278Zo2zsXI9ppPliNf/0vPG0fVk+eOzPW8R/5svdFr+FXbUeCOPD6NsWPqZ7VWyH9Haaa/q/7fX3//b7f+3VdmsXJn0Powv5ONxQxzvc0j7O+m1/vH+ivg7sD15/6zi903/v8Pty3la9X2I/f/G9XEm/8kvjDc+yzhe6/DZbtRtDQyr90bq+l+/hivNw6CVzT81+Pobehjq48sue7z1utVP3IDrX6/X1/aEVoWBBmfgn/+gjxMGHX/Qn3+VtP/fdB8+7f83zU/7/03z0/5/0/zp/D/ULT/t/zf9PNP+f7O04sn7pv0Dz1bkf6Iif0fn/Fb0eyrm31mR/8mK/N2t/IOlEjH/3lvO3y7X7f3vrsi/vyL/0xX5n6nIf6Ai/6FCfrEP6Jj/2WT+LMnf6GJ7lG6fH7Bxpe3zfP9hdMTrP92+/9va+ZPFIv2tJbAWXn197+GnfvOtmWb7/8nW+ZB4He9QPl7Lj41+mI+n171DYXwp7618/G9J/no/3wGjJH1+Rvr7/2BFPjC84n1evt8wgrKpzpPztOq5Vd328xkun8vTz+fpw3n6SJ7O5emePN2bp/N9qh9r4/AbvzvwUtY+3t+S5C/3fvK0PVDpOVEhhH3LrE96fqDX+9nT5/j16nbjr7A5GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMCMNf4uLMxmIVx485UjTx47tWdpysFWiZnG34nCWK01XwiP5ul4nv4if3H9gxdPFtMbeZqF+ZCFrDU9HL/ainRHCOFs2BUuhpmw48Kll9+ef+LYuaPnd7/z2oEra/cJAAAAwMb3/wAAAP//bhYJfg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x105042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x2, 0x11, r0, 0x0)
read(r0, &(0x7f0000001400)=""/4096, 0x1000)

1.452977307s ago: executing program 1 (id=1735):
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000780)='tasks\x00', 0x2, 0x0)
getsockopt$bt_BT_POWER(0xffffffffffffffff, 0x12, 0x4, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x10000005)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0b000000ff000000324900007f00000001"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r4}, &(0x7f0000000100)=0x7d8, &(0x7f0000000140)='%pi6   \x00'}, 0x20)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, 0x0, 0x44049)

61.294607ms ago: executing program 3 (id=1736):
socket$inet6_icmp(0xa, 0x2, 0x3a)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x1a1003)
r1 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$vhost_msg_v2(r1, &(0x7f0000000180)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
r2 = syz_open_procfs(0xffffffffffffffff, 0x0)
sendfile(r2, r2, &(0x7f0000000240)=0x3, 0x8f)
r3 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x28, &(0x7f0000000080)={@multicast1, @local}, 0xc)

0s ago: executing program 0 (id=1737):
r0 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x59, 0x4007, @fd, 0x2, 0x0, 0x0, 0x2, 0x0, {0x1}})
io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x30)
r3 = syz_open_dev$dvb_demux(&(0x7f0000000080), 0x0, 0x20000)
ioctl$DVB_DEMUX_DMX_SET_PES_FILTER(r3, 0x40146f2c, &(0x7f0000000000)={0xfff, 0x0, 0x3, 0x5, 0x4})
ioctl$DVB_DEMUX_DMX_ADD_PID(r3, 0x40026f33, &(0x7f00000000c0)=0x7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x180)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000080)=[{0x5, 0xe, 0x0, 0x8}]}, 0x8)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=r4])
ioctl$DVB_DEMUX_DMX_START(r3, 0x6f29)

kernel console output (not intermixed with test programs):

 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  404.153587][ T4317] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  404.179587][ T4317] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.353487][ T4641] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  404.376255][ T4641] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  404.394373][ T4641] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  404.427335][ T4641] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  404.455686][ T4641] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.708323][ T4641] usb 3-1: GET_CAPABILITIES returned 0
[  404.714464][ T4641] usbtmc 3-1:16.0: can't read capabilities
[  404.951466][ T4641] usb 3-1: USB disconnect, device number 49
[  406.948332][ T7961] loop3: detected capacity change from 0 to 2048
[  407.002070][ T7961] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  407.616315][ T4317] usb 1-1: usb_control_msg returned -71
[  407.622094][ T4317] usbtmc 1-1:16.0: can't read capabilities
[  407.941678][ T4317] usb 1-1: USB disconnect, device number 29
[  408.104240][ T7969] device syzkaller0 entered promiscuous mode
[  410.199334][ T7984] netlink: 40 bytes leftover after parsing attributes in process `syz.3.958'.
[  410.426183][ T4641] hid-generic 0000:0000:0000.0029: unknown main item tag 0x0
[  410.466611][ T4641] hid-generic 0000:0000:0000.0029: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  410.728574][ T4644] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  411.358848][ T4644] usb 2-1: config 0 has no interfaces?
[  411.365286][ T4644] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  411.428668][ T4644] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  411.436717][ T4644] usb 2-1: SerialNumber: syz
[  411.502088][ T4644] usb 2-1: config 0 descriptor??
[  413.452981][ T8014] loop2: detected capacity change from 0 to 32768
[  413.463202][ T8014] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 12
[  414.484681][ T8018] device syzkaller0 entered promiscuous mode
[  415.209273][ T4939] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 12
[  415.269774][   T26] audit: type=1326 audit(1774639873.854:5): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=8019 comm="syz.2.968" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f03d899c799 code=0x0
[  416.799578][ T4646] usb 2-1: USB disconnect, device number 52
[  416.958484][ T4641] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  418.319506][ T4641] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  418.354992][ T4641] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  418.375412][ T4641] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  418.392838][ T4641] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.417902][ T4641] usb 1-1: config 0 descriptor??
[  418.800089][ T8034] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  418.920466][ T8034] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  418.965118][ T4641] usbhid 1-1:0.0: can't add hid device: -71
[  418.978874][ T4641] usbhid: probe of 1-1:0.0 failed with error -71
[  419.037290][ T4641] usb 1-1: USB disconnect, device number 30
[  419.478741][ T8055] loop3: detected capacity change from 0 to 2048
[  419.649268][ T8059] netlink: 40 bytes leftover after parsing attributes in process `syz.1.977'.
[  419.698298][ T4641] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  419.889818][ T4641] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  419.955490][ T4641] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  419.995976][ T4641] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  420.128033][ T8062] loop4: detected capacity change from 0 to 32768
[  420.149734][ T8062] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 12
[  420.296244][ T4641] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.006298][ T4641] usb 1-1: config 0 descriptor??
[  421.032304][ T4641] usb 1-1: can't set config #0, error -71
[  421.087883][ T4641] usb 1-1: USB disconnect, device number 31
[  421.126224][ T8068] device syzkaller0 entered promiscuous mode
[  421.147580][ T4939] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 12
[  421.457988][ T8055] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  421.490006][ T8052] syz.2.979 (8052): drop_caches: 2
[  421.798493][ T8080] netlink: 40 bytes leftover after parsing attributes in process `syz.1.984'.
[  422.509925][ T8080] binder: 8079:8080 ioctl c0105872 200000000080 returned -22
[  422.525087][ T8080] binder: 8079:8080 ioctl c0306201 200000000180 returned -22
[  423.928581][ T7920] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  423.968455][ T4317] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  424.145927][ T7920] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  424.159956][ T4317] usb 3-1: config 0 has no interfaces?
[  424.176126][ T7920] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  424.176454][ T4317] usb 3-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  424.195977][ T7920] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  424.234901][ T7920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.247070][ T4317] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.267380][ T7920] usb 1-1: config 0 descriptor??
[  424.274896][ T4317] usb 3-1: Product: syz
[  424.288991][ T4317] usb 3-1: Manufacturer: syz
[  424.295872][ T4317] usb 3-1: SerialNumber: syz
[  424.336899][ T4317] usb 3-1: config 0 descriptor??
[  424.490082][ T8101] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  424.521309][ T8101] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  424.545082][ T7920] usbhid 1-1:0.0: can't add hid device: -71
[  424.713427][ T7920] usbhid: probe of 1-1:0.0 failed with error -71
[  424.938592][ T7920] usb 1-1: USB disconnect, device number 32
[  425.049838][ T4317] usb 3-1: USB disconnect, device number 50
[  426.549530][ T7920] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  426.883835][ T8123] loop0: detected capacity change from 0 to 2048
[  427.016544][ T8123] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  427.026969][ T7920] usb 1-1: device not accepting address 33, error -71
[  427.619313][ T8130] netlink: 36 bytes leftover after parsing attributes in process `syz.2.999'.
[  429.832676][ T8146] loop4: detected capacity change from 0 to 32768
[  429.843118][ T8146] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 12
[  431.890010][ T4939] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 12
[  431.983896][ T8134] syz.3.1001 (8134): drop_caches: 2
[  432.138307][ T4641] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  432.348441][ T4641] usb 5-1: Using ep0 maxpacket: 32
[  432.355785][ T4641] usb 5-1: config 0 has an invalid interface number: 188 but max is 0
[  432.420256][ T4641] usb 5-1: config 0 has no interface number 0
[  432.426533][ T4641] usb 5-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  432.472194][ T4641] usb 5-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  432.505370][ T4641] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  432.532618][ T4641] usb 5-1: Product: syz
[  432.542683][ T8165] input: syz0 as /devices/virtual/input/input32
[  432.552474][ T4641] usb 5-1: Manufacturer: syz
[  432.557086][ T4641] usb 5-1: SerialNumber: syz
[  432.639070][ T4641] usb 5-1: config 0 descriptor??
[  432.645510][ T8155] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  432.868810][ T8155] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  432.882394][ T8171] loop3: detected capacity change from 0 to 2048
[  432.922061][ T8171] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  433.136158][ T4641] asix 5-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  433.194325][ T4641] asix: probe of 5-1:0.188 failed with error -61
[  435.091884][ T7920] usb 5-1: USB disconnect, device number 36
[  435.390140][ T8193] loop0: detected capacity change from 0 to 32768
[  435.416412][ T8193] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  435.426934][ T8193] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  435.435780][ T8193] BTRFS info (device loop0): enabling disk space caching
[  435.442941][ T8193] BTRFS info (device loop0): force clearing of disk cache
[  435.450156][ T8193] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  435.459691][ T8193] BTRFS info (device loop0): use zstd compression, level 3
[  435.467021][ T8193] BTRFS info (device loop0): disk space caching is enabled
[  435.605880][ T8193] BTRFS info (device loop0): enabling ssd optimizations
[  435.616181][ T8193] BTRFS info (device loop0): rebuilding free space tree
[  435.627466][ T8193] BTRFS info (device loop0): disabling free space tree
[  435.634529][ T8193] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  435.644220][ T8193] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  435.768531][ T7920] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  435.982806][ T7920] usb 5-1: no configurations
[  435.988447][ T7920] usb 5-1: can't read configurations, error -22
[  436.316575][ T4269] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  436.623629][ T4939] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 12 /dev/loop0 scanned by udevd (4939)
[  436.635888][ T7920] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  436.849080][ T7920] usb 5-1: no configurations
[  436.853753][ T7920] usb 5-1: can't read configurations, error -22
[  436.890646][ T7920] usb usb5-port1: attempt power cycle
[  437.259925][ T8233] loop2: detected capacity change from 0 to 2048
[  437.328391][ T7920] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  438.869369][ T7920] usb 5-1: device descriptor read/8, error -71
[  438.909202][ T8233] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  438.921737][ T8233] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  439.004077][ T8229] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1019'.
[  439.224550][ T8239] input: syz0 as /devices/virtual/input/input33
[  439.306227][ T4267] EXT4-fs (loop2): unmounting filesystem.
[  440.340959][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  440.350613][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  440.488362][ T8215] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  440.678407][ T8215] usb 3-1: Using ep0 maxpacket: 16
[  440.685597][ T8215] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  440.747736][ T8215] usb 3-1: config 0 interface 0 has no altsetting 0
[  440.778512][ T8215] usb 3-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  440.828269][ T8215] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  440.867631][ T8215] usb 3-1: config 0 descriptor??
[  441.245345][ T8262] device syzkaller0 entered promiscuous mode
[  441.268450][ T7920] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  441.322337][ T8215] nzxt-smart2 0003:1E71:2009.002A: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.2-1/input0
[  441.548329][ T7920] usb 4-1: Using ep0 maxpacket: 32
[  441.562269][ T7920] usb 4-1: config 0 has an invalid interface number: 188 but max is 0
[  441.621495][ T7920] usb 4-1: config 0 has no interface number 0
[  441.647124][ T7920] usb 4-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  441.697926][ T7920] usb 4-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  441.723578][ T7920] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  441.728978][ T8215] usb 3-1: USB disconnect, device number 51
[  441.750933][ T7920] usb 4-1: Product: syz
[  442.528762][ T7920] usb 4-1: Manufacturer: syz
[  442.533818][ T7920] usb 4-1: SerialNumber: syz
[  442.610631][ T7920] usb 4-1: config 0 descriptor??
[  442.618931][ T8254] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  442.844518][ T8254] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  443.084764][ T7920] asix 4-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  443.158555][ T7920] asix: probe of 4-1:0.188 failed with error -61
[  444.623319][ T4317] usb 4-1: USB disconnect, device number 44
[  445.017670][ T8296] device syzkaller0 entered promiscuous mode
[  446.078674][ T8300] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1039'.
[  447.868392][ T7920] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  448.068419][ T7920] usb 4-1: Using ep0 maxpacket: 32
[  448.080757][ T7920] usb 4-1: config 0 has an invalid interface number: 188 but max is 0
[  448.122396][ T7920] usb 4-1: config 0 has no interface number 0
[  448.165497][ T7920] usb 4-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  448.226145][ T7920] usb 4-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  448.264967][ T7920] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.322203][ T7920] usb 4-1: Product: syz
[  448.335987][ T7920] usb 4-1: Manufacturer: syz
[  448.356344][ T7920] usb 4-1: SerialNumber: syz
[  448.377166][ T7920] usb 4-1: config 0 descriptor??
[  448.383138][ T8322] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  448.600343][ T8322] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  448.745966][ T8321] loop1: detected capacity change from 0 to 40427
[  448.772486][ T8321] F2FS-fs (loop1): build fault injection attr: rate: 174, type: 0x3ffff
[  448.809866][ T7920] asix 4-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  448.828426][ T7920] asix: probe of 4-1:0.188 failed with error -61
[  449.258369][ T7920] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  449.460101][ T7920] usb 2-1: config 0 has no interfaces?
[  449.473496][ T7920] usb 2-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  449.484234][ T4283] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  449.498045][ T4283] CPU: 0 PID: 4283 Comm: kworker/u5:5 Not tainted syzkaller #0
[  449.505659][ T4283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  449.515728][ T4283] Workqueue: hci3 hci_rx_work
[  449.520434][ T4283] Call Trace:
[  449.523720][ T4283]  <TASK>
[  449.526665][ T4283]  dump_stack_lvl+0x188/0x24e
[  449.531383][ T4283]  ? show_regs_print_info+0x12/0x12
[  449.536601][ T4283]  ? load_image+0x400/0x400
[  449.541125][ T4283]  sysfs_create_dir_ns+0x26a/0x290
[  449.546260][ T4283]  ? sysfs_warn_dup+0xa0/0xa0
[  449.550963][ T4283]  ? do_raw_spin_unlock+0x11d/0x230
[  449.556153][ T4283]  kobject_add_internal+0x61c/0xcc0
[  449.561388][ T4283]  kobject_add+0x160/0x230
[  449.565799][ T4283]  ? kobject_init+0x1d0/0x1d0
[  449.570490][ T4283]  ? klist_children_get+0x50/0x50
[  449.575624][ T4283]  ? get_device_parent+0x121/0x3f0
[  449.580850][ T4283]  device_add+0x483/0xfb0
[  449.585301][ T4283]  ? kmem_cache_free+0xf7/0x290
[  449.590158][ T4283]  hci_conn_add_sysfs+0xd1/0x1e0
[  449.595102][ T4283]  le_conn_complete_evt+0x1062/0x1670
[  449.600497][ T4283]  ? hci_le_big_info_adv_report_evt+0x2f0/0x2f0
[  449.606763][ T4283]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  449.612411][ T4283]  ? skb_pull_data+0xf7/0x200
[  449.617130][ T4283]  hci_le_conn_complete_evt+0x183/0x440
[  449.622700][ T4283]  ? hci_remote_host_features_evt+0x270/0x270
[  449.628794][ T4283]  hci_event_packet+0x7b9/0x1280
[  449.633779][ T4283]  ? bis_list+0x280/0x280
[  449.638122][ T4283]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  449.644112][ T4283]  ? kcov_remote_start+0x4c7/0x7e0
[  449.649348][ T4283]  ? sync_thread_master+0x620/0x10b0
[  449.654646][ T4283]  ? hci_send_to_monitor+0x9c/0x4a0
[  449.659862][ T4283]  hci_rx_work+0x3eb/0xd40
[  449.664360][ T4283]  ? _raw_spin_unlock+0x40/0x40
[  449.669326][ T4283]  ? process_one_work+0x7b0/0x1160
[  449.674459][ T4283]  process_one_work+0x8a2/0x1160
[  449.679417][ T4283]  ? worker_detach_from_pool+0x240/0x240
[  449.685154][ T4283]  ? _raw_spin_lock_irq+0xb7/0xf0
[  449.690360][ T4283]  ? _raw_spin_lock_irqsave+0x100/0x100
[  449.695919][ T4283]  ? kthread_data+0x4b/0xc0
[  449.700534][ T4283]  worker_thread+0xaa2/0x1270
[  449.705367][ T4283]  kthread+0x29d/0x330
[  449.709566][ T4283]  ? worker_clr_flags+0x1a0/0x1a0
[  449.714786][ T4283]  ? kthread_blkcg+0xd0/0xd0
[  449.719426][ T4283]  ret_from_fork+0x1f/0x30
[  449.723945][ T4283]  </TASK>
[  449.738456][ T4283] kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  449.752032][ T4283] Bluetooth: hci3: failed to register connection device
[  449.774660][ T7920] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  449.818629][ T7920] usb 2-1: Product: syz
[  449.838657][ T7920] usb 2-1: Manufacturer: syz
[  449.852371][ T7920] usb 2-1: SerialNumber: syz
[  449.864693][ T8353] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1057'.
[  449.881378][ T7920] usb 2-1: config 0 descriptor??
[  449.892725][ T8353] binder: 8352:8353 ioctl c0105872 200000000080 returned -22
[  449.911026][ T8353] binder: 8352:8353 ioctl c0306201 200000000180 returned -22
[  450.357463][ T4317] usb 2-1: USB disconnect, device number 53
[  450.498468][ T7920] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  450.621722][ T8216] usb 4-1: USB disconnect, device number 45
[  450.698945][ T7920] usb 5-1: no configurations
[  450.703625][ T7920] usb 5-1: can't read configurations, error -22
[  450.858296][ T7920] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  451.049669][ T7920] usb 5-1: no configurations
[  451.054691][ T7920] usb 5-1: can't read configurations, error -22
[  451.067719][ T7920] usb usb5-port1: attempt power cycle
[  451.478322][ T7920] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  451.520292][ T7920] usb 5-1: no configurations
[  451.525015][ T7920] usb 5-1: can't read configurations, error -22
[  451.688295][ T7920] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  451.719614][ T7920] usb 5-1: no configurations
[  451.724411][ T7920] usb 5-1: can't read configurations, error -22
[  451.739601][ T7920] usb usb5-port1: unable to enumerate USB device
[  451.881422][ T8381] loop1: detected capacity change from 0 to 32768
[  451.895663][ T8381] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  453.466488][ T4939] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  454.288312][ T7920] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  454.489784][ T7920] usb 1-1: config 0 has no interfaces?
[  454.497507][ T7920] usb 1-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  454.551538][ T7920] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.575784][ T7920] usb 1-1: Product: syz
[  454.608311][ T7920] usb 1-1: Manufacturer: syz
[  454.613041][ T7920] usb 1-1: SerialNumber: syz
[  454.632314][ T7920] usb 1-1: config 0 descriptor??
[  454.966525][ T8415] loop2: detected capacity change from 0 to 2048
[  456.712844][ T8415] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  456.748773][ T8415] ext4 filesystem being mounted at /234/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  457.072745][ T4267] EXT4-fs (loop2): unmounting filesystem.
[  457.234869][ T7920] usb 1-1: USB disconnect, device number 35
[  459.178266][ T7920] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  459.178351][ T8216] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  460.069434][ T8216] usb 1-1: no configurations
[  460.069827][ T7920] usb 2-1: config 0 has no interfaces?
[  460.074209][ T8216] usb 1-1: can't read configurations, error -22
[  460.108533][ T7920] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  460.127904][ T7920] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  460.167791][ T7920] usb 2-1: config 0 descriptor??
[  460.228279][ T8216] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  460.415544][ T8440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  460.424620][ T8216] usb 1-1: no configurations
[  460.431398][ T8216] usb 1-1: can't read configurations, error -22
[  460.435208][ T8440] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  460.458489][ T8216] usb usb1-port1: attempt power cycle
[  460.464865][ T8440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  460.480776][ T8440] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  460.501788][ T7920] usb 2-1: USB disconnect, device number 54
[  460.888337][ T8216] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  460.919653][ T8216] usb 1-1: no configurations
[  460.924361][ T8216] usb 1-1: can't read configurations, error -22
[  461.088414][ T8216] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  461.109274][ T7920] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  461.119217][ T8456] loop4: detected capacity change from 0 to 128
[  461.128276][ T8456] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  461.287097][ T8456] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  461.508395][ T7920] usb 2-1: Using ep0 maxpacket: 8
[  461.744832][ T7920] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  461.854596][ T8214] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  461.865090][ T8216] usb 1-1: no configurations
[  461.874585][ T8216] usb 1-1: can't read configurations, error -22
[  461.885883][ T7920] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  461.913000][ T8216] usb usb1-port1: unable to enumerate USB device
[  461.960329][ T7920] usb 2-1: string descriptor 0 read error: -71
[  461.967196][ T7920] usb 2-1: New USB device found, idVendor=046d, idProduct=0900, bcdDevice=66.9e
[  462.145603][ T8458] loop1: detected capacity change from 0 to 32768
[  462.157661][ T8458] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  462.180463][ T8214] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  462.237686][ T8214] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  462.247784][ T8214] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  462.257721][ T8214] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  462.358828][ T8214] usb 3-1: config 0 descriptor??
[  462.378914][ T7920] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  462.563092][ T7920] usb 2-1: config 0 descriptor??
[  462.571905][ T8454] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  462.587723][    T9] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  462.587763][ T7920] usb 2-1: can't set config #0, error -71
[  462.612500][ T8454] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  462.678948][   T26] audit: type=1326 audit(1774639921.954:6): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=8459 comm="syz.0.1089" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe548f9c799 code=0x0
[  463.353515][ T8214] usbhid 3-1:0.0: can't add hid device: -71
[  463.379244][ T8214] usbhid: probe of 3-1:0.0 failed with error -71
[  463.406643][ T8214] usb 3-1: USB disconnect, device number 52
[  463.465675][ T7920] usb 2-1: USB disconnect, device number 55
[  463.525752][ T8469] tipc: Enabling of bearer <eth:syzkal> rejected, failed to enable media
[  463.546986][ T8469] device syzkaller0 entered promiscuous mode
[  463.808443][ T4317] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  463.958426][ T8217] usb 5-1: new full-speed USB device number 45 using dummy_hcd
[  464.059764][ T4317] usb 1-1: config 0 has no interfaces?
[  464.744198][ T4317] usb 1-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  464.757653][ T4317] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.788318][ T4317] usb 1-1: Product: syz
[  464.792545][ T4317] usb 1-1: Manufacturer: syz
[  464.815698][ T4317] usb 1-1: SerialNumber: syz
[  464.824733][ T4317] usb 1-1: config 0 descriptor??
[  464.925909][ T8217] usb 5-1: unable to get BOS descriptor or descriptor too short
[  464.955397][ T8217] usb 5-1: not running at top speed; connect to a high speed hub
[  464.994615][ T8217] usb 5-1: config 5 has an invalid interface number: 246 but max is 0
[  465.029212][ T8217] usb 5-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  465.425015][ T4317] usb 1-1: USB disconnect, device number 40
[  465.449434][ T8493] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1097'.
[  465.464145][ T8217] usb 5-1: config 5 has no interface number 0
[  465.498499][ T8217] usb 5-1: config 5 interface 246 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  465.575157][ T8217] usb 5-1: config 5 interface 246 has no altsetting 0
[  465.620537][ T8217] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=f5.e4
[  465.676288][ T8217] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.741517][ T8217] usb 5-1: Product: syz
[  465.745787][ T8217] usb 5-1: Manufacturer: syz
[  465.812262][ T8217] usb 5-1: SerialNumber: syz
[  466.159297][ T8217] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  466.172573][ T4655] usb 5-1: Failed to submit usb control message: -71
[  466.181062][ T4655] usb 5-1: unable to send the bmi data to the device: -71
[  467.361777][ T8217] usb 5-1: USB disconnect, device number 45
[  467.388297][ T4655] usb 5-1: unable to get target info from device
[  467.408365][ T8214] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  467.409137][ T4655] usb 5-1: could not get target info (-71)
[  467.433338][ T4655] usb 5-1: could not probe fw (-71)
[  467.485104][ T8351] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[  467.857869][ T8518] loop1: detected capacity change from 0 to 32768
[  467.877005][ T8518] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  467.889156][ T8214] usb 4-1: unable to read config index 0 descriptor/start: -61
[  467.900096][ T8214] usb 4-1: can't read configurations, error -61
[  468.128358][ T8214] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  468.225007][ T4939] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  468.321630][ T8214] usb 4-1: unable to read config index 0 descriptor/start: -61
[  468.336412][ T8214] usb 4-1: can't read configurations, error -61
[  468.352219][ T8214] usb usb4-port1: attempt power cycle
[  468.788323][ T8214] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  468.840888][ T8214] usb 4-1: unable to read config index 0 descriptor/start: -61
[  468.852440][ T8214] usb 4-1: can't read configurations, error -61
[  469.038309][ T8214] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  469.078801][ T8214] usb 4-1: device descriptor read/8, error -71
[  469.211146][ T8214] usb usb4-port1: unable to enumerate USB device
[  470.028444][   T26] audit: type=1326 audit(1774639928.574:7): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=8522 comm="syz.2.1104" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f03d899c799 code=0x0
[  470.138388][ T8531] loop4: detected capacity change from 0 to 64
[  470.171890][ T8530] device veth1_to_bridge entered promiscuous mode
[  470.194823][ T8530] device veth1_to_bridge left promiscuous mode
[  470.246340][ T8521] loop1: detected capacity change from 0 to 32768
[  470.282745][ T8521] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  470.337287][ T8521] JBD2: Ignoring recovery information on journal
[  470.369824][ T8534] loop4: detected capacity change from 0 to 64
[  470.388364][ T8214] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  470.441659][ T8521] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  470.567986][ T8543] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1110'.
[  470.600537][ T8214] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  470.636733][ T8214] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  470.673439][ T8214] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  470.696746][ T8545] loop0: detected capacity change from 0 to 2048
[  470.703204][ T8214] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.714752][ T8214] usb 4-1: config 0 descriptor??
[  470.747830][ T4268] ocfs2: Unmounting device (7,1) on (node local)
[  470.861189][ T8545] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  470.890255][ T8545] ext4 filesystem being mounted at /202/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  470.941821][ T8526] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  470.998625][ T8526] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  471.011944][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  471.066029][ T8214] usbhid 4-1:0.0: can't add hid device: -71
[  471.078663][ T8214] usbhid: probe of 4-1:0.0 failed with error -71
[  471.166942][ T8214] usb 4-1: USB disconnect, device number 50
[  472.118929][ T8563] loop4: detected capacity change from 0 to 32768
[  472.127019][ T8563] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 12
[  472.980822][   T26] audit: type=1326 audit(1774639931.754:8): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=8566 comm="syz.2.1117" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f03d899c799 code=0x0
[  473.278375][ T4951] I/O error, dev loop4, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  474.712590][ T8351] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  474.724229][ T8351] CPU: 0 PID: 8351 Comm: kworker/u5:0 Not tainted syzkaller #0
[  474.731814][ T8351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  474.741965][ T8351] Workqueue: hci4 hci_rx_work
[  474.746679][ T8351] Call Trace:
[  474.749979][ T8351]  <TASK>
[  474.752916][ T8351]  dump_stack_lvl+0x188/0x24e
[  474.757598][ T8351]  ? show_regs_print_info+0x12/0x12
[  474.762807][ T8351]  ? load_image+0x400/0x400
[  474.767325][ T8351]  sysfs_create_dir_ns+0x26a/0x290
[  474.772453][ T8351]  ? sysfs_warn_dup+0xa0/0xa0
[  474.777222][ T8351]  ? do_raw_spin_unlock+0x11d/0x230
[  474.782440][ T8351]  kobject_add_internal+0x61c/0xcc0
[  474.787658][ T8351]  kobject_add+0x160/0x230
[  474.792091][ T8351]  ? kobject_init+0x1d0/0x1d0
[  474.796768][ T8351]  ? klist_children_get+0x50/0x50
[  474.801799][ T8351]  ? get_device_parent+0x121/0x3f0
[  474.806934][ T8351]  device_add+0x483/0xfb0
[  474.811292][ T8351]  ? kmem_cache_free+0xf7/0x290
[  474.816248][ T8351]  hci_conn_add_sysfs+0xd1/0x1e0
[  474.821234][ T8351]  le_conn_complete_evt+0x1062/0x1670
[  474.826618][ T8351]  ? hci_le_big_info_adv_report_evt+0x2f0/0x2f0
[  474.832967][ T8351]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  474.838800][ T8351]  ? skb_pull_data+0xf7/0x200
[  474.843482][ T8351]  hci_le_conn_complete_evt+0x183/0x440
[  474.849030][ T8351]  ? hci_remote_host_features_evt+0x270/0x270
[  474.855095][ T8351]  hci_event_packet+0x7b9/0x1280
[  474.860119][ T8351]  ? bis_list+0x280/0x280
[  474.864567][ T8351]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  474.870469][ T8351]  ? kcov_remote_start+0x4c7/0x7e0
[  474.875580][ T8351]  ? sync_thread_master+0x620/0x10b0
[  474.880864][ T8351]  ? hci_send_to_monitor+0x9c/0x4a0
[  474.886066][ T8351]  hci_rx_work+0x3eb/0xd40
[  474.890477][ T8351]  ? _raw_spin_unlock+0x40/0x40
[  474.895427][ T8351]  ? process_one_work+0x7b0/0x1160
[  474.900648][ T8351]  process_one_work+0x8a2/0x1160
[  474.905600][ T8351]  ? worker_detach_from_pool+0x240/0x240
[  474.911234][ T8351]  ? _raw_spin_lock_irq+0xb7/0xf0
[  474.916336][ T8351]  ? _raw_spin_lock_irqsave+0x100/0x100
[  474.921897][ T8351]  ? kthread_data+0x4b/0xc0
[  474.926443][ T8351]  worker_thread+0xaa2/0x1270
[  474.931130][ T8351]  ? __kthread_parkme+0x162/0x1c0
[  474.936249][ T8351]  kthread+0x29d/0x330
[  474.940320][ T8351]  ? worker_clr_flags+0x1a0/0x1a0
[  474.945354][ T8351]  ? kthread_blkcg+0xd0/0xd0
[  474.950055][ T8351]  ret_from_fork+0x1f/0x30
[  474.954528][ T8351]  </TASK>
[  474.959984][ T8351] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  474.973280][ T8351] Bluetooth: hci4: failed to register connection device
[  476.214251][ T8612] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1127'.
[  476.768739][ T8620] loop4: detected capacity change from 0 to 32768
[  476.784687][ T8620] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 12
[  477.991142][ T4939] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 12
[  478.107649][ T8631] loop2: detected capacity change from 0 to 2048
[  478.280640][ T8631] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  480.976230][ T8670] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1143'.
[  481.218314][ T7920] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  481.430011][ T7920] usb 5-1: config 0 has no interfaces?
[  481.440436][ T7920] usb 5-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  481.464249][ T7920] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  481.475505][ T7920] usb 5-1: Product: syz
[  481.582472][ T7920] usb 5-1: Manufacturer: syz
[  482.468398][ T7920] usb 5-1: SerialNumber: syz
[  482.496900][ T7920] usb 5-1: config 0 descriptor??
[  482.852238][ T8679] loop0: detected capacity change from 0 to 32768
[  482.882843][ T8679] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  482.893164][ T8679] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  482.902619][ T8679] BTRFS info (device loop0): enabling disk space caching
[  482.909885][ T8679] BTRFS info (device loop0): force clearing of disk cache
[  482.917098][ T8679] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  482.926526][ T8679] BTRFS info (device loop0): use zstd compression, level 3
[  482.933867][ T8679] BTRFS info (device loop0): disk space caching is enabled
[  483.008307][ T8214] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  483.097852][ T8679] BTRFS info (device loop0): enabling ssd optimizations
[  483.106925][ T8679] BTRFS info (device loop0): rebuilding free space tree
[  483.129738][ T8679] BTRFS info (device loop0): disabling free space tree
[  483.136689][ T8679] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  483.146480][ T8679] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  483.250292][ T4641] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  483.289683][ T8214] usb 3-1: config 0 has no interfaces?
[  483.295293][ T8214] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  483.502522][ T8214] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.535639][ T8214] usb 3-1: config 0 descriptor??
[  483.598283][ T4641] usb 2-1: Using ep0 maxpacket: 16
[  483.605255][ T4641] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[  483.691807][ T4641] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  483.723068][ T4641] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  483.723392][ T7920] usb 5-1: USB disconnect, device number 46
[  483.741757][ T4641] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  483.755621][ T4641] usb 2-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  483.768097][ T4641] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.806323][ T4269] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  483.822155][ T4641] usb 2-1: config 0 descriptor??
[  483.857639][ T8677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  483.879732][ T8677] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  483.907399][ T8677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  483.984024][ T8677] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  484.745188][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  484.778481][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  484.788891][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  484.828565][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  484.866743][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  484.873784][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.058714][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.074662][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.082079][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.095200][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.102433][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.115244][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.122400][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.134868][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.142311][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.162471][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.193673][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.213339][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.228388][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.239402][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.246974][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.254035][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.261177][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.268039][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.274865][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.281941][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.289220][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.295996][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.303369][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.310564][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.317356][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.324533][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.331756][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.338962][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.345787][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.353168][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.362834][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.370391][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.377197][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.384472][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.391551][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.398743][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.405502][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.412771][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.419962][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.426770][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.435296][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.442726][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.449923][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.456648][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.463997][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.471084][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.477960][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.485362][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.492660][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.499997][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.507102][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.514497][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.521853][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.528984][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.535965][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.543400][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.550657][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.557513][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.564865][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.572303][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.579431][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.586434][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.593786][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.601099][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.608040][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.615668][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.623233][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.630396][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.637304][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.644516][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.651806][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.658992][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.665948][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.673145][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.680334][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.687268][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.694623][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.702066][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.709205][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.716029][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.723408][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.730518][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.737379][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.744825][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.752040][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.759175][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.776210][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.787631][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.801369][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.828342][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.835421][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.867820][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.886327][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.893724][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.901598][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.908653][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.915621][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.923108][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.930386][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.937220][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.944473][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.951579][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.958703][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.965564][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.972837][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.979897][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.986793][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  485.998047][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.009188][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.016041][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.023334][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.030477][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.037333][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.060456][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.078929][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.085777][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.111202][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.133239][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.148872][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.155820][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.165028][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.172339][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.179493][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.337322][ T8723] loop2: detected capacity change from 0 to 32768
[  486.345288][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.352145][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.359091][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.367076][ T8723] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 scanned by syz.2.1155 (8723)
[  486.379916][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.386873][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.393692][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.400537][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.407271][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.414217][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.421002][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.427751][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.434641][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.441457][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.448265][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.455005][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.461783][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.468596][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.475319][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.482140][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.489056][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.495802][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.502864][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.509654][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.516376][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.523127][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.529972][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.536703][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.543469][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.550399][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.557205][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.563953][ T4641] kye 0003:0458:5013.002B: unknown main item tag 0x0
[  486.571814][ T4641] kye 0003:0458:5013.002B: hidraw0: USB HID vff.fa Device [HID 0458:5013] on usb-dummy_hcd.1-1/input0
[  486.582859][ T4641] kye 0003:0458:5013.002B: tablet-enabling feature report not found
[  486.590901][ T4641] kye 0003:0458:5013.002B: tablet enabling failed
[  486.602434][ T4641] usb 2-1: USB disconnect, device number 56
[  486.700664][ T8726] fido_id[8726]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  486.726210][ T8727] usb 3-1: USB disconnect, device number 53
[  486.767578][ T8723] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  486.778046][ T8723] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  486.786834][ T8723] BTRFS info (device loop2): enabling disk space caching
[  486.793993][ T8723] BTRFS info (device loop2): force clearing of disk cache
[  486.801547][ T8723] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  486.810958][ T8723] BTRFS info (device loop2): use zstd compression, level 3
[  486.818306][ T8723] BTRFS info (device loop2): disk space caching is enabled
[  487.464729][ T8723] BTRFS info (device loop2): enabling ssd optimizations
[  487.472759][ T8723] BTRFS info (device loop2): rebuilding free space tree
[  487.484337][ T8723] BTRFS info (device loop2): disabling free space tree
[  487.491366][ T8723] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  487.501122][ T8723] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  487.590694][ T8763] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1157'.
[  487.900072][ T4267] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  490.818716][ T7919] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  491.408353][ T8727] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  491.439814][ T7919] usb 1-1: config 0 has no interfaces?
[  491.447499][ T7919] usb 1-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  491.458519][ T7919] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  491.468545][ T7919] usb 1-1: Product: syz
[  491.473954][ T7919] usb 1-1: Manufacturer: syz
[  491.485485][ T7919] usb 1-1: SerialNumber: syz
[  491.513788][ T7919] usb 1-1: config 0 descriptor??
[  491.598328][ T8727] usb 2-1: Using ep0 maxpacket: 32
[  491.605708][ T8727] usb 2-1: config 0 has an invalid interface number: 188 but max is 0
[  491.643262][ T8727] usb 2-1: config 0 has no interface number 0
[  491.651525][ T8727] usb 2-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  491.680764][ T8727] usb 2-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  491.703182][ T8727] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  491.726177][ T8727] usb 2-1: Product: syz
[  491.776970][ T7919] usb 1-1: USB disconnect, device number 41
[  491.781613][ T8727] usb 2-1: Manufacturer: syz
[  491.787742][ T8727] usb 2-1: SerialNumber: syz
[  491.801959][ T8727] usb 2-1: config 0 descriptor??
[  491.807742][ T8793] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  492.046673][ T8793] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  492.869959][ T8727] asix 2-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  492.906633][ T8727] asix: probe of 2-1:0.188 failed with error -32
[  494.147660][ T7919] usb 2-1: USB disconnect, device number 57
[  494.424780][ T8823] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1170'.
[  494.854892][ T8833] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1174'.
[  495.384645][ T8836] loop3: detected capacity change from 0 to 2048
[  497.037924][ T8836] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  497.047914][ T8836] ext4 filesystem being mounted at /244/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  497.684045][ T4282] EXT4-fs (loop3): unmounting filesystem.
[  498.338530][ T7917] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  498.540191][ T7917] usb 2-1: config 0 has no interfaces?
[  498.549184][ T7917] usb 2-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  498.580179][ T7917] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.604830][ T7917] usb 2-1: Product: syz
[  498.609863][ T7917] usb 2-1: Manufacturer: syz
[  498.614807][ T7917] usb 2-1: SerialNumber: syz
[  498.656034][ T7917] usb 2-1: config 0 descriptor??
[  500.118128][ T7917] usb 2-1: USB disconnect, device number 58
[  500.975503][ T8879] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1188'.
[  501.699901][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  501.706282][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  503.440074][ T8906] loop0: detected capacity change from 0 to 32768
[  503.455889][ T8906] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz.0.1196 (8906)
[  503.471203][ T8906] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  503.481485][ T8906] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  503.490400][ T8906] BTRFS info (device loop0): enabling disk space caching
[  503.497451][ T8906] BTRFS info (device loop0): force clearing of disk cache
[  503.504656][ T8906] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  503.514120][ T8906] BTRFS info (device loop0): use zstd compression, level 3
[  503.521499][ T8906] BTRFS info (device loop0): disk space caching is enabled
[  503.826066][ T8906] BTRFS info (device loop0): enabling ssd optimizations
[  503.834402][ T8906] BTRFS info (device loop0): rebuilding free space tree
[  503.852620][ T8906] BTRFS info (device loop0): disabling free space tree
[  503.859616][ T8906] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  503.869500][ T8906] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  504.059106][ T4269] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  505.583682][ T7917] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  505.894765][ T8941] loop2: detected capacity change from 0 to 32768
[  505.905234][ T8941] (syz.2.1201,8941,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  505.920152][ T8941] (syz.2.1201,8941,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  505.960076][ T7917] usb 1-1: config 0 has no interfaces?
[  505.970148][ T8941] JBD2: Ignoring recovery information on journal
[  505.991258][ T7917] usb 1-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  506.020493][ T8941] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  506.058284][ T7917] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  506.086813][ T7917] usb 1-1: Product: syz
[  506.093422][ T7917] usb 1-1: Manufacturer: syz
[  506.098090][ T7917] usb 1-1: SerialNumber: syz
[  506.500611][ T7917] usb 1-1: config 0 descriptor??
[  506.663568][ T8947] loop3: detected capacity change from 0 to 1024
[  506.948518][ T7917] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  507.055722][ T8774] usb 1-1: USB disconnect, device number 42
[  507.148341][ T7917] usb 5-1: Using ep0 maxpacket: 32
[  507.159829][ T7917] usb 5-1: config 0 has an invalid interface number: 188 but max is 0
[  507.207369][ T7917] usb 5-1: config 0 has no interface number 0
[  507.250173][ T7917] usb 5-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  507.272713][ T7917] usb 5-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  507.391321][ T8953] binder: Binderfs stats mode cannot be changed during a remount
[  507.406296][ T7917] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.431784][ T7917] usb 5-1: Product: syz
[  507.447664][ T7917] usb 5-1: Manufacturer: syz
[  507.466392][ T7917] usb 5-1: SerialNumber: syz
[  507.510242][ T7917] usb 5-1: config 0 descriptor??
[  507.517148][ T4267] ocfs2: Unmounting device (7,2) on (node local)
[  507.544446][ T8949] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  507.769622][ T8949] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  508.561028][ T7917] asix 5-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  508.648647][   T26] audit: type=1326 audit(1774639967.924:9): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=8960 comm="syz.0.1208" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe548f9c799 code=0x0
[  509.617903][ T7917] asix: probe of 5-1:0.188 failed with error -61
[  509.730741][ T7917] usb 5-1: USB disconnect, device number 47
[  510.298281][ T7917] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  510.490520][ T7917] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  510.535767][ T7917] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  511.462427][ T7917] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  511.478886][ T7917] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  511.511815][ T7917] usb 5-1: config 0 descriptor??
[  511.722517][ T8977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  511.763830][ T8977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  511.798594][ T7917] usbhid 5-1:0.0: can't add hid device: -71
[  511.832529][ T7917] usbhid: probe of 5-1:0.0 failed with error -71
[  511.873569][ T7917] usb 5-1: USB disconnect, device number 48
[  512.027300][ T8989] loop2: detected capacity change from 0 to 32768
[  512.080516][ T8989] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 scanned by syz.2.1215 (8989)
[  512.096784][ T8991] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1216'.
[  512.109370][ T8989] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  512.119721][ T8989] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  512.128665][ T8989] BTRFS info (device loop2): enabling disk space caching
[  512.135824][ T8989] BTRFS info (device loop2): force clearing of disk cache
[  512.143070][ T8989] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  512.152533][ T8989] BTRFS info (device loop2): use zstd compression, level 3
[  512.160026][ T8989] BTRFS info (device loop2): disk space caching is enabled
[  512.184424][ T9007] binder: 8990:9007 ioctl c0105872 200000000080 returned -22
[  512.207093][ T8991] binder: 8990:8991 ioctl c0306201 200000000180 returned -22
[  512.215348][ T8989] BTRFS info (device loop2): enabling ssd optimizations
[  512.224295][ T8989] BTRFS info (device loop2): rebuilding free space tree
[  512.235874][ T8989] BTRFS info (device loop2): disabling free space tree
[  512.242972][ T8989] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  512.252929][ T8989] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  512.483340][ T4267] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  512.518343][ T7917] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  512.738756][ T7917] usb 5-1: Using ep0 maxpacket: 16
[  512.745643][ T7917] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  512.785863][ T7917] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  512.834292][ T7917] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.40
[  512.875888][ T7917] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.917808][ T4939] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 12 /dev/loop2 scanned by udevd (4939)
[  512.941716][ T7917] usb 5-1: config 0 descriptor??
[  513.114625][ T7917] usbhid 5-1:0.0: can't add hid device: -71
[  513.168358][ T7917] usbhid: probe of 5-1:0.0 failed with error -71
[  513.329837][ T7917] usb 5-1: USB disconnect, device number 49
[  514.169088][   T26] audit: type=1326 audit(1774639972.724:10): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=9019 comm="syz.4.1220" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faaf639c799 code=0x0
[  514.297273][ T9018] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1219'.
[  514.658296][ T7917] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  514.908422][ T7917] usb 5-1: Using ep0 maxpacket: 32
[  515.205753][ T7917] usb 5-1: config 0 has an invalid interface number: 188 but max is 0
[  515.214112][ T7917] usb 5-1: config 0 has no interface number 0
[  515.243985][ T7917] usb 5-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  515.325222][ T9040] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1224'.
[  515.439508][ T7917] usb 5-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  515.499353][ T7917] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  515.509553][ T7917] usb 5-1: Product: syz
[  515.513825][ T7917] usb 5-1: Manufacturer: syz
[  515.528440][ T7917] usb 5-1: SerialNumber: syz
[  515.565920][ T7917] usb 5-1: config 0 descriptor??
[  515.598953][ T9025] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  515.866203][ T9025] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  516.847158][ T7917] asix 5-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  516.867865][ T7917] asix: probe of 5-1:0.188 failed with error -61
[  516.939347][ T9047] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1227'.
[  516.969201][ T9047] binder: 9045:9047 ioctl c0105872 200000000080 returned -22
[  516.987028][ T9047] binder: 9045:9047 ioctl c0306201 200000000180 returned -22
[  517.389389][ T7917] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  517.609859][ T7917] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  517.655284][ T7917] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  517.742744][ T7917] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  517.795588][ T7917] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  517.826465][ T7917] usb 1-1: config 0 descriptor??
[  518.046376][ T9055] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  518.160290][ T9055] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  518.669169][ T7917] usbhid 1-1:0.0: can't add hid device: -71
[  518.677723][ T7917] usbhid: probe of 1-1:0.0 failed with error -71
[  518.698029][ T7917] usb 1-1: USB disconnect, device number 43
[  518.703747][ T4312] usb 5-1: USB disconnect, device number 50
[  519.258256][ T7917] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  519.468525][ T7917] usb 1-1: Using ep0 maxpacket: 16
[  519.478598][ T7917] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  520.161881][ T7917] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  520.214078][ T7917] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.40
[  520.322039][ T7917] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  520.406235][ T7917] usb 1-1: config 0 descriptor??
[  520.449792][ T7917] usb 1-1: can't set config #0, error -71
[  520.549036][ T7917] usb 1-1: USB disconnect, device number 44
[  521.198041][ T9087] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1241'.
[  521.273498][ T9087] binder: 9086:9087 ioctl c0105872 200000000080 returned -22
[  521.400791][ T9087] binder: 9086:9087 ioctl c0306201 200000000180 returned -22
[  523.215331][ T9099] loop1: detected capacity change from 0 to 2048
[  523.342813][ T9099] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  523.938373][ T4315] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  524.777260][ T4315] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  524.878373][ T4315] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  524.918300][ T4315] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  524.927496][ T4315] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.991490][ T4315] usb 1-1: config 0 descriptor??
[  525.203341][ T9108] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  525.218842][ T9108] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  525.980432][ T4315] usbhid 1-1:0.0: can't add hid device: -71
[  526.030235][ T4315] usbhid: probe of 1-1:0.0 failed with error -71
[  526.057972][ T4315] usb 1-1: USB disconnect, device number 45
[  526.608839][ T4315] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  527.446645][ T9135] loop0: detected capacity change from 0 to 32768
[  527.478272][ T4315] usb 1-1: device not accepting address 46, error -71
[  527.496502][ T9135] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 12
[  527.906941][ T4939] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 12
[  529.666274][ T9154] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1261'.
[  530.398845][ T7917] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  530.406727][    C1] raw-gadget.0 gadget.0: ignoring, device is not running
[  530.598268][ T7917] usb 1-1: device descriptor read/64, error -32
[  530.878491][ T7917] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  531.628292][ T7917] usb 1-1: Using ep0 maxpacket: 8
[  531.665724][ T7917] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  531.695482][ T7917] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  531.741688][ T7917] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  531.776594][ T7917] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  531.800058][ T7917] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  531.832964][ T7917] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  531.857608][ T7917] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.522345][ T7911] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  532.720745][ T7911] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  532.821224][ T7911] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  533.254945][ T7911] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  533.333230][ T7911] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  533.423247][ T7911] usb 3-1: config 0 descriptor??
[  533.655333][ T9169] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  533.688681][ T9169] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  533.709109][ T7911] usbhid 3-1:0.0: can't add hid device: -71
[  533.715087][ T7911] usbhid: probe of 3-1:0.0 failed with error -71
[  533.768300][ T7911] usb 3-1: USB disconnect, device number 54
[  533.899235][ T4315] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  534.099950][ T4315] usb 5-1: config 0 has no interfaces?
[  534.107600][ T4315] usb 5-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  534.145759][ T4315] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  534.176259][ T4315] usb 5-1: Product: syz
[  534.176395][ T7917] usb 1-1: can't set config #16, error -71
[  534.180583][ T4315] usb 5-1: Manufacturer: syz
[  534.180603][ T4315] usb 5-1: SerialNumber: syz
[  534.236175][ T4315] usb 5-1: config 0 descriptor??
[  534.245243][ T7917] usb 1-1: USB disconnect, device number 49
[  534.255879][ T9192] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1272'.
[  534.348334][ T7911] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  534.504845][ T7917] usb 5-1: USB disconnect, device number 51
[  534.548362][ T7911] usb 3-1: Using ep0 maxpacket: 16
[  534.555591][ T7911] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  534.582609][ T7911] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  534.611328][ T7911] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.40
[  534.646305][ T7911] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.677113][ T7911] usb 3-1: config 0 descriptor??
[  535.292350][ T7911] usbhid 3-1:0.0: can't add hid device: -71
[  535.302032][ T7911] usbhid: probe of 3-1:0.0 failed with error -71
[  535.342453][ T7911] usb 3-1: USB disconnect, device number 55
[  537.566769][   T26] audit: type=1326 audit(1774639996.844:11): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=9221 comm="syz.3.1281" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f61c359c799 code=0x0
[  538.734703][ T9227] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1282'.
[  539.075579][ T4312] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  539.218465][ T7911] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  539.423848][ T7911] usb 2-1: config 0 has no interfaces?
[  539.456164][ T7911] usb 2-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  539.576758][ T7911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  539.679276][ T7911] usb 2-1: Product: syz
[  539.761134][ T7911] usb 2-1: Manufacturer: syz
[  539.772339][ T7911] usb 2-1: SerialNumber: syz
[  539.801274][ T7911] usb 2-1: config 0 descriptor??
[  539.919745][ T4312] usb 4-1: config 0 has no interfaces?
[  539.925282][ T4312] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  539.935263][ T4312] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  539.945442][ T4312] usb 4-1: config 0 descriptor??
[  540.178590][ T4315] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  540.440729][ T9233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  540.526851][ T9233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  540.537644][ T4315] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  540.544954][ T7911] usb 2-1: USB disconnect, device number 59
[  540.559124][ T4315] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  540.573849][ T4315] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  540.583554][ T4315] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  540.595588][ T9233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  540.619009][ T4315] usb 1-1: config 0 descriptor??
[  540.627000][ T9233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  540.660578][ T4312] usb 4-1: USB disconnect, device number 51
[  540.773874][ T8351] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[  540.831021][ T9250] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  540.841064][ T9250] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  540.853528][ T4315] usbhid 1-1:0.0: can't add hid device: -71
[  540.860131][ T4315] usbhid: probe of 1-1:0.0 failed with error -71
[  540.869797][ T4315] usb 1-1: USB disconnect, device number 50
[  541.190782][ T9259] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1293'.
[  541.228460][ T4312] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  541.408266][ T4312] usb 4-1: Using ep0 maxpacket: 8
[  541.415617][ T4312] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  541.436747][ T4312] usb 4-1: New USB device found, idVendor=046d, idProduct=0900, bcdDevice=66.9e
[  541.448499][ T4315] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  541.473625][ T4312] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  541.482284][ T4312] usb 4-1: Product: syz
[  541.486720][ T4312] usb 4-1: Manufacturer: syz
[  541.497192][ T4312] usb 4-1: SerialNumber: syz
[  541.586250][ T9263] loop1: detected capacity change from 0 to 32768
[  541.603926][ T9263] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  541.698239][ T4315] usb 1-1: Using ep0 maxpacket: 16
[  541.729354][ T4315] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  541.749055][ T4312] usb 4-1: config 0 descriptor??
[  541.790524][ T4315] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  541.828877][ T4315] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.40
[  541.877436][ T4315] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.946029][ T4315] usb 1-1: config 0 descriptor??
[  541.996515][ T4951] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 12
[  542.262537][ T7911] usb 4-1: USB disconnect, device number 52
[  543.022813][ T4315] usbhid 1-1:0.0: can't add hid device: -71
[  543.045010][ T4315] usbhid: probe of 1-1:0.0 failed with error -71
[  543.790095][ T4315] usb 1-1: USB disconnect, device number 51
[  544.176123][ T9286] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1299'.
[  545.598370][ T7911] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  545.662030][ T8351] Bluetooth: hci0: link tx timeout
[  545.799700][ T7911] usb 2-1: config 0 has no interfaces?
[  545.807769][ T7911] usb 2-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  545.857316][ T7911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  546.041458][ T9304] loop2: detected capacity change from 0 to 32768
[  546.094107][ T7911] usb 2-1: Product: syz
[  546.131523][ T7911] usb 2-1: Manufacturer: syz
[  546.141185][ T7911] usb 2-1: SerialNumber: syz
[  546.156234][ T7911] usb 2-1: config 0 descriptor??
[  546.183022][ T9304] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  546.193329][ T9304] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  546.202256][ T9304] BTRFS info (device loop2): enabling disk space caching
[  546.209343][ T9304] BTRFS info (device loop2): force clearing of disk cache
[  546.216546][ T9304] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  546.226002][ T9304] BTRFS info (device loop2): use zstd compression, level 3
[  546.233304][ T9304] BTRFS info (device loop2): disk space caching is enabled
[  546.328651][ T9304] BTRFS info (device loop2): enabling ssd optimizations
[  546.336956][ T9304] BTRFS info (device loop2): rebuilding free space tree
[  546.354058][ T9304] BTRFS info (device loop2): disabling free space tree
[  546.361236][ T9304] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  546.371043][ T9304] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  546.538435][ T7911] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  546.664499][ T7917] usb 2-1: USB disconnect, device number 60
[  546.989891][ T7911] usb 4-1: config 0 has no interfaces?
[  547.003650][ T7911] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  547.030703][ T4267] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  547.041270][ T7911] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  547.076789][ T7911] usb 4-1: config 0 descriptor??
[  547.338250][ T9306] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  547.371564][ T9306] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  547.453825][ T9306] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  547.486032][ T9306] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  547.673890][ T9030] usb 4-1: USB disconnect, device number 53
[  547.828462][ T9028] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  548.154828][ T9028] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  548.355763][ T9028] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  548.382558][ T9028] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  548.392160][ T9028] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.402522][ T9028] usb 5-1: config 0 descriptor??
[  548.409434][ T9030] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  548.638446][ T9030] usb 4-1: Using ep0 maxpacket: 8
[  548.642121][ T9334] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  548.645860][ T9030] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  548.672634][ T9030] usb 4-1: New USB device found, idVendor=046d, idProduct=0900, bcdDevice=66.9e
[  548.682341][ T9030] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  548.690791][ T9030] usb 4-1: Product: syz
[  548.697131][ T9030] usb 4-1: Manufacturer: syz
[  548.702715][ T9030] usb 4-1: SerialNumber: syz
[  548.734471][ T9030] usb 4-1: config 0 descriptor??
[  548.828602][ T9334] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  548.846776][ T4939] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 12 /dev/loop2 scanned by udevd (4939)
[  548.871931][ T9028] usbhid 5-1:0.0: can't add hid device: -71
[  548.907951][ T9028] usbhid: probe of 5-1:0.0 failed with error -71
[  548.916743][ T9028] usb 5-1: USB disconnect, device number 52
[  549.972927][ T9028] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  550.637507][ T4315] usb 4-1: USB disconnect, device number 54
[  550.788378][ T9028] usb 5-1: Using ep0 maxpacket: 16
[  550.860948][ T9028] usb 5-1: device descriptor read/all, error -71
[  551.969437][ T9378] loop4: detected capacity change from 0 to 2048
[  552.061014][ T9378] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  552.702266][ T9387] syz.4.1323 (9387): drop_caches: 2
[  556.099692][ T9028] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  556.108341][ T4315] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  556.299958][ T4315] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  556.300413][ T9028] usb 1-1: config 0 has no interfaces?
[  556.318382][ T4312] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  556.326331][ T9028] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  556.346205][ T9028] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.354673][ T4315] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  556.371617][ T9028] usb 1-1: config 0 descriptor??
[  556.376947][ T4315] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  556.464501][ T4315] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.538252][ T4312] usb 4-1: Using ep0 maxpacket: 8
[  556.546659][ T4315] usb 2-1: config 0 descriptor??
[  556.554849][ T4312] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  556.563584][ T4312] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  556.582800][ T4312] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  556.603222][ T9409] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  556.618667][ T9409] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  556.636447][ T9028] usb 1-1: USB disconnect, device number 52
[  556.719326][ T4312] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  556.784491][ T9412] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  556.799000][ T9412] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  556.837599][ T4315] usbhid 2-1:0.0: can't add hid device: -71
[  556.844508][ T4315] usbhid: probe of 2-1:0.0 failed with error -71
[  556.877468][ T4312] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  556.968740][ T4315] usb 2-1: USB disconnect, device number 61
[  556.977035][ T4312] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  556.986731][ T4312] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  557.868237][ T9028] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  557.868270][ T4315] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  558.138280][ T4315] usb 2-1: Using ep0 maxpacket: 16
[  558.146021][ T4315] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  558.148545][ T9028] usb 1-1: Using ep0 maxpacket: 16
[  558.164228][ T4315] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  558.888486][ T4315] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.40
[  558.897825][ T4315] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.949835][ T9028] usb 1-1: device descriptor read/all, error -71
[  558.959090][ T4315] usb 2-1: config 0 descriptor??
[  559.031697][ T4315] usb 2-1: can't set config #0, error -71
[  559.046132][ T4315] usb 2-1: USB disconnect, device number 62
[  562.108505][ T4312] usb 4-1: usb_control_msg returned -110
[  562.114263][ T4312] usbtmc 4-1:16.0: can't read capabilities
[  562.196521][ T4312] usb 4-1: USB disconnect, device number 55
[  563.146746][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  563.153248][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  563.636605][ T9476] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1346'.
[  563.781161][ T9476] binder: 9475:9476 ioctl c0105872 200000000080 returned -22
[  564.430902][ T9477] binder: 9475:9477 ioctl c0306201 200000000180 returned -22
[  565.134589][ T9486] input: syz0 as /devices/virtual/input/input45
[  566.856697][ T9511] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1354'.
[  567.002158][ T4312] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  567.472991][ T4312] usb 2-1: Using ep0 maxpacket: 8
[  567.604494][ T4312] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  567.642040][ T4312] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  567.686401][ T4312] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  567.968227][ T4312] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  568.254231][ T4312] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  568.324987][ T4312] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  568.431358][ T4312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.369247][ T9536] input: syz0 as /devices/virtual/input/input47
[  570.808285][ T9545] binder: Binderfs stats mode cannot be changed during a remount
[  571.242108][ T9547] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1364'.
[  571.289882][ T9547] binder: 9546:9547 ioctl c0105872 200000000080 returned -22
[  571.323876][ T9547] binder: 9546:9547 ioctl c0306201 200000000180 returned -22
[  571.731762][ T4312] usb 2-1: usb_control_msg returned -71
[  571.737686][ T4312] usbtmc 2-1:16.0: can't read capabilities
[  571.777212][ T4312] usb 2-1: USB disconnect, device number 63
[  574.245987][ T4312] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  574.440057][ T4312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  574.466595][ T4312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  574.509045][ T4312] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  574.530093][ T4312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.546091][ T4312] usb 3-1: config 0 descriptor??
[  574.764788][ T9563] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  574.797789][ T9563] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  574.810186][ T4312] usbhid 3-1:0.0: can't add hid device: -71
[  574.828727][ T4312] usbhid: probe of 3-1:0.0 failed with error -71
[  574.856785][ T4312] usb 3-1: USB disconnect, device number 56
[  575.133300][ T9569] input: syz0 as /devices/virtual/input/input48
[  575.274264][ T9576] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1373'.
[  575.478741][ T4312] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  575.668480][ T4312] usb 3-1: Using ep0 maxpacket: 16
[  575.676285][ T4312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  575.715194][ T4312] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  575.783182][ T4312] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.40
[  575.805695][ T4312] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.922174][ T4312] usb 3-1: config 0 descriptor??
[  576.755153][   T26] audit: type=1326 audit(1774640035.294:12): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=9582 comm="syz.0.1375" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe548f9c799 code=0x0
[  577.073324][ T9591] loop0: detected capacity change from 0 to 2048
[  577.188218][ T9028] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  577.206742][ T4312] usbhid 3-1:0.0: can't add hid device: -71
[  578.473033][ T4312] usbhid: probe of 3-1:0.0 failed with error -71
[  578.743794][ T4312] usb 3-1: USB disconnect, device number 57
[  578.826896][ T9591] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  578.866201][ T9591] ext4 filesystem being mounted at /251/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  578.907532][ T9028] usb 2-1: config 0 has no interfaces?
[  578.913703][ T9028] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  578.998441][ T9028] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.036901][ T9028] usb 2-1: config 0 descriptor??
[  579.127033][ T9602] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1379'.
[  579.157075][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  579.342391][ T4312] usb 2-1: USB disconnect, device number 64
[  580.168296][ T4312] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  581.769872][ T9614] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1384'.
[  582.208421][ T4312] usb 2-1: device not accepting address 65, error -71
[  584.229778][   T26] audit: type=1326 audit(1774640042.794:13): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=9626 comm="syz.0.1388" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe548f9c799 code=0x0
[  584.668224][ T9028] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  584.876240][ T9028] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  584.888577][ T9028] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  584.901560][ T9028] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  584.912979][ T9028] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.064470][ T9028] usb 1-1: config 0 descriptor??
[  585.298680][ T9632] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  585.307520][ T9632] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  585.359718][ T9028] usbhid 1-1:0.0: can't add hid device: -71
[  585.365929][ T9028] usbhid: probe of 1-1:0.0 failed with error -71
[  585.415850][ T9028] usb 1-1: USB disconnect, device number 55
[  585.952323][ T9028] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  586.166920][ T9652] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1394'.
[  586.208053][ T9661] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1397'.
[  586.228287][ T4315] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  586.337067][ T9028] usb 1-1: Using ep0 maxpacket: 16
[  586.360390][ T9028] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  586.375367][ T9028] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  586.386104][ T9028] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.40
[  586.427809][ T9028] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  586.467619][ T9028] usb 1-1: config 0 descriptor??
[  586.505912][ T9663] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1398'.
[  586.686399][ T4315] usb 4-1: config 0 has no interfaces?
[  586.697310][ T4315] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  586.706580][ T4315] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  586.716555][ T4315] usb 4-1: config 0 descriptor??
[  586.926940][ T4315] usb 4-1: USB disconnect, device number 56
[  587.086995][ T9028] usbhid 1-1:0.0: can't add hid device: -71
[  587.101432][ T9028] usbhid: probe of 1-1:0.0 failed with error -71
[  587.119597][ T9028] usb 1-1: USB disconnect, device number 56
[  588.323958][ T4315] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  588.333693][   T26] audit: type=1326 audit(1774640046.884:14): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=9670 comm="syz.4.1401" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7faaf639c799 code=0x0
[  588.600674][ T4315] usb 4-1: unable to get BOS descriptor or descriptor too short
[  588.610167][ T4315] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 37, changing to 7
[  588.622199][ T4315] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 116, changing to 7
[  588.642431][ T4315] usb 4-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[  588.655242][ T4315] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  588.664642][ T4315] usb 4-1: Product: syz
[  588.669232][ T4315] usb 4-1: Manufacturer: syz
[  588.674078][ T4315] usb 4-1: SerialNumber: syz
[  588.691676][ T9680] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1402'.
[  588.830016][ T4315] usb 4-1: Can't get UAC3 power state for id 10
[  588.854471][ T4315] usb 4-1: 2:0: failed to get current value for ch 0 (-71)
[  588.881682][ T4315] usb 4-1: 2:0: cannot get min/max values for control 2 (id 2)
[  589.458502][ T4315] usb 4-1: USB disconnect, device number 57
[  589.554310][ T9691] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1408'.
[  589.986065][ T9697] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1409'.
[  591.428595][   T26] audit: type=1326 audit(1774640050.624:15): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=9707 comm="syz.3.1412" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f61c359c799 code=0x0
[  592.193690][ T9717] loop2: detected capacity change from 0 to 128
[  592.201376][ T9717] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  593.291336][ T9717] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  593.452951][ T9028] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  593.518368][   T75] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  593.649530][ T9028] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  593.675939][ T9028] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  593.698377][ T9028] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  593.728849][ T9028] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  593.750107][ T9028] usb 4-1: config 0 descriptor??
[  593.966218][ T9715] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  594.003894][ T9715] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  594.041848][ T9028] usbhid 4-1:0.0: can't add hid device: -71
[  594.050172][ T9028] usbhid: probe of 4-1:0.0 failed with error -71
[  594.093540][ T9028] usb 4-1: USB disconnect, device number 58
[  594.134887][ T9731] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1419'.
[  594.708335][ T9028] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  594.933738][ T9028] usb 4-1: Using ep0 maxpacket: 16
[  595.693267][ T9028] usb 4-1: unable to read config index 0 descriptor/start: -71
[  596.611423][ T9742] syz.0.1422 (9742): drop_caches: 2
[  596.788452][ T9028] usb 4-1: can't read configurations, error -71
[  596.905314][ T8351] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  596.915220][ T8351] CPU: 0 PID: 8351 Comm: kworker/u5:0 Not tainted syzkaller #0
[  596.922780][ T8351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  596.933014][ T8351] Workqueue: hci1 hci_rx_work
[  596.937720][ T8351] Call Trace:
[  596.940996][ T8351]  <TASK>
[  596.944006][ T8351]  dump_stack_lvl+0x188/0x24e
[  596.948700][ T8351]  ? show_regs_print_info+0x12/0x12
[  596.953911][ T8351]  ? load_image+0x400/0x400
[  596.958520][ T8351]  sysfs_create_dir_ns+0x26a/0x290
[  596.963656][ T8351]  ? sysfs_warn_dup+0xa0/0xa0
[  596.968417][ T8351]  ? do_raw_spin_unlock+0x11d/0x230
[  596.973634][ T8351]  kobject_add_internal+0x61c/0xcc0
[  596.978848][ T8351]  kobject_add+0x160/0x230
[  596.983372][ T8351]  ? kobject_init+0x1d0/0x1d0
[  596.988150][ T8351]  ? klist_children_get+0x50/0x50
[  596.993186][ T8351]  ? get_device_parent+0x121/0x3f0
[  596.998320][ T8351]  device_add+0x483/0xfb0
[  597.002646][ T8351]  ? kmem_cache_free+0xf7/0x290
[  597.007507][ T8351]  hci_conn_add_sysfs+0xd1/0x1e0
[  597.012676][ T8351]  le_conn_complete_evt+0x1062/0x1670
[  597.018063][ T8351]  ? hci_le_big_info_adv_report_evt+0x2f0/0x2f0
[  597.024424][ T8351]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  597.030079][ T8351]  ? skb_pull_data+0xf7/0x200
[  597.034755][ T8351]  hci_le_conn_complete_evt+0x183/0x440
[  597.040384][ T8351]  ? hci_remote_host_features_evt+0x270/0x270
[  597.046442][ T8351]  hci_event_packet+0x7b9/0x1280
[  597.051567][ T8351]  ? bis_list+0x280/0x280
[  597.055887][ T8351]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  597.061987][ T8351]  ? kcov_remote_start+0x4c7/0x7e0
[  597.067108][ T8351]  ? sync_thread_master+0x620/0x10b0
[  597.072398][ T8351]  ? hci_send_to_monitor+0x9c/0x4a0
[  597.077771][ T8351]  hci_rx_work+0x3eb/0xd40
[  597.082197][ T8351]  ? _raw_spin_unlock+0x40/0x40
[  597.087045][ T8351]  ? process_one_work+0x7b0/0x1160
[  597.092152][ T8351]  process_one_work+0x8a2/0x1160
[  597.097090][ T8351]  ? worker_detach_from_pool+0x240/0x240
[  597.102714][ T8351]  ? _raw_spin_lock_irq+0xb7/0xf0
[  597.107756][ T8351]  ? _raw_spin_lock_irqsave+0x100/0x100
[  597.113486][ T8351]  ? kthread_data+0x4b/0xc0
[  597.117987][ T8351]  worker_thread+0xaa2/0x1270
[  597.122674][ T8351]  ? __kthread_parkme+0x162/0x1c0
[  597.127788][ T8351]  kthread+0x29d/0x330
[  597.131850][ T8351]  ? worker_clr_flags+0x1a0/0x1a0
[  597.136883][ T8351]  ? kthread_blkcg+0xd0/0xd0
[  597.141465][ T8351]  ret_from_fork+0x1f/0x30
[  597.145882][ T8351]  </TASK>
[  597.158254][ T8351] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  597.171676][ T8351] Bluetooth: hci1: failed to register connection device
[  598.013304][ T9762] loop1: detected capacity change from 0 to 128
[  598.025257][ T9762] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  598.356483][ T9762] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  598.989558][ T4728] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  599.131332][ T9771] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1431'.
[  599.543442][ T4642] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  599.675909][   T26] audit: type=1326 audit(1774640058.954:16): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=9774 comm="syz.0.1424" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe548f9c799 code=0x0
[  600.888495][ T9785] syz.0.1435 (9785): drop_caches: 2
[  602.791077][ T4642] usb 5-1: device descriptor read/all, error -71
[  602.925854][ T9794] loop2: detected capacity change from 0 to 2048
[  603.035650][ T9794] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  603.044992][ T9794] ext4 filesystem being mounted at /309/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  603.854904][ T4267] EXT4-fs (loop2): unmounting filesystem.
[  604.485360][ T8351] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection
[  605.030457][ T9824] loop1: detected capacity change from 0 to 128
[  605.037750][ T9824] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  606.105467][ T9824] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  606.284388][ T4900] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  606.902452][ T9832] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1446'.
[  607.489584][   T26] audit: type=1326 audit(1774640066.774:17): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=9833 comm="syz.2.1447" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f03d899c799 code=0x0
[  608.230728][ T9837] syz.1.1449 (9837): drop_caches: 2
[  608.539442][ T9845] loop4: detected capacity change from 0 to 2048
[  608.581690][ T9845] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  608.738355][ T4642] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  608.930229][ T4642] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  609.025355][ T4642] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  609.036005][ T4642] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  609.045572][ T4642] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  609.055853][ T4642] usb 3-1: config 0 descriptor??
[  609.269546][ T9843] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  609.289980][ T9843] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  609.317398][ T4642] usbhid 3-1:0.0: can't add hid device: -71
[  609.333066][ T4642] usbhid: probe of 3-1:0.0 failed with error -71
[  609.360472][ T4642] usb 3-1: USB disconnect, device number 58
[  609.948192][ T4642] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  610.328443][ T4642] usb 3-1: Using ep0 maxpacket: 16
[  610.336254][ T4642] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  610.426449][ T4642] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  610.497590][ T4642] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.40
[  610.527927][ T4642] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  610.554291][ T4642] usb 3-1: config 0 descriptor??
[  610.639982][ T9866] loop4: detected capacity change from 0 to 128
[  610.647358][ T9866] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  611.552156][ T9866] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  611.606105][ T4642] mcp2221 0003:04D8:00DD.002C: unknown main item tag 0x0
[  611.797530][ T4642] mcp2221 0003:04D8:00DD.002C: USB HID v0.00 Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  611.819535][   T75] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  611.853257][ T9878] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1458'.
[  611.921257][ T4642] usb 3-1: USB disconnect, device number 59
[  613.310641][ T9892] syz.2.1461 (9892): drop_caches: 2
[  613.511714][   T26] audit: type=1326 audit(1774640071.874:18): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=9888 comm="syz.0.1460" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe548f9c799 code=0x0
[  614.359715][ T9907] loop3: detected capacity change from 0 to 2048
[  614.394579][ T9907] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  617.384679][   T26] audit: type=1326 audit(1774640076.664:19): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=9934 comm="syz.1.1473" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f165979c799 code=0x0
[  618.111309][ T9940] syz.3.1474 (9940): drop_caches: 2
[  619.683811][ T9953] loop2: detected capacity change from 0 to 131072
[  619.691483][ T9953] XFS: ikeep mount option is deprecated.
[  619.830797][ T9956] loop1: detected capacity change from 0 to 2048
[  619.913079][ T9953] XFS (loop2): Mounting V5 Filesystem
[  619.961685][ T9956] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  620.087892][ T9953] XFS (loop2): Starting recovery (logdev: internal)
[  620.163329][ T9953] XFS (loop2): Ending recovery (logdev: internal)
[  621.273412][ T4267] XFS (loop2): Unmounting Filesystem
[  623.288192][   T26] audit: type=1326 audit(1774640082.524:20): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=9985 comm="syz.0.1486" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe548f9c799 code=0x0
[  623.727542][ T9990] loop3: detected capacity change from 0 to 2048
[  624.048226][ T9990] NILFS (loop3): unrecognized mount option "disÈ€œàÓò
[  624.048226][ T9990] 0x0000000000000003"
[  624.068074][ T9994] syz.1.1487 (9994): drop_caches: 2
[  624.172874][ T4951] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  624.206612][ T9998] loop0: detected capacity change from 0 to 2048
[  624.265124][ T9998] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  624.273785][ T9998] ext4 filesystem being mounted at /272/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  624.456737][ T4269] EXT4-fs (loop0): unmounting filesystem.
[  624.595516][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  624.602248][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  626.334793][ T4285] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection
[  626.389393][T10017] loop0: detected capacity change from 0 to 2048
[  626.444130][T10017] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  626.517412][T10023] loop3: detected capacity change from 0 to 128
[  626.524904][T10023] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  626.552668][T10023] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  627.776677][ T4461] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  628.545345][   T26] audit: type=1326 audit(1774640087.824:21): auid=4294967295 uid=60929 gid=60928 ses=4294967295 subj=unconfined pid=10033 comm="syz.1.1498" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f165979c799 code=0x0
[  628.886189][T10040] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1499'.
[  630.454115][T10057] binder: Binderfs stats mode cannot be changed during a remount
[  630.659382][T10059] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1502'.
[  631.159265][T10065] loop3: detected capacity change from 0 to 1024
[  631.399063][T10068] random: crng reseeded on system resumption
[  632.497098][   T26] audit: type=1800 audit(1774640091.774:22): pid=10065 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1506" name="file1" dev="loop3" ino=2 res=0 errno=0
[  632.536346][ T4285] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  632.701319][ T4655] hfsplus: b-tree write err: -5, ino 3
[  633.283974][T10080] loop4: detected capacity change from 0 to 2048
[  633.342466][T10080] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  633.908730][T10082] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1513'.
[  634.325400][T10090] netlink: 'syz.2.1514': attribute type 16 has an invalid length.
[  634.335724][T10090] netlink: 'syz.2.1514': attribute type 17 has an invalid length.
[  634.534984][T10090] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  634.623134][T10090] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  634.913730][T10090] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  634.966941][T10096] binder: Binderfs stats mode cannot be changed during a remount
[  635.245614][T10090] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  635.259775][T10090] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  635.474406][T10090] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  635.496160][T10090] 8021q: adding VLAN 0 to HW filter on device bond0
[  635.505846][T10090] 8021q: adding VLAN 0 to HW filter on device team0
[  635.524699][T10090] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  637.805657][T10119] QAT: failed to copy from user cfg_data.
[  638.660945][ T4285] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  638.678898][ T4642] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  638.892577][ T4642] usb 3-1: config 0 has no interfaces?
[  638.907864][ T4642] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  638.961373][ T4642] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.195940][ T4642] usb 3-1: config 0 descriptor??
[  640.209436][T10136] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1526'.
[  640.256323][T10136] netlink: 'syz.1.1526': attribute type 4 has an invalid length.
[  640.467198][ T4642] usb 3-1: USB disconnect, device number 60
[  641.178223][ T4642] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  641.399965][ T4642] usb 3-1: unable to get BOS descriptor or descriptor too short
[  641.420895][ T4642] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 37, changing to 7
[  641.448197][ T4642] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 116, changing to 7
[  641.483457][ T4642] usb 3-1: string descriptor 0 read error: -22
[  641.494398][ T4642] usb 3-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[  642.732898][ T4642] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  642.884879][ T4642] usb 3-1: can't set config #1, error -71
[  642.943546][ T4642] usb 3-1: USB disconnect, device number 61
[  643.594201][T10160] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1533'.
[  644.727042][T10170] input: syz0 as /devices/virtual/input/input55
[  649.479159][T10205] loop4: detected capacity change from 0 to 32768
[  649.487666][T10205] (syz.4.1544,10205,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  649.501809][T10205] (syz.4.1544,10205,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  649.527009][T10205] JBD2: Ignoring recovery information on journal
[  649.554363][T10205] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  650.282242][T10207] netlink: 'syz.3.1546': attribute type 1 has an invalid length.
[  650.313413][T10207] 8021q: adding VLAN 0 to HW filter on device bond1
[  650.442459][T10207] bond1: (slave macvlan3): Enslaving as an active interface with a down link
[  650.460401][ T4266] ocfs2: Unmounting device (7,4) on (node local)
[  653.853140][T10233] loop4: detected capacity change from 0 to 131072
[  653.860348][T10233] XFS: ikeep mount option is deprecated.
[  655.409162][T10233] XFS (loop4): Mounting V5 Filesystem
[  655.577084][T10233] XFS (loop4): Starting recovery (logdev: internal)
[  655.636478][T10233] XFS (loop4): Ending recovery (logdev: internal)
[  656.388561][ T4266] XFS (loop4): Unmounting Filesystem
[  659.699151][ T9028] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  659.909954][ T9028] usb 5-1: config 0 has no interfaces?
[  659.915924][ T9028] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  660.031518][ T9028] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  660.078170][ T9028] usb 5-1: config 0 descriptor??
[  660.296411][ T9028] usb 5-1: USB disconnect, device number 57
[  660.541979][T10282] loop1: detected capacity change from 0 to 32768
[  660.562193][T10282] (syz.1.1558,10282,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  660.576017][T10282] (syz.1.1558,10282,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  660.600456][T10282] JBD2: Ignoring recovery information on journal
[  660.669606][T10282] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  661.018566][ T9028] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  661.325847][ T4268] ocfs2: Unmounting device (7,1) on (node local)
[  661.350252][ T9028] usb 5-1: unable to get BOS descriptor or descriptor too short
[  661.411159][ T9028] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 37, changing to 7
[  661.458410][ T9028] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 116, changing to 7
[  661.503456][ T9028] usb 5-1: string descriptor 0 read error: -22
[  661.621130][ T9028] usb 5-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[  662.569079][ T9028] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  663.042686][ T9028] usb 5-1: can't set config #1, error -71
[  663.060394][ T9028] usb 5-1: USB disconnect, device number 58
[  665.184449][T10313] loop2: detected capacity change from 0 to 512
[  665.331748][T10313] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  665.360829][T10313] EXT4-fs (loop2): orphan cleanup on readonly fs
[  665.381079][T10313] EXT4-fs error (device loop2): ext4_quota_enable:7039: comm syz.2.1572: Bad quota inum: 2, type: 2
[  665.602905][T10313] EXT4-fs warning (device loop2): ext4_enable_quotas:7087: Failed to enable quota tracking (type=2, err=-117, ino=2). Please run e2fsck to fix.
[  666.006737][T10313] EXT4-fs (loop2): Cannot turn on quotas: error -117
[  666.065841][T10313] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  666.612299][ T4267] EXT4-fs (loop2): unmounting filesystem.
[  666.669723][T10328] netlink: 'syz.3.1571': attribute type 16 has an invalid length.
[  666.679775][T10328] netlink: 'syz.3.1571': attribute type 17 has an invalid length.
[  666.690030][T10328] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  666.707275][T10328] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  666.729421][T10328] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  667.099939][T10328] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  667.173632][T10328] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  667.248589][T10328] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  667.642022][T10328] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  671.526367][T10366] IPv6: Can't replace route, no match found
[  671.594531][T10366] IPv6: Can't replace route, no match found
[  673.195800][T10376] loop2: detected capacity change from 0 to 32768
[  673.716739][T10376] (syz.2.1587,10376,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  673.730507][T10376] (syz.2.1587,10376,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  673.778380][T10376] JBD2: Ignoring recovery information on journal
[  674.950916][T10376] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  675.946590][T10385] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  676.005566][ T4267] ocfs2: Unmounting device (7,2) on (node local)
[  677.125270][T10412] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1591'.
[  677.887825][T10416] loop2: detected capacity change from 0 to 2048
[  679.314706][T10416] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  679.572369][T10416] ext4 filesystem being mounted at /335/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  682.126929][ T4267] EXT4-fs (loop2): unmounting filesystem.
[  684.249658][T10469] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1612'.
[  684.332673][T10462] delete_channel: no stack
[  685.252104][T10461] syz.0.1601 (10461): drop_caches: 2
[  685.887491][T10481] netlink: 'syz.1.1616': attribute type 6 has an invalid length.
[  686.023577][ T1273] ieee802154 phy0 wpan0: encryption failed: -22
[  686.033139][ T1273] ieee802154 phy1 wpan1: encryption failed: -22
[  686.978416][ T9028] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  687.783463][ T9028] usb 2-1: config 0 has no interfaces?
[  687.791791][ T9028] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  687.888810][ T9028] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  687.919051][ T9028] usb 2-1: config 0 descriptor??
[  688.020718][T10495] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1614'.
[  688.133304][ T9028] usb 2-1: USB disconnect, device number 67
[  688.659122][ T9030] usb 1-1: new full-speed USB device number 57 using dummy_hcd
[  688.738941][ T9028] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  688.862006][ T9030] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  688.886272][ T9030] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  688.944267][ T9030] usb 1-1: Product: syz
[  688.953657][ T9028] usb 2-1: unable to get BOS descriptor or descriptor too short
[  688.973815][ T9028] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 37, changing to 7
[  688.989954][ T9030] usb 1-1: Manufacturer: syz
[  688.994626][ T9030] usb 1-1: SerialNumber: syz
[  689.034653][ T9028] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 116, changing to 7
[  689.057195][ T9030] usb 1-1: config 0 descriptor??
[  689.159323][ T9028] usb 2-1: string descriptor 0 read error: -22
[  689.165666][ T9028] usb 2-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[  689.208526][ T9028] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  689.215149][T10507] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1626'.
[  689.326258][ T9030] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  689.464484][ T9028] usb 2-1: Can't get UAC3 power state for id 10
[  690.314396][T10505] syz.3.1625 (10505): drop_caches: 2
[  690.467967][ T9028] usb 2-1: 2:0: failed to get current value for ch 0 (-32)
[  690.618009][T10516] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1627'.
[  690.766383][T10514] loop2: detected capacity change from 0 to 32768
[  690.884051][ T9028] usb 2-1: 2:0: cannot get min/max values for control 2 (id 2)
[  691.278986][ T9030] dvb_usb_rtl28xxu: probe of 1-1:0.0 failed with error -71
[  691.310515][ T9030] usb 1-1: USB disconnect, device number 57
[  691.646433][T10520] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1628'.
[  691.737441][ T9030] usb 2-1: USB disconnect, device number 68
[  692.834471][T10528] random: crng reseeded on system resumption
[  697.163316][T10547] loop1: detected capacity change from 0 to 32768
[  697.215725][T10547] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.1638 (10547)
[  697.299865][T10547] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  697.341778][T10547] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  697.385203][T10547] BTRFS info (device loop1): setting nodatasum
[  697.426097][T10547] BTRFS info (device loop1): force zlib compression, level 3
[  697.551974][T10547] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8)
[  697.574128][T10547] BTRFS info (device loop1): use lzo compression, level 0
[  697.582595][T10547] BTRFS info (device loop1): turning on flush-on-commit
[  697.590087][T10547] BTRFS info (device loop1): enabling auto defrag
[  697.691668][T10547] BTRFS info (device loop1): max_inline at 4096
[  697.806440][T10547] BTRFS info (device loop1): using free space tree
[  697.868389][ T9028] usb 1-1: new full-speed USB device number 58 using dummy_hcd
[  697.961630][T10554] loop4: detected capacity change from 0 to 32768
[  698.082983][ T9028] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  698.096958][ T9028] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  698.115045][ T9028] usb 1-1: Product: syz
[  698.124768][ T9028] usb 1-1: Manufacturer: syz
[  698.135047][ T9028] usb 1-1: SerialNumber: syz
[  698.154406][ T9028] usb 1-1: config 0 descriptor??
[  698.382537][ T9028] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  698.422074][T10547] BTRFS error (device loop1): open_ctree failed: -12
[  698.780074][T10589] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1645'.
[  700.523945][ T8730] libceph: connect (1)[c::]:6789 error -101
[  700.544325][ T8730] libceph: mon0 (1)[c::]:6789 connect error
[  700.601028][T10605] ceph: No mds server is up or the cluster is laggy
[  700.900705][ T8729] libceph: connect (1)[c::]:6789 error -101
[  700.932113][ T8729] libceph: mon0 (1)[c::]:6789 connect error
[  701.118161][ T9028] dvb_usb_rtl28xxu: probe of 1-1:0.0 failed with error -71
[  701.167214][ T9028] usb 1-1: USB disconnect, device number 58
[  701.665275][T10620] loop2: detected capacity change from 0 to 128
[  701.672633][T10620] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  701.829042][T10620] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  702.630546][ T4921] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  702.844707][T10628] loop2: detected capacity change from 0 to 32768
[  702.876792][T10628] (syz.2.1656,10628,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  702.890879][T10628] (syz.2.1656,10628,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  702.943160][T10628] JBD2: Ignoring recovery information on journal
[  702.974386][T10628] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  704.710586][ T4267] ocfs2: Unmounting device (7,2) on (node local)
[  705.066612][T10626] loop4: detected capacity change from 0 to 32768
[  705.551067][T10648] random: crng reseeded on system resumption
[  706.599549][T10659] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1664'.
[  706.668377][ T9337] usb 4-1: new full-speed USB device number 61 using dummy_hcd
[  707.545353][ T9337] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  707.565278][ T9337] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  707.592510][ T9337] usb 4-1: Product: syz
[  708.718196][ T9337] usb 4-1: Manufacturer: syz
[  708.742886][ T9337] usb 4-1: SerialNumber: syz
[  708.773546][ T9337] usb 4-1: config 0 descriptor??
[  708.996458][ T9337] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  711.040211][T10684] binder: 10683:10684 ioctl c0105872 200000000080 returned -22
[  711.535981][ T9337] dvb_usb_rtl28xxu: probe of 4-1:0.0 failed with error -71
[  711.583252][T10692] loop2: detected capacity change from 0 to 32768
[  711.607271][ T9337] usb 4-1: USB disconnect, device number 61
[  712.571470][T10697] random: crng reseeded on system resumption
[  715.219706][T10723] binder: 10722:10723 ioctl c0105872 200000000080 returned -22
[  716.857650][T10734] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1685'.
[  720.555317][T10755] loop2: detected capacity change from 0 to 32768
[  723.858369][ T8728] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  724.198328][ T8728] usb 1-1: Using ep0 maxpacket: 32
[  724.210542][ T8728] usb 1-1: config 0 has an invalid interface number: 188 but max is 0
[  724.373445][ T8728] usb 1-1: config 0 has no interface number 0
[  724.393564][ T8728] usb 1-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  724.414519][ T8728] usb 1-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  724.441301][ T8728] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  724.474518][ T8728] usb 1-1: Product: syz
[  724.493890][ T8728] usb 1-1: Manufacturer: syz
[  724.515544][ T8728] usb 1-1: SerialNumber: syz
[  724.563038][ T8728] usb 1-1: config 0 descriptor??
[  724.582232][T10766] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  724.842674][T10766] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  725.006506][T10782] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1698'.
[  725.488983][T10781] netlink: 'syz.1.1693': attribute type 16 has an invalid length.
[  725.496900][T10781] netlink: 'syz.1.1693': attribute type 17 has an invalid length.
[  725.506447][T10781] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  725.514754][T10781] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  725.522917][T10781] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  725.538969][T10781] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  725.546367][T10781] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  725.554025][T10781] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  725.585676][T10781] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  726.144579][ T8728] asix 1-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  726.175140][ T8728] asix 1-1:0.188 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffc3
[  726.229378][ T8728] asix: probe of 1-1:0.188 failed with error -61
[  726.438314][T10801] netlink: 80 bytes leftover after parsing attributes in process `syz.3.1703'.
[  727.442567][T10809] loop1: detected capacity change from 0 to 32768
[  727.473041][ T8728] usb 1-1: USB disconnect, device number 59
[  730.293692][T10815] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1706'.
[  730.983213][T10834] random: crng reseeded on system resumption
[  731.895281][T10838] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1712'.
[  732.323088][T10842] netlink: 'syz.3.1713': attribute type 16 has an invalid length.
[  732.332403][T10842] netlink: 'syz.3.1713': attribute type 17 has an invalid length.
[  732.344101][T10842] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  733.005553][T10843] syz.4.1714 (10843): drop_caches: 2
[  733.245860][T10842] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  733.314936][T10842] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  737.982476][T10886] loop0: detected capacity change from 0 to 32768
[  739.195638][T10889] sched: RT throttling activated
[  739.340988][T10888] random: crng reseeded on system resumption
[  742.058844][T10911] loop0: detected capacity change from 0 to 32768
[  743.448179][  T106] ==================================================================
[  743.456590][  T106] BUG: KASAN: use-after-free in jfs_lazycommit+0x74d/0xa70
[  743.463811][  T106] Read of size 4 at addr ffff88807ca04a94 by task jfsCommit/106
[  743.471427][  T106] 
[  743.473736][  T106] CPU: 0 PID: 106 Comm: jfsCommit Not tainted syzkaller #0
[  743.480989][  T106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  743.491123][  T106] Call Trace:
[  743.494413][  T106]  <TASK>
[  743.497327][  T106]  dump_stack_lvl+0x188/0x24e
[  743.501998][  T106]  ? __lock_acquire+0x7d10/0x7d10
[  743.507112][  T106]  ? show_regs_print_info+0x12/0x12
[  743.512421][  T106]  ? load_image+0x400/0x400
[  743.513783][T10919] loop2: detected capacity change from 0 to 2048
[  743.516938][  T106]  ? _raw_spin_lock_irqsave+0xbc/0x100
[  743.528815][  T106]  ? __virt_addr_valid+0x188/0x540
[  743.533929][  T106]  ? __virt_addr_valid+0x465/0x540
[  743.539033][  T106]  ? jfs_lazycommit+0x74d/0xa70
[  743.543880][  T106]  print_report+0xa8/0x210
[  743.548293][  T106]  kasan_report+0x10b/0x140
[  743.552810][  T106]  ? jfs_lazycommit+0x74d/0xa70
[  743.557663][  T106]  jfs_lazycommit+0x74d/0xa70
[  743.562428][  T106]  ? txFreelock+0x5a0/0x5a0
[  743.566925][  T106]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  743.572821][  T106]  ? do_task_dead+0xd0/0xd0
[  743.577340][  T106]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  743.583233][  T106]  ? __kthread_parkme+0x162/0x1c0
[  743.588263][  T106]  kthread+0x29d/0x330
[  743.592407][  T106]  ? txFreelock+0x5a0/0x5a0
[  743.596895][  T106]  ? kthread_blkcg+0xd0/0xd0
[  743.601469][  T106]  ret_from_fork+0x1f/0x30
[  743.605874][  T106]  </TASK>
[  743.608877][  T106] 
[  743.611194][  T106] Allocated by task 10911:
[  743.615598][  T106]  kasan_set_track+0x4b/0x70
[  743.620180][  T106]  __kasan_kmalloc+0x8e/0xa0
[  743.624754][  T106]  jfs_fill_super+0xd8/0xad0
[  743.629340][  T106]  mount_bdev+0x287/0x3c0
[  743.633656][  T106]  legacy_get_tree+0xe6/0x180
[  743.638352][  T106]  vfs_get_tree+0x88/0x270
[  743.642771][  T106]  do_new_mount+0x24a/0xa40
[  743.647265][  T106]  __se_sys_mount+0x2e3/0x3d0
[  743.651934][  T106]  do_syscall_64+0x4c/0xa0
[  743.656375][  T106]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  743.662257][  T106] 
[  743.664567][  T106] Freed by task 4269:
[  743.668613][  T106]  kasan_set_track+0x4b/0x70
[  743.673194][  T106]  kasan_save_free_info+0x2d/0x50
[  743.678295][  T106]  ____kasan_slab_free+0x126/0x1e0
[  743.683402][  T106]  slab_free_freelist_hook+0x131/0x1a0
[  743.688852][  T106]  __kmem_cache_free+0xb6/0x1f0
[  743.693864][  T106]  generic_shutdown_super+0x130/0x340
[  743.699238][  T106]  kill_block_super+0x7c/0xe0
[  743.703909][  T106]  deactivate_locked_super+0x93/0xf0
[  743.709383][  T106]  cleanup_mnt+0x42c/0x4b0
[  743.713788][  T106]  task_work_run+0x1d0/0x260
[  743.718382][  T106]  exit_to_user_mode_loop+0xe6/0x110
[  743.723682][  T106]  exit_to_user_mode_prepare+0xee/0x180
[  743.729220][  T106]  syscall_exit_to_user_mode+0x16/0x40
[  743.734669][  T106]  do_syscall_64+0x58/0xa0
[  743.739072][  T106]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  743.744984][  T106] 
[  743.747311][  T106] Last potentially related work creation:
[  743.753067][  T106]  kasan_save_stack+0x3a/0x60
[  743.757737][  T106]  __kasan_record_aux_stack+0xb2/0xc0
[  743.763106][  T106]  kvfree_call_rcu+0x103/0x870
[  743.767895][  T106]  inetdev_event+0x33a/0x1400
[  743.772565][  T106]  raw_notifier_call_chain+0xcb/0x160
[  743.777942][  T106]  dev_close_many+0x29f/0x400
[  743.782625][  T106]  unregister_netdevice_many+0x487/0x1930
[  743.788344][  T106]  unregister_netdevice_queue+0x324/0x370
[  743.794083][  T106]  __tun_detach+0xd4a/0x1500
[  743.798671][  T106]  tun_chr_close+0x109/0x1b0
[  743.803242][  T106]  __fput+0x22c/0x920
[  743.807289][  T106]  task_work_run+0x1d0/0x260
[  743.811948][  T106]  exit_to_user_mode_loop+0xe6/0x110
[  743.817227][  T106]  exit_to_user_mode_prepare+0xee/0x180
[  743.822763][  T106]  syscall_exit_to_user_mode+0x16/0x40
[  743.828217][  T106]  do_syscall_64+0x58/0xa0
[  743.832661][  T106]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  743.838553][  T106] 
[  743.840861][  T106] Second to last potentially related work creation:
[  743.847609][  T106]  kasan_save_stack+0x3a/0x60
[  743.852275][  T106]  __kasan_record_aux_stack+0xb2/0xc0
[  743.857713][  T106]  kvfree_call_rcu+0x103/0x870
[  743.862465][  T106]  inetdev_event+0x33a/0x1400
[  743.867135][  T106]  raw_notifier_call_chain+0xcb/0x160
[  743.872496][  T106]  __dev_notify_flags+0x158/0x300
[  743.877501][  T106]  dev_change_flags+0xe3/0x1a0
[  743.882243][  T106]  do_setlink+0xba1/0x3e60
[  743.886649][  T106]  rtnl_newlink+0x112b/0x2080
[  743.891311][  T106]  rtnetlink_rcv_msg+0x87c/0xfc0
[  743.896276][  T106]  netlink_rcv_skb+0x1fb/0x450
[  743.901024][  T106]  netlink_unicast+0x74d/0x8d0
[  743.906038][  T106]  netlink_sendmsg+0x8ad/0xbd0
[  743.910872][  T106]  ____sys_sendmsg+0x5be/0x970
[  743.915631][  T106]  ___sys_sendmsg+0x2a2/0x360
[  743.920380][  T106]  __se_sys_sendmsg+0x1bb/0x2a0
[  743.925233][  T106]  do_syscall_64+0x4c/0xa0
[  743.929831][  T106]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  743.935717][  T106] 
[  743.938022][  T106] The buggy address belongs to the object at ffff88807ca04a00
[  743.938022][  T106]  which belongs to the cache kmalloc-256 of size 256
[  743.952070][  T106] The buggy address is located 148 bytes inside of
[  743.952070][  T106]  256-byte region [ffff88807ca04a00, ffff88807ca04b00)
[  743.965418][  T106] 
[  743.967725][  T106] The buggy address belongs to the physical page:
[  743.974124][  T106] page:ffffea0001f28100 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7ca04
[  743.984255][  T106] head:ffffea0001f28100 order:1 compound_mapcount:0 compound_pincount:0
[  743.992557][  T106] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  744.000527][  T106] raw: 00fff00000010200 ffffea0001cd1400 dead000000000004 ffff888017441b40
[  744.009098][  T106] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  744.017727][  T106] page dumped because: kasan: bad access detected
[  744.024161][  T106] page_owner tracks the page as allocated
[  744.029958][  T106] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4282, tgid 4282 (syz-executor), ts 60150262496, free_ts 60085315191
[  744.051309][  T106]  post_alloc_hook+0x173/0x1a0
[  744.056083][  T106]  get_page_from_freelist+0x1a1e/0x1ab0
[  744.061711][  T106]  __alloc_pages+0x1ec/0x4f0
[  744.066293][  T106]  alloc_slab_page+0x5d/0x160
[  744.071148][  T106]  new_slab+0x87/0x2c0
[  744.075206][  T106]  ___slab_alloc+0xbc6/0x1240
[  744.079895][  T106]  __kmem_cache_alloc_node+0x1a0/0x260
[  744.085346][  T106]  kmalloc_trace+0x26/0xe0
[  744.089847][  T106]  ____ip_mc_inc_group+0x2ad/0xac0
[  744.094954][  T106]  ip_mc_up+0x121/0x2f0
[  744.099101][  T106]  inetdev_event+0xe67/0x1400
[  744.103761][  T106]  raw_notifier_call_chain+0xcb/0x160
[  744.109232][  T106]  dev_open+0x106/0x180
[  744.113378][  T106]  team_add_slave+0x6e5/0x2870
[  744.118124][  T106]  do_setlink+0xd3a/0x3e60
[  744.122530][  T106]  rtnl_newlink+0x177c/0x2080
[  744.127199][  T106] page last free stack trace:
[  744.131956][  T106]  free_unref_page_prepare+0x8b4/0x9a0
[  744.137478][  T106]  free_unref_page+0x2e/0x3f0
[  744.142188][  T106]  __unfreeze_partials+0x1a5/0x200
[  744.147309][  T106]  put_cpu_partial+0x17c/0x250
[  744.152063][  T106]  qlist_free_all+0x76/0xe0
[  744.156656][  T106]  kasan_quarantine_reduce+0x144/0x160
[  744.162106][  T106]  __kasan_slab_alloc+0x1e/0x80
[  744.166982][  T106]  slab_post_alloc_hook+0x4b/0x480
[  744.172089][  T106]  __kmem_cache_alloc_node+0x140/0x260
[  744.177545][  T106]  kmalloc_trace+0x26/0xe0
[  744.181952][  T106]  netdevice_event+0x325/0x900
[  744.186709][  T106]  raw_notifier_call_chain+0xcb/0x160
[  744.192148][  T106]  dev_open+0x106/0x180
[  744.196369][  T106]  team_add_slave+0x6e5/0x2870
[  744.201117][  T106]  do_setlink+0xd3a/0x3e60
[  744.205555][  T106]  rtnl_newlink+0x177c/0x2080
[  744.210215][  T106] 
[  744.212518][  T106] Memory state around the buggy address:
[  744.218133][  T106]  ffff88807ca04980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  744.226269][  T106]  ffff88807ca04a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  744.234330][  T106] >ffff88807ca04a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  744.242375][  T106]                          ^
[  744.246942][  T106]  ffff88807ca04b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  744.255067][  T106]  ffff88807ca04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  744.263111][  T106] ==================================================================
[  744.271246][  T106] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  744.278457][  T106] CPU: 0 PID: 106 Comm: jfsCommit Not tainted syzkaller #0
[  744.285630][  T106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  744.295664][  T106] Call Trace:
[  744.298923][  T106]  <TASK>
[  744.301834][  T106]  dump_stack_lvl+0x188/0x24e
[  744.306496][  T106]  ? memcpy+0x3c/0x60
[  744.310458][  T106]  ? show_regs_print_info+0x12/0x12
[  744.315751][  T106]  ? load_image+0x400/0x400
[  744.320256][  T106]  panic+0x2e5/0x730
[  744.324141][  T106]  ? __lock_acquire+0x7d10/0x7d10
[  744.329157][  T106]  ? bpf_jit_dump+0xd0/0xd0
[  744.333675][  T106]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  744.339728][  T106]  ? _raw_spin_unlock+0x40/0x40
[  744.344562][  T106]  check_panic_on_warn+0x80/0xa0
[  744.349491][  T106]  ? jfs_lazycommit+0x74d/0xa70
[  744.354352][  T106]  end_report+0x66/0x110
[  744.358598][  T106]  kasan_report+0x118/0x140
[  744.363086][  T106]  ? jfs_lazycommit+0x74d/0xa70
[  744.367917][  T106]  jfs_lazycommit+0x74d/0xa70
[  744.372580][  T106]  ? txFreelock+0x5a0/0x5a0
[  744.377062][  T106]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  744.382935][  T106]  ? do_task_dead+0xd0/0xd0
[  744.387456][  T106]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  744.393331][  T106]  ? __kthread_parkme+0x162/0x1c0
[  744.398344][  T106]  kthread+0x29d/0x330
[  744.402406][  T106]  ? txFreelock+0x5a0/0x5a0
[  744.406896][  T106]  ? kthread_blkcg+0xd0/0xd0
[  744.411640][  T106]  ret_from_fork+0x1f/0x30
[  744.416097][  T106]  </TASK>
[  744.419608][  T106] Kernel Offset: disabled
[  744.423965][  T106] Rebooting in 86400 seconds..