last executing test programs:

7m44.900053709s ago: executing program 2 (id=722):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4001, 0xb, @loopback, 0x9}, 0x1c)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x18, r2, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x4}]}, 0x18}}, 0x0)

7m43.914965721s ago: executing program 2 (id=726):
mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x9c8efa81221ef395)

7m43.745410706s ago: executing program 2 (id=729):
r0 = syz_open_dev$admmidi(&(0x7f0000000080), 0x2, 0x40002)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x40045730, &(0x7f0000001080))

7m43.66042231s ago: executing program 2 (id=734):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000440)={[{@resuid}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x1}}, {@dioread_lock}, {@grpjquota}, {@quota}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@minixdf}]}, 0x1, 0x553, &(0x7f0000000a40)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

7m43.508268297s ago: executing program 2 (id=736):
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000017000000bfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff0000000015040000000002000f030000000000003404000001ed0a0014040000170000801c400000000000007b0a00fe000000002c04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efefb202ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff0c710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf1dbf6d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040bef29b66e3858d051c096e37c4f46010400000000c3da29faf75ddd1aa96960bca97af13382cb881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d0cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090d030000003acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931481747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885769754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8269b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347932a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd23834a50d7eb8e327fb5db12cbd6a9efe8e671c4f251fe3bf440cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa2c910fb8de24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe91c921ac1476027772c87d1767e31a3446cd57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c828c02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007f00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d05d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b530500d8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb6f5137bd9b075f1488d22230592a79000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462aa2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783fefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9be0bdd37220e316f2297743dd4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd08000000e843591d2618e2d2cdc7081c8fafffe9c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119d2a673bdae05779208409e6cf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8a9d3374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21d24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed9eed636338f1835fc957729d63dc1bfc7b772cbe536c2d3aff27c22f9a2f876512616a5bdaf22a16e19d1b5f52abb40b433983d0cf50234de659c1a397ce901000000caae1bcfdce33dae6adc260321702f239c25ab181390e7dc8c1e5b1cf3b4fef1cd5c44a89b5e5d8314e02f4673ded90bce9a4025b0232eec970f7aa17f175a14e8dc8de9bac0006b98a8283eee5665f3aede28228e0468dbcf8b776fe4c629d3af183a7cba5adf77f23d31f9d5a183c0da4e95f75b1496a97a46a06e4e1f5a8438d49dbd493ba2482c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffdb9}, 0x48)

7m43.058242692s ago: executing program 2 (id=738):
syz_mount_image$ocfs2(&(0x7f0000000380), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000680)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6e6f757365725f78617474722c636f686572656e63793d66756c6c2c646174613d77726974656261636b2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030312c61636c2c6e6f61636c2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030302c00a89f6b8d5800aa954e6c8735dcd52921ce08462fb4ce7c1600883251443ac332f4d17b77d29867e4321610936dbc5963e9fb59a032c92e32ebffc3b739951e866d52bff6bd63136a656222062a8eea0cf97480bc8ac6c0e8a2aa38ffa8fa758cd54b9ef39a7f536d7b85173a83c34d78e210ecf4d040817bbe989e9eb015acb84bb90577b8b405a48292eeca69f5275cb7b7027d4bf643bd69b034c0221a30"], 0x1, 0x4444, &(0x7f0000004e00)="$eJzs3b9PHFceAPA3Az5jn+0DnwufdNKtdJbudHdC4OoSLAVjbAw2ceTEVpRmvcDaJllYC5YohQvSWUoVKUWUwkqkdFQWRVrnT0iT0qktJUWaSJGcEO3uLOzMsmKDWAjJ51PwmPcbvjNv3xa7L05U7s8v5+aXc4XFXHn27vL53Lvl0spCMcT7ZNvxj+zf+HSmG/fJQd97f2Q3Ll15/fb5EL6c+/r5xsbGRqjqrf44GrKGm37/4fuHs81pQ5xpU+23paM99VYI4UzLvKp6QghvfhFCFEK4mOSNJemJEMLJUC+7/fCDO7k9ms2TZ8UL+RfTj9ZHzk2tPV5v/7dHIXxS+tv/7i18+8+ekW/+s0fDAwAAAAAAAAAAAAAAAABwyE3cvHHrtaHh8DQKvWtR6+d1J5K03edjN/bMP0Lo7/7fCwAAAAAAAAAAAAAAAAAAAL9FW5//z0Wnt/n8/3iSjrZpv/FK9+dI90y+emP88tBwcv571FL+/yTru4s9YWCbc9+z579fzLTf/vz31nF2qzG/xrj9IYoHU9dxPDgYwmfJwe9no+Nxqbxc+e/d8sri3J5N49BKx79+en8qOsmB/p3GfyzTf/fP//9ry91Uvb6zd7fY71o6/j1t633+ftRR/C9l2u1H/Nm9dPx7a3nHmiuM1heAavw/7N05/uOZ/rsV/1MhhFxUnWsutQJU9zDV/Hb7FdLS8T9Sy0stnck/st3z/2MtjXob1S9n+j+o9X81+0LEttLx/1Mtry9VY+v5H4h3fv6vZPo/iPhX57/q9b8j6fgfrWfWn+bVpErtP9np+j+R6X/H+K/ubt634mSep6LUHbAW1fPbfV8daen497WUb73/izva/13NtN+v93+NcRvv/xrL/7+j+vs/tpeO/7G29Tp9/icz7bq9/o/W9n/sVjr+x2t56b1z/Us5O43/VKb/bsW/tivpa8R/az35+Wg9/1P7v46k4//nembcXKP+Al3b/0Xt9v9brmX6P4j9X3X+q3FrzZ+6O5FDKR3/E23rVeP/VQev/9cz7bof/xCG7PV3LR3/k23r1Z7/vp3jP918sdr9+P+rm50DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAJjSdofongwdR3Hg4MhXEquz4bj0UxhLj9TKs++sxzCeJKfC6eje6XyTKGUn18szxXzhVKpPBvC5aT8TOiLlkvlSn6h8ODKZl/HovvFwlJlpliohBAmkvy/h5ONvmbmKwuFByGEq5tlf4nLSw/uFxbzc/NLLw8NDQ2Fyc05DETF9yrFxUp99HppCFObbfujpsnViq9tzuVE9HZ5ZWmxUKrlX29qUyrPFkpNbaaTso/CQFRZWlmcLVSK+VL5XmO8gzSapOOTN9+4eX24pfxOVE/H9ndaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPxKT0de+jiE0Fu/ikMIo41fou3qP3lWvJB/Mf1ofeTc1Nrj9eft6gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/sAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYVdOkaJGArCADzvKaidx7AKSWcbUUQLI4In0GN4GD2Kl/AOFha2WywLuy+wZBM2xW73fc1AfjIz8AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmuX/pXp/rJiLF+fIs4vv953c7fyz182b8/5M9/U8PtCfH8fDU3d7VTXn3tJNfl09/bV6ni/+Ptxipva/BnQzvaaOfczG519S9Te3Xz72MlKuIaEt+lXKuqnm9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBU7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZR9G0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CsAAP//ngshsA==")

7m42.839957951s ago: executing program 32 (id=738):
syz_mount_image$ocfs2(&(0x7f0000000380), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000680)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6e6f757365725f78617474722c636f686572656e63793d66756c6c2c646174613d77726974656261636b2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030312c61636c2c6e6f61636c2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030302c00a89f6b8d5800aa954e6c8735dcd52921ce08462fb4ce7c1600883251443ac332f4d17b77d29867e4321610936dbc5963e9fb59a032c92e32ebffc3b739951e866d52bff6bd63136a656222062a8eea0cf97480bc8ac6c0e8a2aa38ffa8fa758cd54b9ef39a7f536d7b85173a83c34d78e210ecf4d040817bbe989e9eb015acb84bb90577b8b405a48292eeca69f5275cb7b7027d4bf643bd69b034c0221a30"], 0x1, 0x4444, &(0x7f0000004e00)="$eJzs3b9PHFceAPA3Az5jn+0DnwufdNKtdJbudHdC4OoSLAVjbAw2ceTEVpRmvcDaJllYC5YohQvSWUoVKUWUwkqkdFQWRVrnT0iT0qktJUWaSJGcEO3uLOzMsmKDWAjJ51PwmPcbvjNv3xa7L05U7s8v5+aXc4XFXHn27vL53Lvl0spCMcT7ZNvxj+zf+HSmG/fJQd97f2Q3Ll15/fb5EL6c+/r5xsbGRqjqrf44GrKGm37/4fuHs81pQ5xpU+23paM99VYI4UzLvKp6QghvfhFCFEK4mOSNJemJEMLJUC+7/fCDO7k9ms2TZ8UL+RfTj9ZHzk2tPV5v/7dHIXxS+tv/7i18+8+ekW/+s0fDAwAAAAAAAAAAAAAAAABwyE3cvHHrtaHh8DQKvWtR6+d1J5K03edjN/bMP0Lo7/7fCwAAAAAAAAAAAAAAAAAAAL9FW5//z0Wnt/n8/3iSjrZpv/FK9+dI90y+emP88tBwcv571FL+/yTru4s9YWCbc9+z579fzLTf/vz31nF2qzG/xrj9IYoHU9dxPDgYwmfJwe9no+Nxqbxc+e/d8sri3J5N49BKx79+en8qOsmB/p3GfyzTf/fP//9ry91Uvb6zd7fY71o6/j1t633+ftRR/C9l2u1H/Nm9dPx7a3nHmiuM1heAavw/7N05/uOZ/rsV/1MhhFxUnWsutQJU9zDV/Hb7FdLS8T9Sy0stnck/st3z/2MtjXob1S9n+j+o9X81+0LEttLx/1Mtry9VY+v5H4h3fv6vZPo/iPhX57/q9b8j6fgfrWfWn+bVpErtP9np+j+R6X/H+K/ubt634mSep6LUHbAW1fPbfV8daen497WUb73/izva/13NtN+v93+NcRvv/xrL/7+j+vs/tpeO/7G29Tp9/icz7bq9/o/W9n/sVjr+x2t56b1z/Us5O43/VKb/bsW/tivpa8R/az35+Wg9/1P7v46k4//nembcXKP+Al3b/0Xt9v9brmX6P4j9X3X+q3FrzZ+6O5FDKR3/E23rVeP/VQev/9cz7bof/xCG7PV3LR3/k23r1Z7/vp3jP918sdr9+P+rm50DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAJjSdofongwdR3Hg4MhXEquz4bj0UxhLj9TKs++sxzCeJKfC6eje6XyTKGUn18szxXzhVKpPBvC5aT8TOiLlkvlSn6h8ODKZl/HovvFwlJlpliohBAmkvy/h5ONvmbmKwuFByGEq5tlf4nLSw/uFxbzc/NLLw8NDQ2Fyc05DETF9yrFxUp99HppCFObbfujpsnViq9tzuVE9HZ5ZWmxUKrlX29qUyrPFkpNbaaTso/CQFRZWlmcLVSK+VL5XmO8gzSapOOTN9+4eX24pfxOVE/H9ndaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPxKT0de+jiE0Fu/ikMIo41fou3qP3lWvJB/Mf1ofeTc1Nrj9eft6gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/sAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYVdOkaJGArCADzvKaidx7AKSWcbUUQLI4In0GN4GD2Kl/AOFha2WywLuy+wZBM2xW73fc1AfjIz8AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmuX/pXp/rJiLF+fIs4vv953c7fyz182b8/5M9/U8PtCfH8fDU3d7VTXn3tJNfl09/bV6ni/+Ptxipva/BnQzvaaOfczG519S9Te3Xz72MlKuIaEt+lXKuqnm9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBU7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZR9G0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CsAAP//ngshsA==")

600.974726ms ago: executing program 1 (id=6732):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="340000001000010029bd7000fcdbdf2500000000", @ANYRES32=r0, @ANYBLOB="1a8904000a00000008001b00000000000a003f00aa40"], 0x34}}, 0x6000000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xcdb281c6bf69a511}, 0x4800)

500.953065ms ago: executing program 1 (id=6733):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0xff05, 0x8000000, 0x25dfdbfc, {0x0, 0x0, 0x4a00, 0x0, 0x776f}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x3ff}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4091}, 0x20000840)

409.983ms ago: executing program 3 (id=6736):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000140)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns\x00')
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents64(r2, &(0x7f0000001f80)=""/4082, 0xff2)

330.965962ms ago: executing program 3 (id=6737):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x2}, [@NFT_MSG_NEWSET={0x118, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2c}, @NFTA_SET_DESC={0xd4, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_DESC_CONCAT={0xc8, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xa}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x764f15e2}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0xfffffffffffffdeb}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x28}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xcb}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}]}]}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa4}]}], {0x14, 0x10}}, 0x140}}, 0x0)

330.680128ms ago: executing program 3 (id=6738):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000f9ffff030000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0xbf, &(0x7f00000020c0)=""/191}, 0x80)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2}, 0x10)
syz_emit_ethernet(0x10c6, &(0x7f0000004080)=ANY=[], 0x0)

231.073283ms ago: executing program 0 (id=6739):
r0 = socket$netlink(0x10, 0x3, 0xa)
sendmsg$nl_route_sched(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001040)=@newqdisc={0x12, 0x24, 0x1, 0x70bd29, 0x0, {0x60, 0x0, 0x0, 0x0, {0xb, 0x3}, {0xffff, 0xffff}, {0x3}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}, @TCA_INGRESS_BLOCK={0x0, 0xd, 0x9}, @TCA_STAB={0x0, 0x8, 0x0, 0x1, [{{0x0, 0x1, {0xa, 0x98, 0x4, 0x8, 0x0, 0x10000, 0x80000001}}, {0x0, 0x2, [0x7, 0x9]}}, {{0x0, 0x1, {0x11, 0x5, 0x4, 0xfa, 0x1, 0x3, 0x6}}, {0x0, 0x2, [0xb, 0x5, 0x2]}}]}, @TCA_STAB={0x0, 0x8, 0x0, 0x1, [{{0x0, 0x1, {0xa7, 0x5, 0x5ee, 0x8000, 0x0, 0x8}}, {0x0, 0x2, [0x40, 0x10a, 0x3, 0x9, 0xce6c, 0x0, 0x4]}}, {{0x0, 0x1, {0x7f, 0x7, 0x74c3, 0x8, 0x2, 0x7, 0x7ff}}, {0x0, 0x2, [0x38, 0x9, 0x25a, 0xffff, 0x7, 0x400, 0x2, 0x800, 0x19]}}, {{0x0, 0x1, {0x6, 0x6, 0x4, 0x4, 0x1, 0x101, 0x1}}, {0x0, 0x2, [0x1, 0x4]}}, {{0x0, 0x1, {0x4, 0x9, 0x1fd, 0x80000001, 0x2, 0x0, 0x9}}, {0x0, 0x2, [0x3]}}, {{0x0, 0x1, {0x5, 0x5, 0x1, 0x8f1, 0x0, 0x4}}, {0x0, 0x2, [0x401, 0xfbb, 0xb10c, 0x6, 0x0, 0x4]}}, {{0x0, 0x1, {0xf8, 0x9, 0x5, 0x8, 0x2, 0xe8, 0x7}}, {0x0, 0x2, [0x7f, 0x5, 0x3ff, 0x8, 0x8, 0x3, 0x9, 0x4, 0x1ff]}}, {{0x0, 0x1, {0x7, 0x7, 0x9, 0x80000000, 0x1, 0x0, 0x1e0000}}, {0x0, 0x2, [0x7, 0xff00, 0x0, 0x885]}}]}, @TCA_STAB={0x0, 0x8, 0x0, 0x1, [{{0x0, 0x1, {0x4, 0x6, 0x65df, 0x9, 0x2, 0x8, 0x9}}, {0x0, 0x2, [0x1, 0x0]}}, {{0x0, 0x1, {0x0, 0xc8, 0x2000, 0xc940, 0x0, 0x0, 0x7}}, {0x0, 0x2, [0x9, 0xf85a, 0x4, 0x80]}}, {{0x0, 0x1, {0x6, 0xfc, 0x0, 0xfffffffb, 0x2, 0x80000000, 0x8001}}, {0x0, 0x2, [0x8000, 0x2, 0x7ff, 0xeded, 0x6, 0xbab, 0x400, 0x1, 0x8f77, 0x1]}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040883}, 0x3000c81c)

181.100451ms ago: executing program 0 (id=6740):
unshare(0x20000400)
r0 = socket$inet(0x2, 0x2, 0x1)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e1e, @rand_addr=0x64010102}, 0x10)

180.904257ms ago: executing program 0 (id=6741):
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x23, &(0x7f0000000040), &(0x7f0000000200)=0x38)

110.503935ms ago: executing program 3 (id=6742):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2aa40, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000280)={'pim6reg1\x00', 0x2})
ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000040)={0x0, 0x9, [@random="883ed9da22c6", @local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}, @multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x14}, @empty, @broadcast, @multicast]})

110.085867ms ago: executing program 1 (id=6743):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
madvise(&(0x7f00004c6000/0x3000)=nil, 0x3000, 0x16)

109.888598ms ago: executing program 0 (id=6744):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000180)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @objref={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_OBJREF_SET_SREG={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_OBJREF_SET_NAME={0x9, 0x4, 'syz2\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x80}, 0x1, 0x0, 0x0, 0x4008091}, 0x24000000)

49.933234ms ago: executing program 3 (id=6745):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newtclass={0x30, 0x28, 0x200, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x10, 0xffff}, {0xfff2, 0x7}, {0x9, 0xfff1}}, [@tclass_kind_options=@c_qfq={{0x8}, {0x4}}]}, 0x30}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="340000001100050000000000feffffff07000000", @ANYRES32=r1, @ANYBLOB="003000000000000014001a80100004800c000980"], 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0)

49.622355ms ago: executing program 0 (id=6746):
r0 = syz_open_dev$media(&(0x7f0000000080), 0x5, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000280)=ANY=[@ANYBLOB="0180c20000001704b45adbde8100000008"], 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

49.338627ms ago: executing program 1 (id=6747):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, 0x0, &(0x7f0000000300))

49.138384ms ago: executing program 3 (id=6748):
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000200)={0x0, 0xe6d8, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$xdp(0x2c, 0x3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x40012020, 0x1, {0x2}})
io_uring_enter(r0, 0x47f6, 0x0, 0x4, 0x0, 0x0)

812.358µs ago: executing program 1 (id=6749):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x52}, [@ldst={0x7}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)

505.75µs ago: executing program 0 (id=6750):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}, 0x1, 0x0, 0x0, 0x400c000}, 0x0)
sendmsg$NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x24, r3, 0x1, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_WIPHY_FREQ={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x448d0)

0s ago: executing program 1 (id=6751):
bpf$PROG_LOAD(0x5, &(0x7f0000002380)={0x1b, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}, 0x94)

kernel console output (not intermixed with test programs):

653][T11140] loop3: detected capacity change from 0 to 512
[  267.800918][T11140] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  267.890404][T11142] loop3: detected capacity change from 0 to 2048
[  267.908495][T11142] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  268.404944][T11154] loop3: detected capacity change from 0 to 32768
[  268.435542][T11154] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2148 (11154)
[  268.504629][T11154] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  268.522493][T11154] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  268.649458][T11154] BTRFS info (device loop3): enabling ssd optimizations
[  268.667464][T11154] BTRFS info (device loop3): turning on async discard
[  268.678147][T11154] BTRFS info (device loop3): enabling free space tree
[  269.072653][ T7679] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  269.161568][T11187] netlink: 'syz.0.2156': attribute type 21 has an invalid length.
[  269.164667][T11187] netlink: 'syz.0.2156': attribute type 6 has an invalid length.
[  269.186033][T11187] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2156'.
[  269.204331][T11187] netlink: 'syz.0.2156': attribute type 21 has an invalid length.
[  269.207277][T11187] netlink: 'syz.0.2156': attribute type 6 has an invalid length.
[  269.210134][T11187] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2156'.
[  269.298343][T11189] netlink: 'syz.1.2157': attribute type 3 has an invalid length.
[  269.488386][T11203] hsr0: entered promiscuous mode
[  269.585832][T11202] loop3: detected capacity change from 0 to 4096
[  270.055442][T11202] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  270.172898][T11202] ntfs3(loop3): ino=3, ntfs_set_state failed, -22.
[  270.188182][T11202] ntfs3(loop3): Failed to initialize $Extend/$Reparse.
[  270.329030][T11202] ntfs3(loop3): ino=1e, mi_enum_attr
[  270.333264][T11202] ntfs3(loop3): ino=1e, mi_enum_attr
[  270.401288][T11202] ntfs3(loop3): ino=1e, mi_enum_attr
[  270.503368][ T7047] ntfs3(loop3): ino=3, ntfs3_write_inode failed, -22.
[  270.507868][ T7679] ntfs3(loop3): ino=3, ntfs_set_state failed, -22.
[  270.510842][ T7679] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  270.518719][ T7679] ntfs3(loop3): ino=3, ntfs_set_state failed, -22.
[  270.889075][T11216] loop3: detected capacity change from 0 to 164
[  270.908221][T11216] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  270.950047][T11216] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  270.962480][T11216] Symlink component flag not implemented
[  270.965038][T11216] Symlink component flag not implemented
[  270.974426][T11216] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  270.985836][T11216] rock: directory entry would overflow storage
[  270.989675][T11216] rock: sig=0x4f50, size=4, remaining=3
[  270.992360][T11216] iso9660: Corrupted directory entry in block 4 of inode 1792
[  271.003447][T11216] Symlink component flag not implemented (7)
[  271.012323][T11216] Symlink component flag not implemented (116)
[  271.238741][T11197] hsr0: left promiscuous mode
[  271.373285][T11228] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2172'.
[  272.035042][T11270] netlink: 'syz.1.2190': attribute type 1 has an invalid length.
[  272.061456][T11270] bond3: entered promiscuous mode
[  272.063022][T11270] bond3: entered allmulticast mode
[  272.065181][T11270] 8021q: adding VLAN 0 to HW filter on device bond3
[  272.079753][T11270] bridge2: entered promiscuous mode
[  272.082152][T11270] bridge2: entered allmulticast mode
[  272.084894][T11270] bond3: (slave bridge2): Enslaving as a backup interface with an up link
[  272.247166][ T5957] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  272.317975][ T5977] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  272.377750][ T5957] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  272.467387][ T5977] usb 4-1: Using ep0 maxpacket: 32
[  272.471423][ T5977] usb 4-1: config 252 has an invalid interface number: 97 but max is 0
[  272.474603][ T5977] usb 4-1: config 252 has no interface number 0
[  272.477748][ T5977] usb 4-1: config 252 interface 97 has no altsetting 0
[  272.482553][ T5977] usb 4-1: New USB device found, idVendor=0a5c, idProduct=2033, bcdDevice=16.6d
[  272.486096][ T5977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.493555][ T5977] usb 4-1: Product: syz
[  272.495258][ T5977] usb 4-1: Manufacturer: syz
[  272.497979][ T5977] usb 4-1: SerialNumber: syz
[  272.721655][ T5977] usb 4-1: USB disconnect, device number 14
[  273.279373][T11305] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2206'.
[  273.282977][T11305] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2206'.
[  274.393411][   T33] audit: type=1326 audit(1763486388.589:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11341 comm="syz.1.2222" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  274.402533][   T33] audit: type=1326 audit(1763486388.589:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11341 comm="syz.1.2222" exe="/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  274.411764][   T33] audit: type=1326 audit(1763486388.589:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11341 comm="syz.1.2222" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  274.421110][   T33] audit: type=1326 audit(1763486388.589:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11341 comm="syz.1.2222" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  274.435749][   T33] audit: type=1326 audit(1763486388.589:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11341 comm="syz.1.2222" exe="/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  274.444869][   T33] audit: type=1326 audit(1763486388.589:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11341 comm="syz.1.2222" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  274.453518][   T33] audit: type=1326 audit(1763486388.589:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11341 comm="syz.1.2222" exe="/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  274.462151][   T33] audit: type=1326 audit(1763486388.589:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11341 comm="syz.1.2222" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  274.471272][   T33] audit: type=1326 audit(1763486388.589:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11341 comm="syz.1.2222" exe="/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  274.482373][   T33] audit: type=1326 audit(1763486388.589:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11341 comm="syz.1.2222" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  274.700366][T11351] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2225'.
[  274.927123][ T5977] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  275.079441][ T5977] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.083770][ T5977] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.088157][ T5977] usb 4-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.00
[  275.091787][ T5977] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.098029][ T5977] usb 4-1: config 0 descriptor??
[  275.512340][ T5977] logitech 0003:046D:C623.000C: unknown main item tag 0x0
[  275.519990][ T5977] logitech 0003:046D:C623.000C: hidraw0: USB HID v0.00 Device [HID 046d:c623] on usb-dummy_hcd.3-1/input0
[  275.579577][T11367] (syz.1.2232,11367,0):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[  275.713289][ T5976] usb 4-1: USB disconnect, device number 15
[  276.503848][T11396] trusted_key: encrypted_key: insufficient parameters specified
[  277.771035][T11419] 9pnet_fd: Insufficient options for proto=fd
[  278.916922][ T5977] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  278.971434][T11467] netlink: 6032 bytes leftover after parsing attributes in process `syz.1.2277'.
[  279.079840][ T5977] usb 4-1: Using ep0 maxpacket: 8
[  279.084214][ T5977] usb 4-1: unable to get BOS descriptor or descriptor too short
[  279.089384][ T5977] usb 4-1: config 7 has an invalid interface number: 213 but max is 0
[  279.092602][ T5977] usb 4-1: config 7 has no interface number 0
[  279.106877][ T5977] usb 4-1: config 7 interface 213 altsetting 15 bulk endpoint 0x8F has invalid maxpacket 16
[  279.111196][ T5977] usb 4-1: config 7 interface 213 altsetting 15 endpoint 0xD has an invalid bInterval 128, changing to 7
[  279.119745][ T5977] usb 4-1: config 7 interface 213 altsetting 15 endpoint 0xD has invalid wMaxPacketSize 0
[  279.123615][ T5977] usb 4-1: config 7 interface 213 altsetting 15 endpoint 0xC has invalid maxpacket 1023, setting to 64
[  279.128947][ T5977] usb 4-1: config 7 interface 213 has no altsetting 0
[  279.135237][ T5977] usb 4-1: language id specifier not provided by device, defaulting to English
[  279.143844][ T5977] usb 4-1: New USB device found, idVendor=15e8, idProduct=9100, bcdDevice=61.61
[  279.152364][ T5977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.155603][ T5977] usb 4-1: Product: syz
[  279.162031][ T5977] usb 4-1: Manufacturer: syz
[  279.164174][ T5977] usb 4-1: SerialNumber: syz
[  279.170790][T11460] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  279.476490][ T5977] pegasus 4-1:7.213: probe with driver pegasus failed with error -71
[  279.683479][ T5977] usb 4-1: USB disconnect, device number 16
[  280.057136][T11485] CIFS: iocharset name too long
[  280.296582][T11495] netlink: 'syz.1.2290': attribute type 1 has an invalid length.
[  280.304742][T11487] loop3: detected capacity change from 0 to 32768
[  280.307142][T11495] nbd: couldn't find a device at index 393224
[  280.326003][T11487] btrfs: Unknown parameter 'ref_verify'
[  280.371322][T11501] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2291'.
[  280.374804][T11501] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2291'.
[  281.849125][ T5976] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[  281.858036][ T5976] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  283.082836][T11564] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2318'.
[  283.198032][ T5977] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  283.348992][ T5977] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  283.352741][ T5977] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[  283.360835][ T5977] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  283.364418][ T5977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.368311][ T5977] usb 4-1: Product: syz
[  283.370061][ T5977] usb 4-1: Manufacturer: syz
[  283.371960][ T5977] usb 4-1: SerialNumber: syz
[  283.376186][ T5977] usb 4-1: config 0 descriptor??
[  283.622360][ T5977] usb 4-1: USB disconnect, device number 17
[  283.655702][ T8374] udevd[8374]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  284.902005][T11604] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2337'.
[  285.054110][T11611] loop3: detected capacity change from 0 to 128
[  285.058884][T11611] hpfs: 
[  285.058884][T11611] HPFS filesystem options:
[  285.058884][T11611]       help              do not mount and display this text
[  285.058884][T11611]       uid=xxx           set uid of files that don't have uid specified in eas
[  285.058884][T11611]       gid=xxx           set gid of files that don't have gid specified in eas
[  285.058884][T11611]       umask=xxx         set mode of files that don't have mode specified in eas
[  285.058884][T11611]       case=lower        lowercase all files
[  285.058884][T11611]       case=asis         do not lowercase files (default)
[  285.058884][T11611]       check=none        no fs checks - kernel may crash on corrupted filesystem
[  285.058884][T11611]       check=normal      do some checks - it should not crash (default)
[  285.058884][T11611]       check=strict      do extra time-consuming checks, used for debugging
[  285.058884][T11611]       errors=continue   continue on errors
[  285.058884][T11611]       errors=remount-ro remount read-only if errors found (default)
[  285.058884][T11611]       errors=panic      panic on errors
[  285.058884][T11611]       chkdsk=no         do not mark fs for chkdsking even if there were errors
[  285.058884][T11611]       chkdsk=errors     mark fs dirty if errors found (default)
[  285.058884][T11611]       chkdsk=always     always mark fs dirty - used for debugging
[  285.058884][T11611]       e
[  285.317232][ T5977] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  285.516879][ T5977] usb 4-1: Using ep0 maxpacket: 32
[  285.521301][ T5977] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  285.524964][ T5977] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.531931][ T5977] usb 4-1: config 0 descriptor??
[  285.539856][ T5977] gspca_main: sunplus-2.14.0 probing 041e:400b
[  285.741547][ T5977] gspca_sunplus: reg_w_riv err -71
[  285.743540][ T5977] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  285.753082][ T5977] usb 4-1: USB disconnect, device number 18
[  286.364022][T11630] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.2348'.
[  287.748832][T11677] netlink: 'syz.3.2368': attribute type 4 has an invalid length.
[  288.079822][T11695] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2378'.
[  288.083472][T11695] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2378'.
[  288.096862][T11695] netlink: 'syz.1.2378': attribute type 6 has an invalid length.
[  288.109863][T11695] netlink: 'syz.1.2378': attribute type 5 has an invalid length.
[  289.889790][T11716] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  289.889790][T11716]    program syz.0.2383 not setting count and/or reply_len properly
[  291.357812][T11780] loop3: detected capacity change from 0 to 40427
[  291.364918][T11780] F2FS-fs (loop3): invalid crc value
[  291.402720][T11780] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  291.407985][T11780] F2FS-fs (loop3): Start checkpoint disabled!
[  291.414022][T11780] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[  291.417420][T11780] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  291.489305][   T33] kauditd_printk_skb: 1 callbacks suppressed
[  291.489317][   T33] audit: type=1800 audit(1763486405.689:85): pid=11783 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2415" name="bus" dev="loop3" ino=10 res=0 errno=0
[  291.521872][T11783] bio_check_eod: 72 callbacks suppressed
[  291.521889][T11783] syz.3.2415: attempt to access beyond end of device
[  291.521889][T11783] loop3: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  291.542321][T11783] syz.3.2415: attempt to access beyond end of device
[  291.542321][T11783] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  291.580125][T11783] syz.3.2415: attempt to access beyond end of device
[  291.580125][T11783] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  291.585586][T11783] syz.3.2415: attempt to access beyond end of device
[  291.585586][T11783] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  291.679570][T11783] syz.3.2415: attempt to access beyond end of device
[  291.679570][T11783] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  291.684471][T11783] syz.3.2415: attempt to access beyond end of device
[  291.684471][T11783] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  291.720190][T11783] syz.3.2415: attempt to access beyond end of device
[  291.720190][T11783] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  291.748366][T11783] syz.3.2415: attempt to access beyond end of device
[  291.748366][T11783] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  291.764439][T11783] syz.3.2415: attempt to access beyond end of device
[  291.764439][T11783] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  291.773145][T11787] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  291.803107][T11783] syz.3.2415: attempt to access beyond end of device
[  291.803107][T11783] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  293.797561][   T26] CPU: 0 UID: 0 PID: 26 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) 
[  293.797589][   T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  293.797598][   T26] Workqueue: writeback wb_workfn (flush-7:3)
[  293.797633][   T26] Call Trace:
[  293.797641][   T26]  <TASK>
[  293.797648][   T26]  dump_stack_lvl+0x189/0x250
[  293.797672][   T26]  ? __pfx_dump_stack_lvl+0x10/0x10
[  293.797688][   T26]  ? __pfx_queue_work_on+0x10/0x10
[  293.797702][   T26]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  293.797720][   T26]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  293.797745][   T26]  f2fs_handle_critical_error+0x37c/0x540
[  293.797769][   T26]  f2fs_write_end_io+0x886/0xb60
[  293.797802][   T26]  __submit_merged_bio+0x27a/0x6a0
[  293.797822][   T26]  __submit_merged_write_cond+0x255/0x530
[  293.797850][   T26]  f2fs_write_data_pages+0x261d/0x3000
[  293.797920][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  293.797949][   T26]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  293.797996][   T26]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  293.798020][   T26]  ? trace_f2fs_writepages+0x7f/0x200
[  293.798034][   T26]  ? f2fs_write_node_pages+0x478/0x6e0
[  293.798057][   T26]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  293.798081][   T26]  ? __lock_acquire+0xab9/0xd20
[  293.798112][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  293.798129][   T26]  do_writepages+0x32e/0x550
[  293.798150][   T26]  ? reacquire_held_locks+0x127/0x1d0
[  293.798163][   T26]  ? writeback_sb_inodes+0x384/0x1010
[  293.798188][   T26]  __writeback_single_inode+0x145/0xff0
[  293.798202][   T26]  ? do_raw_spin_unlock+0x4d/0x240
[  293.798224][   T26]  writeback_sb_inodes+0x6c7/0x1010
[  293.798244][   T26]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  293.798274][   T26]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  293.798325][   T26]  ? rcu_is_watching+0x15/0xb0
[  293.798347][   T26]  wb_writeback+0x43b/0xaf0
[  293.798369][   T26]  ? queue_io+0x2e1/0x590
[  293.798387][   T26]  ? __pfx_wb_writeback+0x10/0x10
[  293.798410][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  293.798428][   T26]  wb_workfn+0x409/0xef0
[  293.798462][   T26]  ? __pfx_wb_workfn+0x10/0x10
[  293.798486][   T26]  ? __lock_acquire+0xab9/0xd20
[  293.798514][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  293.798538][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  293.798552][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  293.798569][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  293.798589][   T26]  process_scheduled_works+0xae1/0x17b0
[  293.798635][   T26]  ? __pfx_process_scheduled_works+0x10/0x10
[  293.798668][   T26]  worker_thread+0x8a0/0xda0
[  293.798711][   T26]  kthread+0x711/0x8a0
[  293.798729][   T26]  ? __pfx_worker_thread+0x10/0x10
[  293.798748][   T26]  ? __pfx_kthread+0x10/0x10
[  293.798766][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  293.798779][   T26]  ? lockdep_hardirqs_on+0x9c/0x150
[  293.798793][   T26]  ? __pfx_kthread+0x10/0x10
[  293.798809][   T26]  ret_from_fork+0x4bc/0x870
[  293.798831][   T26]  ? __pfx_ret_from_fork+0x10/0x10
[  293.798855][   T26]  ? __switch_to_asm+0x39/0x70
[  293.798870][   T26]  ? __switch_to_asm+0x33/0x70
[  293.798884][   T26]  ? __pfx_kthread+0x10/0x10
[  293.798924][   T26]  ret_from_fork_asm+0x1a/0x30
[  293.798957][   T26]  </TASK>
[  293.798964][   T26] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  293.934622][   T26] CPU: 0 UID: 0 PID: 26 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) 
[  293.934643][   T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  293.934652][   T26] Workqueue: writeback wb_workfn (flush-7:3)
[  293.934685][   T26] Call Trace:
[  293.934692][   T26]  <TASK>
[  293.934699][   T26]  dump_stack_lvl+0x189/0x250
[  293.934723][   T26]  ? __pfx_dump_stack_lvl+0x10/0x10
[  293.934739][   T26]  ? __pfx_queue_work_on+0x10/0x10
[  293.934751][   T26]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  293.934768][   T26]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  293.934793][   T26]  f2fs_handle_critical_error+0x37c/0x540
[  293.934816][   T26]  f2fs_write_end_io+0x886/0xb60
[  293.934848][   T26]  __submit_merged_bio+0x27a/0x6a0
[  293.934869][   T26]  __submit_merged_write_cond+0x255/0x530
[  293.934925][   T26]  f2fs_write_data_pages+0x261d/0x3000
[  293.934971][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  293.934999][   T26]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  293.935048][   T26]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  293.935075][   T26]  ? trace_f2fs_writepages+0x7f/0x200
[  293.935097][   T26]  ? f2fs_write_node_pages+0x478/0x6e0
[  293.935122][   T26]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  293.935146][   T26]  ? __lock_acquire+0xab9/0xd20
[  293.935171][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  293.935187][   T26]  do_writepages+0x32e/0x550
[  293.935205][   T26]  ? reacquire_held_locks+0x127/0x1d0
[  293.935218][   T26]  ? writeback_sb_inodes+0x384/0x1010
[  293.935241][   T26]  __writeback_single_inode+0x145/0xff0
[  293.935257][   T26]  ? do_raw_spin_unlock+0x4d/0x240
[  293.935277][   T26]  writeback_sb_inodes+0x6c7/0x1010
[  293.935297][   T26]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  293.935328][   T26]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  293.935379][   T26]  ? rcu_is_watching+0x15/0xb0
[  293.935402][   T26]  wb_writeback+0x43b/0xaf0
[  293.935423][   T26]  ? queue_io+0x2e1/0x590
[  293.935442][   T26]  ? __pfx_wb_writeback+0x10/0x10
[  293.935465][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  293.935484][   T26]  wb_workfn+0x409/0xef0
[  293.935517][   T26]  ? __pfx_wb_workfn+0x10/0x10
[  293.935540][   T26]  ? __lock_acquire+0xab9/0xd20
[  293.935567][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  293.935593][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  293.935607][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  293.935624][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[  293.935643][   T26]  process_scheduled_works+0xae1/0x17b0
[  293.935689][   T26]  ? __pfx_process_scheduled_works+0x10/0x10
[  293.935723][   T26]  worker_thread+0x8a0/0xda0
[  293.935765][   T26]  kthread+0x711/0x8a0
[  293.935784][   T26]  ? __pfx_worker_thread+0x10/0x10
[  293.935802][   T26]  ? __pfx_kthread+0x10/0x10
[  293.935819][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[  293.935833][   T26]  ? lockdep_hardirqs_on+0x9c/0x150
[  293.935847][   T26]  ? __pfx_kthread+0x10/0x10
[  293.935863][   T26]  ret_from_fork+0x4bc/0x870
[  293.935906][   T26]  ? __pfx_ret_from_fork+0x10/0x10
[  293.935929][   T26]  ? __switch_to_asm+0x39/0x70
[  293.935943][   T26]  ? __switch_to_asm+0x33/0x70
[  293.935956][   T26]  ? __pfx_kthread+0x10/0x10
[  293.935971][   T26]  ret_from_fork_asm+0x1a/0x30
[  293.936002][   T26]  </TASK>
[  293.936010][   T26] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  294.723761][T11825] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  294.735612][T11825] CIFS mount error: No usable UNC path provided in device string!
[  294.735612][T11825] 
[  294.740442][T11825] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  295.727697][ T5976] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  295.880960][ T5976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.884648][ T5976] usb 4-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  295.887873][ T5976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.904132][ T5976] usb 4-1: config 0 descriptor??
[  297.875463][T11904] /dev/nullb0: Can't open blockdev
[  298.546335][T11940] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2488'.
[  298.627344][ T5976] usbhid 4-1:0.0: can't add hid device: -71
[  298.629824][ T5976] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  298.637130][ T5976] usb 4-1: USB disconnect, device number 19
[  299.594117][T11968] bridge1: entered promiscuous mode
[  300.070884][T11996] loop3: detected capacity change from 0 to 1024
[  300.082799][T11996] EXT4-fs: Ignoring removed nomblk_io_submit option
[  300.089021][T11996] EXT4-fs (loop3): unsupported descriptor size 0
[  302.075202][T12032] Process accounting resumed
[  302.253114][T12064] loop3: detected capacity change from 0 to 128
[  302.315496][   T26] bio_check_eod: 182 callbacks suppressed
[  302.315515][   T26] kworker/u9:0: attempt to access beyond end of device
[  302.315515][   T26] loop3: rw=1, sector=145, nr_sectors = 65 limit=128
[  303.325945][T12080] block nbd0: shutting down sockets
[  303.407008][T12109] loop3: detected capacity change from 0 to 256
[  303.420084][T12109] vfat: Unknown parameter ''
[  303.571923][T12123] tracefs: Unknown parameter '0x0000000000000000'
[  303.949609][   T33] audit: type=1326 audit(1763486418.149:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12148 comm="syz.1.2575" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x0
[  304.576904][ T5977] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  304.726868][ T5977] usb 4-1: Using ep0 maxpacket: 16
[  304.730950][ T5977] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  304.734151][ T5977] usb 4-1: config 0 has no interface number 0
[  304.739333][ T5977] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  304.742816][ T5977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.745905][ T5977] usb 4-1: Product: syz
[  304.747712][ T5977] usb 4-1: Manufacturer: syz
[  304.749571][ T5977] usb 4-1: SerialNumber: syz
[  304.754398][ T5977] usb 4-1: config 0 descriptor??
[  304.760829][ T5977] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  304.892758][T12159] af_packet: tpacket_rcv: packet too big, clamped from 65256 to 0. macoff=72
[  305.629081][T12177] xt_l2tp: missing protocol rule (udp|l2tpip)
[  305.768979][ T5977] gspca_spca1528: reg_w err -71
[  305.771262][ T5977] spca1528 4-1:0.1: probe with driver spca1528 failed with error -71
[  305.776099][ T5977] usb 4-1: USB disconnect, device number 20
[  307.353108][T12205] loop3: detected capacity change from 0 to 512
[  307.366592][T12205] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  307.375122][T12205] EXT4-fs (loop3): orphan cleanup on readonly fs
[  307.379573][T12205] EXT4-fs warning (device loop3): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  307.391912][T12205] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  307.395542][T12205] EXT4-fs error (device loop3): __ext4_iget:5435: inode #16: block 127754: comm syz.3.2596: invalid block
[  307.401717][T12205] EXT4-fs (loop3): Remounting filesystem read-only
[  307.405684][T12205] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  307.432303][ T7679] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.484678][T12208] loop3: detected capacity change from 0 to 64
[  307.694483][T12216] netlink: 'syz.0.2601': attribute type 5 has an invalid length.
[  307.697889][T12216] netlink: 'syz.0.2601': attribute type 9 has an invalid length.
[  307.701031][T12216] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2601'.
[  307.730898][T12218] netlink: del zone limit has 4 unknown bytes
[  307.906330][T12228] loop3: detected capacity change from 0 to 4096
[  307.947677][T12228] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  307.956649][T12228] ntfs3(loop3): Failed to load $Secure (-22).
[  307.961687][T12228] ntfs3(loop3): Failed to initialize $Secure (-22).
[  308.456922][ T5977] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  308.616923][ T5977] usb 4-1: Using ep0 maxpacket: 16
[  308.623675][ T5977] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  308.627170][ T5977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.630193][ T5977] usb 4-1: Product: syz
[  308.632363][ T5977] usb 4-1: Manufacturer: syz
[  308.634087][ T5977] usb 4-1: SerialNumber: syz
[  308.638534][ T5977] usb 4-1: config 0 descriptor??
[  308.644218][ T5977] visor 4-1:0.0: Sony Clie 3.5 converter detected
[  308.848844][ T5977] usb 4-1: clie_3_5_startup: get config number failed: -71
[  308.857033][ T5977] visor 4-1:0.0: probe with driver visor failed with error -71
[  308.864095][ T5977] usb 4-1: USB disconnect, device number 21
[  312.168703][ T5977] usb 4-1: new full-speed USB device number 22 using dummy_hcd
[  313.270597][ T5977] usb 4-1: unable to get BOS descriptor or descriptor too short
[  313.278927][ T5977] usb 4-1: not running at top speed; connect to a high speed hub
[  313.286169][ T5977] usb 4-1: config 6 has an invalid interface number: 30 but max is 0
[  313.289608][ T5977] usb 4-1: config 6 has no interface number 0
[  313.292057][ T5977] usb 4-1: config 6 interface 30 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  313.309215][ T5977] usb 4-1: New USB device found, idVendor=fff0, idProduct=fff0, bcdDevice=1e.11
[  313.313514][ T5977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.318265][ T5977] usb 4-1: Product: syz
[  313.321716][ T5977] usb 4-1: Manufacturer: syz
[  313.323628][ T5977] usb 4-1: SerialNumber: syz
[  313.581930][ T5977] usbtest 4-1:6.30: usb test device
[  313.583883][ T5977] usbtest 4-1:6.30: full-speed {control in/out iso-out} tests (+alt)
[  313.592919][ T5977] usb 4-1: USB disconnect, device number 22
[  313.766163][   T33] audit: type=1326 audit(1763486427.959:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12360 comm="syz.1.2665" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  313.784068][   T33] audit: type=1326 audit(1763486427.959:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12360 comm="syz.1.2665" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  313.799528][   T33] audit: type=1326 audit(1763486427.959:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12360 comm="syz.1.2665" exe="/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  313.812260][   T33] audit: type=1326 audit(1763486427.959:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12360 comm="syz.1.2665" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  313.821339][   T33] audit: type=1326 audit(1763486427.959:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12360 comm="syz.1.2665" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  314.132339][T12374] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2671'.
[  314.135842][T12374] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2671'.
[  314.140896][T12374] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2671'.
[  314.647004][ T5977] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  314.799055][ T5977] usb 4-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  314.803862][ T5977] usb 4-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 255
[  314.810831][ T5977] usb 4-1: config 0 has no interfaces?
[  314.813264][ T5977] usb 4-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  314.817239][ T5977] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.828140][ T5977] usb 4-1: config 0 descriptor??
[  315.037187][ T5977] usb 4-1: USB disconnect, device number 23
[  315.588375][T12410] loop3: detected capacity change from 0 to 1024
[  315.591928][T12410] hfsplus: type requires a 4 character value
[  316.024823][T12413] loop3: detected capacity change from 0 to 256
[  316.028813][T12413] exfat: Deprecated parameter 'utf8'
[  316.055198][T12413] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xdd33351c, utbl_chksum : 0xe619d30d)
[  316.491909][T12424] loop3: detected capacity change from 0 to 2048
[  316.510102][T12425] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  316.607787][ T5976] libceph: connect (1)[c::]:6789 error -101
[  316.611598][ T5976] libceph: mon0 (1)[c::]:6789 connect error
[  316.618895][ T5976] libceph: connect (1)[c::]:6789 error -101
[  316.621520][ T5976] libceph: mon0 (1)[c::]:6789 connect error
[  316.881532][ T5976] libceph: connect (1)[c::]:6789 error -101
[  316.884130][ T5976] libceph: mon0 (1)[c::]:6789 connect error
[  316.921378][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  316.924008][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  317.388002][ T5977] libceph: connect (1)[c::]:6789 error -101
[  317.392805][ T5977] libceph: mon0 (1)[c::]:6789 connect error
[  317.419032][T12427] ceph: No mds server is up or the cluster is laggy
[  317.756898][ T5977] usb 4-1: new full-speed USB device number 24 using dummy_hcd
[  317.914175][ T5977] usb 4-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  317.918001][ T5977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.921173][ T5977] usb 4-1: Product: syz
[  317.922941][ T5977] usb 4-1: Manufacturer: syz
[  317.924984][ T5977] usb 4-1: SerialNumber: syz
[  317.929830][ T5977] usb 4-1: config 0 descriptor??
[  318.145853][ T5977] airspy 4-1:0.0: usb_control_msg() failed -71 request 09
[  318.150708][ T5977] airspy 4-1:0.0: Could not detect board
[  318.153236][ T5977] airspy 4-1:0.0: probe with driver airspy failed with error -71
[  318.158397][ T5977] usb 4-1: USB disconnect, device number 24
[  318.794296][T12463] netlink: 16222 bytes leftover after parsing attributes in process `syz.0.2708'.
[  318.876511][T12469] cgroup: Need name or subsystem set
[  319.150859][T12467] loop3: detected capacity change from 0 to 32768
[  319.202823][T12467] jfs_rmdir: dtDelete returned -116
[  319.205351][T12467] jfs_rmdir: dtDelete returned -116
[  319.690100][T12498] netlink: 'syz.1.2725': attribute type 15 has an invalid length.
[  319.885285][T12512] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2732'.
[  321.016187][T12542] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2747'.
[  321.029724][T12542] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2747'.
[  321.033256][T12542] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2747'.
[  321.078214][T12546] loop3: detected capacity change from 0 to 512
[  321.082207][T12546] EXT4-fs: Ignoring removed mblk_io_submit option
[  321.091085][T12546] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  321.102980][T12546] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  321.109472][T12546] EXT4-fs (loop3): orphan cleanup on readonly fs
[  321.139800][T12546] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2749: Invalid block bitmap block 0 in block_group 0
[  321.151615][T12546] EXT4-fs (loop3): Remounting filesystem read-only
[  321.155026][T12546] Quota error (device loop3): write_blk: dquota write failed
[  321.160381][T12546] Quota error (device loop3): write_blk: dquota write failed
[  321.163008][T12546] Quota error (device loop3): qtree_write_dquot: Error -28 occurred while creating quota
[  321.168495][T12546] EXT4-fs (loop3): 1 orphan inode deleted
[  321.174069][T12546] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  321.208365][ T7679] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.420306][T12561] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  321.423576][T12561] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  322.302281][T12596] loop3: detected capacity change from 0 to 32768
[  322.332249][T12596] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  322.373141][T12596] XFS (loop3): Ending clean mount
[  322.433010][ T7679] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  322.635848][T12613] loop3: detected capacity change from 0 to 1024
[  323.431462][T12621] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  323.663269][T12626] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2783'.
[  323.667537][T12626] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2783'.
[  323.689716][T12626] team0: entered promiscuous mode
[  323.693086][T12626] team_slave_0: entered promiscuous mode
[  323.695980][T12626] team_slave_1: entered promiscuous mode
[  323.869229][T12626] team0: left promiscuous mode
[  323.871469][T12626] team_slave_0: left promiscuous mode
[  323.897704][T12626] team_slave_1: left promiscuous mode
[  324.069172][T12633] loop3: detected capacity change from 0 to 128
[  324.389115][T12637] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  324.402172][T12637] FAT-fs (loop3): Filesystem has been set read-only
[  325.803391][T12668] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2799'.
[  325.843053][T12668] macvlan2: entered promiscuous mode
[  325.845283][T12668] macvlan2: entered allmulticast mode
[  325.848751][T12668] bond1: entered promiscuous mode
[  325.851701][T12668] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  325.858797][T12668] bond1: left promiscuous mode
[  326.710636][T12684] loop3: detected capacity change from 0 to 8
[  327.310303][T12705] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  328.042933][ T5956] libceph: connect (1)[c::]:6789 error -101
[  328.046040][ T5956] libceph: mon0 (1)[c::]:6789 connect error
[  328.374252][T12723] ceph: No mds server is up or the cluster is laggy
[  328.635449][ T5956] libceph: connect (1)[c::]:6789 error -101
[  328.638050][ T5956] libceph: mon0 (1)[c::]:6789 connect error
[  328.977881][T12742] loop3: detected capacity change from 0 to 128
[  330.232522][T12767] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2835'.
[  330.950317][T12788] netlink: 532 bytes leftover after parsing attributes in process `syz.3.2844'.
[  331.729077][T12806] netlink: 'syz.1.2852': attribute type 1 has an invalid length.
[  331.756599][T12806] bond4: (slave ipvlan3): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  331.760425][T12806] bond4: (slave ipvlan3): The slave device specified does not support setting the MAC address
[  331.765310][T12806] bond4: (slave ipvlan3): Setting fail_over_mac to active for active-backup mode
[  332.155108][T12827] loop3: detected capacity change from 0 to 512
[  332.157540][T12827] EXT4-fs: Ignoring removed mblk_io_submit option
[  332.169531][T12827] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  332.185779][T12827] EXT4-fs (loop3): 1 truncate cleaned up
[  332.198986][T12827] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.208083][T12827] EXT4-fs error (device loop3): ext4_find_extent:903: inode #15: comm syz.3.2862: inode has invalid extent depth: 25964
[  332.218888][T12827] fs-verity (loop3, inode 15): Error -117 getting verity descriptor size
[  332.246481][ T7679] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.253527][T12835] kAFS: No cell specified
[  334.111407][T12879] geneve2: entered allmulticast mode
[  334.660102][T12888] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2887'.
[  335.087326][T12894] dvmrp5: entered allmulticast mode
[  335.103887][T12894] pimreg: entered allmulticast mode
[  336.295338][T12916] loop3: detected capacity change from 0 to 512
[  337.114503][T12932] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  337.179380][T12933] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  337.186235][T12932] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  338.302938][T12970] 9pnet_fd: Insufficient options for proto=fd
[  341.097533][T13018] netlink: 165 bytes leftover after parsing attributes in process `syz.0.2941'.
[  341.187597][T13026] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2945'.
[  341.191844][T13026] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2945'.
[  341.209952][T13026] batadv0: entered promiscuous mode
[  341.212565][T13026] batadv0: left promiscuous mode
[  341.497382][T13042] bond2: entered allmulticast mode
[  342.861381][T13077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2966'.
[  344.981632][T13123] netlink: 'syz.1.2981': attribute type 33 has an invalid length.
[  344.985033][T13123] netlink: 152 bytes leftover after parsing attributes in process `syz.1.2981'.
[  344.989464][ T5931] Bluetooth: hci3: command 0x1003 tx timeout
[  344.994097][ T5238] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  345.635748][T13138] loop3: detected capacity change from 0 to 32768
[  345.640335][T13138] (syz.3.2986,13138,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  345.645404][T13138] (syz.3.2986,13138,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  345.667531][T13138] JBD2: Ignoring recovery information on journal
[  345.697114][T13138] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  345.753837][ T7679] ocfs2: Unmounting device (7,3) on (node local)
[  345.903649][T13181] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2991'.
[  346.229256][T13212] loop3: detected capacity change from 0 to 256
[  346.254769][T13212] exfat: Deprecated parameter 'namecase'
[  346.273255][T13212] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  346.540491][T13212] futex_wake_op: syz.3.3006 tries to shift op by -1; fix this program
[  347.561257][T13264] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3028'.
[  347.564371][T13264] tipc: Cannot configure node identity twice
[  349.046512][T13302] nfs: Deprecated parameter 'nointr'
[  349.054872][ T5956] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  349.249466][ T5956] usb 4-1: unable to get BOS descriptor or descriptor too short
[  349.259487][ T5956] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  349.266856][ T5956] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  349.277776][ T5956] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  349.284261][ T5956] usb 4-1: language id specifier not provided by device, defaulting to English
[  349.295214][ T5956] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  349.299019][ T5956] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  349.302289][ T5956] usb 4-1: Product: syz
[  349.304403][ T5956] usb 4-1: Manufacturer: ᨕ昉ﺴꖂ쯍넊꿊퐃ﯻ뵫ਖ਼汢鏎餗␫芯ﰤ齐ജၥ仵챹苵弨鞆찠꛷异ⵡ✩빏󔏪
[  349.309834][ T5956] usb 4-1: SerialNumber: syz
[  349.548379][ T5956] usb 4-1: 0:2 : does not exist
[  349.568561][ T5956] usb 4-1: USB disconnect, device number 25
[  349.606776][T13087] udevd[13087]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  350.147546][T13327] syzkaller0: entered allmulticast mode
[  350.503799][ T5956] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  350.636438][T13333] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3057'.
[  350.656838][ T5956] usb 4-1: New USB device found, idVendor=0458, idProduct=5005, bcdDevice= 0.00
[  350.660073][T13333] vlan3: entered allmulticast mode
[  350.662450][T13333] bridge0: entered allmulticast mode
[  350.663571][ T5956] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.665194][T13333] bridge3: port 1(vlan3) entered blocking state
[  350.670069][T13333] bridge3: port 1(vlan3) entered disabled state
[  350.675161][T13333] vlan3: entered promiscuous mode
[  350.677409][T13333] bridge0: entered promiscuous mode
[  350.678561][ T5956] usb 4-1: config 0 descriptor??
[  350.865323][   T33] audit: type=1326 audit(1763486721.071:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13348 comm="syz.0.3065" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x50000
[  350.884249][   T33] audit: type=1326 audit(1763486721.071:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13348 comm="syz.0.3065" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x50000
[  350.904738][   T33] audit: type=1326 audit(1763486721.071:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13348 comm="syz.0.3065" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x50000
[  350.918786][   T33] audit: type=1326 audit(1763486721.071:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13348 comm="syz.0.3065" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x50000
[  350.927553][   T33] audit: type=1326 audit(1763486721.091:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13348 comm="syz.0.3065" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x50000
[  350.936020][   T33] audit: type=1326 audit(1763486721.091:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13348 comm="syz.0.3065" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x50000
[  350.945123][   T33] audit: type=1326 audit(1763486721.091:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13348 comm="syz.0.3065" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x50000
[  350.953538][   T33] audit: type=1326 audit(1763486721.091:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13348 comm="syz.0.3065" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x50000
[  350.962149][   T33] audit: type=1326 audit(1763486721.091:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13348 comm="syz.0.3065" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x50000
[  350.970562][   T33] audit: type=1326 audit(1763486721.091:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13348 comm="syz.0.3065" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x50000
[  351.146678][ T5956] kye 0003:0458:5005.000E: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  351.162434][ T5956] kye 0003:0458:5005.000E: unknown main item tag 0x0
[  351.173601][ T5956] kye 0003:0458:5005.000E: unknown main item tag 0x0
[  351.176315][ T5956] kye 0003:0458:5005.000E: unknown main item tag 0x0
[  351.178864][ T5956] kye 0003:0458:5005.000E: unknown main item tag 0x0
[  351.181530][ T5956] kye 0003:0458:5005.000E: unknown main item tag 0x0
[  351.223982][ T5956] kye 0003:0458:5005.000E: hidraw0: USB HID v0.00 Device [HID 0458:5005] on usb-dummy_hcd.3-1/input0
[  351.233259][ T5956] kye 0003:0458:5005.000E: tablet-enabling feature report not found
[  351.237686][ T5956] kye 0003:0458:5005.000E: tablet enabling failed
[  351.373219][ T5956] usb 4-1: USB disconnect, device number 26
[  351.483433][T13355] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3067'.
[  351.487398][T13355] netlink: 348 bytes leftover after parsing attributes in process `syz.1.3067'.
[  351.491402][T13355] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3067'.
[  351.495408][T13355] netlink: 348 bytes leftover after parsing attributes in process `syz.1.3067'.
[  351.499797][T13355] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3067'.
[  352.554085][T13376] loop3: detected capacity change from 0 to 2048
[  352.567926][T13377] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  353.136855][T13393] loop3: detected capacity change from 0 to 2048
[  353.142940][T13393] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  353.161407][T13394] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  353.977985][T13417] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  353.982573][T13417] batadv_slave_0: entered promiscuous mode
[  353.985032][T13417] batadv_slave_0: entered allmulticast mode
[  354.078323][T13417] netlink: 'syz.1.3093': attribute type 8 has an invalid length.
[  356.419843][T13461] gretap0: entered promiscuous mode
[  356.424852][T13461] gretap0: left promiscuous mode
[  356.502463][T13465] gfs2: gfs2 mount does not exist
[  356.594680][T13471] comedi comedi0: comedi_bond: 3:0 3:3 3:5 3:11  attached, 96 channels from 4 devices
[  356.870553][ T5977] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  356.908400][T13484] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3123'.
[  357.025928][ T5977] usb 4-1: New USB device found, idVendor=0bfd, idProduct=0104, bcdDevice=52.21
[  357.031015][ T5977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.033803][ T5977] usb 4-1: Product: syz
[  357.035089][ T5977] usb 4-1: Manufacturer: syz
[  357.036515][ T5977] usb 4-1: SerialNumber: syz
[  357.048300][ T5977] usb 4-1: config 0 descriptor??
[  357.056395][ T5977] kvaser_usb 4-1:0.0: error -ENODEV: Cannot get usb endpoint(s)
[  357.269403][ T5977] usb 4-1: USB disconnect, device number 27
[  357.863520][T13512] loop3: detected capacity change from 0 to 1024
[  357.872447][T13512] EXT4-fs (loop3): filesystem is read-only
[  357.878290][T13512] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  357.888743][T13512] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (11891!=20869)
[  357.898933][T13512] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  357.903316][T13512] EXT4-fs error (device loop3): ext4_get_journal_inode:5808: comm syz.3.3136: inode #1: comm syz.3.3136: iget: illegal inode #
[  357.918945][T13512] EXT4-fs (loop3): no journal found
[  357.921874][T13512] EXT4-fs (loop3): can't get journal size
[  357.929029][T13512] EXT4-fs error (device loop3): __ext4_fill_super:5512: inode #2: comm syz.3.3136: iget: bad extra_isize 65535 (inode size 1024)
[  357.939347][T13512] EXT4-fs (loop3): get root inode failed
[  357.942251][T13512] EXT4-fs (loop3): mount failed
[  358.162597][T13519] loop3: detected capacity change from 0 to 1024
[  358.191451][T13519] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  358.196254][T13519] ext4 filesystem being mounted at /729/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  358.234881][T13519] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 16: comm syz.3.3139: path /729/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[  358.296331][ T7679] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  358.444120][    C1] Unknown status report in ack skb
[  358.482925][T13534] loop3: detected capacity change from 0 to 2048
[  358.508841][T13534] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  358.532298][T13537] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  358.539368][T13534] syz.3.3145: attempt to access beyond end of device
[  358.539368][T13534] loop3: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  358.566287][T13534] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  358.573727][T13534] Remounting filesystem read-only
[  358.575875][T13534] NILFS error (device loop3): nilfs_bmap_last_key: broken bmap (inode number=16)
[  358.579379][T13534] NILFS (loop3): error -5 truncating bmap (ino=16)
[  358.642811][ T7679] NILFS (loop3): disposed unprocessed dirty file(s) when detaching log writer
[  359.171158][ T5956] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  359.331659][ T5956] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  359.336413][ T5956] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  359.343757][ T5956] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  359.353168][ T5956] usb 4-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  359.356711][ T5956] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.364909][ T5956] usb 4-1: config 0 descriptor??
[  359.376159][ T5956] em28xx 4-1:0.0: error: skipping audio endpoint 0x83, because it uses bulk transfers !
[  359.577967][ T5956] usb 4-1: USB disconnect, device number 28
[  359.578119][T13572] overlayfs: upper fs does not support tmpfile.
[  360.146467][T13581] loop3: detected capacity change from 0 to 512
[  360.153415][T13581] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  360.156939][T13581] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  360.616384][T13591] sock: sock_timestamping_bind_phc: sock not bind to device
[  361.282166][T13596] loop3: detected capacity change from 0 to 512
[  361.346205][T13596] EXT4-fs (loop3): 1 truncate cleaned up
[  361.350145][T13596] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  361.616543][ T7679] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.423892][T13624] loop3: detected capacity change from 0 to 32768
[  362.429565][T13624] jfs_mount: Failed to read AGGREGATE_I
[  362.432151][T13624] Mount JFS Failure: -5
[  362.434146][T13624] jfs_mount failed w/return code = -5
[  362.742124][T13634] loop3: detected capacity change from 0 to 32768
[  362.747055][T13634] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3183 (13634)
[  362.774770][T13634] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  362.778525][T13634] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  362.914956][T13634] BTRFS info (device loop3): enabling ssd optimizations
[  362.918265][T13634] BTRFS info (device loop3): enabling free space tree
[  362.989618][ T7679] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  364.197227][T13705] loop3: detected capacity change from 0 to 256
[  364.229745][T13705] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  364.263333][T13705] exFAT-fs (loop3): start_clu is invalid cluster(0xffffffff)
[  364.268111][T13705] exFAT-fs (loop3): valid_size(150994954) is greater than size(10)
[  364.903330][T13747] syz.0.3225 (13747): attempted to duplicate a private mapping with mremap.  This is not supported.
[  364.991967][T13753] sg_write: data in/out 41084/1 bytes for SCSI command 0x1c-- guessing data in;
[  364.991967][T13753]    program syz.0.3228 not setting count and/or reply_len properly
[  365.193073][T13757] loop3: detected capacity change from 0 to 2048
[  365.209578][T13757] NILFS (loop3): invalid segment: Magic number mismatch
[  365.212257][T13757] NILFS (loop3): trying rollback from an earlier position
[  365.224198][T13757] NILFS (loop3): recovery complete
[  365.228050][T13758] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  365.861019][T13764] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  366.576325][ T5956] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  366.708850][T13774] netlink: 'syz.1.3237': attribute type 10 has an invalid length.
[  366.711607][T13774] syz_tun: entered promiscuous mode
[  366.718648][T13774] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  366.728880][ T5956] usb 4-1: config 0 has an invalid interface number: 117 but max is 0
[  366.732193][ T5956] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  366.736088][ T5956] usb 4-1: config 0 has no interface number 0
[  366.738189][ T5956] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  366.746844][ T5956] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  366.762493][ T5956] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  366.766821][ T5956] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.771110][ T5956] usb 4-1: Product: syz
[  366.772733][ T5956] usb 4-1: Manufacturer: syz
[  366.774529][ T5956] usb 4-1: SerialNumber: syz
[  366.783181][ T5956] usb 4-1: config 0 descriptor??
[  366.996410][ T5956] usbtouchscreen 4-1:0.117: probe with driver usbtouchscreen failed with error -71
[  367.007988][ T5956] usb 4-1: USB disconnect, device number 29
[  367.045114][T13786] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3242'.
[  367.227055][T13790] ip6tnl0: Caught tx_queue_len zero misconfig
[  367.229680][T13790] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3244'.
[  368.854414][ T5976] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  369.018656][ T5976] usb 4-1: config 0 has an invalid interface number: 217 but max is 0
[  369.022723][ T5976] usb 4-1: config 0 has no interface number 0
[  369.027298][ T5976] usb 4-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  369.030589][ T5976] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.033736][ T5976] usb 4-1: Product: syz
[  369.035833][ T5976] usb 4-1: Manufacturer: syz
[  369.037876][ T5976] usb 4-1: SerialNumber: syz
[  369.044450][ T5976] usb 4-1: config 0 descriptor??
[  369.052197][ T5976] hub 4-1:0.217: bad descriptor, ignoring hub
[  369.055264][ T5976] hub 4-1:0.217: probe with driver hub failed with error -5
[  369.258825][ T5976] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  369.275010][ T5976] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  369.280084][ T5976] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  369.283497][ T5976] usb 4-1: media controller created
[  369.308670][ T5976] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  369.348046][ T5976] DVB: Unable to find symbol dib7000p_attach()
[  369.350490][ T5976] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  369.404481][ T5976] rc_core: IR keymap rc-dib0700-rc5 not found
[  369.410338][ T5976] Registered IR keymap rc-empty
[  369.412499][ T5976] dvb-usb: could not initialize remote control.
[  369.415445][ T5976] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  369.473095][ T5976] usb 4-1: USB disconnect, device number 30
[  369.521342][ T5976] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[  369.911223][T13868] netlink: 'syz.0.3276': attribute type 1 has an invalid length.
[  369.916924][T13868] netlink: 144 bytes leftover after parsing attributes in process `syz.0.3276'.
[  369.921313][T13868] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3276'.
[  370.676424][T13885] raw_sendmsg: syz.0.3283 forgot to set AF_INET. Fix it!
[  371.310012][T13913] vcan0: tx drop: invalid da for name 0x0000000000000002
[  371.549515][T13924] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3299'.
[  372.125513][T13935] syzkaller1: entered promiscuous mode
[  372.127826][T13935] syzkaller1: entered allmulticast mode
[  375.205369][T13972] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  375.399142][T13981] loop3: detected capacity change from 0 to 512
[  375.625324][T13981] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  375.630787][T13981] ext4 filesystem being mounted at /763/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  375.637398][T13994] skbuff: bad partial csum: csum=65506/2 headroom=178 headlen=65526
[  375.677321][ T7679] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  376.369183][T14000] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3327'.
[  376.374596][T14000] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3327'.
[  376.378828][T14000] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3327'.
[  376.969832][T14021] vlan4: entered allmulticast mode
[  377.006252][T14021] bond0: entered allmulticast mode
[  377.011232][T14021] bond_slave_0: entered allmulticast mode
[  377.013565][T14021] bond_slave_1: entered allmulticast mode
[  377.015863][T14021] syz_tun: entered allmulticast mode
[  377.346113][T14019] loop3: detected capacity change from 0 to 32768
[  377.380419][T14019] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  377.404994][T14019] XFS (loop3): Ending clean mount
[  377.409015][T14019] XFS (loop3): Quotacheck needed: Please wait.
[  377.456040][T14019] XFS (loop3): Quotacheck: Done.
[  377.498572][ T7679] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  377.912975][T14065] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3352'.
[  378.342964][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  378.345614][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  378.807988][T14086] loop3: detected capacity change from 0 to 256
[  378.812077][T14086] exfat: Deprecated parameter 'utf8'
[  378.815076][T14086] exfat: Deprecated parameter 'utf8'
[  378.828188][T14086] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d)
[  378.854475][T14086] exFAT-fs (loop3): error, in sector 160, dentry 12 should be unused, but 0x85
[  378.858866][T14086] exFAT-fs (loop3): Filesystem has been set read-only
[  379.431992][T14112] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3375'.
[  379.435489][T14112] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3375'.
[  379.438939][T14112] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3375'.
[  379.443498][T14112] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3375'.
[  379.447274][T14112] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3375'.
[  379.451709][T14112] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3375'.
[  379.528597][T14118] tipc: New replicast peer: 255.255.255.255
[  379.537130][T14118] tipc: Enabled bearer <udp:syz2>, priority 10
[  379.984612][T14136] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  379.988991][T14136] ref_ctr increment failed for inode: 0x19fb offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880418f35c0
[  380.007772][   T33] kauditd_printk_skb: 6684 callbacks suppressed
[  380.007791][   T33] audit: type=1804 audit(1763486750.196:6786): pid=14136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3384" name="file0" dev="tmpfs" ino=6651 res=1 errno=0
[  380.690448][ T5977] tipc: Node number set to 2509947735
[  382.461562][T14196] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  382.465393][T14196] overlayfs: failed to set xattr on upper
[  382.468120][T14196] overlayfs: ...falling back to redirect_dir=nofollow.
[  382.471012][T14196] overlayfs: ...falling back to metacopy=off.
[  382.473501][T14196] overlayfs: ...falling back to uuid=null.
[  385.488578][T14266] RDS: rds_bind could not find a transport for fe88::1, load rds_tcp or rds_rdma?
[  385.724017][T14282] lo: Caught tx_queue_len zero misconfig
[  387.354610][T14325] __nla_validate_parse: 41 callbacks suppressed
[  387.354626][T14325] netlink: 132 bytes leftover after parsing attributes in process `syz.1.3470'.
[  388.544975][T14380] pim6reg0: tun_chr_ioctl cmd 2147767507
[  388.677955][T14385] binder: 14383:14385 ioctl c0306201 0 returned -14
[  388.678207][T14386] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3497'.
[  389.749444][T14424] dvmrp8: entered allmulticast mode
[  389.814153][ T5238] Bluetooth: hci1: unexpected event for opcode 0x0407
[  390.131755][T14442] fuse: Bad value for 'fd'
[  391.904454][   T33] audit: type=1326 audit(1763487018.137:6787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14486 comm="syz.1.3543" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x0
[  392.038046][T14490] netlink: 'syz.3.3544': attribute type 9 has an invalid length.
[  392.040537][T14490] netlink: 184 bytes leftover after parsing attributes in process `syz.3.3544'.
[  392.100964][T14492] bridge0: entered promiscuous mode
[  392.103918][T14492] macsec1: entered promiscuous mode
[  392.107075][T14492] bridge0: port 3(macsec1) entered blocking state
[  392.109619][T14492] bridge0: port 3(macsec1) entered disabled state
[  392.111906][T14492] macsec1: entered allmulticast mode
[  392.115314][T14492] bridge0: entered allmulticast mode
[  392.119661][T14492] macsec1: left allmulticast mode
[  392.121818][T14492] bridge0: left allmulticast mode
[  392.130436][T14492] bridge0: left promiscuous mode
[  394.235305][T14537] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  394.235305][T14537] The task syz.3.3565 (14537) triggered the difference, watch for misbehavior.
[  394.730556][T14543] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3567'.
[  395.131547][T14555] Unknown options in mask b7f2
[  395.983293][T14583] atomic_op ffff88802b132198 conn xmit_atomic 0000000000000000
[  396.075981][T14587] netlink: 'syz.1.3587': attribute type 1 has an invalid length.
[  396.364145][T14601] netlink: 'syz.3.3593': attribute type 2 has an invalid length.
[  396.815547][T14611] overlayfs: failed to clone upperpath
[  397.021594][ T5238] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  397.024747][ T5238] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  397.172189][T14633] netlink: 'syz.3.3608': attribute type 11 has an invalid length.
[  397.175436][T14633] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3608'.
[  397.463770][T14649] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3616'.
[  397.467315][T14649] team0: Caught tx_queue_len zero misconfig
[  398.104575][T14664] netlink: 830 bytes leftover after parsing attributes in process `syz.3.3623'.
[  400.354989][T14709] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3644'.
[  401.011929][T14724] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3649'.
[  404.294471][T14800] netlink: 'syz.1.3682': attribute type 37 has an invalid length.
[  404.349494][T14802] sit3: entered promiscuous mode
[  404.351609][T14802] sit3: entered allmulticast mode
[  404.555550][T14815] netlink: 'syz.0.3687': attribute type 2 has an invalid length.
[  405.807122][T14832] overlayfs: failed to clone upperpath
[  406.360502][T14858] overlayfs: failed to resolve './file0': -2
[  409.180114][   T33] audit: type=1326 audit(1763487035.416:6788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14916 comm="syz.1.3733" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  409.201137][   T33] audit: type=1326 audit(1763487035.416:6789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14916 comm="syz.1.3733" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  409.223427][   T33] audit: type=1326 audit(1763487035.436:6790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14916 comm="syz.1.3733" exe="/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  409.244798][   T33] audit: type=1326 audit(1763487035.436:6791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14916 comm="syz.1.3733" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  409.257926][   T33] audit: type=1326 audit(1763487035.436:6792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14916 comm="syz.1.3733" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  409.278766][   T33] audit: type=1326 audit(1763487035.436:6793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14916 comm="syz.1.3733" exe="/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  409.288810][   T33] audit: type=1326 audit(1763487035.436:6794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14916 comm="syz.1.3733" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  409.297473][   T33] audit: type=1326 audit(1763487035.436:6795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14916 comm="syz.1.3733" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  412.444885][T14990] ptrace attach of ""[14991] was attempted by "/syz-executor exec"[14990]
[  413.267229][T15008] netlink: 'syz.1.3773': attribute type 1 has an invalid length.
[  413.275046][T15008] netlink: 'syz.1.3773': attribute type 1 has an invalid length.
[  414.029996][   T33] audit: type=1800 audit(1763487040.268:6796): pid=15019 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3778" name="file1" dev="tmpfs" ino=5096 res=0 errno=0
[  414.225227][   T33] audit: type=1326 audit(1763487040.458:6797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15013 comm="syz.1.3776" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  414.261497][   T33] audit: type=1326 audit(1763487040.458:6798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15013 comm="syz.1.3776" exe="/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  414.321202][   T33] audit: type=1326 audit(1763487040.468:6799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15013 comm="syz.1.3776" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  414.375430][   T33] audit: type=1326 audit(1763487040.468:6800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15013 comm="syz.1.3776" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  416.111359][   T33] audit: type=1326 audit(1763487042.319:6801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15042 comm="syz.1.3786" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x0
[  417.123576][T15080] binder: 15079:15080 ioctl c0306201 200000000640 returned -22
[  417.627379][T15085] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3802'.
[  417.631978][T15085] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3802'.
[  418.832416][T15110] IPVS: wlc: FWM 3 0x00000003 - no destination available
[  422.136046][ T5238] Bluetooth: hci1: connection err: -111
[  423.060964][   T33] audit: type=1326 audit(1763487049.310:6802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15223 comm="syz.3.3863" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  423.388700][   T33] audit: type=1326 audit(1763487049.310:6803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15223 comm="syz.3.3863" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  423.441418][   T33] audit: type=1326 audit(1763487049.310:6804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15223 comm="syz.3.3863" exe="/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  423.450465][   T33] audit: type=1326 audit(1763487049.310:6805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15223 comm="syz.3.3863" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  423.459507][   T33] audit: type=1326 audit(1763487049.310:6806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15223 comm="syz.3.3863" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  423.473314][   T33] audit: type=1326 audit(1763487049.310:6807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15223 comm="syz.3.3863" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  423.487837][   T33] audit: type=1326 audit(1763487049.310:6808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15223 comm="syz.3.3863" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  423.498530][   T33] audit: type=1326 audit(1763487049.310:6809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15223 comm="syz.3.3863" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  423.507480][   T33] audit: type=1326 audit(1763487049.310:6810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15223 comm="syz.3.3863" exe="/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  423.522643][   T33] audit: type=1326 audit(1763487049.310:6811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15223 comm="syz.3.3863" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  423.635155][T15244] wireguard: wg2: Could not create IPv4 socket
[  424.276066][T15270] 8021q: VLANs not supported on lo
[  424.750312][T15293] team0: Device gtp0 is of different type
[  425.299630][T15306] x_tables: ip_tables: SNAT target: only valid in nat table, not syz0
[  425.427771][T15317] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3906'.
[  427.688417][T15366] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3926'.
[  427.723588][T15368] overlayfs: failed to clone upperpath
[  428.011877][T15380] libceph: resolve '0' (ret=-3): failed
[  429.491628][T15435] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3956'.
[  429.497957][T15435] fuse: Bad value for 'user_id'
[  429.500080][T15435] fuse: Bad value for 'user_id'
[  430.239243][T15471] TCP: TCP_TX_DELAY enabled
[  431.226691][T15520] netlink: 'syz.1.3996': attribute type 39 has an invalid length.
[  431.260539][T15520] bond0: (slave syz_tun): Releasing backup interface
[  431.266407][T15520] syz_tun (unregistering): left allmulticast mode
[  431.340414][T15522] sctp: [Deprecated]: syz.1.3997 (pid 15522) Use of int in max_burst socket option.
[  431.340414][T15522] Use struct sctp_assoc_value instead
[  432.537663][T15555] netlink: 'syz.3.4011': attribute type 18 has an invalid length.
[  432.541004][T15555] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4011'.
[  432.567768][ T5927] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  432.571380][ T5927] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  432.575678][T15555] netlink: 'syz.3.4011': attribute type 18 has an invalid length.
[  432.578749][T15555] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4011'.
[  432.582199][ T5927] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  432.587630][ T5927] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  433.238719][T15591] syz_tun: entered promiscuous mode
[  433.241591][T15591] vlan0: entered promiscuous mode
[  433.389816][T15601] xt_nfacct: accounting object `\$9ZM#mU|^c\F9YⳈ' does not exist
[  433.998586][T15624] netlink: 'syz.3.4043': attribute type 3 has an invalid length.
[  435.475380][T15673] IPv6: Can't replace route, no match found
[  439.760152][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  439.762938][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  440.193536][T15805] fuse: Bad value for 'fd'
[  440.759619][T15835] netlink: 'syz.1.4133': attribute type 9 has an invalid length.
[  440.763150][T15835] netlink: 'syz.1.4133': attribute type 7 has an invalid length.
[  440.766284][T15835] netlink: 'syz.1.4133': attribute type 8 has an invalid length.
[  441.276250][T15847] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4140'.
[  441.279827][T15847] gretap0: left allmulticast mode
[  441.281724][T15847] gretap0: left promiscuous mode
[  441.283713][T15847] bridge0: port 2(gretap0) entered disabled state
[  441.289433][T15847] bridge_slave_0: left allmulticast mode
[  441.291610][T15847] bridge_slave_0: left promiscuous mode
[  441.294023][T15847] bridge0: port 1(bridge_slave_0) entered disabled state
[  441.432112][T15853] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4143'.
[  441.562080][T15857] netlink: 'syz.1.4145': attribute type 29 has an invalid length.
[  441.567638][T15857] netlink: 'syz.1.4145': attribute type 29 has an invalid length.
[  441.740071][T15873] overlayfs: failed to clone upperpath
[  441.809908][T15877] sctp: [Deprecated]: syz.1.4155 (pid 15877) Use of int in maxseg socket option.
[  441.809908][T15877] Use struct sctp_assoc_value instead
[  442.571777][T15902] 9pnet_fd: Insufficient options for proto=fd
[  442.745973][T15912] netlink: 'syz.0.4172': attribute type 21 has an invalid length.
[  442.749074][T15912] netlink: 60 bytes leftover after parsing attributes in process `syz.0.4172'.
[  442.760916][T15916] netlink: 'syz.3.4173': attribute type 2 has an invalid length.
[  442.997740][T15936] netlink: 'syz.0.4183': attribute type 3 has an invalid length.
[  443.000995][T15936] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4183'.
[  443.787788][T15976] 9pnet_fd: Insufficient options for proto=fd
[  443.829818][T15980] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4202'.
[  443.993216][T15988] U9: renamed from lo (while UP)
[  444.615698][T16022] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4223'.
[  444.619310][T16022] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4223'.
[  444.629674][ T5927] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  444.634776][T16022] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4223'.
[  444.635711][ T5927] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  444.638659][T16022] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4223'.
[  444.646853][ T5927] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  444.650972][ T5927] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  445.164826][T16044] macsec1: entered allmulticast mode
[  445.166911][T16044] macvlan1: entered allmulticast mode
[  445.168989][T16044] veth1_vlan: entered allmulticast mode
[  445.176965][T16044] macvlan1: left allmulticast mode
[  445.179211][T16044] veth1_vlan: left allmulticast mode
[  446.801772][T16108] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4261'.
[  446.804662][T16108] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4261'.
[  446.807467][T16108] netlink: 'syz.3.4261': attribute type 12 has an invalid length.
[  446.809921][T16108] netlink: 'syz.3.4261': attribute type 13 has an invalid length.
[  447.084604][   T33] kauditd_printk_skb: 4 callbacks suppressed
[  447.084615][   T33] audit: type=1326 audit(1763487073.354:6816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16124 comm="syz.3.4269" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x0
[  449.484614][ T5931] Bluetooth: hci1: unexpected event for opcode 0x041b
[  449.519347][T16224] netlink: 'syz.1.4310': attribute type 2 has an invalid length.
[  449.527078][T16224] netlink: 201872 bytes leftover after parsing attributes in process `syz.1.4310'.
[  449.633680][T16235] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4312'.
[  449.684548][T16237] trusted_key: encrypted_key: key user:syz not found
[  449.883778][T16252] netlink: 80 bytes leftover after parsing attributes in process `syz.1.4321'.
[  449.890256][T16252] netlink: 80 bytes leftover after parsing attributes in process `syz.1.4321'.
[  450.051296][   T33] audit: type=1326 audit(1763487076.327:6817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16259 comm="syz.1.4325" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x0
[  450.668122][T16282] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  450.671729][T16282] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  450.909621][T16294] trusted_key: encrypted_key: insufficient parameters specified
[  451.035634][T16303] overlayfs: failed to clone upperpath
[  452.497907][T16342] netlink: 132 bytes leftover after parsing attributes in process `syz.3.4360'.
[  452.541806][T16344] CIFS mount error: No usable UNC path provided in device string!
[  452.541806][T16344] 
[  452.546642][T16344] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  453.523919][T16363] pimreg: entered allmulticast mode
[  453.540372][T16363] dvmrp8: entered allmulticast mode
[  453.555356][T16363] pimreg: left allmulticast mode
[  453.557640][T16363] dvmrp8: left allmulticast mode
[  453.564751][ T5931] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  453.569864][ T5931] Bluetooth: hci1: Injecting HCI hardware error event
[  453.576358][ T5931] Bluetooth: hci1: hardware error 0x00
[  453.932716][   T33] audit: type=1326 audit(1763487080.211:6818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16394 comm="syz.3.4384" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  453.949918][   T33] audit: type=1326 audit(1763487080.221:6819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16394 comm="syz.3.4384" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  453.957041][   T33] audit: type=1326 audit(1763487080.221:6820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16394 comm="syz.3.4384" exe="/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  453.963733][   T33] audit: type=1326 audit(1763487080.221:6821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16394 comm="syz.3.4384" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  453.970390][   T33] audit: type=1326 audit(1763487080.221:6822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16394 comm="syz.3.4384" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  454.126438][T16401] sctp: [Deprecated]: syz.3.4385 (pid 16401) Use of int in max_burst socket option.
[  454.126438][T16401] Use struct sctp_assoc_value instead
[  455.432597][T16451] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  455.436245][T16451] bridge0: port 2(bridge_slave_1) entered disabled state
[  455.439029][T16451] bridge0: port 1(bridge_slave_0) entered disabled state
[  455.632515][ T5931] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  456.428449][T16473] netlink: 'syz.1.4416': attribute type 1 has an invalid length.
[  456.480998][T16473] 8021q: adding VLAN 0 to HW filter on device bond5
[  456.542723][T16473] bond5: (slave veth0_to_bond): making interface the new active one
[  456.560397][T16473] bond5: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  457.661034][T16497] ip6erspan0: entered promiscuous mode
[  457.798653][T16508] futex_wake_op: syz.0.4433 tries to shift op by -1; fix this program
[  458.246409][T16539] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  458.250633][T16539] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  458.253731][T16539] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  458.256865][T16539] overlayfs: missing 'lowerdir'
[  458.259177][T16541] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4447'.
[  459.396733][T16573] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4462'.
[  459.425101][T16573] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4462'.
[  459.832325][T16590] team_slave_0: entered promiscuous mode
[  459.835162][T16590] team_slave_1: entered promiscuous mode
[  460.868374][T16617] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  460.872263][T16617] overlayfs: missing 'lowerdir'
[  461.553696][T16653] netlink: 'syz.1.4496': attribute type 30 has an invalid length.
[  462.521587][T16667] Process accounting resumed
[  462.943774][T16708] netlink: 14 bytes leftover after parsing attributes in process `syz.3.4521'.
[  463.225207][T16719] netlink: 'syz.3.4526': attribute type 3 has an invalid length.
[  463.539699][T16736] bond_slave_0: entered promiscuous mode
[  463.542627][T16736] bond_slave_1: entered promiscuous mode
[  463.545283][T16736] batadv0: entered promiscuous mode
[  463.554705][T16736] vlan2: entered promiscuous mode
[  463.556860][T16736] bond0: entered promiscuous mode
[  463.601181][T16741] netlink: 'syz.1.4535': attribute type 10 has an invalid length.
[  463.604320][T16741] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4535'.
[  464.537531][T16757] overlayfs: failed to clone lowerpath
[  464.688461][T16757] overlayfs: failed to clone lowerpath
[  465.797082][T16831] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4575'.
[  466.359133][T16851] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[  466.381520][ T5976] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  466.448880][T16855] C: renamed from team_slave_0 (while UP)
[  466.458778][T16855] netlink: 'syz.3.4588': attribute type 1 has an invalid length.
[  466.462188][T16855] netlink: 152 bytes leftover after parsing attributes in process `syz.3.4588'.
[  466.466315][T16855] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  466.645189][ T5976] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  467.285285][T16875] netlink: 'syz.1.4596': attribute type 29 has an invalid length.
[  467.288624][T16875] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4596'.
[  469.555893][T16982] overlayfs: failed to resolve './cgroup': -2
[  470.052503][T16994] netlink: 'syz.0.4645': attribute type 10 has an invalid length.
[  470.061487][T16994] dummy0: left allmulticast mode
[  470.067524][T16994] batman_adv: batadv0: Removing interface: dummy0
[  470.083443][T16994] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  470.095980][T16994] team0: Failed to send options change via netlink (err -105)
[  470.106778][T16994] team0: Port device dummy0 added
[  470.600789][T17029] netlink: 'syz.1.4660': attribute type 1 has an invalid length.
[  470.650231][T17029] 8021q: adding VLAN 0 to HW filter on device bond6
[  470.682177][T17033] bond6: (slave geneve2): making interface the new active one
[  470.686322][T17033] bond6: (slave geneve2): Enslaving as an active interface with an up link
[  472.213769][T17124] tipc: Started in network mode
[  472.215948][T17124] tipc: Node identity , cluster identity 4711
[  472.218405][T17124] tipc: Failed to set node id, please configure manually
[  472.221182][T17124] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  473.522686][T17172] netlink: 'syz.1.4723': attribute type 11 has an invalid length.
[  473.723090][T17180] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4727'.
[  473.726720][T17180] tc_dump_action: action bad kind
[  473.760439][T17184] netlink: 'syz.3.4728': attribute type 1 has an invalid length.
[  473.804388][T17188] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4731'.
[  473.813850][T17188] bridge_slave_1: left allmulticast mode
[  473.817130][T17188] bridge_slave_1: left promiscuous mode
[  473.819511][T17188] bridge0: port 2(bridge_slave_1) entered disabled state
[  473.825552][T17188] bridge_slave_0: left allmulticast mode
[  473.826540][T17190] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4732'.
[  473.827898][T17188] bridge_slave_0: left promiscuous mode
[  473.833206][T17188] bridge0: port 1(bridge_slave_0) entered disabled state
[  474.010744][T17190] bridge4: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[  475.159840][T17223] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4746'.
[  475.339320][T17233] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4751'.
[  475.466511][T17242] netlink: 44 bytes leftover after parsing attributes in process `syz.3.4755'.
[  477.133566][T17270] delete_channel: no stack
[  478.335203][T17333] netlink: 'syz.0.4796': attribute type 2 has an invalid length.
[  478.340068][T17333] netlink: 'syz.0.4796': attribute type 1 has an invalid length.
[  478.345969][T17333] netlink: 'syz.0.4796': attribute type 1 has an invalid length.
[  479.269123][T17375] netlink: 256 bytes leftover after parsing attributes in process `syz.0.4815'.
[  479.953681][T17391] fuse: Bad value for 'fd'
[  482.187111][T17436] netlink: 'syz.0.4841': attribute type 4 has an invalid length.
[  482.215359][T17436] netlink: 'syz.0.4841': attribute type 4 has an invalid length.
[  483.768677][T17448] fuse: Unknown parameter 'euid'
[  485.684896][T17509] Invalid ELF header type: 3 != 1
[  486.715685][T17534] overlayfs: failed to clone upperpath
[  486.807421][T17553] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4885'.
[  486.987152][T17565] cgroup: Bad value for 'name'
[  487.010961][T17567] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (8)
[  487.622189][T17622] 9pnet_fd: Insufficient options for proto=fd
[  489.086540][T17665] netlink: 'syz.1.4936': attribute type 4 has an invalid length.
[  489.090197][T17665] netlink: 'syz.1.4936': attribute type 3 has an invalid length.
[  489.093273][T17665] netlink: 132 bytes leftover after parsing attributes in process `syz.1.4936'.
[  489.850870][T17690] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4947'.
[  490.133655][T17703] netlink: 'syz.0.4951': attribute type 14 has an invalid length.
[  491.255761][T17729] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  491.259850][T17729] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  491.869379][T17754] bridge_slave_0: left allmulticast mode
[  491.871303][T17754] bridge_slave_0: left promiscuous mode
[  491.873192][T17754] bridge0: port 1(bridge_slave_0) entered disabled state
[  491.898481][T17754] bridge_slave_1: left allmulticast mode
[  491.900536][T17754] bridge_slave_1: left promiscuous mode
[  491.902852][T17754] bridge0: port 2(bridge_slave_1) entered disabled state
[  491.914789][T17754] bond5: (slave veth0_to_bond): Releasing active interface
[  491.928851][T17754] bond0: (slave bond_slave_0): Releasing backup interface
[  491.932030][T17754] bond_slave_0: left allmulticast mode
[  491.938159][T17754] bond0: (slave bond_slave_1): Releasing backup interface
[  491.943405][T17754] bond_slave_1: left allmulticast mode
[  491.952150][T17754] team_slave_0: left promiscuous mode
[  491.963609][T17754] team0: Port device team_slave_0 removed
[  491.968853][T17754] team_slave_1: left promiscuous mode
[  491.979922][T17754] team0: Port device team_slave_1 removed
[  491.983782][T17754] batman_adv: batadv0: Removing interface: batadv_slave_0
[  491.990074][T17754] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  493.676482][T17807] IPVS: ip_vs_add_dest(): server weight less than zero
[  494.368175][T17830] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5003'.
[  496.509604][T17896] netlink: 'syz.1.5031': attribute type 1 has an invalid length.
[  496.512704][T17896] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5031'.
[  496.803745][T17922] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5042'.
[  496.858783][T17930] netlink: 64 bytes leftover after parsing attributes in process `syz.0.5046'.
[  496.862906][T17930] team0: No ports can be present during mode change
[  496.975232][T17939] netlink: 'syz.0.5048': attribute type 1 has an invalid length.
[  496.977787][T17939] netlink: 'syz.0.5048': attribute type 1 has an invalid length.
[  496.992804][T17939] netlink: 'syz.0.5048': attribute type 1 has an invalid length.
[  497.684927][T17978] netlink: 72 bytes leftover after parsing attributes in process `syz.1.5067'.
[  497.738532][T17978] hsr_slave_1 (unregistering): left promiscuous mode
[  498.084769][T18015] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5082'.
[  498.913341][T18051] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5098'.
[  498.981329][T18055] netlink: 7 bytes leftover after parsing attributes in process `syz.1.5100'.
[  499.364286][T18070] RDS: rds_bind could not find a transport for ::4006:0:20:0, load rds_tcp or rds_rdma?
[  499.447056][T18076] netlink: 40 bytes leftover after parsing attributes in process `syz.0.5110'.
[  499.454470][T18076] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  499.457297][T18076] IPv6: NLM_F_CREATE should be set when creating new route
[  499.460026][T18076] IPv6: NLM_F_CREATE should be set when creating new route
[  499.699485][T18097] netlink: 204 bytes leftover after parsing attributes in process `syz.1.5119'.
[  499.715531][   T33] audit: type=1326 audit(1763487126.037:6823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18098 comm="syz.0.5120" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  499.731830][   T33] audit: type=1326 audit(1763487126.037:6824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18098 comm="syz.0.5120" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  501.127383][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  501.129978][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  501.611767][T18179] netlink: 'syz.3.5151': attribute type 1 has an invalid length.
[  501.614480][T18179] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5151'.
[  501.697455][T18185] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5154'.
[  501.743020][T18189] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  501.745849][T18189] IPv6: NLM_F_CREATE should be set when creating new route
[  501.748585][T18189] IPv6: NLM_F_CREATE should be set when creating new route
[  502.921293][T18229] overlayfs: failed to clone upperpath
[  502.983552][T18235] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5173'.
[  503.084923][T18239] ip6gre1: entered allmulticast mode
[  503.287514][T18247] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5179'.
[  503.291699][T18247] netlink: 16 bytes leftover after parsing attributes in process `syz.0.5179'.
[  503.370500][T18251] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5181'.
[  503.819578][T18275] overlayfs: failed to clone upperpath
[  504.971188][T18302] netlink: 'syz.0.5204': attribute type 1 has an invalid length.
[  504.976340][T18302] netlink: 'syz.0.5204': attribute type 1 has an invalid length.
[  505.189834][T18310] netlink: 88 bytes leftover after parsing attributes in process `syz.3.5201'.
[  505.383076][T18310] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  505.420275][T18313] netlink: 20 bytes leftover after parsing attributes in process `syz.0.5208'.
[  506.010458][T18351] tipc: Started in network mode
[  506.012661][T18351] tipc: Node identity 7f000001, cluster identity 4711
[  506.015776][T18351] tipc: Enabled bearer <udp:syz2>, priority 7
[  506.025235][T18351] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  506.028129][T18351] tipc: Enabled bearer <udp:syz0>, priority 7
[  506.157132][T18365] sctp: [Deprecated]: syz.1.5231 (pid 18365) Use of int in max_burst socket option.
[  506.157132][T18365] Use struct sctp_assoc_value instead
[  506.475894][T18387] overlayfs: failed to clone upperpath
[  506.956124][T16742] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  506.961283][T16742] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  507.612777][ T5976] tipc: Node number set to 2130706433
[  508.565037][   T33] audit: type=1326 audit(2000000004.832:6825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18462 comm="syz.3.5275" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  508.579698][   T33] audit: type=1326 audit(2000000004.842:6826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18462 comm="syz.3.5275" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  508.594472][   T33] audit: type=1326 audit(2000000004.842:6827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18462 comm="syz.3.5275" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  508.603506][   T33] audit: type=1326 audit(2000000004.842:6828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18462 comm="syz.3.5275" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  508.612534][   T33] audit: type=1326 audit(2000000004.842:6829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18462 comm="syz.3.5275" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  508.641388][   T33] audit: type=1326 audit(2000000004.842:6830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18462 comm="syz.3.5275" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  508.649642][   T33] audit: type=1326 audit(2000000004.842:6831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18462 comm="syz.3.5275" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  508.709412][   T33] audit: type=1326 audit(2000000004.842:6832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18462 comm="syz.3.5275" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  509.719516][T18497] vlan6: entered promiscuous mode
[  509.745179][T18497] bond0: entered promiscuous mode
[  509.943960][T18501] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  510.015521][T18509] netlink: 'syz.1.5293': attribute type 1 has an invalid length.
[  510.599410][T18532] netlink: 256 bytes leftover after parsing attributes in process `syz.1.5303'.
[  510.603297][T18532] unsupported nlmsg_type 40
[  511.933284][T18565] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5316'.
[  513.602803][   T33] audit: type=1326 audit(2000000009.874:6833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18600 comm="syz.0.5331" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  513.618259][   T33] audit: type=1326 audit(2000000009.884:6834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18600 comm="syz.0.5331" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  513.638779][   T33] audit: type=1326 audit(2000000009.884:6835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18600 comm="syz.0.5331" exe="/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  513.658590][   T33] audit: type=1326 audit(2000000009.884:6836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18600 comm="syz.0.5331" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  513.666869][   T33] audit: type=1326 audit(2000000009.884:6837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18600 comm="syz.0.5331" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  513.692942][   T33] audit: type=1326 audit(2000000009.884:6838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18600 comm="syz.0.5331" exe="/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  513.708630][   T33] audit: type=1326 audit(2000000009.884:6839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18600 comm="syz.0.5331" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  513.726404][   T33] audit: type=1326 audit(2000000009.884:6840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18600 comm="syz.0.5331" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  513.983460][T18617] cifs: Unknown parameter 'no'aN[Gzob,er;%j
[  513.983460][T18617] z,@qJ#"h/.W1ȱnNC"C׈E)8+1<;8+`#'
[  516.963715][T18719] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5385'.
[  517.012991][T18725] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5388'.
[  517.062874][T18729] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5389'.
[  519.845258][T18846] sctp: [Deprecated]: syz.1.5416 (pid 18846) Use of struct sctp_assoc_value in delayed_ack socket option.
[  519.845258][T18846] Use struct sctp_sack_info instead
[  523.220390][T18931] netlink: 232 bytes leftover after parsing attributes in process `syz.0.5453'.
[  523.698725][T18953] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5463'.
[  523.734809][T18958] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  525.685567][T19000] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5482'.
[  526.702231][T19036] netlink: 3 bytes leftover after parsing attributes in process `syz.0.5498'.
[  526.712322][T19036] batadv1: entered promiscuous mode
[  526.714436][T19036] batadv1: entered allmulticast mode
[  527.947354][T19102] netlink: 92 bytes leftover after parsing attributes in process `syz.1.5529'.
[  528.941726][   T33] audit: type=1326 audit(2000000025.222:6841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19126 comm="syz.1.5538" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x0
[  529.390462][T19148] overlayfs: failed to clone upperpath
[  529.657336][T19168] netlink: 'syz.1.5556': attribute type 4 has an invalid length.
[  529.660681][T19168] netlink: 152 bytes leftover after parsing attributes in process `syz.1.5556'.
[  529.684956][T19168] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  529.748157][T19172] netlink: 'syz.1.5558': attribute type 1 has an invalid length.
[  531.782700][T19229] netlink: 'syz.3.5583': attribute type 2 has an invalid length.
[  533.477107][T19276] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5602'.
[  533.481168][T19276] netlink: 60 bytes leftover after parsing attributes in process `syz.0.5602'.
[  533.809460][T19293] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  533.986050][T19293] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  534.460004][T19321] netlink: 32 bytes leftover after parsing attributes in process `syz.1.5622'.
[  535.996370][T19372] overlayfs: failed to clone upperpath
[  538.339434][T19438] netlink: 40 bytes leftover after parsing attributes in process `syz.1.5675'.
[  538.773638][T19474] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5693'.
[  538.778121][T19474] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5693'.
[  538.790375][ T5957] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  538.798854][T19474] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5693'.
[  538.802193][T19474] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5693'.
[  538.804375][ T5957] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  538.810720][ T5957] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  538.825539][ T5957] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  538.850583][T19480] overlayfs: failed to clone upperpath
[  538.855272][T19480] overlayfs: failed to clone upperpath
[  538.931376][T19487] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5697'.
[  538.989564][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  538.992716][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  541.969969][T19564] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[  546.737767][T19718] 9pnet_fd: Insufficient options for proto=fd
[  546.875001][T19722] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  546.879547][T19722] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  546.883087][T19722] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  546.886028][T19722] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  546.888958][T19722] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  546.891739][T19722] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  546.895136][T19722] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  546.898167][T19722] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  546.901011][T19722] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  546.906370][T19722] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  546.997557][T19724] netlink: 'syz.3.5799': attribute type 5 has an invalid length.
[  547.121041][T19730] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5802'.
[  547.181324][T19730] team1: entered promiscuous mode
[  547.198310][T19730] team1: entered allmulticast mode
[  547.654200][   T33] audit: type=1326 audit(2000000043.941:6842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19763 comm="syz.1.5818" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  547.679416][   T33] audit: type=1326 audit(2000000043.951:6843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19763 comm="syz.1.5818" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  547.712155][   T33] audit: type=1326 audit(2000000043.951:6844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19763 comm="syz.1.5818" exe="/syz-executor" sig=0 arch=c000003e syscall=154 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  547.729619][   T33] audit: type=1326 audit(2000000043.951:6845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19763 comm="syz.1.5818" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  547.746077][T19768] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5819'.
[  547.752095][   T33] audit: type=1326 audit(2000000043.951:6846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19763 comm="syz.1.5818" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4ecb98ec29 code=0x7ffc0000
[  548.234005][   T33] audit: type=1326 audit(2000000044.522:6847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19801 comm="syz.3.5836" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  548.240750][   T33] audit: type=1326 audit(2000000044.522:6848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19801 comm="syz.3.5836" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  548.247453][   T33] audit: type=1326 audit(2000000044.522:6849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19801 comm="syz.3.5836" exe="/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  548.254771][   T33] audit: type=1326 audit(2000000044.522:6850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19801 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  548.262079][   T33] audit: type=1326 audit(2000000044.522:6851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19801 comm="" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  548.410248][T19816] tipc: Enabled bearer <eth:netdevsim0>, priority 10
[  548.799544][T19830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5842'.
[  549.052969][T19830] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5842'.
[  549.708076][T19856] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  549.947231][T19870] tmpfs: Group quota block hardlimit too large.
[  550.671256][T19900] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5879'.
[  550.946209][T19917] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5888'.
[  551.191023][T19929] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  554.514650][T20007] netlink: 'syz.3.5923': attribute type 11 has an invalid length.
[  554.735486][   T33] kauditd_printk_skb: 2 callbacks suppressed
[  554.735501][   T33] audit: type=1326 audit(2000000051.025:6854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20017 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  554.786376][   T33] audit: type=1326 audit(2000000051.025:6855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20017 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  554.795735][   T33] audit: type=1326 audit(2000000051.035:6856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20017 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  554.806030][   T33] audit: type=1326 audit(2000000051.035:6857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20017 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  554.815139][   T33] audit: type=1326 audit(2000000051.045:6858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20017 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  554.841176][   T33] audit: type=1326 audit(2000000051.045:6859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20017 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  554.908249][   T33] audit: type=1326 audit(2000000051.045:6860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20017 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  554.926780][   T33] audit: type=1326 audit(2000000051.045:6861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20017 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  554.938888][   T33] audit: type=1326 audit(2000000051.045:6862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20017 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  554.948578][   T33] audit: type=1326 audit(2000000051.045:6863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20017 comm="syz.3.5928" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f454298ec29 code=0x7ffc0000
[  555.380525][T20038] netlink: 132 bytes leftover after parsing attributes in process `syz.1.5936'.
[  556.329789][T20060] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5946'.
[  556.372844][T20060] bond7: (slave ip6gretap2): Enslaving as an active interface with an up link
[  556.389692][T20060] bond7 (unregistering): (slave ip6gretap2): Releasing backup interface
[  556.399063][T20060] bond7 (unregistering): Released all slaves
[  556.605796][T20068] tmpfs: Group quota inode hardlimit too large.
[  556.737103][T20075] tipc: Failed to remove unknown binding: 66,1,1/4:2664930306/2664930308
[  556.741396][T20075] tipc: Failed to remove unknown binding: 66,1,1/4:2664930306/2664930308
[  556.745497][T20075] tipc: Failed to remove unknown binding: 66,1,1/4:2664930306/2664930308
[  557.740807][T20108] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5968'.
[  558.273676][T20137] netlink: 'syz.3.5982': attribute type 10 has an invalid length.
[  560.944603][T20207] netlink: 'syz.1.6012': attribute type 1 has an invalid length.
[  561.149095][T20225] netlink: 56 bytes leftover after parsing attributes in process `syz.3.6021'.
[  562.103332][T20245] netlink: 280 bytes leftover after parsing attributes in process `syz.1.6028'.
[  562.359361][T20255] overlayfs: failed to resolve './file0': -2
[  562.382603][T20258] overlayfs: failed to clone upperpath
[  562.526087][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  562.528629][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  563.204618][T20275] netlink: 60 bytes leftover after parsing attributes in process `syz.0.6041'.
[  563.207842][T20275] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6041'.
[  563.211497][T20275] netlink: 60 bytes leftover after parsing attributes in process `syz.0.6041'.
[  563.254396][T20278] netlink: 'syz.0.6042': attribute type 21 has an invalid length.
[  563.256921][T20278] netlink: 128 bytes leftover after parsing attributes in process `syz.0.6042'.
[  563.259950][T20278] netlink: 'syz.0.6042': attribute type 4 has an invalid length.
[  563.262635][T20278] netlink: 'syz.0.6042': attribute type 5 has an invalid length.
[  563.265327][T20278] netlink: 3 bytes leftover after parsing attributes in process `syz.0.6042'.
[  565.530634][T20327] overlayfs: failed to clone upperpath
[  566.627961][T20347] netlink: 128 bytes leftover after parsing attributes in process `syz.0.6067'.
[  566.631483][T20347] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  566.639978][T20349] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6068'.
[  567.010715][T20373] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6080'.
[  567.063723][T20377] netlink: 'syz.3.6082': attribute type 178 has an invalid length.
[  567.771262][T20400] netlink: 'syz.1.6092': attribute type 1 has an invalid length.
[  569.574654][T20452] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6115'.
[  570.525061][   T33] kauditd_printk_skb: 21 callbacks suppressed
[  570.525099][   T33] audit: type=1326 audit(2000000322.817:6885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20459 comm="syz.3.6118" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f454298ec29 code=0x0
[  573.079895][T20553] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6156'.
[  575.455288][T20614] netlink: 'syz.1.6176': attribute type 10 has an invalid length.
[  575.467454][T20614] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  575.474950][T20614] bond0: (slave hsr0): Error -95 calling set_mac_address
[  575.555126][T20620] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6179'.
[  575.698030][T20636] netlink: 'syz.0.6187': attribute type 6 has an invalid length.
[  575.701325][T20636] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.6187'.
[  576.140575][T20650] overlayfs: failed to clone upperpath
[  578.833889][T20684] netlink: 348 bytes leftover after parsing attributes in process `syz.3.6207'.
[  579.314464][T20738] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6232'.
[  579.456017][T20750] tipc: Failed to remove unknown binding: 66,1,1/4:3773746158/3773746159
[  580.334248][T20796] CIFS mount error: No usable UNC path provided in device string!
[  580.334248][T20796] 
[  580.351877][T20796] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  580.492348][T20808] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6266'.
[  580.774061][T20824] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6274'.
[  580.798443][T20824] 8021q: adding VLAN 0 to HW filter on device bond2
[  581.865938][T20855] bridge0: Caught tx_queue_len zero misconfig
[  582.303741][T20885] netlink: 'syz.0.6299': attribute type 3 has an invalid length.
[  582.306938][T20885] netlink: 'syz.0.6299': attribute type 3 has an invalid length.
[  582.314966][T20885] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6299'.
[  583.803697][T20957] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6331'.
[  583.936064][T20971] bond0: option packets_per_slave: invalid value (16779898)
[  583.939154][T20971] bond0: option packets_per_slave: allowed values 0 - 65535
[  585.714318][T21064] netlink: 60 bytes leftover after parsing attributes in process `syz.0.6381'.
[  585.992400][T21071] netlink: 'syz.0.6384': attribute type 4 has an invalid length.
[  586.023276][T21071] netlink: 'syz.0.6384': attribute type 4 has an invalid length.
[  586.437690][T21097] netlink: 'syz.1.6395': attribute type 4 has an invalid length.
[  586.656619][T21119] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6405'.
[  586.662140][T21119] bond0: Caught tx_queue_len zero misconfig
[  586.803839][   T33] audit: type=1326 audit(2000000339.097:6886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21132 comm="syz.0.6412" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  586.830753][   T33] audit: type=1326 audit(2000000339.097:6887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21132 comm="syz.0.6412" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  586.850082][   T33] audit: type=1326 audit(2000000339.107:6888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21132 comm="syz.0.6412" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  586.865457][   T33] audit: type=1326 audit(2000000339.107:6889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21132 comm="syz.0.6412" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0b3358ec63 code=0x7ffc0000
[  586.872567][   T33] audit: type=1326 audit(2000000339.107:6890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21132 comm="syz.0.6412" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0b3358d6df code=0x7ffc0000
[  586.879443][   T33] audit: type=1326 audit(2000000339.107:6891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21132 comm="syz.0.6412" exe="/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f0b3358ecb7 code=0x7ffc0000
[  586.889637][   T33] audit: type=1326 audit(2000000339.107:6892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21132 comm="syz.0.6412" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0b3358d590 code=0x7ffc0000
[  586.901305][   T33] audit: type=1326 audit(2000000339.117:6893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21132 comm="syz.0.6412" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0b3358d88a code=0x7ffc0000
[  586.908084][   T33] audit: type=1326 audit(2000000339.117:6894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21132 comm="syz.0.6412" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  586.915541][   T33] audit: type=1326 audit(2000000339.117:6895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21132 comm="syz.0.6412" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b3358ec29 code=0x7ffc0000
[  586.963025][T21142] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6416'.
[  586.967449][T21142] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6416'.
[  587.737642][T21152] netlink: 'syz.0.6420': attribute type 4 has an invalid length.
[  589.663238][T21219] bond3: entered promiscuous mode
[  589.666633][T21219] 8021q: adding VLAN 0 to HW filter on device bond3
[  591.638428][T21272] fuse: Bad value for 'fd'
[  591.912565][T21294] netlink: 'syz.3.6483': attribute type 10 has an invalid length.
[  591.915864][T21294] netlink: 'syz.3.6483': attribute type 10 has an invalid length.
[  592.294292][T21319] netlink: 964 bytes leftover after parsing attributes in process `syz.0.6495'.
[  592.515092][T21326] 9pnet_fd: Insufficient options for proto=fd
[  593.515954][T21364] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  593.519512][T21364] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  593.525554][T21364] overlayfs: missing 'lowerdir'
[  593.595351][T21369] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  593.603507][T21369] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  594.944758][T21400] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  594.948515][T21400] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  595.363609][T21412] nftables ruleset with unbound chain
[  596.564806][T21464] netlink: 'syz.3.6562': attribute type 3 has an invalid length.
[  597.718451][T21495] veth0_vlan: entered allmulticast mode
[  597.755554][T21495] : renamed from veth0_vlan
[  598.328958][T21514] PKCS7: Unknown OID: [4] 0.38.107.217331280.32(bad)
[  598.333444][T21514] PKCS7: Only support pkcs7_signedData type
[  598.456182][T21520] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6583'.
[  598.560444][T21521] netlink: 'syz.1.6580': attribute type 2 has an invalid length.
[  599.039253][T21529] kernel read not supported for file / 7âW)s!Qfsl{Tr)rO2:"T+͟v|ղDvc֠6xc: (pid: 21529 comm: syz.3.6587)
[  599.046703][   T33] kauditd_printk_skb: 13 callbacks suppressed
[  599.046721][   T33] audit: type=1800 audit(2000000351.347:6909): pid=21529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.6587" name=20019C1437B3CFFCC3A25729EB7393A7C721518FF6ECA56673F56C7B548772D22972A7D6084F9A98F5323A22F412C0542BCD9F767C8DD5B24476638E93D8D6A0C536D278E3633A dev="mqueue" ino=49316 res=0 errno=0
[  599.339354][T21549] netlink: 156 bytes leftover after parsing attributes in process `syz.3.6597'.
[  599.343659][T21549] netlink: 156 bytes leftover after parsing attributes in process `syz.3.6597'.
[  599.876229][T21563] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  599.893506][ T5956] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  600.103410][T21576] netlink: 'syz.1.6609': attribute type 10 has an invalid length.
[  600.107798][T21576] veth1_vlan: entered allmulticast mode
[  600.120028][T21576] team0: Device veth1_vlan failed to register rx_handler
[  600.671158][ T5956] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  601.031865][T21606] netlink: 'syz.3.6623': attribute type 2 has an invalid length.
[  601.738499][T21645] overlayfs: failed to clone upperpath
[  601.833159][T21653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6641'.
[  601.923126][T21661] 9pnet_fd: Insufficient options for proto=fd
[  601.975072][T21663] netlink: del zone limit has 4 unknown bytes
[  602.523364][T21696] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6661'.
[  603.610070][T21736] netlink: 'syz.1.6678': attribute type 1 has an invalid length.
[  605.535386][T21828] /dev/nullb0: Can't lookup blockdev
[  605.788092][T21845] uprobe: syz.1.6730:21845 failed to unregister, leaking uprobe
[  605.791273][T21845] uprobe: syz.1.6730:21845 failed to unregister, leaking uprobe
[  605.919864][T21849] netlink: 'syz.1.6732': attribute type 63 has an invalid length.
[  605.936064][T21849] netlink: 'syz.1.6732': attribute type 63 has an invalid length.
[  606.142889][T21859] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6737'.
[  606.145745][T21859] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6737'.
[  606.320359][T21851] bridge5: entered promiscuous mode
[  606.323382][T21851] bridge5: entered allmulticast mode
[  606.547270][ T5956] ------------[ cut here ]------------
[  606.550313][ T5956] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0x0 with flags 0x0
[  606.554699][ T5956] WARNING: net/mac80211/rate.c:406 at __rate_control_send_low+0x5e2/0x820, CPU#1: kworker/1:4/5956
[  606.558901][ T5956] Modules linked in:
[  606.561708][ T5956] CPU: 1 UID: 0 PID: 5956 Comm: kworker/1:4 Not tainted syzkaller #0 PREEMPT(full) 
[  606.566494][ T5956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  606.570491][ T5956] Workqueue: mld mld_ifc_work
[  606.572454][ T5956] RIP: 0010:__rate_control_send_low+0x5e2/0x820
[  606.575105][ T5956] Code: 38 0f b6 04 28 84 c0 0f 85 d7 01 00 00 41 8b 0f 48 c7 c7 40 47 cf 8c 48 8b 74 24 18 44 8b 44 24 2c 45 89 e9 e8 5f 10 85 f6 90 <0f> 0b 90 90 e9 70 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c
[  606.582457][ T5956] RSP: 0018:ffffc90003e96458 EFLAGS: 00010246
[  606.584770][ T5956] RAX: 3ff8437b9c4ea200 RBX: 000000000000000c RCX: ffff88810e620000
[  606.587748][ T5956] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  606.590824][ T5956] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[  606.593741][ T5956] R10: dffffc0000000000 R11: fffffbfff1c3a65c R12: ffff888110f11e28
[  606.596699][ T5956] R13: 0000000000000000 R14: ffff88810dc18e80 R15: ffff88810dc1b138
[  606.599592][ T5956] FS:  0000000000000000(0000) GS:ffff8881a39fc000(0000) knlGS:0000000000000000
[  606.603025][ T5956] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  606.605651][ T5956] CR2: 00007f4ecc7056c0 CR3: 000000010f340000 CR4: 00000000000006f0
[  606.608577][ T5956] Call Trace:
[  606.610093][ T5956]  <TASK>
[  606.611397][ T5956]  rate_control_send_low+0x1a7/0x7b0
[  606.613505][ T5956]  rate_control_get_rate+0x20b/0x5d0
[  606.615441][ T5956]  ieee80211_tx_h_rate_ctrl+0xae0/0x1750
[  606.617688][ T5956]  ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10
[  606.620070][ T5956]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  606.622614][ T5956]  invoke_tx_handlers_late+0xba/0x18a0
[  606.624701][ T5956]  ? ieee80211_tx_h_select_key+0xd1b/0x19f0
[  606.626811][ T5956]  ieee80211_tx_dequeue+0x308e/0x4360
[  606.628693][ T5956]  ? __pfx_ieee80211_tx_dequeue+0x10/0x10
[  606.630875][ T5956]  ? __local_bh_enable_ip+0x12d/0x1c0
[  606.632913][ T5956]  ieee80211_handle_wake_tx_queue+0x125/0x2a0
[  606.635266][ T5956]  ? __pfx_ieee80211_handle_wake_tx_queue+0x10/0x10
[  606.637722][ T5956]  ? __local_bh_enable_ip+0x12d/0x1c0
[  606.639752][ T5956]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  606.642062][ T5956]  ? do_raw_spin_unlock+0x4d/0x240
[  606.644020][ T5956]  ieee80211_queue_skb+0x1a31/0x21c0
[  606.646112][ T5956]  ieee80211_tx+0x297/0x460
[  606.647826][ T5956]  ? __pfx_ieee80211_tx+0x10/0x10
[  606.649794][ T5956]  ? ieee80211_xmit+0x315/0x400
[  606.651722][ T5956]  __ieee80211_subif_start_xmit+0xccf/0x1610
[  606.654307][ T5956]  ? __ieee80211_subif_start_xmit+0x2be/0x1610
[  606.656677][ T5956]  ? __pfx___ieee80211_subif_start_xmit+0x10/0x10
[  606.659169][ T5956]  ? ieee80211_multicast_to_unicast+0x19c/0x320
[  606.661753][ T5956]  ieee80211_subif_start_xmit+0xe0/0x510
[  606.663951][ T5956]  ? __pfx_ieee80211_subif_start_xmit+0x10/0x10
[  606.666450][ T5956]  ? __pfx_netif_skb_features+0x10/0x10
[  606.668696][ T5956]  ? call_rcu+0x6ff/0x9c0
[  606.670398][ T5956]  ? __lock_acquire+0xab9/0xd20
[  606.672392][ T5956]  dev_hard_start_xmit+0x2d7/0x830
[  606.674475][ T5956]  __dev_queue_xmit+0x1b8d/0x3b50
[  606.676410][ T5956]  ? register_lock_class+0x51/0x320
[  606.678477][ T5956]  ? __dev_queue_xmit+0x27b/0x3b50
[  606.680529][ T5956]  ? __pfx___dev_queue_xmit+0x10/0x10
[  606.682661][ T5956]  ? read_seqbegin+0x122/0x250
[  606.684500][ T5956]  ? neigh_resolve_output+0x438/0x750
[  606.686605][ T5956]  ? lockdep_hardirqs_on+0x9c/0x150
[  606.688559][ T5956]  ? read_seqbegin+0x1ac/0x250
[  606.690371][ T5956]  ? __pfx_read_seqbegin+0x10/0x10
[  606.692531][ T5956]  ? __local_bh_enable_ip+0x12d/0x1c0
[  606.694584][ T5956]  ? eth_header+0x11b/0x200
[  606.696339][ T5956]  ? __asan_memcpy+0x40/0x70
[  606.698136][ T5956]  ip6_finish_output2+0xfb3/0x1480
[  606.700062][ T5956]  ? __pfx_ip6_finish_output2+0x10/0x10
[  606.702271][ T5956]  ? ip6_mtu+0x7d/0x490
[  606.703807][ T5956]  ? ip6_mtu+0x38c/0x490
[  606.705538][ T5956]  ? ip6_finish_output+0x2ef/0x4e0
[  606.707552][ T5956]  ? ip6_output+0x126/0x550
[  606.709268][ T5956]  ip6_output+0x340/0x550
[  606.711451][ T5956]  NF_HOOK+0x9e/0x380
[  606.713022][ T5956]  ? __pfx_NF_HOOK+0x10/0x10
[  606.714861][ T5956]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  606.717072][ T5956]  ? do_raw_spin_unlock+0x4d/0x240
[  606.719043][ T5956]  ? icmp6_dst_alloc+0x3a5/0x420
[  606.721077][ T5956]  ? icmp6_dst_alloc+0x3a5/0x420
[  606.722951][ T5956]  mld_sendpack+0x8d4/0xe60
[  606.725446][ T5956]  ? mld_sendpack+0x1e7/0xe60
[  606.727254][ T5956]  ? __pfx_mld_sendpack+0x10/0x10
[  606.729240][ T5956]  mld_ifc_work+0x83e/0xd60
[  606.731145][ T5956]  ? _raw_spin_unlock_irq+0x23/0x50
[  606.733145][ T5956]  ? process_scheduled_works+0x9ef/0x17b0
[  606.735391][ T5956]  process_scheduled_works+0xae1/0x17b0
[  606.737563][ T5956]  ? __pfx_process_scheduled_works+0x10/0x10
[  606.739904][ T5956]  worker_thread+0x8a0/0xda0
[  606.741796][ T5956]  kthread+0x711/0x8a0
[  606.743393][ T5956]  ? __pfx_worker_thread+0x10/0x10
[  606.745453][ T5956]  ? __pfx_kthread+0x10/0x10
[  606.747300][ T5956]  ? _raw_spin_unlock_irq+0x23/0x50
[  606.749321][ T5956]  ? lockdep_hardirqs_on+0x9c/0x150
[  606.751491][ T5956]  ? __pfx_kthread+0x10/0x10
[  606.753286][ T5956]  ret_from_fork+0x4bc/0x870
[  606.755103][ T5956]  ? __pfx_ret_from_fork+0x10/0x10
[  606.757157][ T5956]  ? __switch_to_asm+0x39/0x70
[  606.759131][ T5956]  ? __switch_to_asm+0x33/0x70
[  606.761119][ T5956]  ? __pfx_kthread+0x10/0x10
[  606.762934][ T5956]  ret_from_fork_asm+0x1a/0x30
[  606.764807][ T5956]  </TASK>
[  606.766002][ T5956] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  606.768762][ T5956] CPU: 1 UID: 0 PID: 5956 Comm: kworker/1:4 Not tainted syzkaller #0 PREEMPT(full) 
[  606.772247][ T5956] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  606.776159][ T5956] Workqueue: mld mld_ifc_work
[  606.778045][ T5956] Call Trace:
[  606.779362][ T5956]  <TASK>
[  606.780540][ T5956]  dump_stack_lvl+0x99/0x250
[  606.782349][ T5956]  ? __asan_memcpy+0x40/0x70
[  606.784169][ T5956]  ? __pfx_dump_stack_lvl+0x10/0x10
[  606.786220][ T5956]  ? __pfx__printk+0x10/0x10
[  606.788135][ T5956]  vpanic+0x237/0x6d0
[  606.789743][ T5956]  ? __pfx_vpanic+0x10/0x10
[  606.791487][ T5956]  ? is_bpf_text_address+0x26/0x2b0
[  606.793579][ T5956]  panic+0xb9/0xc0
[  606.795163][ T5956]  ? __pfx_panic+0x10/0x10
[  606.796933][ T5956]  __warn+0x334/0x4c0
[  606.798516][ T5956]  ? __rate_control_send_low+0x5e2/0x820
[  606.800705][ T5956]  ? __rate_control_send_low+0x5e2/0x820
[  606.802967][ T5956]  report_bug+0x2be/0x4f0
[  606.804686][ T5956]  ? __rate_control_send_low+0x5e2/0x820
[  606.806936][ T5956]  ? __rate_control_send_low+0x5e2/0x820
[  606.809184][ T5956]  ? __rate_control_send_low+0x5e4/0x820
[  606.811430][ T5956]  handle_bug+0x84/0x160
[  606.813131][ T5956]  exc_invalid_op+0x1a/0x50
[  606.814950][ T5956]  asm_exc_invalid_op+0x1a/0x20
[  606.816856][ T5956] RIP: 0010:__rate_control_send_low+0x5e2/0x820
[  606.819319][ T5956] Code: 38 0f b6 04 28 84 c0 0f 85 d7 01 00 00 41 8b 0f 48 c7 c7 40 47 cf 8c 48 8b 74 24 18 44 8b 44 24 2c 45 89 e9 e8 5f 10 85 f6 90 <0f> 0b 90 90 e9 70 fe ff ff 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c
[  606.826816][ T5956] RSP: 0018:ffffc90003e96458 EFLAGS: 00010246
[  606.829202][ T5956] RAX: 3ff8437b9c4ea200 RBX: 000000000000000c RCX: ffff88810e620000
[  606.832284][ T5956] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  606.835428][ T5956] RBP: dffffc0000000000 R08: 0000000000000003 R09: 0000000000000004
[  606.838461][ T5956] R10: dffffc0000000000 R11: fffffbfff1c3a65c R12: ffff888110f11e28
[  606.841571][ T5956] R13: 0000000000000000 R14: ffff88810dc18e80 R15: ffff88810dc1b138
[  606.844644][ T5956]  ? __rate_control_send_low+0x5e1/0x820
[  606.846912][ T5956]  rate_control_send_low+0x1a7/0x7b0
[  606.849025][ T5956]  rate_control_get_rate+0x20b/0x5d0
[  606.851054][ T5956]  ieee80211_tx_h_rate_ctrl+0xae0/0x1750
[  606.853454][ T5956]  ? __pfx_ieee80211_tx_h_rate_ctrl+0x10/0x10
[  606.855855][ T5956]  ? seqcount_lockdep_reader_access+0x123/0x1c0
[  606.858294][ T5956]  invoke_tx_handlers_late+0xba/0x18a0
[  606.860473][ T5956]  ? ieee80211_tx_h_select_key+0xd1b/0x19f0
[  606.862850][ T5956]  ieee80211_tx_dequeue+0x308e/0x4360
[  606.864891][ T5956]  ? __pfx_ieee80211_tx_dequeue+0x10/0x10
[  606.867077][ T5956]  ? __local_bh_enable_ip+0x12d/0x1c0
[  606.869135][ T5956]  ieee80211_handle_wake_tx_queue+0x125/0x2a0
[  606.871441][ T5956]  ? __pfx_ieee80211_handle_wake_tx_queue+0x10/0x10
[  606.873992][ T5956]  ? __local_bh_enable_ip+0x12d/0x1c0
[  606.876087][ T5956]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  606.878396][ T5956]  ? do_raw_spin_unlock+0x4d/0x240
[  606.880443][ T5956]  ieee80211_queue_skb+0x1a31/0x21c0
[  606.882594][ T5956]  ieee80211_tx+0x297/0x460
[  606.884435][ T5956]  ? __pfx_ieee80211_tx+0x10/0x10
[  606.886396][ T5956]  ? ieee80211_xmit+0x315/0x400
[  606.888376][ T5956]  __ieee80211_subif_start_xmit+0xccf/0x1610
[  606.890776][ T5956]  ? __ieee80211_subif_start_xmit+0x2be/0x1610
[  606.893154][ T5956]  ? __pfx___ieee80211_subif_start_xmit+0x10/0x10
[  606.895707][ T5956]  ? ieee80211_multicast_to_unicast+0x19c/0x320
[  606.898153][ T5956]  ieee80211_subif_start_xmit+0xe0/0x510
[  606.900388][ T5956]  ? __pfx_ieee80211_subif_start_xmit+0x10/0x10
[  606.902856][ T5956]  ? __pfx_netif_skb_features+0x10/0x10
[  606.905031][ T5956]  ? call_rcu+0x6ff/0x9c0
[  606.906773][ T5956]  ? __lock_acquire+0xab9/0xd20
[  606.908723][ T5956]  dev_hard_start_xmit+0x2d7/0x830
[  606.910742][ T5956]  __dev_queue_xmit+0x1b8d/0x3b50
[  606.912742][ T5956]  ? register_lock_class+0x51/0x320
[  606.914815][ T5956]  ? __dev_queue_xmit+0x27b/0x3b50
[  606.916825][ T5956]  ? __pfx___dev_queue_xmit+0x10/0x10
[  606.918954][ T5956]  ? read_seqbegin+0x122/0x250
[  606.920838][ T5956]  ? neigh_resolve_output+0x438/0x750
[  606.922934][ T5956]  ? lockdep_hardirqs_on+0x9c/0x150
[  606.924966][ T5956]  ? read_seqbegin+0x1ac/0x250
[  606.926778][ T5956]  ? __pfx_read_seqbegin+0x10/0x10
[  606.928809][ T5956]  ? __local_bh_enable_ip+0x12d/0x1c0
[  606.930860][ T5956]  ? eth_header+0x11b/0x200
[  606.932624][ T5956]  ? __asan_memcpy+0x40/0x70
[  606.934367][ T5956]  ip6_finish_output2+0xfb3/0x1480
[  606.936438][ T5956]  ? __pfx_ip6_finish_output2+0x10/0x10
[  606.938547][ T5956]  ? ip6_mtu+0x7d/0x490
[  606.940163][ T5956]  ? ip6_mtu+0x38c/0x490
[  606.941818][ T5956]  ? ip6_finish_output+0x2ef/0x4e0
[  606.943730][ T5956]  ? ip6_output+0x126/0x550
[  606.945498][ T5956]  ip6_output+0x340/0x550
[  606.947263][ T5956]  NF_HOOK+0x9e/0x380
[  606.948860][ T5956]  ? __pfx_NF_HOOK+0x10/0x10
[  606.950637][ T5956]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  606.953088][ T5956]  ? do_raw_spin_unlock+0x4d/0x240
[  606.955113][ T5956]  ? icmp6_dst_alloc+0x3a5/0x420
[  606.956979][ T5956]  ? icmp6_dst_alloc+0x3a5/0x420
[  606.958802][ T5956]  mld_sendpack+0x8d4/0xe60
[  606.960589][ T5956]  ? mld_sendpack+0x1e7/0xe60
[  606.962432][ T5956]  ? __pfx_mld_sendpack+0x10/0x10
[  606.964347][ T5956]  mld_ifc_work+0x83e/0xd60
[  606.966103][ T5956]  ? _raw_spin_unlock_irq+0x23/0x50
[  606.968164][ T5956]  ? process_scheduled_works+0x9ef/0x17b0
[  606.970343][ T5956]  process_scheduled_works+0xae1/0x17b0
[  606.972504][ T5956]  ? __pfx_process_scheduled_works+0x10/0x10
[  606.974888][ T5956]  worker_thread+0x8a0/0xda0
[  606.976752][ T5956]  kthread+0x711/0x8a0
[  606.978358][ T5956]  ? __pfx_worker_thread+0x10/0x10
[  606.980430][ T5956]  ? __pfx_kthread+0x10/0x10
[  606.982229][ T5956]  ? _raw_spin_unlock_irq+0x23/0x50
[  606.984261][ T5956]  ? lockdep_hardirqs_on+0x9c/0x150
[  606.986303][ T5956]  ? __pfx_kthread+0x10/0x10
[  606.988133][ T5956]  ret_from_fork+0x4bc/0x870
[  606.989944][ T5956]  ? __pfx_ret_from_fork+0x10/0x10
[  606.991946][ T5956]  ? __switch_to_asm+0x39/0x70
[  606.993820][ T5956]  ? __switch_to_asm+0x33/0x70
[  606.995617][ T5956]  ? __pfx_kthread+0x10/0x10
[  606.997372][ T5956]  ret_from_fork_asm+0x1a/0x30
[  606.999251][ T5956]  </TASK>
[  607.001194][ T5956] Kernel Offset: disabled
[  607.002853][ T5956] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:20:16  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff82311501 RBX=0000000000034a99 RCX=ffffffff8231160c RDX=0000000000000001
RSI=0000000000000004 RDI=ffff88801c97501c RBP=ffff88801c974fd0 RSP=ffffc900072ff590
R8 =ffff88801c97501f R9 =1ffff1100392ea03 R10=dffffc0000000000 R11=ffffed100392ea04
R12=0000000000000000 R13=0000000000000001 R14=0000000000000008 R15=ffff88801c975018
RIP=ffffffff82311618 RFL=00000213 [----A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00100
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00100
FS =0000 000055558def8500 ffffffff 00c00100
GS =0000 ffff8880b83fc000 ffffffff 00c00100
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c2a3c5d CR3=0000000037b56000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000600
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f4542ba7498 ffffffff81ad8a6a XMM03=00007f4542ba74a8 00007f4542ba74a0
XMM04=00007f454370d100 00007f4542ba7460 XMM05=00007f4542ba7478 00007f4542ba74c0
XMM06=00007f4542ba74b8 00007f4542ba74b0 XMM07=00007f4542ba74a8 00007f4542ba74a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f4542a12fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000006c RBX=000000000000006c RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90003e95bf0
R8 =ffff888107af0237 R9 =1ffff11020f5e046 R10=dffffc0000000000 R11=ffffffff8556cf50
R12=dffffc0000000000 R13=ffffffff99d19934 R14=ffffffff9a00f5a0 R15=0000000000000000
RIP=ffffffff8556cfcc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a39fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4ecc7056c0 CR3=000000010f340000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f4ecba12fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
