last executing test programs:

32.990061744s ago: executing program 4 (id=764):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x5}, {0xfff1, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=@deltfilter={0x2c, 0x2d, 0x1, 0x78bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x1, 0x8}, {0xffff, 0xffff}, {0x7, 0xf}}, [@TCA_CHAIN={0x8, 0xb, 0x9}]}, 0x2c}}, 0x20044000)

32.703408812s ago: executing program 4 (id=766):
socket$inet6(0xa, 0x80002, 0x88)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x0, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0x2, 0x1000000}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x64, 0x0, 0x0, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11, 0x0, 0x0, 0xe000, 0x2, 0xc0000000, 0x1000000}}}}}, 0x0)

31.469622015s ago: executing program 4 (id=769):
syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000000)='./file1\x00', 0xa18c14, &(0x7f0000000240)={[{@shortname_lower}, {@shortname_mixed}, {@shortname_winnt}, {@fat=@codepage={'codepage', 0x3d, '775'}}, {@shortname_win95}, {@rodir}, {@shortname_mixed}, {@numtail}, {@shortname_lower}, {@fat=@errors_continue}, {@uni_xlate}, {@utf8no}, {@utf8no}]}, 0x81, 0x29b, &(0x7f0000000e40)="$eJzs3c9qK1UYAPBv0iRNVEgWrkRwQBeuwr33CW6QChezUrLQjV5sC5KEQgMB/2Dsyr3gynfwHXwAN76BC5eCO7sQR5KZSdI0bY3EVOrvt5kvc74v509OWyjMyUevjgbHZ+PTiy9+jkYjicrTeBqXSbSjEqWvAgB4SC6zLH7LcnflVqMeEVmreFXZw/AAgH/BNn//AYCH4b33P3in2+sdvZumjYjR15N+Evk1b++exicxjJN4FK34IyJbyOOXnvWOopqm5T8DJs3oR4w+/LF43f01Yl7/OFrRXq+vF1npXLwxmk76s55n11q8kER0syRPeRKteDkiq0XxJvnl7We9oyfp9fro1+PN178rxv/nSXSiFT99HGcxjOP5Wyzrv3ycpm9l3/7+eT6DfkQynfQP53lL2cFePhAAAAAAAAAAAAAAAAAAAAAAAP4XOulCe/X8nPI0wE5nc/uN5wMVJ/xMV87XeZSmaXmMz6Rfi7y+Gq9Uo3p/MwcAAAAAAAAAAAAAAAAAAID/jvGnnw2eD4cn51eCH7JZ0Lw1Zz2ortwpH+u/u2pzMPg+YvuqvxPEQTG0YXKti6Rs2kFfh9skNzd1GpWb1rA6jHzw32w/sNd2NcFbg3J3DZ4ncUdyY/MmWdl15TY8HydbbMhsw9Id3FhV39Hc6y/+0/LmxoWazbi2WMyrVY3ZJ7lyp7bjn5Q1yc5/9wAAAAAAAAAAAAAAAAAAAFctH/qNX641XtzLkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg75bf/78Ior1+Zz2YFsXzO5Xbkw/Pxxu6be95mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxwfwUAAP//5OlVhQ==")
landlock_create_ruleset(&(0x7f0000000040)={0xf0ffc94e915cdaa7, 0x0, 0x2}, 0x18, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2436423bc3e16464, &(0x7f0000000000)={[{@dax_inode}, {@dioread_nolock}, {@jqfmt_vfsv0}, {@orlov}, {@init_itable}, {@usrjquota, 0x2e}], [], 0x2c}, 0x0, 0x465, &(0x7f00000009c0)="$eJzs28tvG8UfAPDvrvPo85f8Snn0AQQKIuKRNGmBHriAQOKCVAkO5RjStCpNG9QEiVYVDQiVI+pfAByR+As4wQUBJxBXuKNKFeqFwgEtWnvtGj/S2HHqFn8+0iYz+/DM17tjz854AxhYE/mfJGJHRPwSEWMRUWrcYaLy78b1i/N/Xr84n0SWvf57kh8Wf1y/OF/dNSn+by8yk2lE+lES+1qUu3z+wum5xcWFc0V+euXMO9PL5y88c+rM3MmFkwtnZ48cOXxo5vnnZp/tSZw787rufX9p/55X37zy2vyxK299/2Ve3x3F9vo4KsY3XOZETNTek0aPb/jV7yw769LJUB8rQkfytp6fruFy+x+LUtw8eWPxyod9rRywqbIsy0ab1tZ6AKsZ8B+WRL9rAPRH9Ys+v/+tLrex+9F3116s3ADlcd8olsqWoUiLfYYb7m97aSIijq3+9Wm+RMtxCACA3vo67/883ar/l8Z9dfv9r5gbGo+I/0fEroi4JyJ2R8S9EeV974+IBzosf6Ih39z/+WlrV4GtU97/e6GY2/p3/6/a+4vxUpHbWY5/ODlxanHhYPGeTMbwaJ6fWaOMb17++ZN22+r7f/mSl1/tC0bESER6dahhgO743MrcBsOuufZBeQzwUnP8SW0mIImIPRGxt4vX3xIRp578Yn+77beIf209mGfKPo94onL+V6Mh/qpk7fnJ6S2xuHBwunpVNPvhx8tH25W/ofh7ID//21pe/7X4x5P6+drlzsu4/OvHbe9pbh1/6+t/JHmjnB4p1r03t7JybiZiJFltXj9bZIZu5qv75/FPHmjd/ndF/P1Zcei+iMgv4gcj4qGIeLio+yMR8WhEHFgj/u9eeuzt7uPfXHn8xzs6/9VE0rSmXaJ0+tuv2pV/6/iPXh0aPVxOTRZr1vP5t556dXc1AwAAwN0nLf8GPkmnauk0nZqq/IZ/d2xLF5eWV546sfTu2eOV38qPx3BaHekaqxsPnSnGhqv52Yb8ofK4cZZl2dZyfmp+aXGz5tSB9dnepv3nfiv1u3bAputoHq3dE23AXcnzmjC4tH8YXNo/DC7tHwZXq/Z/KeJGH6oC3Ga+/2Fwaf8wuLR/GFzaPwykNs/GJ7HO5+fbHV7R5eEDlSjdGdXoOBHpHVGN7hLphl+n1Lv6jHbQUi7F7Xqj+vzBBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0CP/BAAA//8xr+fd")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

31.142107515s ago: executing program 4 (id=773):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0xf, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000070000000000000004"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x15, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
io_setup(0x5, &(0x7f0000000e80)=<r0=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x20800, 0x0)
ioctl$RTC_UIE_ON(r4, 0x7003)
r5 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r5, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
setsockopt$sock_timeval(r5, 0x1, 0x42, 0x0, 0x0)
listen(r5, 0x2)
syz_io_uring_setup(0x4, &(0x7f0000000580), &(0x7f0000000080), 0x0)
r6 = openat$random(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
io_getevents(r0, 0x1000, 0x80000000000033b, &(0x7f0000000240), 0x0)
io_submit(r0, 0x1, &(0x7f0000001580)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0x0, r6, &(0x7f0000000080)="8c", 0x1}])
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB='dots,check=normal,nodots,nodots,uid=', @ANYRESHEX=0x0, @ANYBLOB='\x00'], 0x1, 0x251, &(0x7f0000000400)="$eJzs3cFqE1EUBuDTJm1DN3YtLgbcuArqGwSpIAaESBa6MlDdtCJMN6OreQyfwUfyMbrqbqSdMUk7wYUa79j5PghzyM/AuQRyZ3FP8u7Bx9OTT+cfqu9fYzTKYhhRxmXEUezGIGo7zXX3ut6PdWW07LXfAgC6ZDZbTFL3wHbl+WRx9VB20Erm35I0BAAAAAAAAAAAwB/7jfP/g/X7N5z/BwA6zvn/uy/PJ4vD5vntJuf/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHQuq+pe9YtX6v4AgL/P/g8A/WP/B4D+sf8DQP+8fvP25WQ6PZ5l2Sjioizmxby+1vnzF9Pjx9m1o9VdF0UxHyzzJ3We3cz34rDJn27M9+PRwzq/yp69mt7KD+Jk+8sHAAAAAAAAAAAAAAAAAACAThhnSz/n+8uIWM73j8etvJnPr6u13we4Nb8/jPvDf7kSAAAAAAAAAAAAAAAAAAAA+H+df/5yujg7e58rOlLsNJ9MV/rpbTGIiA60kapI/MUEAAAAAAAAAAAAAAAAAAA9tBr6Td0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKSz+v//7RWp1wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0w48AAAD//ypXjlE=")
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000140)='memory.pressure\x00', 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f00000020c0), 0x0, 0x1}, 0x20)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000000c0)={@dev, @broadcast}, &(0x7f00000001c0)=0xc)

28.620724946s ago: executing program 4 (id=780):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$poke(0x5, r0, &(0x7f0000000200), 0x0)

25.88455635s ago: executing program 4 (id=789):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000340)={r2, @in6={{0xa, 0x4e20, 0x6, @empty, 0xfffffffc}}, 0x8}, 0x90)

25.477834144s ago: executing program 32 (id=789):
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000340)={r2, @in6={{0xa, 0x4e20, 0x6, @empty, 0xfffffffc}}, 0x8}, 0x90)

8.285327344s ago: executing program 3 (id=879):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000140)={[{@jqfmt_vfsv1}, {}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000540)={r2, 0x1}, 0x8)

7.381848838s ago: executing program 1 (id=886):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000080)={@val={0x8, 0x800}, @val={0x0, 0x4, 0x0, 0x3, 0x14}, @ipv4=@udp={{0x5, 0x4, 0x3, 0x1e, 0xb0, 0x66, 0x0, 0x40, 0x11, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x12}}, {0x4e20, 0x4e23, 0x9c, 0x0, @wg=@initiation={0x1, 0x4, "31150048d5e06bdc339f0b82e56e05e9a3f461bf8f05c607f304e7fe0700221b", "b54970b8807c69e8aba2815e90ed451c3c1a9dff75f0f264e44cbb999c8f292e5aa143fd63ea1886e0cd425df0d8e5e7", "2bed86cd87cd326b66a3ca343e29e347dc61214ad793ad9f48b4d287", {"b15c14be998215153aaf76bbf0aead9a", "5cd7bcd4dc8e1acb0a78f4793cfd119c"}}}}}, 0xbe)

7.17907491s ago: executing program 3 (id=888):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x20000050)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
read$msr(0xffffffffffffffff, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, 0x0, 0x2040040)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
fcntl$setlease(r4, 0x400, 0x0)
truncate(&(0x7f00000000c0)='./file0\x00', 0x1000000)
bind$inet(r0, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r1, 0x8030942b, &(0x7f0000000040)={0x9, {0x22, 0xff, 0x4, 0x7, 0x800}})
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0xa13, 0x4)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001400010000000000000000c903000080080002"], 0x1c}], 0x1, 0x0, 0x0, 0x100}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0)
sendto(r0, &(0x7f0000000740)="50fbdf12a30d7a48b2c5c84948f3426077a9f0ca1475183db3bf52a6b2cdb77ef9af2a603a3e78adff59fbb22bae1b2443011fd801251bcef8f165533aac58c7556dd51edc5a6865d4e29f0bbd0ed602050000000000002944de604d849a1e3b32905b0d26e9ff34b83f38a2ae8b1c6748ef8b87ef2a359249c3e294931489ba57f83f96048684434854ab3b6ad59f45e8329726", 0x94, 0x0, 0x0, 0x0)
write$binfmt_misc(r0, &(0x7f00000003c0)='}', 0x1)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000100)={0x0, 0xffffa811}, 0x8)
sendto$inet(r0, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x52, 0x0, 0x0)

7.081041536s ago: executing program 0 (id=889):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)={0x1, 0xc00, 0x0, {0x0, 0x2710}, {0x0, 0x2710}, {}, 0x1, @canfd={{0x2, 0x1, 0x0, 0x1}, 0x21, 0x2, 0x0, 0x0, "90bd38f4de9b969d99a2321a11808840004b4e1c537dc61119c864da8f5dc1f2b4c917d0253c6d108ba26575b5a650fb516c85af94f75c4299167d61bca1302f"}}, 0x80}, 0x1, 0x0, 0x0, 0x4004040}, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x1, 0xb20, 0x0, {0x77359400}, {}, {}, 0x1, @canfd={{0x0, 0x0, 0x1, 0x1}, 0x7d, 0x0, 0x0, 0x0, "dc5a0ed20407f2bd0690bfe106dae015ddf047a63e388c3a17049dc942345089ee93f6223918195704fd22e15c26b0555e6a957c3f2dc86a355f4806c9e4f761"}}, 0x80}}, 0x40000)

6.032603529s ago: executing program 0 (id=890):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000100)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000080)={'a', ' *:* ', 'r\x00'}, 0x8)
write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB='b *:4\twmr'], 0xa)

5.925031615s ago: executing program 3 (id=891):
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000005e00679a3601ffc4910700004f78d4c1a0731cccff"], 0x1c}}, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000100)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x10, 0x20}})
recvmmsg$unix(r0, &(0x7f0000002380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

5.903088346s ago: executing program 1 (id=892):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f757365725f78617474722c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c646174613d77726974656261636b2c6572726f72733d72656d6f756e742d726f2c6e6f61636c2c0033b67a38edf7ca65cff4aecf1bccac7b7847e83ec6928ad9eff2281ff7a2314d9a8541a9772b98d067c1463bb01ed3ebf5764745d29402107611df2e22d6cfb25eb0a8b970f339cf6413aaef25cee228060d70ce0ade90d917a9c5"], 0x1, 0x442f, &(0x7f0000004480)="$eJzs3c9rHFUcAPA3k7RJan8ktYcKggsWFJWQ9KRGME3TH0lbI9UWESHdJNs2ssmWZCMeeog3wZPgQTwUBW85SQ5e65/gxaOeC3rwIghiZHdn053JLlnrbmLL53PYt/N+J9+Z2TeH3RcnyrcXV3OLq7n8cq40f3P1dO6jUnFtqRDiPdJ0/AN7Nz7t6cZ50kafff995jQzc/b8O9dPh/DDwk8Ptra2tkJFb2hqtOH9H7/fnW9M6+JMm0q/zXvrlPdDCCd2zKuiJ4Tw3vchRCGEM0neRJIOhBCOhFrZ9buf3ch1aDZ9Sbo5dmp6495m6789CuGr4jOv3Fr69fmesV9e6tDwAAAAAAAAAAAAAAAAAAA85i5cnbn29shouB+F3o2o9n3dvsbyJG31/ditjnluD/5aAAAAAAAAAAAAAAAAAAAA+H96+P3/XHQ82rlf92SSjrdov/Vm9+dI90y9NTN5bmQ02f89aiiZOVZ5fTXJ+u1MTxhqsu97dv/3M5n+m+//HnVs/vX51ccdDFE8nDqO4+HhEL5JNn4/GR2Ki6XV8ss3S2vLCx2bxmMrHf/a7v2p6CQb+rcb/4lM/93f///pHWdT5fhG506xJ1o6/j0t6/WHqK34n82024v48+jS8e+t5g00Vhiv3QC+/SQKn/fuHv/JTP/div/REEIuqsw1l7oDVNYwlfxW6xXS0vE/UM1L3TqTf2Ql/s2u/z8z8T+X6X+/7v/r2Q8imkrH/2A1rz9V4+H1PxTvfv2fz/S/H/GvzH/d539b0vFPfvmtN1Wl+p9s9/5/IdN/t+J/LU7meTRKnQEbUS2/1e/VkZaOf/+O8ofPf3Fb67+LmfZ79fxXH7f+/Fe//b8Y1Z7/aC4d/4GW9dq9/qcy7bp9/x+vrv94VOn4H6rmpdfOg9XXduM/nem/O/E/uP1uPLP+/7uvtgD42vqvLen4P1XLjBtrrFdfq+u/aPf1/6VM//ux/qvMfz3u7qhPinT8D7esV4n/j218/l/OtOt+/EMYsdZ/ZOn4H2lZr3r99+8e/yuZdt2O/wvd7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMTCRpIMhiodTx3E8PBzC2eT4ZDgUzeUXZueKpfkPVkOYTPJz4Xh0q1iayxdnF5dLC4XZfLFYmg/hXFJ+IvRHq8VSeXYpf+f8dl8D0e1CfqU8V8iXQwgXkvxnw5F6X3OL5aX8nRDCxe2yY3Fp5c7t/PLswuLK6yMjIyNhansOQ1Hh43JhuVwbvVYawvR228GoYXLV4kvbczkcfVhaW1nOF6v5lxvaFEvz+WJDmytJ2RdhKCqvrC3P58uF2WLpVn28/TSepJNTV9+9enl0R/mNqJZO7O20AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiX7o+99mUIobd2FIcQxutvomb1v/u58MbsX1c+3Rw7Nb1xb/NBq3oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWGXjlEqBoIwAM+uRazEY1iFpLONKKKFEcETaO0JPIwexUt4BwsLWwsR4gYkL3mkea/6vmZgf3Z2YAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1rm86+9vmzYixeFPVcXb4/vH//y61Jez+fsHe5iR3bm66c8vmrb8e9rIT8vRZ5eH9Pvr+SFm6uh1sifTffozNH062jLX0r4tzTe+exwp1xHRlfwk5VzX63oBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUXfBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArwAAAP//hykaaw==")
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000440)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1800052, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x108)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

5.724547937s ago: executing program 0 (id=893):
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000000080)='./bus\x00', 0x0, &(0x7f0000000dc0)=ANY=[], 0x1, 0x1207, &(0x7f0000003000)="$eJzs3E9rXFUYB+DXpDUxNX/UWm1BetCNbi5NFm4UJEgK0gGlbYRWEG7NjQ65zgxzh8CIGF259XOIS3eCuNNNNn4Gd9m47EK8kpnGdsqAlkpuDM+zmZc55zfz3jnDwBnmzMGb33y6s11l2/kgZp54K2Z6EeluihQzceTLeO2Nn3956cat29fWW62N6yldXb+5+npKaenyjx98/t3LPw3Ovf/90g9zsb/y4cHva7/tX9i/ePDnzU/aVWpXqdMdpDzd6XYH+Z2ySFvtaidL6b2yyKsitTtV0Z8Y3y67vd4w5Z2txYVev6iqlHeGaacYpkE3DfrDlH+ctzspy7K0uBA8js1v79Z1HVHXZ+PJqOu6fioW4lw8HYuxFMuxEs/Es/FcnI/n40K8EC/GxdGspvsGAAAAAAAAAAAAAAAAAACA0+Wxzv9fbrh5AAAAAAAAAAAAAAAAAAAAOCVu3Lp9bb3V2rie0nxE+fXu5u7m+HY8vr4d7SijiCuxHH/E6PT/2Li++k5r40oaWYmvyr17+b3dzdnJ/Oro7wSm5lfH+TSZn4uFB/NrsRznp+fXpubn49VXHshnsRy/fhTdKGMrDrP381+spvT2u62H8pdG8wAAAOA0yNLfpu7fs2zq+NxR/hG+H3hof30mLp1p8so5VA0/28nLsug3Xhx1NL5nLyJOSGMnoliKiP/+kc/+45z5e6tyIl6Ef1fMTryRmu/nf1o083nE8bq/6E13AgAAAAAAAAAAwKM4jp8THj7PbNMXCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzFDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACApQIAAP//2ZfHAQ==")
creat(&(0x7f0000001740)='./bus\x00', 0xa1)
mount(&(0x7f00000002c0)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000100)='./bus\x00', 0x16f842, 0x19)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x500f0, 0x0, 0x0)

5.660994321s ago: executing program 3 (id=894):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000000)='.\x02\x00', 0x450, &(0x7f0000000780)=ANY=[@ANYRES64=0x0, @ANYRES32, @ANYRES64], 0x1, 0x5552, &(0x7f0000008ec0)="$eJzs3EtvG9UXAPBju2n/ff4jxIJdR6qQEqm26vQh2BVoxUO0qngsWIFju5Zb2xPFrhOyQoIlYsE3QSCxQmLDZ2DBmh1iAWKHBPLMmBLCo5XdOGl/P2l85t65PnPvyEp0ZiwH8MRaTn75qRRn4nhEVCLiVCmy/VKxZa7m4ZmIOBsR5T9tpaL/j46jEXEiIs5Mkkd8PczHTA59en587vKPr/381bfHjpz87MvvFrdqYNGejYj+Rr6/1c9j2snjnaK/Me5msX9pXMT8QP9u0U7zuNVezzJsNabjGlm82MnHpxv3hpN4u9doTmKnezvr3xjkJxyOO9M82RvuNDazdqu9nsXuMM1iZyef1/ZO/vdyZzjK87SKfO9n6WM0msa8v73dztezcTeLzcGo6M/zpq329iSOi1icLpppr5XNY32WK32wvd4d3NtOxu3NYTcdJJdr9edq9SvV+mbaao/al6qNfuvKpWSl05sMq47ajf7VTpp2eu1aM+2vJiudZrNarycr19rr3cYgqddrF2sXqpdXi73zycs33056rWRlEl/sDu4d7faGye10M8nfsZqs1S4+v5qcqydv3riV3Hrj+vUbt95699o7N1+48epLxaA900pW1i6srVXrF6pr9dUDsP7J/90HXP9olvV/VEz6IdZfmu3ywL/zAQN4aHvq/5hv/V8J9T+w12Gv/2Oe9f+kpFL//3f9W569/p+p/j2o9f8hXj/MRP0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDE+n7p81eyneW8fbLoP110PVW0SxFRjojf/kYlju7KWSnyLP3D+KW/zOGbUmQZJuc4VmwnIuJqsf36/0d9FQAAAODx9cUHZz/Jq/X8ZXnRE2I/5Tdtyqfem1O+UkQsLf8wp2zlycvTc0qWfb6PxPacsmU3sP43p2T5Lbcj88r2QCrT8OHp+53Zgkp5KO/rdAAAgH1R2RX2twoBAABgP3286AmwGKWYPsqcPgvOvnl//9Hm8V3HAAAAgEOotOgJAAAAAI9cVv/7/T8AAAB4vOW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3cJg5EcQB+BgzsPy3aBraVvUEZW0KOOQYKSBOUQFpIA9RAbrnnEkGEPUJyBFIUxrFA3yfZZmz0mxng8sbCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KancjV7uPt7f27OdneePLMBAAAAjtmUq1n1YlK3f6Tzv9KpP6ldREQvIo7V7v0YNjL7Kac88f7y3RgeI6qEfR+jtH2PiH9pe/3d9qcAAAAA12u9WE7rar3eTboeEF+pXrTp/fyfKa+IiHLynCktr/3vexC3mdKqBaxxprB6yW1w/NowVydN/cYhzWQ8r77EqtVrp18AAKBLzUrgRBUCAADAFbjpegB0ozjsDvcZR/Uh3RD81mgBAAAAF6joegAAAABA66r6/xKe//fibwkAAADwafXz/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTplzN1ovl9NT1+Qdztrvz5JsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Mb+3KNACIQxAM0u/nYy9z+sRLS0tnkPBkLCFB8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG9+98v/CVdzJJnaNsytR5KlU8PaqWHr3LD3w/j6GgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONmflxQIgSCIgjnjfyd9/8NKgp5BhAhoeFRRiwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgi373y/+JqXEmmTttLB2PJGtXja2rxt6DxtGD8fZvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNi5f964yTAA4M/5ztc/gAgBZQigIjHAQpNraekIAyhi4CMgRemlBK4U2gy0ikBZYEKZuyAYEUICha3foXMjdSlbhwxBYgbZZ1/d9kqP0thH8/tJ772Pz877Pq/PivLETgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNLuO/FSUsTt7GVmGJfv3djbWMn6nXv6zLWtm/NZy+LWwyb65u3Hn/x0e7m6cWyusvFV/ckAAABwMLTL+j4ibqXbS1mfzOT1f1oek9X83z8zjMt6/t66f2dv43Cxa76s/3/79fYLo4lmhvNkg66uDfqL96fS2aclTr1nH3pEJz/z+e9e2vkHkry/+fxump/P1rfXr7/bzcNDdWQLADyK42VfBOXPQ1nfazIxAA6MTqXwLuv/9kyzOQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADUYXcznirjVkTMd+7EmZ29jZVx/bWtm/NlO3316lZ1zGyINCJW1wb9tMa1TLtLl698sjwY9C+ODSIeuOu/B8ciYn9GfkAQY3Z9OMGXR/zzMcXlGfWs4t8FrelIo9EgKT6f4p1uvVfd/gbltff4R27oGxIAAE+stGhZXX8r3V7KN2cj/vrh7vr/tUocE9b/tz86faM6V7X+79W3xKm3sH7+s4VLl6+8sXZ++Vz/XP/TN0/03uqdPHPq1JmF7FwtLqxG0l9sOk0AAAD+x7pFq9T/kczef///aCWOCev/z7/rfVmdq63+H+vOTb+mMwEAADiIuqPouVf+/KM15ohWtxtfLK+vX+wNX0fbJ4avtab7iA4VrVr/t2ebzgoAAACow+5m6677/2crcUx4///pH1/8uTpmOyKORFyIiP7xlQuDs/UtZ6rV8YfK+UTdplcKAABAU44UrXr/P82f/09GjzwkEfH6q8O4/F9Xk9T/7fe+/qk6V/X5/5P1LXEqJXPD85H3cxGduaYzAgAA4El2uGhZsf97ur308S9HP+h6/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgbn8HAAD//zzZNOo=")
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file0\x00', 0x1200000, 0x0, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0)
renameat2(r0, &(0x7f00000001c0)='./file0\x00', r0, &(0x7f0000000200)='.\x02\x00', 0x4)
renameat2(r0, &(0x7f00000000c0)='./file0\x00', r0, &(0x7f0000000300)='.\x02\x00', 0x2)

5.051637857s ago: executing program 0 (id=897):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x56a, 0x15, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x60, 0x5, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x914, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x8}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f0000000780)={0x0, 0x16, 0x8, {0x8, 0x5, "030cb2502a88"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002100)='/proc/bus/input/devices\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000040)={0x2020}, 0x2020)

4.788781223s ago: executing program 2 (id=898):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000080)={@void, @void, @eth={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x6}, @val={@void, {0x8100, 0x2}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x4000, 0x0, 0x3, 0x2f, 0x0, @private=0xa010101, @multicast1}, {0xa001, 0x880b, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x9, 0x0, @void}}}}}}}}, 0x32)

4.195907269s ago: executing program 1 (id=899):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x40000)
ppoll(&(0x7f0000000000)=[{r0}], 0x1, 0x0, 0x0, 0x0)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x282a2, 0x0)
write$dsp(r1, &(0x7f0000000280)="3f3ebf96496a790c1a90be2dc1f4f354874823223d84a059c0965274226d8615ef6db50148787dea82a0d6ceafba54d8a1bb4c021dae906675370cb828fb2b39d793815a60315f1a2c516b44fe84da111f9a24a265148ee0b345a915d7d651736563e62863e45a0ada9d51cf88eae940d2770cc5892be40bde7cb251be69ed71fc48f9df1574b43fd4b8782fc9c9512f34a1df4cf795c4df2145a82d24733685caa2c47a7f191d4dfdb6d16cdddfb3183687b4e8800895566e1e90a21b3d24a382c617104bf4bcdab75edd04d849680d079bed2daa190c23489bcb8f705fdd2195f6abe775ea3f8d280c5875afd303816fbedc65b9859964b6ffbb7fc4f702abeb03adc885e85752144a76ba9504848be70f4d7cd865dfe7495345791ed721c93f9d17b4a78a9b3e3f467adabf03efac22dd1d78151e4845dacceffc1cb1b42f4482f2d251649a9d5af02697b7a1b0abb808f6cb75c22f7bcfd92668672e75c1edf39ca05737def4d603abd0358e4e129af84062fd64401530f00304e6ec889507aeec17a5311e3aa426f805a8a92518176dfd0a32297cda2a7fb693c81bfc5cdcae8ea131d1411144308106666e5be8f56ea8b3ff8c28b09e9773c8085c5392a4750cced5202228261bc00765c30f0b5caf4438a3157764c3d3bbeb82c5265dd82f40a95b33d08e569cc79465e85e8c8bf15952ac6493147e007d19d79935a44061621f73aca555d2e142dcd6f356c86e70b8b577c81c93acc0509819dbe268e579761e9155fe74a969d14197ac7b552307acaa547d967685546530b7c6ad617c8e12d46e8bb281442de856e02b965c41cf1c9479ccee57b694aa531ad505efea789f3f36eecf490b8d06e75d5b83fc091116da24f7909f8a2877ce3dbba33e804ff988da7a4ec3b506beb2bf3ac52a5153b10ac636979472b1df2100d3e3fcab98c85e3b9143a82c95c3b517a32c1cf60150f4b6c0b1f557ed4659dcb8e2c14bdb960b985996024ef067fcb3f29c2609b03a95faba2c01a5d86d7f7152340c54568e5aac57554b1d3c0385b4d3f45afeb77b373e2012f2d3ffcaec079b6e282f506cd96bcab291ca506c5bf88bb26c2cf449e2270902147462835d19fb96d98e858003aa33a3d3f28ac428e182e8e903d2a621389d78470f75f942a175cd104cceef2295930bbf83deca1403bb471c1f59f4cc5a07ef6980ffacad4de3d7825fef97a27dd01e02a12c4e3f589f61edff38f577a515d6189d500724bf7f25c39921c6be65c036d0e5050237d12d68c61c9ec80fa722bf288fa503da63746a0aac4326026e61d3f185984896c2b07f9c04a2643d216b0c128152fe2be48d641a1093a2a82b94b488f802bd7ce72bcb7db98b3e9470d96ec6f352f54de83b87a3d5f6c8e0c619f5d0279edd1629966b4c795160c08329327fcad3cfcca0b12fd1098d58ad09803257235505305a63846397d7036b65937a50283e1874b74c1d57e238c31e034931292f346ae8212906f388d3be2319219767a7ad7547ee07e0c119437b0254092bcfe4d70a5f2bff015901a6219c8629a88abf01f7a1ae3960877d82796878ff5dc14ac3db83a0a3ac45f217a40e6b9964cbc2f2c5681b3a074666755786cca48980826f929ed03ad448ca46cb1a3cfb37bb254a35bafd7e8ee5552e72369a5aa4035677fbe405fad0abd9c9d89fce5cb88a862fec636cc8a06915a4e19a2cf1b517a0883a5c8667896d2b276dc6a0bc333fb070d0fb388b6a4bcdb314190ebe9c24cdb105b487ae65d8f786008e175ead678207bfdee90c9316e541b09b51c6d25e148d89e76fcdcd26d259820e6dba7589446aafe2e93c24d03f2de39cc5fc96c9418f3acc67537327071dcdbdd92f4bd7019db4dc3b56355b49172d6a7b6e6cb4a3aa322a1be262df78947bba2367fbffceaec411fb992831a96d7f8d6638ba72da2c5cf02c61a58c7cc765a0717b13d124ce21f57e367c3acb721b4f420f6d5755871ba7ea04240a190d968f2345eb99f67cb133139e4a2017ba6861ae48bbbb99ef5f3976459aae3e49facd3e89c32503032548c7dc7c309a706c5670ed5f5ab7d56f4502ceb69fa20a1b87b002095268a8acf9dbab2a238ff2e5d287d68d1944b3a7a128a05186e995c2bb3ccee72bc9d08b6929f2b9111c1d886ff0ea503200ca9d828f69a897b9497ed1075ed953b113b86d74d4e7deba7501ada321436d8c02e6970db5bade5c7ec1547534c3891b36dd2307eef6481dcffd94d7ce007375dfb3dd73a6a2aeaca9d8b094aeed37887376d3dc4bb46b6cd142843a56be1f55d4df1e747ffdbf08add9e520e089e3b1f3a1143d4ab887c43fe668eaa3a443068fb6421e8529050d89963570da761404cbcf09aecac53d4d9510eb984f14cf7100dbdc3315f84cc63956ef8a56d27bbc91910d72d6cc1831b7b273cc9b4b0ee8df86c5ec73226e483f7fd7efd5b8214c7c3d8a7f09151d14f990e82b3a838cc2fa467d34aff4f5695b0d22cebf92b2647a6ea520b785a7b45ccb5d15e0d13ea3c5b49163fa9e92dbf4bd56cca975d662ec2d0a4a2fd2bd3c9ae4abc2bc757adceb6f3fd5fe421305273ba26ad761f4de5dfd1f22780087917097d0131158903b20eb65d26dc7edcf1d5e14f38435827a35be9de906bd87ef5d452a77660d02c5115be6a0aa7287c5eee0af3fafe0038904b6c85b994f3dedec499ee1b7aaca73ebbf0867b072bfa492fdbf98357aa6e0bb6bf29954e0731c3bf412a3dd8f1abf37f6eaec11aa3dd2c94f3452944ee37e3511d6765b46a1ba46c6bc2845c9ada71981bd6e176348e0965824efdf6d6fdc09d404fc69aeede1648ec2e65d2d0ea96823288ea4132e2aab89b32d17d47909732e5a1c7fd00cb0d2bcbb6b897a2ca1c4b3e4eaba66c4f1af2909e6d905d441c80e7c6ee02a3903474b2e432b032cacd2322fd800ce75c7582195adcc0fdd2288e54bea0021d105eaf9c378f7f1a5a786fe26bf74feea1c542bd39efa3d2260c68914578b7fe30b578c4fff43b7364d18b74d06929e76d16e2e4c8851babf157e7fd0bb88882cfcc79c84d1821d6c056f9bc47d1577abbbaf40bed2a441c500500fc6f75ef98f8fa226d48e99a8ef869498de983b028d1cf5eb88c19115188d350ad235a07c160f144d8a8a10b3a3b75d548656741a4f4f932be79db1287aa0482dbe08279e2888c6ff42c7942274fe934cf38a266fbc767899ff9c5d7132d97871d2f353e261c33b97210342e74679e450617014cb974506c247123e0437bd32d125bbb7d3977ca323f6a532e7eeb4c78efbef904f7378831f3a04fc4c50a8e95db138ee1de36e58404dcf3159d1d869061afbdff58b2c120dc7830aa9551f152c1fdd451bb347e7b241b37038e1e81558ed0ef51d5ad8c9ae59f8741a1a237a22027cd950da11b619f109fdcc96aa85bd54cefd9c8d533869065b3276fcc9038ebe3c7e9d091c537f53d02b357ce6ecb6e133be4cc8adeeb61959c31b2324443182e555c3f2ea611f63eece94da2ae91cab7ca7274105efc48c3a6a133ca86e26b020a6b2083c98310d9f477b9c665f51946f7ae643ba85869878413a032f6a85e6476a998cf76a8a3ddd2c773069d0625de39d91b52a136fe9b65126657c8bbbc7bdb6b686de0cc3ea8ddbebab503ff0403c1f00b32ed4c712d513a1c4f788cc8b659e7d31d807450697310af6b8cb12ec564c1c488ff70c6d64a3aa624507c32399cbeba55ee9ce7951fd364b19d3fa16d944090c6271f1981ab94579aaf691c6ce392e21a223f7f284fca0c6ed55aafb024b4e1832324bc7bd18dbef1f90d0a854f0cfa2784dfce1fe4cd81e83c8294e323b69b95e48261e4e0d4e95436f000d6cb2a157203a3db65d11fa693bdc91371583cb956119aea7b5a88daa59a9b9d73404d32408a273950f58d719ac4332a4c698526eb77d5704b2e00d7ced752648f3690a76e5e15a14312131c197c8491d224af8b681e3f24bcff244056674a298fe5fb4a0ca779dfafa69f5ddc2d012123bd706051a09f3609bb6558bf47dfef967db47887a2e178fa6f887a057447c56b1d45af4a97207e2630963e46e2a9e054038addf8426190fb04cea244795683338656330ac2030e0b75534f47eebf8b6ceaddc85b0866796cb02a7f94138f281561eada7a5c15efbeed14c49b04a07e3e9202ebc7072801bf817eab45825aacb874a7cfbb586157feca8a2f834afe707934eeeb1a11089da8f87ef36ab9b5d0f038a0d7a21ce93362b782b1de35dde0e10655edc4c7b0ab7a5813e382f17fd87d4d092265c71a8cfc88655a01c3b016f2363a26ec137d0272fe75df369a35659063f31b8659cfab3d84d445606c84a2e73e53ce218a046e11a63cd6eee83201e3f26a1b9908e04d8640ea69d4ce98132b8eee0439e4c1792a81752bcea45126d744e1f020e00c68fd1e1fbb70add2bc4c04b61515e33b0e40fdb3acdb4d18781a3d1eed8f3f30fcf60d6b166af035c25eaeeeb413d6f0bbdbba20185336f2c35d5ce610a5a77993daa6cc69f820dc3571fd44f85afeac7f62df8c70515c2375d2f0669beb47ce0e5bfa3792fbb1c49449772efdae483ff667d22f4bccb2ec6c14c9d5b512392a9a493d401992d3d612c4932abaf9e18c01832cc3e19738e59e1595f7d900f9742c8d081715dc900c05278a3720a745853a71ba1a4d868468a34aa8c1d00b6e7551f357d7da06369b0c30ca89752f3a25358c5d2b68032970060b23f7b9dfcc648fc89a80d2617a75a5423134aaa5b042414313b2752e17f8d47cb0b5c97c0f550c973b5943f31108d05d77fc504e36814f8b102a3937f53fa4d0eb901e234517f7fd653e0a142576985e15772b84f91ee0a3856b47437c21598fdf1f4064b30cfa773112df502316994111d57db3971073f36310c1de4ff63752c79c8f8f7b7cd2b0090dd362fb3c87796dde5ede4cd8b9131a9c7c1c5245081a9fba39cfb1564b6bcb11772a7c3e4946e28220bd78a2974a73ace42d21fbeb84af6d95070fc14aee97e15ef637a724301881bed0390b33be0bb35ca8373cc479cf59f279089d73f4fbd99d888504d1d82993ebe1140c1e4a624b3283cc079b34d1a22b82087d87ed0f1f09ade10a610c5101cc719077eed7ec8e03d3e152f2f24b63aa61b04d3ed9a86dc438ee2efb0ab6d7a1dce911c7fb0d1a8fde2886a934509372aa1de1cec45f658a95bca826e334b9c19837b3299e3a3c2cf246276a9ac8211034654695318dff4005db8f5ce87dd34925262c377bec6cd183b159fdde3301f65dbff01d82132e917fb0fc324c08dcb262ca79bdd063a5d9207b7346b4985b5d9e1f49cec67e21077c4224a3b70953ce00b06d31f58bd374ae2d4f9ba63cf337d8370c8d3e16dd951509677de8c997c893b38f241a7b0842ab29ad8a2496b46d06ae47572df59ebf1e6ccb863ba8ccf84aa8ff05462437965074e1199bbddea6151bbe555b9a8bee1659decc2e6f9c9c0d1e19f0b4a0f0a632937f1ff6f42a12c5f5cd04f6eef26a93dfe68a8d396c0aeff6facee8e3f5f45891816993dc86e310524b052fd2d710b67934b773cdd5b2bcdf436e1bffc768b415b2a34aeaee998e0cb77bc41f1cada767eb699bcf62c6c076b699b8f3f32d57feb00c0d9e375f488a22c372d5305ff28c81b765ca83502cdf0f8b3dac5c5686bf55cd2ddc170ff78ab277231e7db9fe9703d15c3bc3d056acffed5431b57473ad9ba482c649b8811dbad473186b33a7c4b680ad7baab6c", 0x1000)

3.434304664s ago: executing program 2 (id=900):
r0 = socket$inet(0x2, 0x2, 0x1)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x4, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x2, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@empty, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000002c0)='veth1_virt_wifi\x00', 0x10)
sendmsg$inet(r0, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4000, @rand_addr=0x64010101}, 0x10, &(0x7f0000000280)=[{&(0x7f0000000300)="08001efb3e6f0000", 0x8}], 0x1, 0x0, 0x0, 0xe0000000}, 0x810)

3.229513826s ago: executing program 2 (id=901):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file0\x00', 0x22184ca, &(0x7f0000000240)=ANY=[@ANYRES8=0x0, @ANYBLOB="1e71d75b729031132d8bbcd018061223f92f48f3de97f4a8e6ba367ded242d8e3e5604989a6b71fdebf0e858626956b0116c59d7b8c782ca1b44576d7bbe6945580099c28e562a8f27eaec69b123f1fa4550546c673ab3b90791788392aab31fd84aa909c76c35cfee"], 0x1, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1431c2, 0x0)
write$binfmt_elf32(r0, &(0x7f00000004c0)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0x8, 0x0, 0xfd, 0x8000000000000000, 0x1, 0x3e, 0x3, 0x66, 0x38, 0x248, 0x0, 0x6, 0x20, 0x1, 0x0, 0x100, 0x763}, [{0x1, 0x1, 0x7, 0x5, 0x9, 0x7fff, 0x1, 0x1}], "", ['\x00', '\x00', '\x00', '\x00']}, 0x458)
pwrite64(r0, &(0x7f0000000480)="a9", 0x1, 0x2600000fff)

3.071320756s ago: executing program 5 (id=902):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x20000050)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
read$msr(0xffffffffffffffff, 0x0, 0x0)
sendmsg$BATADV_CMD_GET_ROUTING_ALGOS(0xffffffffffffffff, 0x0, 0x2040040)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
fcntl$setlease(r4, 0x400, 0x0)
truncate(&(0x7f00000000c0)='./file0\x00', 0x1000000)
bind$inet(r0, &(0x7f0000001c00)={0x2, 0x4e23, @multicast2}, 0x10)
connect$inet(r0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r1, 0x8030942b, &(0x7f0000000040)={0x9, {0x22, 0xff, 0x4, 0x7, 0x800}})
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0xa13, 0x4)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001400010000000000000000c903000080080002"], 0x1c}], 0x1, 0x0, 0x0, 0x100}, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0)
sendto(r0, &(0x7f0000000740)="50fbdf12a30d7a48b2c5c84948f3426077a9f0ca1475183db3bf52a6b2cdb77ef9af2a603a3e78adff59fbb22bae1b2443011fd801251bcef8f165533aac58c7556dd51edc5a6865d4e29f0bbd0ed602050000000000002944de604d849a1e3b32905b0d26e9ff34b83f38a2ae8b1c6748ef8b87ef2a359249c3e294931489ba57f83f96048684434854ab3b6ad59f45e8329726", 0x94, 0x0, 0x0, 0x0)
write$binfmt_misc(r0, &(0x7f00000003c0)='}', 0x1)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000100)={0x0, 0xffffa811}, 0x8)
sendto$inet(r0, &(0x7f00000002c0)="01a4acc7cf28ab9f6c7fc745c30bfc165466072a660bbf56352083db9d40454a67f8010000004bd29585885c89773ca3ba28a1e85ffe2a9220e0ecd440e345b745bf2146835ad015c801f95be5b890e44fb3dfbe8e88a1e5176e584c970207f23b0073ca5375abddf56331be396eaa2398ea66b93a74fd4147e826abed1b5d1de578682288c19ac23c1ccc1cdd936d2571c3510b0000000000000000000000000000000000f32bb3874c926a8944caa4677d2eae3bc831e748000000", 0xfffffffffffffe88, 0x52, 0x0, 0x0)

3.00073235s ago: executing program 3 (id=903):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x41, 0x0)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000480)={0xe5, 0x7, 0xda, 0x7fffffff, 0x38, "44b80fe98975a012f2241b5ca74ebcf80205f7", 0x7fff, 0x3ff})
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0xa)

3.00023313s ago: executing program 0 (id=904):
r0 = syz_io_uring_setup(0xd1, &(0x7f0000000480)={0x0, 0x8a73, 0x80, 0x2, 0x376}, &(0x7f0000000300)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x30, 0x2007, @fd_index=0x4, 0x0, &(0x7f0000000240)=[{0x0}], 0x1, 0x4, 0x1})
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r3, 0x0)
io_uring_enter(r0, 0x47ba, 0x3000000, 0x0, 0x0, 0x0)

1.942610554s ago: executing program 5 (id=905):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f00000000c0)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c757466383d302c636865636b3d7374726963742c646973636172642c757466383d312c757466383d312c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c757466383d312c00ef5c3556"], 0xfd, 0x2a8, &(0x7f0000000280)="$eJzs3E9rE08YwPGnaZOmKW1y+PEDBfFBL3pZ2vgKgrQgBpTaiHoQpnajIWtSsjESEdubV19H8ehNsL6BXrx5Fy9FELz0IF3pbrfZ1qW2te3W5vuBstOdeTKzfxKeXZhZu/fmab3qWlXTllRWJSXZJVkXKUhKQgNb25RfzkjUklwd/fH5wp37D26WyuWpGdXp0uy1oqqOX/zw/OXbSx/bo3ffjb8fltXCw7XvxS+r/6+eW9uYDT+92Vajc81m28w5ts7X3LqletuxjWtrreHarR31Vae5sNBV05gfyy20bNdV0+hq3e5qu6ntVlfNY1NrqGVZOpaTOJnYvWfD4IEjKsszM6Z0LINBEkbidrZaJTMYW1lZPolBAQCA0+X3/F9OJP9/UnO15mrjT/l/So42/0eUn/9vxCaNOBvSmw8AJZPb+v7uRP4PAAAAAAAAAAAAAAAAAAAAAMC/YN3z8p7n5cNt+DcsIlkRCf9Pepw4Hoe4/gMJDhdHLDJxLyvivO5UOpVgG9SXqlITR2yZSPtzibxtQXn6RnlqQn0FWXEWt+L9SYLDYXyoEB8/GcRrJH6xU0lLLtp/UfLyX3x8cVd8WkQ6lYxcuRyJtyQvnx5JUxyZ9+/rXvyrSdXrt8q7+h/x2wEAAAAAcBZYuq2w8/k3WE3SsjRcNmRXfbCz935A8vJzz/cDKisZ6cUPyfmh5I4bAAAAAIB+4nZf1I3j2K1+LozIwaP68dRZ2eCm2bOx53mLm43+vtOUiCR0pN9E5BSc8KMufH0WXMD9NE7yVwkAAADAcegl/UmPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/rXfxcPC9odZeyzS3WAyRwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcDr8CAAD//4DOGY4=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000200)={r0, &(0x7f0000000080), &(0x7f0000000000)=""/10, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000b40)={r0, &(0x7f0000000a80), 0x0}, 0x20)

1.928792874s ago: executing program 2 (id=906):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000380)=ANY=[@ANYBLOB="001c86dd0700100000001400000060ec9700001604f9fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)

1.921597385s ago: executing program 0 (id=907):
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)=ANY=[@ANYBLOB='journal_async_commit,heartbeat=none,usrquota,barrier=000000000\x000000000007,heartbeat=none,nointr,\x00'], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
write$binfmt_elf64(r0, &(0x7f0000002600)=ANY=[], 0x1820)
stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
chown(&(0x7f0000000280)='./file0\x00', r1, 0x0)

1.808405701s ago: executing program 1 (id=908):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
writev(r0, &(0x7f00000006c0)=[{&(0x7f0000000080)="2e9b5b0007e03dd65193dfb6c575963f86dd6067", 0x14}, {&(0x7f00000001c0)="b700001811005abeef4ba0d598", 0xd}, {&(0x7f0000000200)="37a8a6c41ef711513a5555633f6e4259616da007f3c18c191f6ffa14306d06c4fd", 0x21}], 0x3)

1.520650588s ago: executing program 5 (id=909):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000000c0)={@val={0x1c, 0x800}, @val={0x1, 0x3, 0x0, 0x16, 0x14, 0x1}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x63, 0x0, 0x0, 0x84, 0x0, @rand_addr=0x640100fd, @local}, {{0x200, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0x8, 0x40, 0x1, 0x0, 0x1c, {[@timestamp={0x8, 0xa, 0x1, 0xb0}]}}}}}}, 0x42)

1.445573443s ago: executing program 2 (id=910):
syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000000)='./file1\x00', 0xa18c14, &(0x7f0000000180)={[{@uni_xlate}, {@shortname_mixed}, {@shortname_winnt}, {@fat=@codepage={'codepage', 0x3d, '852'}}, {@shortname_win95}, {@uni_xlateno}, {@shortname_mixed}, {@numtail}, {@shortname_lower}, {@fat=@dmask={'dmask', 0x3d, 0x2}}, {@shortname_mixed}, {@utf8no}, {@utf8no}]}, 0x81, 0x29b, &(0x7f0000000e40)="$eJzs3c9qK1UYAPBv0iRNVEgWrkRwQBeuwr33CW6QChezUrLQjV5sC5KEQgMB/2Dsyr3gynfwHXwAN76BC5eCO7sQR5KZSdI0bY3EVOrvt5kvc74v509OWyjMyUevjgbHZ+PTiy9+jkYjicrTeBqXSbSjEqWvAgB4SC6zLH7LcnflVqMeEVmreFXZw/AAgH/BNn//AYCH4b33P3in2+sdvZumjYjR15N+Evk1b++exicxjJN4FK34IyJbyOOXnvWOopqm5T8DJs3oR4w+/LF43f01Yl7/OFrRXq+vF1npXLwxmk76s55n11q8kER0syRPeRKteDkiq0XxJvnl7We9oyfp9fro1+PN178rxv/nSXSiFT99HGcxjOP5Wyzrv3ycpm9l3/7+eT6DfkQynfQP53lL2cFePhAAAAAAAAAAAAAAAAAAAAAAAP4XOulCe/X8nPI0wE5nc/uN5wMVJ/xMV87XeZSmaXmMz6Rfi7y+Gq9Uo3p/MwcAAAAAAAAAAAAAAAAAAID/jvGnnw2eD4cn51eCH7JZ0Lw1Zz2ortwpH+u/u2pzMPg+YvuqvxPEQTG0YXKti6Rs2kFfh9skNzd1GpWb1rA6jHzw32w/sNd2NcFbg3J3DZ4ncUdyY/MmWdl15TY8HydbbMhsw9Id3FhV39Hc6y/+0/LmxoWazbi2WMyrVY3ZJ7lyp7bjn5Q1yc5/9wAAAAAAAAAAAAAAAAAAAFctH/qNX641XtzLkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg75bf/78Ior1+Zz2YFsXzO5Xbkw/Pxxu6be95mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxwfwUAAP//5OlVhQ==")
landlock_create_ruleset(&(0x7f0000000040)={0xf0ffc94e915cdaa7, 0x0, 0x2}, 0x18, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x2436423bc3e16464, &(0x7f0000000000)={[{@dax_inode}, {@dioread_nolock}, {@jqfmt_vfsv0}, {@orlov}, {@init_itable}, {@usrjquota, 0x2e}], [], 0x2c}, 0x0, 0x465, &(0x7f00000009c0)="$eJzs28tvG8UfAPDvrvPo85f8Snn0AQQKIuKRNGmBHriAQOKCVAkO5RjStCpNG9QEiVYVDQiVI+pfAByR+As4wQUBJxBXuKNKFeqFwgEtWnvtGj/S2HHqFn8+0iYz+/DM17tjz854AxhYE/mfJGJHRPwSEWMRUWrcYaLy78b1i/N/Xr84n0SWvf57kh8Wf1y/OF/dNSn+by8yk2lE+lES+1qUu3z+wum5xcWFc0V+euXMO9PL5y88c+rM3MmFkwtnZ48cOXxo5vnnZp/tSZw787rufX9p/55X37zy2vyxK299/2Ve3x3F9vo4KsY3XOZETNTek0aPb/jV7yw769LJUB8rQkfytp6fruFy+x+LUtw8eWPxyod9rRywqbIsy0ab1tZ6AKsZ8B+WRL9rAPRH9Ys+v/+tLrex+9F3116s3ADlcd8olsqWoUiLfYYb7m97aSIijq3+9Wm+RMtxCACA3vo67/883ar/l8Z9dfv9r5gbGo+I/0fEroi4JyJ2R8S9EeV974+IBzosf6Ih39z/+WlrV4GtU97/e6GY2/p3/6/a+4vxUpHbWY5/ODlxanHhYPGeTMbwaJ6fWaOMb17++ZN22+r7f/mSl1/tC0bESER6dahhgO743MrcBsOuufZBeQzwUnP8SW0mIImIPRGxt4vX3xIRp578Yn+77beIf209mGfKPo94onL+V6Mh/qpk7fnJ6S2xuHBwunpVNPvhx8tH25W/ofh7ID//21pe/7X4x5P6+drlzsu4/OvHbe9pbh1/6+t/JHmjnB4p1r03t7JybiZiJFltXj9bZIZu5qv75/FPHmjd/ndF/P1Zcei+iMgv4gcj4qGIeLio+yMR8WhEHFgj/u9eeuzt7uPfXHn8xzs6/9VE0rSmXaJ0+tuv2pV/6/iPXh0aPVxOTRZr1vP5t556dXc1AwAAwN0nLf8GPkmnauk0nZqq/IZ/d2xLF5eWV546sfTu2eOV38qPx3BaHekaqxsPnSnGhqv52Yb8ofK4cZZl2dZyfmp+aXGz5tSB9dnepv3nfiv1u3bAputoHq3dE23AXcnzmjC4tH8YXNo/DC7tHwZXq/Z/KeJGH6oC3Ga+/2Fwaf8wuLR/GFzaPwykNs/GJ7HO5+fbHV7R5eEDlSjdGdXoOBHpHVGN7hLphl+n1Lv6jHbQUi7F7Xqj+vzBBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0CP/BAAA//8xr+fd")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

1.347687799s ago: executing program 1 (id=911):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
sendto(r0, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000000f80)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000100)="94", 0x1}], 0x1}}], 0x1, 0xc08c0)

1.127806002s ago: executing program 2 (id=912):
syz_mount_image$reiserfs(&(0x7f0000000140), &(0x7f0000001140)='./file6\x00', 0x98, &(0x7f0000000280), 0x5, 0x10f5, &(0x7f0000001180)="$eJzs2DGLE0EYBuB3dgNyVWSuXw+0sJDjjvgHrlBIY2FtF6zsTKXk5/hz5Cr743qvCNgrmxgSJGKRxUB4Hlh252Xm+2bKnQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBvlHwvyXmT1E3WJClJ191O75N0m/zx17ZJydv30/mrj5PX8/W09FmT0q9ajev101ondVKv68vzm2d1/unzh3anZUmXu+VidvbmYdCj9L3bQSsCAADAafh5sPGR+wMAAAD/MthFAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAA6uajSVKSrrud3ifpjrstAAAA4EAlTd6N9+Xra4CtF/k2LimPtsmP0s+5ypc96/+iLzk6aMMAAABwosrO//jznOXJTn6RUS4v1+PfrzzcJG2Sqz/q3C0Xs9VzsZiV/3kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAACYKgAA//87RdIO")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88240, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080), &(0x7f0000000880)=ANY=[], 0xbfe, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000200), 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000280), &(0x7f000000a440)=ANY=[], 0x90f, 0x0)

1.085073225s ago: executing program 5 (id=913):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2a}, 0x94)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ptrace(0x10, r0)
ptrace$getregset(0x4204, r0, 0x202, &(0x7f0000000100)={0x0})

1.059685816s ago: executing program 3 (id=914):
socket$nl_generic(0x10, 0x3, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000640)=[{&(0x7f0000000200)="9c30fb4d", 0x4}], 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a3201000000a4000000060a010400000000000000000100000008000b40000000007c000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000440001800c0001006269747769736500340002800800034000000004080001400000001408000240000000120c0005800800010088634d580c000480080001006eee7e000900010073797a300000000014000000110001"], 0x118}}, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r5 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r5, 0xc0184800, &(0x7f0000000100)={0x20004, <r6=>r4, 0x80000})
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='numa_maps\x00')
preadv(r7, 0x0, 0x0, 0x0, 0x0)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r8, 0x40505330, &(0x7f0000000bc0)={{0xfd, 0x1}, {0xe}, 0x2005, 0xbfbf})
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x28, 0x1, 0x7, 0x101, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFACCT_FILTER={0x14, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x6}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x804c}, 0xc080)
r10 = syz_open_dev$dri(&(0x7f0000000040), 0x1ff, 0x80000)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r10, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r6})
sendmsg$IPSET_CMD_RENAME(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000000406030000000000000000000300000105000100e9ffffffe810030073797a31000000000900020073797a3000000000"], 0x34}, 0x1, 0x0, 0x0, 0x1800}, 0x40004)
r11 = openat$nci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$nci(r11, &(0x7f0000001180)=@NCI_OP_CORE_CONN_CREATE_RSP={0x0, 0x1, 0x2, 0x4, 0x6, {0x0, 0x9, 0xff, 0x3}}, 0x7)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)

513.534149ms ago: executing program 5 (id=915):
syz_mount_image$romfs(&(0x7f0000000040), &(0x7f0000000b40)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x44, &(0x7f0000000600)=ANY=[@ANYBLOB="00f3000000be5500200800000000c19e57fc847c52a19b0b247df0690ca7d757194d0335d8e8a065e069e1294e9f28bcee7085d4988309e751e0eec20f77d6c68ae8"], 0x1, 0x15a, &(0x7f0000003180)="$eJzs2rFK81AUB/DzwYdKwcXRqVCpgjZJE62rjuLm7lBqbhq8MSURpH0BcRIUroMvIfgEPoFkEjddivgSkdtcNI0Wsthb4f9b+ofTJicn9E6nEYVBk8UNoo3e1cFwKQqDasvZ7rAma1Nmj4iqMiRpemPQNy+f9SQl44cv6LXynn3W1jyxf8F87tq6WwIAAAAAAAAAAAAAAAAAAAAAgJLqFRUqXRGcM5+7zVw17g+O25y7UUy0oKlDvepVtcNFTPBbOR9nbBTrMu/I5IvdSNat8d9fq7DaFfy1OF/zNOiZcX/Q8IO253ruiW07LWvTsrZsc3Qts3jF+p3qiZL03sqtkxmPh46s5/bNnsvsm6n3/3/ZF5dnxbt9vX+EKQaiCaV/9Ds3fdP+yH8pPM1l/45Z6UdDWCx5fM6+0fk3JKJ5p/Ygzz+jE/IjVZzGOPU+PgBM8hEAAP//oTc3XQ==")
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r0 = open(&(0x7f00000000c0)='.\x00', 0x800, 0x50)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

215.172897ms ago: executing program 1 (id=916):
setresuid(0xee00, 0xee01, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1, 0xe, &(0x7f0000001d00)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000007603000028feffff7a0af0fff8ffffff61a4f0ff000000005d040000000000007f000000000000002704000001ed0a002500000017ffffffce040000000000007b0300fe000000002d04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532e2df58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d85827513acd02b5a655a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f08050e46850600000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c52a2fc1eacf5bf870768d5217e9bb5a05d9e22ce67f1231bd236ed200073826593c4e1a0f50a74bb482e486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c6133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc1caa80e64461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f6260a483632a2ab447f88dd6efec73a0271a19ca3aa860aa4dcaeebe3d53040b853a7c02a5fcc08b3a572969bbe91c921ac1476027772c87d172ab29967e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f522df408d9818b6cc400098abb869921911480a876fbba698801937e8b4264eb000400000000000088d22230592a79000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb520400000000000000c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399fa5ee0b41e14a6fe6894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014fa841061e63d40f4e536314beda5738fee012365f963b2a85e7d8075c333475b9f0284405e30700000041285fbe0bdd37220e31d4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe8c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21da4fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a4ee271e35ed90000800847683c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68ad9fa2b2528798df1c36fc438d9c98f168490b41e158bb2e2d8ed19d44b9cce67c79f9f7bfae7ebe09e441745c592ce69c522b5136be09ed1b97ea3d5b317508df23e92c56fc2eb74d27d3861d91745b8fb9f6cc20e9f8b174000c62c4a2b212332a073fc5d0be7347e41454cb27e081c43e92ae7f9f046600db85d945a4666b588629ce0809d5c8506308688db21ec04d365497bf90060000000000000020726298dec1ae960e3d26cdaaa527ab9e2c41d177fdbaf462c2e45f6c261df0fa4934f81278477e00fd2eba63cf8dcbdec85fc3c6f146c53b701e446c218f02ca678b3e0bc4b5253ae32bace19fb0a10e3ff4bf0b870f399842f6966da779be2a481cac5f4f9cfa338df7640267c8c4dce6f6c41777f2606ae31230430052967bc0e3f69351c9f69363abf5bd30b875732a43413d9927435723577bdf74eb6f467dff089c14a4cae6ca551577a289d822aad77ec4701f57049e1222b692f7d8e299591925065907a6e16e962f7a886aa555b4674fdd575efcd14c8cc6edc971053695debde1bd37eb4cda"], 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), r1)
sendmsg$IEEE802154_LLSEC_ADD_KEY(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004080}, 0x24044884)
sendmsg$IEEE802154_LIST_PHY(r0, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x14, r2, 0x300, 0x70bd25, 0x24dfdbff, {}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4)
setsockopt$inet6_buf(r3, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4)
sendto$inet6(r3, 0x0, 0x0, 0x10000000, &(0x7f0000000080)={0xa, 0x5e1f, 0x3, @mcast2}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0x29, &(0x7f0000000100)=0x10000, 0x4)
recvmmsg(r3, &(0x7f00000003c0)=[{{0x0, 0x0, 0x0}, 0xa248}], 0x1, 0x40000000, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000007c0)={0x18, r5, 0x1, 0x70bd24, 0x25dfdbff, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x9085}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={0x14, 0x34, 0x701, 0x0, 0x0, {0x8}}, 0x14}}, 0x10)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='./file0\x00', 0x1008000, &(0x7f0000000740)=ANY=[], 0x1, 0x2a4, &(0x7f0000000480)="$eJzs3T9rc2UUAPBzkzSNOqSIiyJ4QQen0rq6NEoFsZMSQR002BYkCYUWAlYwduoncPR7+BFcXPwGgqvg1g6VKzf33ia16R/65k3h7e83nd7nnvOc3KckU06+eXPY3z1I4uTsz2i1kqhtxVacJ7EWtaj8FI0AAF4c51kW/2QPyWzUFt8NALAMxed/4bF7AQCW47Mvvvyks7Oz/WmatuL19umom0TE8HTULdY7+/FdDGIvNqIdFxHZpSL+6OOd7WikubV4ZzgedfPM4de/l/U7f0dM8jejHWvz8zfTwmX+y1V3aXT2V6o/2vHa/Pz3/p8fw3F0m/Hu2zP9r0c7/vg2DmIQu5HnTvN/3EzTD7Ofz374Kt8mz09q0V2d3DeV1Zd0JAAAAAAAAAAAAAAAAAAAAAAAPAHraZoU43sm83vyS5P5OaNu/WKyvp5WZuf7jKv5QElVqJgPlEU5omecxS/VfJ2NNE2z8sZpfiPeaPhhAQAAAAAAAAAAAAAAAAAAAMgdfX/c7w0Ge4cLCappANXX+h9aZ2vmyltx3O/Vby64ev+9ZqcN5L3eenM0GrGgx3JX8FLez8Irr04P9/MogupgFrrXqx8URY/7vbRcqh5yv5fctVerOrhfZ5ea8ayNZZN/iYvs6pm2Llu9mtVc0NNovjJ36d8sy+5X5/2/ijMqrySTERv3232lDOa+wDxoXT+L324ueONbRn0hbzwAAAAAAAAAAAAAAAAAAMA10y/9zlk8uTW19tyaAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAlm/7+fxW0IuLqlWvBuEy+7Z4yaMbh0SO/RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ6A/wIAAP//4ipOSw==")
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x8884)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
syz_mount_image$tmpfs(0x0, &(0x7f0000000080)='./file1\x00', 0x2832c75, 0x0, 0x0, 0x0, &(0x7f0000000000))
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f0000000380)={'gre0\x00', &(0x7f0000000480)={'ip_vti0\x00', 0x0, 0x20, 0x7800, 0x1, 0xba96, {{0x6, 0x4, 0x2, 0x1, 0x18, 0x68, 0x0, 0x0, 0x2f, 0x0, @empty, @remote, {[@lsrr={0x83, 0x3, 0x65}]}}}}})
socket$nl_route(0x10, 0x3, 0x0)

0s ago: executing program 5 (id=917):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
ioctl$HIDIOCGRAWPHYS(r1, 0x4004480d, 0x0)

kernel console output (not intermixed with test programs):

 rootmode
[  140.513126][ T5176] netlink: 12 bytes leftover after parsing attributes in process `syz.0.237'.
[  141.318812][ T5059] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  141.538863][ T5059] usb 3-1: Using ep0 maxpacket: 32
[  141.545938][ T5059] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  141.548746][ T4885] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  141.577517][ T5059] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  141.597995][ T5174] loop1: detected capacity change from 0 to 40427
[  141.608859][ T5059] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  141.626916][ T5174] F2FS-fs (loop1): build fault injection attr: rate: 14, type: 0x3ffff
[  141.639890][ T5059] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.645958][ T5174] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0xe4
[  141.677425][ T5059] usb 3-1: config 0 descriptor??
[  141.681273][ T5174] F2FS-fs (loop1): invalid crc value
[  141.698148][ T5059] hub 3-1:0.0: USB hub found
[  141.705279][ T5174] F2FS-fs (loop1): Found nat_bits in checkpoint
[  141.760741][ T4885] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  141.785789][ T5174] F2FS-fs (loop1) : inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x432/0xa20
[  141.798502][ T4885] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  141.818942][ T4885] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  141.828068][ T4885] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.869847][ T5181] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  141.901457][ T5059] hub 3-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  141.931273][ T5174] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  142.066210][ T5174] F2FS-fs (loop1) : inject alloc nid in f2fs_alloc_nid of f2fs_get_dnode_of_data+0x6eb/0x1b10
[  142.161254][ T5174] F2FS-fs (loop1) : inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0x111/0xfe0
[  142.231445][  T126] usb 5-1: USB disconnect, device number 7
[  142.322341][ T5059] hid-generic 0003:046D:C31C.0007: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.2-1/input0
[  142.363188][ T4272] syz-executor: attempt to access beyond end of device
[  142.363188][ T4272] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  142.614737][ T5179] loop3: detected capacity change from 0 to 65536
[  142.681731][  T126] usb 3-1: USB disconnect, device number 4
[  142.712309][ T5179] XFS (loop3): Mounting V5 Filesystem
[  142.798100][ T5179] XFS (loop3): Ending clean mount
[  142.815982][ T5179] XFS (loop3): Quotacheck needed: Please wait.
[  142.909101][ T5179] XFS (loop3): Quotacheck: Done.
[  142.957243][  T126] XFS (loop3): Metadata CRC error detected at xfs_allocbt_read_verify+0x3a/0xd0, xfs_bnobt block 0x8004 
[  142.978799][ T4885] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[  142.979002][  T126] XFS (loop3): Unmount and run xfs_repair
[  143.005285][ T5203] loop1: detected capacity change from 0 to 256
[  143.013404][  T126] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  143.040008][  T126] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff  AB3B............
[  143.070364][ T5203] FAT-fs (loop1): Directory bread(block 64) failed
[  143.083725][ T5203] FAT-fs (loop1): Directory bread(block 65) failed
[  143.099380][ T5203] FAT-fs (loop1): Directory bread(block 66) failed
[  143.108798][  T126] 00000010: 00 00 00 00 00 00 80 04 00 00 00 00 00 00 00 00  ................
[  143.110404][ T5203] FAT-fs (loop1): Directory bread(block 67) failed
[  143.124837][ T5203] FAT-fs (loop1): Directory bread(block 68) failed
[  143.134664][ T5203] FAT-fs (loop1): Directory bread(block 69) failed
[  143.138123][  T126] 00000020: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  143.158490][  T126] 00000030: 00 00 00 01 21 05 00 0a 00 00 00 05 00 00 00 03  ....!...........
[  143.170865][ T4885] usb 1-1: config 0 has an invalid interface number: 93 but max is 0
[  143.189409][ T4885] usb 1-1: config 0 has no interface number 0
[  143.193974][  T126] 00000040: 00 00 04 a4 00 00 3b 5c 00 00 00 00 00 00 00 00  ......;\........
[  143.200223][ T5203] FAT-fs (loop1): Directory bread(block 70) failed
[  143.213874][ T4885] usb 1-1: New USB device found, idVendor=10b8, idProduct=1bb4, bcdDevice=34.65
[  143.218705][  T126] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  143.228706][ T5203] FAT-fs (loop1): Directory bread(block 71) failed
[  143.243853][ T4885] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67
[  143.253485][ T4885] usb 1-1: Product: syz
[  143.257694][ T4885] usb 1-1: Manufacturer: syz
[  143.263408][ T5203] FAT-fs (loop1): Directory bread(block 72) failed
[  143.270352][ T4885] usb 1-1: SerialNumber: syz
[  143.281267][ T5203] FAT-fs (loop1): Directory bread(block 73) failed
[  143.281431][  T126] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  143.304157][ T4885] usb 1-1: config 0 descriptor??
[  143.318136][ T5207] sp0: Synchronizing with TNC
[  143.327411][  T126] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  143.349642][ T5179] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x8004 len 2 error 74
[  143.446333][ T4280] XFS (loop3): Unmounting Filesystem
[  143.529235][ T4885] dvb-usb: found a 'DiBcom TFE7090PVR reference design' in warm state.
[  143.555719][ T4885] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  143.590244][ T4885] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  143.611975][ T4885] usb 1-1: media controller created
[  143.633813][ T4885] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  143.743348][ T4885] DVB: Unable to find symbol dib7000p_attach()
[  143.756509][ T4885] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  143.800261][ T4885] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  143.829631][ T4885] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  143.838448][ T4885] usb 1-1: media controller created
[  143.883349][ T4885] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  143.914478][ T4885] dib0700: the master dib7090 has to be initialized first
[  143.937468][ T4885] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  144.125195][ T4885] rc_core: IR keymap rc-dib0700-rc5 not found
[  144.139617][ T4885] Registered IR keymap rc-empty
[  144.158967][ T5059] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  144.162425][ T4885] dvb-usb: could not initialize remote control.
[  144.197605][ T4885] dvb-usb: DiBcom TFE7090PVR reference design successfully initialized and connected.
[  144.257074][ T4885] usb 1-1: USB disconnect, device number 4
[  144.278195][ T4885] dvb-usb: DiBcom TFE7090PVR reference design successfully deinitialized and disconnected.
[  144.348722][ T5059] usb 3-1: Using ep0 maxpacket: 16
[  144.355656][ T5059] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11
[  144.388510][ T5059] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  144.442343][ T5059] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  144.464689][ T5059] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.512160][ T5059] usb 3-1: config 0 descriptor??
[  144.833173][ T5211] loop1: detected capacity change from 0 to 65536
[  144.932116][ T5059] kovaplus 0003:1E7D:2D50.0008: unknown main item tag 0x0
[  144.945034][ T5059] kovaplus 0003:1E7D:2D50.0008: unknown main item tag 0x0
[  144.973763][ T5059] kovaplus 0003:1E7D:2D50.0008: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.2-1/input0
[  144.974582][ T5211] XFS (loop1): Mounting V5 Filesystem
[  145.054248][ T5211] XFS (loop1): Ending clean mount
[  145.074725][ T5243] device gretap0 entered promiscuous mode
[  145.112237][ T5243] device gretap0 left promiscuous mode
[  145.126934][ T4272] XFS (loop1): Unmounting Filesystem
[  145.298765][ T4710] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  145.343978][ T5059] kovaplus 0003:1E7D:2D50.0008: couldn't init struct kovaplus_device
[  145.355540][ T5059] kovaplus 0003:1E7D:2D50.0008: couldn't install mouse
[  145.366796][ T5059] kovaplus: probe of 0003:1E7D:2D50.0008 failed with error -71
[  145.397787][ T5059] usb 3-1: USB disconnect, device number 5
[  145.488705][ T4710] usb 5-1: Using ep0 maxpacket: 8
[  145.505240][ T4710] usb 5-1: unable to get BOS descriptor or descriptor too short
[  145.530946][ T4710] usb 5-1: config index 0 descriptor too short (expected 255, got 18)
[  145.548701][ T4710] usb 5-1: config 4 interface 0 has no altsetting 0
[  145.564202][ T4710] usb 5-1: string descriptor 0 read error: -22
[  145.593773][ T4710] usb 5-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  145.617860][ T5246] fido_id[5246]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  145.635059][ T4710] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.656134][ T4710] usb 5-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  145.695159][ T4710] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  145.724145][ T4710] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  145.736966][ T4710] usb 5-1: media controller created
[  145.774087][ T4710] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  146.478617][ T5254] loop1: detected capacity change from 0 to 512
[  146.909942][ T4710] zl10353_read_register: readreg error (reg=127, ret==0)
[  147.190110][ T5264] loop2: detected capacity change from 0 to 1024
[  147.421229][ T5266] netlink: 36 bytes leftover after parsing attributes in process `syz.0.262'.
[  147.446303][   T27] audit: type=1800 audit(1768995974.030:4): pid=5264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.261" name="file1" dev="loop2" ino=20 res=0 errno=0
[  147.561451][ T5271] netlink: 24 bytes leftover after parsing attributes in process `syz.3.263'.
[  148.152515][ T5059] usb 5-1: USB disconnect, device number 8
[  148.322889][ T5286] loop2: detected capacity change from 0 to 256
[  148.784250][ T5298] program syz.1.264 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  148.868890][ T4710] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  149.841893][ T5305] loop1: detected capacity change from 0 to 512
[  150.039739][ T4710] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  150.053806][ T4710] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  150.073655][ T4710] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  150.088937][ T4885] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  150.109384][ T4710] usb 1-1: config 0 interface 0 has no altsetting 0
[  150.180096][ T4710] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  150.209132][ T4710] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  150.251051][ T4710] usb 1-1: config 0 interface 0 has no altsetting 0
[  150.277005][ T5311] loop2: detected capacity change from 0 to 8
[  150.280108][ T4710] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  150.298900][ T4885] usb 4-1: Using ep0 maxpacket: 16
[  150.306354][ T4885] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11
[  150.348846][ T4710] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  150.371624][ T4885] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  150.388813][ T4710] usb 1-1: config 0 interface 0 has no altsetting 0
[  150.405800][ T4885] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  150.416864][ T4710] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  150.446520][ T4885] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.454826][ T4710] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  150.477043][ T4885] usb 4-1: config 0 descriptor??
[  150.482121][ T4710] usb 1-1: config 0 interface 0 has no altsetting 0
[  150.500535][ T4710] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  150.519979][ T4710] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  150.548783][ T4710] usb 1-1: config 0 interface 0 has no altsetting 0
[  150.560752][ T4710] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  150.580135][ T4710] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  150.621854][ T4710] usb 1-1: config 0 interface 0 has no altsetting 0
[  150.640535][ T4710] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  150.658832][ T4710] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  150.680143][ T4710] usb 1-1: config 0 interface 0 has no altsetting 0
[  150.701188][ T4710] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  150.718901][ T4710] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  150.748862][ T4710] usb 1-1: config 0 interface 0 has no altsetting 0
[  150.762492][ T4710] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  150.781948][ T4710] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  150.802519][ T4710] usb 1-1: Product: syz
[  150.806776][ T4710] usb 1-1: Manufacturer: syz
[  150.822821][ T4710] usb 1-1: SerialNumber: syz
[  150.840753][ T4710] usb 1-1: config 0 descriptor??
[  150.875462][ T5315] netlink: 24 bytes leftover after parsing attributes in process `syz.2.280'.
[  150.877871][ T4710] yurex 1-1:0.0: USB YUREX device now attached to Yurex #0
[  150.898766][ T4885] kovaplus 0003:1E7D:2D50.0009: unknown main item tag 0x0
[  150.916235][ T4885] kovaplus 0003:1E7D:2D50.0009: unknown main item tag 0x0
[  150.939472][ T4885] kovaplus 0003:1E7D:2D50.0009: hidraw0: USB HID v0.00 Device [HID 1e7d:2d50] on usb-dummy_hcd.3-1/input0
[  151.236362][    C1] usb 1-1: yurex_control_callback - control failed: -71
[  151.247831][ T4710] usb 1-1: USB disconnect, device number 5
[  151.297458][ T4885] kovaplus 0003:1E7D:2D50.0009: couldn't init struct kovaplus_device
[  151.308977][ T4885] kovaplus 0003:1E7D:2D50.0009: couldn't install mouse
[  151.340331][ T5323] loop1: detected capacity change from 0 to 8192
[  151.474506][ T4710] yurex 1-1:0.0: USB YUREX #0 now disconnected
[  151.487858][ T4885] kovaplus: probe of 0003:1E7D:2D50.0009 failed with error -71
[  151.513577][ T4885] usb 4-1: USB disconnect, device number 7
[  151.701638][ T5324] fido_id[5324]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  152.116939][ T5331] capability: warning: `syz.3.283' uses 32-bit capabilities (legacy support in use)
[  152.139493][ T5331] program syz.3.283 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  152.198772][ T5059] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  152.428843][ T5059] usb 2-1: Using ep0 maxpacket: 8
[  152.450666][ T5059] usb 2-1: unable to get BOS descriptor or descriptor too short
[  152.509253][ T5059] usb 2-1: config index 0 descriptor too short (expected 255, got 18)
[  152.517519][ T5059] usb 2-1: config 4 interface 0 has no altsetting 0
[  152.558999][ T5059] usb 2-1: string descriptor 0 read error: -22
[  152.560303][ T5336] loop3: detected capacity change from 0 to 4096
[  152.576744][ T5059] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  152.596357][ T5059] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.642341][ T5059] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  152.677997][ T5059] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  152.681570][ T5336] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512)
[  152.722089][ T5059] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  152.737375][ T5059] usb 2-1: media controller created
[  152.787772][ T5059] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  152.805260][ T5336] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  153.103728][ T5059] zl10353_read_register: readreg error (reg=127, ret==0)
[  153.197109][ T5352] loop0: detected capacity change from 0 to 8
[  153.215262][ T5059] usb 2-1: USB disconnect, device number 8
[  153.560043][ T5360] loop0: detected capacity change from 0 to 64
[  153.717621][ T5362] loop0: detected capacity change from 0 to 8
[  153.760372][ T5362] SQUASHFS error: Failed to read block 0x2d7: -5
[  153.767049][ T5362] SQUASHFS error: Unable to read metadata cache entry [2d5]
[  153.866884][ T5345] loop4: detected capacity change from 0 to 32768
[  154.017034][ T5345] XFS (loop4): Mounting V5 Filesystem
[  154.034325][ T5376] loop0: detected capacity change from 0 to 256
[  154.116759][ T5380] loop3: detected capacity change from 0 to 128
[  154.187517][ T5345] XFS (loop4): Ending clean mount
[  154.193767][ T5380] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  154.226500][ T5345] XFS (loop4): Quotacheck needed: Please wait.
[  154.317931][ T5345] XFS (loop4): Quotacheck: Done.
[  154.350235][ T5380] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  154.409474][ T5380] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:511: comm syz.3.300: Block bitmap for bg 0 marked uninitialized
[  154.489823][ T4278] XFS (loop4): Unmounting Filesystem
[  154.561272][ T5389] netlink: 12 bytes leftover after parsing attributes in process `syz.0.303'.
[  154.613494][ T4280] EXT4-fs (loop3): unmounting filesystem.
[  154.969488][ T5400] dvmrp1: tun_chr_ioctl cmd 1074025681
[  155.695517][ T5405] set_capacity_and_notify: 2 callbacks suppressed
[  155.695529][ T5405] loop4: detected capacity change from 0 to 512
[  156.571622][ T5415] loop2: detected capacity change from 0 to 512
[  156.585620][ T5415] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  156.648882][ T4887] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  156.731648][ T5415] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2799: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  156.820051][ T5415] EXT4-fs (loop2): 1 truncate cleaned up
[  156.867187][ T4887] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  156.883296][ T5415] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  156.906267][ T4887] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.937286][ T4887] usb 4-1: Product: syz
[  156.951710][ T4887] usb 4-1: Manufacturer: syz
[  156.962239][ T4887] usb 4-1: SerialNumber: syz
[  156.977105][ T4887] usb 4-1: config 0 descriptor??
[  157.211757][ T5059] usb 4-1: USB disconnect, device number 8
[  157.226321][ T4267] EXT4-fs (loop2): unmounting filesystem.
[  157.305511][ T5423] loop0: detected capacity change from 0 to 512
[  157.886815][ T5430] loop3: detected capacity change from 0 to 128
[  157.939495][ T5430] EXT4-fs: Ignoring removed nobh option
[  157.988342][ T5431] loop1: detected capacity change from 0 to 256
[  158.026596][ T5430] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  158.034805][ T5425] loop2: detected capacity change from 0 to 32768
[  158.110655][ T5430] ext4 filesystem being mounted at /63/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  158.259578][ T5425] XFS (loop2): Mounting V5 Filesystem
[  158.270612][ T5430] fscrypt (loop3, inode 12): Unsupported encryption flags (0x9e)
[  158.382601][ T5425] XFS (loop2): Ending clean mount
[  158.414864][ T5425] XFS (loop2): Quotacheck needed: Please wait.
[  158.522908][ T4280] EXT4-fs (loop3): unmounting filesystem.
[  158.564014][ T5425] XFS (loop2): Quotacheck: Done.
[  158.682385][ T4267] XFS (loop2): Unmounting Filesystem
[  158.732212][ T5447] netlink: 24 bytes leftover after parsing attributes in process `syz.4.313'.
[  160.071448][ T5458] loop3: detected capacity change from 0 to 512
[  160.238250][ T5463] loop1: detected capacity change from 0 to 256
[  161.318838][   T14] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  161.508885][   T14] usb 3-1: Using ep0 maxpacket: 32
[  161.534680][   T14] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  161.578249][   T14] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.607016][   T14] usb 3-1: config 0 descriptor??
[  161.813094][ T5473] loop4: detected capacity change from 0 to 128
[  161.820517][   T14] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  161.849756][   T14] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  161.873327][ T5476] netlink: 48 bytes leftover after parsing attributes in process `syz.1.329'.
[  161.874968][ T5473] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  161.894126][   T14] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  161.910670][ T5473] ext4 filesystem being mounted at /61/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  161.970848][ T5476] netlink: 48 bytes leftover after parsing attributes in process `syz.1.329'.
[  161.990905][   T14] usb 3-1: media controller created
[  162.139462][   T14] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  162.177141][   T14] az6027: usb out operation failed. (-71)
[  162.217321][   T14] az6027: usb out operation failed. (-71)
[  162.233135][   T14] stb0899_attach: Driver disabled by Kconfig
[  162.239490][   T14] az6027: no front-end attached
[  162.239490][   T14] 
[  162.259152][ T4278] EXT4-fs (loop4): unmounting filesystem.
[  162.272376][   T14] az6027: usb out operation failed. (-71)
[  162.280812][   T14] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  162.297807][   T14] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input8
[  162.315648][   T14] dvb-usb: schedule remote query interval to 400 msecs.
[  162.332704][   T14] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  162.382599][   T14] usb 3-1: USB disconnect, device number 6
[  162.474047][   T14] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  162.564941][ T5493] loop4: detected capacity change from 0 to 512
[  162.668028][ T5498] loop3: detected capacity change from 0 to 1024
[  162.724364][ T5497] syz.1.335 (5497) used greatest stack depth: 19888 bytes left
[  162.738260][ T5498] EXT4-fs: Ignoring removed oldalloc option
[  162.773521][ T5498] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  162.852992][ T5502] sch_tbf: burst 4 is lower than device lo mtu (65550) !
[  162.925068][ T5498] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  163.291857][ T5510] fuse: Unknown parameter 'user_id00000000000000000000'
[  163.385438][ T5516] netlink: 24 bytes leftover after parsing attributes in process `syz.1.341'.
[  163.405211][ T4280] EXT4-fs (loop3): unmounting filesystem.
[  164.189950][ T5524] loop3: detected capacity change from 0 to 512
[  164.899546][ T5528] loop2: detected capacity change from 0 to 4096
[  164.969311][ T5532] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  165.070727][ T5533] loop4: detected capacity change from 0 to 512
[  165.457731][ T5541] device ipvlan2 entered promiscuous mode
[  165.496345][ T5541] bridge0: port 3(ipvlan2) entered blocking state
[  165.525184][ T5541] bridge0: port 3(ipvlan2) entered disabled state
[  166.610739][ T5566] netlink: 87 bytes leftover after parsing attributes in process `syz.0.359'.
[  166.835686][ T5568] loop3: detected capacity change from 0 to 4096
[  166.836115][ T5570] loop0: detected capacity change from 0 to 1024
[  166.866310][ T5570] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  166.926200][ T5568] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512)
[  166.947546][ T5570] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  167.277601][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  167.456447][ T5579] syz.1.364 uses obsolete (PF_INET,SOCK_PACKET)
[  168.058260][ T5594] netlink: 12 bytes leftover after parsing attributes in process `syz.0.369'.
[  168.192531][ T5598] loop3: detected capacity change from 0 to 1024
[  168.227534][ T5596] loop2: detected capacity change from 0 to 4096
[  168.383666][ T5602] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  168.448320][   T27] audit: type=1800 audit(1768995995.030:5): pid=5596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.370" name="file1" dev="loop2" ino=15 res=0 errno=0
[  169.182291][ T5622] loop2: detected capacity change from 0 to 256
[  169.265819][ T5625] program syz.0.379 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  169.277802][ T5626] capability: warning: `syz.3.380' uses deprecated v2 capabilities in a way that may be insecure
[  169.368881][ T5629] loop4: detected capacity change from 0 to 2048
[  169.471815][ T5633] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  170.183334][ T5645] sp0: Synchronizing with TNC
[  170.784799][ T5628] loop3: detected capacity change from 0 to 32768
[  170.833574][ T5662] loop0: detected capacity change from 0 to 128
[  170.871166][ T5662] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  170.889091][ T5628] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  170.932798][ T5662] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  170.998274][ T5663] loop2: detected capacity change from 0 to 4096
[  171.105579][ T5663] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  171.230363][ T5663] ntfs3: loop2: Inode r=19 is not in use!
[  171.236243][ T5663] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  171.321062][ T4280] ocfs2: Unmounting device (7,3) on (node local)
[  171.358166][ T5269] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  171.441920][ T5663] ntfs3: loop2: ino=1d, "file1" failed to open parent directory r=400 to update
[  171.491160][ T5676] loop3: detected capacity change from 0 to 256
[  171.495086][ T5663] ntfs3: loop2: ino=1d, "file1" failed to open parent directory r=400 to update
[  171.543611][ T5676] exfat: Deprecated parameter 'utf8'
[  171.606768][ T5676] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[  171.710273][   T27] audit: type=1800 audit(1768995998.300:6): pid=5676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.398" name="file1" dev="loop3" ino=1048619 res=0 errno=0
[  172.102382][ T5694] loop3: detected capacity change from 0 to 512
[  172.279078][ T4887] usb 5-1: new low-speed USB device number 9 using dummy_hcd
[  172.319886][ T5694] Quota error (device loop3): do_check_range: Getting block 8 out of range 1-5
[  172.394881][ T5694] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  172.425271][ T5694] EXT4-fs error (device loop3): ext4_acquire_dquot:6835: comm syz.3.406: Failed to acquire dquot type 1
[  172.470791][ T4887] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  172.499036][ T5694] EXT4-fs error (device loop3): ext4_do_update_inode:5272: inode #16: comm syz.3.406: corrupted inode contents
[  172.511533][ T4887] usb 5-1: config 0 has no interface number 0
[  172.517673][ T4887] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  172.548764][ T5694] EXT4-fs error (device loop3): ext4_dirty_inode:6137: inode #16: comm syz.3.406: mark_inode_dirty error
[  172.588796][ T4887] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  172.609464][ T5694] EXT4-fs error (device loop3): ext4_do_update_inode:5272: inode #16: comm syz.3.406: corrupted inode contents
[  172.621442][ T4887] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  172.635730][ T4887] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.644697][ T5694] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #16: comm syz.3.406: mark_inode_dirty error
[  172.659074][ T4887] usb 5-1: config 0 descriptor??
[  172.664786][ T5692] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  172.673114][ T5694] EXT4-fs error (device loop3): ext4_do_update_inode:5272: inode #16: comm syz.3.406: corrupted inode contents
[  172.699719][ T4887] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  172.712948][ T5694] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  172.745167][ T5694] EXT4-fs error (device loop3): ext4_do_update_inode:5272: inode #16: comm syz.3.406: corrupted inode contents
[  172.766164][ T5694] EXT4-fs error (device loop3): ext4_truncate:4318: inode #16: comm syz.3.406: mark_inode_dirty error
[  172.820453][ T5694] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  172.854685][ T5694] EXT4-fs (loop3): 1 truncate cleaned up
[  172.904212][ T4887] usb 5-1: USB disconnect, device number 9
[  172.904653][ T5694] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  172.910170][    C1] iowarrior 5-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  172.936121][ T5694] ext4 filesystem being mounted at /79/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  173.061759][ T5700] loop2: detected capacity change from 0 to 32768
[  173.124193][ T4280] EXT4-fs (loop3): unmounting filesystem.
[  173.220020][ T5700] XFS (loop2): Mounting V5 Filesystem
[  173.259453][ T5700] XFS (loop2): Ending clean mount
[  173.268369][ T5700] XFS (loop2): Quotacheck needed: Please wait.
[  173.327165][ T5700] XFS (loop2): Quotacheck: Done.
[  173.502153][ T4267] XFS (loop2): Unmounting Filesystem
[  173.565019][ T4710] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  173.791405][ T4710] usb 2-1: Using ep0 maxpacket: 8
[  173.801494][ T4710] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  173.833992][ T4710] usb 2-1: config 179 has no interface number 0
[  173.857213][ T4710] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  173.898902][ T4710] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  173.925013][ T4710] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  173.996309][ T4710] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  174.013369][ T4710] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  174.099138][ T4710] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.164309][ T5727] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  174.271892][ T5744] loop3: detected capacity change from 0 to 2048
[  174.338866][ T5744]  loop3: p1 p3 p4
[  174.353370][ T5744] loop3: p4 size 589824 extends beyond EOD, truncated
[  174.442972][ T4885] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x4
[  174.535105][ T4885] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x2
[  174.566212][ T5744] FAT-fs (loop3p1): invalid media value (0x00)
[  174.607884][ T4885] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  174.620985][ T5744] FAT-fs (loop3p1): Can't find a valid FAT filesystem
[  174.665644][ T4885] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  174.723660][ T4885] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  174.783928][ T4885] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  174.813961][ T4885] hid-generic 0000:3000000:0000.000A: unknown main item tag 0x0
[  174.841846][ T4885] hid-generic 0000:3000000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  174.886712][ T5755] netlink: 'syz.2.427': attribute type 39 has an invalid length.
[  174.907347][  T126] usb 2-1: USB disconnect, device number 9
[  174.955964][ T5755] netlink: 8 bytes leftover after parsing attributes in process `syz.2.427'.
[  175.497493][ T5761] netlink: 12 bytes leftover after parsing attributes in process `syz.4.429'.
[  176.134134][ T5756] fido_id[5756]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  176.292646][ T5759] loop3: detected capacity change from 0 to 4096
[  176.304387][ T5766] loop2: detected capacity change from 0 to 1024
[  176.453196][ T5768] netlink: 28 bytes leftover after parsing attributes in process `syz.0.433'.
[  176.781051][ T4280] ntfs3: loop3: ntfs_evict_inode r=5 failed, -22.
[  176.788155][ T4280] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  177.079873][ T5790] loop0: detected capacity change from 0 to 1024
[  177.154754][ T5785] loop3: detected capacity change from 0 to 4096
[  177.215518][ T5794] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  177.276267][   T27] audit: type=1800 audit(1768996003.860:7): pid=5785 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.438" name="file1" dev="loop3" ino=15 res=0 errno=0
[  177.739017][ T4710] usb 1-1: new low-speed USB device number 6 using dummy_hcd
[  177.941026][ T4710] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  177.962408][ T4710] usb 1-1: config 0 has no interface number 0
[  178.075097][ T4710] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  178.088134][ T5810] fuse: Unknown parameter '0x0000000000000006'
[  178.098388][ T4710] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  178.109522][ T4710] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  178.119099][ T4710] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.132576][   T14] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  178.154886][ T4710] usb 1-1: config 0 descriptor??
[  178.179398][ T5798] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  178.208022][ T4710] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  178.288748][ T4885] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  178.334228][   T14] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  178.357958][   T14] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  178.376508][   T14] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  178.391014][   T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.410609][ T5804] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  178.449138][ T4710] usb 1-1: USB disconnect, device number 6
[  178.455066][    C1] iowarrior 1-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  178.489974][ T4885] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  178.524131][ T4885] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  178.551562][ T4885] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  178.575588][ T4885] usb 5-1: config 0 interface 0 has no altsetting 0
[  178.584228][ T4885] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  178.597796][ T5820] tap0: tun_chr_ioctl cmd 1074025677
[  178.604333][ T4885] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  178.615860][ T5820] tap0: linktype set to 773
[  178.621433][ T4885] usb 5-1: config 0 interface 0 has no altsetting 0
[  179.162992][ T5823] loop1: detected capacity change from 0 to 512
[  179.685526][ T4885] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  179.715362][ T4885] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  179.735967][ T4885] usb 5-1: config 0 interface 0 has no altsetting 0
[  179.808908][ T4887] usb 4-1: USB disconnect, device number 9
[  179.816989][ T4885] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  179.828456][ T4885] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  179.843556][ T4885] usb 5-1: config 0 interface 0 has no altsetting 0
[  179.861198][ T4885] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  179.885447][ T4885] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  179.910580][ T4885] usb 5-1: config 0 interface 0 has no altsetting 0
[  179.911945][ T4885] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  179.911987][ T4885] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  179.912013][ T4885] usb 5-1: config 0 interface 0 has no altsetting 0
[  179.913050][ T4885] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  179.913092][ T4885] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  179.913117][ T4885] usb 5-1: config 0 interface 0 has no altsetting 0
[  179.914148][ T4885] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  179.914182][ T4885] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  179.914208][ T4885] usb 5-1: config 0 interface 0 has no altsetting 0
[  179.924470][ T4885] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  179.924503][ T4885] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  179.924524][ T4885] usb 5-1: Product: syz
[  179.924539][ T4885] usb 5-1: Manufacturer: syz
[  179.924554][ T4885] usb 5-1: SerialNumber: syz
[  179.930403][ T4885] usb 5-1: config 0 descriptor??
[  179.939404][ T4885] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  180.244821][    C1] usb 5-1: yurex_control_callback - control failed: -71
[  180.259609][ T4887] usb 5-1: USB disconnect, device number 10
[  180.282389][ T4887] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  180.379628][ T5832] loop0: detected capacity change from 0 to 1024
[  180.552722][ T4895] hfsplus: b-tree write err: -5, ino 4
[  180.638119][ T5839] loop1: detected capacity change from 0 to 512
[  180.657882][ T5839] EXT4-fs: Ignoring removed bh option
[  180.668749][ T4885] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  180.680914][ T5839] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  180.713281][ T5839] EXT4-fs (loop1): 1 truncate cleaned up
[  180.725732][ T5839] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  180.877233][ T5848] kvm [5847]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010001) = 0x7
[  180.889869][ T4885] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  180.906675][ T4885] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.922592][ T4885] usb 3-1: Product: syz
[  180.928213][ T4885] usb 3-1: Manufacturer: syz
[  180.935234][ T4885] usb 3-1: SerialNumber: syz
[  180.942091][ T4272] EXT4-fs (loop1): unmounting filesystem.
[  180.964053][ T4885] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  181.093080][ T4885] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  181.273893][ T5851] fuse: Unknown parameter '0x0000000000000006'
[  181.298162][ T5834] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.324116][ T5834] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  181.334891][ T5856] loop3: detected capacity change from 0 to 128
[  181.393546][ T5856] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  181.474019][ T5856] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  182.145886][ T5861] loop4: detected capacity change from 0 to 512
[  182.620300][ T4885] usb 3-1: Service connection timeout for: 256
[  182.626602][ T4885] ath9k_htc 3-1:1.0: ath9k_htc: Unable to initialize HTC services
[  182.685142][   T14] usb 3-1: USB disconnect, device number 7
[  182.688882][ T4885] ath9k_htc: Failed to initialize the device
[  182.700551][   T14] usb 3-1: ath9k_htc: USB layer deinitialized
[  182.778522][ T5865] loop0: detected capacity change from 0 to 64
[  182.858240][ T5865] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  183.267633][ T5874] netlink: 'syz.0.471': attribute type 1 has an invalid length.
[  183.771105][ T5879] netlink: 12 bytes leftover after parsing attributes in process `syz.2.474'.
[  184.548790][   T14] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  184.748779][   T14] usb 2-1: Using ep0 maxpacket: 8
[  184.755940][   T14] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  184.808068][   T14] usb 2-1: config 179 has no interface number 0
[  184.831670][   T14] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  184.878899][   T14] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  184.903192][   T14] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  184.927083][   T14] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  185.387263][ T5892] loop0: detected capacity change from 0 to 512
[  186.006329][   T14] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  186.031148][   T14] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  186.043052][   T14] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.109067][ T5871] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  186.286595][ T4890] usb 2-1: USB disconnect, device number 10
[  186.286617][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  188.046337][ T5914] loop2: detected capacity change from 0 to 512
[  188.053793][ T4890] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  188.278919][ T4890] usb 5-1: Using ep0 maxpacket: 8
[  188.286209][ T4890] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  188.403717][ T4890] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  188.423861][ T4890] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  188.452376][ T4890] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  188.470352][ T4890] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  189.033417][ T5923] loop1: detected capacity change from 0 to 512
[  189.565986][ T4890] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  189.575424][ T4890] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.851939][ T4890] usb 5-1: usb_control_msg returned -71
[  189.857817][ T4890] usbtmc 5-1:16.0: can't read capabilities
[  189.878840][ T4885] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  189.898338][ T4890] usb 5-1: USB disconnect, device number 11
[  190.078951][ T4885] usb 1-1: Using ep0 maxpacket: 8
[  190.100767][ T4885] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  190.147567][ T4885] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  190.168148][ T4885] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  190.223609][ T4885] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  190.238898][ T5937] loop4: detected capacity change from 0 to 512
[  190.310527][ T4885] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  190.329687][ T5937] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  190.356213][ T5937] EXT4-fs (loop4): shut down requested (1)
[  190.369597][ T4885] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.419918][ T4278] EXT4-fs (loop4): unmounting filesystem.
[  190.677337][ T4885] usb 1-1: GET_CAPABILITIES returned 0
[  190.688749][ T4885] usbtmc 1-1:16.0: can't read capabilities
[  190.825889][ T5949] loop2: detected capacity change from 0 to 256
[  190.856786][ T5950] loop1: detected capacity change from 0 to 136
[  190.884959][ T4710] usb 1-1: USB disconnect, device number 7
[  192.012677][ T5952] loop3: detected capacity change from 0 to 512
[  192.030229][ T5950] iso9660: Corrupted directory entry in block 2 of inode 1472
[  192.885179][ T5962] loop1: detected capacity change from 0 to 512
[  193.547003][ T5966] netlink: 24 bytes leftover after parsing attributes in process `syz.2.506'.
[  194.204923][ T5957] loop4: detected capacity change from 0 to 32768
[  194.239105][ T5957] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  194.445275][ T4278] ocfs2: Unmounting device (7,4) on (node local)
[  194.553486][ T4710] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  194.803605][ T4710] usb 1-1: Using ep0 maxpacket: 8
[  194.812989][ T4710] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  194.837539][ T4710] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.866696][ T4710] usb 1-1: Product: syz
[  194.873991][ T4710] usb 1-1: Manufacturer: syz
[  194.889182][ T4710] usb 1-1: SerialNumber: syz
[  194.900724][ T4710] usb 1-1: config 0 descriptor??
[  194.911399][ T4710] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  194.928813][ T4710] usb 1-1: setting power ON
[  194.939620][ T4710] dvb-usb: bulk message failed: -22 (2/0)
[  194.960893][ T4710] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  194.980189][ T4348] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  194.981317][ T4710] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  195.016998][ T4710] usb 1-1: media controller created
[  195.073107][ T4710] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  195.076794][ T5983] loop3: detected capacity change from 0 to 4096
[  195.113002][ T5970] dvb-usb: bulk message failed: -22 (3/0)
[  195.134395][ T5983] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[  195.150815][ T5970] dvb-usb: bulk message failed: -22 (4/0)
[  195.162877][ T5970] cxusb: i2c read failed
[  195.172816][ T4348] usb 3-1: config 0 has an invalid interface number: 204 but max is 0
[  195.182982][ T4710] usb 1-1: selecting invalid altsetting 6
[  195.191426][ T4348] usb 3-1: config 0 has no interface number 0
[  195.198561][ T4710] usb 1-1: digital interface selection failed (-22)
[  195.205781][ T5988] dvb-usb: bulk message failed: -22 (5/0)
[  195.211688][ T4710] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  195.239576][ T4348] usb 3-1: New USB device found, idVendor=12d6, idProduct=0444, bcdDevice=29.3d
[  195.251669][ T4710] usb 1-1: setting power OFF
[  195.256869][ T4710] dvb-usb: bulk message failed: -22 (2/0)
[  195.290737][ T4348] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.294237][ T4710] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  195.311399][ T4348] usb 3-1: Product: syz
[  195.315843][ T4348] usb 3-1: Manufacturer: syz
[  195.349560][ T4710] (NULL device *): no alternate interface
[  195.351505][ T4348] usb 3-1: SerialNumber: syz
[  195.377877][ T5993] loop4: detected capacity change from 0 to 128
[  195.417493][ T4348] usb 3-1: config 0 descriptor??
[  195.417886][ T4710] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  195.440875][ T4348] ems_usb 3-1:0.204 (unnamed net_device) (uninitialized): couldn't initialize controller: -22
[  195.456091][ T5993] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  195.496013][ T4348] ems_usb: probe of 3-1:0.204 failed with error -22
[  195.508855][ T4710] usb 1-1: USB disconnect, device number 8
[  195.585073][ T4283] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  195.596781][ T4283] CPU: 1 PID: 4283 Comm: kworker/u5:6 Not tainted syzkaller #0
[  195.596832][ T5993] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  195.604358][ T4283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  195.604419][ T4283] Workqueue: hci2 hci_rx_work
[  195.604453][ T4283] Call Trace:
[  195.604464][ T4283]  <TASK>
[  195.604474][ T4283]  dump_stack_lvl+0x188/0x24e
[  195.604510][ T4283]  ? show_regs_print_info+0x12/0x12
[  195.604532][ T4283]  ? load_image+0x400/0x400
[  195.604567][ T4283]  sysfs_create_dir_ns+0x26a/0x290
[  195.604598][ T4283]  ? sysfs_warn_dup+0xa0/0xa0
[  195.604621][ T4283]  ? do_raw_spin_unlock+0x11d/0x230
[  195.604644][ T4283]  kobject_add_internal+0x61c/0xcc0
[  195.604681][ T4283]  kobject_add+0x160/0x230
[  195.673957][ T4283]  ? kobject_init+0x1d0/0x1d0
[  195.678689][ T4283]  ? klist_children_get+0x50/0x50
[  195.683788][ T4283]  ? get_device_parent+0x121/0x3f0
[  195.688946][ T4283]  device_add+0x483/0xfb0
[  195.689047][ T5983] ntfs3: Cannot load iocharset cp94./file1
[  195.693297][ T4283]  ? kmem_cache_free+0xf7/0x290
[  195.693352][ T4283]  hci_conn_add_sysfs+0xd1/0x1e0
[  195.709018][ T4283]  le_conn_complete_evt+0x105f/0x1670
[  195.714456][ T4283]  ? hci_le_big_info_adv_report_evt+0x2f0/0x2f0
[  195.720751][ T4283]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  195.726422][ T4283]  ? skb_pull_data+0xf7/0x200
[  195.731136][ T4283]  hci_le_enh_conn_complete_evt+0x185/0x460
[  195.737063][ T4283]  ? hci_le_remote_conn_param_req_evt+0xd10/0xd10
[  195.743517][ T4283]  ? hci_remote_host_features_evt+0x270/0x270
[  195.749703][ T4283]  hci_event_packet+0x7b6/0x1280
[  195.754697][ T4283]  ? bis_list+0x280/0x280
[  195.759157][ T4283]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  195.765175][ T4283]  ? kcov_remote_start+0x4c7/0x7e0
[  195.770344][ T4283]  ? mt_dump_node+0x8f0/0x1920
[  195.775260][ T4283]  ? hci_send_to_monitor+0x9c/0x4a0
[  195.780517][ T4283]  hci_rx_work+0x3eb/0xd40
[  195.785004][ T4283]  ? _raw_spin_unlock+0x40/0x40
[  195.789901][ T4283]  ? process_one_work+0x7b0/0x1160
[  195.795065][ T4283]  process_one_work+0x8a2/0x1160
[  195.800236][ T4283]  ? worker_detach_from_pool+0x240/0x240
[  195.806002][ T4283]  ? _raw_spin_lock_irq+0xb7/0xf0
[  195.811075][ T4283]  ? _raw_spin_lock_irqsave+0x100/0x100
[  195.816672][ T4283]  ? kthread_data+0x4b/0xc0
[  195.821235][ T4283]  worker_thread+0xaa2/0x1270
[  195.825973][ T4283]  kthread+0x29d/0x330
[  195.830092][ T4283]  ? worker_clr_flags+0x1a0/0x1a0
[  195.835160][ T4283]  ? kthread_blkcg+0xd0/0xd0
[  195.839807][ T4283]  ret_from_fork+0x1f/0x30
[  195.844280][ T4283]  </TASK>
[  195.845271][ T4318] usb 3-1: USB disconnect, device number 8
[  195.848975][ T4283] kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  195.867369][ T4283] Bluetooth: hci2: failed to register connection device
[  195.933733][ T5993] overlayfs: failed to create directory ./bus/work (errno: 28); mounting read-only
[  195.988400][ T5997] netlink: 2 bytes leftover after parsing attributes in process `syz.3.515'.
[  196.161546][ T6001] loop3: detected capacity change from 0 to 128
[  196.227219][ T6001] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  196.236517][ T6001] ext4 filesystem being mounted at /106/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  196.371876][ T6010] netlink: 24 bytes leftover after parsing attributes in process `syz.0.520'.
[  196.485457][ T6001] EXT4-fs warning (device loop3): verify_group_input:151: Cannot add at group 3999182285 (only 1 groups)
[  196.816025][ T6014] loop2: detected capacity change from 0 to 64
[  196.821242][ T4280] EXT4-fs (loop3): unmounting filesystem.
[  197.031046][ T6014] hfs: unable to locate alternate MDB
[  197.037103][ T6014] hfs: continuing without an alternate MDB
[  197.169574][ T6014] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  mounting read-only.
[  197.200961][ T6016] fuse: Unknown parameter 'fd0x0000000000000006'
[  198.043881][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  198.050478][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  198.297812][ T6033] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  198.304871][ T6033] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  198.339468][ T6033] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  198.345961][ T6033] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  198.378860][ T5059] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  198.391667][ T6033] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  198.398174][ T6033] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  198.446350][ T6033] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  198.452895][ T6033] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  198.515543][ T6033] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  198.522078][ T6033] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  198.610499][ T5059] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  198.628710][ T5059] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  198.662514][ T5059] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  198.692477][ T5059] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.756030][ T5059] usb 1-1: Product: syz
[  198.779079][ T5059] usb 1-1: Manufacturer: syz
[  198.783377][ T6044] loop2: detected capacity change from 0 to 128
[  198.789059][ T5059] usb 1-1: SerialNumber: syz
[  198.819484][ T5059] usb 1-1: config 0 descriptor??
[  198.825847][ T6028] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  198.832841][ T6044] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  198.838401][ T6028] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  198.860434][ T6047] loop3: detected capacity change from 0 to 1024
[  198.868878][ T6044] hpfs: filesystem error: improperly stopped
[  198.908989][ T6044] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  198.922450][ T6045] loop1: detected capacity change from 0 to 4096
[  198.932153][ T6044] hpfs: You really don't want any checks? You are crazy...
[  198.973127][ T6044] hpfs: hpfs_map_sector(): read error
[  199.001164][ T6044] hpfs: code page support is disabled
[  199.035205][ T6044] hpfs: hpfs_map_4sectors(): unaligned read
[  199.063254][ T6044] hpfs: hpfs_map_4sectors(): unaligned read
[  199.100154][ T6044] hpfs: filesystem error: unable to find root dir
[  199.169173][ T6028] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  199.176506][ T6028] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  199.191476][ T6044] hpfs: bad mount options.
[  199.251922][ T6050] ALSA: mixer_oss: invalid OSS volume ''
[  199.283696][ T4272] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[  199.323851][ T4272] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  199.511456][ T6037] loop4: detected capacity change from 0 to 32768
[  199.637248][ T5059] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[  199.679534][ T6059] netlink: 24 bytes leftover after parsing attributes in process `syz.1.536'.
[  199.699038][ T4890] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  199.941980][ T5059] dm9601 1-1:0.0 (unnamed net_device) (uninitialized): Error reading chip ID
[  199.965365][   T27] audit: type=1800 audit(1768996026.550:8): pid=6037 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.529" name="file1" dev="loop4" ino=7 res=0 errno=0
[  200.008783][ T6062] fuse: Unknown parameter 'fd0xffffffffffffffff'
[  200.020519][ T5059] usb 1-1: USB disconnect, device number 9
[  200.039041][ T4890] usb 3-1: Using ep0 maxpacket: 32
[  200.221957][ T4890] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  200.253635][ T4890] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  200.281577][ T4890] usb 3-1: config 0 descriptor??
[  200.492985][ T4890] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  200.524026][ T4890] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  200.545287][ T4890] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  200.562175][ T4890] usb 3-1: media controller created
[  201.606414][ T6073] loop3: detected capacity change from 0 to 512
[  201.732523][ T4890] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  201.783748][ T4890] az6027: usb out operation failed. (-71)
[  201.790935][ T4890] az6027: usb out operation failed. (-71)
[  201.796709][ T4890] stb0899_attach: Driver disabled by Kconfig
[  201.803296][ T4890] az6027: no front-end attached
[  201.803296][ T4890] 
[  201.811330][ T4890] az6027: usb out operation failed. (-71)
[  201.817229][ T4890] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  201.842121][ T4890] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input9
[  201.893079][ T4890] dvb-usb: schedule remote query interval to 400 msecs.
[  201.995353][ T4890] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  202.036680][ T4890] usb 3-1: USB disconnect, device number 9
[  202.174772][ T4890] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  202.378044][ T6092] loop1: detected capacity change from 0 to 2048
[  202.408533][ T6092] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  202.629263][ T5059] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  202.881450][ T5059] usb 1-1: Using ep0 maxpacket: 16
[  202.951961][ T5059] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  203.096997][ T5059] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  203.229383][ T5059] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  203.360345][ T5059] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.458327][ T5059] usb 1-1: config 0 descriptor??
[  203.495675][ T6088] loop4: detected capacity change from 0 to 32768
[  203.516419][ T6088] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by syz.4.548 (6088)
[  203.546396][ T6088] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  203.556962][ T6088] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  203.570134][ T6088] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  203.580934][ T6088] BTRFS info (device loop4): use zstd compression, level 3
[  203.590032][ T6088] BTRFS info (device loop4): using free space tree
[  203.627768][ T6088] BTRFS info (device loop4): enabling ssd optimizations
[  203.922148][ T5059] corsair 0003:1B1C:1B02.000B: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.0-1/input0
[  204.109166][ T6126] loop1: detected capacity change from 0 to 512
[  204.619695][ T5059] corsair 0003:1B1C:1B02.000B: Read invalid backlight brightness: bf.
[  204.848701][ T4890] usb 1-1: USB disconnect, device number 10
[  204.951282][ T4278] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  205.158877][ T4273] Bluetooth: hci0: command 0x0406 tx timeout
[  205.179516][ T4273] Bluetooth: hci2: command 0x0406 tx timeout
[  205.185648][ T4273] Bluetooth: hci3: command 0x0406 tx timeout
[  205.369311][ T6135] comedi comedi3: bad chanlist[0]=0x25dfb300 chan=45824 range length=1
[  205.475293][ T6136] loop3: detected capacity change from 0 to 256
[  205.506832][ T6139] loop0: detected capacity change from 0 to 128
[  205.610233][ T6139] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  205.631796][ T6139] ext4 filesystem being mounted at /134/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  206.033708][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  206.060902][ T6149] loop2: detected capacity change from 0 to 4096
[  206.079081][ T6149] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512)
[  206.420559][ T6161] netlink: 8 bytes leftover after parsing attributes in process `syz.3.565'.
[  206.429872][ T6156] loop4: detected capacity change from 0 to 1024
[  206.621801][ T6156] hfsplus: bad catalog entry type
[  206.755576][ T4351] hfsplus: b-tree write err: -5, ino 4
[  206.968012][ T6175] loop2: detected capacity change from 0 to 512
[  207.733107][ T6174] netlink: 24 bytes leftover after parsing attributes in process `syz.1.559'.
[  207.893085][ T6187] loop3: detected capacity change from 0 to 1024
[  208.092888][ T6187] hfsplus: bad catalog entry type
[  208.231958][    T9] hfsplus: b-tree write err: -5, ino 4
[  208.292472][ T6193] 9pnet_fd: Insufficient options for proto=fd
[  208.405395][ T6197] loop3: detected capacity change from 0 to 256
[  208.583317][ T6201] loop0: detected capacity change from 0 to 256
[  208.642122][ T6201] exfat: Deprecated parameter 'utf8'
[  208.668923][ T6201] exfat: Deprecated parameter 'namecase'
[  208.734261][ T6201] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xc465a08c, utbl_chksum : 0xe619d30d)
[  209.214815][ T6206] netlink: 8 bytes leftover after parsing attributes in process `syz.0.578'.
[  209.219469][ T6207] program syz.2.574 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  209.626897][ T6221] loop4: detected capacity change from 0 to 64
[  209.796339][ T6223] loop1: detected capacity change from 0 to 512
[  210.482404][ T6230] FAT-fs (loop2): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  210.549190][ T6230] syz.2.587: attempt to access beyond end of device
[  210.549190][ T6230] loop2: rw=2051, sector=104, nr_sectors = 937 limit=128
[  210.648377][ T6232] set_capacity_and_notify: 1 callbacks suppressed
[  210.648395][ T6232] loop4: detected capacity change from 0 to 128
[  210.795565][ T6232] FAT-fs (loop4): error, fat_get_cluster: invalid start cluster (i_pos 322, start 000007ff)
[  210.828962][ T6232] FAT-fs (loop4): Filesystem has been set read-only
[  210.891017][ T6232] FAT-fs (loop4): error, invalid access to FAT (entry 0x000007ff)
[  211.203657][ T6242] net_ratelimit: 66 callbacks suppressed
[  211.203691][ T6242] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  211.617223][ T6245] loop4: detected capacity change from 0 to 512
[  212.428089][ T6226] loop3: detected capacity change from 0 to 40427
[  212.541737][ T6226] F2FS-fs (loop3): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  212.579747][ T6226] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  212.581395][ T6248] loop0: detected capacity change from 0 to 256
[  212.588072][ T6226] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x35f7
[  212.746394][ T6226] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x3ffff
[  212.817497][ T6226] F2FS-fs (loop3): invalid crc value
[  212.905625][ T6226] F2FS-fs (loop3): Found nat_bits in checkpoint
[  213.054206][ T6226] F2FS-fs (loop3): Start checkpoint disabled!
[  213.111339][ T6226] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  213.118441][ T6226] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  213.297694][ T6254] loop1: detected capacity change from 0 to 8192
[  213.355687][ T6254] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  213.399149][ T6254] REISERFS (device loop1): found reiserfs format "3.5" with non-standard journal
[  213.444896][ T6254] REISERFS (device loop1): using ordered data mode
[  213.458948][ T6254] reiserfs: using flush barriers
[  213.516239][ T6254] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  213.542121][ T6240] loop2: detected capacity change from 0 to 40427
[  213.574219][ T6240] F2FS-fs (loop2): invalid crc value
[  214.044842][ T6263] netlink: 12 bytes leftover after parsing attributes in process `syz.0.601'.
[  214.669170][ T6254] REISERFS (device loop1): checking transaction log (loop1)
[  214.709726][ T6254] REISERFS (device loop1): Using r5 hash to sort names
[  214.716960][ T6254] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  214.728962][ T6240] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-12)
[  214.906758][ T4732] kworker/u4:9: attempt to access beyond end of device
[  214.906758][ T4732] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  215.947740][ T6276] loop4: detected capacity change from 0 to 512
[  216.736083][ T4710] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  216.922900][ T4710] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  216.941727][ T4710] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.967655][ T4710] usb 3-1: Product: syz
[  216.980024][ T4710] usb 3-1: Manufacturer: syz
[  216.989368][ T4710] usb 3-1: SerialNumber: syz
[  217.007724][ T4710] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  217.073975][ T4710] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  217.369713][ T4709] usb 3-1: USB disconnect, device number 10
[  217.777558][ T6295] netlink: 24 bytes leftover after parsing attributes in process `syz.3.614'.
[  218.375730][ T6306] netlink: 12 bytes leftover after parsing attributes in process `syz.4.616'.
[  219.000607][ T4710] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  219.007635][ T4710] ath9k_htc: Failed to initialize the device
[  219.069531][ T4709] usb 3-1: ath9k_htc: USB layer deinitialized
[  219.095073][ T4885] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  219.135301][ T6309] netlink: 72 bytes leftover after parsing attributes in process `syz.2.617'.
[  219.300606][ T4885] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  219.324568][ T4885] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  219.366818][ T4885] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  219.396945][ T4885] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  219.409779][ T6313] netlink: 'syz.2.619': attribute type 10 has an invalid length.
[  219.420698][ T4885] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  219.452981][ T4885] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  219.462379][ T4885] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  219.478856][ T4885] usb 2-1: Product: syz
[  219.483158][ T4885] usb 2-1: Manufacturer: syz
[  219.489699][ T6315] Illegal XDP return value 4294967294 on prog  (id 21) dev N/A, expect packet loss!
[  219.499354][ T6313] device hsr_slave_0 left promiscuous mode
[  219.509822][ T4885] cdc_wdm 2-1:1.0: skipping garbage
[  219.515073][ T4885] cdc_wdm 2-1:1.0: skipping garbage
[  219.531625][ T4885] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  219.538080][ T6313] device hsr_slave_1 left promiscuous mode
[  219.544965][ T4885] cdc_wdm 2-1:1.0: Unknown control protocol
[  219.761329][ T5057] usb 2-1: USB disconnect, device number 11
[  220.259902][ T6333] loop3: detected capacity change from 0 to 164
[  220.785470][ T6336] netlink: 12 bytes leftover after parsing attributes in process `syz.2.630'.
[  221.563803][ T6342] program syz.1.632 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  221.705582][ T6321] loop0: detected capacity change from 0 to 32768
[  221.829124][ T6321] XFS (loop0): Mounting V5 Filesystem
[  221.918883][ T6321] XFS (loop0): Ending clean mount
[  221.930770][ T6321] XFS (loop0): Quotacheck needed: Please wait.
[  222.078025][ T6321] XFS (loop0): Quotacheck: Done.
[  222.333646][ T4268] XFS (loop0): Unmounting Filesystem
[  222.607864][ T6347] loop1: detected capacity change from 0 to 32768
[  222.802397][ T6347] JBD2: Ignoring recovery information on journal
[  223.627791][ T6347] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  224.209442][ T6382] netlink: 12 bytes leftover after parsing attributes in process `syz.0.644'.
[  224.869931][ T6374] loop4: detected capacity change from 0 to 4096
[  224.902840][ T6374] ntfs: (device loop4): ntfs_read_locked_inode(): $DATA attribute is missing.
[  224.944061][ T6374] ntfs: (device loop4): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  225.008930][ T6374] ntfs: (device loop4): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  225.052193][ T6374] ntfs: volume version 3.1.
[  225.173189][ T4272] ocfs2: Unmounting device (7,1) on (node local)
[  225.343028][ T6394] loop3: detected capacity change from 0 to 1024
[  225.400703][ T6394] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  225.458296][ T6399] loop1: detected capacity change from 0 to 1024
[  225.465835][ T6399] EXT4-fs: inline encryption not supported
[  225.484512][ T6399] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 2: comm syz.1.648: lblock 2 mapped to illegal pblock 2 (length 1)
[  225.511194][ T4278] ntfs: (device loop4): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  225.576062][ T6399] EXT4-fs (loop1): Remounting filesystem read-only
[  225.586239][ T4280] EXT4-fs (loop3): unmounting filesystem.
[  225.624964][ T6399] Quota error (device loop1): qtree_write_dquot: dquota write failed
[  225.651112][ T6399] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 48: comm syz.1.648: lblock 0 mapped to illegal pblock 48 (length 1)
[  225.725214][ T6399] EXT4-fs (loop1): Remounting filesystem read-only
[  225.773717][ T6399] Quota error (device loop1): v2_write_file_info: Can't write info structure
[  225.818877][ T6399] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.648: Failed to acquire dquot type 0
[  225.874032][ T6399] EXT4-fs (loop1): Remounting filesystem read-only
[  225.909099][ T6399] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5933: Corrupt filesystem
[  225.998720][ T6399] EXT4-fs (loop1): Remounting filesystem read-only
[  226.038835][ T6399] EXT4-fs error (device loop1): ext4_evict_inode:279: inode #11: comm syz.1.648: mark_inode_dirty error
[  226.108789][ T6399] EXT4-fs (loop1): Remounting filesystem read-only
[  226.135859][ T6399] EXT4-fs warning (device loop1): ext4_evict_inode:282: couldn't mark inode dirty (err -117)
[  226.174417][ T6399] EXT4-fs (loop1): 1 orphan inode deleted
[  226.191294][ T6415] loop4: detected capacity change from 0 to 1024
[  226.195558][ T4896] EXT4-fs error (device loop1): ext4_map_blocks:635: inode #3: block 1: comm kworker/u4:12: lblock 1 mapped to illegal pblock 1 (length 1)
[  226.203390][ T6399] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  226.284203][ T6415] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  226.285576][ T4896] EXT4-fs (loop1): Remounting filesystem read-only
[  226.318716][ T4896] Quota error (device loop1): remove_tree: Can't read quota data block 1
[  226.337529][ T4896] EXT4-fs error (device loop1): ext4_release_dquot:6871: comm kworker/u4:12: Failed to release dquot type 0
[  226.353500][ T4896] EXT4-fs (loop1): Remounting filesystem read-only
[  226.355591][ T6415] ext4 filesystem being mounted at /117/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  226.428907][ T6399] EXT4-fs (loop1): shut down requested (2)
[  226.604955][ T4272] EXT4-fs (loop1): unmounting filesystem.
[  226.638051][ T6402] loop2: detected capacity change from 0 to 32768
[  226.688149][ T6402] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 scanned by syz.2.650 (6402)
[  226.692000][ T6425] loop0: detected capacity change from 0 to 512
[  226.771030][ T6429] loop1: detected capacity change from 0 to 1024
[  226.790380][ T6012] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: comm kworker/u4:15: lblock 0 mapped to illegal pblock 0 (length 6)
[  226.811071][ T6402] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  226.813242][ T6425] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  226.828573][ T6402] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  226.850957][ T6012] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 6 with error 117
[  226.868855][ T6402] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  226.888607][ T6012] EXT4-fs (loop4): This should not happen!! Data will be lost
[  226.888607][ T6012] 
[  226.900637][ T6012] EXT4-fs error (device loop4): ext4_map_blocks:745: inode #15: block 8: comm kworker/u4:15: lblock 8 mapped to illegal pblock 8 (length 8)
[  226.915903][ T6402] BTRFS info (device loop2): use zstd compression, level 3
[  226.941834][ T6402] BTRFS info (device loop2): using free space tree
[  226.960061][ T6429] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  226.965673][ T6012] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  226.985127][ T6425] EXT4-fs (loop0): 1 truncate cleaned up
[  227.019018][ T6012] EXT4-fs (loop4): This should not happen!! Data will be lost
[  227.019018][ T6012] 
[  227.029004][ T6425] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  227.076210][ T6440] loop3: detected capacity change from 0 to 2048
[  227.106379][ T4278] EXT4-fs (loop4): unmounting filesystem.
[  227.133849][ T6440] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  227.250781][ T6425] EXT4-fs error (device loop0): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.0.646: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  227.313833][ T6402] BTRFS info (device loop2): enabling ssd optimizations
[  227.352741][ T6425] EXT4-fs (loop0): Remounting filesystem read-only
[  227.377177][ T6425] EXT4-fs error (device loop0) in ext4_delete_entry:2800: Corrupt filesystem
[  227.411919][ T6425] EXT4-fs (loop0): Remounting filesystem read-only
[  227.426020][ T6425] EXT4-fs warning (device loop0): ext4_rename_delete:3778: inode #2: comm syz.0.646: Deleting old file: nlink 5, error=-117
[  227.710910][ T4268] EXT4-fs (loop0): unmounting filesystem.
[  227.772503][ T4272] EXT4-fs (loop1): unmounting filesystem.
[  228.191536][ T6468] netlink: 24 bytes leftover after parsing attributes in process `syz.0.662'.
[  228.352022][ T6471] netlink: 64 bytes leftover after parsing attributes in process `syz.4.665'.
[  228.374776][ T4267] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  229.976966][ T6494] netlink: 12 bytes leftover after parsing attributes in process `syz.4.670'.
[  230.601490][ T6493] loop2: detected capacity change from 0 to 8
[  230.647754][ T6462] loop3: detected capacity change from 0 to 40427
[  230.747389][ T6462] F2FS-fs (loop3): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  230.756949][ T6462] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  230.766022][ T6462] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x35f7
[  230.775072][ T6462] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x3ffff
[  230.784745][ T6462] F2FS-fs (loop3): invalid crc value
[  230.856981][ T6462] F2FS-fs (loop3): Found nat_bits in checkpoint
[  231.033633][ T6462] F2FS-fs (loop3): Start checkpoint disabled!
[  231.215626][ T6502] device pim6reg1 entered promiscuous mode
[  231.298370][ T6489] loop0: detected capacity change from 0 to 32768
[  231.403359][ T6489] ERROR: (device loop0): dtSearch: DT_GETPAGE: dtree page corrupt
[  231.403359][ T6489] 
[  231.443725][ T6489] ERROR: (device loop0): remounting filesystem as read-only
[  231.500146][ T6489] jfs_lookup: dtSearch returned -5
[  231.537852][ T6489] ERROR: (device loop0): dtReadFirst: DT_GETPAGE: dtree page corrupt
[  231.537852][ T6489] 
[  231.559012][ T6489] jfs_readdir: unexpected rc = -5 from dtReadNext
[  231.888798][  T130] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  232.078907][  T130] usb 2-1: Using ep0 maxpacket: 32
[  232.086397][  T130] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  232.123677][  T130] usb 2-1: config 0 has no interface number 0
[  232.132540][ T6524] loop0: detected capacity change from 0 to 16
[  232.147207][  T130] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  232.188760][  T130] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.205485][ T6524] erofs: (device loop0): mounted with root inode @ nid 36.
[  232.214815][  T130] usb 2-1: Product: syz
[  232.238733][  T130] usb 2-1: Manufacturer: syz
[  232.249175][  T130] usb 2-1: SerialNumber: syz
[  232.285239][ T6524] syz.0.680: attempt to access beyond end of device
[  232.285239][ T6524] loop0: rw=524288, sector=16, nr_sectors = 32 limit=16
[  232.285279][  T130] usb 2-1: config 0 descriptor??
[  232.327612][ T6513] loop3: detected capacity change from 0 to 32768
[  232.330166][  T130] smsc95xx v2.0.0
[  232.353658][ T6524] syz.0.680: attempt to access beyond end of device
[  232.353658][ T6524] loop0: rw=524288, sector=8, nr_sectors = 32 limit=16
[  232.477160][ T6513] XFS (loop3): Mounting V5 Filesystem
[  232.712432][ T6513] XFS (loop3): Ending clean mount
[  232.737408][  T130] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  232.764642][  T130] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  232.869877][ T4280] XFS (loop3): Unmounting Filesystem
[  232.949456][ T6521] loop4: detected capacity change from 0 to 40427
[  232.992889][ T6521] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  233.017631][ T6521] F2FS-fs (loop4): invalid crc value
[  233.027521][ T6521] F2FS-fs (loop4): Found nat_bits in checkpoint
[  233.159383][ T6521] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  233.188495][ T6525] loop2: detected capacity change from 0 to 40427
[  233.201618][  T130] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000108: -71
[  233.235286][  T130] smsc95xx: probe of 2-1:0.67 failed with error -71
[  233.243863][ T6525] F2FS-fs (loop2): Small segment_count (9 < 1 * 24)
[  233.284158][ T6525] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  233.309019][  T130] usb 2-1: USB disconnect, device number 12
[  233.361298][ T6521] F2FS-fs (loop4) : inject no more block in inc_valid_block_count of __allocate_data_block+0x460/0xaa0
[  233.385429][ T6525] F2FS-fs (loop2): Found nat_bits in checkpoint
[  233.531039][ T6525] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  233.542913][ T4278] syz-executor: attempt to access beyond end of device
[  233.542913][ T4278] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  233.558815][ T6525] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  233.625046][ T6549] loop0: detected capacity change from 0 to 128
[  233.774777][ T4267] syz-executor: attempt to access beyond end of device
[  233.774777][ T4267] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  234.005434][ T4639] kworker/u4:7: attempt to access beyond end of device
[  234.005434][ T4639] loop0: rw=1, sector=145, nr_sectors = 328 limit=128
[  234.060885][ T4639] kworker/u4:7: attempt to access beyond end of device
[  234.060885][ T4639] loop0: rw=1, sector=481, nr_sectors = 560 limit=128
[  234.113564][ T4639] kworker/u4:7: attempt to access beyond end of device
[  234.113564][ T4639] loop0: rw=1, sector=473, nr_sectors = 8 limit=128
[  234.274944][ T6559] loop1: detected capacity change from 0 to 2048
[  234.330627][ T6565] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  234.370103][   T27] audit: type=1800 audit(1768996060.960:9): pid=6559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.694" name="file1" dev="loop1" ino=15 res=0 errno=0
[  234.395687][ T6559] NILFS error (device loop1): nilfs_lookup: deleted inode referenced: 12
[  234.461419][ T6559] Remounting filesystem read-only
[  235.637501][ T6573] loop0: detected capacity change from 0 to 512
[  235.799143][  T130] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  235.857846][ T4272] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[  236.056089][  T130] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  236.149930][  T130] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  236.321835][  T130] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  236.496968][  T130] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  236.701802][  T130] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  236.800060][  T130] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  236.837628][  T130] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  236.913667][  T130] usb 5-1: Product: syz
[  236.917895][  T130] usb 5-1: Manufacturer: syz
[  236.967887][  T130] cdc_wdm 5-1:1.0: skipping garbage
[  236.974019][  T130] cdc_wdm 5-1:1.0: skipping garbage
[  236.982804][ T6566] loop3: detected capacity change from 0 to 32768
[  236.998054][  T130] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  237.028782][  T130] cdc_wdm 5-1:1.0: Unknown control protocol
[  237.081647][ T6566] XFS (loop3): Mounting V5 Filesystem
[  237.222512][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  237.227772][  T130] usb 5-1: USB disconnect, device number 12
[  237.229491][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  237.241349][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  237.267303][ T6566] XFS (loop3): Ending clean mount
[  237.279437][ T6566] XFS (loop3): Quotacheck needed: Please wait.
[  237.512750][ T6566] XFS (loop3): Quotacheck: Done.
[  237.552145][ T4280] XFS (loop3): Unmounting Filesystem
[  237.727700][ T6601] block device autoloading is deprecated and will be removed.
[  237.871332][ T6605] netlink: 12 bytes leftover after parsing attributes in process `syz.2.707'.
[  237.893613][ T6605] netlink: 12 bytes leftover after parsing attributes in process `syz.2.707'.
[  238.104242][ T6612] loop3: detected capacity change from 0 to 512
[  238.147030][ T6612] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  238.203077][ T6612] ext4 filesystem being mounted at /146/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.404334][ T6628] loop1: detected capacity change from 0 to 2048
[  238.473896][ T6628] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  238.488012][ T6628] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  238.558405][ T4280] EXT4-fs (loop3): unmounting filesystem.
[  239.414401][ T6671] netlink: 8 bytes leftover after parsing attributes in process `syz.0.729'.
[  239.468116][ T6671] netlink: 40 bytes leftover after parsing attributes in process `syz.0.729'.
[  239.560685][ T5057] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  239.799917][ T5057] usb 4-1: Using ep0 maxpacket: 8
[  239.837258][ T5057] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  239.977001][ T5057] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  240.129172][ T5057] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  240.335811][ T5057] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  240.371796][ T6679] loop2: detected capacity change from 0 to 4096
[  240.427393][ T5057] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  240.434635][ T6679] NILFS (loop2): invalid segment: Checksum error in segment payload
[  240.453995][ T6679] NILFS (loop2): trying rollback from an earlier position
[  240.488807][ T5057] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.501696][ T6679] NILFS (loop2): recovery complete
[  240.685925][ T6670] loop1: detected capacity change from 0 to 32768
[  240.725486][ T6670] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.730 (6670)
[  240.735032][ T5057] usb 4-1: GET_CAPABILITIES returned 0
[  240.754175][ T5057] usbtmc 4-1:16.0: can't read capabilities
[  240.825023][ T6670] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  240.856087][ T6670] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  240.889083][ T6670] BTRFS info (device loop1): turning on sync discard
[  240.914401][ T6670] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  240.956086][ T6670] BTRFS info (device loop1): use zstd compression, level 3
[  240.959674][ T5057] usb 4-1: USB disconnect, device number 10
[  240.978884][ T6670] BTRFS info (device loop1): turning off barriers
[  241.010248][ T6670] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  241.054441][ T6670] BTRFS info (device loop1): trying to use backup root at mount time
[  241.073113][ T6670] BTRFS info (device loop1): enabling auto defrag
[  241.090179][ T6670] BTRFS info (device loop1): using default commit interval 30s
[  241.108069][ T6670] BTRFS info (device loop1): max_inline at 0
[  241.128278][ T6670] BTRFS info (device loop1): using free space tree
[  241.237231][ T6682] loop4: detected capacity change from 0 to 32768
[  241.316509][ T6685] loop2: detected capacity change from 0 to 32768
[  241.329139][ T6685] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 scanned by syz.2.736 (6685)
[  241.357413][ T4732] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  241.392725][ T6685] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  241.415891][ T6682] XFS (loop4): Mounting V5 Filesystem
[  241.450549][ T6670] BTRFS error (device loop1): failed to load root extent
[  241.457693][ T6670] BTRFS warning (device loop1): try to load backup roots slot 1
[  241.466076][ T6685] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  241.476649][ T6682] XFS (loop4): Ending clean mount
[  241.489044][ T6685] BTRFS info (device loop2): using free space tree
[  241.498951][ T4732] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  241.542869][ T6670] BTRFS warning (device loop1): couldn't read tree root
[  241.581444][ T6670] BTRFS warning (device loop1): try to load backup roots slot 2
[  241.623122][ T6670] BTRFS error (device loop1): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7
[  241.669296][ T6670] BTRFS warning (device loop1): couldn't read tree root
[  241.679419][ T6670] BTRFS warning (device loop1): try to load backup roots slot 3
[  241.687704][ T6685] BTRFS info (device loop2): enabling ssd optimizations
[  241.769210][ T6670] BTRFS info (device loop1): enabling ssd optimizations
[  241.776773][ T4278] XFS (loop4): Unmounting Filesystem
[  241.785843][   T27] audit: type=1804 audit(1768996068.370:10): pid=6685 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.736" name="/newroot/141/file0/file1" dev="loop2" ino=260 res=1 errno=0
[  241.815363][ T6670] BTRFS info (device loop1): rebuilding free space tree
[  241.877285][ T6734] block nbd3: shutting down sockets
[  241.928803][ T4267] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  242.077071][ T6670] BTRFS info (device loop1): checking UUID tree
[  242.211204][ T6738] netlink: 68 bytes leftover after parsing attributes in process `syz.3.741'.
[  242.396281][ T6706] loop0: detected capacity change from 0 to 32768
[  242.437201][ T6706] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by syz.0.737 (6706)
[  242.565212][ T4272] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  242.723959][ T6742] loop2: detected capacity change from 0 to 8192
[  242.735687][ T4891] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  242.854217][ T4380] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop1 scanned by udevd (4380)
[  242.855128][ T6742] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  242.924148][ T6742] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  242.939725][ T4891] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  242.957432][ T4891] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  242.975026][ T4479] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9
[  242.986419][ T6742] REISERFS (device loop2): using ordered data mode
[  242.997815][ T4891] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.009682][ T6742] reiserfs: using flush barriers
[  243.016228][ T6742] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  243.037989][ T4891] usb 4-1: config 0 interface 0 has no altsetting 0
[  243.053140][ T4891] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.080454][ T6742] REISERFS (device loop2): checking transaction log (loop2)
[  243.098309][ T4891] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.127827][ T6742] REISERFS (device loop2): Using r5 hash to sort names
[  243.153251][ T4891] usb 4-1: config 0 interface 0 has no altsetting 0
[  243.182161][ T6742] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  243.193370][ T4891] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.224722][ T4891] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.316222][ T4891] usb 4-1: config 0 interface 0 has no altsetting 0
[  243.365494][ T4891] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.398903][ T4891] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.457286][ T4891] usb 4-1: config 0 interface 0 has no altsetting 0
[  243.502583][ T4891] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  243.542059][ T4891] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  243.575685][ T6763] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 3726, free_space(entry_count) 2
[  243.600812][ T4891] usb 4-1: config 0 interface 0 has no altsetting 0
[  244.548755][ T6764] loop4: detected capacity change from 0 to 512
[  244.595695][ T4891] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  244.610266][ T6763] REISERFS error (device loop2): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[  244.633655][ T4891] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  244.656708][ T6763] REISERFS (device loop2): Remounting filesystem read-only
[  244.659078][ T4891] usb 4-1: config 0 interface 0 has no altsetting 0
[  244.687195][ T4891] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  244.703598][ T4891] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  244.735281][ T6763] REISERFS error (device loop2): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 3 0x0 SD] stat data
[  244.768763][ T4891] usb 4-1: config 0 interface 0 has no altsetting 0
[  244.777216][ T4891] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  244.808441][ T4891] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  244.908493][ T4891] usb 4-1: config 0 interface 0 has no altsetting 0
[  244.950478][ T4891] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  245.015529][ T4891] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  245.051547][ T4891] usb 4-1: Product: syz
[  245.079528][ T4891] usb 4-1: Manufacturer: syz
[  245.084195][ T4891] usb 4-1: SerialNumber: syz
[  245.141556][ T4732] Bluetooth: hci5: Frame reassembly failed (-84)
[  245.160968][ T4891] usb 4-1: config 0 descriptor??
[  245.225753][ T4891] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  245.257411][ T6780] kernel read not supported for file /' (pid: 6780 comm: syz.1.752)
[  245.305994][   T27] audit: type=1800 audit(1768996071.890:11): pid=6780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.752" name="'" dev="mqueue" ino=41817 res=0 errno=0
[  245.515064][    C1] usb 4-1: yurex_control_callback - control failed: -71
[  245.523218][ T6757] usb 4-1: USB disconnect, device number 11
[  245.640141][ T6757] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  245.949148][ T6755] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  246.153005][ T6755] usb 3-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  246.193483][ T6755] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.323247][ T6755] usb 3-1: config 0 descriptor??
[  246.430949][ T6793] loop1: detected capacity change from 0 to 2048
[  246.543906][ T6793] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  246.613596][ T6797] loop3: detected capacity change from 0 to 4096
[  246.635138][ T6793] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  246.722381][ T6799] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  246.757852][ T4272] EXT4-fs (loop1): unmounting filesystem.
[  247.159118][ T4275] Bluetooth: hci5: command 0x1003 tx timeout
[  247.168189][ T4273] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  247.410003][ T6755] pegasus: probe of 3-1:0.0 failed with error -71
[  247.432498][ T6755] usb 3-1: USB disconnect, device number 11
[  247.447172][ T6814] loop1: detected capacity change from 0 to 16
[  247.499070][ T6814] erofs: (device loop1): mounted with root inode @ nid 36.
[  247.589584][ T6814] erofs: (device loop1): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  247.607064][ T6814] syz.1.761: attempt to access beyond end of device
[  247.607064][ T6814] loop1: rw=0, sector=296, nr_sectors = 8 limit=16
[  247.637941][ T6814] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117]
[  247.656932][ T6814] erofs: (device loop1): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  247.702942][ T6820] erofs: (device loop1): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  247.721281][ T6757] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  247.725988][ T6820] erofs: (device loop1): z_erofs_read_folio: failed to read, err [-117]
[  248.836795][ T6825] loop3: detected capacity change from 0 to 512
[  248.944696][ T6829] loop4: detected capacity change from 0 to 256
[  248.953921][ T6757] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.008127][ T6757] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.019142][ T6757] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  249.112497][ T6757] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  249.158849][ T6757] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.195509][ T6757] usb 1-1: config 0 descriptor??
[  249.314039][ T6836] loop2: detected capacity change from 0 to 64
[  249.807462][ T6757] plantronics 0003:047F:FFFF.000C: No inputs registered, leaving
[  250.906543][ T6757] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  251.170333][ T6757] usb 1-1: USB disconnect, device number 11
[  251.246384][ T6843] loop4: detected capacity change from 0 to 512
[  251.337094][ T6855] process 'syz.1.775' launched '/dev/fd/3' with NULL argv: empty string added
[  251.407304][ T6851] loop0: detected capacity change from 0 to 2048
[  251.561256][ T6854] fido_id[6854]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  251.826190][ T6861] loop1: detected capacity change from 0 to 512
[  251.964116][ T6861] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a802c01c, mo2=0002]
[  252.029326][ T6861] System zones: 0-2, 18-18, 34-35
[  253.143144][ T6861] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  253.152378][ T6861] ext4 filesystem being mounted at /146/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  253.523615][ T4272] EXT4-fs (loop1): unmounting filesystem.
[  253.817634][ T6875] netlink: 24 bytes leftover after parsing attributes in process `syz.1.784'.
[  254.135791][ T6883] loop1: detected capacity change from 0 to 2048
[  254.148487][ T4732] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.290481][ T6883] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  254.344139][ T6883] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.479951][ T4732] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.491883][ T6883] fs-verity: sha512 using implementation "sha512-avx2"
[  254.681506][ T6895] loop0: detected capacity change from 0 to 256
[  254.702376][ T4732] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.743070][ T6895] exfat: Deprecated parameter 'namecase'
[  254.755242][ T4272] EXT4-fs (loop1): unmounting filesystem.
[  254.865295][ T6895] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x544194fd, utbl_chksum : 0xe619d30d)
[  254.936827][ T4732] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.273227][ T6902] loop2: detected capacity change from 0 to 8192
[  255.281159][ T6906] overlayfs: failed to decode file handle (len=5, type=248, flags=0, err=-22)
[  255.360328][ T6902] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  255.466046][ T6902] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  255.539396][ T6902] REISERFS (device loop2): using ordered data mode
[  255.545989][ T6902] reiserfs: using flush barriers
[  255.642112][ T6902] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  255.696581][ T6902] REISERFS (device loop2): checking transaction log (loop2)
[  255.725291][ T6902] REISERFS (device loop2): Using r5 hash to sort names
[  255.765828][ T6902] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  255.841125][ T6902] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  255.930247][ T6902] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  255.995869][   T27] audit: type=1800 audit(1768996082.580:12): pid=6902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.792" name="bus" dev="loop2" ino=4 res=0 errno=0
[  256.024622][ T4275] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  256.037110][ T4275] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  256.046131][ T4275] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  256.057145][ T4283] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  256.064908][ T4275] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  256.072584][ T4275] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  256.278263][ T6929] netlink: 4 bytes leftover after parsing attributes in process `syz.1.802'.
[  256.349678][ T6929] batman_adv: batadv0: Adding interface: macsec1
[  256.398580][ T6929] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  256.424163][    C0] vkms_vblank_simulate: vblank timer overrun
[  256.513072][ T6929] batman_adv: batadv0: Not using interface macsec1 (retrying later): interface not active
[  256.854770][ T6948] netlink: 16 bytes leftover after parsing attributes in process `syz.1.809'.
[  256.886412][ T6948] device bond0 entered promiscuous mode
[  256.899043][ T6948] device bond_slave_0 entered promiscuous mode
[  256.915787][ T6948] device bond_slave_1 entered promiscuous mode
[  256.935833][ T6948] device bond0 left promiscuous mode
[  256.990096][ T6948] device bond_slave_0 left promiscuous mode
[  257.013532][ T6948] device bond_slave_1 left promiscuous mode
[  257.068058][ T6958] loop3: detected capacity change from 0 to 16
[  257.163057][ T6958] erofs: (device loop3): mounted with root inode @ nid 36.
[  257.273070][ T4710] hid-generic 0000:0000:0000.000D: unknown main item tag 0xd
[  257.299432][ T4710] hid-generic 0000:0000:0000.000D: unknown main item tag 0x2
[  257.307046][ T4710] hid-generic 0000:0000:0000.000D: item fetching failed at offset 8/83
[  257.359192][ T4710] hid-generic: probe of 0000:0000:0000.000D failed with error -22
[  257.470664][ T6966] netlink: 'syz.1.815': attribute type 10 has an invalid length.
[  257.549190][ T6966] 8021q: adding VLAN 0 to HW filter on device batadv0
[  257.578009][ T6966] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  258.119261][ T4275] Bluetooth: hci3: command 0x0409 tx timeout
[  258.171489][ T6922] chnl_net:caif_netlink_parms(): no params data found
[  258.633680][   T27] audit: type=1326 audit(1768996085.220:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6995 comm="syz.0.822" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3f1bd9acb9 code=0x0
[  258.800270][ T4732] device hsr_slave_0 left promiscuous mode
[  258.813718][ T4732] device hsr_slave_1 left promiscuous mode
[  258.887239][ T4732] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  258.910189][ T4732] batman_adv: batadv0: Removing interface: batadv_slave_0
[  258.940642][ T4732] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  258.979046][ T4732] batman_adv: batadv0: Removing interface: batadv_slave_1
[  259.000931][ T4732] device bridge_slave_1 left promiscuous mode
[  259.024646][ T4732] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.047027][ T4732] device bridge_slave_0 left promiscuous mode
[  259.057774][ T4732] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.162049][ T4732] device veth1_macvtap left promiscuous mode
[  259.169561][ T4732] device veth0_macvtap left promiscuous mode
[  259.175931][ T4732] device veth1_vlan left promiscuous mode
[  259.209127][ T4732] device veth0_vlan left promiscuous mode
[  259.400400][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  259.406751][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  259.985527][ T7025] loop3: detected capacity change from 0 to 32768
[  260.056407][ T7025] XFS (loop3): Mounting V5 Filesystem
[  260.093596][ T7025] XFS (loop3): Ending clean mount
[  260.184745][ T4280] XFS (loop3): Unmounting Filesystem
[  260.209025][ T4275] Bluetooth: hci3: command 0x041b tx timeout
[  260.345807][ T7030] loop0: detected capacity change from 0 to 32768
[  260.376642][ T7030] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9
[  260.592441][ T4479] BTRFS error: device /dev/loop0 already registered with a higher generation, found 8 expect 9
[  261.127677][ T4732] team0 (unregistering): Port device team_slave_1 removed
[  261.184923][ T4732] team0 (unregistering): Port device team_slave_0 removed
[  261.243497][ T4732] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  261.304142][ T4732] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  261.786027][ T4732] bond0 (unregistering): Released all slaves
[  261.974719][ T7014] netlink: 12 bytes leftover after parsing attributes in process `syz.1.825'.
[  261.996543][ T7051] bridge0: port 3(vlan3) entered blocking state
[  262.027981][ T7051] bridge0: port 3(vlan3) entered disabled state
[  262.044927][ T7051] device vlan3 entered promiscuous mode
[  262.051797][ T7051] device syz_tun entered promiscuous mode
[  262.065608][ T6922] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.078954][ T6922] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.115548][ T6922] device bridge_slave_0 entered promiscuous mode
[  262.135800][ T7058] ieee802154 phy0 wpan0: encryption failed: -22
[  262.179116][ T6922] bridge0: port 2(bridge_slave_1) entered blocking state
[  262.187111][ T6922] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.204009][ T6922] device bridge_slave_1 entered promiscuous mode
[  262.279080][ T4275] Bluetooth: hci3: command 0x040f tx timeout
[  262.297075][ T6922] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  262.396254][ T6922] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  262.492198][ T7065] loop3: detected capacity change from 0 to 2048
[  262.555233][ T7069] loop2: detected capacity change from 0 to 256
[  262.573242][ T7065] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  262.606148][ T6922] team0: Port device team_slave_0 added
[  262.664842][ T6922] team0: Port device team_slave_1 added
[  262.707431][ T7065] UDF-fs: warning (device loop3): udf_truncate_tail_extent: Too long extent after EOF in inode 1367: i_size: 3200 lbcount: 4096 extent 56+4096
[  262.786626][ T6922] batman_adv: batadv0: Adding interface: batadv_slave_0
[  262.828101][ T6922] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  262.950071][ T6922] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  262.993671][ T6922] batman_adv: batadv0: Adding interface: batadv_slave_1
[  263.057329][ T6922] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  263.113384][ T6922] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  264.340592][ T7087] netlink: 12 bytes leftover after parsing attributes in process `syz.0.850'.
[  264.358889][ T4275] Bluetooth: hci3: command 0x0419 tx timeout
[  264.411453][ T6922] device hsr_slave_0 entered promiscuous mode
[  264.452174][ T6922] device hsr_slave_1 entered promiscuous mode
[  264.786428][ T7099] loop2: detected capacity change from 0 to 128
[  264.837370][ T7099] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  264.880685][ T7099] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  264.904366][ T7060] loop1: detected capacity change from 0 to 32768
[  265.048072][ T7060] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  265.107544][ T7060] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  265.426387][ T7060] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  265.453569][ T6922] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  265.489041][ T6755] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  265.505279][ T6755] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  265.516805][ T6922] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  265.607295][ T6922] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  265.635819][ T6922] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  265.656201][ T6755] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 150ms
[  265.704500][ T6755] gfs2: fsid=syz:syz.0: jid=0: Done
[  265.742126][ T7060] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  265.777525][ T7060] gfs2: fsid=syz:syz.0: can't start logd thread: -4
[  266.097128][ T6922] 8021q: adding VLAN 0 to HW filter on device bond0
[  266.160442][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  266.174764][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  266.233877][ T6922] 8021q: adding VLAN 0 to HW filter on device team0
[  266.265880][ T6012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  266.295165][ T6012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  266.320855][ T6012] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.328088][ T6012] bridge0: port 1(bridge_slave_0) entered forwarding state
[  266.410575][ T6012] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  266.439767][ T4895] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  266.474740][ T4895] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  266.486664][ T7114] loop3: detected capacity change from 0 to 32768
[  266.508379][ T4895] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.515721][ T4895] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.571407][   T27] audit: type=1800 audit(1768996093.160:14): pid=7114 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.856" name="file1" dev="loop3" ino=7 res=0 errno=0
[  266.650031][ T4732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  266.693068][ T4732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  266.754658][ T4732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  266.830374][ T4732] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  266.856232][ T4732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  266.889955][ T4732] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  266.931625][ T4732] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  266.945096][ T7144] loop1: detected capacity change from 0 to 1024
[  266.960219][ T4732] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  266.979450][ T7144] EXT4-fs: Ignoring removed orlov option
[  266.990115][ T4732] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  267.021137][ T4732] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  267.060250][ T7144] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  267.097258][ T4732] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  267.112302][ T6922] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  267.195752][ T7152] loop2: detected capacity change from 0 to 16
[  267.250471][ T7152] erofs: (device loop2): mounted with root inode @ nid 36.
[  267.323932][ T7152] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  267.348937][ T4272] EXT4-fs (loop1): unmounting filesystem.
[  267.448814][ T7152] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -23 in[64, 4032] out[1851]
[  267.500964][ T7152] erofs: (device loop2): z_erofs_read_folio: failed to read, err [-117]
[  268.957854][ T7176] loop2: detected capacity change from 0 to 512
[  269.340886][ T6922] 8021q: adding VLAN 0 to HW filter on device batadv0
[  269.349333][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  269.358788][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  269.529909][ T7185] device syzkaller1 entered promiscuous mode
[  270.159254][ T7190] netlink: 24 bytes leftover after parsing attributes in process `syz.0.870'.
[  270.244083][ T7171] loop1: detected capacity change from 0 to 32768
[  270.318903][ T7171] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.865 (7171)
[  270.389506][ T7171] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  270.418017][ T7171] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  270.469939][ T7171] BTRFS info (device loop1): enabling auto defrag
[  270.495816][ T7171] BTRFS info (device loop1): disabling auto defrag
[  270.533925][ T7171] BTRFS info (device loop1): max_inline at 0
[  270.558770][ T7171] BTRFS info (device loop1): enabling ssd optimizations
[  270.584482][ T7171] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8)
[  270.628371][ T7171] BTRFS info (device loop1): use lzo compression, level 0
[  270.668806][ T7171] BTRFS info (device loop1): using free space tree
[  270.916672][ T7171] BTRFS error (device loop1): open_ctree failed: -12
[  271.000575][ T7227] loop3: detected capacity change from 0 to 1024
[  271.113696][ T7227] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  271.128293][ T7227] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  271.419835][ T7238] loop2: detected capacity change from 0 to 2048
[  271.517009][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  271.533311][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  271.554774][ T7238] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  271.623092][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  271.633123][ T7238] UDF-fs: Scanning with blocksize 512 failed
[  271.648374][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  271.703188][ T7238] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  271.710010][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  271.770967][ T5269] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  271.840992][ T6922] device veth0_vlan entered promiscuous mode
[  271.878072][ T6922] device veth1_vlan entered promiscuous mode
[  271.999481][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  272.014168][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  272.059609][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  272.066996][ T6012] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm kworker/u4:15: bg 0: block 112: padding at end of block bitmap is not set
[  272.087885][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  272.119645][ T6922] device veth0_macvtap entered promiscuous mode
[  272.160435][ T6922] device veth1_macvtap entered promiscuous mode
[  272.179523][ T6012] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 2048 with error 117
[  272.216487][ T6012] EXT4-fs (loop3): This should not happen!! Data will be lost
[  272.216487][ T6012] 
[  272.229802][ T6922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  272.247888][ T7249] loop0: detected capacity change from 0 to 1764
[  272.264776][ T6922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.297839][ T6922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  272.323719][ T6922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.355546][ T6012] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2088 with max blocks 892 with error 28
[  272.368572][ T6922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  272.380101][ T6922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.396576][ T6012] EXT4-fs (loop3): This should not happen!! Data will be lost
[  272.396576][ T6012] 
[  272.425044][ T6922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  272.437024][ T6012] EXT4-fs (loop3): Total free blocks count 0
[  272.452117][ T6012] EXT4-fs (loop3): Free/Dirty block details
[  272.458238][ T6922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.470256][ T6012] EXT4-fs (loop3): free_blocks=0
[  272.476854][ T6922] batman_adv: batadv0: Interface activated: batadv_slave_0
[  272.511634][ T6012] EXT4-fs (loop3): dirty_blocks=912
[  272.523814][ T6012] EXT4-fs (loop3): Block reservation details
[  272.570683][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  272.599771][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  272.608263][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  272.639766][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  272.667270][ T6922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.702359][ T6922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.718989][ T6922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.735425][ T6922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.775935][ T6922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.804314][ T6922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.820460][ T7262] loop3: detected capacity change from 0 to 1024
[  272.837105][ T6922] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  272.850327][ T7262] EXT4-fs: Ignoring removed orlov option
[  272.866560][ T6922] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  272.890355][ T6922] batman_adv: batadv0: Interface activated: batadv_slave_1
[  272.914549][ T7262] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  272.942816][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  272.952102][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  272.968245][ T6922] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  273.064745][ T6922] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  273.105612][ T6922] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  273.136685][ T6922] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  273.164426][ T4280] EXT4-fs (loop3): unmounting filesystem.
[  273.563289][ T4896] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.680737][ T4896] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  273.751033][ T6012] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  273.773596][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  273.784244][ T6012] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.043742][ T4896] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  274.908376][ T7275] loop2: detected capacity change from 0 to 32768
[  274.981949][ T7275] 
[  274.981949][ T7275]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  274.981949][ T7275] 
[  275.034858][ T7303] loop0: detected capacity change from 0 to 8192
[  275.078586][    T9] ERROR: (device loop2): diWrite: ixpxd invalid
[  275.078586][    T9] 
[  275.190225][    T9] ERROR: (device loop2): txCommit: 
[  275.190225][    T9] 
[  275.213839][ T7311] ERROR: (device loop2): diWrite: ixpxd invalid
[  275.213839][ T7311] 
[  275.224992][    T9] jfs_write_inode: jfs_commit_inode failed!
[  275.256109][ T7311] ERROR: (device loop2): txCommit: 
[  275.256109][ T7311] 
[  275.369219][ T7275] 
[  275.369219][ T7275]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  275.369219][ T7275] 
[  275.449014][ T7275] 
[  275.449014][ T7275]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  275.449014][ T7275] 
[  275.600738][ T7300] loop1: detected capacity change from 0 to 32768
[  275.612161][ T7317] netlink: 24 bytes leftover after parsing attributes in process `syz.5.896'.
[  275.672307][ T4267] 
[  275.672307][ T4267]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  275.672307][ T4267] 
[  275.711407][ T4267] 
[  275.711407][ T4267]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  275.711407][ T4267] 
[  275.719225][ T7300] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  275.829032][ T4891] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  276.023956][ T4891] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  276.055385][ T4891] usb 1-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[  276.099921][ T4891] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.155554][ T4891] usb 1-1: config 0 descriptor??
[  276.266630][ T4272] ocfs2: Unmounting device (7,1) on (node local)
[  276.425057][ T7307] loop3: detected capacity change from 0 to 40427
[  276.479741][ T7307] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  276.517529][ T7307] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  276.564201][ T7307] F2FS-fs (loop3): invalid crc value
[  276.592131][ T4891] wacom 0003:056A:0015.000E: Unknown device_type for 'HID 056a:0015'. Assuming pen.
[  276.644629][ T7307] F2FS-fs (loop3): Found nat_bits in checkpoint
[  276.689609][ T4891] wacom 0003:056A:0015.000E: hidraw0: USB HID v9.14 Device [HID 056a:0015] on usb-dummy_hcd.0-1/input0
[  276.766064][ T4891] input: Wacom Graphire4 4x5 Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:0015.000E/input/input10
[  276.922698][ T7307] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  276.942648][ T4891] usb 1-1: USB disconnect, device number 12
[  276.960420][ T7307] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  277.252420][ T7349] loop2: detected capacity change from 0 to 128
[  277.281634][ T7349] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  277.504724][ T7355] UDF-fs: error (device loop2): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  277.507340][ T7346] fido_id[7346]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  278.501278][ T7362] loop5: detected capacity change from 0 to 128
[  278.515532][ T7362] FAT-fs (loop5): Directory bread(block 162) failed
[  278.524035][ T7362] FAT-fs (loop5): Directory bread(block 163) failed
[  278.531188][ T7362] FAT-fs (loop5): Directory bread(block 164) failed
[  278.537978][ T7362] FAT-fs (loop5): Directory bread(block 165) failed
[  278.545153][ T7362] FAT-fs (loop5): Directory bread(block 166) failed
[  278.586303][ T7362] FAT-fs (loop5): Directory bread(block 167) failed
[  278.612732][ T7362] FAT-fs (loop5): Directory bread(block 168) failed
[  278.647125][ T7362] FAT-fs (loop5): Directory bread(block 169) failed
[  279.014661][ T7375] loop2: detected capacity change from 0 to 256
[  279.521701][ T7365] loop0: detected capacity change from 0 to 32768
[  279.579265][ T7365] (syz.0.907,7365,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  279.635565][ T7365] (syz.0.907,7365,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  279.695163][ T7387] loop2: detected capacity change from 0 to 8192
[  279.721490][ T7365] JBD2: Ignoring recovery information on journal
[  279.778571][ T7393] netlink: 24 bytes leftover after parsing attributes in process `syz.3.914'.
[  279.815292][ T7387] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  279.844045][ T7387] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  279.875954][ T7365] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  279.898523][ T7401] loop5: detected capacity change from 0 to 24
[  279.904135][ T7387] REISERFS (device loop2): using ordered data mode
[  279.936368][ T7401] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  280.000672][ T7387] reiserfs: using flush barriers
[  280.057042][ T7387] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  280.119202][ T7401] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  280.160762][ T7387] REISERFS (device loop2): checking transaction log (loop2)
[  280.426115][ T7365] 
[  280.428494][ T7365] ======================================================
[  280.435531][ T7365] WARNING: possible circular locking dependency detected
[  280.442586][ T7365] syzkaller #0 Not tainted
[  280.447017][ T7365] ------------------------------------------------------
[  280.454047][ T7365] syz.0.907/7365 is trying to acquire lock:
[  280.459950][ T7365] ffff888071f1a378 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_init_acl+0x307/0x770
[  280.469511][ T7365] 
[  280.469511][ T7365] but task is already holding lock:
[  280.476888][ T7365] ffff8880552e20e8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x3a4/0x6f0
[  280.487188][ T7365] 
[  280.487188][ T7365] which lock already depends on the new lock.
[  280.487188][ T7365] 
[  280.497604][ T7365] 
[  280.497604][ T7365] the existing dependency chain (in reverse order) is:
[  280.506723][ T7365] 
[  280.506723][ T7365] -> #4 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  280.515263][ T7365]        down_read+0x42/0x2d0
[  280.519967][ T7365]        ocfs2_start_trans+0x3a4/0x6f0
[  280.525443][ T7365]        ocfs2_mknod+0xf77/0x25b0
[  280.530492][ T7365]        ocfs2_create+0x1b6/0x4b0
[  280.535521][ T7365]        vfs_create+0x2db/0x460
[  280.540372][ T7365]        do_mknodat+0x3a1/0x4d0
[  280.545223][ T7365]        __x64_sys_mknod+0x8a/0xa0
[  280.550440][ T7365]        do_syscall_64+0x4c/0xa0
[  280.555375][ T7365]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  280.561890][ T7365] 
[  280.561890][ T7365] -> #3 (sb_internal#4){.+.+}-{0:0}:
[  280.569375][ T7365]        ocfs2_start_trans+0x2a5/0x6f0
[  280.574850][ T7365]        ocfs2_mknod+0xf77/0x25b0
[  280.579880][ T7365]        ocfs2_create+0x1b6/0x4b0
[  280.584904][ T7365]        vfs_create+0x2db/0x460
[  280.589920][ T7365]        do_mknodat+0x3a1/0x4d0
[  280.594772][ T7365]        __x64_sys_mknod+0x8a/0xa0
[  280.599878][ T7365]        do_syscall_64+0x4c/0xa0
[  280.604834][ T7365]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  280.611244][ T7365] 
[  280.611244][ T7365] -> #2 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}:
[  280.621762][ T7365]        down_write+0x36/0x60
[  280.626440][ T7365]        ocfs2_reserve_local_alloc_bits+0x11e/0x2700
[  280.633111][ T7365]        ocfs2_reserve_clusters_with_limit+0x1b6/0xc10
[  280.639950][ T7365]        ocfs2_mknod+0xf15/0x25b0
[  280.644967][ T7365]        ocfs2_create+0x1b6/0x4b0
[  280.650003][ T7365]        vfs_create+0x2db/0x460
[  280.654875][ T7365]        do_mknodat+0x3a1/0x4d0
[  280.659743][ T7365]        __x64_sys_mknod+0x8a/0xa0
[  280.664951][ T7365]        do_syscall_64+0x4c/0xa0
[  280.669886][ T7365]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  280.676293][ T7365] 
[  280.676293][ T7365] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}:
[  280.686807][ T7365]        down_write+0x36/0x60
[  280.691492][ T7365]        ocfs2_reserve_suballoc_bits+0x16d/0x4810
[  280.697914][ T7365]        ocfs2_reserve_new_metadata_blocks+0x412/0x9a0
[  280.704897][ T7365]        ocfs2_init_xattr_set_ctxt+0x314/0x7b0
[  280.711086][ T7365]        ocfs2_xattr_set+0xc3b/0x13e0
[  280.716452][ T7365]        __vfs_setxattr+0x3e0/0x420
[  280.721661][ T7365]        __vfs_setxattr_noperm+0x129/0x5e0
[  280.727465][ T7365]        vfs_setxattr+0x167/0x2e0
[  280.732489][ T7365]        setxattr+0x346/0x360
[  280.737164][ T7365]        path_setxattr+0x147/0x290
[  280.742276][ T7365]        __x64_sys_setxattr+0xb7/0xd0
[  280.747732][ T7365]        do_syscall_64+0x4c/0xa0
[  280.752680][ T7365]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  280.759101][ T7365] 
[  280.759101][ T7365] -> #0 (&oi->ip_xattr_sem){++++}-{3:3}:
[  280.766938][ T7365]        __lock_acquire+0x2d07/0x7d10
[  280.772363][ T7365]        lock_acquire+0x1bb/0x4a0
[  280.777429][ T7365]        down_read+0x42/0x2d0
[  280.782196][ T7365]        ocfs2_init_acl+0x307/0x770
[  280.787393][ T7365]        ocfs2_mknod+0x15e8/0x25b0
[  280.792505][ T7365]        ocfs2_create+0x1b6/0x4b0
[  280.797523][ T7365]        path_openat+0x1181/0x2ee0
[  280.802633][ T7365]        do_filp_open+0x1f1/0x430
[  280.807661][ T7365]        do_sys_openat2+0x150/0x4b0
[  280.812851][ T7365]        __x64_sys_creat+0x8c/0xb0
[  280.817956][ T7365]        do_syscall_64+0x4c/0xa0
[  280.822908][ T7365]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  280.829342][ T7365] 
[  280.829342][ T7365] other info that might help us debug this:
[  280.829342][ T7365] 
[  280.839562][ T7365] Chain exists of:
[  280.839562][ T7365]   &oi->ip_xattr_sem --> sb_internal#4 --> &journal->j_trans_barrier
[  280.839562][ T7365] 
[  280.853653][ T7365]  Possible unsafe locking scenario:
[  280.853653][ T7365] 
[  280.861099][ T7365]        CPU0                    CPU1
[  280.866452][ T7365]        ----                    ----
[  280.871821][ T7365]   lock(&journal->j_trans_barrier);
[  280.877127][ T7365]                                lock(sb_internal#4);
[  280.884414][ T7365]                                lock(&journal->j_trans_barrier);
[  280.892214][ T7365]   lock(&oi->ip_xattr_sem);
[  280.896796][ T7365] 
[  280.896796][ T7365]  *** DEADLOCK ***
[  280.896796][ T7365] 
[  280.904933][ T7365] 8 locks held by syz.0.907/7365:
[  280.909945][ T7365]  #0: ffff888028924460 (sb_writers#18){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90
[  280.919185][ T7365]  #1: ffff888071f1a648 (&type->i_mutex_dir_key#16){++++}-{3:3}, at: path_openat+0x7d2/0x2ee0
[  280.929627][ T7365]  #2: ffff888071d65108 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16d/0x4810
[  280.943297][ T7365]  #3: ffff888071d642c8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16d/0x4810
[  280.956986][ T7365]  #4: ffff888067aa89c8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}, at: ocfs2_reserve_local_alloc_bits+0x11e/0x2700
[  280.970923][ T7365]  #5: ffff888028924650 (sb_internal#4){.+.+}-{0:0}, at: ocfs2_mknod+0xf77/0x25b0
[  280.980161][ T7365]  #6: ffff8880552e20e8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x3a4/0x6f0
[  280.990873][ T7365]  #7: ffff8880536f4990 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x200f/0x2230
[  281.000539][ T7365] 
[  281.000539][ T7365] stack backtrace:
[  281.006413][ T7365] CPU: 1 PID: 7365 Comm: syz.0.907 Not tainted syzkaller #0
[  281.013694][ T7365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  281.023745][ T7365] Call Trace:
[  281.027036][ T7365]  <TASK>
[  281.030003][ T7365]  dump_stack_lvl+0x188/0x24e
[  281.034739][ T7365]  ? load_image+0x400/0x400
[  281.039320][ T7365]  ? show_regs_print_info+0x12/0x12
[  281.044630][ T7365]  ? print_circular_bug+0x12b/0x1a0
[  281.049962][ T7365]  check_noncircular+0x296/0x330
[  281.055008][ T7365]  ? add_chain_block+0x940/0x940
[  281.060100][ T7365]  ? _find_first_zero_bit+0xcf/0x100
[  281.065536][ T7365]  ? add_lock_to_list+0x191/0x280
[  281.070673][ T7365]  __lock_acquire+0x2d07/0x7d10
[  281.075587][ T7365]  ? verify_lock_unused+0x140/0x140
[  281.080806][ T7365]  ? __lock_acquire+0x7d10/0x7d10
[  281.085972][ T7365]  ? do_raw_spin_lock+0x128/0x2f0
[  281.091085][ T7365]  lock_acquire+0x1bb/0x4a0
[  281.095676][ T7365]  ? ocfs2_init_acl+0x307/0x770
[  281.100712][ T7365]  ? __might_sleep+0xd0/0xd0
[  281.105319][ T7365]  ? read_lock_is_recursive+0x10/0x10
[  281.110697][ T7365]  ? trace_ocfs2_claim_new_inode_at_loc+0x240/0x240
[  281.117371][ T7365]  ? dquot_alloc_inode+0x14c/0xa20
[  281.122580][ T7365]  down_read+0x42/0x2d0
[  281.126738][ T7365]  ? ocfs2_init_acl+0x307/0x770
[  281.131589][ T7365]  ocfs2_init_acl+0x307/0x770
[  281.136285][ T7365]  ? ocfs2_mknod_locked+0x155/0x290
[  281.141486][ T7365]  ? ocfs2_acl_chmod+0x330/0x330
[  281.146446][ T7365]  ? dquot_alloc_inode+0x889/0xa20
[  281.151660][ T7365]  ? dquot_alloc_inode+0x14c/0xa20
[  281.156884][ T7365]  ? ocfs2_block_signals+0x97/0xe0
[  281.162111][ T7365]  ? ocfs2_init_security_get+0x135/0x1a0
[  281.167783][ T7365]  ocfs2_mknod+0x15e8/0x25b0
[  281.172385][ T7365]  ? ocfs2_mkdir+0x4b0/0x4b0
[  281.177027][ T7365]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  281.182935][ T7365]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  281.188849][ T7365]  ? ocfs2_inode_unlock+0xa1/0x140
[  281.193977][ T7365]  ? __lock_acquire+0x7d10/0x7d10
[  281.199000][ T7365]  ? __rwlock_init+0x140/0x140
[  281.203793][ T7365]  ? _raw_spin_unlock+0x24/0x40
[  281.208810][ T7365]  ? do_raw_spin_unlock+0x11d/0x230
[  281.214005][ T7365]  ? rcu_is_watching+0x11/0xa0
[  281.218861][ T7365]  ? ocfs2_lookup+0x4c9/0xa70
[  281.223565][ T7365]  ocfs2_create+0x1b6/0x4b0
[  281.228074][ T7365]  ? ocfs2_update_inode_fsync_trans+0x200/0x200
[  281.234314][ T7365]  ? rwsem_write_trylock+0x135/0x1c0
[  281.239600][ T7365]  ? ocfs2_lookup+0xa70/0xa70
[  281.244361][ T7365]  ? inode_permission+0xef/0x480
[  281.249301][ T7365]  ? bpf_lsm_inode_create+0x5/0x10
[  281.254417][ T7365]  ? security_inode_create+0xb3/0x100
[  281.259793][ T7365]  ? ocfs2_lookup+0xa70/0xa70
[  281.264468][ T7365]  path_openat+0x1181/0x2ee0
[  281.269073][ T7365]  ? do_filp_open+0x430/0x430
[  281.273755][ T7365]  do_filp_open+0x1f1/0x430
[  281.278516][ T7365]  ? vfs_tmpfile+0x480/0x480
[  281.283105][ T7365]  ? _raw_spin_unlock+0x24/0x40
[  281.287952][ T7365]  ? alloc_fd+0x58f/0x630
[  281.292283][ T7365]  do_sys_openat2+0x150/0x4b0
[  281.296970][ T7365]  ? do_sys_open+0xe0/0xe0
[  281.301386][ T7365]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  281.307432][ T7365]  ? lock_chain_count+0x20/0x20
[  281.312282][ T7365]  __x64_sys_creat+0x8c/0xb0
[  281.316874][ T7365]  do_syscall_64+0x4c/0xa0
[  281.321403][ T7365]  ? clear_bhb_loop+0x60/0xb0
[  281.326086][ T7365]  ? clear_bhb_loop+0x60/0xb0
[  281.330762][ T7365]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  281.336650][ T7365] RIP: 0033:0x7f3f1bd9acb9
[  281.341150][ T7365] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  281.360848][ T7365] RSP: 002b:00007f3f19ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  281.369259][ T7365] RAX: ffffffffffffffda RBX: 00007f3f1c015fa0 RCX: 00007f3f1bd9acb9
[  281.377226][ T7365] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00002000000002c0
[  281.385276][ T7365] RBP: 00007f3f1be08bf7 R08: 0000000000000000 R09: 0000000000000000
[  281.393287][ T7365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  281.401255][ T7365] R13: 00007f3f1c016038 R14: 00007f3f1c015fa0 R15: 00007ffce47a6e38
[  281.409231][ T7365]  </TASK>
[  281.435328][ T7413] loop1: detected capacity change from 0 to 256
[  281.454191][ T7387] REISERFS (device loop2): Using tea hash to sort names
[  281.495975][ T7387] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  281.508529][ T4710] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  281.547268][ T4710] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  282.038268][ T4268] ocfs2: Unmounting device (7,0) on (node local)