last executing test programs:

1m35.492295674s ago: executing program 2 (id=175):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xbd, 0x16, 0xf, 0x40, 0x8086, 0x110, 0xbfad, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa0, 0x12, 0x24}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)

1m33.740217575s ago: executing program 2 (id=183):
openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_udp_int(r0, 0x11, 0xb, &(0x7f0000000200)=0x6, 0x4)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x4e24, @empty}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000300)={@local, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x68, 0x0, 0x0, 0x88, 0x0, @remote, @local}, {0xfffe, 0x4e24, 0x4d, 0x0, @wg=@initiation={0x1, 0x4, "497a1d08fd3d0ee007022798bb6374ed840b4f36f41fc4d035e9ebe414aa958d", "4bbef5e4007898221aa606d083cd59745493938f1e2de8fdadd3823fedd2c01b2aff03050a4ca5d10fd1b6b06f47ea42", "ef7c9d6a98e3943f6892078bb952854743fe4dddd2e7c0ce70a4ac7d", {"a851525b16af17fe87acbae2ab0b233d", "01422d01cd53c3abe94331d0b7918724"}}}}}}}, 0x0)

1m33.529953808s ago: executing program 2 (id=185):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000040)='./file1\x00', 0x800852, &(0x7f0000000100)={[{@nossd_spread}, {@compress_force_algo={'compress-force', 0x3d, 'zstd'}}, {@nossd_spread}, {@discard_sync}, {@clear_cache}, {@space_cache_v1}, {@acl}, {@nodiscard}]}, 0xfb, 0x50f9, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlURxcZek8ULdmxTYhQiYxPRCEFpg5R8KMIoimo+QK1ARFJAuEhxhMojoioKIFBoDVEQKSWJSBOkUM3ee2bvnLvz8GONl/5+knfOzP887zw859475wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP8Ph75y1d82iz/82/Oefu7Cicv2rrvw5WvOO/3xECZnH+/Iwh3919868fM7z71r731rbrvnyPkf7M3L5fEwUP3Tmd+5LtZ6ZGkI93aE0J0GVg5mgZ78/mCs712DIZwW5gK1ElP9WYm04fD9vhD2h7lArarv9YUwWAhc8MRDD95YTdzSF8KyEEIlbePZStZGXxo4qzcL9KeBbd1Z4FdvZGqB73ZmAThu8c1Qe9EfnKzPMDJ/uQavv54T1rE3Vzq8rpgYaZzvZ+sWuFMFvekDk8f1tJWqY0GU3h6HvNsWwbuttJ1v9rQVv0jl31DemAtVQufmqS0br5zZFR/pDGNjXY1qWqDn+alXv7TpaNKL5nUYOzByQl6HNz227M6uFZ969J6Vy1488KF9Lx1vN39U2KTF9EKrhPw1t2iex2jC58kiePuVviWN+tIVQtjy+d/7dLN4af4/0nz+H1/O8bazLnes9fWhbG4eHxmMiVeGsrk5AAAALBqLYa/ptrEHPlYoPlxJ6ivN/0fbO/4fD/nnk/lstIdCmJhN7BsO4YzZx7PAHbG5S4ZDeO9sarI+sC4JHArhnbOJFbWqkhJLYonRJPCToTwwkQQOx8BkEvhWDNycBK6LgYNJYFMMHEoC58ZAmK4fx+8P5eNoO9AXAxuyjXgwnoXwi6HYWrKtnqlVBQAAcILks8Oe+ruFcx2ON0OcXh7sa5UhnoHdMEMlqSGdwdamVQ1r6G5VQ2erGmrj3tN8+KWaO1rVXDoNo6M+w62//JvPhCZK8//x5vP/yjwd6Sgd/w9h/ezfmLszj8zU4hsm6zIAAAAAx2Hgf5//ZrN4af4/0d75/3GfSFchc3gk7obYOhzCeH0gq/YPy4HsqPdAHgAAAIDFoHY8vnYsfDq/zU7RTufT5fyTR5k/HvifmDd/76H7NzTrb2n+P9ne+f/99bdZJw7HXnxtOIQlhcAPYi+rgVmjMfDjj9cH8vEfjhvghlhVfmJCraobYokNMTCeBPY3KvHDWokz6gP5k1VrfF9tHNN5iUIAAAAATrq4OyAel4/n/7/vN2uualauNP/fcHTn/8/Og0un988MhLCqO4Su9IcBj/RnCwPGwGBHnnigP6urK63q2v4QzqkOLK3q+Xz9/+50jcEn+rKqYuCM9x149axq4pt9IawqBp783O0friZ2JYFa43/ZF8J7qqNNG//OkqzxnrTxry8J4d2FQK2qS5aEUG2sN63qoUp+HYO0qn+uhPC2QqBW1UcqIewOACxS8b/SzcUHd+6+euvGmZmpHQuYiPvw+8KW6ZmpsU3bZjZXGvRpc9LnumWMri2Pqd0r3zyTL1H02bvXD7aTrv1OcLzYVr4fv3TiYH4/fhfqmR3nmp66u2vTIX/g/eUmQuGbVKMhdy7wkPuLlcw9iaX6Y/7eMBCWXLlzasfYFzfu2rVjdfa33exrsr/xMFO2rVan26p/vr618fJouFpW4li31fJiJat2Xb591c7dV6+cvnzjpVOXTl2x+iNrxs8eXzv+0bNXVUc1nv1tMdTl81WdDPWN29sc1wkc6pndhUpOxqeGhITEYktsG1je9P/k0vx/e/P5f/zUiZ/8+foMjY7/j8TD/Nnjc4f5N8TA/naP/480OppfOzFgNAnsiYE9DvMDAADw1hAn+XFvZtwr/dMV33mxWbnS/H9Pe7//P0Hr/9eWrj+/0TL/K2KJ8Ubr/6fL/NfW/9/TaP3/dJn/2vr/+9+E9f+vrAWSTfIL6/8DAABvBSdv/f+Wy/unFwgoZWi5vH96gYBShpbL+Ld7gYCjXv//2f/8q/8OTZTm/ze3N/+3cD8AAACcOr78Z1f9TrN4af6/v735/8lf/y80Ov9/tFFgstHCgNb/AwAAYJFqtP7fyPX9FzcrV5r/H2xv/h9Pu+isyx1rfX0oW9MupGvavTJU+8kAAAAALA6dYWysp828dSujrjv2Np/KlwJtli56/k+OHN35/4fam//X/S7jpseW3dm14lOPvn7PymUvHvjQvpfmjv8DAAAAC6fd/RIAAAAAAAAAAAAAAMCb7/n/2Lu2Wbz0+/+wfvbxRr//j9f9i78veHtd7lhr6/X/8vsXfPKu3bNLFj4yFML7i4Gte7eeFvJr8y8vBh68aMU7qom9aYn7nzv3hWri4jTwiZWnv1ZNnJMENsRFEt+ZBuJVFV9bmgTi8or/ngbi9jiYBnrzwFeXZuPoSLfVTwezbdWRbqunB0MYLgRq2+rewayNjnSAtySB2gC/kAbiAP88D3SmvbprIOtVDAzGorcNZL0CAOCUFb8F9oQt0zNT4/ErfLw9s7v+NqpbsuzacrUdbTb/TL402WfvXj/YTror/S46d63xnlCpDmF16etqMUvH7ChPTC0tNt3bGwy51WpvnQ3KpY520/U2HlFfNqKxTdtmNve0HPja1lnWdLfMsro02Slm6ZzdpG3U0kZf2hhRm9umjS7H+51hbKwryfUHMTgS6rR6RbT7e/3iOn+NXgXFPFcc2ferZvWV5v8j7c3/K8VxvZZfDGBPvLLe3w1b5h8AAAAW1lfX/fob8d9nrn/4yWZ5S/P/0fbm/3EPVn4oONvbcShe/3/fcAizl9YfyQJ3xOYuGQ7hvbOpyVgiu6D++bHEeBa4I+4wWRFLbJisr2pJDBxMAj8ZygOHksDhGMj3UhwI+a6cvx8K4cOzqfX1JbbHEiNJ4NMxMJoExmJgPAksjYGJJPDy0jwwmQT+LQbCdP22untpvq0AAACORj7P6qm/G9J53sHuVhk6WmXob5Whs1WGSqsMjUYR7387ZuhJTl7pKGTqSWvtS2opZYgXwz/qfpUyhB/W50wLlpqO5x/UzjfoqM9w38e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qeze1+Kp46Mx8OOP1wfyHQOH42T3hlpVk3mJfNJ+QywxEQOjSWB7DEwkgQ3r88D+d9QH8pl2rfF9tcan8xKFAAAAAJx0cQdB3E0T5/+37fzKQLNypfn/RHvz/9jeQLGx62KtR5aGcG/HXG9qgZWDWSDuxxiMP49/12AIpxV2cNRKTPVnJXqThsP3+7JfqPemVX2vL/vxQbx/wRMPPXhjNXFLXwjLCntfam08W8na6EsDZ/Vmgf40sK07C8Q9P7XAdzuzABy32l7B+ILKT3WpGZm/XIPX31vlmqDp8Er7QOfJN99vrhZKaYdrvk+15uietqb7bzlhSm+PQ95ti/HdNuLdVvwilX9DeWMuVAmdm6e2bLxyZld8pPhL1pIFep6Lv1JtJ30CXod7jr23rVXSDownHx/j85eb/3XYEau76bFld3at+NSj96xc9uKBD+17qe1uNBB/KPzQNf86+KPC5l1olZC/5hbd58mkz5NF8d9A8u4e9bSFENa//PUbmsVL8//J9ub/3cntrF/HjblzOIQPFDbuI3Hz//Fw9jlYCGSfkm8rB7JD7v811PCTEwAAAE602u6O2v6C6fw2OyE8nSeX808eZf64v2Ji3vzt9rv/ry9a1ixemv9vaD7/X5J00/F/x/9ZII7/z+tU3xW9JH1gz3Htii5Vx4Jw/H9ep/q7zfH/eTn+7/j/fBz/b8Hx/3md6k9b6VvSdl+6Qggv/tEDTzeLl+b/29ub/1v/b/5F+2rr/21otP7f9kbr/+2x/h8AALCgGiw0l87zSqv3lTKkq/eVMrRcILDlEoPW/zvq9f9eOPPZ34QmSvP/Pe3N/+PLYaDY+mJZ/290fYOqbo6B7RYGBAAA4FTUaAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb677/uF/NjeLP/zb855+7sKJy/auu/Dla847/fEQpmcf78jCHf3X3zrx8zvPvWvvfWtuu+fI+R+s5OV68tvfrcsda319KIT9hUcGY+KVoeqducAFn7xrd3c18chQCO8vBrbu3XpaNfGtoRCWFwMPXrTiHdXE3rTE/c+d+0I1cXEa+MTK01+rJs7JAx1pd/9xadbdjrS7Ny4NYbgQqHX3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4ZwQQnda1XO9WVXd6cgf782qioEz3nfg1bOqif29IawqBp783O0fria+kARqjf9Fbwjvqb5k0sa/3ZM13pM2fktPCO8OIfSmJX7ZnZXoTUs83x3C2wqBWuOf7w5hd+AtIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kvSpkY5C+o1rj33sz7z6pU3V28/evX6wnXR3Xq5ntstreururj3Vex/71V+sZO75KNUf8/eGgbDkyp1TO8a+uHHXrh2rs7/tZl+T/e3Ko9m2Wr1YttXyYiWrdl2+fdXO3VevnL5846VTl05dsfoja8bPHl87/tGzV1VHNZ79PRFDvf3kD/XM7kIlJ+MDQEJCYrElOus+3cZP9Q/y0hf9uY72hMrsB3RpWlHM0jE7yhMx6HXHOOJj+Z7SckSrSxOHUpY182S5tj7L2tJkYq6WvizL7Pe60uSw2Fjn7CaN9zvD2FhXo+0wUn+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRg9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//7IeJCA=")
openat(0xffffffffffffff9c, 0x0, 0x143042, 0xd1)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x101002, 0x0)
sendfile(r0, r1, 0x0, 0x20fffe82)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r2, 0x1, 0x8e13, 0x8ffff)

1m31.529153724s ago: executing program 2 (id=193):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9101)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0/../file0/../file0/../file0/file0\x00')

1m29.037524238s ago: executing program 2 (id=202):
r0 = memfd_create(&(0x7f00000000c0)='-B\xd5N4\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\x8a\xd7Uw\x00\xbc\xa92\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x19\xea\xef\xe3\xe1@\x84\x13\xefZb:\x8f\t\x01B\xec\xde\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@Ip]D\xd6\r\xac\v#co\xd5\xb9\xc806\xa8\x99\xffs7\xa1b1\xb1;i)j\x0e\x1e\xedI\xa2\x80\x89\x1d\xd9p!\xc86s\xe07(\xee\xf9<\"\xf0\xc8\xae\x96J\xe2]\x01\x86\xb7.<\xf5N\xd3\x94W1\xff\x18z>\xa7q,\xf7\x96\xb8{\x8e\xbf4\xe0\x95\x1ce\xe4\x85\xcdi\xed\xd3>\xeb\xa5\xaf\x87\x90@\xd1\xbd`^\xfa\xb6\x9cj\x13/\xc5\\W\x04\br\x17X\xe3\xfb\xc8\xd4\xaeX\xc9s\xd18\xd9L\xbf\xa0\xa6\xdf2\a\x99i\xb1/\x19@\x1cq\xeb?\xc1z:\x913\xfa8\xac\xd3q\xe4vPGU', 0x1)
r1 = dup(r0)
r2 = dup(r0)
r3 = fanotify_init(0x1, 0x101000)
fanotify_mark(r3, 0x1, 0x800103a, r2, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1m28.564748306s ago: executing program 2 (id=207):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937e, &(0x7f00000019c0)={{0x1, 0x1, 0x1018, r0}, './file1\x00'})

1m28.034321936s ago: executing program 32 (id=207):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937e, &(0x7f00000019c0)={{0x1, 0x1, 0x1018, r0}, './file1\x00'})

1m8.81899621s ago: executing program 4 (id=323):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="05000000070000000800000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x6f)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000340)='\\', 0x1}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

1m8.435115972s ago: executing program 4 (id=324):
socket(0x28, 0x5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r0 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0xcd1d, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x1}, 0x1)
syz_io_uring_submit(r1, r2, &(0x7f00000003c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x20, 0x0, @fd_index=0x5, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001000)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
io_uring_enter(r0, 0x26c3, 0xdffffffb, 0x0, 0x0, 0x0)

1m8.346367528s ago: executing program 4 (id=325):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000500), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000)
write$vhost_msg(r0, &(0x7f0000000100)={0x1, {&(0x7f00000007c0)=""/194, 0xc2, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000200)={0x2, 0x0, {&(0x7f00000000c0)=""/35, 0x23, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000040)={0x2, 0x0, {&(0x7f0000000180)=""/13, 0xd, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg(r0, &(0x7f0000000640)={0x1, {&(0x7f0000000400)=""/234, 0xfede, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f00000008c0)={0x2, 0x0, {&(0x7f0000000580)=""/38, 0x26, 0x0, 0x1, 0x3}}, 0x48)

1m8.116583671s ago: executing program 4 (id=326):
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
syz_mount_image$iso9660(&(0x7f0000000940), &(0x7f0000000980)='./file0\x00', 0x4c8, &(0x7f0000000340)={[{@sbsector={'sbsector', 0x3d, 0x7fffffff}}, {@check_strict}, {@session={'session', 0x3d, 0x49}}, {@sbsector={'sbsector', 0x3d, 0x3}}, {@sbsector={'sbsector', 0x3d, 0xffffffffffffffff}}, {@showassoc}, {@mode={'mode', 0x3d, 0xfffffffffffffffc}}, {@overriderock}, {@nocompress}, {@iocharset={'iocharset', 0x3d, 'macgaelic'}}, {@sbsector={'sbsector', 0x3d, 0x76}}, {@iocharset={'iocharset', 0x3d, 'cp863'}}, {@iocharset={'iocharset', 0x3d, 'none'}}, {@nojoliet}, {@session={'session', 0x3d, 0x27}}], [{@pcr={'pcr', 0x3d, 0x1a}}, {@permit_directio}]}, 0x0, 0x936, &(0x7f00000009c0)="$eJzs3U9vG2kZAPBn3Jhms6tul3a3aTjsaNugUEFqu2pL1Qtp7KRenBglqbQrLgGaRVUjFrEglRWHIiFOVHBAHODWI6eKvewJ5VNw4NIPwKXilFtWM3Yap7HjNErjbPr7SePxzDzzPs/4Hc+r/LEn+Drb2NjIp30u3/nnYRbL0XOr+vTxk0fZ9PuH8Y04EVeTLyOGIyKNGIqI0YjidHWhOdenofsRyxGxFpFExMlozfdkOZI/x1tby2uR/CPLy6u3wWtt0OcfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcRcl0tVQqJ9Goz9/5KO0tvwX4Lts322sWssdCs2/eiCSbYnh481bfo2e2Nr+bPXwQ51pL5/IbksdwfP7me6dvnhkqbO6/S0GH4rPffn7/J6urK78adCEDMlubry8263NTs7W0vthMb1y7Vrp8e2Yxnak3aosfLy7V5tLphdrUUnMhnZj+Tlq+ceNKWpv8uHlnfrY61ahtrrz+vUqpdC39cPJHtamFxeb85Q8nF6dv1xuN+vxsHpNtzmKuZyfiD+tL6VJtai5NP7m3unKlX5FZUHkvQZV+QZVSpVIuVyrla1dvXL1eKg3tWFF6QeyIGPxJy2Ad+DUc9mujPf4DAAAAx1eS/449+/m/mP8ePomZeqNWGnRZAAAAwAHK//J/LpsVI+KN9lo//wMAAMBx0v8zdn0jku/G+VbE+but+d12xL9O5hEjM/VGbXK62bhZjm8//7Rf99aK+b8fXIqxVtTYSGs+0o5qf3JwOIsqFzoP5FsTF7LZhYkukZXJm+W4FO1P3qS7RF7JIgHguPugz3i8l/H/Uoy3IsbHssE0hsa6jKwlIysAHBXPv8HmFT4Z9DECANsZpQEAAAAAAAAAAAAAAAAAAAAAAAAAAODgHcb3/3viiSdftyeDvjIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALyekogT3dYXIk5GRCkiLh9+Va/Ow0EXMGDJeqzHgzg16DoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI6b9vf/F6I1f7O1KoYKEeMRsRwRPx50jfvS9a4GEeuHXcdgDb+4ouP7/7M+j40khlrdHklxurrQnMu6P7/3Q+Hp4yePsmk/ibMGsgzbuqGdofde7+R7jVRXPrv/609/mVZv5UXeWpppVOdmF36wFfhe8kVEGq1p02a9vxv/9192dn/yRXake8s7k+et7sx7rtvenXl7H1s391ZXKlmmpdpHS7/5xb0HHZu+GWMRFyYiJrZn+nk29cg0FsXdsiXPkj8mp+JvsZz3f/ZqJBtJ1kVv58f/xif3Vlcmf/bp6t1tNW21eTpGI+Lu9tOqT02j+fWkq/ysKxSzrKU8KHs426e9XXW0WO7xur4T5yNi5KWO4XzvY8j1ed3bFV3pUdGZeP+le/r9Phm7Sp4l/01ux3/iDx33/yhk/T8ee3l3ZjF5ZMeZ0jOy0IrMj7yya5s935XsT2G3jX+Kn8b3n/d/oeP63+6rw7kedWQ8pPdFPiKdfWFEal99eu3TrvNsK6pHne/GxYihsZe6olzsc0XZuX9xr8fZW/Is+XsyEf+Ph+7/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHH1JxIlu6wsR4xFxOiLezpbTiI2DyFcYSeJ/pw6ipf15OLjUR0KyHuvxIAbYAwAAAAAAAAAcpFvVp4+fPMqmJFs8EReTLyOGW3/pH4qI08lfi9PVheZcn4aKEcsRsbaPGrL94q2t5bVsaXQfDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcGx9FQAA///j1rXV")
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333c06, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r0, &(0x7f0000002d40)={0x2020}, 0x2020)

1m7.434637371s ago: executing program 4 (id=329):
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
mkdir(&(0x7f0000002880)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1adc51, 0x0)
chroot(&(0x7f00000001c0)='./file0/../file0/../file0\x00')
pivot_root(&(0x7f0000000000)='./control\x00', &(0x7f0000000040)='./control\x00')

1m6.916770101s ago: executing program 4 (id=331):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r1, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=@newtfilter={0x24, 0x2c, 0x200, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xb, 0xfffb}, {0xffec, 0x1}, {0x9, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x24004890}, 0x0)

1m6.205419312s ago: executing program 33 (id=331):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x7}, 0x4)
setsockopt$packet_int(r1, 0x107, 0x16, &(0x7f0000000000)=0x4, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=@newtfilter={0x24, 0x2c, 0x200, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xb, 0xfffb}, {0xffec, 0x1}, {0x9, 0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x24004890}, 0x0)

1m2.760363842s ago: executing program 0 (id=344):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r0, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x4, 0x3, 0x3}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000600)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x3, {0x1, 0x0, 0x4}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000001180)='n', 0x1}], 0x1}, 0x20000801)

1m2.403556422s ago: executing program 0 (id=345):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x61)
syz_mount_image$fuse(0x0, &(0x7f00000002c0)='./bus\x00', 0x322020, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x70a, &(0x7f00000232c0)="$eJzs3V+P21gZBvDnJJkkk0JVAapWVbdzOmWlqRhSJ7NNFRUkjHOSMSRxZHtgRkJaFTqDRs0UaItEc9PODX+k5Qtwtzdc8CFW4oKr/RZwBdIKhIR2BUJGPraTTOJkJm3a2aXPb7Qb5/j18etjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU/Ki2FdyMJm7OW+dKuF5AhP+gWMRbUfFbXxmFXA7/tY6r0berKIYfRQwuXL5098u5TLL8nIRfBBat8PHTwYN7/f7+ozPEZrFw9ecJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJYV3vl41jJr8TiHa0QDKnrVtt9t2t6VjwtlhzB35/g+iAGV2pDw47O9vjeXzLK2Nw6BKSvKZ8eAwqHra5laNarVSqVYrtdv123cMIzdVYISEMYSpiKUftHSeMvHxusAiyzt5E72kjNX4j/FnAbRRRBc72IVM/bHQgAsHnRnzY0n//84tNXe94/1/0suvjGZfge7/r0Xfrs3q/2fkIiH1AmlzxIzyxX5WdEYSj/EUAzzAPfTRxz4eLaFuCbn20jXkjbgll5LPzJ8WFLqw4cGBjQ5MtPBFyLhEoo4aajDwHrbRhAeJJmy0oeBhDx58qPCIyoeZKpjw4cCFxAYs3IREBXXUsQUJhTL24GAHXbTQgIlPgiA4wKFu9604n+cpW40kqDJjIwrIJcfdPqpztnZW///DZ9HScf9vsP9/U0XHQSH6+GheDNFnQBBf/y9o7dVkQ0RERERERESvgtC/fRf6r/JvAwjQtNvKOBFTOLfsiIiIiIiIiGgZBIICrkJEd+XjbYjp638iIiIiIiIi+nwT+hk7AaCkb+oXo8elzvJLgOxrSJGIiIiIiIiIXpJ+8v9aHgj0Xf5rEAtd/xMRERERERHR58Cvx8bYz2XjMXaD5M/6GQBrfymID/9egLsijnu7XxVHZjjHPIpjpu4A8JtXxMV4oF79kQegv1nqqojXJoF/Jb99CH18kD7W//MgIoRwJxLIZ8crmJGACNdcy8Xf8D6uR4tcj8eZvz/IQM+JRhQuNe22KltO+24Fpnkx46td/+cPD38BuMPtPDjs75d/9JP+fZ3LcVh0fBRW+uxEOpn0xhjl8kSPt6CfuUgb3XgVzWSVv+l2SkKv10i2PwvzKDO+onk7oLYKRFv5S6xH+2w9iGJLg+GI+wJY04M/VMp6l53YendFjLKoTG552o6YseVFncWNKObGxo3oI2mTsJ6MKH4tC1TLk/sgTHQsi+p4Fqe3hfjHRPvPzwKiGLbFVpjFH8OKJtri+x9GC2/1dpPhMc6SxdRRQER0Xg5GvZAexHxqjP2ke0hOamfvd5AD4rPcjN59tJYg7j+S3v3J74Koh8oCufhvE+lrSfoVhGf0DaHryUcDuueupJzRjfKnQRCYF4sYP6P/NwiSDTIW6N2OgyCYPKP/YfQOpDjtqSz+HQTB3YruSX470at+EC7wwcz1eu1qFkUU8OTop/gkmb3/4/2H1epWzXjXMG5XsaL/VyH+yIJ9DxERTTn9HTs6IjMnQryL61Ed1+//7Z1o6kSP96X4lgLtFtDHfWwmrxBYS6+1hAN885/RbQib0VUrsF6KPksDefnS3fCqdhh7KHL6DS+bM6/qdGcZxerbG6rD2OS9Q5NXgKPYrVe8F4iIiF6v9Rn9MHCi/8fJ/r94ov/fxEYUsXEl9bq7NHZL4WZydTy8pB9cOE6NrZye/LeW3BhERERvCOV+LEr+r4Tr2r33KvV6xfS3lXQd67vStRstJe2ur1xr2+y2lOy5ju9YTlv2XBTsVeVJb6fXc1xfNh1X9hzP3tVvfpfxq9891TG7vm15vbYyPSUtp+ubli8btmfJ3s6327a3rVy9sNdTlt20LdO3na70nB3XUmUpPaXGAu2G6vp20w4nu7Ln2h3T3ZPfc9o7HSUbyrNcu+c7UYXJuuxu03E7utoygoVfdEhERPT/6PHTwYN7/f7+o8mJ1fDSPCo5xoyY6Yl8SoUcI4iIiOgzZtRdL7BQ8RUmREREREREREREREREREREREREREREREREU05/pG/BiZW0hwWBYcnPLsYleI7RI4ZT9Qi8bD6fun/SA/u9yOKZYYkAcIalkkciBg8+mhO8OixJmn885niRDHEJeOH2+esXgAu6BFFJbokHwPTzo0s/xtImvnEQteisGD0zdVZhuC9yy//PIZx4+PvpWSJs+SAIgvmLF062Yf7sx3MOwKP8nF2wesrx87rPRET0uv0vAAD//ySOL9Y=")
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

1m2.118544449s ago: executing program 0 (id=347):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.controllers\x00', 0x275a, 0x0)
writev(r0, &(0x7f0000000080)=[{&(0x7f00000017c0)="1feb4e96e4a71fdc2e89eb3d54dd74a1a7ff26a2bdf45214c099237178fe16ffe1065dc4321eda71b732165e369a97387d35ed14a4c39aa261e9ffe1f9f4fc04b4b2b47e0e361d3c0a30c143dcfaebf4e8066a221adb374d0000000000", 0x5d}, {&(0x7f00000002c0)="df68106855", 0x5}, {&(0x7f0000000240)="c94c50ea88", 0x5}], 0x3)
write$binfmt_script(r0, &(0x7f0000000040), 0x18a3c85)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x77)
r2 = accept$alg(r1, 0x0, 0x0)
sendfile(r2, r0, 0x0, 0x4)

1m0.959184406s ago: executing program 0 (id=355):
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f0000000000), 0x2, 0xbbf, &(0x7f0000000c00)="$eJzs3M9rXNUeAPDvvZlM0zbvTfp4PF7f5kVEWhCnSSXFFsFWKm5cCLoVGtJJCZn+IInUpFlM9B8QdS24EdSiuLDrbhTdutF2q7gQisRGQUQjd34kscmkqZ3JjennA2fuOffcmfP9zmXmngNzJ4AH1mD2kEYcjIgzSUSpuT+NiGK91hdRaxy3tDg/9vPi/FgSy8sv/JBEEhG3F+fHWq+VNLf7m42+iPjy6ST+9dr6cadn5yZHq9XKVLN9ZOb8pSPTs3OPTZwfPVc5V7kwfOyJkaMjx4aOj3Qs11++OXntp4ee/a726/u/Xf3xzXeTOBn9zb61eXTKYAyuvCdrFSJitNOD5aSnmc/aPJPCXZ6UdjkoAADaStfM4f4TpeiJ1clbKT79KtfgAAAAgI5Y7olYBgAAAHa5xPofAAAAdrnW7wBuL86PtUq+v0jYXrdORcRAI/+lZmn0FKJW3/ZFb0Tsu53E2ttak8bT7ttgRHx78/hHWYku3Ye8mdpCRPx3o/Of1PMfqN/FvT7/NCKGOjD+4B3tv1P+Jzswft75A/Bgun6qcSFbf/1LV+Y/scH1r7DBteuvyPv615r/La2b/63m39Nm/vf8Fse48t7bl9v1Zfk/ee2ZD1slGz/b3ldS9+DWQsT/Chvln6zkn7TJ/8wWxyj9frnSri/v/JffiTgUG+ffkmz+/0RHxieqlaHG44ZjLHwx8kG78fPOPzv/+9rk3/r/p3bn/9IWx3jp9OmP1+28uVrdPP/0+2LyYr1WbO55ZXRmZmo4opg8t37/0c1jaR3Teo0s/8MPb/753yj/7Duh1nwfsrXAQnObtV+9Y8ynrl75pF08rfVfnuf/bJvzvzb/zwvrz//rWxzjkc/eONyub+36NyvZ+K21MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0pBHRH0laXqmnabkcsT8i/h370urF6ZlHxy++fOFs1hcxEL3p+ES1MhQRpUY7ydrD9fpq++gd7ccj4kBEvFXaW2+Xxy5Wz+adPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACv2R0R/JGk5ItKIWCqlabmcd1QAAABAxw3kHQAAAADQddb/AAAAsPtZ/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBlB/5//UYSEbUTe+slU2z29eYaGdBtad4BALnpyTsAIDeFvAMAcnOPa3zTBdiFkrv097Xt2dPxWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYuQ4dvH4jiYjaib31kik2+3pzjQzotnSrBy4vdzcQYNv1bNZZ2L44gO3nIw4PLmt8ILlLf9/qMbU/9+zpWkwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7Dz99ZKk5YgoNveVyxH/iIiB6E3GJ6qVoYj4Z0R8Xerdk7WHc44ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzpuenZscrVYrU1kljWZlZY/KaiVpvGO1nRKPyn1WirEjwtihlby/mQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyMP07NzkaLVamZrOOxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgb9Ozc5Oj1WplqouVvHMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/fwQAAP//Wj4Mcg==")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000880)=@loop={'/dev/loop', 0x0}, &(0x7f0000000840)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14113e, 0x6ceac77f206eabb9)
write$binfmt_script(r1, &(0x7f0000000080), 0x208e24b)
r2 = fcntl$dupfd(r0, 0x0, r0)
write$binfmt_register(r2, &(0x7f0000000100)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x4, 0x3a, '#! ', 0x3a, '/dev/loop', 0x3a, './file1'}, 0x33)

59.795044493s ago: executing program 0 (id=359):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000001c0), 0x12)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r3, r2, 0x0, 0x3a)

58.236803513s ago: executing program 0 (id=362):
openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
munmap(&(0x7f00002d2000/0x4000)=nil, 0x4000)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x8000, 0x1000}, 0x20)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

57.405304992s ago: executing program 34 (id=362):
openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
munmap(&(0x7f00002d2000/0x4000)=nil, 0x4000)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x8000, 0x1000}, 0x20)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

3.582641602s ago: executing program 6 (id=606):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f0000000100)='./bus\x00', 0x20020, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000780)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r0, &(0x7f0000002780)={0x2020}, 0x5ecfb203)

3.201076994s ago: executing program 6 (id=608):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x141600, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r1 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x94d7, 0x0, 0x0, 0x97})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x0, 0x0, 0x2)

2.618864358s ago: executing program 5 (id=609):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f0000000300)=<r3=>0x0)
bind$nfc_llcp(r1, &(0x7f0000001040)={0x27, r3, 0xffffffffffffffff, 0x5, 0x0, 0x0, "d92984bd1ca44c226bf5160e961711a077609475b784f50327e422000000000000000000000200000000001900000000000000000000000000003500", 0x3c}, 0x60)
close(r2)
close_range(r0, 0xffffffffffffffff, 0x0)

2.615762518s ago: executing program 1 (id=617):
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000000)={0x43, 0x4, 0x0, 0x3}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000003c0), r2)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000980)={0x30, r3, 0x1, 0x3, 0x100000, {{}, {}, {0x14, 0x19, {0x3, 0x1, 0x1, 0x734}}}}, 0x30}, 0x1, 0x0, 0x0, 0x24008000}, 0x9084)

2.439130188s ago: executing program 6 (id=611):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000580)={[{@nombcache}, {@errors_remount}, {@resgid}, {@acl}, {@bsdgroups}, {@acl}]}, 0x1, 0x788, &(0x7f0000001b00)="$eJzs3M9rHGUYAOB3ptmmP6IbwYNeqtBCC6WbpLm0J+NFvBQKBa81JJsQMsmW7KYmsdDUmyDU5qIiiN49ehVK/QO8SUHBuyC2xoN6WdnNZtumu9ttu+m28Xlgst83O9+87zuz+TIDmQ3gf+vN2o8kYigizkdEvrE+jYj99daBiPWt7TbvXpmqLUlUqxf+SGrDYrOab+4rabwejvqQeC0ibuUiTn70cNzy6tr8ZJYVlxr9kcrCpZHy6tqpuYXJ2eJscXFs/OzomfHxM6PjPav12HtnD9748Z2NjZ++q1w/MnAqiYl63dGorWeB7rN1THIxsWP94m4E66Oki20GnkEeAAB0VrvO39e4NstFPvZ1ukpzAQcAAAAvpOpgtVv/dL0lAAAA8JxJot8ZAAAAALtr+/8Atp/t3a3nYNv5/e2IGG4Vf6D+DHHEgchFxKHN5IHHD5KtYfBU1q9FxM2JFp+/bp5o7mz0XvNgb/ZIr92szT8TreaftDn/RIv5Z2D7uxOeUvv57178fW3mv/Ndxvj+q9dzbeNfK698fKRV/KQZP2kT//0u41/f+ORGu/eq30Qcb/n3J3kgVofvhxiZmcta/Wo1073174nb7euPOPRQ/CSpR00613+pq+rvxIebf86vd4h/4mjn878Vf/CBcbXPxKeNPNKIuNF4rfU3dsQ4uvDzDw9HTta340+3Of6tz/+7zfq/7qr+iF+/HVzpclMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoSyNiKJK00GynaaEQcTgiXo1DaVYqV07OlJYXp2vvRQxHLp2Zy4qjEZHf6ie1/li9fa9/ekd/PCJe+eXgVtC5rFiYKmXT/S4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACApsMRMRRJWoiINCL+yqdpodDvrAAAAICeG+53AgAAAMCuc/8PAAAAe9+T3v8nPc4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2NPOnztXW6qbd69M1frTl1eX50uXT00Xy/OFheWpwlRp6VJhtlSazYqFqdLCo/aXRsTY2VheGakUy5WR8uraxYXS8mLl4tzC5GzxYjH3TKoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgcQ3VlyQtRERab6dpoRDxUkQMRy6ZmcuKoxHxckTczucGa/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAz5VX1+Yns6y49GI3qnurnK4bkUQ8B2m0aXzROCudtknWI/qeatpI9Gn2E/E4o64+4rB0bhxo5Lt7h+WNPsxFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0X3l1bX4yy4pL5X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH+lvyURUVuO548N7Xx3f/J3vv4aER98eeGzlclKZWmstv5Oc33l88b60/cNvPosawAAAIA9763H2Xj7Pn37Ph4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBb5dW1+cksKy7tYiOu9btKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgSfwXAAD//x8Yt0k=")
r0 = open(&(0x7f0000000100)='./file1\x00', 0x109042, 0x88)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)='2', 0x1, 0x8000c61)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x8004587d, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x4, 0x0, 0x85c, 0x5})
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000580)={0x1, &(0x7f0000000780), 0x0}, 0x20)
fallocate(r0, 0x10, 0x0, 0x7000000)

2.335988914s ago: executing program 1 (id=613):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0x4, 0x4, 0x390, 0xffffffff, 0x1e8, 0x118, 0x0, 0xfeffffff, 0xffffffff, 0x2c0, 0x2c0, 0x2c0, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xf0, 0x118, 0x0, {}, [@common=@hbh={{0x48}, {0x4, 0x6, 0x1, [0x10, 0x0, 0x1, 0x4, 0x2, 0x4, 0x58ba, 0xffff, 0x6f, 0x0, 0x7, 0x1, 0x5, 0x2, 0x6b, 0x8], 0x4}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x5}}}, {{@ipv6={@loopback, @dev={0xfe, 0x80, '\x00', 0x24}, [0x0, 0xff, 0xff, 0xffffff00], [0x42710ab262b9efc4, 0xff, 0xff, 0xff], 'vcan0\x00', 'pim6reg1\x00', {}, {}, 0x2b, 0x1, 0x5}, 0x0, 0xa8, 0xd0}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x2, 0x6}}}, {{@ipv6={@private0, @loopback, [0xff, 0x0, 0xff000000], [0x0, 0xff, 0xff000000, 0xffffff00], 'team0\x00', 'batadv_slave_0\x00', {0xff}, {}, 0x32, 0x79, 0x4, 0x44}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x2, 0x3898, 0x1000}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef)

2.307165296s ago: executing program 5 (id=614):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000453000/0x18000)=nil, 0x0, 0x0, 0x20, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000000200))

2.100222288s ago: executing program 3 (id=615):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x6, 0x10, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x800000e2, 0x0, 0x0, 0x0, 0x2000000}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8006}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5c298795369ca04f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000800)={r1, r3, 0x25, 0x0, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x40)
syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@multicast, @local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x4, 0x3e, 0x66, 0x0, 0x7, 0x2, 0x0, @private=0xa010102, @local}, {0x11, 0xff, 0x0, @empty}}}}}, 0x0)

1.865492161s ago: executing program 3 (id=616):
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8000}, 0x8)
r0 = syz_open_dev$media(&(0x7f0000000040), 0x4, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r0, 0x80047c05, &(0x7f0000000080))
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r1, &(0x7f00000027c0)=[{{&(0x7f0000001080)={0xa, 0x4e22, 0x1, @private2={0xfc, 0x2, '\x00', 0x4}, 0xe1}, 0x1c, &(0x7f00000010c0)=[{&(0x7f00000011c0)="02", 0x1}], 0x1}}], 0x1, 0x405c040)
shutdown(r1, 0x1)
getsockopt$bt_hci(r1, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000001180)=0xfd9)

1.860807372s ago: executing program 1 (id=618):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1df)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x4028, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x20045a, &(0x7f0000000200)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@verity_on}]})
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x1000)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x20400, 0x20)
fdatasync(r0)

1.833441383s ago: executing program 6 (id=619):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000006040), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000006080)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000006180)={0x0, 0x0, &(0x7f0000006140)={&(0x7f0000000000)={0x44, r2, 0x11, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x1, 0xfffffffc}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x1}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'pimreg\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040}, 0x20004014)

1.788805336s ago: executing program 5 (id=620):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0xa, @ipv4={'\x00', '\xff\xff', @remote}, 0x80b0}, 0x1c)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x1}]}, 0x10)
bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e20, 0x4000b, @empty, 0x80ad}, 0x1c)

1.645621614s ago: executing program 5 (id=621):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x141600, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r1 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x94d7, 0x0, 0x0, 0x97})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x0, 0x0, 0x2)

1.602132007s ago: executing program 3 (id=622):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = epoll_create1(0x80000)
r2 = fcntl$dupfd(r0, 0x406, r0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000040)={0x40000000})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x10000014})
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo/4\x00')
read$FUSE(r3, &(0x7f0000000480)={0x2020}, 0x2020)

1.386545659s ago: executing program 3 (id=623):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r2, 0x0, &(0x7f0000000300)=<r3=>0x0)
bind$nfc_llcp(r1, &(0x7f0000001040)={0x27, r3, 0xffffffffffffffff, 0x5, 0x0, 0x0, "d92984bd1ca44c226bf5160e961711a077609475b784f50327e422000000000000000000000200000000001900000000000000000000000000003500", 0x3c}, 0x60)
close(r2)
close_range(r0, 0xffffffffffffffff, 0x0)

1.38557257s ago: executing program 1 (id=624):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="09000000070000000000010003"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000100)=ANY=[], 0x0)

1.348511892s ago: executing program 6 (id=625):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x200816, &(0x7f0000000080)={[{@nombcache}]}, 0x9, 0xbaf, &(0x7f0000002f00)="$eJzs3M1rXOUaAPDnnEy+c5v0crn3tggGpCqK07QpFbpqXYsKunDZmExKyPTDJIIJXaR1ry5EXBSkf4Lg3m5cCS7qQutfUMQiRTdtFyNnPtKxk5mm6cwcE38/eHPe97wn8zxPTmfOe2BOA/jHms5+pBGHIuJsEjFZ359GxFC1NxKxWTvu/t3L81lLolJ5+7ckkoi4d/fyfOO1kvp2vD4YiYibryXx749a466ubyzPlcullfr46Nr5S0dX1zdeWTo/d650rnThxOyrJ2ZPzs52sdbbl9774pkf3nj+6vWPZ978/MB3SZyOifpccx3dMh3TW3+TZoWImOt2sJwM1OtprjMp5JgQAAAdpU1ruP/GZAzEw8XbZHz7Y67JAQAAAF1RGYioAAAAAPtc4v4fAAAA9rnG9wDu3b0832j5fiOhv+6ciYipWv2N55trM4XYrG5HYjAixn5Povmx1qT2a09tOov09felrEWPnkPuZPNKRPx/u/OfVOufqj7F3Vp/GhEzXYg//ch4L9V/ugvxn6z+4S5EBICIG2dqF7LW61+6tf6Jba5/hW2uXbuR9/W/sf6737L+e1j/QJv131s7jHH4wUs32801r//e/eTnhSx+tn2qop7AnSsRhwvb1Z9s1Z+0qf/sDmOMz9++1m4uqz+rt9H6XX/lesSR6mqutf6GpNP/T3R0calcmqn93Ob11092jt98/rOWxW/cC/RDdv7HYnfn/9IOY0z979dD7eYeX3/6y1DyTrU3VN/z4dza2sqxiKHk9db9xzvn0jim8RpZ/S8+1/n9v1392WfCZv3vkP3ruVLfZuOrj8QcP3L8q93X31tZ/Qu7PP+f7jDGl99ce7/dXN71AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALA3pBExEUla3OqnabEYMR4R/4mxtHxxde3lxYsfXFjI5iKmYjBdXCqXZiJisjZOsvGxav/h+Pgj49mIOBgRn02OVsfF+YvlhbyLBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMt4RExEkhYjIo2IPybTtFjMOysAAACg66byTgAAAADoOff/AAAAsP+13P8X/jIa6WcuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7EsHn71xK4mIzVOj1ZYZqs8N5poZ0Gvpzg4b63UeQP8N5J0AkJtCU79SqVRyTAXoM/f4QPKY+ZG2M8NdzwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAv68XDt24lUTE5qnRassM1ecGc80M6LU07wSA3Ax0mkweuwPYwwp5JwDkxj0+UFvZP6jUtM6PtP3N4aeOCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDeMVFtSVqMiLTaT9NiMeJfETEVg8niUrk0ExEHIuKnycHhbHws76QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoutX1jeW5crm0oqOj08XOaPQt1mj9zdzmmOH2Ux06OX8wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQi9X1jeW5crm0spp3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDeVtc3lufK5dJKDzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DAAA///6CAm5")
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0)
sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8090}, 0x20000000)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)

1.20958083s ago: executing program 1 (id=626):
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040)={[0x2]}, 0x8, 0x800)
r1 = fanotify_init(0x0, 0x40000)
fanotify_mark(r1, 0x445, 0x1011, r0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = eventfd2(0x0, 0x0)
io_setup(0x3, &(0x7f0000000080)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000300)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x7, 0x0, r2, 0x0}])

1.121371385s ago: executing program 5 (id=627):
r0 = socket$unix(0x1, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000200)=0x80000000, 0x4)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r0, 0x0, 0x0)

1.051423509s ago: executing program 3 (id=628):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000580)={[{@nombcache}, {@errors_remount}, {@resgid}, {@acl}, {@bsdgroups}, {@acl}]}, 0x1, 0x788, &(0x7f0000001b00)="$eJzs3M9rHGUYAOB3ptmmP6IbwYNeqtBCC6WbpLm0J+NFvBQKBa81JJsQMsmW7KYmsdDUmyDU5qIiiN49ehVK/QO8SUHBuyC2xoN6WdnNZtumu9ttu+m28Xlgst83O9+87zuz+TIDmQ3gf+vN2o8kYigizkdEvrE+jYj99daBiPWt7TbvXpmqLUlUqxf+SGrDYrOab+4rabwejvqQeC0ibuUiTn70cNzy6tr8ZJYVlxr9kcrCpZHy6tqpuYXJ2eJscXFs/OzomfHxM6PjPav12HtnD9748Z2NjZ++q1w/MnAqiYl63dGorWeB7rN1THIxsWP94m4E66Oki20GnkEeAAB0VrvO39e4NstFPvZ1ukpzAQcAAAAvpOpgtVv/dL0lAAAA8JxJot8ZAAAAALtr+/8Atp/t3a3nYNv5/e2IGG4Vf6D+DHHEgchFxKHN5IHHD5KtYfBU1q9FxM2JFp+/bp5o7mz0XvNgb/ZIr92szT8TreaftDn/RIv5Z2D7uxOeUvv57178fW3mv/Ndxvj+q9dzbeNfK698fKRV/KQZP2kT//0u41/f+ORGu/eq30Qcb/n3J3kgVofvhxiZmcta/Wo1073174nb7euPOPRQ/CSpR00613+pq+rvxIebf86vd4h/4mjn878Vf/CBcbXPxKeNPNKIuNF4rfU3dsQ4uvDzDw9HTta340+3Of6tz/+7zfq/7qr+iF+/HVzpclMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoSyNiKJK00GynaaEQcTgiXo1DaVYqV07OlJYXp2vvRQxHLp2Zy4qjEZHf6ie1/li9fa9/ekd/PCJe+eXgVtC5rFiYKmXT/S4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACApsMRMRRJWoiINCL+yqdpodDvrAAAAICeG+53AgAAAMCuc/8PAAAAe9+T3v8nPc4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2NPOnztXW6qbd69M1frTl1eX50uXT00Xy/OFheWpwlRp6VJhtlSazYqFqdLCo/aXRsTY2VheGakUy5WR8uraxYXS8mLl4tzC5GzxYjH3TKoCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgcQ3VlyQtRERab6dpoRDxUkQMRy6ZmcuKoxHxckTczucGa/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAz5VX1+Yns6y49GI3qnurnK4bkUQ8B2m0aXzROCudtknWI/qeatpI9Gn2E/E4o64+4rB0bhxo5Lt7h+WNPsxFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0X3l1bX4yy4pL5X5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH+lvyURUVuO548N7Xx3f/J3vv4aER98eeGzlclKZWmstv5Oc33l88b60/cNvPosawAAAIA9763H2Xj7Pn37Ph4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBb5dW1+cksKy7tYiOu9btKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgSfwXAAD//x8Yt0k=")
r0 = open(&(0x7f0000000100)='./file1\x00', 0x109042, 0x88)
pwrite64(0xffffffffffffffff, &(0x7f0000000140)='2', 0x1, 0x8000c61)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0x8004587d, &(0x7f00000001c0)={0x0, 0xffffffffffffffff, 0x4, 0x0, 0x85c, 0x5})
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000580)={0x1, &(0x7f0000000780), 0x0}, 0x20)
fallocate(r0, 0x10, 0x0, 0x7000000)

896.338687ms ago: executing program 5 (id=629):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
open_by_handle_at(r1, &(0x7f0000002600)=ANY=[@ANYBLOB="0800000002"], 0x0)
pwritev2(r0, &(0x7f0000000480)=[{&(0x7f0000000100)="c1", 0x1}], 0x1, 0x5412, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xe7c)

864.83454ms ago: executing program 1 (id=630):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./bus\x00', 0x100000a, &(0x7f00000024c0)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c6865617274626561743d6e6f6e652c75737271756f74612c626172726965723d30303030303030303030303030303030303030372c6865617274626561743d6e6f6e652c696e6f646536342c00d873411c28051b39a8d0cb5470d4b9079054c29527f625e70a8207b94e58742f35e5768e84cb79ba77f09f2700000000f49afc19d14efd676c67978d0844e31fb5dcd0d4da2120d3cc4041ca9f8e7141e740590edf0382054cd9f7184d4bfa5bfea4521cf16a6394ab048c4c6ef534a38e62b9d956869300978f972203d8ed50c521927d263db9ef6c04874271ef9ab8b27b7a2948d8ed0ac0c1df1a5ef96c446ed5cfa1540416880a94ce9e7b0a1c97fb7ee7ad09bba0e1f8648042ad81536046caece170f485fe1430941a0490b3ab000800009a8989bfda8a46733e7df713141b00014f84658d62f6299e6bd92585ec709a1b338b618882bd2646ff1ceb78802ea7294b9a1a91d0267a21ca92127eff7ddd90c75977b34f94ca6ff689c231b00a4c58"], 0x11, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)

573.297667ms ago: executing program 6 (id=631):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1df)
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x4028, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x20045a, &(0x7f0000000200)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@verity_on}]})
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x1000)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x20400, 0x20)
fdatasync(r0)

0s ago: executing program 3 (id=632):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r1, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd})
fcntl$lock(r1, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x2f, 0x9})
fcntl$lock(r1, 0x26, &(0x7f00000000c0)={0x1, 0x2, 0x9, 0x401})
close_range(r0, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.231' (ED25519) to the list of known hosts.
syzkaller login: [   76.635997][ T5756] cgroup: Unknown subsys name 'net'
[   76.774161][ T5756] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   78.540436][ T5756] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   80.221565][ T5770] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   80.232975][ T5770] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   80.240908][ T5770] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   80.249223][ T5782] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   80.257852][ T5782] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   80.267498][ T5782] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   80.276325][ T5782] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   80.285664][ T5782] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   80.293170][ T5782] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   80.335783][ T5782] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   80.359906][ T5784] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   80.365571][ T5785] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   80.376805][ T5770] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   80.384744][ T5785] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   80.392089][ T5785] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   80.396796][ T5784] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   80.408777][ T5770] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   80.408857][ T5784] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   80.416234][ T5785] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   80.438169][ T5770] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   80.450060][ T5770] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   80.457545][ T5785] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   80.457548][ T5784] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   80.459330][ T5784] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   80.882284][ T5767] chnl_net:caif_netlink_parms(): no params data found
[   81.054963][ T5773] chnl_net:caif_netlink_parms(): no params data found
[   81.103160][ T5772] chnl_net:caif_netlink_parms(): no params data found
[   81.115591][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.123443][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.131103][ T5767] bridge_slave_0: entered allmulticast mode
[   81.138566][ T5767] bridge_slave_0: entered promiscuous mode
[   81.148844][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.156163][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.163600][ T5767] bridge_slave_1: entered allmulticast mode
[   81.171520][ T5767] bridge_slave_1: entered promiscuous mode
[   81.263518][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.296954][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.323185][ T5774] chnl_net:caif_netlink_parms(): no params data found
[   81.387697][ T5773] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.394955][ T5773] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.402352][ T5773] bridge_slave_0: entered allmulticast mode
[   81.410246][ T5773] bridge_slave_0: entered promiscuous mode
[   81.421478][ T5767] team0: Port device team_slave_0 added
[   81.431846][ T5767] team0: Port device team_slave_1 added
[   81.450958][ T5773] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.458953][ T5773] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.466554][ T5773] bridge_slave_1: entered allmulticast mode
[   81.473769][ T5773] bridge_slave_1: entered promiscuous mode
[   81.542734][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0
[   81.549916][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.576333][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   81.611425][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.618878][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.626797][ T5772] bridge_slave_0: entered allmulticast mode
[   81.633830][ T5772] bridge_slave_0: entered promiscuous mode
[   81.653898][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1
[   81.663087][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   81.690314][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   81.711047][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.718493][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.726009][ T5772] bridge_slave_1: entered allmulticast mode
[   81.733032][ T5772] bridge_slave_1: entered promiscuous mode
[   81.752482][ T5773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.766351][ T5773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.794676][ T5774] bridge0: port 1(bridge_slave_0) entered blocking state
[   81.802272][ T5774] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.809889][ T5774] bridge_slave_0: entered allmulticast mode
[   81.817522][ T5774] bridge_slave_0: entered promiscuous mode
[   81.826551][ T5774] bridge0: port 2(bridge_slave_1) entered blocking state
[   81.833719][ T5774] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.841379][ T5774] bridge_slave_1: entered allmulticast mode
[   81.848952][ T5774] bridge_slave_1: entered promiscuous mode
[   81.869620][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   81.922651][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   81.956789][ T5773] team0: Port device team_slave_0 added
[   81.989773][ T5767] hsr_slave_0: entered promiscuous mode
[   81.996540][ T5767] hsr_slave_1: entered promiscuous mode
[   82.006148][ T5773] team0: Port device team_slave_1 added
[   82.024162][ T5774] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   82.046130][ T5772] team0: Port device team_slave_0 added
[   82.055081][ T5772] team0: Port device team_slave_1 added
[   82.074589][ T5774] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   82.097349][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.104355][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.133785][ T5773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.183745][ T5773] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.191214][ T5773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.217925][ T5773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.260996][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.268185][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.294222][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.307820][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.314996][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.341247][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.357844][ T5774] team0: Port device team_slave_0 added
[   82.391722][ T5774] team0: Port device team_slave_1 added
[   82.446459][   T51] Bluetooth: hci0: command tx timeout
[   82.483741][ T5773] hsr_slave_0: entered promiscuous mode
[   82.490610][ T5773] hsr_slave_1: entered promiscuous mode
[   82.497583][ T5773] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   82.505481][ T5773] Cannot create hsr debugfs directory
[   82.523028][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_0
[   82.526340][   T51] Bluetooth: hci3: command tx timeout
[   82.530375][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.538558][ T5784] Bluetooth: hci1: command tx timeout
[   82.564399][ T5770] Bluetooth: hci2: command tx timeout
[   82.568034][ T5774] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   82.586493][ T5774] batman_adv: batadv0: Adding interface: batadv_slave_1
[   82.593514][ T5774] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   82.619850][ T5774] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   82.644259][ T5772] hsr_slave_0: entered promiscuous mode
[   82.651732][ T5772] hsr_slave_1: entered promiscuous mode
[   82.658660][ T5772] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   82.666889][ T5772] Cannot create hsr debugfs directory
[   82.847449][ T5774] hsr_slave_0: entered promiscuous mode
[   82.854027][ T5774] hsr_slave_1: entered promiscuous mode
[   82.880704][ T5774] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   82.891429][ T5774] Cannot create hsr debugfs directory
[   83.172731][ T5767] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   83.186637][ T5767] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   83.226110][ T5767] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   83.240741][ T5767] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   83.316678][ T5773] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   83.334981][ T5773] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   83.345958][ T5773] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   83.358150][ T5773] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   83.461754][ T5774] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   83.480548][ T5774] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   83.492269][ T5774] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   83.513673][ T5774] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   83.592674][ T5772] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   83.603059][ T5772] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   83.630250][ T5772] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   83.657164][ T5772] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   83.697318][ T5773] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.753869][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.812319][ T5773] 8021q: adding VLAN 0 to HW filter on device team0
[   83.852821][ T5767] 8021q: adding VLAN 0 to HW filter on device team0
[   83.877525][   T34] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.884833][   T34] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.894905][   T34] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.902217][   T34] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.934299][ T1148] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.941518][ T1148] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.958980][ T1148] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.966280][ T1148] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.047301][ T5774] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.078241][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0
[   84.126855][ T5774] 8021q: adding VLAN 0 to HW filter on device team0
[   84.162827][ T5772] 8021q: adding VLAN 0 to HW filter on device team0
[   84.172646][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.179854][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.223994][ T1148] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.231278][ T1148] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.247171][ T1100] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.254480][ T1100] bridge0: port 1(bridge_slave_0) entered forwarding state
[   84.348831][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.356162][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.519501][ T5770] Bluetooth: hci0: command tx timeout
[   84.596558][ T5770] Bluetooth: hci2: command tx timeout
[   84.602112][ T5770] Bluetooth: hci1: command tx timeout
[   84.607587][ T5784] Bluetooth: hci3: command tx timeout
[   84.644332][ T5773] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.729158][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.812797][ T5773] veth0_vlan: entered promiscuous mode
[   84.844457][ T5773] veth1_vlan: entered promiscuous mode
[   84.878004][ T5767] veth0_vlan: entered promiscuous mode
[   84.912280][ T5767] veth1_vlan: entered promiscuous mode
[   84.992245][ T5773] veth0_macvtap: entered promiscuous mode
[   85.031200][ T5773] veth1_macvtap: entered promiscuous mode
[   85.071121][ T5767] veth0_macvtap: entered promiscuous mode
[   85.088103][ T5767] veth1_macvtap: entered promiscuous mode
[   85.152117][ T5774] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.169787][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.189339][ T5773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.201051][ T5773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.213693][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.227618][ T5773] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.242708][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0
[   85.257970][ T5767] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   85.268897][ T5767] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.281147][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1
[   85.292937][ T5773] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.302100][ T5773] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.311405][ T5773] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.320623][ T5773] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.342180][ T5767] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   85.351330][ T5767] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   85.360529][ T5767] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   85.371215][ T5767] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   85.524696][ T5772] veth0_vlan: entered promiscuous mode
[   85.563025][ T5772] veth1_vlan: entered promiscuous mode
[   85.594865][ T5774] veth0_vlan: entered promiscuous mode
[   85.643973][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.653937][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.691794][ T5774] veth1_vlan: entered promiscuous mode
[   85.713869][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.724909][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.744860][ T5772] veth0_macvtap: entered promiscuous mode
[   85.774492][ T5772] veth1_macvtap: entered promiscuous mode
[   85.803222][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.811421][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   85.888556][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.913837][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.924177][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   85.934743][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   85.958831][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0
[   85.979158][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   85.990441][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.038002][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.069110][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.085738][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.108176][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.132627][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.158634][ T5772] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.177783][ T5772] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.187132][ T5772] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.204650][ T5772] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.226526][ T5774] veth0_macvtap: entered promiscuous mode
[   86.288821][ T5774] veth1_macvtap: entered promiscuous mode
[   86.388226][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.399082][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.409363][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.420803][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.431156][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   86.443759][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.458867][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_0
[   86.488404][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.502522][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.514472][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.530916][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.541097][ T5774] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   86.551917][ T5774] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   86.565086][ T5774] batman_adv: batadv0: Interface activated: batadv_slave_1
[   86.590521][ T5860] Zero length message leads to an empty skb
[   86.597468][ T5770] Bluetooth: hci0: command tx timeout
[   86.629852][ T5774] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   86.675660][ T5770] Bluetooth: hci3: command tx timeout
[   86.678554][ T5784] Bluetooth: hci2: command tx timeout
[   86.681558][ T5770] Bluetooth: hci1: command tx timeout
[   86.695299][ T5774] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   86.704127][ T5774] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   86.745454][ T5774] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   86.864940][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   86.877122][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   86.954308][ T5870] Bluetooth: MGMT ver 1.22
[   86.960524][ T5870] Bluetooth: hci0: invalid length 4, exp 2 for type 30
[   87.004907][ T3008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.016822][ T3008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.122730][ T5872] syz.3.9[5872]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   87.151999][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.177349][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.275051][ T2968] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   87.327438][ T2968] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   87.769947][ T5882] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   88.269630][ T5872] loop3: detected capacity change from 0 to 40427
[   88.444323][ T5872] F2FS-fs (loop3): Found nat_bits in checkpoint
[   88.675820][ T5770] Bluetooth: hci0: command tx timeout
[   88.681939][ T5872] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   88.758146][ T5770] Bluetooth: hci1: command tx timeout
[   88.764064][ T5770] Bluetooth: hci2: command tx timeout
[   88.769914][ T5784] Bluetooth: hci3: command tx timeout
[   88.866614][   T28] audit: type=1800 audit(1769659337.440:2): pid=5872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.9" name="file1" dev="loop3" ino=10 res=0 errno=0
[   89.027078][ T5767] syz-executor: attempt to access beyond end of device
[   89.027078][ T5767] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   89.063067][ T5767] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[   89.334835][ T5893] loop2: detected capacity change from 0 to 32768
[   89.465842][ T5893] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[   89.695904][ T5893] XFS (loop2): Ending clean mount
[   90.009980][ T5893] syz.2.13 (5893) used greatest stack depth: 19944 bytes left
[   90.102681][ T5773] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[   90.569127][ T5949] loop2: detected capacity change from 0 to 256
[   90.641664][ T5949] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[   90.807127][ T5953] loop3: detected capacity change from 0 to 64
[   91.469288][ T5966] loop2: detected capacity change from 0 to 1024
[   91.483584][ T5951] loop0: detected capacity change from 0 to 32768
[   91.541948][ T5951] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.33 (5951)
[   91.617257][ T5951] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   91.649858][ T5966] hfsplus: extend alloc file! (8192,512,17039360)
[   91.659054][ T5951] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[   91.681414][ T5951] BTRFS info (device loop0): using free space tree
[   91.925803][ T5951] BTRFS info (device loop0): enabling ssd optimizations
[   91.942856][ T5951] BTRFS info (device loop0): auto enabling async discard
[   92.212216][   T23] cfg80211: failed to load regulatory.db
[   92.698505][ T5772] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   93.704803][ T6021] =======================================================
[   93.704803][ T6021] WARNING: The mand mount option has been deprecated and
[   93.704803][ T6021]          and is ignored by this kernel. Remove the mand
[   93.704803][ T6021]          option from the mount to silence this warning.
[   93.704803][ T6021] =======================================================
[   93.761395][ T6021] overlayfs: "xino" feature enabled using 3 upper inode bits.
[   93.782173][ T6021] overlayfs: "xino" feature enabled using 3 upper inode bits.
[   93.815886][ T6021] overlayfs: d_ino too big (., ino=4611686018427387905, xinobits=3)
[   93.824263][ T6021] overlayfs: d_ino too big (.., ino=4611686018427387905, xinobits=3)
[   93.833993][ T6021] overlayfs: d_ino too big (17, ino=9223372036854775910, xinobits=3)
[   93.843008][ T6021] overlayfs: d_ino too big (syzcgroup, ino=9223372036854775816, xinobits=3)
[   93.956866][ T6014] loop3: detected capacity change from 0 to 32768
[   93.982033][ T6014] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   94.100254][ T6029] loop1: detected capacity change from 0 to 4096
[   94.180727][ T6014] XFS (loop3): Ending clean mount
[   94.222270][ T6014] XFS (loop3): Quotacheck needed: Please wait.
[   94.345373][ T6014] XFS (loop3): Quotacheck: Done.
[   94.688684][ T5767] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   94.742601][ T6037] loop0: detected capacity change from 0 to 1024
[   94.759967][ T6037] EXT4-fs: Ignoring removed mblk_io_submit option
[   94.872342][ T6037] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.992675][ T6044] netlink: 76 bytes leftover after parsing attributes in process `syz.1.62'.
[   95.005219][ T6044] netlink: 76 bytes leftover after parsing attributes in process `syz.1.62'.
[   95.012420][ T6037] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2852: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   95.191492][ T6048] Bluetooth: Invalid esc byte 0xcc
[   95.258364][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.522628][ T3008] Bluetooth: hci4: Frame reassembly failed (-84)
[   95.634848][ T6058] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-61)
[   95.805356][ T6060] loop1: detected capacity change from 0 to 4096
[   96.426085][ T6081] netlink: 4 bytes leftover after parsing attributes in process `syz.2.75'.
[   96.989372][ T6094] loop0: detected capacity change from 0 to 256
[   97.007833][ T6094] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   97.042420][ T6094] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   97.170968][ T6098] "syz.2.83" (6098) uses obsolete ecb(arc4) skcipher
[   97.555356][ T5770] Bluetooth: hci4: command 0x1003 tx timeout
[   97.562574][ T5784] Bluetooth: hci4: Opcode 0x1003 failed: -110
[   97.887854][ T6110] geneve2: entered promiscuous mode
[   97.893141][ T6110] geneve2: entered allmulticast mode
[   98.076387][ T6115] netlink: 8 bytes leftover after parsing attributes in process `syz.0.91'.
[   98.225227][ T6121] 9pnet: p9_errstr2errno: server reported unknown error ��n$Ž[
[   98.225227][ T6121] Q&|xùX
[   98.902909][ T5873] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   99.028163][ T6144] netlink: 100 bytes leftover after parsing attributes in process `syz.0.104'.
[   99.116045][ T5873] usb 3-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[   99.130719][ T5873] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.139552][ T5873] usb 3-1: Product: syz
[   99.143880][ T5873] usb 3-1: Manufacturer: syz
[   99.158148][ T5873] usb 3-1: SerialNumber: syz
[   99.172838][ T5873] usb 3-1: config 0 descriptor??
[   99.562886][ T6158] iommufd_mock iommufd_mock1: Adding to iommu group 0
[   99.713900][ T6160] loop3: detected capacity change from 0 to 1024
[   99.770778][ T6160] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.774750][ T6162] IPv6: sit1: Disabled Multicast RS
[  100.257416][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.516070][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  100.639577][ T5873] usb 3-1: f81604_read: reg: 200f failed: -EPROTO
[  100.667728][ T5873] usb 3-1: USB disconnect, device number 2
[  100.676850][ T6173] ipip0: entered promiscuous mode
[  100.731990][ T5873] usb 3-1: f81604_read: reg: 100f failed: -ENODEV
[  100.840849][ T5434] usb 3-1: f81604_read: reg: 200f failed: -ENODEV
[  100.903733][ T5873] usb 3-1: f81604_read: reg: 200f failed: -ENODEV
[  102.247577][ T6194] loop1: detected capacity change from 0 to 32768
[  102.324398][ T6194] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  102.437149][ T6225] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  102.465612][ T6238] sch_tbf: burst 19408 is lower than device lo mtu (65550) !
[  102.605316][ T6194] XFS (loop1): Ending clean mount
[  102.624099][ T6194] XFS (loop1): Quotacheck needed: Please wait.
[  102.781096][ T6194] XFS (loop1): Quotacheck: Done.
[  103.268219][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  103.340454][ T6263] gretap0: entered promiscuous mode
[  103.402041][ T5774] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  103.472830][ T6263] netlink: 8 bytes leftover after parsing attributes in process `syz.0.137'.
[  103.478313][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  103.516226][ T6263] gretap0: left promiscuous mode
[  103.979635][ T6269] Illegal XDP return value 4294967262 on prog  (id 12) dev syz_tun, expect packet loss!
[  104.208221][ T6275] netlink: 'syz.3.140': attribute type 1 has an invalid length.
[  104.231549][ T6275] netlink: 'syz.3.140': attribute type 4 has an invalid length.
[  104.250741][ T6275] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.140'.
[  105.104062][ T6298] loop2: detected capacity change from 0 to 256
[  105.133287][ T6298] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  105.165579][ T6298] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  105.263644][ T6298] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  106.751441][ T6345] netlink: 4 bytes leftover after parsing attributes in process `syz.0.168'.
[  106.864794][ T6346] serio: Serial port ptm0
[  106.929741][ T6342] loop1: detected capacity change from 0 to 32768
[  106.977158][ T6342] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.167 (6342)
[  107.002617][ T6346] serio: Serial port ptm0
[  107.054081][ T6342] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  107.077267][ T6342] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  107.105932][ T6342] BTRFS info (device loop1): using free space tree
[  107.263334][ T6342] BTRFS info (device loop1): enabling ssd optimizations
[  107.297611][ T6342] BTRFS info (device loop1): auto enabling async discard
[  107.686656][ T5774] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  107.963831][ T6367] loop3: detected capacity change from 0 to 32768
[  107.994399][ T6367] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  108.095314][ T5873] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  108.131025][ T6367] XFS (loop3): Ending clean mount
[  108.147161][ T6367] XFS (loop3): Quotacheck needed: Please wait.
[  108.220478][ T6367] XFS (loop3): Quotacheck: Done.
[  108.290515][ T5873] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  108.316672][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  108.333034][ T5873] usb 3-1: config 0 descriptor??
[  108.373827][ T5873] gspca_main: spca508-2.14.0 probing 8086:0110
[  108.447236][ T5767] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  108.605732][ T5873] gspca_spca508: reg_read err -32
[  108.625741][ T5873] gspca_spca508: reg_read err -32
[  108.651780][ T5873] gspca_spca508: reg_read err -32
[  108.675671][ T5873] gspca_spca508: reg_read err -32
[  108.698928][ T5873] gspca_spca508: reg_read err -32
[  108.907154][ T5873] gspca_spca508: reg write: error -71
[  108.912693][ T5873] spca508: probe of 3-1:0.0 failed with error -71
[  108.992079][ T5873] usb 3-1: USB disconnect, device number 3
[  109.055848][ T6387] tipc: Failed to remove unknown binding: 66,1,1/0:1224455547/1224455549
[  109.626073][ T6403] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  110.173905][ T6386] loop0: detected capacity change from 0 to 32768
[  110.282887][ T6386] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  110.293995][ T6407] loop2: detected capacity change from 0 to 32768
[  110.313239][ T6407] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.185 (6407)
[  110.408599][ T6407] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  110.478498][ T6407] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  110.502329][ T6407] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  110.555858][ T6407] BTRFS info (device loop2): force zstd compression, level 3
[  110.563357][ T6407] BTRFS info (device loop2): turning on sync discard
[  110.575284][ T6386] XFS (loop0): Ending clean mount
[  110.610121][ T6407] BTRFS info (device loop2): force clearing of disk cache
[  110.626143][ T6407] BTRFS info (device loop2): enabling disk space caching
[  110.633677][ T6407] BTRFS info (device loop2): turning off discard
[  110.643361][ T6407] BTRFS info (device loop2): disk space caching is enabled
[  110.653050][ T6386] XFS (loop0): Quotacheck needed: Please wait.
[  110.731376][ T6386] XFS (loop0): Quotacheck: Done.
[  110.828068][ T6407] BTRFS info (device loop2): enabling ssd optimizations
[  110.882448][ T6407] BTRFS info (device loop2): rebuilding free space tree
[  110.910972][ T5772] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  110.998126][ T6407] BTRFS info (device loop2): disabling free space tree
[  111.015713][ T6407] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  111.035245][ T6407] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  111.277862][   T28] audit: type=1800 audit(1769659359.850:3): pid=6407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.185" name="file1" dev="loop2" ino=260 res=0 errno=0
[  111.374554][ T6442] loop1: detected capacity change from 0 to 2048
[  111.546681][ T6442] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.840159][ T5773] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  111.862718][ T6452] capability: warning: `syz.3.194' uses 32-bit capabilities (legacy support in use)
[  112.000585][ T6441] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  112.115897][ T6441] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 64 with max blocks 2 with error 28
[  112.213078][ T6441] EXT4-fs (loop1): This should not happen!! Data will be lost
[  112.213078][ T6441] 
[  112.307956][ T6441] EXT4-fs (loop1): Total free blocks count 0
[  112.314040][ T6441] EXT4-fs (loop1): Free/Dirty block details
[  112.359582][ T6441] EXT4-fs (loop1): free_blocks=2415919504
[  112.424126][ T6441] EXT4-fs (loop1): dirty_blocks=16
[  112.447986][ T6441] EXT4-fs (loop1): Block reservation details
[  112.454421][ T6441] EXT4-fs (loop1): i_reserved_data_blocks=1
[  112.771787][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.851738][ T6475] netlink: 'syz.1.197': attribute type 1 has an invalid length.
[  113.950989][ T6475] 8021q: adding VLAN 0 to HW filter on device bond1
[  114.107528][ T6477] bond1: (slave syz_tun): making interface the new active one
[  114.150125][ T6477] bond1: (slave syz_tun): Enslaving as an active interface with an up link
[  114.883449][ T6493] loop0: detected capacity change from 0 to 1024
[  114.934064][ T6493] EXT4-fs: inline encryption not supported
[  115.048043][ T6493] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  115.085625][ T6493] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (6416!=35945)
[  115.109358][ T6493] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  115.130687][ T6493] EXT4-fs (loop0): can't mount with journal_async_commit, fs mounted w/o journal
[  115.235513][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  115.278234][   T28] audit: type=1326 audit(1769659363.850:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6488 comm="syz.3.206" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efc4099aeb9 code=0x0
[  115.482591][   T49] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  115.561505][ T6500] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  116.011281][ T5770] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  116.021863][ T5770] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  116.031420][ T5770] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  116.043931][ T5770] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  116.060096][ T5770] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  116.070175][ T5770] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  116.696792][ T6508] chnl_net:caif_netlink_parms(): no params data found
[  116.970826][ T6508] bridge0: port 1(bridge_slave_0) entered blocking state
[  116.998863][ T6508] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.021944][ T6508] bridge_slave_0: entered allmulticast mode
[  117.042203][ T6508] bridge_slave_0: entered promiscuous mode
[  117.066401][ T6508] bridge0: port 2(bridge_slave_1) entered blocking state
[  117.096617][ T6508] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.122365][ T6508] bridge_slave_1: entered allmulticast mode
[  117.146145][ T6508] bridge_slave_1: entered promiscuous mode
[  117.288839][ T6508] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  117.334408][ T6508] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  117.426075][ T6508] team0: Port device team_slave_0 added
[  117.464189][ T6508] team0: Port device team_slave_1 added
[  117.624327][ T6508] batman_adv: batadv0: Adding interface: batadv_slave_0
[  117.640486][ T6508] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.677494][ T6508] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  117.721248][ T6508] batman_adv: batadv0: Adding interface: batadv_slave_1
[  117.733976][ T6508] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  117.772112][ T6508] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  117.845157][    C0] sched: RT throttling activated
[  117.868086][ T6508] hsr_slave_0: entered promiscuous mode
[  117.875884][ T6508] hsr_slave_1: entered promiscuous mode
[  117.882471][ T6508] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  117.891924][ T6508] Cannot create hsr debugfs directory
[  118.126084][ T5784] Bluetooth: hci1: command tx timeout
[  118.152545][ T6533] loop0: detected capacity change from 0 to 131072
[  118.284479][ T6508] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  118.332365][ T6508] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  118.357209][ T6508] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  118.429791][ T6508] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  118.558431][ T6533] F2FS-fs (loop0): Test dummy encryption mode enabled
[  118.569889][ T6533] F2FS-fs (loop0): invalid crc value
[  118.607242][ T6533] F2FS-fs (loop0): Found nat_bits in checkpoint
[  118.691153][ T6533] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  118.924807][ T6508] 8021q: adding VLAN 0 to HW filter on device bond0
[  119.011577][ T6508] 8021q: adding VLAN 0 to HW filter on device team0
[  119.083008][ T1137] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.090299][ T1137] bridge0: port 1(bridge_slave_0) entered forwarding state
[  119.190875][   T34] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.198112][   T34] bridge0: port 2(bridge_slave_1) entered forwarding state
[  119.315463][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  120.087850][ T6580] (null): rxe_set_mtu: Set mtu to 1024
[  120.130253][ T6508] 8021q: adding VLAN 0 to HW filter on device batadv0
[  120.206890][ T5784] Bluetooth: hci1: command tx timeout
[  120.938120][ T6580] infiniband syz1: set active
[  120.945947][ T6580] infiniband syz1: added syz_tun
[  120.975773][ T6508] veth0_vlan: entered promiscuous mode
[  121.017480][ T6508] veth1_vlan: entered promiscuous mode
[  121.083709][ T6582] syz1: rxe_set_mtu: Set mtu to 2048
[  121.090791][ T6582] infiniband syz1: set active
[  121.199505][ T6580] RDS/IB: syz1: added
[  121.207009][ T6580] smc: adding ib device syz1 with port count 1
[  121.213608][ T6580] smc:    ib device syz1 port 1 has pnetid 
[  121.228827][ T6508] veth0_macvtap: entered promiscuous mode
[  121.237770][ T6584] loop3: detected capacity change from 0 to 32768
[  121.267463][ T6508] veth1_macvtap: entered promiscuous mode
[  121.334106][ T6588] loop0: detected capacity change from 0 to 32768
[  121.349819][ T6508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.398020][ T6508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.429982][ T6508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.450317][ T6588] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  121.469292][ T6508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.480351][ T6508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.491427][ T6508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.502631][ T6508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  121.513530][ T6508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.518246][ T6584] non-latin1 character 0x365 found in JFS file name
[  121.531274][ T6508] batman_adv: batadv0: Interface activated: batadv_slave_0
[  121.544963][ T6508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.556191][ T6508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.566598][ T6508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.577539][ T6508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.587877][ T6508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.599797][ T6584] mount with iocharset=utf8 to access
[  121.608153][ T6508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.636771][ T6508] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  121.668243][ T6508] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  121.678695][ T6588] XFS (loop0): Ending clean mount
[  121.696756][ T6588] XFS (loop0): Quotacheck needed: Please wait.
[  121.708556][ T6508] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.771481][ T6508] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.825431][ T6508] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.834322][ T6508] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.861267][ T6588] XFS (loop0): Quotacheck: Done.
[  121.878642][ T6508] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.105560][   T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.129717][   T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.170814][ T1100] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  122.179773][ T1100] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  122.201347][ T5772] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  122.277986][ T5784] Bluetooth: hci1: command tx timeout
[  122.908249][ T6613] process 'syz.4.239' launched './file1' with NULL argv: empty string added
[  124.357619][ T5784] Bluetooth: hci1: command tx timeout
[  124.411509][ T6628] loop3: detected capacity change from 0 to 40427
[  124.449816][ T6628] F2FS-fs (loop3): build fault injection attr: rate: 25, type: 0x7ffff
[  124.458563][ T6628] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x7698c
[  124.488692][ T6628] F2FS-fs (loop3): invalid crc value
[  124.506500][ T6628] F2FS-fs (loop3): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x21d/0x9b0
[  124.536580][ T6628] F2FS-fs (loop3): Found nat_bits in checkpoint
[  124.648412][ T6628] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x68b/0x9b0
[  124.740884][ T6628] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  124.832757][ T6628] F2FS-fs (loop3): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xda/0x1d0
[  124.864114][ T6628] syz.3.244: attempt to access beyond end of device
[  124.864114][ T6628] loop3: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  124.882118][ T6628] syz.3.244: attempt to access beyond end of device
[  124.882118][ T6628] loop3: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  124.913067][ T6628] F2FS-fs (loop3): inject invalid blkaddr in f2fs_is_valid_blkaddr of __write_node_page+0x661/0x1810
[  125.032438][ T5767] F2FS-fs (loop3): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x5b4/0x19c0
[  125.056180][   T27] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  125.071135][ T5767] F2FS-fs (loop3): invalid blkaddr: 3072, type: 10, run fsck to fix.
[  125.113754][ T6652] netlink: 8 bytes leftover after parsing attributes in process `syz.0.250'.
[  125.186880][ T5767] F2FS-fs (loop3): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x516/0x19c0
[  125.199700][ T5767] F2FS-fs (loop3): invalid blkaddr: 1026, type: 10, run fsck to fix.
[  125.228500][ T5767] F2FS-fs (loop3): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x5b4/0x19c0
[  125.245010][ T5767] F2FS-fs (loop3): invalid blkaddr: 1023, type: 10, run fsck to fix.
[  125.266283][   T27] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  125.276197][   T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.297950][   T27] usb 2-1: config 0 descriptor??
[  125.323124][   T27] cp210x 2-1:0.0: cp210x converter detected
[  125.386596][    T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  125.575299][    T9] usb 5-1: Using ep0 maxpacket: 32
[  125.587777][    T9] usb 5-1: config 0 has an invalid interface number: 196 but max is 0
[  125.607905][    T9] usb 5-1: config 0 has no interface number 0
[  125.614126][    T9] usb 5-1: config 0 interface 196 has no altsetting 0
[  125.639727][    T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  125.669536][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.694139][    T9] usb 5-1: Product: syz
[  125.698867][    T9] usb 5-1: Manufacturer: syz
[  125.703520][    T9] usb 5-1: SerialNumber: syz
[  125.724334][    T9] usb 5-1: config 0 descriptor??
[  125.742899][   T27] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  125.781689][ T6642] loop1: detected capacity change from 0 to 128
[  125.927685][   T27] usb 2-1: cp210x converter now attached to ttyUSB0
[  125.980405][    T9] ipheth 5-1:0.196: Unable to find endpoints
[  126.020944][    T9] usb 5-1: USB disconnect, device number 2
[  126.149223][ T5873] usb 2-1: USB disconnect, device number 2
[  126.162708][ T5873] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  126.180434][ T5873] cp210x 2-1:0.0: device disconnected
[  126.332952][ T6668] netlink: 'syz.0.259': attribute type 4 has an invalid length.
[  126.781752][ T6681] loop3: detected capacity change from 0 to 512
[  126.832627][ T6681] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  126.895200][ T6681] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  126.933181][ T6681] EXT4-fs error (device loop3): ext4_orphan_get:1398: inode #15: comm syz.3.265: inode has both inline data and extents flags
[  127.004765][ T6681] EXT4-fs error (device loop3): ext4_orphan_get:1403: comm syz.3.265: couldn't read orphan inode 15 (err -117)
[  127.042920][ T6681] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.226098][ T6681] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:406: inode #2: comm syz.3.265: No space for directory leaf checksum. Please run e2fsck -D.
[  127.295366][ T6681] EXT4-fs error (device loop3): __ext4_find_entry:1696: inode #2: comm syz.3.265: checksumming directory block 0
[  127.355295][ T6697] syz.1.271 uses obsolete (PF_INET,SOCK_PACKET)
[  127.395357][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  127.417336][ T6699] loop4: detected capacity change from 0 to 2048
[  127.487028][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.507590][ T6699] NILFS (loop4): invalid segment: Inconsistency found
[  127.514958][ T6699] NILFS (loop4): trying rollback from an earlier position
[  127.642390][ T6699] NILFS (loop4): recovery complete
[  127.705670][ T6704] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  128.288101][ T6701] loop0: detected capacity change from 0 to 32768
[  128.324410][ T6701] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  128.552860][ T6727] bond_slave_0: entered promiscuous mode
[  128.559227][ T6727] bond_slave_1: entered promiscuous mode
[  128.593651][ T6727] bond_slave_0: left promiscuous mode
[  128.599589][ T6727] bond_slave_1: left promiscuous mode
[  128.622490][ T6701] XFS (loop0): Ending clean mount
[  128.914296][ T5772] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  129.370529][ T6739] tipc: Started in network mode
[  129.389935][ T6739] tipc: Node identity ae97a3154cda, cluster identity 4711
[  129.416606][ T6739] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  129.443229][ T6744] tipc: Disabling bearer <eth:syzkaller0>
[  129.542185][ T6748] loop1: detected capacity change from 0 to 512
[  129.560617][ T6748] EXT4-fs: Ignoring removed mblk_io_submit option
[  129.580863][ T6748] EXT4-fs: Ignoring removed mblk_io_submit option
[  129.625289][ T6748] EXT4-fs (loop1): Test dummy encryption mode enabled
[  129.654024][ T6752] netlink: 4 bytes leftover after parsing attributes in process `syz.0.284'.
[  129.685230][ T6748] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  129.740408][ T6748] EXT4-fs (loop1): 1 truncate cleaned up
[  129.787878][ T6748] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.991793][ T6762] loop4: detected capacity change from 0 to 512
[  130.081830][ T6762] EXT4-fs: Ignoring removed oldalloc option
[  130.094420][   T23] IPVS: starting estimator thread 0...
[  130.158302][ T6762] EXT4-fs (loop4): 1 truncate cleaned up
[  130.197838][ T6762] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.231899][ T6770] warning: `syz.0.295' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  130.233731][ T6766] IPVS: using max 21 ests per chain, 50400 per kthread
[  130.464456][ T6775] EXT4-fs error (device loop4): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.4.292: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  130.540942][ T6775] EXT4-fs (loop4): Remounting filesystem read-only
[  130.679409][ T6508] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.955477][ T6772] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  131.152072][ T6767] loop3: detected capacity change from 0 to 40427
[  131.173428][ T6767] F2FS-fs (loop3): invalid crc value
[  131.189472][ T6767] F2FS-fs (loop3): Found nat_bits in checkpoint
[  131.267257][ T6767] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  131.438035][ T6748] fscrypt (loop1): Error allocating 'xts(aes)' transform: -4
[  131.476462][ T6748] overlayfs: upper fs does not support tmpfile.
[  131.484547][ T6748] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  131.497476][ T6767] syz.3.294: attempt to access beyond end of device
[  131.497476][ T6767] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  131.580939][ T6748] overlayfs: failed index dir cleanup (-512)
[  131.603868][ T6748] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  131.677277][ T5767] syz-executor: attempt to access beyond end of device
[  131.677277][ T5767] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  131.700664][ T5767] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  131.932797][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.186930][ T3008] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  132.485460][ T6825] capability: warning: `syz.1.306' uses deprecated v2 capabilities in a way that may be insecure
[  132.949902][ T6846] netlink: 'syz.0.313': attribute type 1 has an invalid length.
[  133.153168][ T6853] loop0: detected capacity change from 0 to 256
[  133.163662][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  133.171501][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[  133.193599][ T6853] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  133.323849][ T6855] loop0: detected capacity change from 0 to 128
[  133.375740][ T5873] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  133.396636][ T6855] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  133.446709][ T6855] ext4 filesystem being mounted at /90/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  133.541895][   T28] audit: type=1800 audit(1769659382.120:5): pid=6855 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.317" name="file1" dev="loop0" ino=12 res=0 errno=0
[  133.644341][ T5873] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.676517][ T5873] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.737171][ T5873] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  133.756265][ T5873] usb 4-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  133.764351][ T5873] usb 4-1: Manufacturer: syz
[  133.786257][ T5772] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  133.812314][ T5873] usb 4-1: config 0 descriptor??
[  133.953407][ T6866] loop4: detected capacity change from 0 to 128
[  134.074753][ T6866] syz.4.321: attempt to access beyond end of device
[  134.074753][ T6866] loop4: rw=2049, sector=138, nr_sectors = 2 limit=128
[  134.186941][ T6866] syz.4.321: attempt to access beyond end of device
[  134.186941][ T6866] loop4: rw=1, sector=138, nr_sectors = 2 limit=128
[  134.213821][ T6866] Buffer I/O error on dev loop4, logical block 69, lost async page write
[  134.749879][ T5873] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0001/input/input5
[  134.910806][ T5873] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0001/input/input6
[  135.001942][ T5873] input: syz Touch Strip as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0001/input/input7
[  135.058716][ T5873] input: syz Dial as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0001/input/input8
[  135.126923][ T5873] uclogic 0003:256C:006D.0001: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.3-1/input0
[  135.170393][ T5873] usb 4-1: USB disconnect, device number 2
[  135.492758][ T6881] loop4: detected capacity change from 0 to 2364
[  135.652996][ T6883] fido_id[6883]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  136.401248][ T2968] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.515523][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  136.631581][ T2968] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.818858][ T2968] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  136.998794][ T2968] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.262252][ T5770] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  138.281935][ T5770] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  138.291812][ T5770] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  138.320519][ T5770] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  138.330856][ T5770] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  138.339106][ T5770] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  138.512113][ T6915] bridge_slave_0: left allmulticast mode
[  138.570935][ T6915] bridge_slave_0: left promiscuous mode
[  138.600854][ T6915] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.630866][ T6915] bridge_slave_1: left allmulticast mode
[  138.663686][ T6915] bridge_slave_1: left promiscuous mode
[  138.694754][ T6915] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.745539][ T6915] bond0: (slave bond_slave_0): Releasing backup interface
[  138.788165][ T6915] bond0: (slave bond_slave_1): Releasing backup interface
[  138.935451][ T6915] team0: Port device team_slave_0 removed
[  138.977740][ T6915] team0: Port device team_slave_1 removed
[  138.984562][ T6915] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  139.015092][ T6915] batman_adv: batadv0: Removing interface: batadv_slave_0
[  139.050311][ T6915] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  139.073362][ T6915] batman_adv: batadv0: Removing interface: batadv_slave_1
[  139.215594][ T6926] input: syz1 as /devices/virtual/input/input9
[  139.222336][ T5776] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  139.365810][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  140.435593][ T5784] Bluetooth: hci1: command tx timeout
[  140.894624][ T6965] loop0: detected capacity change from 0 to 164
[  140.914044][ T6965] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  140.953830][ T6965] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  140.983915][ T6965] rock: directory entry would overflow storage
[  140.997787][ T6965] rock: sig=0x4f50, size=4, remaining=3
[  141.003767][ T6965] iso9660: Corrupted directory entry in block 4 of inode 1792
[  141.180501][ T2968] hsr_slave_0: left promiscuous mode
[  141.205768][ T2968] hsr_slave_1: left promiscuous mode
[  141.300377][ T2968] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  141.348082][ T2968] batman_adv: batadv0: Removing interface: batadv_slave_0
[  141.381706][ T2968] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  141.399846][ T2968] batman_adv: batadv0: Removing interface: batadv_slave_1
[  141.429846][ T2968] bridge_slave_1: left allmulticast mode
[  141.450120][ T2968] bridge_slave_1: left promiscuous mode
[  141.461831][ T2968] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.499020][ T2968] bridge_slave_0: left allmulticast mode
[  141.515941][ T2968] bridge_slave_0: left promiscuous mode
[  141.523138][ T2968] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.679369][ T2968] veth1_macvtap: left promiscuous mode
[  141.687257][ T2968] veth0_macvtap: left promiscuous mode
[  141.699566][ T2968] veth1_vlan: left promiscuous mode
[  141.709496][ T2968] veth0_vlan: left promiscuous mode
[  142.115529][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  142.516911][ T5784] Bluetooth: hci1: command tx timeout
[  142.689980][ T6994] loop0: detected capacity change from 0 to 4096
[  142.750078][ T6994] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.966854][ T6997] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5920: Corrupt filesystem
[  143.032995][ T6997] EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #18: comm syz.0.355: mark_inode_dirty error
[  143.051095][ T6997] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5920: Corrupt filesystem
[  143.092585][ T6997] EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #18: comm syz.0.355: mark_inode_dirty error
[  143.126566][ T6997] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:478: comm syz.0.355: Invalid block bitmap block 10806165376325386240 in block_group 0
[  143.148281][ T6997] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:478: comm syz.0.355: Invalid block bitmap block 10806165376325386240 in block_group 0
[  143.209126][ T6997] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:478: comm syz.0.355: Invalid block bitmap block 10806165376325386240 in block_group 0
[  143.278899][ T6997] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5920: Corrupt filesystem
[  143.318835][ T6997] EXT4-fs error (device loop0): ext4_dirty_inode:6124: inode #18: comm syz.0.355: mark_inode_dirty error
[  143.333738][ T6997] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5920: Corrupt filesystem
[  143.544166][ T5772] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.582432][   T49] Quota error (device loop0): qtree_write_dquot: dquota write failed
[  143.597044][   T49] Quota error (device loop0): dquot_write_dquot: Can't write quota structure (error -117). Quota may get out of sync!
[  143.618969][   T49] Quota error (device loop0): qtree_write_dquot: dquota write failed
[  143.641055][   T49] Quota error (device loop0): dquot_write_dquot: Can't write quota structure (error -117). Quota may get out of sync!
[  143.663187][ T2968] team0 (unregistering): Port device team_slave_1 removed
[  143.760694][ T2968] team0 (unregistering): Port device team_slave_0 removed
[  143.873197][ T2968] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  143.944633][ T2968] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  144.047083][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.464758][ T2968] bond0 (unregistering): Released all slaves
[  144.583936][ T6912] chnl_net:caif_netlink_parms(): no params data found
[  144.595373][ T5784] Bluetooth: hci1: command tx timeout
[  145.066259][ T6912] bridge0: port 1(bridge_slave_0) entered blocking state
[  145.073591][ T6912] bridge0: port 1(bridge_slave_0) entered disabled state
[  145.087961][ T6912] bridge_slave_0: entered allmulticast mode
[  145.096688][ T6912] bridge_slave_0: entered promiscuous mode
[  145.105996][ T6912] bridge0: port 2(bridge_slave_1) entered blocking state
[  145.113313][ T6912] bridge0: port 2(bridge_slave_1) entered disabled state
[  145.121253][ T6912] bridge_slave_1: entered allmulticast mode
[  145.128927][ T6912] bridge_slave_1: entered promiscuous mode
[  145.173680][ T6912] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  145.187864][ T6912] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  145.244003][ T6912] team0: Port device team_slave_0 added
[  145.297525][ T6912] team0: Port device team_slave_1 added
[  145.416701][ T6912] batman_adv: batadv0: Adding interface: batadv_slave_0
[  145.442890][ T6912] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.531641][ T6912] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  145.587737][ T6912] batman_adv: batadv0: Adding interface: batadv_slave_1
[  145.594769][ T6912] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  145.674697][ T6912] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  145.791754][ T6912] hsr_slave_0: entered promiscuous mode
[  145.806015][ T6912] hsr_slave_1: entered promiscuous mode
[  145.821448][ T6912] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  145.842654][ T6912] Cannot create hsr debugfs directory
[  145.955425][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  146.379681][ T6912] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  146.402192][ T6912] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  146.425984][ T6912] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  146.452951][ T6912] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  146.602104][ T5770] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  146.635731][ T5770] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  146.647759][ T5770] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  146.657871][ T5770] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  146.668176][ T5770] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  146.675357][   T51] Bluetooth: hci1: command tx timeout
[  146.687743][ T5770] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  146.931100][ T6912] 8021q: adding VLAN 0 to HW filter on device bond0
[  147.013486][ T6912] 8021q: adding VLAN 0 to HW filter on device team0
[  147.071094][   T34] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.078474][   T34] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.120090][   T34] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.127621][   T34] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.599252][ T5776] kernel write not supported for file bpf-prog (pid: 5776 comm: kworker/0:3)
[  147.830312][ T7077] loop1: detected capacity change from 0 to 1024
[  147.995964][ T7045] chnl_net:caif_netlink_parms(): no params data found
[  148.016058][ T6912] 8021q: adding VLAN 0 to HW filter on device batadv0
[  148.173161][   T28] audit: type=1800 audit(1769659396.730:6): pid=7081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.373" name="file2" dev="loop1" ino=21 res=0 errno=0
[  148.405812][ T7045] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.413023][ T7045] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.444632][ T7045] bridge_slave_0: entered allmulticast mode
[  148.464392][ T7045] bridge_slave_0: entered promiscuous mode
[  148.497217][ T7045] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.504421][ T7045] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.540657][ T7045] bridge_slave_1: entered allmulticast mode
[  148.553484][ T7045] bridge_slave_1: entered promiscuous mode
[  148.745682][ T7045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  148.785088][ T5784] Bluetooth: hci3: command tx timeout
[  148.826811][ T7045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  149.153921][ T7045] team0: Port device team_slave_0 added
[  149.248154][ T7045] team0: Port device team_slave_1 added
[  149.382962][ T7045] batman_adv: batadv0: Adding interface: batadv_slave_0
[  149.435600][ T7045] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.545275][ T7045] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  149.597886][ T7045] batman_adv: batadv0: Adding interface: batadv_slave_1
[  149.615676][ T7045] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  149.695315][ T7045] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  149.981558][ T7045] hsr_slave_0: entered promiscuous mode
[  150.032316][ T7045] hsr_slave_1: entered promiscuous mode
[  150.065429][ T7045] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  150.093416][ T7045] Cannot create hsr debugfs directory
[  150.175383][ T5873] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  150.197313][ T6912] veth0_vlan: entered promiscuous mode
[  150.334991][ T6912] veth1_vlan: entered promiscuous mode
[  150.356282][ T5873] usb 2-1: Using ep0 maxpacket: 32
[  150.391843][ T5873] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  150.419291][ T5873] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  150.461077][ T5873] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  150.476701][ T5873] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  150.490491][ T5873] usb 2-1: config 0 interface 0 has no altsetting 0
[  150.501828][ T5873] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  150.530381][ T5873] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  150.560099][ T5873] usb 2-1: Product: syz
[  150.564369][ T5873] usb 2-1: Manufacturer: syz
[  150.583632][ T5873] usb 2-1: SerialNumber: syz
[  150.595644][ T5873] usb 2-1: config 0 descriptor??
[  150.605041][ T5873] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  150.663366][ T5873] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  150.692780][ T6912] veth0_macvtap: entered promiscuous mode
[  150.754167][ T6912] veth1_macvtap: entered promiscuous mode
[  150.808968][ T6912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.836744][ T6912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.839470][ T5784] Bluetooth: hci3: command tx timeout
[  150.856740][ T6912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.868592][ T6912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.884584][ T6912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  150.896995][ T6912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.911219][ T6912] batman_adv: batadv0: Interface activated: batadv_slave_0
[  150.922535][ T6912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.933956][ T6912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.944076][ T6912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.955364][ T6912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.965532][ T6912] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  150.976158][ T6912] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  150.989647][ T6912] batman_adv: batadv0: Interface activated: batadv_slave_1
[  151.010106][    T8] usb 2-1: USB disconnect, device number 3
[  151.016216][    C1] ldusb 2-1:0.0: usb_submit_urb failed (-19)
[  151.066901][    T8] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  151.114337][ T6912] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  151.143169][ T6912] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  151.155899][ T6912] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  151.172662][ T6912] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.207375][ T7124] netlink: 12 bytes leftover after parsing attributes in process `syz.3.380'.
[  151.223860][ T7124] bridge_slave_0: default FDB implementation only supports local addresses
[  151.284169][ T7045] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  151.307083][ T7045] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  151.326362][ T7126] netlink: 12 bytes leftover after parsing attributes in process `syz.3.380'.
[  151.355565][ T7045] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  151.371825][ T7045] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  151.575495][ T1100] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.594786][ T1100] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.670634][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.682635][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.778728][ T7045] 8021q: adding VLAN 0 to HW filter on device bond0
[  151.864975][ T7045] 8021q: adding VLAN 0 to HW filter on device team0
[  151.912385][   T34] bridge0: port 1(bridge_slave_0) entered blocking state
[  151.919651][   T34] bridge0: port 1(bridge_slave_0) entered forwarding state
[  152.007121][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  152.014440][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  152.652118][ T7163] loop5: detected capacity change from 0 to 128
[  152.749972][ T7163] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  152.780029][ T7163] ext4 filesystem being mounted at /2/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  152.919591][ T5784] Bluetooth: hci3: command tx timeout
[  153.040064][ T7045] 8021q: adding VLAN 0 to HW filter on device batadv0
[  153.129593][ T6912] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  153.216351][ T7151] loop1: detected capacity change from 0 to 32768
[  153.308651][ T7151] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  153.785646][ T7151] XFS (loop1): Ending clean mount
[  153.851809][ T7151] XFS (loop1): Quotacheck needed: Please wait.
[  154.072346][ T7151] XFS (loop1): Quotacheck: Done.
[  154.181410][ T7045] veth0_vlan: entered promiscuous mode
[  154.258546][ T7045] veth1_vlan: entered promiscuous mode
[  154.370518][ T7045] veth0_macvtap: entered promiscuous mode
[  154.392904][ T7045] veth1_macvtap: entered promiscuous mode
[  154.449144][ T7045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.468891][ T7045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.479109][ T7045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.489770][ T7045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.499728][ T7045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.510691][ T7045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.521231][ T7045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  154.534481][ T7045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.558065][ T7045] batman_adv: batadv0: Interface activated: batadv_slave_0
[  154.578243][ T7045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.605231][ T7045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.630086][ T7045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.656301][ T7045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.688943][ T7045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.704370][ T7045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.763018][ T7045] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  154.777251][ T7045] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  154.808341][ T7045] batman_adv: batadv0: Interface activated: batadv_slave_1
[  154.858086][ T7045] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  154.883383][ T5774] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  154.903752][ T7045] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  154.932197][ T7045] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  154.959347][ T7045] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  154.995451][ T5784] Bluetooth: hci3: command tx timeout
[  155.174128][   T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.213457][   T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.321996][ T1137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  155.345646][ T7228] policy can only be matched on NF_INET_PRE_ROUTING
[  155.345671][ T7228] unable to load match
[  155.363878][ T1137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  155.651987][ T7233] netlink: 156 bytes leftover after parsing attributes in process `syz.6.363'.
[  156.366016][ T3008] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.581271][ T7256] loop1: detected capacity change from 0 to 128
[  156.612319][ T3008] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.660976][ T7256] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  156.676270][ T7252] syz.3.402 (7252) used greatest stack depth: 19176 bytes left
[  156.710372][ T7256] ext4 filesystem being mounted at /103/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  157.009698][ T3008] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.083997][ T7267] loop5: detected capacity change from 0 to 512
[  157.159790][ T7267] EXT4-fs (loop5): 1 truncate cleaned up
[  157.172221][ T5774] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  157.206609][ T7267] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.234547][ T3008] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  157.331983][   T28] audit: type=1800 audit(1769659405.910:7): pid=7267 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.405" name="file0" dev="loop5" ino=13 res=0 errno=0
[  157.551784][ T6912] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.435289][ T5873] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  159.646281][ T5873] usb 2-1: unable to get BOS descriptor or descriptor too short
[  159.665362][ T5873] usb 2-1: not running at top speed; connect to a high speed hub
[  159.687361][ T5873] usb 2-1: config 225 has an invalid interface number: 249 but max is 0
[  159.698792][ T5873] usb 2-1: config 225 has no interface number 0
[  159.735089][ T5873] usb 2-1: config 225 interface 249 altsetting 7 has an invalid endpoint descriptor of length 2, skipping
[  159.770477][ T5873] usb 2-1: config 225 interface 249 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  159.807601][ T5873] usb 2-1: config 225 interface 249 has no altsetting 0
[  159.826981][ T5873] usb 2-1: New USB device found, idVendor=0781, idProduct=0001, bcdDevice= 2.00
[  159.855525][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.894472][ T5873] usb 2-1: Product: syz
[  159.904839][ T5873] usb 2-1: Manufacturer: syz
[  159.923066][ T5873] usb 2-1: SerialNumber: syz
[  160.229104][ T5873] usb-storage 2-1:225.249: USB Mass Storage device detected
[  160.307596][ T5873] usb-storage 2-1:225.249: Quirks match for vid 0781 pid 0001: 1
[  160.433996][ T5873] usb 2-1: USB disconnect, device number 4
[  161.165080][ T7333] loop6: detected capacity change from 0 to 764
[  161.232768][ T3008] hsr_slave_0: left promiscuous mode
[  161.251520][ T3008] hsr_slave_1: left promiscuous mode
[  161.262032][ T3008] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  161.285425][ T3008] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.304061][ T3008] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.324916][ T3008] batman_adv: batadv0: Removing interface: batadv_slave_1
[  161.344196][ T3008] bridge_slave_1: left allmulticast mode
[  161.350519][ T3008] bridge_slave_1: left promiscuous mode
[  161.365656][ T3008] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.434656][ T3008] bridge_slave_0: left allmulticast mode
[  161.453413][ T3008] bridge_slave_0: left promiscuous mode
[  161.516152][ T3008] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.793773][ T3008] veth1_macvtap: left promiscuous mode
[  161.803649][ T3008] veth0_macvtap: left promiscuous mode
[  161.824805][ T3008] veth1_vlan: left promiscuous mode
[  161.834204][ T3008] veth0_vlan: left promiscuous mode
[  162.304424][ T7355] loop3: detected capacity change from 0 to 16
[  162.382528][ T7355] erofs: (device loop3): mounted with root inode @ nid 36.
[  162.548385][ T7332] loop1: detected capacity change from 0 to 40427
[  162.623808][ T7332] F2FS-fs (loop1): build fault injection attr: rate: 684, type: 0x7ffff
[  162.642717][ T7332] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x35f7
[  162.651527][ T7332] F2FS-fs (loop1): Image doesn't support compression
[  162.700701][ T7332] F2FS-fs (loop1): invalid crc value
[  162.743085][ T7332] F2FS-fs (loop1): Found nat_bits in checkpoint
[  162.885053][ T7332] F2FS-fs (loop1): Start checkpoint disabled!
[  162.905512][ T7332] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  163.236181][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  163.302328][   T49] kworker/u4:3: attempt to access beyond end of device
[  163.302328][   T49] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  163.339529][   T49] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  163.363831][   T49] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  163.374580][ T7357] loop6: detected capacity change from 0 to 32768
[  163.408583][ T7357] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  163.692852][ T7357] XFS (loop6): Ending clean mount
[  163.757286][ T7357] XFS (loop6): Quotacheck needed: Please wait.
[  163.902643][ T7357] XFS (loop6): Quotacheck: Done.
[  164.207332][ T7045] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  164.386629][ T3008] team0 (unregistering): Port device team_slave_1 removed
[  164.552677][ T3008] team0 (unregistering): Port device team_slave_0 removed
[  164.662354][ T3008] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  164.736961][ T3008] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  164.766217][    T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  164.971049][    T9] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  164.979507][    T9] usb 2-1: config 0 has no interface number 0
[  165.017560][    T9] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  165.056355][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.064469][    T9] usb 2-1: Product: syz
[  165.074563][    T9] usb 2-1: Manufacturer: syz
[  165.079408][    T9] usb 2-1: SerialNumber: syz
[  165.097971][    T9] usb 2-1: config 0 descriptor??
[  165.370880][    T9] dvb_usb_ec168: probe of 2-1:0.1 failed with error -71
[  165.407095][    T9] usb 2-1: USB disconnect, device number 5
[  165.451506][ T3008] bond0 (unregistering): Released all slaves
[  165.897680][ T7401] tipc: Failed to remove unknown binding: 66,1,1/0:1558927957/1558927959
[  165.931215][ T7401] tipc: Failed to remove unknown binding: 66,1,1/0:1558927957/1558927959
[  165.958247][ T7399] loop6: detected capacity change from 0 to 2048
[  166.056371][ T7399]  loop6: p1 < > p3 p4 < >
[  166.087368][ T7399] loop6: p3 start 4284289 is beyond EOD, truncated
[  166.497133][ T6890] udevd[6890]: inotify_add_watch(7, /dev/loop6p1, 10) failed: No such file or directory
[  166.542538][ T5781] udevd[5781]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  166.666971][ T7411] syzkaller1: entered promiscuous mode
[  166.675360][ T7411] syzkaller1: entered allmulticast mode
[  167.544906][ T7437] loop6: detected capacity change from 0 to 16
[  167.575908][ T7437] erofs: (device loop6): mounted with root inode @ nid 36.
[  167.613753][ T7437] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  167.658704][ T7437] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[1851]
[  167.670554][ T7437] erofs: (device loop6): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  167.701233][ T7437] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  167.715253][ T7437] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  167.727474][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 42 @ nid 36
[  167.737343][ T7437] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance 774 @ lcn 40 of nid 36
[  167.748323][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 41 @ nid 36
[  167.757634][ T7437] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance 774 @ lcn 40 of nid 36
[  167.768267][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 40 @ nid 36
[  167.777580][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 39 @ nid 36
[  167.787988][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 38 @ nid 36
[  167.798347][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 36 @ nid 36
[  167.808797][ T7437] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance 1468 @ lcn 31 of nid 36
[  167.819503][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 31 @ nid 36
[  167.829003][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 25 @ nid 36
[  167.838332][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 24 @ nid 36
[  167.848662][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 19 @ nid 36
[  167.859057][ T7437] syz.6.445: attempt to access beyond end of device
[  167.859057][ T7437] loop6: rw=524288, sector=784, nr_sectors = 64 limit=16
[  167.873371][ T7437] syz.6.445: attempt to access beyond end of device
[  167.873371][ T7437] loop6: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  167.889010][ T7437] syz.6.445: attempt to access beyond end of device
[  167.889010][ T7437] loop6: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  167.905256][ T7437] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[2639]
[  167.917019][ T7437] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance 1586 @ lcn 46 of nid 36
[  167.929119][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 47 @ nid 36
[  167.938385][ T7437] erofs: (device loop6): z_erofs_extent_lookback: bogus lookback distance 1586 @ lcn 46 of nid 36
[  167.949124][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 46 @ nid 36
[  167.959236][ T7437] erofs: (device loop6): z_erofs_readahead: readahead error at folio 45 @ nid 36
[  167.968645][ T7437] syz.6.445: attempt to access beyond end of device
[  167.968645][ T7437] loop6: rw=524288, sector=16, nr_sectors = 16 limit=16
[  167.982309][ T7437] erofs: (device loop6): z_erofs_lz4_decompress_mem: failed to decompress -29 in[58, 4038] out[3537]
[  168.052067][ T7414] loop3: detected capacity change from 0 to 32768
[  168.165344][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  168.173705][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  168.196128][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  168.204899][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  168.271828][ T7414] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  168.356633][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  168.599246][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  168.806641][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  169.380807][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  169.443385][ T7461] loop1: detected capacity change from 0 to 1024
[  169.490987][ T7414] XFS (loop3): Ending clean mount
[  169.544860][ T7414] XFS (loop3): Quotacheck needed: Please wait.
[  169.586433][ T7461] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  169.600556][ T7461] ext4 filesystem being mounted at /114/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.721117][ T7414] XFS (loop3): Quotacheck: Done.
[  169.767415][ T7461] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: block 3: comm syz.1.449: lblock 3 mapped to illegal pblock 3 (length 3)
[  169.801892][ T5767] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  169.849774][ T7461] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  169.865297][ T7461] EXT4-fs (loop1): This should not happen!! Data will be lost
[  169.865297][ T7461] 
[  169.940328][ T7472] EXT4-fs error (device loop1): ext4_ext_remove_space:2929: inode #15: comm syz.1.449: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  170.165577][ T7472] EXT4-fs error (device loop1) in ext4_setattr:5663: Corrupt filesystem
[  170.344476][ T1137] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: comm kworker/u4:9: lblock 0 mapped to illegal pblock 0 (length 1)
[  170.382477][ T1137] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  170.422732][ T1137] EXT4-fs (loop1): This should not happen!! Data will be lost
[  170.422732][ T1137] 
[  170.460216][ T5774] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  171.481606][ T7516] gretap0: entered promiscuous mode
[  171.519990][ T7516] netlink: 8 bytes leftover after parsing attributes in process `syz.1.463'.
[  171.554604][ T7516] gretap0: left promiscuous mode
[  171.559926][    C0] ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
[  171.787537][ T7523] netlink: 'syz.6.465': attribute type 5 has an invalid length.
[  172.152914][ T7529] loop1: detected capacity change from 0 to 8192
[  172.204033][ T7529] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  172.300077][ T7529] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal
[  172.353444][ T7529] REISERFS (device loop1): using journaled data mode
[  172.400837][ T7529] reiserfs: using flush barriers
[  172.460969][ T7529] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  172.500640][ T7529] REISERFS (device loop1): checking transaction log (loop1)
[  172.544567][ T7529] REISERFS (device loop1): Using r5 hash to sort names
[  172.578235][ T7529] REISERFS warning (device loop1): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  172.637996][ T7529] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  173.376554][ T7546] loop5: detected capacity change from 0 to 32768
[  173.474452][ T7546] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  173.968775][ T7546] XFS (loop5): Ending clean mount
[  173.984205][ T7586] loop1: detected capacity change from 0 to 256
[  173.995237][ T5769] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  174.015953][ T7546] XFS (loop5): Quotacheck needed: Please wait.
[  174.034083][ T7586] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  174.053038][ T7586] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  174.147565][ T7586] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  174.175563][ T7546] XFS (loop5): Quotacheck: Done.
[  174.215687][ T5769] usb 7-1: Using ep0 maxpacket: 32
[  174.257849][ T5769] usb 7-1: config 0 has an invalid interface number: 85 but max is 0
[  174.286410][ T5769] usb 7-1: config 0 has no interface number 0
[  174.313044][ T5769] usb 7-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  174.366082][ T5769] usb 7-1: config 0 interface 85 has no altsetting 0
[  174.397925][ T5769] usb 7-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  174.407934][ T5769] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.437990][ T5769] usb 7-1: Product: syz
[  174.444105][ T5769] usb 7-1: Manufacturer: syz
[  174.449293][ T5769] usb 7-1: SerialNumber: syz
[  174.467384][ T5769] usb 7-1: config 0 descriptor??
[  174.542015][ T7589] loop3: detected capacity change from 0 to 8192
[  174.584520][ T7589] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  174.615305][ T7589] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  174.624846][ T7589] REISERFS (device loop3): using ordered data mode
[  174.632199][ T6912] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  174.653366][ T7589] reiserfs: using flush barriers
[  174.666130][ T7589] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  174.703559][ T7589] REISERFS (device loop3): checking transaction log (loop3)
[  174.760475][ T7589] REISERFS (device loop3): Using r5 hash to sort names
[  174.804007][ T7589] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  175.129268][ T5769] appletouch 7-1:0.85: Geyser mode initialized.
[  175.200834][ T5769] input: appletouch as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.85/input/input10
[  175.403638][ T5863] usb 7-1: USB disconnect, device number 2
[  175.403679][    C0] appletouch 7-1:0.85: atp_complete: usb_submit_urb failed with result -19
[  175.512150][ T5863] appletouch 7-1:0.85: input: appletouch disconnected
[  177.942368][ T7681] netlink: 8 bytes leftover after parsing attributes in process `syz.1.503'.
[  178.167222][ T7664] loop3: detected capacity change from 0 to 32768
[  178.217487][ T7659] loop6: detected capacity change from 0 to 32768
[  178.249244][ T7664] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  178.302344][ T7659] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  178.425499][ T7664] XFS (loop3): Ending clean mount
[  178.490987][ T7664] XFS (loop3): Quotacheck needed: Please wait.
[  178.625476][ T7664] XFS (loop3): Quotacheck: Done.
[  178.775576][ T7659] XFS (loop6): Ending clean mount
[  178.828235][ T7659] XFS (loop6): Quotacheck needed: Please wait.
[  178.952935][ T7684] loop5: detected capacity change from 0 to 32768
[  178.961480][ T5767] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  178.972767][ T7659] XFS (loop6): Quotacheck: Done.
[  178.984406][ T7684] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 scanned by syz.5.504 (7684)
[  179.036089][ T7684] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  179.083618][ T7684] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  179.131967][ T7684] BTRFS info (device loop5): setting nodatasum
[  179.195360][ T7684] BTRFS info (device loop5): using free space tree
[  179.339689][ T7045] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  179.500314][ T7684] BTRFS info (device loop5): enabling ssd optimizations
[  179.565265][ T7684] BTRFS info (device loop5): auto enabling async discard
[  179.600347][ T7731] netlink: 8 bytes leftover after parsing attributes in process `syz.3.509'.
[  179.816587][ T7684] fs-verity: sha512 using implementation "sha512-avx2"
[  179.860747][ T7741] netlink: 64 bytes leftover after parsing attributes in process `syz.3.512'.
[  180.218348][ T7684] fs-verity (loop5, inode 258): Error -4 building Merkle tree
[  180.234478][ T7684] BTRFS: error (device loop5) in rollback_verity:471: errno=-4 unknown (failed to drop verity items in rollback 258)
[  180.305261][ T7684] BTRFS info (device loop5: state E): forced readonly
[  180.312390][ T7684] BTRFS error (device loop5: state E): failed to rollback verity items: -4
[  180.517301][ T6912] BTRFS info (device loop5: state E): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  181.262364][ T7773] netlink: 40 bytes leftover after parsing attributes in process `syz.5.518'.
[  182.232860][   T28] audit: type=1326 audit(1769659430.810:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7802 comm="syz.6.527" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fef8ab9aeb9 code=0x0
[  183.143139][ T7822] loop1: detected capacity change from 0 to 256
[  183.341635][ T7825] loop5: detected capacity change from 0 to 4096
[  183.397675][ T7825] EXT4-fs: Ignoring removed bh option
[  183.426517][ T7825] EXT4-fs: Ignoring removed mblk_io_submit option
[  183.475761][ T7825] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.655481][ T7843] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  184.016418][ T6912] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.959381][ T7859] loop6: detected capacity change from 0 to 256
[  185.081619][ T7859] FAT-fs (loop6): Directory bread(block 1285) failed
[  185.250075][ T7859] FAT-fs (loop6): Directory bread(block 1285) failed
[  185.322708][ T7859] FAT-fs (loop6): Directory bread(block 1285) failed
[  185.329812][ T7859] FAT-fs (loop6): Directory bread(block 1285) failed
[  185.339251][ T7859] FAT-fs (loop6): Directory bread(block 1285) failed
[  185.346152][ T7859] FAT-fs (loop6): Directory bread(block 1285) failed
[  185.352954][ T7859] FAT-fs (loop6): Directory bread(block 1285) failed
[  185.362917][ T7859] FAT-fs (loop6): Directory bread(block 1285) failed
[  185.372572][ T7859] FAT-fs (loop6): FAT read failed (blocknr 1281)
[  185.386775][ T7859] FAT-fs (loop6): Directory bread(block 1285) failed
[  185.997248][ T7878] loop5: detected capacity change from 0 to 4096
[  186.113190][ T7887] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  187.531716][ T7919] loop1: detected capacity change from 0 to 4096
[  187.619519][ T7919] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  187.678108][ T7919] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  187.726362][ T7919] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  187.781360][ T7919] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  187.821591][ T7919] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  187.877242][ T7919] ntfs: volume version 3.1.
[  187.890865][ T7919] ntfs: (device loop1): ntfs_check_logfile(): Did not find any restart pages in $LogFile and it was not empty.
[  187.938013][ T7919] ntfs: (device loop1): load_system_files(): Failed to load $LogFile.  Will not be able to remount read-write.  Mount in Windows.
[  188.006143][ T7919] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  188.047939][ T7919] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  188.084104][ T7919] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  188.607987][ T7941] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  188.616080][ T7941] IPv6: NLM_F_CREATE should be set when creating new route
[  188.898868][ T7950] IPv6: sit1: Disabled Multicast RS
[  189.015447][   T27] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  189.105257][ T5776] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  189.221385][   T27] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  189.244240][   T27] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.262451][   T27] usb 4-1: Product: syz
[  189.275150][   T27] usb 4-1: Manufacturer: syz
[  189.279891][   T27] usb 4-1: SerialNumber: syz
[  189.297920][ T5776] usb 6-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  189.301950][   T27] usb 4-1: config 0 descriptor??
[  189.318517][ T5776] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.351087][ T5776] usb 6-1: config 0 descriptor??
[  189.387196][ T5776] gspca_main: spca508-2.14.0 probing 8086:0110
[  189.419252][ T7942] loop6: detected capacity change from 0 to 32768
[  189.469561][ T7942] XFS (loop6): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  189.556369][ T7946] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  189.583815][ T7946] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  189.610297][ T5776] gspca_spca508: reg_read err -32
[  189.628071][ T5776] gspca_spca508: reg_read err -32
[  189.637505][ T7942] XFS (loop6): Ending clean mount
[  189.648183][ T5776] gspca_spca508: reg_read err -32
[  189.670112][ T5776] gspca_spca508: reg_read err -32
[  189.700185][ T5776] gspca_spca508: reg_read err -32
[  189.726676][   T27] usb-storage 4-1:0.0: USB Mass Storage device detected
[  189.846823][   T27] usb 4-1: USB disconnect, device number 3
[  189.920637][ T5776] gspca_spca508: reg write: error -71
[  189.936947][ T5776] spca508: probe of 6-1:0.0 failed with error -71
[  189.948100][ T5776] usb 6-1: USB disconnect, device number 2
[  189.965293][ T7045] XFS (loop6): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  190.576074][ T7983] netlink: 76 bytes leftover after parsing attributes in process `syz.6.567'.
[  190.616720][ T7983] netlink: 76 bytes leftover after parsing attributes in process `syz.6.567'.
[  190.936275][ T7993] loop5: detected capacity change from 0 to 64
[  192.170716][ T7991] loop6: detected capacity change from 0 to 40427
[  192.258735][ T7991] F2FS-fs (loop6): Found nat_bits in checkpoint
[  192.489256][ T7991] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  192.635718][   T28] kauditd_printk_skb: 6 callbacks suppressed
[  192.635734][   T28] audit: type=1800 audit(1769659441.200:9): pid=7991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.570" name="file1" dev="loop6" ino=10 res=0 errno=0
[  192.760166][ T7045] syz-executor: attempt to access beyond end of device
[  192.760166][ T7045] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  192.815872][ T7045] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  194.267895][ T8046] loop3: detected capacity change from 0 to 32768
[  194.347095][ T8046] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  194.592808][ T8046] XFS (loop3): Ending clean mount
[  194.606780][ T1284] ieee802154 phy0 wpan0: encryption failed: -22
[  194.613708][ T1284] ieee802154 phy1 wpan1: encryption failed: -22
[  194.695207][   T23] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  194.871638][ T5767] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  194.923091][   T23] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  194.945474][   T23] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.977872][   T23] usb 7-1: config 0 descriptor??
[  194.997134][   T23] cp210x 7-1:0.0: cp210x converter detected
[  195.429567][   T23] cp210x 7-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  195.444079][ T8076] loop6: detected capacity change from 0 to 128
[  195.513248][   T23] usb 7-1: cp210x converter now attached to ttyUSB0
[  195.753679][   T23] usb 7-1: USB disconnect, device number 3
[  195.786408][   T23] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  195.827406][   T23] cp210x 7-1:0.0: device disconnected
[  196.240514][ T8086] loop3: detected capacity change from 0 to 32768
[  196.299572][ T8086] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  196.420107][ T8086] XFS (loop3): Ending clean mount
[  196.505465][   T23] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  196.540691][ T8086] XFS (loop3): Quotacheck needed: Please wait.
[  196.626170][ T8086] XFS (loop3): Quotacheck: Done.
[  196.654167][ T8102] netlink: 4 bytes leftover after parsing attributes in process `syz.6.595'.
[  196.725192][   T23] usb 6-1: Using ep0 maxpacket: 32
[  196.733605][   T23] usb 6-1: config 0 has an invalid interface number: 196 but max is 0
[  196.752402][   T23] usb 6-1: config 0 has no interface number 0
[  196.774448][   T23] usb 6-1: config 0 interface 196 has no altsetting 0
[  196.803659][   T23] usb 6-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  196.830209][   T23] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.845451][ T5767] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  196.854211][   T23] usb 6-1: Product: syz
[  196.859252][   T23] usb 6-1: Manufacturer: syz
[  196.866821][   T23] usb 6-1: SerialNumber: syz
[  196.886212][   T23] usb 6-1: config 0 descriptor??
[  197.137883][   T23] ipheth 6-1:0.196: Unable to find endpoints
[  197.165730][   T23] usb 6-1: USB disconnect, device number 3
[  197.285572][   T27] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  197.393644][ T8107] loop3: detected capacity change from 0 to 4096
[  197.411672][ T8107] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  197.491232][   T27] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  197.521578][   T27] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.540046][   T27] usb 7-1: Product: syz
[  197.554895][   T27] usb 7-1: Manufacturer: syz
[  197.560365][   T27] usb 7-1: SerialNumber: syz
[  198.645299][   T27] cdc_ncm 7-1:1.0: MAC-Address: 42:42:42:42:42:42
[  198.645581][ T8111] loop5: detected capacity change from 0 to 32768
[  198.651840][   T27] cdc_ncm 7-1:1.0: setting tx_max = 184
[  198.876787][   T27] cdc_ncm 7-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.6-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  198.940969][ T8111] JBD2: Ignoring recovery information on journal
[  199.021932][   T27] usb 7-1: USB disconnect, device number 4
[  199.075442][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  199.083928][   T27] cdc_ncm 7-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.6-1, CDC NCM (NO ZLP)
[  199.170720][ T8111] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  199.457599][   T28] audit: type=1800 audit(1769659448.020:10): pid=8129 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.598" name="file1" dev="loop5" ino=17059 res=0 errno=0
[  199.800390][ T8111] (syz.5.598,8111,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -4
[  200.052604][ T6912] ocfs2: Unmounting device (7,5) on (node local)
[  201.017816][ T8163] loop6: detected capacity change from 0 to 2048
[  201.094467][ T8163] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.129412][ T8163] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.245569][ T8163] EXT4-fs (loop6): shut down requested (0)
[  201.428719][ T7045] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.127091][ T8195] loop6: detected capacity change from 0 to 4096
[  202.194458][ T8195] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.400026][ T8206] loop3: detected capacity change from 0 to 2048
[  202.519373][ T8206] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.541829][ T8206] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  202.791111][ T7045] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.820578][ T8206] EXT4-fs (loop3): shut down requested (0)
[  202.879808][ T8212] loop1: detected capacity change from 0 to 32768
[  202.907090][ T8213] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.628: bg 0: block 345: padding at end of block bitmap is not set
[  202.956290][ T8213] EXT4-fs (loop3): Remounting filesystem read-only
[  202.968174][ T8212] (syz.1.630,8212,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  203.002267][ T8212] (syz.1.630,8212,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  203.085792][ T8212] JBD2: Ignoring recovery information on journal
[  203.136089][ T8212] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  203.247753][ T5767] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.367446][ T8212] 
[  203.369852][ T8212] ======================================================
[  203.376889][ T8212] WARNING: possible circular locking dependency detected
[  203.383937][ T8212] syzkaller #0 Not tainted
[  203.388371][ T8212] ------------------------------------------------------
[  203.395405][ T8212] syz.1.630/8212 is trying to acquire lock:
[  203.401318][ T8212] ffff88804e4a86f8 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_init_acl+0x30a/0x770
[  203.410674][ T8212] 
[  203.410674][ T8212] but task is already holding lock:
[  203.418055][ T8212] ffff888030ef1ce8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x3a8/0x6f0
[  203.428357][ T8212] 
[  203.428357][ T8212] which lock already depends on the new lock.
[  203.428357][ T8212] 
[  203.438793][ T8212] 
[  203.438793][ T8212] the existing dependency chain (in reverse order) is:
[  203.447916][ T8212] 
[  203.447916][ T8212] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  203.456457][ T8212]        down_read+0x46/0x2e0
[  203.461181][ T8212]        ocfs2_start_trans+0x3a8/0x6f0
[  203.466658][ T8212]        ocfs2_mknod+0xf1d/0x2300
[  203.471720][ T8212]        ocfs2_create+0x196/0x430
[  203.476790][ T8212]        path_openat+0x12a0/0x3230
[  203.481931][ T8212]        do_filp_open+0x1f5/0x430
[  203.486972][ T8212]        do_sys_openat2+0x134/0x1d0
[  203.492200][ T8212]        __x64_sys_openat+0x139/0x160
[  203.497608][ T8212]        do_syscall_64+0x55/0xa0
[  203.502572][ T8212]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  203.509025][ T8212] 
[  203.509025][ T8212] -> #2 (sb_internal#6){.+.+}-{0:0}:
[  203.516533][ T8212]        ocfs2_start_trans+0x2a9/0x6f0
[  203.522034][ T8212]        ocfs2_truncate_file+0x631/0x1440
[  203.527805][ T8212]        ocfs2_setattr+0x158d/0x1bc0
[  203.533142][ T8212]        notify_change+0xb0d/0xe10
[  203.538291][ T8212]        do_truncate+0x1b0/0x240
[  203.543258][ T8212]        path_openat+0x2a32/0x3230
[  203.548395][ T8212]        do_filp_open+0x1f5/0x430
[  203.553442][ T8212]        do_sys_openat2+0x134/0x1d0
[  203.558674][ T8212]        __x64_sys_openat+0x139/0x160
[  203.564160][ T8212]        do_syscall_64+0x55/0xa0
[  203.569134][ T8212]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  203.575576][ T8212] 
[  203.575576][ T8212] -> #1 (&oi->ip_alloc_sem){++++}-{3:3}:
[  203.583426][ T8212]        down_write+0x97/0x200
[  203.588232][ T8212]        ocfs2_try_remove_refcount_tree+0xb7/0x340
[  203.594758][ T8212]        ocfs2_truncate_file+0xde5/0x1440
[  203.600523][ T8212]        ocfs2_setattr+0x158d/0x1bc0
[  203.605853][ T8212]        notify_change+0xb0d/0xe10
[  203.611002][ T8212]        do_truncate+0x1b0/0x240
[  203.615969][ T8212]        path_openat+0x2a32/0x3230
[  203.621110][ T8212]        do_filp_open+0x1f5/0x430
[  203.626156][ T8212]        do_sys_openat2+0x134/0x1d0
[  203.631387][ T8212]        __x64_sys_openat+0x139/0x160
[  203.636794][ T8212]        do_syscall_64+0x55/0xa0
[  203.641758][ T8212]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  203.648192][ T8212] 
[  203.648192][ T8212] -> #0 (&oi->ip_xattr_sem){++++}-{3:3}:
[  203.656040][ T8212]        __lock_acquire+0x2df1/0x7d40
[  203.661433][ T8212]        lock_acquire+0x19e/0x420
[  203.666506][ T8212]        down_read+0x46/0x2e0
[  203.671233][ T8212]        ocfs2_init_acl+0x30a/0x770
[  203.676473][ T8212]        ocfs2_mknod+0x140f/0x2300
[  203.681730][ T8212]        ocfs2_create+0x196/0x430
[  203.686774][ T8212]        path_openat+0x12a0/0x3230
[  203.691905][ T8212]        do_filp_open+0x1f5/0x430
[  203.696952][ T8212]        do_sys_openat2+0x134/0x1d0
[  203.702171][ T8212]        __x64_sys_openat+0x139/0x160
[  203.707570][ T8212]        do_syscall_64+0x55/0xa0
[  203.712537][ T8212]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  203.718971][ T8212] 
[  203.718971][ T8212] other info that might help us debug this:
[  203.718971][ T8212] 
[  203.729219][ T8212] Chain exists of:
[  203.729219][ T8212]   &oi->ip_xattr_sem --> sb_internal#6 --> &journal->j_trans_barrier
[  203.729219][ T8212] 
[  203.743161][ T8212]  Possible unsafe locking scenario:
[  203.743161][ T8212] 
[  203.750636][ T8212]        CPU0                    CPU1
[  203.756013][ T8212]        ----                    ----
[  203.761394][ T8212]   rlock(&journal->j_trans_barrier);
[  203.766788][ T8212]                                lock(sb_internal#6);
[  203.773576][ T8212]                                lock(&journal->j_trans_barrier);
[  203.781397][ T8212]   rlock(&oi->ip_xattr_sem);
[  203.786098][ T8212] 
[  203.786098][ T8212]  *** DEADLOCK ***
[  203.786098][ T8212] 
[  203.794339][ T8212] 8 locks held by syz.1.630/8212:
[  203.799380][ T8212]  #0: ffff88807894a418 (sb_writers#33){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  203.808656][ T8212]  #1: ffff88804e4a89d8 (&type->i_mutex_dir_key#22){+.+.}-{3:3}, at: path_openat+0x7dc/0x3230
[  203.818954][ T8212]  #2: ffff88804e4b2658 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#2){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  203.832659][ T8212]  #3: ffff88804e4b1818 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#3){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16e/0x44c0
[  203.846539][ T8212]  #4: ffff88804e4b42d8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}, at: ocfs2_reserve_local_alloc_bits+0x120/0x2600
[  203.860492][ T8212]  #5: ffff88807894a608 (sb_internal#6){.+.+}-{0:0}, at: ocfs2_mknod+0xf1d/0x2300
[  203.869756][ T8212]  #6: ffff888030ef1ce8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x3a8/0x6f0
[  203.880493][ T8212]  #7: ffff8880516c8990 (jbd2_handle#2){.+.+}-{0:0}, at: start_this_handle+0x1f7a/0x21c0
[  203.890360][ T8212] 
[  203.890360][ T8212] stack backtrace:
[  203.896305][ T8212] CPU: 1 PID: 8212 Comm: syz.1.630 Not tainted syzkaller #0
[  203.903606][ T8212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  203.913698][ T8212] Call Trace:
[  203.917002][ T8212]  <TASK>
[  203.919956][ T8212]  dump_stack_lvl+0x18c/0x250
[  203.924673][ T8212]  ? load_image+0x400/0x400
[  203.929214][ T8212]  ? show_regs_print_info+0x20/0x20
[  203.934447][ T8212]  ? print_circular_bug+0x12b/0x1a0
[  203.939671][ T8212]  check_noncircular+0x2fc/0x400
[  203.944642][ T8212]  ? print_deadlock_bug+0x5d0/0x5d0
[  203.949870][ T8212]  ? _find_first_zero_bit+0xd3/0x100
[  203.955214][ T8212]  ? add_lock_to_list+0x191/0x280
[  203.960275][ T8212]  __lock_acquire+0x2df1/0x7d40
[  203.965166][ T8212]  ? verify_lock_unused+0x140/0x140
[  203.970388][ T8212]  ? __lock_acquire+0x7d40/0x7d40
[  203.975448][ T8212]  ? do_raw_spin_lock+0x11f/0x2c0
[  203.980517][ T8212]  lock_acquire+0x19e/0x420
[  203.985046][ T8212]  ? ocfs2_init_acl+0x30a/0x770
[  203.989940][ T8212]  ? __might_sleep+0xe0/0xe0
[  203.994554][ T8212]  ? read_lock_is_recursive+0x20/0x20
[  203.999946][ T8212]  ? trace_ocfs2_claim_new_inode_at_loc+0x1c0/0x1c0
[  204.006652][ T8212]  ? dquot_alloc_inode+0x772/0xa40
[  204.011792][ T8212]  down_read+0x46/0x2e0
[  204.015984][ T8212]  ? ocfs2_init_acl+0x30a/0x770
[  204.020865][ T8212]  ocfs2_init_acl+0x30a/0x770
[  204.025570][ T8212]  ? ocfs2_mknod_locked+0x159/0x290
[  204.030801][ T8212]  ? ocfs2_acl_chmod+0x330/0x330
[  204.035767][ T8212]  ? dquot_alloc_inode+0x8ac/0xa40
[  204.040913][ T8212]  ? dquot_alloc_inode+0x15e/0xa40
[  204.046058][ T8212]  ? ocfs2_block_signals+0x9b/0xe0
[  204.051210][ T8212]  ? ocfs2_init_security_get+0x139/0x1a0
[  204.056868][ T8212]  ocfs2_mknod+0x140f/0x2300
[  204.061496][ T8212]  ? ocfs2_mkdir+0x430/0x430
[  204.066120][ T8212]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  204.072036][ T8212]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  204.077963][ T8212]  ? ocfs2_inode_unlock+0xa5/0x140
[  204.083099][ T8212]  ? __lock_acquire+0x7d40/0x7d40
[  204.088148][ T8212]  ? __rwlock_init+0x150/0x150
[  204.092942][ T8212]  ? do_raw_spin_unlock+0x121/0x230
[  204.098174][ T8212]  ? rcu_is_watching+0x15/0xb0
[  204.102967][ T8212]  ? ocfs2_lookup+0x494/0x950
[  204.107671][ T8212]  ocfs2_create+0x196/0x430
[  204.112200][ T8212]  ? ocfs2_update_inode_fsync_trans+0x240/0x240
[  204.118490][ T8212]  ? from_kgid+0x16d/0x690
[  204.122933][ T8212]  ? ocfs2_lookup+0x950/0x950
[  204.127638][ T8212]  ? HAS_UNMAPPED_ID+0x11a/0x180
[  204.132612][ T8212]  ? inode_permission+0xf3/0x480
[  204.137583][ T8212]  ? bpf_lsm_inode_create+0x9/0x10
[  204.142716][ T8212]  ? security_inode_create+0xb7/0x100
[  204.148126][ T8212]  ? ocfs2_lookup+0x950/0x950
[  204.152943][ T8212]  path_openat+0x12a0/0x3230
[  204.157577][ T8212]  ? do_filp_open+0x430/0x430
[  204.162284][ T8212]  ? __virt_addr_valid+0x18c/0x540
[  204.167439][ T8212]  do_filp_open+0x1f5/0x430
[  204.171973][ T8212]  ? vfs_tmpfile+0x490/0x490
[  204.176597][ T8212]  ? _raw_spin_unlock+0x28/0x40
[  204.181476][ T8212]  ? alloc_fd+0x58f/0x630
[  204.185841][ T8212]  do_sys_openat2+0x134/0x1d0
[  204.190550][ T8212]  ? do_sys_open+0xe0/0xe0
[  204.194990][ T8212]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  204.201016][ T8212]  ? lock_chain_count+0x20/0x20
[  204.205901][ T8212]  __x64_sys_openat+0x139/0x160
[  204.210780][ T8212]  do_syscall_64+0x55/0xa0
[  204.215230][ T8212]  ? clear_bhb_loop+0x40/0x90
[  204.219928][ T8212]  ? clear_bhb_loop+0x40/0x90
[  204.224631][ T8212]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  204.230549][ T8212] RIP: 0033:0x7fcae9d9aeb9
[  204.235003][ T8212] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  204.254641][ T8212] RSP: 002b:00007fcaeac7d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  204.263082][ T8212] RAX: ffffffffffffffda RBX: 00007fcaea015fa0 RCX: 00007fcae9d9aeb9
[  204.271082][ T8212] RDX: 000000000000275a RSI: 0000200000000040 RDI: ffffffffffffff9c
[  204.279076][ T8212] RBP: 00007fcae9e08c1f R08: 0000000000000000 R09: 0000000000000000
[  204.287069][ T8212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  204.295065][ T8212] R13: 00007fcaea016038 R14: 00007fcaea015fa0 R15: 00007ffe526a44d8
[  204.303074][ T8212]  </TASK>
[  204.731598][ T8208] loop5: detected capacity change from 0 to 40427
[  204.758330][ T8208] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x7ffff
[  204.788051][ T8208] F2FS-fs (loop5): invalid crc value
[  204.838011][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.911746][ T8208] F2FS-fs (loop5): Found nat_bits in checkpoint
[  205.045270][ T8208] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  205.194766][ T8208] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=0, run fsck to fix.
[  205.215366][ T8208] syz.5.629: attempt to access beyond end of device
[  205.215366][ T8208] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  205.251435][ T8208] syz.5.629: attempt to access beyond end of device
[  205.251435][ T8208] loop5: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  205.342401][ T6912] syz-executor: attempt to access beyond end of device
[  205.342401][ T6912] loop5: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  205.377112][ T6912] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  205.910772][ T5774] ocfs2: Unmounting device (7,1) on (node local)
[  206.915455][ T5770] Bluetooth: hci2: command 0x0406 tx timeout