last executing test programs:

7m39.971806007s ago: executing program 2 (id=177):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x10040)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f00000002c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1a}, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x65, 0x0, 0x2, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
syz_emit_ethernet(0x8a, &(0x7f0000000140)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x1, 0x7c, 0x0, 0x0, 0x8, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x1a, 0x8, 0xca, 0x0, 0x1000, {[@timestamp={0x8, 0xa, 0x81000000, 0xfbc}, @exp_fastopen={0xfe, 0x14, 0xf989, "ba3d49549b2de07eb18006804cc24307"}, @exp_smc={0xfe, 0x6}, @timestamp={0x8, 0xa, 0x7, 0x8a}, @fastopen={0x22, 0x3, "e2"}, @exp_fastopen={0xfe, 0x5, 0xf989, "89"}, @fastopen={0x22, 0xf, "da0647316a11c8a7db0e3a3bc0"}, @mptcp=@capable={0x1e, 0xc, 0x4, 0x1, 0x40, 0x1}]}}}}}}}, 0x0)

7m39.590373801s ago: executing program 2 (id=181):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000600), 0xfec8)
recvmmsg(r1, &(0x7f0000000dc0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000300)=""/99, 0xfec8}], 0x1}, 0x5}], 0x1, 0x400120cb, 0x0)

7m39.44331736s ago: executing program 2 (id=183):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x241, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000001340)='lp', 0x2)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

7m38.502668262s ago: executing program 2 (id=187):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x101c08a, &(0x7f00000001c0)=ANY=[], 0x6, 0x2c1, &(0x7f0000001880)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2rrAwMpOZzWSNMZHNyu1+Ps0++8zznfk9k4fsbJEnH748Obqfx8MnX/wSWZZEZxjDOEliEJ1ofBULht8EAPAsOymK+L2Y2SSXRES2vbIAgC1a7+9/d9786VLKAgC26N677729f3Bw550ssrg7+fp4VP5nX/6cHd9/GB/HOB7Ea9GP04jqQWE3qqeFsnm3KIppNy8N4uZkejwqk5MPntbn3/8tosrvRT8GVdfZ00aVf+vgzl4+08pPyzqer68/LPO3ox8vnoUX8reX5GOUxquvtOq/Ff34+aP4JMZxvypinv9yL8/fLL794/P3y/LKfDI9HvWqcXPFziW/NAAAAAAAAAAAAAAAAAAAAAAAXGG36r1zepHfiJuTsqvef2fnNNLy17wxWNyfZ5ZPmhO19wcqimJaxPetLQXzoh44z3fjpW57Y0EAAAAAAAAAAAAAAAAAAAC4vh5/+tnR4Xj84NGFNJrdALoR8ee9iP96nmGr50asHtyrr3k4Hnfq5sKYp2m7J3aaMUnEyjLKSVzQbfm3xnPna24aP/xYTnCTE2atnteXT3B3+/NqVtfRYbL8Wr1oerJ6kXyXRszHpLHmtdJ/OlTEJssvXXqov/Hc0xeqxnTFmEhWFfbGr7M7V/ck52eRVnd1aXy3brTi59bGWq97ZLP4398rkmq3jt723owAAAAAAAAAAAAAAAAAAOCam3/6d8nBJyujncJHgQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4Iubf/79BY1qH1xicxqPH//MUAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuAb+CgAA//8HIVi7")
syz_mount_image$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', 0x208a022, 0x0, 0x1, 0x0, &(0x7f0000000000))
chroot(&(0x7f0000000100)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
chroot(&(0x7f0000000080)='./file0/../file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', 0x0, 0x10, 0x0)

7m37.945467285s ago: executing program 2 (id=190):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="b8000000190001000200000000000100e000000200000000000000000000000000000000695d0a519fca84ff00000001ffff0000000000000a00200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0800000000000000100000000000000002000000010000000000000000000000ff0f00000000000073b4ffffffffffffffffffffffffffff00000000000000000000000010000000000000000000002002000000000000000300000000000000fe"], 0xb8}}, 0x4004)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000087"], 0xb8}}, 0x2c000010)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5, 0xfffffffffffffffb}, {0x0, 0x40000000000000, 0x200000000000000}, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x4000015}, 0x2c000010)

7m37.335498749s ago: executing program 2 (id=195):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x4000, &(0x7f0000000e40)=ANY=[@ANYBLOB='mode=00000000000000000000177,mode=00000000000000000000005,shortad,utf8,shortad,shortad,session=00000000000016777223,umask=00000000000000000000250,uid=ignore,shortad,dmode=00000000000000000170430,gid=ignore,adinicb,gid=forget,mode=00000000000000000002000,lastblock=00000000000000001024,shortad,euid>', @ANYBLOB=',fsmagic=0x0000000000000002,smackfsf^oor=smackfstrans-ute,fowner>', @ANYBLOB="d4199c3f003c5c8d6d222e24bfdda0389fe9ebc4333e5d9521a6cc631f653d174fb504401934b83a72449268d54cd62dbbb66d7ba1b35073e60bf699ea6cb1b5923e3a3d5e51423a7c1a13920aea8e6d3c7d53f4aa34acbe0b78df03569d0b620d54f96b33fd4895161524abc937b9d619a3add1c3b57ad5124502de88fe8f0e436f04aded9c4f7b60876d2ac9caa8502b7faa4fe85e7819540dabf8e44ccdd382e5292164879e30f5b039e5f2314adff12c154c627fabadc824eb6d2fc48d1bc75a9dd2589e2c3324cd33f0a8508f6d4a899b6e8b45fec164", @ANYRES32, @ANYBLOB="2c736d61636b6673747261736d7574653d001c0b235ffdce27803854a81c498e5bc58fdfc2e25738bee597df2c00"/55], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
prlimit64(0x0, 0xe, 0x0, 0x0)
clock_getres(0x17, 0x0)
getpgrp(0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000004200)={0x2020}, 0x2020)

7m36.91837165s ago: executing program 32 (id=195):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000140)='./file0\x00', 0x4000, &(0x7f0000000e40)=ANY=[@ANYBLOB='mode=00000000000000000000177,mode=00000000000000000000005,shortad,utf8,shortad,shortad,session=00000000000016777223,umask=00000000000000000000250,uid=ignore,shortad,dmode=00000000000000000170430,gid=ignore,adinicb,gid=forget,mode=00000000000000000002000,lastblock=00000000000000001024,shortad,euid>', @ANYBLOB=',fsmagic=0x0000000000000002,smackfsf^oor=smackfstrans-ute,fowner>', @ANYBLOB="d4199c3f003c5c8d6d222e24bfdda0389fe9ebc4333e5d9521a6cc631f653d174fb504401934b83a72449268d54cd62dbbb66d7ba1b35073e60bf699ea6cb1b5923e3a3d5e51423a7c1a13920aea8e6d3c7d53f4aa34acbe0b78df03569d0b620d54f96b33fd4895161524abc937b9d619a3add1c3b57ad5124502de88fe8f0e436f04aded9c4f7b60876d2ac9caa8502b7faa4fe85e7819540dabf8e44ccdd382e5292164879e30f5b039e5f2314adff12c154c627fabadc824eb6d2fc48d1bc75a9dd2589e2c3324cd33f0a8508f6d4a899b6e8b45fec164", @ANYRES32, @ANYBLOB="2c736d61636b6673747261736d7574653d001c0b235ffdce27803854a81c498e5bc58fdfc2e25738bee597df2c00"/55], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
prlimit64(0x0, 0xe, 0x0, 0x0)
clock_getres(0x17, 0x0)
getpgrp(0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000004200)={0x2020}, 0x2020)

7m7.209879587s ago: executing program 3 (id=388):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000009c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x76a9bba1a690db0f, 0x0, 0x0, {0xa, 0x0, 0x2005}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x3cb140bb}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000050}, 0x24000840)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f0000000080), 0x4)
sendmsg$kcm(r1, &(0x7f00000001c0)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x4, @loopback, 0x0, 0x1}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000280)="f4000900062b2c25fe80000000000000dc8b850f2323fcb11ea3548466cc00007a000000ad", 0x25}, {&(0x7f0000000000)="944ab93384d9", 0x6}, {&(0x7f0000000140)='+', 0x1}], 0x3}, 0x4000000)

7m6.942235906s ago: executing program 3 (id=390):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

7m6.286128745s ago: executing program 3 (id=395):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)
close(r0)

7m6.091817333s ago: executing program 3 (id=397):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0/../file0/file0\x00', &(0x7f0000000340)='./file0/../file0\x00', 0x0, 0x2b5f093, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

7m5.81462897s ago: executing program 3 (id=399):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r3, 0xc004ae02, &(0x7f0000000040)={0x4000000000000229, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000040)={0x10000000000000cf, 0x0, [{}]})

7m5.347557198s ago: executing program 3 (id=405):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
r2 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x28f}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x40, 0x0, @fd=r1, 0x2, 0x0, 0x10000, 0x2})
io_uring_enter(r2, 0x7277, 0x0, 0x0, 0x0, 0x0)

7m4.676235057s ago: executing program 33 (id=405):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
r2 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x28f}, &(0x7f00000003c0)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_FADVISE={0x18, 0x40, 0x0, @fd=r1, 0x2, 0x0, 0x10000, 0x2})
io_uring_enter(r2, 0x7277, 0x0, 0x0, 0x0, 0x0)

6m11.862498377s ago: executing program 0 (id=789):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001440)={0x1c, r3, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

6m11.355323571s ago: executing program 0 (id=793):
rt_sigprocmask(0x0, &(0x7f00000000c0)={[0xfffffeffffffffff]}, 0x0, 0x8)
r0 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x12, 0x4, @tid=r0}, &(0x7f0000000380)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000080)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
r2 = gettid()
tkill(r2, 0x16)

6m11.168712437s ago: executing program 0 (id=796):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000600)='hybla', 0x5)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

6m10.178712564s ago: executing program 0 (id=808):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x4, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x10a78c0, 0x0)

6m10.086345355s ago: executing program 0 (id=809):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700100000004000000b60ec97000fc81100fe8000000000000000000000000000aaff020000000000000000000000000001"], 0xffe)

6m9.678663745s ago: executing program 0 (id=816):
socket$nl_route(0x10, 0x3, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
write$bt_hci(r1, &(0x7f0000000440)=ANY=[@ANYRES8=r0], 0xa)

6m9.359121831s ago: executing program 34 (id=816):
socket$nl_route(0x10, 0x3, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
write$bt_hci(r1, &(0x7f0000000440)=ANY=[@ANYRES8=r0], 0xa)

29.710280256s ago: executing program 7 (id=3718):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e6400"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x90656}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_PRIMARY={0x8, 0xb, r2}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x690}, 0x0)

29.515233902s ago: executing program 7 (id=3721):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000140)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
r1 = syz_io_uring_setup(0x239, &(0x7f0000000340)={0x0, 0x818d, 0x10100}, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x800000000, 0x0, 0x0, 0x10, 0x1})
io_uring_enter(r1, 0x2def, 0xfffffffd, 0x0, 0x0, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000280)={&(0x7f0000000780)={{@my=0x0}, {@my=0x0, 0x800000}, 0x10fe8, "884fbe2726aa0a32f3e65f909acda971a093228292456e0332e6c11577b514f0bb8db731789d860e9589c4cbdd60b7a851a8a3c55ada2f90c51a69bf4a5c3e32296535dc838ef00dc18a32a79118dc858628f741f107552021e5a81d38e4374a8a717a7ca9015083cfff5d16156ef9cabf4f60c0da46870a10bf520cc5abcf9e3a437761ea75776763139fadd55c46daf5338870951822f6a803ccfbab9c3f507672d7c39ea9ccf81d9bc2b4649e7b44ed9fd7cb9bd389240cd41c415113d1caac4536f05c07e596d6addad2a4d27ba21a3b655753c508caedcc812ca235a7cd1686426b208bdecf8a4265ba8f6824aa60306e2d623481eed301b6dc21041fa8b6592be00bb74de1989a45a5aa32c189e9f5a5bb878281d0129afcfb8410cd1fa5acd080993d2d084213130a9b8d517d13251e6605a03d9b8faf507e820205a1f471af7b261419e79e09c547f7c10fd3f1ad876f59fdcc5e07d0ff4dee6ea2e3856616a352d648b9b5261b6263020fc3ae8eb404bc25703b3d3b83172d07ff22907d6631d226c8247c92c1826ff814590dfe8c7fc54dfb265e906f756846546316b20e0105e2a5355a210b2b7f5db61d8f90bb783b41ce368233bd08044e9283531fffe49e3d305ecfb16075a047557f57bb7baf8babfc02975ad0d60ed8de9cb8adc9f667bc6826cbea8e260e4bff28a5ec19d38d1fc019db3cfaf310e764d78619cb27fb17af05a0e8ae831ce8413721e71138e62cc4ad8e7974d1506b4fb581c549a3dd7b7ef44ac37201aa3bce6f37f648d781bcb4f329fd45ffa640f1b04efb38a36e0ed0e2abcb07e4ad88ae3edfb6d840d75340204243d0e1c1c3139823b0d5ad196430bf4566619a1a97df4376a7e9a9e9c1d97b9f773c921778f2cb5165c02da1423305c502076177e4af50cb3343c10b01b78e3fe5520bdfae2b3dbe42db0f0eb55bbcb19038018d45ccdb8b0df400085a02c61b033f430fb6a7408e090c65798bc49d35e049d276fd1952d2b3dfd92a2548411e21be26216fe68fc3cf1c6625031260153708a53255b3d3d0411d5f0e8ab2102a97e539c34e9c769a7dafb87c5918deb59ef05e928c2c52775de467fa843cbcdabc290097eeb2ee7c58d86e3fccc39a5b694c18a4cc0d6af1e61d9c69e6466bc0cbef15365109e4f67a6268625f8c3f358fb7d567cbea52e1bc289bd8effda4e362a729e8cd3064970b97e3f72535d9ba88e97a14834cfd8dc86b5d2f9b35425a4162e6abe8b785ef462883e716c91b8eb281d81f68f606f16fcbc5cddfdec3b515818a647d86a4c17bae6ad525e95598052c49cdee821ceb45b2350dda13628db0dd266f30285241a2b147d65113b8ed3665a3451f7a56cf430ec98aeac702d9b9f776d97520a9d039e5b2fff34ac4d4e0a32e1f35c8f38e4f4fe1b3212a70f185ad71ec86b8c9"}, 0x11000})

29.426575089s ago: executing program 7 (id=3724):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1}, 0x6e)
listen(r0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000000)=@file={0x1}, 0x6e)
setsockopt$sock_timeval(r1, 0x1, 0x43, &(0x7f0000000100)={0x0, 0xea60}, 0x10)
connect$unix(r1, &(0x7f0000000080)=@file={0x1}, 0x6e)

29.207896374s ago: executing program 7 (id=3729):
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x20d036, 0x0, 0x0, 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x41)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', r1, &(0x7f0000000100)='./file0\x00', 0x220)

29.023050972s ago: executing program 7 (id=3732):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8000, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937e, &(0x7f00000019c0)={{0x1, 0x1, 0x1018, r0}, './file1\x00'})

28.060521708s ago: executing program 7 (id=3746):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

27.671894108s ago: executing program 35 (id=3746):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

5.042819197s ago: executing program 8 (id=3976):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x110)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r0, &(0x7f0000004140)="a1af56567af19ce4706948d30f35abf6494690656d554e6190797369db23a302f328aa47a2e54509379ba2e477e6e0461d2e45920d509fa49de04732cd2f4a4e34d73eb464d09605a698ad2219a2175ebcc560f740fe531ba46ded4232d273d1865282844f5a3b54d7f154c21a8a82228e27b2c1af662a92e53d81cae3ea68707ce43f89c3321797039a0a39e24b83035dbfb1ac9668b5f87c4ae50250e92c8b113ed58f60015d9c1990253e6646c02901b08a2ec0acceb7ac1e28f59b1e22663432bd5435083b604934bda5f4897467677ac5609bb6e1d1f938a1a8238d2df6db69fcffa48a08ef9231830ceb045a999a9ba43b4d605ce7bb4736ee8bdaac3399576ad3d434c12f1ae8fc5e06dbbfac985d7105c3b7f431854465b6f732e1397e4647e88e86b0a3b01c1ef689a4bd3963deb3b06190576c690ab257b9845b4d412f248184e124b5228f4236d020d4b80ff0772d9515685918c41cad06498a6833d591c191916067759bfeceec176d582621bf23b8d827e2c8977822d64ca19c168fa8a4ea90a60ed60854342e7c42ce11f41409ff1fff715d10ed263d305e5c563ee13a1527795b012e01b8442026032a761cf5104f00dc28a761596d8393e3750be1a8788fa7152a3cd8e051a963120417af9bd3e659bbaac6406a70ba347641aeffac9436fc2352bf7822dabd7a4911a5b947f9c07f805e67ec8c7d787ff358b426494b87aaac46c2d4061ccf3d19201d8d099dddf2b257cacbba656cb7626b0d3fa11881e99799b92f0a07813eac359a64a61a03d6527a24a4fee8e6cbd74932adba5ad3a865788e874b796cc8555522b19f76676646f21f31fad8c360982ce2b23fd4aec43bff16e0f3f1e1e804daf28f236081d0686108fde25f7e6a7bef08b793beca5b21b5f4893543ef1e3a216378cb76a54fa879ad9624a60a0b3306c8548e1a22b735213969421dc9ef70338bb780ad55adfb6b4f4ca3d8ce7c697ce3f0a6210a27cc900ea2218c52ac06bbcbb91adff643f1a3b93db67d7902f23eb89ab2f892970551127b39e7bb9f37c62adb8abed20c8c84531d143c6be2b8b05766e248a94aae400b36a3399ba174ffe14ffd354f508ce30ea991f57018a3534e0eac9cb49d0e6085f93b367d817ee83b24c11f9d38044a9739f4fd41b6a8129fda808bb930beba6223dfe154b23d7c39ac4fb6656169275c31e15d37d3d96b0aaa13637f1c28178f5fc4ebbe1af6acc985c783a30dffde8d7eb0c8863e3481caf2606a4b6930c234736404d4eeefdda697193f57d332540a423831db671d7d3e8e15ef3d6a26b83a5053bdc2f0b378c6b39ad0b8b9c7bd5c4bf81018ce15d0b344772f6c6f469e40c9848cbcb1b3ccb721b4b1f895a6e034380d882bd30a20f1c2b8ae138e6728306e16f6093774d21b798cd73a16bc577be751deb434ef019dd454fa3ce3cc3b2634ea4957548bf226d0b24bce757382c639dae891e55dcb24ffc9dc2c08acfafabd4565dbcad34e1a8e781c56e9144f0e85a5cf6c79a5d1a8b3479cdc178215f05081eebdc03607798c66fd043824756e896c2b69fe5e843e0eb26c86a37a8944e93a7f3b2a863136d56579d0377f9424cf00dd6da7b19066f990ce05e1b93479f125cbcc5c91aea56ef04950164079f5e22ebfd77d54676b2de392ab20298876bce1ae9941ae109d7088edb29d02539aec8f276b862bb28fa6a68bb1a0bda1b0ec6e5891e93777d9b126d6add7eb36a7f75c435618d368c04156f8a116d0c843ad04842d7b7c84cd87e75fb81ec16ef184fd3119c16c950b84bca9a12a86f0e333d9fe34622f5a51e9772dc8b94c491e16db0c537e211b01c9f13f9e7a7b2f4d8053baded5d6018561b547562efbeab2946f3ef872d0256196c75fd7f520da7aea0f63a278052925c6c88307bed0336c5632ca98086e7712af309f99a6adb3ec4417eaa9aefe3fd43c4402bc13868832d6dfaa97de7ed43fe3711917de97058d60067d5eeb90ecb428182d07092c516e6eef6781756e308926faa9796dd1a29dd4c3827115fa8e14bbe449f4144785b9581a198273adb8bab0d4080adbb592b25fd74d426233f537562a4a98b07f4b2060b4f496c66a0169391b713fdd991fa90cfc313245f57900d980adcbd46ada0a7bdfdfec4bf8ba12e37724c9dfd7fbbe4541bf21cc393249a555746268e7e33bdb43f2cd4932e39fc818e49d0e588d12a3a297be074ad83db57be9d4455ab0685b087e8ee9f5c7c33e10c9d6be572b58c88b79756c45eb9eed6d0275944d9cc1cbc8c498917aa2fd79c00567d4f9f768579f891e23fa9548c5fbff150d2873ecc72da8d0077a223f9d18700b690d8046783bba756a2c9863b7ffc7022b2da68a332f72f704bc38a0fcc4f445891f1ca1ef5dad28b87ce8bdef23ffe29ee23f2c0a002c80cf99399dc7276aec6f9d8b6ff3d7554409a4e38d2029a43f8a70da62b33c44f5f4f299eec825302c52e5f83d462b81512775107059826c8880578f01d8cb53af86ad61a7e36c2ccdf55ce197ec2a78219a5b952a9bd12ac2cc3271e84e6dad464c7ec9d9f0310614200a98cfa933d5db05c00c95c59fc5bb8844ff856ee7f9b091700b1a93ae1c00a40d9e5e6ce036f90a6dc34faa9dc8e8972c49b055f9a43ae10251705a960f2cfc8430cf9bcafc26c8eccc8b75a788beb41d180d4364f3083f3ffb5e39049979903c76f440810b7ea608ff84f5e56f9e0653bf15b6b6332d458f8d2e2b17d7bd2305a8909996d2ebfc2ee2ff697fccb215bd8c73d4b9f5b597308f98ed8fbda58f52cf8443f5a9db7f0f6e75e1c9e47d73f8d0624e9e6f33c2dee3c6ff394082d78ffd3a68309b3085e1a7c106f62c3959a353672cadadf6c058fe366b03fcd95a23f564c55a3ce9a914c11c8b2d6040147a1539b106adecce531646fea4db06775fe5d1bf9cb0107941b620043ac9b7936b2af9849eca9c46062945b137dfa355a7ee0c81a0193fa60a70e59b407af06a7f181a3e4ccc81f2c580a6c6cf67a8bf93eb8ff2151b7074144bf7c5cff97814e0c00c138d984559ac8b95a45a4497174130bbb0db22fa53187db1d923d9ded441a4d2fcbe0ff5736ecc3d94bfbb2df632ac88a02f2c9f73312e7a9c2d8d6c0bbfc774595e2e63669f2b5bbf6ee6a1ab0c25e313d819b02c785494eda4cace033e96b1ecc5b155a14e0c8d51d54d8bf33e499d0913d9605a419bc6c73c6bb07d1a306adb27dfedbe81a386fb3bb659764442c4d9d66673a916ee5a6ae59abc994fff64f2db0c83e2b18944f619cfdea0ea0911064ab690b2e03670a3e3667651c1980d0491a40312307e4534671c9c8ca8712506eff211577783c81dc05ffae4a9c6d7554f9fec07b25451c70e6f4d4b160544b66d66dd88ef1c77f09133db317c39fca05b68ef3eee3c28cbe31982adb0693fe9699d06654150346915ccdb17c69ea3aa8bb36b5f321060f6237dec73a011b233b81a6337bd77da5da753593fe30282456a0da2c4a18911ab5a8af13c8f623e5684f74f322ba103482d9abec31a684707671759ac8bb2592d66350745f77f18bd6a6cba542644f1fdf0dca14a08f4ffd1365969ee896cb39e845f71590eb4c73cc624cdcfbdea2352ad5173e5e919fcb98f6d960341047d181075ec8b1e92f40ecd5a1bf157925329748cc7af0239a7803a0c947479e070b026baf6738c29c9a8351685abd43775726ec0bfeff4d51fd3fcb04b108de286c5f61a82ef496e20133ef8b4ae243e81b20822ea6285c70bf1a33cb9f4ceeec053f60992c0023bd5acb0d4a9a55ef377f2837784ada634070a85b0a42fabf288130d6b74ca23473fbce932bedb44cd51dae78efd058dde5d7eb4aadfe3dd8346420567e745ced5189db6df22edbc66580a236f6ab148a3efd69bdea3dac7cffb47df44dbef7fcb436902bb30d65d65d5320c3b76ac17f43d27b2deda8692ba03ac2ae60e4ed2a9232c71a98b9869259a410b901f38cd6712f69f2dc3f92b7c020000000000000077d4d33f9a0e57d504000000782b22cf7fb9bf22fc6afde5e42876ff8005f8a042bb5a9b67d60f40a7ad1cd73810a4f704f14823d4074e5a32b028c8360432b8aff539705961fee84d6c60b2b4d2efad60fb20c1da653869349b81e6c3d56c96ce56a833ee9a2b3e92a4b96c5a545910406751b4e7da24a328de0e20042d1ecc3bf7fd97071bb2740f497307501d90fa9c8e5cd63a703096955f4934d9140ad295cae59232cf005574d875e098637ecb757305a51d102ae5323b23a61c1a1b888c5974a243e42bfc391114ba5ba28e2375cf1d6d1a63e6bd5cf9aff9af16bdc927f642151597fe6d18ab008426f25054ee8e39136e2c217ad1f4cbfccdaf9a0cbd97edef5fef9b2ec486a4b21d79021103deec2ceb26c0b0035856ea2370aa3a8de925797722aeeee2d504184988f9f8727915c389f043c3de2b0d8e3046c46b33cb1615f291f272ade0029cad1f1d2e723e62cf739b667b005de14c3ed265e3bc2d553bb232f88b92a8284996c50e141608623ca7677a9cefb85fb0e0e77e23b9767dd65fbc119a15969ecd10f8033d9f37a748a895fd39390563f5f7998bb10eda8610855eaeb2499d8234975edb16c438069e8701bec0a86ae108a19b9f54782648af4b7b04a1d7b6b3a853c24f2393120918d1eed7b40f467c88857ee9cddf5f01db495f3138984387adfe3cf51a47dca021f9f31b44af1d1ae7c9f4c768f2a46d5c012a937985f56436ae15528ae3597590c927be9676a4ca80a19d44457b06991c02488c96e31094cd963b64e8623fc7000009ddb29b0dbb13671c321d24e322a05cf215dd04eabc2cc6fdaed762d3f9da0f1e0e4b7ba13a6036771c9403457dfddecb71579de33c597860a2e49d7b5052a6b018ddb409a7a84f8f6651d070a4c913b7a721490c8f97c085de8315019952deae16434a3e5fd5d242b1b333d8a801aaa67e4aa599b818c8e747ecac2e9c6176bec7e34ecb84450903f5aa6c6c6bf539b240506562d73c5dfbacdfbcc9db3089701f2c7fe6d6b8d6728f8a1b90a911338463e6fd824ecda51578865b3c363b4b79f6c698e27760c1090f8ae52d6fd3f0f9488f1c25feab4b48c03ddcf74a8b6d2b0fc6b5a89b8051c99edee357fcb875f523f7a88a5f25222fc0ba159873b47fe906e88f920943e453048cdea455dd98fe77f55d9c92e205b87120ac5ef791cd7d6ce7d2cfe689db61096c6e4fc359c9aa4dd3d1205358da38882073ef7268239f7c74b0f3cd60ca239b2fcdc3f5c774559ffbb2b821f1314987d8cbe5342db9567a864d569abfde85f1124e2b178be4d020c4244ddb0cf4ef7124f295a81b9c10227ea886e6f6ea2dca031a026a4f946f49598b76141a0b18170bb3cfa9136c49c69d71732aa223db1e65553aa03bec9b0a35c31eb4e6b0dab02ec2c2d851a731be9cec6078456631c68761e14dbc9afa2c3f631a160ebf9d1fd3c2ecccf6d4aebaf0fafe2e9f47ea9d386425a7950671cde77c6951ef43a1ed32f0ed6fcda74ca9333d2513e4a40cfca01a17bfbc13b0229e2b16400880d96e4c687fc54ed0b34326126f845bd7cd2063c51abbf8bb61f6f1dc3606959f2dececc6e3e08d808841c4779ca0f5f51e7e03260d0b75b1b0355f8544c1639b2f0bfd6f95c4f6d151073a086ecc890d6366acbcee869020cf347e700a8361bd8d5c53e6480526aaf31c9c655eae11831184746a709387e60d68c062e5e05e578d11687f6a5411ffac4cfd62331f63a9726ae77c5799bcca05d6983c985cd23d025e3367ef8c7ee903de557322f38629628ee3076ac483f8257c6335a478412cad1d73b6fd43c37a62dd7a0ae7601f12b4478c3f2ee105a915ff2052d23a8b9af3ca59013f553006259d4cce52212862d22c08c29affa3520b33a6b68cf2b9f91d9258dc5052bf360977ba81a37701118f635379d852b6481843604c111bcfa4970afd5a0fa52824cb27ac9a77b7575e3e0cd043c29c5682a47fe94fd6c2c225b6d9939b99c18b5fb898c5f28e87a5b6a0bbeaa2c4725cf5494765d79a50d2417e84130bb37f540e8db7064e57935ec3c6f9caa2a9a1ced0f8c6eebcb9b688490b31f864dcd9b726628218b42f45aa82f2bcdf2c7532c9669ea7ffb6842451ac314a35cdb0855312448c24efd6583a582e15ad5e7f7b714f0ac703a24e2ee8769a868079af8660931ba325ea1c9b636ef7b13766204dd733c3bc69f11e026c382ac0fa5ce8413fb9f84408e4648a5e66b8592093a17a42cb105b616b8239d2031200eecb9beca6d411a71f072fd159eac0a4f4392a0cedb96248dad497b2379f3162254045ce276503093e5e7ab062b942cf6f2302a5ab9af1b3a315ec67faf84b70fdbdb39044a22cd7bd0f62ba66ce2257f3aa0f56d53c8157c4db3297087e25ec24696813430f386f5ad55bf6289f62e1492dc6ac3bb5047e933d54ec338cafb3bfae8336215611bc3e8a5cafaca7c70f580570518a675cc2075c7593e1d98ef02b74f06b041b6ed9b06e820d32b413de06235441a52346c3fd2e723816c7b481fbf564a525646ba62c615060b2f9fb0ff0f00c376c6dfcdb060aca7af2f07f6030a2ca324c8380c11f9c1182acdea2123c52f5a40b44909180a14037c760c4ecc10f20206445aa65cf835f09633491f608598f1fe5cb5175ddc48070fe0608335af27ded864f97dd52c235b7c4ece6bda153224b773c64235c1099054a55849cd1af7832abd1383e82f63715c9cc24543397bd56e34fd5d28e49021bb483617a3444fdcf8cdeb33bd8675334a897e17966fcbc1e5c5c5399bb6bf02a9bbfaa5f3c58d2efd007dcb1190af4ab4b71987ff7824bd9b9c6d6fb0b144c1fd462805aabf2c7fbb043ff22b496e41a4a81957892efe74d614d62d4b04bbf544fb03826e9baa2a84f32da4d1154c1d0fbdcc17f24a49633761d2b5962e618d8a9be2bf373cdc9c45ecff0148f355075fde5ad5e8da5d59498eb2b7f77a4c0622edd29d7dfedd748b750d0b48057fa7b8ff575714a408a926f6e0cad081eb24780fdbb116fb8dfefb2006f765ff95fe4def6b83fa97b3f54204a0c00cf71c4a1efeface1198a94610570816d08c19af76b03afa42f722abbfebb2c99a905300918dbcd131fce84632bf4f7f5dabd1b5b05742755b45e50eb89ee278e0f6f1a8ad3d9f907b9accbe4845f6591f8361b52e4dd8f19823efd7e89c2ba80c70671eea397e1953daa12907ce59d940a6dcfb3eef7ba7405bb489c38319ac4fee62dec986f4f0975dc1b9f576ebdbca90c42e7f3b1928154af66de5e54b16d8b6541f55daa90812ea7dab78a87d969e4bf95c47f70ce84f9e41e542bbb91f77105c8314e8bd5d8d37e11d9af07c5dcedfab1f21642bb30fb332f7c6bfe13cde2f28f104344777066afe5b0f6db14390f587e64417b0dab027cef4c5daedc75812a7452d45e57e8e274ad8cd8a10b2b9ce0f371809101e9340f2fa0a59501020e48f862572fef70b350938e00a921fb1c080e933eaad2d56daeed692e7d69d4b95a2d1a620da88247314bd73a20cc7a504427df77ba969b5adbf74321e982c2a1913b66a8687960c8fb71a850c1003c76fe1c3bbbc8eb142dfa01f5df52b72bde0c8884374f72eeb8038ad57beb6c732c511bd5847ae8d4b69e195f87b03379279936dda69e11cfda279f37e53a05cb787f118d66f62a87037981937d6083e47e31de6a2700cb7976c0dfcf972bdd458e561f13b3e30368c8bacb722611db7627ad4e00a34f69a5eb9edc7eae464b2422a4c38bed04c49b15fce25ccd22347720273127236d6e8178cb414d1b4dc36cabd19f713782bde48db7094577042083cf5d42224eaa69e0d70b57e6f1764a825909c48858cda13ab13ee203fd0d57291acf508f91f9bc428d4c9ea06a9df3c9ce183e0c101a4d52fd87866c2146219beb15e616ce239cb025ef3dfdb3a2568a833c88a66a580ca9d3f2b770647d5baa42a707351688dc0be3b15d2cead64792e9f9688ef95ea5274c08ee13c4a3797ce346dceeaf7d81a18181839ebeed412baf43ec1abb35b7930ed7a528f9a0bbccd1ea6eb525488c6731150afe791bf58e524de4cc62e174d134bf5d170132efdb2cbb42b882219de563cbe6280ce4cd8482699442b236d1bd54517c3ad25fb3d68a649920357d85f343f0b46ce4a78b1836b6ecb198f1f1686597206c09ad4534717402eefc0d5a90639f91b84d3de00e7d815059640ada64140687c3e404432c74e91907cdcf3e07e997eed9de114767829833920a9fa5bebf7d99fc4f461375f3426b136b680230c7aa135f0d2d72be7bdf8667a8cf0dd0bf5490e393b5a465d37b9ee0d659c8c0f96681b71a867978b3503a45dfe95e49b9d11b8ca953ab01ec1714ca9ca1e1ed5998e02934901dcac10a2553a94618db7d79c4a48741afe3bceaa994833595808f8080f6eafadd31caee252a7d115db962320be9503147d39adbd11b1cd4cf2cd4bf94d9036ea61b2d4791c6326af653847d2b6dd83f5df51eb9473ae0c305abe5f3896175d82a2b569bf100166004886dc58432cd678c0a4a152013b2646a68284567b898e6f3d38a9187b6d10075234b2e11b7c929b308bbcb82f4a8ceafc503f18536092f2965d13875060c926b5404ccf3bcfb1389688fb4bf57ff79201d8a00cbb54a12b3be4693b4a295284c90e7d0f08b632eb0411bbd01d51112afe5db173a8159dd38fe6e9804f6ae779479ffdc697ec572b0934704dfcc3e9b2bec95587285299d1d79192b2324e4eaf4de74df050170562c08e0a821f47745f63ecbbb767846ddcc331f459013ec90de697346f1e57345a51fd9d2233cb3591c406bc25ff5c098c331cd026aca7ac1fb1c35c3d3597c7deb89620a364044b30c77d5071bea5b196a0c380ad40370985713838b1c830130a5fc15c5501748a2c8369e77c2f5de572ee183f526359f28865d68eb87c21f8fcd4a09d76ee6d9ef31561d9c97ae3672500e342a798b04177f2c5896bd06b4c96a58aa839185ae44b838d763862bbf1e7b665848f1e186b5ab6cd4628f4725324981b0aff0b9af2f78883dc8433d2dc26c1766e0ec77c4eb63da1f859c09ace8889fd2c5ec7f7e11eeb547900dd9332b7b96ea6be35aea692e54c1cc3d1211bc843f8e8ce71abb88873e132fe214a7e7670fcac38516b6935b9e0a2eeb43a0aebd25676db551d8cff4fe0b6cecbd59701317022511a2d612864c09496c99af48e1cd066c5bae55b415ec08e99947ac94885ddf875d8f8af199aba32c0bfc27f6e19e57380618e7940481077edf6270ea3befce28a55c2a68a961142e959690ba294afd57c5530a5fbd5f60d791a3f06720947c74cec26a571a9f2e5cf98cccefba8beff72f2570f8a0e1a130c0e85d4fbb6a6f0b881af274c9eb063ef09176d43f8f18bdb35a0acb1c6305ba5563d1b6baff53b1251305de413052667c4cf9f94460bf348fb27ab5719ae44faf02dae55d8eab643040834b04aab15a197568e8ebd296638b01e5ea34e39ed47ffb58a47027d4b7d978028b7812a141df233065e93c20dc736af1cdcedcf7e766eab238b3b4d3df022f50b43973c47d1c80055e4fdf569e50fd382e840b76a6db6c06b1f0603a2234b9175c5e15a22855b57cd5257d9b5a456712f281f83e1c6c87f58be8166f8b2e85e9f54d24fe3b420d77a22745dfc7ebc89e21acf1c6649324f4c5bf53e188ce3216dbdec21a06fa9e61d830814697727305fb48c705c4d6c4bdfb874e43a8fb1423e2d2d6bdfe22a0d2b211d3beb86937c639c934cfe9a4b6c2853ff353829028854e8d7d75f29f01c4d7c297fe0236345ecce914b3be4907788a39c093c9f9e2c930a15563cc453d08123deadf853c83db0e3986d993e44e441a874411b7905708462e1ba42ea22521d7c57089a77b14b6dbe57f0ce69c7c4f1c0d53385655a8ed6294f113d33ad8867ac05e80403e6a8103d1574fab80f43a4a3af93a67678346d7b3b977a1381afb93990b1cc3aa73cc463f72bd898f647f3f5a3b342fb5e37140ddc499edda92ee624039ef3f802c9055e20b7d6e4f5a109cb4ca1bf84d37d1e78d45a10f45602b61216ea8969eba3a0075256faf8e577de835bf0b37311d16310645effca6751cf502a035d7ac7d1ca2c23547a739116efb586dfe2762ca4bf5ce5fc48913efb41a4a93fdb240f0895cdf306ddd13337d38a58402561dd663bbc675e1a378d4f770ba5e308c6ada84faf18ab2b387b0ac139a57dc534e278a1afecafcaed3746701cee14edce6c85cc39c91ed5be8a178d2fcd97567e8ab661d573278062bfc3c83acbfcdeec7f08d3c1197ccf830c883eaaa01e2cc44e91cdc1c47c03717528a9dd63cde259b4b211b57af121b125fefb26c110da83bbc150e2663a22273cc855cb3c52d02fd92db59a7c876d1a18e66cd64708aa478f3f10e726210dbbe2fb1afedb2034a7d59ad774e73f97d7b4b121cc25b90dd4fb5179816174dc4650b2da366d11a519f4310972944625c839b01040c712c635d967269c6c07189b5b1b496403e35e9ef01ecf7e795c357ae08b4736d2c1bcbe556cc671ffa37677b740baebaeb1b74c922d1ac83cb3ab86735d07ebffe072ca08ebd56d0ae89d5535a63bee75810468b1560534ecdb4a16495f9a7f42164df055942e94011848c5dac783a69fbdcac9c477850320af0c10da48775434088c7d090202f927463123639dbc1d48a871e4f20f75563f6dba586db6d12e2e7f36e7da4915037fcddb4413336b423f6b888bcf297fb8d33493e9fc2e992afeb1b83aaeaf46f4aba9bb0aa2708272ce5b0c90ef9f6c366c20e90d0f87aeba828196acdc4306131c515319776dfab27de1e3a501cfc560bd3a1dd29e54b87de9a01d0351184ed5cc3323cef72fd423dfbb0ac90eeec5474432ec1e4c64d68605c378320c0e97a3d89a409b7d969d6e116c2ba861f57418d8eaac5bff85c416ec5224d92df53d8f272c7e02e832bd21ef4d6b4a9bd307f8c1756c3e6c155bb2ce5807311d60b2fb31357c89119af443af2d3a4d08fb6221aaeee97bfdae51ebf6c51f98300033ec513ad6996041441d474ccf3a2548a11b94527ebc2e24d7519b1ded645da3af62060a4ae19eddc3bf331c4c762d9672de22558c655ba05338d985da134230fef2d0639743bdb4695517dd9e3733827050617b3cc792d12b3280e0000b22ad5130b27f9a5e25b965028874db5b5efdf881043e12791a7294bbc35865af7662b23b9adf614a9af41fe4d0c9cfe62106a2bb6d294d3ca554062b2c7a0299f82fd5eb6841fedf096753b1a63a6b4dcce3837ee36062055c9f52b3272f411709db86d59db530fd1ed9cc2138817c290a2777d1d54cf4b7b2f8737444b58334a1c26f63ffda10b749b5796fa61ce6f74fecef2c4766a05d0468c1d7056beb8fa9cf7d51d5115690bcb889f09dbe01b1c55ac860a00cc159f6683d33fdca16d815fab5bbf00", 0x2000, &(0x7f0000000440)={&(0x7f0000000340)={0x50, 0x0, 0xd17, {0x7, 0x28, 0x0, 0x48210, 0x2, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfb}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
faccessat2(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x2, 0x1000)
syz_fuse_handle_req(r0, &(0x7f0000006140)="e0332f8f5747b9f778142cc174a9b5f0244b78bb6346cb5fc9135b8220090ee698fddc241870359d32327f299718466d88c89e68097036bb35abfe03e3c02234dcdb2c7d1209c657485ca1aa3f2fb80e71397b80fca6f3cf2367fb19eb95e5b4a0170063374645d9e020099ffd7def3d94cd29412b3d7b7a47bc70121be848cfcecea78d41a93622b134bd06e84dec07a9e5abc29cb02d5b9091e748cffacf48352628822bab7b24a17bdf4b3f3bd9fb17793496aa6490da3f58039ce5b40745dd63f82d93bed80b50ca5742d67d39029a98db95c9392e2d5fd9a35bad30cfe98682b5a069738a12c3cfd25949106cfc839202fd21c2b28e44be73280d5037351ead2dd1c277d9cc9088c6b14365eb0937ea9685f6b26232293803260f2c8cfe176b55df304bc2865b8f52581afc4beed445ae8cc405cb7bcc51103aef812c41437c5b070a3591ad0964677f4f9017bb300727dfab009056bee3671a9694be2e2f2173fcc06ceba5aed0d93a3d7cd88365c5c354788efcc705e90d572e34e9e566fc206a8167970ecb9cbc43f4d9de4d43688582b6600dfcfc7379c831e756a45835647bd87879a3e3942c61b9ea2c2af35d49a4caa9a109b0beb972996ff8924ea371e15dc48efd12b1203a7f1fe354977fcf9e4ee2c8f210387e551ddb55e5f67ee6bb9bc8772649693b0adf24606e8ccc59f020834d8cbfcadfa1770549fe464dfc412308fbaee8d30bd20c002794bfb923bac6b490841248d12ad9a0e54d1d96e3aff5dc4930a6c8b7c75264a46af7a6339725fb84e0363463ebaaaf58d6b9309ae7c87a8df8c68d2487d684011de1fa7645f3f48cf3bb61bee8bcace2f8ef5f967f2765f8086aeaa5dcc34c84e379a7ddd6438cccb5b8098dfbffffffffffffeadbc4ad2b2ef98412a46f74a171ad056429dbb723cdb9ca9f9f03170dba2870e5988b7cb755599d1eb8f7eaf5c8ded4b56022cb479d0bdfae18f69f9ecc42f4c181ea10838229ba5db7f088ad8d5f77e49c1fd93ed6b983c43b23c7eeb1233f0c114885057a27cd3f67a309e3fecba241836bc92308b830b10b04af6c9595b44e859b9ca7ef079e151fdd500060787be3a7a5b3e23b06ec70f087134504f8b8e7b6799ebfe14f698ba7a813a380e6f92cace9230aa8094a2465f7224e2becad469d0aaf0e48b0098eacfb17abdb69bb2ebba97a09d2b739b532d70db91fcb0fcb38bccdc01d7c8113024ea8b619e385e58d31899721416e10b408504a9c4fcf870d21051227440a616cf62f6637b62eceaee09029f88009be02269cb5e5ed090c6f5e6c652c31214aef301bd23ec2504f90991cd27539c1b8b54db51825e951d076cd0e70f56de4b91894ce22049205483a0fe7d7886b36118bebd96d138980e26604b6e70a7275c6b81501143119a8c2c271558202eda196704ef9ae3c33301e1afbe56d069ce4926bf531d960f3df58192f3da558adc169d48d39e24e04e95c406b34b1f4ed2726ef0f6a67dd84c75636984191d019cebfa883fdf99affcdb4c874614a5312455403895891daf7469d6721583ccd1290ab05b14516f22965fc52c4a528f1a5c20cc133fea279d9efc991ec4d51d2654daceda234f6d3b0c635db697aba3eeaf8356319adba42428266ac09a6e6495ca8f60c1c4e052068511696296e88ef86a591948627ba97df634e0063eb5f208df00a069b1213c29e58cf76f591253d60de9d7c01d29992ccc728140299c429fec0df9d90f83fa2467ce00de83b16d10c7edb80ff8d4b1b19eea9bd1e2783a0d41215c9cf23bc3ca1ff414e3f29aadba00c5a8d5b44c28c10e99140e5428278e54bfd880a93fd1b54b560422ab2bfcf120a7902373b6442c6e9867b19aa0a6b77b1634ab6fd1c8a1d90d99ebb9ebcb89d593562b266fbc53c40501f9298690283c45059b3f6ee278e46cb3904c947446c28af8855b2a68e6e0c0da205a6e12fdd15b393d579039b31c1a54230ac2ea13cf1f5540046b4dcccdd731fff7323c4880e5d2d8668d8a7f08920715c17ef9652eb55f224c82a6fdb970dbf1032403f283bd868a23f4785a6ab9c0bcd2308dba1a1f258ae512cf64784e501008db366ab7093a6cc4b6ee86154d44a1a15c10834602dd5ccf730f6d1142ac19d113496dbcb80021cb5733924265d082a8453b5c21e0245e4a2627e8df090da6a129ee49c58c1a7437369acdee15f5e4e5638f05d9f6391572d9890219def702a013a2b05239664dba44feec2a9508a3200b47de03e6a784bca2f3633df534af33da0a95a34ca845b61a22ff55a5a4c04ff9e06e7162f458a8c56e106e75ffb76a921f4057dd73d5f3801aa78ca4c78d6b79bce560404c2fe3d57876287f73e84c27c486ffb997951f9e0b3aa81a5e7804ac7360add11e7851842d0ed8df041c999e50226fef006373bbb53d5d8e9d1653924e60234fd0b6645b821746f3d88591ff66e294e8e958ca425ddbc7d604f7cbbcb9d5fe0d4ad53878eb16bc801def1005e1eb12a6d4924d2179948e7aa542f2600ba3c6c600629d64c529c7326c1f38aa4e1a6cc259e58f86400d65d67856c8f4fffc33ad4c279dc05367307f562f8127f37b03c3cf38a97cfde0c02aad8ac40d347a9e0a496f227c068dc6c666fb2b6a18990f607399b0707d135752d93739e1840b5b4c125c81eeeb318869b408f87778451e49f3ad988a8aa97672989ad367833ff7e7f0e79c37ac794fe466623e122127fb94ebbc01bc775183b26b2dc407b1aa1a55d4ce04dbe1df4fba0377fea4c4bfa5a37c4dd733fd116b9c7f50b11dd512ad68646b9ddca295fe27bee78476901fbb5c8d2856ae0e9e21ab26e3587c1325f1fa28edb4081f2ba309d5fc39f7f54abbd0d5a152c2f7e3a8b3a5ef6e097b109061c91124f41f33055a7bb86706629f614d40346715cf2fe387ef4e4fc6646839824d3ef85eeac85bc5e681320f6fa7057e0a10de8c4678b48510f77b91bb397dd1209eaba8ea1f237c348e9e0d7af1229e2c04b6560e48e3a7491f3066b63a8923becdcfd8594c1c55098a51283b599765b049831cacd9478e5e996c778d524b476f6677218c94886d7548be7617e5796e35bb3c9b13d70e4897867d85f0350e9329985f051fb556b861aef7dead54e6b29b9ad837cb4774f47a5371ef034612aa0c151345546b876b53e9f2c06e3ce0113e67eba8842f4ac5b51a61315bf050078c710dcf14371d9593730b1d0302ef999f488bbf42b7360171da98ad68932bda4937358fd1d0c2bcd04f7dbe2beaffa0d53cccda316cb19270cf4aa56695ef3203b49fe92d1623cc1d714da6b8f94112db1781562ab2ae50bda23debd55da440434299c992f2f8c264310d6d8ccdd042737db0253d6889d8bf36fe99a131b73300c9798b8fd58b5fc681b97e71230cd3094e441fe5cf1294bbc28f41146f06e39d5e19e673dd489dbddfc16fe281160a8008e375025cbf25e84945f2f0a5ffb2cd58273328ea9d7533b2f0861eff95823cea18dc1877183fefab808bda0890f91f1d79b36953b138fd62caea3411900647a4afadfecade2ff6274175f06614d108daaf9821c413a137e33c826957953bb39e2d852097f978c3577abcb71d68b45794247d8e82614979708f6d6d0e469828206b22913d6d320d815d42c0d943640c63196f703f946089f535eac511e26c6a5a529e875eb15aaf65fd50dcbaf37a009f2f9081cdbc744cf7aa2336913e89f1961581ad4bb6aeb1d23a787e2d3f99639871df5842c30581263d5139128f0a3f37ef48bb636d7aae06581de6baa55a12019d3ed831950915fdc1eee819dd01047bda606f2852699529718c99606246a92bb1dd9435d8f3a48646c0e423441bc783be358c0c91e6846419b6c0a81354500cb2721834dc11ba40c3bbe5717e5142922a168ca0e20fc269ea584c7f68ff7cced62c4277385368b4ad596b79c45a9c4575c37f300cab37a5693cb777fabed412934d3a77505b17cb2628119ddff45f3fcbffb50386eb9cfb6f82b37fa852ad4b65bf8e2898b11bf051cb7fb0fa81cbf81b9ceebb05498aeb2691eb15297edd682976d5a4f444cdaa82f063bc4482c28c4e6257c7cf3e5ee5a502c6527b77b12725e7526ff896ee2f8066536dce04d63072a34c19d533d4dbdb93e7185482cbf7510c5eef2f8aebebad011727cd8061a367b7e1868252bb43d9a74c9c6a10539e357d5367fac69a9296fe5a79a2e5b45950ff462e0e882aa32ff7f29b5644e5311f3e0b076c58683de29ad9dd8b2c92a41ca8313ac997e44981e82aec550bbf6c88adf3d54e9fdf93d9dce95289e9086043d888f19d209cbea79f8f5b2c81b2c3889eae1cb5305e282b883c4cfa3798eceeabb442a74ff6a8470020a296ef01d8e32553663c844e67e5a3a44375f0074ce9547a6c489ee86d7652219491f35c6b904d51a26c3d2cc77d8ff97050dd0d0aed4a1ecf1db7ac48673a1dcc70ac16f709dcf4b90148aede5302111ceaa3a81c49b724cfa206283b62513f96c1da77efafe2d2d08a5f391ab690b5d974ceed2e95e85b1039def0e94c79cc0aa1de1f8133e985adfadf4a657710487b265bb6692fd2b91a06ac98d50b052b8a13168e2638b93209238fbe67f4590a81a2cdbcc479ca9178720a6ec05bc9457f27ad2e2fd2f4e9c643ef85b6287a01f7fd597799cce7d6464ed3c95110733d4ba92314ba3dd81e51f541a6e37f8bb14376e41560f9049b4ff349a467defc205f915a345b5f06d090645180ca642c719f03e9813bff7fd635660efe38b022130d42f2cedd792bcba2bfb14385c6d1cbe5ff2e38c22f1f8d5e4d93d296042507e43f24ff904827b16f2a3572d26078d7fdb0cfdbe2e6bee07b94ae441e510681c96f97ef0ddbd7efbd80ce0689f6e2022a189dd2937d3eadd82a154a5fac91b5ef48523706957b8d5f55077973e9a036009d745a6df39ba154dc59c4ef784d62b3f2d782dc508242a1b0e4cc294b6e62e98ef946f0d984c3174cf86b8a0beb615f046ec50dd0c8a9c0f36df60bd162f1130f894085e7c47b6c28ff336f5d75166c1840e7ad07204fc10ce976505f6aece0316d8c65b973f61cea2fe4c6db722717985c25249f041c07a86b878702a8c9ab7c33fe41039041aa38489b02a28f18d69ab34619e9e35514c54592c8059984ace64b5302b5f22d68c35c7ffb23c63ce877a1e1b160dd2c329eabcc0e1e3072021bd811de3c0c7a68af20ddb9e2912b7eecc2a8cf083a252d0fe31629b20559f7b976e4d8625644385c692b8cdc2886a42d750962d0dee10a1546ecb7ef961216cc456d2450a44aab07014fe0be076ca6bcb46b644af844b2ad8b3817f1895a5d579af3dc937541f4b7e9203e7a7af534b406d8f6e3bc555d767603122ab1c4e62de19d6af63be8e39fe45732859d6d92e11f1a847f7d62764b6364aa7f95f03cc7deba467da5be71657ae50ff6bf93c51efb7d19ac9887e92fe5f3c9d545209eff307c9e02073bd3404827e148aa63c135ed668589bdfec38cb47716201a9d02f1b03993f89e96b33b32e52ddffb0580dac45422ba7a3fef76e519a3dc8d12eac60c2d2f8c4303aafa3e80135c403360d51c9cdeba3ffb31e664302f587e0e983ede7f9b2bfe2bc64bd5029cfa88445e043e08f3e9affee25e980e75d2664738726e3d2eade7dce0ece78a514bbbe5a54c121374d079e3b05996052d66889742232b73e950e1a9892e7352c9e546a8cfb48332d2b2be6327208ca51dc2869a562581947f62b0d5bfb3e0911d4854f822d6738b4deb195840d2bbae0b074b8d1e1010c24ec00052dce7d259e3044aab1a99d261fb3b49cf09dfc85473f94db06d49e202ca12182283d48144f8389a5301679901600bf8130d36315b277a99204b85a1598f84bd2d4c4893108f6717bf44234181467d6eeee61e1823268b5c60bf04d0e13e429f411b51adfca20ff1a1b1eee203d59b03da1643c3e9fc474a91470116c6c5275542adb10f3adae2ae87e88b93f334e0ceb6216fc081e8d84d8b0a503196dc50599b22b89b807627b427a815aea0dbca69e5fb215ee996395d8a21a1c67ac295be33c6517504e1f00f579f8c484873cc670b5b9e787b1c30ca1f0b25f8bb8f4bde3b3f4fa730c292cbf97b25068ba9c65f78c555d5f75d52a57958d7111e824f3afa16484f625abf62afc80654c36fd9f8284466422fb18e08274e8febc719d45b784974d50d187ad2349429af3f7930252a4d45997762e9d5f5493d408ca144532aa89aa3d43c46951dafb8f81794e2e9679ce238cfe86e112f4f046d87feec3be04461032819d62f217faa71fa9dc6da8861015567d1f7309090e25b7015dcc6d72a5e7ba53296ab1bc72467ac50831628cf5238155aed3fb189a8b527ebd38771e16454fe51e3edde55cea454414690491207c23f6cf33aaeeda432de2d1ede04e039a16245e66cce6f4e4ea534f290f02a2a81a46d6ffea7967dfbe37461f83d472091156594852823392efc953f4ac099d74e2d0328d9f47bd952352981a34055acd0273309484ab56afa85ff0c22fb53ac5d7cc8e346b4c2f38a4e2451738146b7b90c14f826c7dbc1b2be79d83772a8d629f2dfaf15286a15be1ea22a05d4ee3de6a6bfb7e208dbbcc88e77baac940d6438aeeb77c3a32db08b46e79545b65f7f3c1bd433092bc9116668c338ab35c01cb5871167868c6b61bd4c0ca5f96e5ce2465da06c4a320839f3bb7c0dffd40d5bb9a32fcbc6f691787de7211da062616272c77c62ac83ed2e256c954ab27d9009877b79be54acd336bfe2a6e087abaab004743f5ea4ec8ddfb8086920e8e458a413adb98077a3cf860513cc8a453eb129556c871be7e7232a6130c4332819ad17b289fdb31f8f8854dffb4cfeca6d792567b444c750820a2a8a2e0f93779e61a4966650909369fc8bd5bd2bad4ff95cc8a14f6cd83ae6411b4bfe1a9b5cdf1fcf32c54cef1731edc47d41fa581376b25006fc859b98805d70a157e501a2cb2ab425340965213adfecdb5addb2b4b2ec5cc6935e4e279bb98283fb20dfcd8a2c91aefda9dc5a57bba4d8803d1eb0f4ba9529de01e39c2aa60a91267c31d036a3f669b9377661837f58c6950fdf38986ea13ff5e9c4d966bf999002da1a854d54aa225b259d91eb88425328e7d13b06dea321a151a8dfc44755214da97168e8acf027d66b7fff45ded94fcde53ff80342d4595644549c4ed827225596e2b30480e94eb049b6cd718fe8424d044bb5098e0206047ddb81755e3cb92131dd47ec754b64c4b78f663e364cf8a74cdd9857c81316dc4ccd5f02a84b310abfbc9d6a23ee6d1eaf6b8fc1544cfeb06002c8a40fb0e49859d2073a7b1cb112713518ad5e007d0a256f901469bfa5cae98841f877faeb584d41bfe695da72ca5700ae085f39c99f769502ea9f43c0b84ca4611441d5adb3e5d0a426297e535258748169cad487f97d171c0630642943508206ce648aad2971297f3d4037d73e5fbc73460ca7401b7dbd7807273ae077a81fd0d4bc90b6068e3ec95afcfeab16619306fb23942a4308e8253b35f4912df392dfc5daf35dd842a5a1f78fc294cbdbd504056f0c7779121b5b3db7461e437347452476f3b0bb22e63aa23cb9d3e797c6c95513058d8fb2c27864ac0e1f5001c988e29c79bfa4236c7be41dee5561d825c1f0fbebc0c06cc4712e88ad5efd94f4eb4e93794af42a9752a2ebc57dc2f3881c75bbb23ad25b69619f9f5b07fe114ba291d2b5b4c1c175e1aa3ee3eda55e6126b3ad1e613bf8e0bbac727b879e7796fa0ad100893677a18b53f5eb31db43a97370d3749afa92fd0291fa96b05daa6beb43b9c1c11d9515976976d1cc1e44f35d317299ceb68ea2545f2a2b92b4e1046f6f92c33aae6995593189bb2611576599fd765b8e6fe2e88674ffd57ee8252287b1904d622c36a502db45c72b0d5fc3d983cc44bc955eb43911404667a4ab147d72b69ff2514dfb820ad75758e85df88499cea94ed658b4c1c2f49fe2bbb8d2dd97f844a6df289296cfb9cd5bc8d17aa235e2c4501b1422b25acd6dbc3a91d03904c545320524f9034955ab02f5d058097c37d23984baf808d28b3e12821eb8919a77c1b6a8bdeceecfcc487c39db592817dd378a7c5127b427e7279b2a82f6b8eec6b3fabe0947e353e7a386475b15011de93e2f2891f772ef90f4aba1ee1c4d7321c81ce4dcaa378daeabb93182c319494436dbe67d252a01291cacb59686ebd53c6df21c083e98fa299cf5e9b59f1ccea95c62b1437c8ff8754a6372b5b879ebc3241f6430871eafe35337d75cb68c42862846df4342ab434f7f0a7b9f66824e1e696e3dbecde179592774b7511e5a7a1a06ba601eb5f2a935c7cef0f83ecd412a84afdd05120fceb1afb6445ebfcdff8fffffffb75dddccc45afb4f5bb1308d39309c92c0b61a322d5229881fa5d598113cce54107036ca9f63fe863d257c706fe89d5c7ae59a459c6f15ba48d80da4aff541797b26418acddb987df3544bc4918cdbbdd8dd1bc2163c89635044e7b4da878457727a667c0146a12b4c46639497243259bfe4aa5ea50eb79f39fa9209256c9a685e3e39d6d8b6a9ca7d3554fbff0908ad6c6ecf68e506c20b16cd4a98e3ada9eb0cb3eb0b75b13b6d80bf99eddf2282da52cec085d3a725b71c29395d605e1eb26143290946a3a0d24347fa46145735dbf4eabc12150b8d5f7eeca804d7ed1fecd0132d1b94ebec65cbc07dfd4d54a5140567e77c646bd92666922c43aca8e482c59b970fa43087eb76d6715e4e8e5ebe54ca391383ef685b133534fcc1e5c5eb56f9d76a888506c4ac8d289c37039e0c4f927b0e11e85c5c7ec1cf4b19bebee6014cb89ee57f2ade8d166005e956d46a0c01f60b58299479e8a59a2e88f1a7ffd08b27d92fc2772b338959bd0a1c9cb95075c3cc17043c818345b29b76c0b8ed41c8c7259cc780c657cb9509daec1558453cfe061f54e08523a55d3223897559d51096b680802140800000000000000322e007c2af0c08867291dd732bfe4b24d1d5ae517a7f5903c369ac6b157d42eb6ca8c0d7b50fd533a56c814e7cf04db3012eebd53ec1b123d65ab1e462dc19182b690d56a88ad5a1f4d89f1749b005e88085505cc6d7de8eeee08def67bc1d1519d44b7a62dc07e491f328f786956d9200f00d78829e6af7c1a5835366201374b9487330920d4c57e2f7073292e173acc2424bb0d5e0e9448b4c02f9cfc99bc408110b6a3e9bc3799e4b178c2871069bc7d9ceba564378f02b2932c36f159478b5facd452b595a86d119216af9d860bd3997305320159a69a70fc62284141d23d2dc1e5394b271d99e5570450f1c55807e96c7cbe1b7c2e3e96f69fecf0f375e36e0d2acf319e37199e98486a8d145ce2d996c1909402744cce63664a75e480b197c345360321e830e5912d1d7bfe5a129a67fa98e6eda5268fa588047859daa11d087d0dbf0ccc7e120e3a5820cb4f5dc06748317e3f866518eb66e39dc8a68a7411b3403fc8eeab8283dee4d767e8e5842ed922e03ae5b3c9c494d5ebc61527ccd1222740fedd9e469ba6b30761cf387d654081c7e63182860e4548748058914a9cea01caf074fe6a78fafa2b45c516f9f20af9ac6773a400fa9661a872f6b55f0ed52a9be9e9c35502604b924f0eb628d6545da322e0713f9a5587e87e4b04fa495423b7c72093b764adfd1430a2e608b7af3d2bf80fef00e5b69abe386618274921ff57621bb99739de2e066ff17e95eba027f6a35170af3a69e93359a9643e155832d45c1aa9a8f71ad35504b99d3d0a1c11ae108664ea36f4dcded083aee17ac9efe7ee3fdf7b63c7c09bcef62caa88708510d45cea79d323083ddbfe7e5d3d9138f206a7af82ef1d26c85015c3e55a285a35d0052546493536b9061db27291a9292033753b7bddac63dac6f6271689240e43523c434a65e1d35299e386c953d0c92f21057e0b7883e049d20961e75069587eb3df6206496f76bbfd96635bb19837ba2ab193d79072ffb8829306b63697ff104a65031b8a38c24cca9ba23d5cdf753169a00fe2b2c3849f234a7029b657b3324c10d553e601aa97d17024f7bf5a99f96392f4a079a83daa27f4e3b512ee8536e764ce4dc36fd0874dfa502a693e55bd9f116202c5e906703e2c43d84448598b7af78aa60a205c152841e75e23436738ccaa6bbcef87e6a237d86d1a5e38e56c162cd6d61a4fb8b410b1643ad557a22348edfa82c23db11c9abdd8141fce263a66537512e93a930a4801ad862a902c7c1e00eb7c7466b1351318b7196c2a9016c55a05e104e124bdb568132f9397e31b10d04e5284bd029ea2f6a3ed11854e09b5871d6a725c21a9ef5d7e729a90a8206d5f61e6e42e47dda3e31b9134d47872a0dd7a576b665ec6ceaa5fd7d85ed7feede9ac9fc23e40241c0318077edda75b62eb271e28fb3705f7b4950c14b721a3a74a7a4e4de02cef5de76a1602b906016c0892ef37db51b0a1dd53f28b3d896f20abbad1ad0e0220960423267fc6e1779d1150fd584dd184bb43278d2d68ff21ac0daeef5408348cb80f4a9e0e606f6048bbaa517289451f084fffb63c5d904788cfc310b5495528a58f4650dafc4e4675b99d35ebab710ac6fefcee6c51a2835510fb6d2dbd8f97c3e53fb7a23c3f3c0283eb2271504581b9c1fa31e35c117e56a5d668a9c57df3b4e1129ca019a8b877fa4a22768dfbdd9d2154e17f4a7755b065090d88982471bfb242d89af5c6782693a6ab1b1be74dfa5655ac3b5ef4ace8dc595803cf4025bdf5c0e9fbe7a12a3a313311809591da08a2cc6cd8480dc960e1f79fa208440a0e589be5756c36d5830a51c4bdc39c2a85c0431bae3a7331b2ffdf23623693d343a7938a8a8a4dd4d523c6450a705bccbb38427f06f4f84a18adf303c0ddecf4ce2b6cdde4e09a4c31816195f0fe9f05fcdc0609f8a75ad2f23d5c24faaf346c13ec0512a5c29477ac561c878085d1a323f6bab08e2fb9ee57d7bb621ef21caf3609d74036c6dc1d7be0b6058d89dcb8d9aa4462fa0a740be66e3fdaa957f27c5a26dc586ac8c927ab2d7cf1b761798ea4191be8f4423cf1a6727d0c5f27a9969a753573afa584dea82678f3471ba36d726c396d68c671e579120f1a11cd50fa66b26fc2d6cb74ba07edbd5d3a288cf58ed1255381df02b2fb8983b7cf833433d1ab8fdef12651c3507e4b69fbc4b234678cca36761e8da434e5f036f204a1400da15277ef27ac140e2d574b89c0fd617da27e6ce862883bbe81c288834b9477d0d440c15dad505b363fcc1cfef8e2e3a96438809505844196acd0af751dedfced67f209c2ffa9c6da842c93ff4b5fd54a67df904f2f31b4236728c99582a667a8461d397770a657ffa7d514b0f076d7f35e9704a836e7882a2acf0a0ec2158ac7234953c3696abdc791c0b163ee76fbcc5adc18b6fa0f51f76f3d313a0d891f1deb69f6e44289b1aa43a768b8d13270959763a2c45129daeea493a5b0d7b36753b223dca9a8037368653400", 0x2000, &(0x7f0000000500)={&(0x7f00000002c0)={0x50, 0xffffffffffffffda}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
chdir(&(0x7f0000000140)='./file0\x00')

4.90663184s ago: executing program 1 (id=3977):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
sendmmsg$inet(r0, &(0x7f0000006040)=[{{0x0, 0x80000, &(0x7f0000000700)=[{&(0x7f00000003c0)="0f2f", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000005c40)=[{&(0x7f00000000c0)='_', 0xfe3c}], 0xa6}}, {{0x0, 0x0, &(0x7f0000001d00)=[{&(0x7f0000000100)="19", 0x1}], 0x100002e6}}, {{0x0, 0x0, &(0x7f00000025c0), 0x1}}], 0x4, 0x608d8d0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/tcp\x00')
read$FUSE(r1, &(0x7f0000003480)={0x2020}, 0x2020)

4.74246187s ago: executing program 8 (id=3978):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000100)={<r0=>0xffffffffffffffff}, 0x800)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
r1 = timerfd_create(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x8004, &(0x7f00000005c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$TFD_IOC_SET_TICKS(r1, 0x40085400, &(0x7f0000000040)=0x6)

4.581857989s ago: executing program 1 (id=3980):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CAP_HYPERV_SYNIC2(r2, 0x4068aea3, &(0x7f00000000c0))
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)={0x1, 0x0, [{0x0, 0x4, 0x0, 0x0, @msi={0x0, 0xc0000000, 0x6, 0x6}}]})
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000140)={0x0, 0x401})

4.215364248s ago: executing program 1 (id=3983):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f00000002c0)="670f0132660f382a570b26f20f019f0800c125790f05ea49951e000f01cbba4300b085ee66b9f50800000f320f01b112d8", 0x31}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.781120092s ago: executing program 1 (id=3986):
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendmsg$sock(r1, &(0x7f00000004c0)={&(0x7f00000005c0)=@l2tp6={0xa, 0x0, 0x101, @private2, 0xc, 0x2}, 0x80, &(0x7f0000000cc0)=[{&(0x7f0000000640)='>', 0x1}], 0x1}, 0x20040010)
sendmsg$inet6(r1, &(0x7f0000000380)={&(0x7f0000000180)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c, &(0x7f0000000340)=[{&(0x7f0000000480)='y', 0x1}], 0x1}, 0x0)
shutdown(r1, 0x1)

3.655216329s ago: executing program 8 (id=3987):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x3, &(0x7f0000000480)={[{@errors_remount}, {@noload}, {@min_batch_time={'min_batch_time', 0x3d, 0x5}}, {@bsdgroups}, {@errors_continue}]}, 0x1, 0x625, &(0x7f0000000800)="$eJzs3c1vFOUfAPDvbLfvv58txKh4kCbGQKK0tIIhxkS4G4IvN71UWgihUEJrYpHEkuhN48WDiScP4l9hJPHqP+DBiydDQozhIIbImpmdbaftbunb7pT280mGzsvuPN8Bvn2effZ5ZgLYt0bSPyoRhyLiWhIxVDhWjfzgSP119/+6eT5dkqjV3v0ziZufJovFcyX5zwP5m/8diiR9+8GJH9eUO7dw4/LkzMz09WyrN9+7cOPYpSuTF6cvTl+deG3i1MkTJ0+NH9/+9RUvJ+L97799mIz/8NvZJE7Ho676zvS6Vr+3d1slp2WPRK3uQXF/GsipbZ57t/h7aPkvtq4/kmpp4bBJF/L/j90R8WwMRVfhX3MoPn+71OCAtqol0aijgH0n2VL+9+18IECHNdoBjc/2zT4Hr1Vpc6sE6IR7Z+odAPXc746IRv5X876zvqxvYOB+sqKfJ4mI7fXM1aVl/PLz2c/SJVr0wwHtsXirN++3X13/J1luDkdftjVwv7Ii/yuFJd3/zhbLH1m1Lf+hcxZvRcRzef3fE5vK/5FC/n+4xfLlPwAAAAAAAOycO2ci4pVm4/8qS+N/epqM/xmMiNM7UP7jv/+r3M1Xkh0oDii4dybijabjf5fG+A535Vv/z8YDdCcXLs1MH4+IpyLiaHT3ptvjq85bHCF87MuD37Qqvzj+L13S8htjAfMz3a2umog7NTk/ud3rBiLu3Yp4Phv/ezjfs3L8T1r/J03q/zS/r22wjIMv3T7X6tjj8x9ol9p3EUea1v/Lze10bWz+yrWxuab35xjL2gNjjVZBw3IL4IVPvhpsVf46+e8uEtBmaf0/sH7+9ybF+/XMbe78PRHx6kK11ur4Vtv/Pcl7XY3zpz6enJ+/Ph7Rk7y1dv/E5mKGvaqRD418SfP/6Ivr9/8ttf8LedgfEYurT96ih+6ZR4O/t4pH+x/Kk+b/1Pr1//DK+n/zKxO3h39qVf65DdX/J7I6/Wi+R/8fFK29H8eaLByIpglaSrgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8ISrRMT/IqmMLq1XKqOjEYMR8XQMVGZm5+ZfvjD70dWp9Fj2/P9K40m/Q/XtpPH8/+HC9sTK7f60rAMR8XVXf3Z89PzszFTZFw8AAAAAAAAAAAAAAAAAAAC7xGA257/Wu3r+f+qPrrKjA9qumv9czvee0mIBOivP/y8+2PQ7a707Hw3QSdWyAwBKs/H8725rHEDntc7/Bw9rmY6GA3SQ9j/sX1vMf18Pwh6g/of9aoN9en3tjgMog/ofAAAAAAD2lAOH7/yaRMTi6/3ZEoXJvwb7w95WKTsAoDTG8ML+VZ0tOwKgLD7jA8nS2j9NJ/u3Hv2ftCcgAAAAAAAAAAAAAGCNI4fM/4f9av35/8b2w162zvz/LPmzRwM8rG3g5cCTpvWjP9T9sNet8xnfA79gn3hcbW/+PwAAAAAAAAAAAADsAn03Lk/OzExfn1t48lbe3B1hbG5lcXJXhLHdlf6IWNrzqD1ldUdE+Ve6cyvViMrGXty4BUeJMZf8ewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFjyXwAAAP//CHogwg==")
r0 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000000)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ad4, 0x2, r0})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(r1, 0x1, &(0x7f0000000040), 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x13, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41000}, 0x94)

2.774374808s ago: executing program 1 (id=3994):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000680)="5f62f632763c84825847145170282f67ba6d5dadf0baf135d503e93a17ee560409202f4c5f0de32b0e53e4d26d04c825d923318fd574b1924b09ebb91d5be30b532a2fb95030c6be2a14ccfbce6eef05ea88d2413dc3fc0ae8a2e071f8764a4843611ae28b340100ddefa8ffed32420677397aa63e880adc56d03d8799429f33741886bd6c4065bba5005d74f67508dc3434165b51bf8f73bf1a7c158d8905e518e8", 0xa2}, {&(0x7f0000000740)="dfd1db04f5eef4b5714a69f5392e27d1b79a961a16fbdc4f01a9e38a1f95f939a209f049ad8d4f9447506fd73cec26b8246758f684013c99b717e119d15432e9d46da8a0c25e7e3771b0b146e56d2fcf810733", 0x53}, {&(0x7f0000000c40)="a405df87c6e89abd7ae7e6b8550f9923917c9d38e14a4e9ace3100b34d0056282b", 0x21}, {&(0x7f0000000800)="f76c72c4066a174e1300da0da7d191a618fc5793ff23c6328c6d61df0a2fb72441d4ded25cf7b5f31eb5d65e412665a6177f09ca3ac5cfd751577dec547711dc43b694a601fcb6575547ee6ec2a01c32b65d3429fbb9623a83d457d3ddea9eb90ab14b6b323a9358af0b55cff95844d5b47f69", 0x73}, {&(0x7f00000008c0)="4b000ffd096c1b77cd99b1458609c4b82100375ca9411e734cc8e9627df29e9b97a002d7f15ea9f42bd71401384ed6b5772b5c618c35c4aab72b1d515ceada9e64d7a35fd435e98f06243fcd53966c196ff3f47537912a1a5dec7e8e1fbf4543d1a6c80467d6ba3d241e3fd22efa09c638c98b4ce9fbe6d2053fcfa334eaee64efad2d349f048afb2635ae06c05697746fe073ed230c9c7c4643396305424c1c7eaa3ee09891995a607de26be9abcd2b65a4f9093da8a07eea", 0xb9}, {&(0x7f0000002380)="a66554178426362975b882a7d6b43fe537b6b0036a966a05363793ec2f6830cc5b81e514b9cbe4c27c3f3a581556b832100a4233e3e80fda14dd84611893300a863a8a6f6d8e0c7633e168ad7e25d4bd14ba6812101488e9444165b8100d576a996fec019ae11a03498329bcbacd0e8a206bd0de0c7e09f64a57d56974599f09aa148b4224dcffe1b5a1e55bbc1fdae8bf2f72437cf399c4cda11554b21158e3ddb00ddb71a1bd1daa50d631b027238397d692214223af1d685e7a3318da65c9233eba674ff72097411ef3ee19b892b1b36eeb925a6698f4d455b02163a3504ee6accffad7aaf9d19763d886272559ef0501594ea23d45a43e13bba05d7d332750ce5d9d3b37d234f46464fcc5f495e0fae02a24efd67db315c92f9483196bd38b38b3675bc0de5873f9d7b01ee5c564f5573b474e3c9f3b955929d9112007049e4245d68b93f365a90d35c837cc13999f2d6a23be87786e4234d74b1160669c7962b3b413201192565fb93252c153dd735e280e01d13dc34468f67684a4308c7dbe07687e0f56fa54f44b0141895ad75781ca026d813e8c17794b9d87d97136d29aced71b1f526dfab6301b78f1deab7949c97cce6616f4afd46a331e2fb54342dd1964c70a2717f4239c9e5157ac93c42d05f230da440a9227f0f82ee95cc79ca2d3da3f889b37f85f50d75711a910a57d213edb4b981cde33e01ec960885f31511ed7f8e01ddd36d76e1b1e40e81cd21ef9c34134400fdd94e34e5d77f4b7ca3612663e0f6b364be4a9dc775f3b12386ec04960524a9a5e6879e50db657c89a7dc7ec1f919ba8c77e926538599e7969868a5ef3e92817a3402c13de0efcb9fef445ee49f4b0ed26c5dbadff51459d5229661e4b7d2548c9ea4ce89b828daf5f5873e1d9e693ba037fc00ccc3dd74096c0f1ea508ee96ad7d85664947193e011e2f037917af7716d7f27cac25c9785f13baddfeba40997af5f6f4029cf5b781b654a635ee8696078d99025012cbad5af13bc26e2d100726fc98c11f8f16057a8506f29cf30bcf9ab7883ad1708d11bf70ee54fced84c69d90eb302e8aff586c0b25893e09868426cb4649145ede32035c47360fba7fe863cb00b86f583090c5b8d8549ba62cb822ed182fc07f029a826b5c86dccd603408bfc060c80c8ae21be086998f45923e1fe36eea10a66a55cc9f3cb6a296535dabc831fefe26b80ee47c723c596c51e1d7c073df20874eef79a291934c4c6a7c6b656595fc76b25d0d50590c1df29d59842a19a6acd60e783069aa0c21d792129132d59d12cd4417583dc967d7d44f392770da18e30a70a330e7b05aebf09e93aa545ca382a29f810e8a4efc0fffd3660f76892c2027daccfd743734c359bacaec86e4f15ca31b83894b67b3a3539cb5567bbcacd9a52c9b8d87252ddab0dbdd373f7150b87893fa4b6c5e6016f2146471f092a2cf4c75b6ed08a2f27f9f68d1817d7e782c0fa3026fd4e283b6b23bff2a9d84f5cdea217ce396080b623fe6d5da91fcab0e563b8c54af99007f6680efc9fdcd35d1d2ad8539ee04744e38c750114de55b80192c5d6aee8cbc34a47426bb22a9e3e2fcb87530c418a65fad7d5fbb15f569a69fc2cb92dad8f574330fdf2aa6033d1be037d5e3e964ff01329c43401bc86a72025288100ce86c053b922e9a7a692912bca4dabfc0e3a8966a65c96d3a420809c2d600928546a4ea26ff7100081f3ca8a70c64b3a4fc33b3e2546ff4a43502d448f2c0b274a244d32c955b02d897b1c53a2724ff886a1ccc91ea3a22dbd1f5f3f2e33db9ac9aae458a27e2a529ac2d8671f0e30df63a5d1a579b8f5a68f4a53fb4f3f76d41bee8e10635606f2a7fde9af7bd0df3ab9750b0c6c962fbc36e9474e3efac01ea98a4fe6e0f819d62dcde2b9b77fb0d430495ee042d1e70a52debb0d13b09906f77327dd4ccfe2b6796f9aa5e5b2fa9b2249c66b49cd7e1cbdb194c239d7e2e0928a45c8c55904cd345c5d8b92a5526ff51b5c2e477089eeb16cb3996c243c66a82f4349370ac26bef5d900ec582f274cc38b0258993de6cc79574fdacb895721fd4d04f84c4d89e109629f48a24fb3241882f154a35ae6659e0bb35af409c51cb11a26413be88a1e5ae1e8d2b1333a6c80c42c654f269dd875aa7f19517f62b8e031f11bdb11bafcf4b4f06496142579f7769ee41dd24701cd3ed016030f7d5cf24a4cfdcd9b05e38524cd1a81e16b948672329bd111f7442bdc81b68b36495b5f4aa44d7c2fdea8703849a17f7d3327086355ca3b36c10eb38556bf95b3575ba32b97f268af1f1347ed28368828124361f6c1e6b64e6ba9efc3094d50bb049c35db5ea2b3c76576b1a8f37da0711436048ae443523032497e542c04458f04cfffd11c53c431065c20e8add72c0c31caeec12d0bf391fa1c0a75e23d39c31da409083f768f545090b05c54084ffc5d7fd85cea725807638f4ab0026204452a8c198cc60133ce00e9a2b9ebeb30d7f33a1bb25cb2948bf44288cce43b6ac13012d8860fce83d9a0f6f1886723f41130466186ac56d5384bfd04fe87c67528996c1ee1ad8e551dda563e75d5dc8ac6a47990a62c915dc23f4ae6596dcfdb44661de969aec7f6d3fa8f05e106a8db7abeb3682bdc8e87aefbb09e642b2cef2919ddc55ded8dbce0606d3c4a0747a293a991b8cd832381c30813b887a22c2df569c12c430cf7471578eb787acab65b54569bece6921805af9ac41b268ce329a25bacdb02f8f3c4ef930f1799ff940f42c21955ddd5496234d62447d1c9d8e0cc7bb8fd5ca5e9fa2ef99105a4d44d6ce37532407fcccc4e71103baa0c7ff1767e05762424d9301294daa95523792cb73b348c41ec713d19c2b917a4dc50be3f0742762e5055cd6ebb3afa2b89a94c6a921e039ddaee98fc7a961a5e415322bd4b333d83768ee8945f29556f94372a16285cb1ff103640d93b837861f1d0d9e65fe35583b6f76889e7d09a2cdf3c2ef305a0f6d205deedee94ac602974fa58284e33aee55947a7a042abf0759ec8c1410493114454320b5003f23dac1c600a471ff09bdbf5bb40be87a69d388592241d9989f0435eeede193e6994b80a2145eca4afb5e691341e37e4580b0c54d7fc506cc9641020cd342a85fe56946e49854756ae6534edd03de881481e11701851f0f30fedbfcf335c3855c8d9541ef234f8718fbb0d9f127093a3e7c1d49d8a20729ab41a0118683b7044ee490d7137bebbbbfb245d5e30356e102eda0052a37cca70c221475b5c596f68c745701dc6e31f7846270bcd516ded5d0b4666b249a32f0acb1b8a7de8e6f007ee740561f64b7f30b4764ec5116a1eda1526225ddd01b1d999ff17d0798be47e3a5957011aa6e03318897ce1c452b78f9badf89098fe696894953581b01ceffc4fa0eefd654df9ea70b1f2f1e287192a5a20a381e8fad0fb99814208970902fdd28cf6a6457d7873a76359e226e5b203bd6f85bea30cb0ab5817e1b32fbbbd33a4e67f3771b7256a3a9ec20dae8a248af32a909bb5ec28f0f85722b81151f0f0a500a5c39c36476ac42c30bcb68a61a13141541ec54d895f0d7ca1afb728202e77f2f85170a3c2de378f1cfa0c2d1b0353f5d2fd0537017dc5510232a7a27a444476bbca2b84394639cf8ded35568868f9dcfa445b33c694aa8696d899afdf0d98a542e6a3c0212480ef3063ae0b8bcaa133978e9ebd76a3ccf652b0022b3cc7f1c9f2731c1c08f45fc84f7dade8471f6855e3005d75390e36a6646b8ac0dd5da9f9ef4bc35639ac96280bc47a547c0941af4516278b66469c7fc22932cbb2ac92cc12745bdf4ab4411d48396120f0e397ff6c22c54873296a897928d0158a5e63e6d48016cb4af44a3d71296acffe59241a8537f8b2cbc88b8ee2f4090e8e16b8af4700a60d0c199cc45cedf8dfe9a78ddd8637f7a9cfc16b078b1f9acfb8cb35f94b7564b1e23904e40dd5bdef1c78397457c05dd1108c3257bfda2e36b31969e8642c825c9dafe2fa4ee2708023c26255e6c41c2c873923e98eb1397dbc51324dfbec7943a5564fa815b9492d53c6cf6d42cd07165ae54e81f7989f2e406a13bea4df4d4a6971d81a4492e5703b6ba1f21ca5ffd68cdb15a713abd70d411e64d873b9f36ced7f354273c5c9782dd8a410ac28fee250f4b82095f4ab7a5c5a7d57114b6196cc2accdb44e39351a5d7c2c519ff861db8e4a368fdc1c5459f2b4cef0076d9b57b9ba2e76b3d8b87a515fc5c777d7e8023ef898fcf31365abc3e0a1307fa85f29d3c8a7e70d58b1228e8376c212ffb76f895aadedcf3f70bddcc347473dba5602d7734c4e9a2054cd3763acbb7fe82155d4a50e6a72d917b22b16ea8abd987834b4b1b04556e5442b1b643fa842a08ab5d860715b250447170c8d30829730a53974b6554a6454bab2eeda2966cc13a02a2b2c2e157ccd1795bcbc9c7bec370d9f492745b7c03c5ba21a45", 0xc68}, {&(0x7f0000003000)="42174da4697726eb844d4deeba15a4f94391c0c30a3fd9e778e3bf5f1b6f4c5de06b7e33c4b155b6664f6c3048e9e40da2d997441217a0e5384c27cb272d20232749ff1d2d02af4b66c2989e1ac0f7722e4df16733b1142a3002de4148e7656e3d59e2be1ee0f63699ed96aa8657d2747525d7e4bed6003b3142317b7aa72047649e64adb8db88c6408533b3cc52d45b4a422af248f9560db3054dfe591724c6472c11d55204912ba1ac55ca3e13c6924bddd84fb9f28cce209ddff8d2ba10274f9e0faf10a8a5eedf14dde018e129a6a9bb52a5a66171b1a6cf82aced2cef01b656efc4cbb7e62977edbe763a418949c47bf791e77b86dece880fa4ab33da7b538beb5796cf3da1d000e0c81c61119170744743448f235d592d60ba433ada49724e5416600d31c6e7d809274590afdd5f0da18105f603063e0da80533b9a7db3d2375aeee8837fea21b9f36c8bc221a5c9d420999f1", 0x156}], 0x7}}], 0x1, 0x8800)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r0, 0x604ab000)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000fff000/0x1000)=nil, 0xff2, 0x0, 0x0, 0x0, &(0x7f0000000c80)=""/4082, 0xff2, 0x0, 0x0}, &(0x7f0000000000)=0x31)

2.536876207s ago: executing program 8 (id=3995):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x19, 0x4, 0x4, 0x5}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, r1}, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r2}, &(0x7f0000000380), &(0x7f0000000580)=r3}, 0x20)
syz_emit_ethernet(0xfed0, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @multicast, @val={@void, {0x8100, 0x6, 0x1, 0x4}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x2, 0x78, 0x0, 0x2, 0x0, 0x11, 0x0, @multicast1, @empty}, {0x4e20, 0xfffc, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x2, "e5410e86db87a41f716be8e1fa0fe2fb143899778cc5c15c1337404bb397c0fc", "0c17d7b0eb591c2a7eb609eb8d2d9d15", {"28cbbe8b3bc8849d1e6124e7e5913283", "00802000003211817ada1e97297a54f5"}}}}}}}, 0x0)

2.480452186s ago: executing program 1 (id=3996):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010d804dd000000000000010902240001000000000904004001030000000921010000012205"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000040)=ANY=[], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_write(r1, 0x81, 0x1, &(0x7f0000000140)='P')

2.322381908s ago: executing program 8 (id=3997):
sigaltstack(&(0x7f0000000480)={&(0x7f0000004000)=""/4126, 0x80000001, 0x101e}, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

2.297616042s ago: executing program 6 (id=3998):
socket$kcm(0xa, 0x3, 0x87)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000030400000000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="20000000100000001c001280090001006970697027d6fc6015b652eea28f3b"], 0x3c}}, 0x20000000)
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003088700fe88a43de1a400000000000000007d01ff020000000000000000000000000001"], 0xfdef)

2.27846698s ago: executing program 5 (id=3999):
r0 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x4, @loopback, 0x7}, 0x1c)
shutdown(r0, 0x1)
listen(r0, 0xb)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x22, &(0x7f0000001680)=0x1, 0x4)
sendmmsg$inet6(r1, &(0x7f0000000000)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x5, @empty, 0xfffffffe}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000440)="0e5f68d83c480127315b6886a946515b7be906c98ca1253c236ed63c56141ba4b40fb15ff070c223cceb614056d7d5a31954fbb7093a321b3076d0ab0bd72d860d7523ed263334e30a089a0f855121699c1cf7cbe88e9ac3a4e4a9f49ee94f9cc9e552e9571ee69464d2aca8a53dc1b35d2d8de90aca12736ebb1733e54f6a1fa18f61b11a65", 0x86}], 0x1}}], 0x1, 0x20080058)

2.090841146s ago: executing program 5 (id=4000):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x2000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff0000/0x2000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x1195, &(0x7f0000000040)={0x0, 0xc8a2, 0xc000, 0x8, 0xc4})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x13, 0x0, 0x0, &(0x7f0000000680)='syzkaller\x00', 0x8005, 0x0, 0x0, 0x0, 0x76, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x7, 0x4, 0x5, 0x5}, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB=')'], 0x50)
io_uring_enter(r0, 0x2219, 0xcf74, 0x16, 0x0, 0x0)

2.09001024s ago: executing program 4 (id=4001):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r0, 0x1)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e20, 0x0, @loopback, 0x7}}, 0x0, 0x0, 0x47, 0x0, "09be2271b78506e6dd938d324c415acd403a4480fd1afa34432bcdfa64d957e93efafd27ad06a6f589bb643f167cf0fcd370239aaa93f6ded3c5032c96ead0cdc68474d402ab73e482db7ec1e0a57489"}, 0xd8)
bind$inet6(r0, &(0x7f0000000a00)={0xa, 0x4e20, 0x4, @loopback, 0x1}, 0x2a)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0xeffffff1, @empty, 0x2}, 0x1c)
recvfrom$inet(0xffffffffffffffff, 0x0, 0x0, 0x40000100, 0x0, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e20, 0x8, @empty, 0x5}, 0x1c)

1.941427858s ago: executing program 5 (id=4002):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x14, r1, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000000)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0)
read$FUSE(r2, 0x0, 0x0)

1.903852773s ago: executing program 6 (id=4003):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd2(0x1, 0x800)
r3 = eventfd2(0x8, 0x800)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000200)={r2, 0x0, 0x2, r3})
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000100))

1.885767043s ago: executing program 4 (id=4004):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.729610076s ago: executing program 5 (id=4005):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000280)='cdg', 0x3)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a8afb5086d04b3082a6d000000040902"], 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

1.72807949s ago: executing program 6 (id=4006):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0x2, 0x4e20, 0x0, @local, 0x6}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0xe22, 0x0, @loopback={0xff00000000000000}}, 0x1c)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac710aa7d0000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)

1.599841282s ago: executing program 6 (id=4007):
socket(0x10, 0x3, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000000c0)="eb673468a1d4b3f1ac274e1633766522438f7d55a7f22df8e28fc6ec8d677cf78b41c22adf922d8bef985d6e2242f74b76e8ca5dabc1927dfeca095f5560d6d775f9ee1ad23211415025ae15790d7c3f2fcb9953bca2f88e0798e851b188cb7c44a90bae28cc85cf22b325ff568f85d0124eea958e8cc8ca5f5983730a7f86af2f24d36ad2db161c3083f4", 0x8b}], 0x1}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r1, &(0x7f00000000c0), &(0x7f0000000000)=""/3, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r1, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)

1.575123773s ago: executing program 4 (id=4008):
syz_clone3(&(0x7f00000028c0)={0x42185000, 0x0, 0x0, &(0x7f00000027c0), {0x26}, 0x0, 0x0, 0x0, 0x0}, 0x58)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
syz_clone(0x120e111f, 0x0, 0x13, 0x0, 0x0, 0x0)

1.146016107s ago: executing program 6 (id=4009):
socket$nl_route(0x10, 0x3, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="004489f9cf4dafa9d72322f4593f8a82f9558ffadb665130ff9b19844b341f4e0e1690c50f182f938bceb4a6f21c3db6d24a49342a77aa1cefd7bb6440eb7a5098bbafe3fda6ecfc57e66ac359bbcb725a14c665991ef894e3c2309b2f5fbe4a3bd6becaeb76f99bafd188a186bfbc86c13d6cbdd539bcb6dc0b058fb6a9e341db3cf9af085bf3ace49d691d068372708bf92c8224b57df7758549b2da4411f8be8f5261b175fbd34d"], 0x0, 0x185, &(0x7f0000000700)="$eJzskr3OEkEUhp9Zlu/HwkhiRSOJRLFQYEmMsdESey/ADaxIXFRYEoVQLDGGwsJYegX0XoGJF6AWxgugpiA2Wpgx88Nm9hq+eQreOe+cc2bOsM+yaXYK/DusBjxEU+EyP4QgBK4J4+0Dox+t/rT6wQjfbd4j67+1Ws8Wy+dxmiazxv0GNWUIAdoAfmuvyMkerAP2utWvw2qgFk8AKaVU3jBApePmVICpk1MP4aoeQhY5ahAV3PwjaTN51c4Wy9vjSTxKRsmLKOrd7fyVUkbtp+M06Zhf4RxhR0HpLUC91+fYeGq/CryzOZcoI5yr2X1x7vQ+AdZ2r3W9XBs4tUcVfClqTzn+X/CYG5wBr3PhuE3dJUSP1NemCbqhcz9z1pneuDN4mQ43CARhBVW2JSx6dHdUiyByg969/HjtjdWm1b7VrdVdMVz5k6lSI//23katHE54E8/ns656JLNS3rlaRYUXXcndB1OnfgrKw30N8Hg8Ho/H4/F4PJ6Lzv8AAAD//xxifZ4=")
r0 = socket(0xa, 0x3, 0xff)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x4c821}, 0x80c4)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="040e06070c10"], 0x9)
utime(0x0, &(0x7f0000000200)={0x2})

1.048176403s ago: executing program 5 (id=4010):
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{0x4000, 0x1000, 0xb, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x2}, {0x0, 0x60000, 0x3, 0x0, 0x0, 0x7, 0xf9, 0x6, 0x0, 0x0, 0x0, 0x42}, {0xeeef0000, 0x6000, 0x13, 0x9, 0x0, 0x0, 0x81, 0x0, 0x4, 0xe, 0x1, 0x3}, {0x8080000, 0x0, 0x4}, {0x7000, 0x1000, 0x3, 0x0, 0x0, 0x80, 0x80, 0x0, 0x0, 0x0, 0x1a}, {0x100000, 0xd000, 0x9, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x84}, {0x4, 0x5000, 0x9, 0x4, 0x3, 0x4, 0x0, 0x0, 0x3}, {0x1, 0x100000, 0x0, 0xf9, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}, {0xf000}, {0x1, 0xfffe}, 0x0, 0x0, 0x6000, 0x0, 0x4, 0x1, 0x900, [0xfffffffffffffffc, 0x0, 0x0, 0x3]})
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000000000407d1e9c3100000000000109022400010000000009040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\a'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, 0x0, 0x0)
write$tun(0xffffffffffffffff, 0x0, 0xffe)

927.235621ms ago: executing program 4 (id=4011):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r1, 0x29, 0xc8, 0x0, 0xc000000)
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast2}}, 0x5c)
setsockopt$MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x0, @loopback}, {0xa, 0x2, 0x0, @mcast2}, 0x1, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}}, 0x5c)

799.507563ms ago: executing program 8 (id=4012):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000280)='./file0\x00', 0x200841a, &(0x7f0000000f40)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0193acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417bb7f527c0bfebec112d57fc69fabb9b31ef97b2147930ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a3332978da70e9050417087c5ae034a735e8b448dd97014043159cbaacebfc912cf05f608e6214c04099fa311b747c37af702d134fb8eec487cfaea91150d1980464ff31cf86e3f3b950b204f6f67810c0826e4e5467c1588de9816bc627fb4662ac5fc8e38f19ec065550e5f9b16f72a91144a2e52ba9f2c6a7e2afbabc533ac731bb7ec51b8c585c2749469da331006ca4d49e136189d21ae50455834b2e75efd81c9d6352e5a814cf002f294475dab27a10d87516e405eff30", @ANYRESOCT], 0x1, 0x553b, &(0x7f00000024c0)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="71756965742c646f74732c6572726f72733d636f6e74696e75652c6e6f646f74732c636865636b3d72656c617865642c646f733178666c6f7070792c6e66732c646f74732c6e6f646f74732c0052bbde30ad1b84bbd4c68ac5df60afc617ca0829fb9a153080d7fe1db0f2c220c8"], 0x1, 0x255, &(0x7f0000001980)="$eJzs3TFrE2EYB/DHNm1jHexcHA5cnII6uQapIAaESAadPKgurQjX5XS6j+Fn8CP5MTp1O7EXmjRGi9jr2+R+Pwj3wD+B500gb4bnzb1/8Ono8PPJx/rHt+j3s+hFVHUdsRcbsRmNO9Prxnm9HfOqAABWzXicD1P3QLuKYphvRcTOb8nke5KGAAAAAAAAAAAA+G/L5v/jzPw/AKyz+fn//bSt0JKiGOa7099vl5n/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANI5q+v79V8eqfsDAK6f/R8Ausf+DwDdY/8HgO558/bdq+FodDDOsn7EaVVOyklzbfIXL0cHj7Nze7NXnZblZPMif9Lk2eV8K3an+dOl+XY8etjkv7Lnr0cL+U4cLjZ7t5W3AAAAAAAAAAAAAAAAAAAAAJIbZBeWnu8fDP6UN9Xc/wMsnN/vxX7vxpYBAAAAAAAAAAAAAAAAAAAAK+3ky9ej/Pj4Q6G4urgXt6KNq4p4divauOkiVuPTSVj0/uXJqb+ZAAAAAAAAAAAAAAAAAACge2aHflN3AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADpzO7/314REVXdSL1cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYI39DAAA//8hc5nH")
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x804070, 0x0, 0xfc, 0x0, &(0x7f0000000140))
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x44045, &(0x7f00000003c0)={[{@nodiscard}, {@noflush_merge}, {@acl}, {@alloc_mode_reuse}, {@memory_normal}, {@background_gc_off}, {@nogc_merge}, {@flush_merge}, {@fsync_mode_posix}, {@noquota}, {@data_flush}, {@adaptive_mode}, {@jqfmt_vfsold}, {@four_active_logs}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000000)='.\x00', 0x18424bc, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, &(0x7f0000000000))

761.562231ms ago: executing program 4 (id=4013):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f00000005c0)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000000080)=0xcd, 0x3)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e22, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

424.429019ms ago: executing program 5 (id=4014):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00220f0000000b2e2b5ab40bf85edaca83"], 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000c00)={0x44, &(0x7f0000000580)=ANY=[@ANYBLOB="000301"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, 0x0)

98.549079ms ago: executing program 6 (id=4015):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xc4, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in=@dev={0xac, 0x14, 0x14, 0x25}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc00000019000100000000000000000020010000000000000000000000000000ac14141500000000000000000000000000000005000000000a00200000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000ac00000000000000ff0f00000000000000000000000000000000000000000000ffffffffffffffffffffff7f0000000000000000000000000200000000000000000a00000000000000000000008040000000000000000008000000000000000001000000000000004400050000000000000000000000000000000000000004d23c00000000000000ffffffff0000000000000000000000000000000000030d"], 0xfc}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000064010100000000000000000000000000fc01000000000000000000000000000000000000000000000a0000"], 0xfc}}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e24, 0x5, @loopback, 0xa}, 0x1c)

0s ago: executing program 4 (id=4016):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000003ec0)=@newtfilter={0x60, 0x2c, 0xd3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0xfff2}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x30, 0x2, [@TCA_BASIC_EMATCHES={0x2c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x20, 0x2, 0x0, 0x1, [@TCF_EM_META={0x1c, 0x1, 0x0, 0x0, {{0x7, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0x6, 0x2}, {0x5, 0x40}}}, @TCA_EM_META_RVALUE={0x4}]}}]}]}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x10}, 0x0)

kernel console output (not intermixed with test programs):


[  446.010255][ T5840]  f2fs_handle_critical_error+0x37c/0x540
[  446.010283][ T5840]  f2fs_write_end_io+0x1274/0x1740
[  446.010325][ T5840]  __submit_merged_bio+0x256/0x6a0
[  446.010352][ T5840]  __submit_merged_write_cond+0x3c9/0x4e0
[  446.010380][ T5840]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  446.010420][ T5840]  f2fs_write_data_pages+0x287e/0x34f0
[  446.010435][ T5840]  ? __lock_acquire+0x6b5/0x2cf0
[  446.010486][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  446.010512][ T5840]  ? __pfx_css_rstat_updated+0x10/0x10
[  446.010560][ T5840]  ? __lock_acquire+0x6b5/0x2cf0
[  446.010593][ T5840]  ? __lock_acquire+0x6b5/0x2cf0
[  446.010622][ T5840]  ? do_raw_spin_lock+0x12b/0x2f0
[  446.010650][ T5840]  ? do_raw_spin_unlock+0xf5/0x210
[  446.010668][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  446.010685][ T5840]  do_writepages+0x32e/0x550
[  446.010711][ T5840]  ? do_raw_spin_unlock+0xf5/0x210
[  446.010734][ T5840]  filemap_fdatawrite+0x1e9/0x2f0
[  446.010755][ T5840]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  446.010813][ T5840]  ? do_raw_spin_unlock+0xf5/0x210
[  446.010835][ T5840]  f2fs_sync_dirty_inodes+0x30e/0x830
[  446.010864][ T5840]  f2fs_write_checkpoint+0x9df/0x26a0
[  446.010879][ T5840]  ? __lock_acquire+0x6b5/0x2cf0
[  446.010927][ T5840]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  446.010988][ T5840]  kill_f2fs_super+0x314/0x720
[  446.011010][ T5840]  ? __pfx_kill_f2fs_super+0x10/0x10
[  446.011036][ T5840]  ? lockdep_hardirqs_on+0x7a/0x110
[  446.011069][ T5840]  deactivate_locked_super+0xbc/0x130
[  446.011093][ T5840]  cleanup_mnt+0x437/0x4d0
[  446.011108][ T5840]  ? _raw_spin_unlock_irq+0x23/0x50
[  446.011136][ T5840]  task_work_run+0x1d9/0x270
[  446.011159][ T5840]  ? __pfx_task_work_run+0x10/0x10
[  446.011194][ T5840]  exit_to_user_mode_loop+0xed/0x480
[  446.011219][ T5840]  ? rcu_is_watching+0x15/0xb0
[  446.011237][ T5840]  do_syscall_64+0x32d/0xf80
[  446.011258][ T5840]  ? trace_irq_disable+0x3b/0x140
[  446.011275][ T5840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.011290][ T5840]  ? clear_bhb_loop+0x40/0x90
[  446.011316][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  446.011331][ T5840] RIP: 0033:0x7f82d479d9d7
[  446.011347][ T5840] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  446.011360][ T5840] RSP: 002b:00007ffdfa69b5c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  446.011378][ T5840] RAX: 0000000000000000 RBX: 00007f82d4832050 RCX: 00007f82d479d9d7
[  446.011388][ T5840] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdfa69b680
[  446.011397][ T5840] RBP: 00007ffdfa69b680 R08: 00007ffdfa69c680 R09: 00000000ffffffff
[  446.011407][ T5840] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdfa69c710
[  446.011416][ T5840] R13: 00007f82d4832050 R14: 000000000006cc63 R15: 00007ffdfa69c750
[  446.011443][ T5840]  </TASK>
[  446.011461][ T5840] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  446.247753][ T9414] usb 2-1: USB disconnect, device number 23
[  446.253652][    C0] xpad 2-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  446.253704][    C0] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  446.393626][T15136] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  446.432589][   T29] audit: type=1800 audit(1774296757.941:105): pid=15136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3001" name="file1" dev="loop5" ino=17058 res=0 errno=0
[  446.855605][ T6606] ocfs2: Unmounting device (7,5) on (node local)
[  448.098742][T15162] loop7: detected capacity change from 0 to 32768
[  448.122768][T15162] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.3010 (15162)
[  448.184156][T15162] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  448.220426][T15162] BTRFS info (device loop7): using crc32c checksum algorithm
[  448.371356][T15162] BTRFS info (device loop7): enabling ssd optimizations
[  448.418692][T15162] BTRFS info (device loop7): turning on flush-on-commit
[  448.457295][T15162] BTRFS info (device loop7): enabling free space tree
[  448.510252][T15162] BTRFS info (device loop7): enabling auto defrag
[  448.555860][T15162] BTRFS info (device loop7): use lzo compression, level 1
[  448.584043][T15162] BTRFS info (device loop7): max_inline set to 4096
[  448.978297][T15203] netlink: 208240 bytes leftover after parsing attributes in process `syz.5.3021'.
[  450.007158][ T8818] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  450.772199][T15247] netlink: 'syz.7.3032': attribute type 1 has an invalid length.
[  450.802923][T15247] netlink: 'syz.7.3032': attribute type 22 has an invalid length.
[  450.831276][T15239] option changes via remount are deprecated (pid=15237 comm=syz.5.3037)
[  451.314655][ T9438] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  451.474087][ T9438] usb 6-1: Using ep0 maxpacket: 8
[  451.487721][ T9438] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  451.514532][ T9438] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  451.533993][ T9438] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.547063][ T9438] usb 6-1: config 0 descriptor??
[  451.766308][ T9438] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  451.969609][    C0] iowarrior 6-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19
[  451.979146][   T10] usb 6-1: USB disconnect, device number 23
[  452.088652][T15272] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.3048'.
[  452.169167][T15276] netlink: 'syz.6.3050': attribute type 3 has an invalid length.
[  452.461610][T15283] GUP no longer grows the stack in syz.4.3054 (15283): 200000011000-200000018000 (20000000e000)
[  452.476228][T15283] CPU: 0 UID: 0 PID: 15283 Comm: syz.4.3054 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  452.476262][T15283] Tainted: [L]=SOFTLOCKUP
[  452.476269][T15283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  452.476281][T15283] Call Trace:
[  452.476289][T15283]  <TASK>
[  452.476298][T15283]  dump_stack_lvl+0xe8/0x150
[  452.476334][T15283]  __get_user_pages+0x2378/0x2720
[  452.476421][T15283]  ? mtree_load+0x12a/0x780
[  452.476529][T15283]  get_user_pages_remote+0x2f6/0xab0
[  452.476555][T15283]  ? __pfx_mtree_load+0x10/0x10
[  452.476588][T15283]  ? __pfx_get_user_pages_remote+0x10/0x10
[  452.476613][T15283]  ? __access_remote_vm+0xa3/0x6f0
[  452.476640][T15283]  ? __access_remote_vm+0x42c/0x6f0
[  452.476671][T15283]  __access_remote_vm+0x222/0x6f0
[  452.476708][T15283]  ? __pfx___access_remote_vm+0x10/0x10
[  452.476739][T15283]  ? alloc_pages_noprof+0x13b/0x2a0
[  452.476774][T15283]  proc_pid_cmdline_read+0x419/0x7f0
[  452.476822][T15283]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  452.476850][T15283]  ? rw_verify_area+0x2a6/0x4d0
[  452.476874][T15283]  vfs_readv+0x587/0x840
[  452.476899][T15283]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  452.476927][T15283]  ? __pfx_vfs_readv+0x10/0x10
[  452.476965][T15283]  ? __fget_files+0x2a/0x420
[  452.476995][T15283]  ? __fget_files+0x3a0/0x420
[  452.477019][T15283]  ? __fget_files+0x2a/0x420
[  452.477053][T15283]  __x64_sys_preadv+0x19f/0x2a0
[  452.477078][T15283]  ? __pfx___x64_sys_preadv+0x10/0x10
[  452.477111][T15283]  do_syscall_64+0x14d/0xf80
[  452.477136][T15283]  ? trace_irq_disable+0x3b/0x140
[  452.477159][T15283]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.477178][T15283]  ? clear_bhb_loop+0x40/0x90
[  452.477201][T15283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.477220][T15283] RIP: 0033:0x7f82d479c799
[  452.477240][T15283] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  452.477256][T15283] RSP: 002b:00007f82d55b7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  452.477279][T15283] RAX: ffffffffffffffda RBX: 00007f82d4a15fa0 RCX: 00007f82d479c799
[  452.477294][T15283] RDX: 0000000000000001 RSI: 0000200000001200 RDI: 0000000000000003
[  452.477307][T15283] RBP: 00007f82d4832c99 R08: 0000000000006a76 R09: 0000000000000000
[  452.477320][T15283] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000
[  452.477332][T15283] R13: 00007f82d4a16038 R14: 00007f82d4a15fa0 R15: 00007ffdfa69c358
[  452.477376][T15283]  </TASK>
[  454.131111][T15330] kvm: kvm [15328]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00
[  454.145053][T15330] kvm: kvm [15328]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00
[  455.189689][T15367] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3090'.
[  455.210985][T15367] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3090'.
[  455.293426][T15370] netlink: 52 bytes leftover after parsing attributes in process `syz.6.3091'.
[  455.308499][T15355] loop7: detected capacity change from 0 to 32768
[  455.352277][T15355] ocfs2: Slot 0 on device (7,7) was already allocated to this node!
[  455.366911][T15374] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3091'.
[  455.391106][T15355] JBD2: Ignoring recovery information on journal
[  455.408334][T15376] loop5: detected capacity change from 0 to 64
[  455.466534][   T29] audit: type=1800 audit(1774296766.981:106): pid=15376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3093" name="file1" dev="loop5" ino=22 res=0 errno=0
[  455.526209][T15355] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  455.648509][T15355] netlink: 207952 bytes leftover after parsing attributes in process `syz.7.3085'.
[  455.861186][ T8818] ocfs2: Unmounting device (7,7) on (node local)
[  455.978965][   T29] audit: type=1326 audit(1774296767.501:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15386 comm="syz.4.3099" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f82d479c799 code=0x0
[  456.527952][T15406] loop5: detected capacity change from 0 to 1024
[  457.120354][T15418] loop1: detected capacity change from 0 to 128
[  457.209012][T15418] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  457.298030][T15418] ext4 filesystem being mounted at /638/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  457.398035][   T29] audit: type=1800 audit(1774296768.911:108): pid=15418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3109" name="file1" dev="loop1" ino=12 res=0 errno=0
[  457.744234][ T5837] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  457.814639][ T8169] hfsplus: b-tree write err: -5, ino 3
[  457.940296][T15426] 8021q: adding VLAN 0 to HW filter on device bond0
[  457.969416][T15426] 8021q: adding VLAN 0 to HW filter on device team0
[  458.002964][T15426] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  459.339335][T15456] loop1: detected capacity change from 0 to 1024
[  460.031458][T15450] loop7: detected capacity change from 0 to 40427
[  460.041556][T15448] loop4: detected capacity change from 0 to 40427
[  460.045312][T15450] F2FS-fs: heap/no_heap options were deprecated
[  460.056824][T15448] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  460.065901][T15448] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  460.111987][T15448] F2FS-fs (loop4): invalid crc value
[  460.189756][T15450] F2FS-fs (loop7): build fault injection rate: 19
[  460.218633][T15450] F2FS-fs (loop7): build fault injection type: 0x3bfe8c
[  460.240164][T15450] F2FS-fs (loop7): invalid crc value
[  460.303156][T15450] F2FS-fs (loop7): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810
[  460.384984][T15448] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  460.427174][T15448] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  460.460889][T15448] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  460.576803][T15450] F2FS-fs (loop7): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410
[  460.647212][T15450] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  460.672379][T15450] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  460.818480][T15450] F2FS-fs (loop7): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060
[  460.879064][T15490] F2FS-fs (loop7): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80
[  461.019910][   T29] audit: type=1800 audit(1774296772.541:109): pid=15490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3122" name="file1" dev="loop7" ino=14 res=0 errno=0
[  461.111080][ T8818] syz-executor: attempt to access beyond end of device
[  461.111080][ T8818] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  461.163348][ T8818] CPU: 1 UID: 0 PID: 8818 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  461.163381][ T8818] Tainted: [L]=SOFTLOCKUP
[  461.163388][ T8818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  461.163398][ T8818] Call Trace:
[  461.163407][ T8818]  <TASK>
[  461.163414][ T8818]  dump_stack_lvl+0xe8/0x150
[  461.163457][ T8818]  f2fs_handle_critical_error+0x37c/0x540
[  461.163492][ T8818]  f2fs_write_end_io+0x1274/0x1740
[  461.163534][ T8818]  __submit_merged_bio+0x256/0x6a0
[  461.163568][ T8818]  __submit_merged_write_cond+0x3c9/0x4e0
[  461.163604][ T8818]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  461.163657][ T8818]  f2fs_write_data_pages+0x287e/0x34f0
[  461.163676][ T8818]  ? __lock_acquire+0x6b5/0x2cf0
[  461.163741][ T8818]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  461.163814][ T8818]  ? __lock_acquire+0x6b5/0x2cf0
[  461.163858][ T8818]  ? __lock_acquire+0x6b5/0x2cf0
[  461.163898][ T8818]  ? do_raw_spin_lock+0x12b/0x2f0
[  461.163926][ T8818]  ? do_raw_spin_unlock+0xf5/0x210
[  461.163947][ T8818]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  461.163966][ T8818]  do_writepages+0x32e/0x550
[  461.163997][ T8818]  ? do_raw_spin_unlock+0xf5/0x210
[  461.164021][ T8818]  filemap_fdatawrite+0x1e9/0x2f0
[  461.164046][ T8818]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  461.164108][ T8818]  ? do_raw_spin_unlock+0xf5/0x210
[  461.164134][ T8818]  f2fs_sync_dirty_inodes+0x30e/0x830
[  461.164168][ T8818]  f2fs_write_checkpoint+0x9df/0x26a0
[  461.164185][ T8818]  ? __lock_acquire+0x6b5/0x2cf0
[  461.164238][ T8818]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  461.164306][ T8818]  kill_f2fs_super+0x314/0x720
[  461.164333][ T8818]  ? __pfx_kill_f2fs_super+0x10/0x10
[  461.164368][ T8818]  ? lockdep_hardirqs_on+0x7a/0x110
[  461.164411][ T8818]  deactivate_locked_super+0xbc/0x130
[  461.164447][ T8818]  cleanup_mnt+0x437/0x4d0
[  461.164467][ T8818]  ? _raw_spin_unlock_irq+0x23/0x50
[  461.164495][ T8818]  task_work_run+0x1d9/0x270
[  461.164522][ T8818]  ? __pfx_task_work_run+0x10/0x10
[  461.164556][ T8818]  exit_to_user_mode_loop+0xed/0x480
[  461.164580][ T8818]  ? rcu_is_watching+0x15/0xb0
[  461.164604][ T8818]  do_syscall_64+0x32d/0xf80
[  461.164630][ T8818]  ? trace_irq_disable+0x3b/0x140
[  461.164652][ T8818]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  461.164671][ T8818]  ? clear_bhb_loop+0x40/0x90
[  461.164694][ T8818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  461.164713][ T8818] RIP: 0033:0x7ffad8f9d9d7
[  461.164732][ T8818] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  461.164746][ T8818] RSP: 002b:00007ffdd2691108 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  461.164766][ T8818] RAX: 0000000000000000 RBX: 00007ffad9032050 RCX: 00007ffad8f9d9d7
[  461.164779][ T8818] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdd26911c0
[  461.164791][ T8818] RBP: 00007ffdd26911c0 R08: 00007ffdd26921c0 R09: 00000000ffffffff
[  461.164804][ T8818] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdd2692250
[  461.164816][ T8818] R13: 00007ffad9032050 R14: 00000000000708eb R15: 00007ffdd2692290
[  461.164848][ T8818]  </TASK>
[  461.628955][ T8818] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  462.088453][T15500] loop1: detected capacity change from 0 to 2048
[  462.122770][T15500] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  462.178504][T15500] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  462.384803][ T9437] IPVS: starting estimator thread 0...
[  462.504071][T15508] IPVS: using max 34 ests per chain, 81600 per kthread
[  463.334199][   T10] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  463.364377][ T9438] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[  463.494393][   T10] usb 5-1: Using ep0 maxpacket: 16
[  463.527487][   T10] usb 5-1: config index 0 descriptor too short (expected 51443, got 18)
[  463.549570][ T9438] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  463.552342][   T10] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  463.574904][ T9438] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.584657][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.605488][   T10] usb 5-1: Product: syz
[  463.609748][   T10] usb 5-1: Manufacturer: syz
[  463.616015][ T9438] usb 6-1: Product: syz
[  463.620741][ T9438] usb 6-1: Manufacturer: syz
[  463.624091][   T10] usb 5-1: SerialNumber: syz
[  463.632275][ T9438] usb 6-1: SerialNumber: syz
[  463.641173][   T10] r8152-cfgselector 5-1: Unknown version 0x0000
[  463.651915][ T9438] usb 6-1: config 0 descriptor??
[  463.657007][   T10] r8152-cfgselector 5-1: config 0 descriptor??
[  463.929807][T15559] overlayfs: failed to clone upperpath
[  464.104148][ T9438] usb 6-1: Firmware: major: 212, minor: 143, hardware type: ATUSB (1)
[  464.127464][ T9437] r8152-cfgselector 5-1: USB disconnect, device number 25
[  464.153530][T15553] loop7: detected capacity change from 0 to 32768
[  464.171557][T15553] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.3163 (15553)
[  464.215877][T15553] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  464.234280][T15553] BTRFS info (device loop7): using sha256 checksum algorithm
[  464.314825][ T9438] usb 6-1: Read permanent extended address 00:00:00:00:00:00:00:09 from device
[  464.325178][T15553] BTRFS info (device loop7): enabling ssd optimizations
[  464.345381][T15553] BTRFS info (device loop7): turning on async discard
[  464.364288][T15553] BTRFS info (device loop7): enabling free space tree
[  464.537380][ T9438] usb 6-1: USB disconnect, device number 24
[  464.559734][   T29] audit: type=1800 audit(1774296776.081:110): pid=15583 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.3168" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[  464.803871][ T8818] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  465.280145][T15591] loop1: detected capacity change from 0 to 32768
[  465.396692][T15591] JBD2: Ignoring recovery information on journal
[  465.449050][T15591] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  465.604622][   T29] audit: type=1800 audit(1774296777.131:111): pid=15591 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3172" name="file1" dev="loop1" ino=17058 res=0 errno=0
[  466.445756][T15599] loop4: detected capacity change from 0 to 32768
[  466.453051][ T5837] ocfs2: Unmounting device (7,1) on (node local)
[  466.499127][T15599] btrfs: Deprecated parameter 'usebackuproot'
[  466.536389][T15599] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  466.620272][T15599] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3174 (15599)
[  466.698954][T15599] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  466.745248][T15599] BTRFS info (device loop4): using crc32c checksum algorithm
[  466.908457][   T12] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  466.997064][T15635] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3183'.
[  467.138504][T15599] BTRFS error (device loop4): failed to load root extent
[  467.145836][T15599] BTRFS warning (device loop4): try to load backup roots slot 1
[  467.163684][ T8167] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  467.193517][T15599] BTRFS warning (device loop4): couldn't read tree root
[  467.216488][T15599] BTRFS warning (device loop4): try to load backup roots slot 2
[  467.260673][   T66] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  467.292551][T15599] BTRFS warning (device loop4): couldn't read tree root
[  467.324008][T15599] BTRFS warning (device loop4): try to load backup roots slot 3
[  467.407530][T15599] BTRFS info (device loop4): rebuilding free space tree
[  467.620468][T15599] BTRFS info (device loop4): checking UUID tree
[  467.639223][T15599] BTRFS info (device loop4): enabling ssd optimizations
[  467.680786][T15599] BTRFS info (device loop4): turning on async discard
[  467.697163][T15599] BTRFS info (device loop4): enabling free space tree
[  467.715502][T15599] BTRFS info (device loop4): force clearing of disk cache
[  467.741609][T15599] BTRFS info (device loop4): enabling auto defrag
[  467.769218][T15599] BTRFS info (device loop4): trying to use backup root at mount time
[  467.814199][T15599] BTRFS info (device loop4): use zstd compression, level 3
[  468.037903][ T5840] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  468.305302][   T29] audit: type=1326 audit(1774296779.811:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15653 comm="syz.5.3190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595759c799 code=0x7fc00000
[  468.328477][T15656] loop7: detected capacity change from 0 to 32768
[  468.371437][T15656] JBD2: Ignoring recovery information on journal
[  468.436853][T15656] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  468.495363][   T29] audit: type=1800 audit(1774296780.011:113): pid=15656 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3189" name="file1" dev="loop7" ino=17058 res=0 errno=0
[  468.839200][   T29] audit: type=1326 audit(1774296780.361:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15653 comm="syz.5.3190" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f595753db19 code=0x7fc00000
[  469.155002][T15671] loop1: detected capacity change from 0 to 2048
[  469.205754][ T8818] ocfs2: Unmounting device (7,7) on (node local)
[  469.220886][T15671] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  469.920388][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  471.070980][T15718] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  471.231656][T15705] loop4: detected capacity change from 0 to 32768
[  471.262346][T15705] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3205 (15705)
[  471.331190][T15705] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  471.367103][T15705] BTRFS info (device loop4): using crc32c checksum algorithm
[  471.528421][T15705] BTRFS info (device loop4): turning off barriers
[  471.597481][T15705] BTRFS info (device loop4): enabling free space tree
[  471.633363][T15705] BTRFS info (device loop4): use zstd compression, level 3
[  472.075015][   T10] usb 8-1: new full-speed USB device number 13 using dummy_hcd
[  472.275865][   T10] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  472.294011][   T10] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  472.309445][T15743] loop1: detected capacity change from 0 to 32768
[  472.327866][   T10] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  472.370269][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.381591][T15743] (syz.1.3214,15743,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  472.443578][T15758] loop5: detected capacity change from 0 to 128
[  472.462466][T15743] (syz.1.3214,15743,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  472.477107][ T5840] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  472.610920][T15743] JBD2: Ignoring recovery information on journal
[  472.625815][T15758] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  472.655466][   T10] usb 8-1: usb_control_msg returned -32
[  472.746276][   T10] usbtmc 8-1:16.0: can't read capabilities
[  472.758425][T15758] ext4 filesystem being mounted at /562/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  472.835461][T15743] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  472.922104][   T29] audit: type=1800 audit(1774296784.431:115): pid=15758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3219" name="file1" dev="loop5" ino=12 res=0 errno=0
[  473.318498][ T9438] usb 8-1: USB disconnect, device number 13
[  473.347665][ T6606] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  473.660255][T15777] loop5: detected capacity change from 0 to 64
[  473.735418][T15770] loop4: detected capacity change from 0 to 40427
[  473.753335][T15770] F2FS-fs (loop4): build fault injection rate: 771
[  473.771688][T15770] F2FS-fs (loop4): invalid crc value
[  473.812366][ T5837] ocfs2: Unmounting device (7,1) on (node local)
[  474.059497][T15770] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  474.107186][T15770] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  474.221263][T15770] syz.4.3221: attempt to access beyond end of device
[  474.221263][T15770] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  474.422433][   T10] kernel write not supported for file bpf-prog (pid: 10 comm: kworker/0:1)
[  474.605290][ T5840] syz-executor: attempt to access beyond end of device
[  474.605290][ T5840] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  474.665630][ T5840] CPU: 1 UID: 0 PID: 5840 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  474.665665][ T5840] Tainted: [L]=SOFTLOCKUP
[  474.665672][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  474.665684][ T5840] Call Trace:
[  474.665691][ T5840]  <TASK>
[  474.665700][ T5840]  dump_stack_lvl+0xe8/0x150
[  474.665734][ T5840]  f2fs_handle_critical_error+0x37c/0x540
[  474.665767][ T5840]  f2fs_write_end_io+0x1274/0x1740
[  474.665810][ T5840]  __submit_merged_bio+0x256/0x6a0
[  474.665839][ T5840]  __submit_merged_write_cond+0x3c9/0x4e0
[  474.665872][ T5840]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  474.665918][ T5840]  f2fs_write_data_pages+0x287e/0x34f0
[  474.665935][ T5840]  ? __lock_acquire+0x6b5/0x2cf0
[  474.665997][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  474.666030][ T5840]  ? __pfx_css_rstat_updated+0x10/0x10
[  474.666054][ T5840]  ? is_bpf_text_address+0x26/0x2b0
[  474.666114][ T5840]  ? mod_memcg_lruvec_state+0x208/0x220
[  474.666143][ T5840]  ? lru_gen_update_size+0x7c7/0xd10
[  474.666177][ T5840]  ? __lock_acquire+0x6b5/0x2cf0
[  474.666232][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  474.666253][ T5840]  do_writepages+0x32e/0x550
[  474.666288][ T5840]  ? do_raw_spin_unlock+0xf5/0x210
[  474.666317][ T5840]  filemap_fdatawrite+0x1e9/0x2f0
[  474.666345][ T5840]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  474.666418][ T5840]  ? do_raw_spin_unlock+0xf5/0x210
[  474.666447][ T5840]  f2fs_sync_dirty_inodes+0x30e/0x830
[  474.666484][ T5840]  f2fs_write_checkpoint+0x9df/0x26a0
[  474.666552][ T5840]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  474.666612][ T5840]  ? kfree+0x1c5/0x640
[  474.666637][ T5840]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  474.666669][ T5840]  kill_f2fs_super+0x314/0x720
[  474.666696][ T5840]  ? __pfx_kill_f2fs_super+0x10/0x10
[  474.666731][ T5840]  ? lockdep_hardirqs_on+0x7a/0x110
[  474.666773][ T5840]  deactivate_locked_super+0xbc/0x130
[  474.666804][ T5840]  cleanup_mnt+0x437/0x4d0
[  474.666822][ T5840]  ? _raw_spin_unlock_irq+0x23/0x50
[  474.666851][ T5840]  task_work_run+0x1d9/0x270
[  474.666879][ T5840]  ? __pfx_task_work_run+0x10/0x10
[  474.666916][ T5840]  exit_to_user_mode_loop+0xed/0x480
[  474.666941][ T5840]  ? rcu_is_watching+0x15/0xb0
[  474.666966][ T5840]  do_syscall_64+0x32d/0xf80
[  474.666991][ T5840]  ? trace_irq_disable+0x3b/0x140
[  474.667018][ T5840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.667037][ T5840]  ? clear_bhb_loop+0x40/0x90
[  474.667062][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.667081][ T5840] RIP: 0033:0x7f82d479d9d7
[  474.667100][ T5840] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  474.667116][ T5840] RSP: 002b:00007ffdfa69b5c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  474.667137][ T5840] RAX: 0000000000000000 RBX: 00007f82d4832050 RCX: 00007f82d479d9d7
[  474.667150][ T5840] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdfa69b680
[  474.667162][ T5840] RBP: 00007ffdfa69b680 R08: 00007ffdfa69c680 R09: 00000000ffffffff
[  474.667175][ T5840] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdfa69c710
[  474.667186][ T5840] R13: 00007f82d4832050 R14: 0000000000073d3e R15: 00007ffdfa69c750
[  474.667220][ T5840]  </TASK>
[  474.673003][ T5840] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  476.456519][T15835] overlayfs: failed to clone upperpath
[  477.122949][T15851] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3256'.
[  477.157800][T15851] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3256'.
[  477.657251][T15837] loop4: detected capacity change from 0 to 32768
[  477.716311][T15837] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  477.898444][T15837] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  477.956698][T15872] loop1: detected capacity change from 0 to 512
[  477.988117][T15837] XFS (loop4): Starting recovery (logdev: internal)
[  478.034174][T15872] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  478.140444][T15872] ext4 filesystem being mounted at /675/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  478.163649][T15837] XFS (loop4): Ending recovery (logdev: internal)
[  478.564274][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  478.687321][ T5840] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  479.190519][   T29] audit: type=1326 audit(1774296790.691:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595759c799 code=0x7ffc0000
[  479.219813][T15901] loop5: detected capacity change from 0 to 512
[  479.264533][T15901] EXT4-fs: Ignoring removed nobh option
[  479.284330][T15901] EXT4-fs (loop5): Test dummy encryption mode enabled
[  479.284782][   T29] audit: type=1326 audit(1774296790.691:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595759c799 code=0x7ffc0000
[  479.284826][   T29] audit: type=1326 audit(1774296790.711:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595759c799 code=0x7ffc0000
[  479.284868][   T29] audit: type=1326 audit(1774296790.711:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f595759c799 code=0x7ffc0000
[  479.284908][   T29] audit: type=1326 audit(1774296790.731:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f595759c799 code=0x7ffc0000
[  479.284948][   T29] audit: type=1326 audit(1774296790.731:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f595759c502 code=0x7ffc0000
[  479.284986][   T29] audit: type=1326 audit(1774296790.741:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f595755cfce code=0x7ffc0000
[  479.285024][   T29] audit: type=1326 audit(1774296790.741:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f595759c5c7 code=0x7ffc0000
[  479.285061][   T29] audit: type=1326 audit(1774296790.741:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f595755cfce code=0x7ffc0000
[  479.285098][   T29] audit: type=1326 audit(1774296790.741:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15900 comm="syz.5.3271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f595759c42b code=0x7ffc0000
[  479.291211][T15901] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.3271: iget: bad i_size value: -3674898675588399094
[  479.291246][T15901] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  479.291609][T15901] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.3271: couldn't read orphan inode 15 (err -117)
[  479.291636][T15901] loop5: lost filesystem error report for type 5 error -117
[  479.295621][T15901] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  480.312459][   T49] EXT4-fs error (device loop5): ext4_validate_block_bitmap:432: comm kworker/u8:3: bg 0: block 5: invalid block bitmap
[  480.362129][   T49] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1072 with error 28
[  480.395154][   T49] EXT4-fs (loop5): This should not happen!! Data will be lost
[  480.395154][   T49] 
[  480.415114][   T49] EXT4-fs (loop5): Total free blocks count 0
[  480.429154][   T49] EXT4-fs (loop5): Free/Dirty block details
[  480.437021][   T49] EXT4-fs (loop5): free_blocks=0
[  480.442438][   T49] EXT4-fs (loop5): dirty_blocks=1076
[  480.471625][   T49] EXT4-fs (loop5): Block reservation details
[  480.489284][   T49] EXT4-fs (loop5): i_reserved_data_blocks=1076
[  480.603470][ T6606] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.771447][T15935] loop5: detected capacity change from 0 to 64
[  480.994514][ T9438] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  481.169409][ T9438] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  481.197614][ T9438] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  481.227431][ T9438] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  481.250866][ T9438] usb 2-1: config 0 descriptor??
[  481.422984][T15956] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3293'.
[  481.477228][ T9438] usbhid 2-1:0.0: can't add hid device: -71
[  481.494844][ T9438] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  481.525977][ T9438] usb 2-1: USB disconnect, device number 24
[  481.603420][T15945] loop5: detected capacity change from 0 to 40427
[  481.632063][T15945] F2FS-fs (loop5): build fault injection rate: 771
[  481.658578][T15945] F2FS-fs (loop5): invalid crc value
[  481.795961][T15945] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  481.828592][T15945] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  481.950702][T15945] syz.5.3286: attempt to access beyond end of device
[  481.950702][T15945] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  482.004056][ T9438] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  482.115344][T15966] syz.5.3286: attempt to access beyond end of device
[  482.115344][T15966] loop5: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  482.155400][T15966] CPU: 1 UID: 0 PID: 15966 Comm: syz.5.3286 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  482.155435][T15966] Tainted: [L]=SOFTLOCKUP
[  482.155441][T15966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  482.155453][T15966] Call Trace:
[  482.155468][T15966]  <TASK>
[  482.155478][T15966]  dump_stack_lvl+0xe8/0x150
[  482.155517][T15966]  f2fs_handle_critical_error+0x37c/0x540
[  482.155556][T15966]  f2fs_write_end_io+0x1274/0x1740
[  482.155600][T15966]  __submit_merged_bio+0x256/0x6a0
[  482.155635][T15966]  f2fs_submit_merged_write+0x284/0x390
[  482.155669][T15966]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  482.155714][T15966]  f2fs_sync_node_pages+0x14bf/0x1680
[  482.155762][T15966]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  482.155834][T15966]  f2fs_write_checkpoint+0xeb8/0x26a0
[  482.155890][T15966]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  482.155949][T15966]  ? __pfx_down_write+0x10/0x10
[  482.155985][T15966]  f2fs_trim_fs+0xc64/0x1690
[  482.156110][T15966]  ? __pfx_f2fs_trim_fs+0x10/0x10
[  482.156151][T15966]  ? mnt_get_write_access+0x66/0x280
[  482.156188][T15966]  ? mnt_want_write_file+0x172/0x200
[  482.156212][T15966]  __f2fs_ioctl+0x4f58/0xbd20
[  482.156267][T15966]  ? __pfx_stack_trace_save+0x10/0x10
[  482.156300][T15966]  ? stack_depot_save_flags+0x33/0x810
[  482.156370][T15966]  ? kasan_save_track+0x4f/0x80
[  482.156389][T15966]  ? kasan_save_track+0x3e/0x80
[  482.156405][T15966]  ? kasan_save_free_info+0x46/0x50
[  482.156432][T15966]  ? __kasan_slab_free+0x5c/0x80
[  482.156451][T15966]  ? kfree+0x1c5/0x640
[  482.156483][T15966]  ? tomoyo_path_number_perm+0x501/0x630
[  482.156563][T15966]  ? security_file_ioctl+0xc3/0x2a0
[  482.156648][T15966]  ? __se_sys_ioctl+0x47/0x170
[  482.156667][T15966]  ? do_syscall_64+0x14d/0xf80
[  482.156695][T15966]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.156739][T15966]  ? __pfx___f2fs_ioctl+0x10/0x10
[  482.156778][T15966]  ? kasan_quarantine_put+0xbb/0x1f0
[  482.156814][T15966]  ? tomoyo_path_number_perm+0x219/0x630
[  482.156842][T15966]  ? tomoyo_path_number_perm+0x219/0x630
[  482.156874][T15966]  ? do_vfs_ioctl+0x1166/0x1530
[  482.156899][T15966]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  482.156936][T15966]  ? do_futex+0x333/0x420
[  482.156969][T15966]  ? __fget_files+0x2a/0x420
[  482.156998][T15966]  ? __fget_files+0x3a0/0x420
[  482.157020][T15966]  ? __fget_files+0x2a/0x420
[  482.157047][T15966]  ? f2fs_ioctl+0x135/0x250
[  482.157064][T15966]  ? __pfx_f2fs_ioctl+0x10/0x10
[  482.157081][T15966]  __se_sys_ioctl+0xfc/0x170
[  482.157104][T15966]  do_syscall_64+0x14d/0xf80
[  482.157127][T15966]  ? trace_irq_disable+0x3b/0x140
[  482.157150][T15966]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.157168][T15966]  ? clear_bhb_loop+0x40/0x90
[  482.157192][T15966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.157211][T15966] RIP: 0033:0x7f595759c799
[  482.157230][T15966] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  482.157246][T15966] RSP: 002b:00007f59583e1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  482.157266][T15966] RAX: ffffffffffffffda RBX: 00007f5957816090 RCX: 00007f595759c799
[  482.157280][T15966] RDX: 0000200000000000 RSI: 00000000c0185879 RDI: 0000000000000004
[  482.157292][T15966] RBP: 00007f5957632c99 R08: 0000000000000000 R09: 0000000000000000
[  482.157304][T15966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  482.157315][T15966] R13: 00007f5957816128 R14: 00007f5957816090 R15: 00007ffe01573888
[  482.157349][T15966]  </TASK>
[  482.163537][T15966] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  482.320737][T15970] overlayfs: failed to clone upperpath
[  482.323121][ T9438] usb 2-1: Using ep0 maxpacket: 32
[  482.390452][T15966] CPU: 0 UID: 0 PID: 15966 Comm: syz.5.3286 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  482.390485][T15966] Tainted: [L]=SOFTLOCKUP
[  482.390491][T15966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  482.390503][T15966] Call Trace:
[  482.390510][T15966]  <TASK>
[  482.390519][T15966]  dump_stack_lvl+0xe8/0x150
[  482.390555][T15966]  f2fs_handle_critical_error+0x37c/0x540
[  482.390590][T15966]  f2fs_write_end_io+0x1274/0x1740
[  482.390632][T15966]  __submit_merged_bio+0x256/0x6a0
[  482.390667][T15966]  f2fs_submit_merged_write+0x284/0x390
[  482.390700][T15966]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  482.390744][T15966]  f2fs_sync_node_pages+0x14bf/0x1680
[  482.390790][T15966]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  482.390859][T15966]  f2fs_write_checkpoint+0xeb8/0x26a0
[  482.390913][T15966]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  482.390980][T15966]  ? __pfx_down_write+0x10/0x10
[  482.391018][T15966]  f2fs_trim_fs+0xc64/0x1690
[  482.391053][T15966]  ? __pfx_f2fs_trim_fs+0x10/0x10
[  482.391093][T15966]  ? mnt_get_write_access+0x66/0x280
[  482.391125][T15966]  ? mnt_want_write_file+0x172/0x200
[  482.391148][T15966]  __f2fs_ioctl+0x4f58/0xbd20
[  482.391167][T15966]  ? __pfx_stack_trace_save+0x10/0x10
[  482.391196][T15966]  ? stack_depot_save_flags+0x33/0x810
[  482.391225][T15966]  ? kasan_save_track+0x4f/0x80
[  482.391241][T15966]  ? kasan_save_track+0x3e/0x80
[  482.391257][T15966]  ? kasan_save_free_info+0x46/0x50
[  482.391281][T15966]  ? __kasan_slab_free+0x5c/0x80
[  482.391297][T15966]  ? kfree+0x1c5/0x640
[  482.391321][T15966]  ? tomoyo_path_number_perm+0x501/0x630
[  482.391346][T15966]  ? security_file_ioctl+0xc3/0x2a0
[  482.391369][T15966]  ? __se_sys_ioctl+0x47/0x170
[  482.391388][T15966]  ? do_syscall_64+0x14d/0xf80
[  482.391413][T15966]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.391452][T15966]  ? __pfx___f2fs_ioctl+0x10/0x10
[  482.391492][T15966]  ? kasan_quarantine_put+0xbb/0x1f0
[  482.391529][T15966]  ? tomoyo_path_number_perm+0x219/0x630
[  482.391557][T15966]  ? tomoyo_path_number_perm+0x219/0x630
[  482.391588][T15966]  ? do_vfs_ioctl+0x1166/0x1530
[  482.391612][T15966]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  482.391647][T15966]  ? do_futex+0x333/0x420
[  482.391686][T15966]  ? __fget_files+0x2a/0x420
[  482.391717][T15966]  ? __fget_files+0x3a0/0x420
[  482.391740][T15966]  ? __fget_files+0x2a/0x420
[  482.391768][T15966]  ? f2fs_ioctl+0x135/0x250
[  482.391787][T15966]  ? __pfx_f2fs_ioctl+0x10/0x10
[  482.391806][T15966]  __se_sys_ioctl+0xfc/0x170
[  482.391829][T15966]  do_syscall_64+0x14d/0xf80
[  482.391854][T15966]  ? trace_irq_disable+0x3b/0x140
[  482.391876][T15966]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.391894][T15966]  ? clear_bhb_loop+0x40/0x90
[  482.391917][T15966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.391943][T15966] RIP: 0033:0x7f595759c799
[  482.391962][T15966] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  482.391978][T15966] RSP: 002b:00007f59583e1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  482.392000][T15966] RAX: ffffffffffffffda RBX: 00007f5957816090 RCX: 00007f595759c799
[  482.392013][T15966] RDX: 0000200000000000 RSI: 00000000c0185879 RDI: 0000000000000004
[  482.392025][T15966] RBP: 00007f5957632c99 R08: 0000000000000000 R09: 0000000000000000
[  482.392036][T15966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  482.392047][T15966] R13: 00007f5957816128 R14: 00007f5957816090 R15: 00007ffe01573888
[  482.392080][T15966]  </TASK>
[  482.406060][T15966] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  482.413139][ T9438] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  483.170464][ T9438] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  483.182400][ T9438] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.199049][ T9438] usb 2-1: config 0 descriptor??
[  483.207496][ T9438] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  483.223747][ T9438] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  483.582781][    C0] ldusb 2-1:0.0: Ring buffer overflow, 8 bytes dropped
[  483.663697][T15993] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3298'.
[  483.913409][    C1] ldusb 2-1:0.0: Ring buffer overflow, 8 bytes dropped
[  485.007416][   T10] usb 2-1: USB disconnect, device number 25
[  485.021506][T16010] loop4: detected capacity change from 0 to 40427
[  485.059538][T16018] netlink: 'syz.7.3316': attribute type 4 has an invalid length.
[  485.081563][T16010] F2FS-fs (loop4): build fault injection rate: 771
[  485.111582][T16010] F2FS-fs (loop4): invalid crc value
[  485.152459][   T10] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  485.347019][T16010] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  485.375262][T16010] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  485.526957][T16021] f2fs_ckpt-7:4: attempt to access beyond end of device
[  485.526957][T16021] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  485.557846][T16021] CPU: 0 UID: 0 PID: 16021 Comm: f2fs_ckpt-7:4 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  485.557877][T16021] Tainted: [L]=SOFTLOCKUP
[  485.557884][T16021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  485.557896][T16021] Call Trace:
[  485.557904][T16021]  <TASK>
[  485.557913][T16021]  dump_stack_lvl+0xe8/0x150
[  485.557946][T16021]  f2fs_handle_critical_error+0x37c/0x540
[  485.557981][T16021]  f2fs_write_end_io+0x1274/0x1740
[  485.558023][T16021]  __submit_merged_bio+0x256/0x6a0
[  485.558057][T16021]  f2fs_submit_merged_write+0x284/0x390
[  485.558092][T16021]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  485.558143][T16021]  f2fs_sync_node_pages+0x14bf/0x1680
[  485.558187][T16021]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  485.558258][T16021]  f2fs_write_checkpoint+0xeb8/0x26a0
[  485.558310][T16021]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  485.558367][T16021]  ? down_write+0x16d/0x200
[  485.558387][T16021]  ? __pfx_down_write+0x10/0x10
[  485.558404][T16021]  ? uplift_priority+0xdb/0x700
[  485.558430][T16021]  ? __schedule+0x1672/0x5520
[  485.558461][T16021]  __write_checkpoint_sync+0x124/0x2b0
[  485.558489][T16021]  ? __pfx___write_checkpoint_sync+0x10/0x10
[  485.558526][T16021]  ? __pfx___schedule+0x10/0x10
[  485.558564][T16021]  __checkpoint_and_complete_reqs+0x53/0x2d0
[  485.558593][T16021]  issue_checkpoint_thread+0xd6/0x280
[  485.558616][T16021]  ? __pfx_issue_checkpoint_thread+0x10/0x10
[  485.558637][T16021]  ? __pfx_autoremove_wake_function+0x10/0x10
[  485.558665][T16021]  ? __kthread_parkme+0x7a/0x1f0
[  485.558696][T16021]  kthread+0x388/0x470
[  485.558718][T16021]  ? __pfx_issue_checkpoint_thread+0x10/0x10
[  485.558737][T16021]  ? __pfx_kthread+0x10/0x10
[  485.558757][T16021]  ret_from_fork+0x51e/0xb90
[  485.558786][T16021]  ? __pfx_ret_from_fork+0x10/0x10
[  485.558809][T16021]  ? __switch_to+0xc7d/0x1420
[  485.558839][T16021]  ? __pfx_kthread+0x10/0x10
[  485.558863][T16021]  ret_from_fork_asm+0x1a/0x30
[  485.558901][T16021]  </TASK>
[  485.559433][T16021] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  485.796960][T16021] CPU: 0 UID: 0 PID: 16021 Comm: f2fs_ckpt-7:4 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  485.796991][T16021] Tainted: [L]=SOFTLOCKUP
[  485.796999][T16021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  485.797010][T16021] Call Trace:
[  485.797018][T16021]  <TASK>
[  485.797026][T16021]  dump_stack_lvl+0xe8/0x150
[  485.797059][T16021]  f2fs_handle_critical_error+0x37c/0x540
[  485.797092][T16021]  f2fs_write_end_io+0x1274/0x1740
[  485.797134][T16021]  __submit_merged_bio+0x256/0x6a0
[  485.797168][T16021]  f2fs_submit_merged_write+0x284/0x390
[  485.797198][T16021]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  485.797238][T16021]  f2fs_sync_node_pages+0x14bf/0x1680
[  485.797283][T16021]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  485.797350][T16021]  f2fs_write_checkpoint+0xeb8/0x26a0
[  485.797404][T16021]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  485.797461][T16021]  ? down_write+0x16d/0x200
[  485.797482][T16021]  ? __pfx_down_write+0x10/0x10
[  485.797499][T16021]  ? uplift_priority+0xdb/0x700
[  485.797522][T16021]  ? __schedule+0x1672/0x5520
[  485.797551][T16021]  __write_checkpoint_sync+0x124/0x2b0
[  485.797578][T16021]  ? __pfx___write_checkpoint_sync+0x10/0x10
[  485.797614][T16021]  ? __pfx___schedule+0x10/0x10
[  485.797654][T16021]  __checkpoint_and_complete_reqs+0x53/0x2d0
[  485.797685][T16021]  issue_checkpoint_thread+0xd6/0x280
[  485.797710][T16021]  ? __pfx_issue_checkpoint_thread+0x10/0x10
[  485.797732][T16021]  ? __pfx_autoremove_wake_function+0x10/0x10
[  485.797760][T16021]  ? __kthread_parkme+0x7a/0x1f0
[  485.797791][T16021]  kthread+0x388/0x470
[  485.797814][T16021]  ? __pfx_issue_checkpoint_thread+0x10/0x10
[  485.797834][T16021]  ? __pfx_kthread+0x10/0x10
[  485.797858][T16021]  ret_from_fork+0x51e/0xb90
[  485.797886][T16021]  ? __pfx_ret_from_fork+0x10/0x10
[  485.797920][T16021]  ? __switch_to+0xc7d/0x1420
[  485.797948][T16021]  ? __pfx_kthread+0x10/0x10
[  485.797972][T16021]  ret_from_fork_asm+0x1a/0x30
[  485.798010][T16021]  </TASK>
[  485.798019][T16021] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  485.815200][ T9437] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  486.162106][T16052] loop1: detected capacity change from 0 to 256
[  486.194433][ T9437] usb 6-1: Using ep0 maxpacket: 8
[  486.210559][ T9437] usb 6-1: config 1 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  486.225147][ T9437] usb 6-1: config 1 interface 0 has no altsetting 0
[  486.258801][ T9437] usb 6-1: string descriptor 0 read error: -22
[  486.276289][ T9437] usb 6-1: New USB device found, idVendor=04b4, idProduct=de64, bcdDevice= 0.40
[  486.314838][ T9437] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  486.790146][ T9437] hid_parser_main: 4007 callbacks suppressed
[  486.790212][ T9437] cypress 0003:04B4:DE64.0018: unknown main item tag 0x0
[  486.831558][ T9437] cypress 0003:04B4:DE64.0018: unknown main item tag 0x0
[  486.852319][ T9437] cypress 0003:04B4:DE64.0018: unknown main item tag 0x0
[  486.875826][ T9437] cypress 0003:04B4:DE64.0018: unknown main item tag 0x0
[  486.894226][ T9437] cypress 0003:04B4:DE64.0018: unknown main item tag 0x0
[  486.913664][ T9437] cypress 0003:04B4:DE64.0018: unknown main item tag 0x0
[  486.929481][ T9437] cypress 0003:04B4:DE64.0018: unknown main item tag 0x0
[  486.959084][ T9437] cypress 0003:04B4:DE64.0018: unknown main item tag 0x0
[  487.003577][ T9437] cypress 0003:04B4:DE64.0018: unknown main item tag 0x0
[  487.021966][ T9437] cypress 0003:04B4:DE64.0018: unknown main item tag 0x0
[  487.056099][T16083] wg2: entered promiscuous mode
[  487.065526][T16083] wg2: entered allmulticast mode
[  487.193140][ T9437] cypress 0003:04B4:DE64.0018: hidraw0: USB HID v0.04 Device [HID 04b4:de64] on usb-dummy_hcd.5-1/input0
[  487.255107][ T9437] usb 6-1: USB disconnect, device number 25
[  487.303325][T16088] 9pnet: p9_errstr2errno: server reported unknown error ile1
[  487.419874][T16087] fido_id[16087]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  488.015034][T16106] netlink: 'syz.7.3351': attribute type 29 has an invalid length.
[  488.050122][T16106] netlink: 'syz.7.3351': attribute type 29 has an invalid length.
[  488.089591][T16109] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3352'.
[  488.092580][T16106] netlink: 484 bytes leftover after parsing attributes in process `syz.7.3351'.
[  488.182497][T16109] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3352'.
[  488.182597][   T12] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  488.239469][   T12] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  488.258935][   T12] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  488.290194][   T12] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  488.649969][T16125] overlayfs: refusing to follow metacopy origin for (/file1)
[  489.206353][T16144] loop5: detected capacity change from 0 to 128
[  489.226180][T16144] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  489.264307][T16144] hpfs: filesystem error: improperly stopped
[  489.271118][T16144] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  489.309607][T16144] hpfs: You really don't want any checks? You are crazy...
[  489.334032][T16144] hpfs: Code page index out of array
[  489.339519][T16144] hpfs: code page support is disabled
[  489.358449][T16144] hpfs: hpfs_map_4sectors(): unaligned read
[  489.373201][T16144] hpfs: hpfs_map_4sectors(): unaligned read
[  489.399197][T16144] hpfs: filesystem error: unable to find root dir
[  489.458261][T16148] loop4: detected capacity change from 0 to 128
[  489.518885][T16148] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  489.550208][T16148] hpfs: filesystem error: improperly stopped
[  489.571516][T16148] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  489.583253][T16135] loop1: detected capacity change from 0 to 32768
[  489.603716][T16148] hpfs: You really don't want any checks? You are crazy...
[  489.616823][T16148] hpfs: Code page index out of array
[  489.622560][T16148] hpfs: code page support is disabled
[  489.653016][T16135] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  489.665843][T16148] hpfs: hpfs_map_4sectors(): unaligned read
[  489.701052][T16148] hpfs: hpfs_map_4sectors(): unaligned read
[  489.741680][T16148] hpfs: filesystem error: unable to find root dir
[  489.870749][T16135] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  489.914312][T16148] hpfs: hpfs_map_4sectors(): unaligned read
[  489.921461][T16135] XFS (loop1): Starting recovery (logdev: internal)
[  489.984870][T16135] XFS (loop1): Ending recovery (logdev: internal)
[  490.203653][ T5837] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  490.646648][T16171] loop5: detected capacity change from 0 to 32768
[  490.696433][T16171] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  490.808094][T16186] loop4: detected capacity change from 0 to 4096
[  490.864939][T16171] XFS (loop5): Ending clean mount
[  490.921106][T16195] loop7: detected capacity change from 0 to 4096
[  491.058621][T16195] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  491.342236][ T6606] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  491.355583][T16195] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  491.570468][ T8818] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  492.252109][T16199] loop1: detected capacity change from 0 to 40427
[  492.686361][T16199] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  492.755608][T16199] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  492.769259][ T8169] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  492.930892][ T8169] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  493.077036][ T5837] syz-executor: attempt to access beyond end of device
[  493.077036][ T5837] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  493.107409][ T5837] CPU: 1 UID: 0 PID: 5837 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  493.107443][ T5837] Tainted: [L]=SOFTLOCKUP
[  493.107451][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  493.107464][ T5837] Call Trace:
[  493.107472][ T5837]  <TASK>
[  493.107481][ T5837]  dump_stack_lvl+0xe8/0x150
[  493.107517][ T5837]  f2fs_handle_critical_error+0x37c/0x540
[  493.107552][ T5837]  f2fs_write_end_io+0x1274/0x1740
[  493.107593][ T5837]  __submit_merged_bio+0x256/0x6a0
[  493.107627][ T5837]  __submit_merged_write_cond+0x3c9/0x4e0
[  493.107662][ T5837]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  493.107716][ T5837]  f2fs_write_data_pages+0x287e/0x34f0
[  493.107735][ T5837]  ? __lock_acquire+0x6b5/0x2cf0
[  493.107796][ T5837]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  493.107865][ T5837]  ? __lock_acquire+0x6b5/0x2cf0
[  493.107906][ T5837]  ? __lock_acquire+0x6b5/0x2cf0
[  493.107942][ T5837]  ? do_raw_spin_lock+0x12b/0x2f0
[  493.107977][ T5837]  ? do_raw_spin_unlock+0xf5/0x210
[  493.108001][ T5837]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  493.108022][ T5837]  do_writepages+0x32e/0x550
[  493.108056][ T5837]  ? do_raw_spin_unlock+0xf5/0x210
[  493.108084][ T5837]  filemap_fdatawrite+0x1e9/0x2f0
[  493.108112][ T5837]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  493.108179][ T5837]  ? do_raw_spin_unlock+0xf5/0x210
[  493.108208][ T5837]  f2fs_sync_dirty_inodes+0x30e/0x830
[  493.108244][ T5837]  f2fs_write_checkpoint+0x9df/0x26a0
[  493.108263][ T5837]  ? __lock_acquire+0x6b5/0x2cf0
[  493.108321][ T5837]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  493.108394][ T5837]  kill_f2fs_super+0x314/0x720
[  493.108426][ T5837]  ? __pfx_kill_f2fs_super+0x10/0x10
[  493.108456][ T5837]  ? lockdep_hardirqs_on+0x7a/0x110
[  493.108497][ T5837]  deactivate_locked_super+0xbc/0x130
[  493.108529][ T5837]  cleanup_mnt+0x437/0x4d0
[  493.108548][ T5837]  ? _raw_spin_unlock_irq+0x23/0x50
[  493.108577][ T5837]  task_work_run+0x1d9/0x270
[  493.108605][ T5837]  ? __pfx_task_work_run+0x10/0x10
[  493.108641][ T5837]  exit_to_user_mode_loop+0xed/0x480
[  493.108666][ T5837]  ? rcu_is_watching+0x15/0xb0
[  493.108690][ T5837]  do_syscall_64+0x32d/0xf80
[  493.108716][ T5837]  ? trace_irq_disable+0x3b/0x140
[  493.108738][ T5837]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.108758][ T5837]  ? clear_bhb_loop+0x40/0x90
[  493.108782][ T5837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.108802][ T5837] RIP: 0033:0x7f2f1679d9d7
[  493.108820][ T5837] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  493.108836][ T5837] RSP: 002b:00007ffde51ff528 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  493.108857][ T5837] RAX: 0000000000000000 RBX: 00007f2f16832050 RCX: 00007f2f1679d9d7
[  493.108871][ T5837] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffde51ff5e0
[  493.108883][ T5837] RBP: 00007ffde51ff5e0 R08: 00007ffde52005e0 R09: 00000000ffffffff
[  493.108897][ T5837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffde5200670
[  493.108909][ T5837] R13: 00007f2f16832050 R14: 000000000007859d R15: 00007ffde52006b0
[  493.108941][ T5837]  </TASK>
[  493.111800][ T5837] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  493.708675][T16249] netlink: 'syz.5.3400': attribute type 11 has an invalid length.
[  493.817768][ T8169] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  493.858511][ T8169] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  494.448359][T16263] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  494.451516][ T8169] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  494.495598][ T8169] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  494.691417][ T8169] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  494.704472][ T8169] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  495.288717][T16290] loop7: detected capacity change from 0 to 128
[  496.081633][T16315] ceph: No mds server is up or the cluster is laggy
[  496.090267][ T9437] libceph: connect (1)[c::]:6789 error -101
[  496.124696][ T9437] libceph: mon0 (1)[c::]:6789 connect error
[  496.163377][T16323] input: syz1 as /devices/virtual/input/input26
[  496.228327][ T8169] bridge_slave_0: left allmulticast mode
[  496.247669][ T8169] bridge_slave_0: left promiscuous mode
[  496.253699][ T8169] bridge0: port 1(bridge_slave_0) entered disabled state
[  496.428423][ T9437] libceph: connect (1)[c::]:6789 error -101
[  496.447254][ T9437] libceph: mon0 (1)[c::]:6789 connect error
[  496.463713][T16335] vivid-000: =================  START STATUS  =================
[  496.482757][T16335] vivid-000: Radio HW Seek Mode: Bounded
[  496.549514][T16335] vivid-000: Radio Programmable HW Seek: false
[  496.597925][T16335] vivid-000: RDS Rx I/O Mode: Block I/O
[  496.634088][T16335] vivid-000: Generate RBDS Instead of RDS: false
[  496.650159][T16335] vivid-000: RDS Reception: true
[  496.664978][T16335] vivid-000: RDS Program Type: 0 inactive
[  496.677817][T16335] vivid-000: RDS PS Name:  inactive
[  496.699350][T16335] vivid-000: RDS Radio Text:  inactive
[  496.720960][T16335] vivid-000: RDS Traffic Announcement: false inactive
[  496.751991][T16335] vivid-000: RDS Traffic Program: false inactive
[  496.776554][T16335] vivid-000: RDS Music: false inactive
[  496.796460][T16335] vivid-000: ==================  END STATUS  ==================
[  496.826707][T16351] loop4: detected capacity change from 0 to 1024
[  497.274057][T16361] netlink: 'syz.5.3440': attribute type 3 has an invalid length.
[  497.368399][   T12] hfsplus: b-tree write err: -5, ino 8
[  497.559636][T16347] loop1: detected capacity change from 0 to 40427
[  497.578033][T16347] F2FS-fs (loop1): Image doesn't support compression
[  497.587347][T16347] F2FS-fs (loop1): build fault injection rate: 684
[  497.608834][T16347] F2FS-fs (loop1): build fault injection type: 0x35f7
[  497.616890][ T8169] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[  497.630704][ T8169] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[  497.641559][T16347] F2FS-fs (loop1): invalid crc value
[  497.667371][ T8169] .` (unregistering): (slave bridge_slave_1): Releasing backup interface
[  497.696728][ T8169] .` (unregistering): Released all slaves
[  497.721279][ T8169] bond0 (unregistering): Released all slaves
[  497.766877][ T8169] bond1 (unregistering): Released all slaves
[  497.798968][T16347] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  497.816172][T16347] F2FS-fs (loop1): Start checkpoint disabled!
[  497.864479][T16347] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  497.898963][T16347] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  498.350462][T16347] syz.1.3437: attempt to access beyond end of device
[  498.350462][T16347] loop1: rw=1, sector=45096, nr_sectors = 32 limit=40427
[  498.533414][ T8165] kworker/u8:11: attempt to access beyond end of device
[  498.533414][ T8165] loop1: rw=2049, sector=45128, nr_sectors = 8 limit=40427
[  498.577809][ T8165] CPU: 0 UID: 0 PID: 8165 Comm: kworker/u8:11 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  498.577838][ T8165] Tainted: [L]=SOFTLOCKUP
[  498.577844][ T8165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  498.577854][ T8165] Workqueue: writeback wb_workfn (flush-7:1)
[  498.577884][ T8165] Call Trace:
[  498.577891][ T8165]  <TASK>
[  498.577898][ T8165]  dump_stack_lvl+0xe8/0x150
[  498.577925][ T8165]  f2fs_handle_critical_error+0x37c/0x540
[  498.577955][ T8165]  f2fs_write_end_io+0x1274/0x1740
[  498.577992][ T8165]  __submit_merged_bio+0x256/0x6a0
[  498.578020][ T8165]  __submit_merged_write_cond+0x3c9/0x4e0
[  498.578051][ T8165]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  498.578095][ T8165]  f2fs_write_data_pages+0x287e/0x34f0
[  498.578147][ T8165]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  498.578176][ T8165]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  498.578227][ T8165]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  498.578268][ T8165]  ? __lock_acquire+0x6b5/0x2cf0
[  498.578303][ T8165]  ? f2fs_update_inode+0x13d9/0x2620
[  498.578325][ T8165]  ? __pfx_f2fs_inode_chksum_set+0x10/0x10
[  498.578346][ T8165]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  498.578363][ T8165]  do_writepages+0x32e/0x550
[  498.578390][ T8165]  ? reacquire_held_locks+0x104/0x190
[  498.578406][ T8165]  ? writeback_sb_inodes+0x463/0x19d0
[  498.578433][ T8165]  __writeback_single_inode+0x133/0x10e0
[  498.578455][ T8165]  ? do_raw_spin_unlock+0xf5/0x210
[  498.578478][ T8165]  writeback_sb_inodes+0x979/0x19d0
[  498.578497][ T8165]  ? __lock_acquire+0x6b5/0x2cf0
[  498.578546][ T8165]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  498.578563][ T8165]  ? do_raw_spin_lock+0x12b/0x2f0
[  498.578622][ T8165]  ? rcu_is_watching+0x15/0xb0
[  498.578647][ T8165]  wb_writeback+0x445/0xb00
[  498.578671][ T8165]  ? queue_io+0x1f1/0x470
[  498.578704][ T8165]  ? __pfx_wb_writeback+0x10/0x10
[  498.578722][ T8165]  ? do_raw_spin_lock+0x12b/0x2f0
[  498.578757][ T8165]  wb_workfn+0x3f8/0xf10
[  498.578772][ T8165]  ? __lock_acquire+0x6b5/0x2cf0
[  498.578791][ T8165]  ? look_up_lock_class+0x57/0x110
[  498.578832][ T8165]  ? __pfx_wb_workfn+0x10/0x10
[  498.578853][ T8165]  ? do_raw_spin_lock+0x12b/0x2f0
[  498.578870][ T8165]  ? lock_acquire+0x106/0x350
[  498.578893][ T8165]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  498.578918][ T8165]  ? process_scheduled_works+0xa70/0x1860
[  498.578944][ T8165]  ? process_scheduled_works+0xa70/0x1860
[  498.578974][ T8165]  ? process_scheduled_works+0xa70/0x1860
[  498.578995][ T8165]  ? process_scheduled_works+0xa70/0x1860
[  498.579019][ T8165]  process_scheduled_works+0xb5d/0x1860
[  498.579073][ T8165]  ? __pfx_process_scheduled_works+0x10/0x10
[  498.579102][ T8165]  ? assign_work+0x3d5/0x5e0
[  498.579130][ T8165]  worker_thread+0xa53/0xfc0
[  498.579173][ T8165]  kthread+0x388/0x470
[  498.579192][ T8165]  ? __pfx_worker_thread+0x10/0x10
[  498.579207][ T8165]  ? __pfx_kthread+0x10/0x10
[  498.579227][ T8165]  ret_from_fork+0x51e/0xb90
[  498.579253][ T8165]  ? __pfx_ret_from_fork+0x10/0x10
[  498.579274][ T8165]  ? __switch_to+0xc7d/0x1420
[  498.579299][ T8165]  ? __pfx_kthread+0x10/0x10
[  498.579318][ T8165]  ret_from_fork_asm+0x1a/0x30
[  498.579352][ T8165]  </TASK>
[  498.583586][ T8165] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  498.613346][T16400] netlink: 68 bytes leftover after parsing attributes in process `syz.6.3451'.
[  498.933397][T16400] netlink: 56 bytes leftover after parsing attributes in process `syz.6.3451'.
[  499.108966][ T8169] hsr_slave_0: left promiscuous mode
[  499.112394][T16412] 9p: Unknown uid 00000000004294967295
[  499.136476][ T8169] hsr_slave_1: left promiscuous mode
[  499.213134][ T8169] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  499.238482][ T8169] batman_adv: batadv0: Removing interface: batadv_slave_0
[  499.261371][ T8169] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  499.273083][ T8169] batman_adv: batadv0: Removing interface: batadv_slave_1
[  499.332006][ T8169] veth1_macvtap: left promiscuous mode
[  499.337735][ T8169] veth0_macvtap: left promiscuous mode
[  499.349705][ T8169] veth1_vlan: left promiscuous mode
[  499.357092][ T8169] veth0_vlan: left promiscuous mode
[  499.496334][ T9438] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  499.712131][ T9438] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  499.740593][ T9438] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  499.754262][ T9438] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  499.769720][ T9438] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  499.789289][ T9438] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  499.822796][T16433] loop7: detected capacity change from 0 to 256
[  499.830778][ T9438] usb 6-1: config 0 descriptor??
[  500.297623][ T9438] plantronics 0003:047F:FFFF.0019: reserved main item tag 0xd
[  500.321077][ T8169] team0 (unregistering): Port device team_slave_1 removed
[  500.365436][ T9438] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  500.380178][ T8169] team0 (unregistering): Port device team_slave_0 removed
[  500.592599][ T9438] usb 6-1: USB disconnect, device number 26
[  500.778757][T16439] loop1: detected capacity change from 0 to 32768
[  500.852005][T16439] JBD2: Ignoring recovery information on journal
[  501.038867][T16439] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  501.055862][T16449] bond2: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  501.071701][T16449] bond2: (slave lo): Enslaving as an active interface with an up link
[  501.085569][T16449] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  501.359400][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  501.369110][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[  501.468780][T16468] pim6reg: entered allmulticast mode
[  501.473202][T16469] loop5: detected capacity change from 0 to 128
[  501.500947][T16468] syz_tun: entered allmulticast mode
[  501.506792][T16469] EXT4-fs: Ignoring removed nobh option
[  501.519177][T16468] pim6reg: left allmulticast mode
[  501.539305][T16468] syz_tun: left allmulticast mode
[  501.622979][T16469] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  501.723531][T16469] ext4 filesystem being mounted at /603/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  502.155482][ T5837] ocfs2: Unmounting device (7,1) on (node local)
[  502.199615][ T6606] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  502.517731][T16494] loop5: detected capacity change from 0 to 2048
[  502.585005][T16494] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  502.670851][   T29] kauditd_printk_skb: 66 callbacks suppressed
[  502.670870][   T29] audit: type=1800 audit(1774296814.191:192): pid=16494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3482" name="file2" dev="loop5" ino=16 res=0 errno=0
[  503.056486][ T6606] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  503.576670][T16516] loop5: detected capacity change from 0 to 4096
[  503.633888][T16516] ntfs3(loop5): Different NTFS sector size (1024) and media sector size (512).
[  503.898194][   T29] audit: type=1800 audit(1774296815.411:193): pid=16516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3488" name="file1" dev="loop5" ino=30 res=0 errno=0
[  503.957524][T16531] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  504.044195][T16531] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  504.101875][   T35] ntfs3(loop5): ino=1e, ntfs3_write_inode failed, -22.
[  504.122763][   T35] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  504.565155][   T10] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  504.759177][   T10] usb 2-1: config 0 has no interfaces?
[  504.777314][   T10] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  504.825501][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  504.867708][   T10] usb 2-1: config 0 descriptor??
[  505.134881][   T10] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  505.314782][   T10] usb 6-1: Using ep0 maxpacket: 8
[  505.344824][   T10] usb 6-1: unable to get BOS descriptor or descriptor too short
[  505.380274][   T10] usb 6-1: config 17 has an invalid interface number: 8 but max is 1
[  505.408677][   T10] usb 6-1: config 17 has 1 interface, different from the descriptor's value: 2
[  505.437305][   T10] usb 6-1: config 17 has no interface number 0
[  505.462261][   T10] usb 6-1: config 17 interface 8 altsetting 6 endpoint 0x3 has an invalid bInterval 152, changing to 7
[  505.503120][   T10] usb 6-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 32982, setting to 1024
[  505.544493][   T10] usb 6-1: config 17 interface 8 has no altsetting 0
[  505.558240][   T10] usb 6-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  505.571490][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  505.590585][   T10] usb 6-1: Product: syz
[  505.602215][   T10] usb 6-1: Manufacturer: syz
[  505.624565][   T10] usb 6-1: SerialNumber: syz
[  505.626714][ T9437] usb 2-1: USB disconnect, device number 26
[  506.749158][   T10] usb 6-1: selecting invalid altsetting 0
[  506.761736][   T10] usb 6-1: 8:6 : no UAC_FORMAT_TYPE desc
[  506.771137][   T10] usb 6-1: selecting invalid altsetting 0
[  507.223524][   T10] usb 6-1: USB disconnect, device number 27
[  507.392831][ T6508] udevd[6508]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  507.469844][T16580] loop4: detected capacity change from 0 to 32768
[  507.510109][T16580] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  507.518387][T16580] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  507.570534][T16580] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  507.582151][   T24] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  507.593379][   T24] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  507.638408][   T24] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 45ms
[  507.653562][   T24] gfs2: fsid=syz:syz.0: jid=0: Done
[  507.663630][T16580] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  507.778465][T16580] gfs2: fsid=syz:syz.0: found 1 quota changes
[  508.100274][ T5840] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 11 2339, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 402
[  508.138747][ T5840] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:aqonN t:EX d:EX/0 a:0 v:0 r:2 m:20 p:1
[  508.164026][ T5840] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:5840 [syz-executor] gfs2_quota_sync+0x370/0x470
[  508.184967][ T5840] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  508.213739][ T5840] CPU: 0 UID: 0 PID: 5840 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  508.213770][ T5840] Tainted: [L]=SOFTLOCKUP
[  508.213778][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  508.213790][ T5840] Call Trace:
[  508.213798][ T5840]  <TASK>
[  508.213807][ T5840]  dump_stack_lvl+0xe8/0x150
[  508.213841][ T5840]  gfs2_withdraw+0xc3/0x1b0
[  508.213867][ T5840]  inode_go_instantiate+0xdd8/0x1220
[  508.213890][ T5840]  ? __pfx_bit_wait+0x10/0x10
[  508.213923][ T5840]  ? __pfx_bit_wait+0x10/0x10
[  508.213956][ T5840]  ? __pfx_inode_go_instantiate+0x10/0x10
[  508.213982][ T5840]  ? __pfx_wake_bit_function+0x10/0x10
[  508.214013][ T5840]  gfs2_instantiate+0x168/0x220
[  508.214123][ T5840]  gfs2_glock_wait+0x1d4/0x2a0
[  508.214152][ T5840]  do_sync+0x49a/0xcb0
[  508.214170][ T5840]  ? _raw_spin_unlock+0x28/0x50
[  508.214194][ T5840]  ? gfs2_quota_sync+0x370/0x470
[  508.214222][ T5840]  ? __pfx_do_sync+0x10/0x10
[  508.214251][ T5840]  ? gfs2_quota_sync+0x370/0x470
[  508.214274][ T5840]  ? do_raw_spin_unlock+0xf5/0x210
[  508.214302][ T5840]  gfs2_quota_sync+0x370/0x470
[  508.214332][ T5840]  gfs2_sync_fs+0x4c/0xb0
[  508.214361][ T5840]  sync_filesystem+0xee/0x230
[  508.214384][ T5840]  generic_shutdown_super+0x77/0x2d0
[  508.214415][ T5840]  kill_block_super+0x44/0x90
[  508.214437][ T5840]  deactivate_locked_super+0xbc/0x130
[  508.214466][ T5840]  cleanup_mnt+0x437/0x4d0
[  508.214485][ T5840]  ? _raw_spin_unlock_irq+0x23/0x50
[  508.214511][ T5840]  task_work_run+0x1d9/0x270
[  508.214537][ T5840]  ? __pfx_task_work_run+0x10/0x10
[  508.214573][ T5840]  exit_to_user_mode_loop+0xed/0x480
[  508.214598][ T5840]  ? rcu_is_watching+0x15/0xb0
[  508.214623][ T5840]  do_syscall_64+0x32d/0xf80
[  508.214649][ T5840]  ? trace_irq_disable+0x3b/0x140
[  508.214672][ T5840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.214691][ T5840]  ? clear_bhb_loop+0x40/0x90
[  508.214715][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.214734][ T5840] RIP: 0033:0x7f82d479d9d7
[  508.214753][ T5840] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  508.214769][ T5840] RSP: 002b:00007ffdfa69b5c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  508.214790][ T5840] RAX: 0000000000000000 RBX: 00007f82d4832050 RCX: 00007f82d479d9d7
[  508.214803][ T5840] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdfa69b680
[  508.214816][ T5840] RBP: 00007ffdfa69b680 R08: 00007ffdfa69c680 R09: 00000000ffffffff
[  508.214829][ T5840] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdfa69c710
[  508.214842][ T5840] R13: 00007f82d4832050 R14: 000000000007c021 R15: 00007ffdfa69c750
[  508.214874][ T5840]  </TASK>
[  508.566899][ T5840] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  509.234064][   T10] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  509.256983][T16625] loop1: detected capacity change from 0 to 40427
[  509.265654][T16625] F2FS-fs (loop1): Invalid SB checksum offset: 0
[  509.284544][T16625] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  509.294976][T16625] F2FS-fs (loop1): invalid crc value
[  509.389966][T16625] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  509.414045][   T10] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  509.435803][   T10] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  509.450045][T16625] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  509.461770][T16625] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  509.471095][   T10] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  509.490651][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  509.518067][   T10] usb 6-1: SerialNumber: syz
[  509.605108][ T5837] syz-executor: attempt to access beyond end of device
[  509.605108][ T5837] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  509.624240][ T5837] CPU: 1 UID: 0 PID: 5837 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  509.624274][ T5837] Tainted: [L]=SOFTLOCKUP
[  509.624281][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  509.624293][ T5837] Call Trace:
[  509.624302][ T5837]  <TASK>
[  509.624311][ T5837]  dump_stack_lvl+0xe8/0x150
[  509.624345][ T5837]  f2fs_handle_critical_error+0x37c/0x540
[  509.624380][ T5837]  f2fs_write_end_io+0x1274/0x1740
[  509.624421][ T5837]  __submit_merged_bio+0x256/0x6a0
[  509.624455][ T5837]  __submit_merged_write_cond+0x3c9/0x4e0
[  509.624487][ T5837]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  509.624519][ T5837]  ? lock_is_held_type+0x106/0x150
[  509.624562][ T5837]  f2fs_write_data_pages+0x287e/0x34f0
[  509.624580][ T5837]  ? __lock_acquire+0x6b5/0x2cf0
[  509.624642][ T5837]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  509.624675][ T5837]  ? __pfx_css_rstat_updated+0x10/0x10
[  509.624699][ T5837]  ? is_bpf_text_address+0x26/0x2b0
[  509.624758][ T5837]  ? __lock_acquire+0x6b5/0x2cf0
[  509.624800][ T5837]  ? __lock_acquire+0x6b5/0x2cf0
[  509.624836][ T5837]  ? do_raw_spin_lock+0x12b/0x2f0
[  509.624871][ T5837]  ? do_raw_spin_unlock+0xf5/0x210
[  509.624894][ T5837]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  509.624915][ T5837]  do_writepages+0x32e/0x550
[  509.624948][ T5837]  ? do_raw_spin_unlock+0xf5/0x210
[  509.624976][ T5837]  filemap_fdatawrite+0x1e9/0x2f0
[  509.625003][ T5837]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  509.625071][ T5837]  ? do_raw_spin_unlock+0xf5/0x210
[  509.625099][ T5837]  f2fs_sync_dirty_inodes+0x30e/0x830
[  509.625135][ T5837]  f2fs_write_checkpoint+0x9df/0x26a0
[  509.625153][ T5837]  ? __lock_acquire+0x6b5/0x2cf0
[  509.625216][ T5837]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  509.625291][ T5837]  kill_f2fs_super+0x314/0x720
[  509.625317][ T5837]  ? __pfx_kill_f2fs_super+0x10/0x10
[  509.625350][ T5837]  ? lockdep_hardirqs_on+0x7a/0x110
[  509.625390][ T5837]  deactivate_locked_super+0xbc/0x130
[  509.625424][ T5837]  cleanup_mnt+0x437/0x4d0
[  509.625443][ T5837]  ? _raw_spin_unlock_irq+0x23/0x50
[  509.625472][ T5837]  task_work_run+0x1d9/0x270
[  509.625500][ T5837]  ? __pfx_task_work_run+0x10/0x10
[  509.625535][ T5837]  exit_to_user_mode_loop+0xed/0x480
[  509.625559][ T5837]  ? rcu_is_watching+0x15/0xb0
[  509.625583][ T5837]  do_syscall_64+0x32d/0xf80
[  509.625609][ T5837]  ? trace_irq_disable+0x3b/0x140
[  509.625631][ T5837]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.625650][ T5837]  ? clear_bhb_loop+0x40/0x90
[  509.625674][ T5837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  509.625694][ T5837] RIP: 0033:0x7f2f1679d9d7
[  509.625712][ T5837] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  509.625728][ T5837] RSP: 002b:00007ffde51ff528 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  509.625748][ T5837] RAX: 0000000000000000 RBX: 00007f2f16832050 RCX: 00007f2f1679d9d7
[  509.625760][ T5837] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffde51ff5e0
[  509.625771][ T5837] RBP: 00007ffde51ff5e0 R08: 00007ffde52005e0 R09: 00000000ffffffff
[  509.625782][ T5837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffde5200670
[  509.625794][ T5837] R13: 00007f2f16832050 R14: 000000000007c66e R15: 00007ffde52006b0
[  509.625827][ T5837]  </TASK>
[  509.626108][ T5837] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  509.898106][T16637] loop7: detected capacity change from 0 to 4096
[  509.970981][   T10] usb 6-1: 0:2 : does not exist
[  510.024774][T16637] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512).
[  510.111574][T16637] ntfs3(loop7): ino=19, mi_enum_attr
[  510.124263][T16637] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[  510.138868][   T10] usb 6-1: USB disconnect, device number 28
[  510.697941][T16653] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3526'.
[  510.806757][T16653] bond3: Unable to set down delay as MII monitoring is disabled
[  510.915035][T16653] bond3 (unregistering): Released all slaves
[  511.240519][T16674] netlink: 344 bytes leftover after parsing attributes in process `syz.1.3540'.
[  512.813483][   T29] audit: type=1800 audit(1774296824.331:194): pid=16728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.3558" name="file1" dev="tmpfs" ino=3976 res=0 errno=0
[  513.020532][T16731] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 64993
[  513.137481][T16736] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3562'.
[  513.488869][T16743] netlink: 212344 bytes leftover after parsing attributes in process `syz.5.3565'.
[  513.676352][ T5840] gfs2: fsid=syz:syz.0: warning: assertion "gfs2_log_is_empty(sdp)" failed - function = gfs2_make_fs_ro, file = fs/gfs2/super.c, line = 566
[  513.705240][ T5840] CPU: 0 UID: 0 PID: 5840 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  513.705280][ T5840] Tainted: [L]=SOFTLOCKUP
[  513.705287][ T5840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  513.705299][ T5840] Call Trace:
[  513.705306][ T5840]  <TASK>
[  513.705315][ T5840]  dump_stack_lvl+0xe8/0x150
[  513.705349][ T5840]  gfs2_assert_warn_i+0x194/0x2c0
[  513.705382][ T5840]  gfs2_make_fs_ro+0x30d/0x320
[  513.705412][ T5840]  ? __pfx_gfs2_make_fs_ro+0x10/0x10
[  513.705437][ T5840]  ? do_raw_spin_lock+0x12b/0x2f0
[  513.705461][ T5840]  ? __pfx_autoremove_wake_function+0x10/0x10
[  513.705493][ T5840]  ? do_raw_spin_unlock+0xf5/0x210
[  513.705520][ T5840]  gfs2_put_super+0x220/0x890
[  513.705553][ T5840]  ? __pfx_gfs2_put_super+0x10/0x10
[  513.705578][ T5840]  generic_shutdown_super+0x13d/0x2d0
[  513.705610][ T5840]  kill_block_super+0x44/0x90
[  513.705631][ T5840]  deactivate_locked_super+0xbc/0x130
[  513.705660][ T5840]  cleanup_mnt+0x437/0x4d0
[  513.705681][ T5840]  ? _raw_spin_unlock_irq+0x23/0x50
[  513.705710][ T5840]  task_work_run+0x1d9/0x270
[  513.705737][ T5840]  ? __pfx_task_work_run+0x10/0x10
[  513.705771][ T5840]  exit_to_user_mode_loop+0xed/0x480
[  513.705796][ T5840]  ? rcu_is_watching+0x15/0xb0
[  513.705819][ T5840]  do_syscall_64+0x32d/0xf80
[  513.705845][ T5840]  ? trace_irq_disable+0x3b/0x140
[  513.705868][ T5840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.705887][ T5840]  ? clear_bhb_loop+0x40/0x90
[  513.705910][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.705929][ T5840] RIP: 0033:0x7f82d479d9d7
[  513.705947][ T5840] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  513.705963][ T5840] RSP: 002b:00007ffdfa69b5c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  513.705984][ T5840] RAX: 0000000000000000 RBX: 00007f82d4832050 RCX: 00007f82d479d9d7
[  513.705997][ T5840] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdfa69b680
[  513.706009][ T5840] RBP: 00007ffdfa69b680 R08: 00007ffdfa69c680 R09: 00000000ffffffff
[  513.706022][ T5840] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdfa69c710
[  513.706035][ T5840] R13: 00007f82d4832050 R14: 000000000007c021 R15: 00007ffdfa69c750
[  513.706065][ T5840]  </TASK>
[  514.007457][ T5840] gfs2: fsid=syz:syz.0: gfs2_evict_inode: -5
[  514.287699][T16750] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  514.569338][T16758] loop7: detected capacity change from 0 to 256
[  514.609935][T16758] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  515.979012][T16786] loop7: detected capacity change from 0 to 1024
[  515.986219][T16789] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  516.212084][T16796] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3583'.
[  516.470365][T16796] team1: entered promiscuous mode
[  516.503111][T16796] team1: entered allmulticast mode
[  516.548766][T16796] 8021q: adding VLAN 0 to HW filter on device team1
[  518.323667][T16838] 9p: Bad value for 'wfdno'
[  518.403390][T16815] loop4: detected capacity change from 0 to 32768
[  518.494155][T16815] JBD2: Ignoring recovery information on journal
[  518.642113][T16815] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  519.074313][T16861] 8021q: VLANs not supported on lo
[  519.277297][T16863] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.3602'.
[  519.317808][T16869] fuse: Bad value for 'fd'
[  520.035707][ T5840] ocfs2: Unmounting device (7,4) on (node local)
[  520.553173][T16887] loop7: detected capacity change from 0 to 512
[  520.583528][T16887] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  520.687550][T16887] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  520.724578][T16887] ext4 filesystem being mounted at /543/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  521.070523][ T8818] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  521.185761][ T9414] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  521.274285][   T24] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  521.344233][ T9414] usb 6-1: Using ep0 maxpacket: 32
[  521.375044][ T9414] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  521.414346][ T9414] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.468613][ T9414] usb 6-1: Product: syz
[  521.504055][ T9414] usb 6-1: Manufacturer: syz
[  521.519028][   T24] usb 5-1: Using ep0 maxpacket: 32
[  521.529535][ T9414] usb 6-1: SerialNumber: syz
[  521.574688][   T24] usb 5-1: config index 0 descriptor too short (expected 3659, got 75)
[  521.581427][ T9414] usb 6-1: config 0 descriptor??
[  521.655874][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  521.660047][ T9414] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  521.799802][   T24] usb 5-1: New USB device found, idVendor=08ca, idProduct=2060, bcdDevice=c6.58
[  521.878031][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.898721][   T24] usb 5-1: Product: syz
[  521.907962][   T24] usb 5-1: Manufacturer: syz
[  521.918847][   T24] usb 5-1: SerialNumber: syz
[  521.944691][   T24] usb 5-1: config 0 descriptor??
[  521.978553][   T24] gspca_main: sunplus-2.14.0 probing 08ca:2060
[  523.102120][ T9414] gspca_ov534_9: reg_r err -71
[  523.397656][   T24] gspca_sunplus: reg_w_1 err -71
[  523.404385][ T9414] gspca_ov534_9: Unknown sensor 0000
[  523.404474][ T9414] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22
[  523.405600][   T24] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  523.450319][ T9414] usb 6-1: USB disconnect, device number 29
[  523.503155][   T24] usb 5-1: USB disconnect, device number 26
[  523.846732][T16976] kvm: vcpu 1: requested lapic timer restore with starting count register 0x390=1420284373 (45449099936 ns) > initial count (5257758976 ns). Using initial count to start timer.
[  525.299660][T17004] kvm: emulating exchange as write
[  525.931243][T17021] fuse: root generation should be zero
[  527.257120][T17043] loop4: detected capacity change from 0 to 32768
[  527.338591][T17043] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  527.496233][T17043] XFS (loop4): Ending clean mount
[  527.527030][T17043] XFS (loop4): Quotacheck needed: Please wait.
[  527.897720][T17043] XFS (loop4): Quotacheck: Done.
[  528.023381][T17065] netlink: 212348 bytes leftover after parsing attributes in process `syz.7.3665'.
[  528.068928][ T5840] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  528.199702][T17071] loop7: detected capacity change from 0 to 512
[  528.268947][T17071] EXT4-fs (loop7): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  528.802625][T17089] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3673'.
[  528.829423][T17071] EXT4-fs error (device loop7): ext4_quota_enable:7188: comm syz.7.3670: Bad quota inum: 2, type: 1
[  528.873374][T17071] EXT4-fs warning (device loop7): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-117, ino=2). Please run e2fsck to fix.
[  529.069907][T17084] EXT4-fs (loop7): warning: mounting unchecked fs, running e2fsck is recommended
[  529.142505][T17084] EXT4-fs error (device loop7): ext4_quota_enable:7188: comm syz.7.3670: Bad quota inum: 2, type: 1
[  529.180039][T17084] EXT4-fs warning (device loop7): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-117, ino=2). Please run e2fsck to fix.
[  529.314946][ T8818] EXT4-fs (loop7): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  529.614178][ T8982] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  529.682891][T17114] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3681'.
[  529.728174][T17092] loop1: detected capacity change from 0 to 32768
[  529.744817][T17092] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3674 (17092)
[  529.803979][ T8982] usb 5-1: Using ep0 maxpacket: 8
[  529.837965][ T8982] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  529.863340][ T8982] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  529.887602][ T8982] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  529.898724][T17092] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  529.919090][T17092] BTRFS info (device loop1): using crc32c checksum algorithm
[  529.931661][ T8982] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  529.954039][ T8982] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  529.982541][ T8982] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  530.000576][ T8982] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  530.021225][ T8982] usb 5-1: config 0 descriptor??
[  530.089656][T17092] BTRFS info (device loop1): enabling ssd optimizations
[  530.092964][ T5841] Bluetooth: hci5: urb ffff88802b80c800 submission failed (90)
[  530.117256][T17092] BTRFS info (device loop1): turning on flush-on-commit
[  530.124348][T17092] BTRFS info (device loop1): enabling free space tree
[  530.131346][T17092] BTRFS info (device loop1): enabling auto defrag
[  530.137857][T17092] BTRFS info (device loop1): use lzo compression, level 1
[  530.145148][T17092] BTRFS info (device loop1): max_inline set to 4096
[  530.202451][T17103] loop7: detected capacity change from 0 to 32768
[  530.262442][ T8982] usb 5-1: USB disconnect, device number 27
[  530.308680][   T29] audit: type=1800 audit(1774296841.831:195): pid=17103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.3678" name="file1" dev="loop7" ino=7 res=0 errno=0
[  530.767693][T17103] read_mapping_page failed!
[  530.790264][   T29] audit: type=1804 audit(1774296842.311:196): pid=17092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3674" name="/newroot/751/file1/file1" dev="loop1" ino=260 res=1 errno=0
[  531.053578][ T5837] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  531.647567][T17160] loop1: detected capacity change from 0 to 2048
[  531.779730][T17160] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  531.981379][T17169] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.3686: bg 0: block 234: padding at end of block bitmap is not set
[  532.364932][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.414013][T17200] loop1: detected capacity change from 0 to 128
[  533.491705][T17200] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  533.514874][T17200] hpfs: filesystem error: improperly stopped
[  533.521451][T17200] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  533.530622][T17200] hpfs: You really don't want any checks? You are crazy...
[  533.539776][T17200] hpfs: Code page index out of array
[  533.545599][T17200] hpfs: code page support is disabled
[  533.551183][T17200] hpfs: hpfs_map_4sectors(): unaligned read
[  533.557776][T17200] hpfs: hpfs_map_4sectors(): unaligned read
[  533.565182][T17200] hpfs: filesystem error: unable to find root dir
[  534.085178][T17227] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3718'.
[  534.135187][T17227] 8021q: adding VLAN 0 to HW filter on device bond3
[  534.160371][T17227] bond3: option primary: mode dependency failed, not supported in mode balance-rr(0)
[  534.900738][T17260] loop1: detected capacity change from 0 to 764
[  534.941913][T17260] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  535.210773][T17267] input: syz0 as /devices/virtual/input/input28
[  535.864074][ T9414] usb 2-1: new full-speed USB device number 27 using dummy_hcd
[  536.038949][ T9414] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  536.077160][ T9414] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  536.103999][ T9414] usb 2-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  536.141806][ T8165] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  536.162455][ T9414] usb 2-1: config 0 interface 0 has no altsetting 0
[  536.172719][ T9414] usb 2-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  536.198963][ T9414] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  536.239478][ T9414] usb 2-1: config 0 descriptor??
[  536.279883][T17294] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3742'.
[  536.453517][ T5162] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  536.474578][ T5162] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  536.484600][ T5162] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  536.503643][ T5162] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  536.511860][ T5162] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  536.522768][ T8165] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  536.699771][T17299] xt_hashlimit: size too large, truncated to 1048576
[  536.735856][ T9414] holtek 0003:1241:5015.001A: collection stack underflow
[  536.743248][ T9414] holtek 0003:1241:5015.001A: item 0 4 0 12 parsing failed
[  536.766563][ T9414] holtek 0003:1241:5015.001A: parse failed
[  536.776619][ T9414] holtek 0003:1241:5015.001A: probe with driver holtek failed with error -22
[  536.856681][ T8165] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  536.950202][ T9414] usb 2-1: USB disconnect, device number 27
[  537.104976][ T8165] netdevsim netdevsim7 netdevsim0 (unregistering): left promiscuous mode
[  537.122000][ T8165] netdevsim netdevsim7 netdevsim0 (unregistering): left allmulticast mode
[  537.169040][ T8165] team0: Port device netdevsim0 removed
[  537.185487][ T8165] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  537.247859][T17309] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3752'.
[  537.262980][T17309] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3752'.
[  537.860333][T17295] chnl_net:caif_netlink_parms(): no params data found
[  538.118313][ T9414] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  538.149728][ T8165] team0: left allmulticast mode
[  538.166949][ T8165] team0: left promiscuous mode
[  538.179025][ T8165] bridge0: port 1(team0) entered disabled state
[  538.285496][ T9414] usb 2-1: Using ep0 maxpacket: 32
[  538.299455][ T9414] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  538.319364][ T9414] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  538.330792][ T9414] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  538.343644][ T9414] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  538.357251][ T9414] usb 2-1: config 0 interface 0 has no altsetting 0
[  538.367267][ T9414] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  538.376749][ T9414] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  538.388651][ T9414] usb 2-1: Product: syz
[  538.392888][ T9414] usb 2-1: Manufacturer: syz
[  538.399248][ T9414] usb 2-1: SerialNumber: syz
[  538.409482][ T9414] usb 2-1: config 0 descriptor??
[  538.440359][ T9414] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  538.462927][ T9414] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  538.636657][ T5841] Bluetooth: hci1: command tx timeout
[  538.723472][ T8165] bond1 (unregistering): (slave vti0): Releasing backup interface
[  538.735224][ T8165] vti0 (unregistering): left promiscuous mode
[  538.807758][T17344] overlayfs: failed to clone upperpath
[  539.100749][ T8165] bond0 (unregistering): Released all slaves
[  539.126453][ T9437] usb 2-1: USB disconnect, device number 28
[  539.126551][    C0] ldusb 2-1:0.0: usb_submit_urb failed (-19)
[  539.144459][ T9437] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  539.156506][ T8165] bond1 (unregistering): Released all slaves
[  539.195669][ T8165] bond2 (unregistering): (slave lo): Releasing backup interface
[  539.208076][ T8165] bond2 (unregistering): (slave lo): last VLAN challenged slave left bond - VLAN blocking is removed
[  539.222691][ T8165] bond2 (unregistering): Released all slaves
[  539.244230][ T8165] bond3 (unregistering): Released all slaves
[  539.271830][T17295] bridge0: port 1(bridge_slave_0) entered blocking state
[  539.289782][T17295] bridge0: port 1(bridge_slave_0) entered disabled state
[  539.303209][T17295] bridge_slave_0: entered allmulticast mode
[  539.331909][T17295] bridge_slave_0: entered promiscuous mode
[  539.371092][T17295] bridge0: port 2(bridge_slave_1) entered blocking state
[  539.380173][T17295] bridge0: port 2(bridge_slave_1) entered disabled state
[  539.408069][T17295] bridge_slave_1: entered allmulticast mode
[  539.418801][T17295] bridge_slave_1: entered promiscuous mode
[  539.580446][T17295] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  539.602798][T17295] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  539.787362][T17295] team0: Port device team_slave_0 added
[  539.848843][T17295] team0: Port device team_slave_1 added
[  540.056683][T17295] batman_adv: batadv0: Adding interface: batadv_slave_0
[  540.079219][T17295] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  540.109864][T17295] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  540.201880][T17295] batman_adv: batadv0: Adding interface: batadv_slave_1
[  540.265796][T17295] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  540.365404][T17295] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  540.625274][T17295] hsr_slave_0: entered promiscuous mode
[  540.673129][T17295] hsr_slave_1: entered promiscuous mode
[  540.689967][T17384] loop1: detected capacity change from 0 to 128
[  540.698812][T17295] debugfs: 'hsr0' already exists in 'hsr'
[  540.714574][ T5841] Bluetooth: hci1: command tx timeout
[  540.727219][T17295] Cannot create hsr debugfs directory
[  540.849415][   T29] audit: type=1800 audit(1774296852.371:197): pid=17384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3777" name="file1" dev="loop1" ino=1048698 res=0 errno=0
[  541.283725][ T8165] hsr_slave_0: left promiscuous mode
[  541.316805][ T8165] hsr_slave_1: left promiscuous mode
[  541.594901][   T24] page_pool_release_retry() stalled pool shutdown: id 99, 1 inflight 60 sec
[  541.665961][T17370] overlayfs: failed to clone upperpath
[  542.421210][T17430] fuse: Bad value for 'fd'
[  542.794020][ T5841] Bluetooth: hci1: command tx timeout
[  543.698026][T17452] netlink: 76 bytes leftover after parsing attributes in process `syz.1.3804'.
[  543.737371][ T8165] IPVS: stop unused estimator thread 0...
[  544.874033][ T5841] Bluetooth: hci1: command tx timeout
[  545.116642][T17295] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  545.211839][T17295] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  545.251394][T17295] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  545.283581][T17295] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  545.454364][T17514] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3822'.
[  545.649328][T17295] 8021q: adding VLAN 0 to HW filter on device bond0
[  545.728017][T17295] 8021q: adding VLAN 0 to HW filter on device team0
[  545.791647][ T8169] bridge0: port 1(bridge_slave_0) entered blocking state
[  545.801147][ T8169] bridge0: port 1(bridge_slave_0) entered forwarding state
[  545.872944][ T8169] bridge0: port 2(bridge_slave_1) entered blocking state
[  545.880166][ T8169] bridge0: port 2(bridge_slave_1) entered forwarding state
[  546.258437][T17550] netlink: 186628 bytes leftover after parsing attributes in process `syz.6.3833'.
[  546.610333][ T8165] Bluetooth: hci5: Frame reassembly failed (-84)
[  546.687244][T17565] overlayfs: failed to clone upperpath
[  546.714823][T17295] 8021q: adding VLAN 0 to HW filter on device batadv0
[  547.397935][T17295] veth0_vlan: entered promiscuous mode
[  547.453385][T17295] veth1_vlan: entered promiscuous mode
[  547.582225][T17295] veth0_macvtap: entered promiscuous mode
[  547.612363][T17295] veth1_macvtap: entered promiscuous mode
[  547.663407][T17295] batman_adv: batadv0: Interface activated: batadv_slave_0
[  547.729520][T17295] batman_adv: batadv0: Interface activated: batadv_slave_1
[  547.755978][   T29] audit: type=1800 audit(1774296859.281:198): pid=17615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3851" name="bus" dev="tmpfs" ino=3690 res=0 errno=0
[  547.793707][   T35] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  547.816284][   T35] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  547.894814][   T35] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  547.926384][   T35] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  548.169548][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  548.204795][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  548.255400][T17628] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3856'.
[  548.346810][ T8171] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  548.385926][ T8171] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  548.458449][T17632] loop4: detected capacity change from 0 to 64
[  548.634701][ T5162] Bluetooth: hci5: command 0x1003 tx timeout
[  548.635792][ T5841] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  548.970794][T17638] loop4: detected capacity change from 0 to 512
[  549.516277][T17654] loop1: detected capacity change from 0 to 512
[  549.607558][T17654] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  549.625984][T17654] ext4 filesystem being mounted at /786/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  550.219665][T17667] netlink: 3 bytes leftover after parsing attributes in process `syz.4.3869'.
[  550.911488][T17695] netlink: 52 bytes leftover after parsing attributes in process `syz.6.3879'.
[  550.927568][T17695] netlink: 52 bytes leftover after parsing attributes in process `syz.6.3879'.
[  551.103533][ T5837] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  551.360076][T17707] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3884'.
[  551.858313][T17726] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3892'.
[  551.872935][   T29] audit: type=1326 audit(1774296863.391:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17698 comm="syz.6.3881" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8ab339c799 code=0x7fc00000
[  551.960905][T17726] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3892'.
[  551.961332][   T49] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  551.994775][   T49] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  552.022897][   T49] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  552.046425][   T49] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  552.327555][   T29] audit: type=1326 audit(1774296863.851:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f1679c799 code=0x7ffc0000
[  552.358824][   T29] audit: type=1326 audit(1774296863.851:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f1679c799 code=0x7ffc0000
[  552.384147][   T29] audit: type=1326 audit(1774296863.851:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f1679c799 code=0x7ffc0000
[  552.408456][   T29] audit: type=1326 audit(1774296863.851:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f1679c799 code=0x7ffc0000
[  552.432571][   T29] audit: type=1326 audit(1774296863.851:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f1679c799 code=0x7ffc0000
[  552.494056][   T29] audit: type=1326 audit(1774296863.851:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7f2f1679c799 code=0x7ffc0000
[  552.540020][   T29] audit: type=1326 audit(1774296863.851:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f1679c799 code=0x7ffc0000
[  552.573515][   T29] audit: type=1326 audit(1774296863.851:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2f1679c799 code=0x7ffc0000
[  552.764100][   T29] kauditd_printk_skb: 160 callbacks suppressed
[  552.764118][   T29] audit: type=1326 audit(1774296864.291:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f1675cfce code=0x7ffc0000
[  552.795394][   T29] audit: type=1326 audit(1774296864.311:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f1675cfce code=0x7ffc0000
[  552.846606][   T29] audit: type=1326 audit(1774296864.311:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f1675cfce code=0x7ffc0000
[  552.947298][   T29] audit: type=1326 audit(1774296864.311:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f1675cfce code=0x7ffc0000
[  552.971205][   T29] audit: type=1326 audit(1774296864.311:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f1675cfce code=0x7ffc0000
[  552.994405][   T29] audit: type=1326 audit(1774296864.311:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f1675cfce code=0x7ffc0000
[  553.017321][   T29] audit: type=1326 audit(1774296864.311:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f1675cfce code=0x7ffc0000
[  553.074339][   T29] audit: type=1326 audit(1774296864.311:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f1675cfce code=0x7ffc0000
[  553.098792][   T29] audit: type=1326 audit(1774296864.321:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f1675cfce code=0x7ffc0000
[  553.134929][   T29] audit: type=1326 audit(1774296864.351:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17746 comm="syz.1.3903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f2f1675cfce code=0x7ffc0000
[  554.104524][T17799] loop1: detected capacity change from 0 to 40427
[  554.116368][T17799] F2FS-fs (loop1): Wrong segment_count / block_count (31 > 0)
[  554.132783][T17799] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  554.143539][T17799] F2FS-fs (loop1): invalid crc value
[  554.370150][T17799] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  554.399400][T17799] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  554.409013][T17799] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  554.611719][ T5837] syz-executor: attempt to access beyond end of device
[  554.611719][ T5837] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  554.645784][ T5837] CPU: 1 UID: 0 PID: 5837 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  554.645813][ T5837] Tainted: [L]=SOFTLOCKUP
[  554.645820][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  554.645832][ T5837] Call Trace:
[  554.645840][ T5837]  <TASK>
[  554.645849][ T5837]  dump_stack_lvl+0xe8/0x150
[  554.645885][ T5837]  f2fs_handle_critical_error+0x37c/0x540
[  554.645920][ T5837]  f2fs_write_end_io+0x1274/0x1740
[  554.645962][ T5837]  __submit_merged_bio+0x256/0x6a0
[  554.645995][ T5837]  f2fs_submit_page_write+0xeaa/0x24f0
[  554.646056][ T5837]  ? __pfx_f2fs_submit_page_write+0x10/0x10
[  554.646101][ T5837]  do_write_page+0x40f/0xab0
[  554.646125][ T5837]  ? uplift_priority+0xdb/0x700
[  554.646155][ T5837]  f2fs_do_write_node_page+0x3b/0x60
[  554.646177][ T5837]  __write_node_folio+0x11bb/0x1a20
[  554.646208][ T5837]  ? mod_memcg_lruvec_state+0xe2/0x220
[  554.646236][ T5837]  ? __pfx___write_node_folio+0x10/0x10
[  554.646280][ T5837]  ? f2fs_inode_chksum_set+0x13e/0x640
[  554.646313][ T5837]  ? folio_clear_dirty_for_io+0x1d4/0x710
[  554.646335][ T5837]  ? folio_clear_dirty_for_io+0x570/0x710
[  554.646358][ T5837]  ? folio_clear_dirty_for_io+0x1d4/0x710
[  554.646385][ T5837]  f2fs_sync_node_pages+0xeb4/0x1680
[  554.646432][ T5837]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  554.646503][ T5837]  f2fs_write_checkpoint+0xeb8/0x26a0
[  554.646524][ T5837]  ? __lock_acquire+0x6b5/0x2cf0
[  554.646583][ T5837]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  554.646660][ T5837]  kill_f2fs_super+0x314/0x720
[  554.646686][ T5837]  ? __pfx_kill_f2fs_super+0x10/0x10
[  554.646720][ T5837]  ? lockdep_hardirqs_on+0x7a/0x110
[  554.646761][ T5837]  deactivate_locked_super+0xbc/0x130
[  554.646791][ T5837]  cleanup_mnt+0x437/0x4d0
[  554.646811][ T5837]  ? _raw_spin_unlock_irq+0x23/0x50
[  554.646840][ T5837]  task_work_run+0x1d9/0x270
[  554.646868][ T5837]  ? __pfx_task_work_run+0x10/0x10
[  554.646903][ T5837]  exit_to_user_mode_loop+0xed/0x480
[  554.646928][ T5837]  ? rcu_is_watching+0x15/0xb0
[  554.646952][ T5837]  do_syscall_64+0x32d/0xf80
[  554.646978][ T5837]  ? trace_irq_disable+0x3b/0x140
[  554.647000][ T5837]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.647020][ T5837]  ? clear_bhb_loop+0x40/0x90
[  554.647044][ T5837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.647063][ T5837] RIP: 0033:0x7f2f1679d9d7
[  554.647083][ T5837] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  554.647099][ T5837] RSP: 002b:00007ffde51ff528 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  554.647121][ T5837] RAX: 0000000000000000 RBX: 00007f2f16832050 RCX: 00007f2f1679d9d7
[  554.647134][ T5837] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffde51ff5e0
[  554.647146][ T5837] RBP: 00007ffde51ff5e0 R08: 00007ffde52005e0 R09: 00000000ffffffff
[  554.647160][ T5837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffde5200670
[  554.647172][ T5837] R13: 00007f2f16832050 R14: 00000000000875ff R15: 00007ffde52006b0
[  554.647206][ T5837]  </TASK>
[  554.647362][ T5837] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  555.001246][ T5837] syz-executor: attempt to access beyond end of device
[  555.001246][ T5837] loop1: rw=2049, sector=41000, nr_sectors = 8 limit=40427
[  555.048674][ T5837] CPU: 1 UID: 0 PID: 5837 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  555.048707][ T5837] Tainted: [L]=SOFTLOCKUP
[  555.048714][ T5837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  555.048725][ T5837] Call Trace:
[  555.048733][ T5837]  <TASK>
[  555.048743][ T5837]  dump_stack_lvl+0xe8/0x150
[  555.048777][ T5837]  f2fs_handle_critical_error+0x37c/0x540
[  555.048812][ T5837]  f2fs_write_end_io+0x1274/0x1740
[  555.048853][ T5837]  __submit_merged_bio+0x256/0x6a0
[  555.048886][ T5837]  f2fs_submit_merged_write+0x284/0x390
[  555.048918][ T5837]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  555.048948][ T5837]  ? trace_lock_elapsed_time_end+0xf3/0xbc0
[  555.048973][ T5837]  ? f2fs_up_read_trace+0x1b/0x40
[  555.049002][ T5837]  ? folio_unlock+0x101/0x160
[  555.049031][ T5837]  __write_node_folio+0x14ce/0x1a20
[  555.049063][ T5837]  ? mod_memcg_lruvec_state+0xe2/0x220
[  555.049092][ T5837]  ? __pfx___write_node_folio+0x10/0x10
[  555.049127][ T5837]  ? f2fs_inode_chksum_set+0x13e/0x640
[  555.049158][ T5837]  ? folio_clear_dirty_for_io+0x1d4/0x710
[  555.049180][ T5837]  ? folio_clear_dirty_for_io+0x570/0x710
[  555.049203][ T5837]  ? folio_clear_dirty_for_io+0x1d4/0x710
[  555.049229][ T5837]  f2fs_sync_node_pages+0xeb4/0x1680
[  555.049281][ T5837]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  555.049351][ T5837]  f2fs_write_checkpoint+0xeb8/0x26a0
[  555.049378][ T5837]  ? __lock_acquire+0x6b5/0x2cf0
[  555.049437][ T5837]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  555.049512][ T5837]  kill_f2fs_super+0x314/0x720
[  555.049539][ T5837]  ? __pfx_kill_f2fs_super+0x10/0x10
[  555.049572][ T5837]  ? lockdep_hardirqs_on+0x7a/0x110
[  555.049612][ T5837]  deactivate_locked_super+0xbc/0x130
[  555.049641][ T5837]  cleanup_mnt+0x437/0x4d0
[  555.049659][ T5837]  ? _raw_spin_unlock_irq+0x23/0x50
[  555.049685][ T5837]  task_work_run+0x1d9/0x270
[  555.049710][ T5837]  ? __pfx_task_work_run+0x10/0x10
[  555.049741][ T5837]  exit_to_user_mode_loop+0xed/0x480
[  555.049765][ T5837]  ? rcu_is_watching+0x15/0xb0
[  555.049789][ T5837]  do_syscall_64+0x32d/0xf80
[  555.049813][ T5837]  ? trace_irq_disable+0x3b/0x140
[  555.049833][ T5837]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.049851][ T5837]  ? clear_bhb_loop+0x40/0x90
[  555.049874][ T5837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.049892][ T5837] RIP: 0033:0x7f2f1679d9d7
[  555.049910][ T5837] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  555.049927][ T5837] RSP: 002b:00007ffde51ff528 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  555.049948][ T5837] RAX: 0000000000000000 RBX: 00007f2f16832050 RCX: 00007f2f1679d9d7
[  555.049960][ T5837] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffde51ff5e0
[  555.049972][ T5837] RBP: 00007ffde51ff5e0 R08: 00007ffde52005e0 R09: 00000000ffffffff
[  555.049986][ T5837] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffde5200670
[  555.049997][ T5837] R13: 00007f2f16832050 R14: 00000000000875ff R15: 00007ffde52006b0
[  555.050029][ T5837]  </TASK>
[  555.050049][ T5837] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  555.346073][   T10] libceph: connect (1)[c::]:6789 error -101
[  555.391057][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  555.419046][T17834] ceph: No mds server is up or the cluster is laggy
[  556.405429][T17876] ipvlan2: entered promiscuous mode
[  556.420275][T17876] ipvlan2: entered allmulticast mode
[  556.434438][T17876] gretap0: entered allmulticast mode
[  556.456246][T17876] team0: Device ipvlan2 failed to register rx_handler
[  556.567013][T17883] fuse: Bad value for 'fd'
[  556.722790][T17889] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3950'.
[  557.185261][T17898] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  557.345078][T17911] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3959'.
[  557.881268][T17927] loop4: detected capacity change from 0 to 2048
[  557.909933][T17927] EXT4-fs: Ignoring removed mblk_io_submit option
[  557.938000][T17927] EXT4-fs: Ignoring removed i_version option
[  558.001419][T17927] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  558.244973][ T5840] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  558.487909][T17941] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  559.718121][T17978] netlink: 'syz.5.3984': attribute type 11 has an invalid length.
[  559.823641][T17953] loop4: detected capacity change from 0 to 32768
[  559.890126][T17953] XFS (loop4): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  560.028547][T17953] XFS (loop4): Ending clean mount
[  560.161491][T17997] loop8: detected capacity change from 0 to 1024
[  560.238932][T17997] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[  560.262219][T17997] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  560.302387][T17993] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3985'.
[  560.313693][T17997] EXT4-fs error (device loop8): ext4_get_journal_inode:5863: inode #32: comm syz.8.3987: iget: special inode unallocated
[  560.332136][T17993] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3985'.
[  560.353986][T17997] loop8: lost file I/O error report for ino 32 type 5 pos 0x0 len 0x0 error -117
[  560.364230][    C0] EXT4-fs (loop8): error count since last fsck: 1
[  560.379853][    C0] EXT4-fs (loop8): initial error at time 1774296871: ext4_get_journal_inode:5863: inode 32
[  560.389913][    C0] EXT4-fs (loop8): last error at time 1774296871: ext4_get_journal_inode:5863: inode 32
[  560.421516][T17997] EXT4-fs (loop8): no journal found
[  560.434460][T17997] EXT4-fs (loop8): can't get journal size
[  560.452796][T17997] EXT4-fs error (device loop8): ext4_protect_reserved_inode:160: inode #32: comm syz.8.3987: iget: special inode unallocated
[  560.473605][T17997] loop8: lost file I/O error report for ino 32 type 5 pos 0x0 len 0x0 error -117
[  560.477721][T17997] EXT4-fs (loop8): failed to initialize system zone (-117)
[  560.509911][T17997] EXT4-fs (loop8): mount failed
[  560.685724][ T5840] XFS (loop4): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  560.866695][T18019] netlink: 'syz.6.3993': attribute type 1 has an invalid length.
[  561.143225][T18019] smc: adding net device bond0 with user defined pnetid SYZ2
[  561.286884][T18021] bond0: (slave bridge1): making interface the new active one
[  561.333122][T18021] bond0: (slave bridge1): Enslaving as an active interface with an up link
[  561.575568][   T10] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  561.748899][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  561.794241][   T10] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  561.820752][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  561.861137][   T10] usb 2-1: config 0 descriptor??
[  562.108515][T18032] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  562.150894][T18032] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  562.202038][   T10] usbhid 2-1:0.0: can't add hid device: -71
[  562.214076][T18070] netlink: 'syz.6.4007': attribute type 39 has an invalid length.
[  562.243889][   T10] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  562.277371][   T10] usb 2-1: USB disconnect, device number 29
[  562.760655][ T5841] Bluetooth: hci4: unexpected event for opcode 0x100c
[  562.798785][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  562.805126][   T10] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  562.818811][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[  562.974078][   T10] usb 2-1: Using ep0 maxpacket: 16
[  562.990598][   T10] usb 2-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  563.030379][   T10] usb 2-1: config 0 interface 0 has no altsetting 0
[  563.049516][   T10] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  563.070686][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  563.102494][   T10] usb 2-1: config 0 descriptor??
[  563.544243][   T10] mcp2221 0003:04D8:00DD.001B: USB HID v0.01 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  563.730897][    C0] ==================================================================
[  563.739014][    C0] BUG: KASAN: use-after-free in mcp2221_raw_event+0x106a/0x1240
[  563.746800][    C0] Read of size 1 at addr ffff888048413fff by task syz-executor/7390
[  563.754772][    C0] 
[  563.757098][    C0] CPU: 0 UID: 0 PID: 7390 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  563.757125][    C0] Tainted: [L]=SOFTLOCKUP
[  563.757133][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  563.757146][    C0] Call Trace:
[  563.757154][    C0]  <IRQ>
[  563.757162][    C0]  dump_stack_lvl+0xe8/0x150
[  563.757195][    C0]  print_address_description+0x55/0x1e0
[  563.757252][    C0]  ? mcp2221_raw_event+0x106a/0x1240
[  563.757280][    C0]  print_report+0x58/0x70
[  563.757303][    C0]  kasan_report+0x117/0x150
[  563.757324][    C0]  ? mcp2221_raw_event+0x106a/0x1240
[  563.757355][    C0]  mcp2221_raw_event+0x106a/0x1240
[  563.757381][    C0]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  563.757407][    C0]  ? down_trylock+0x50/0xb0
[  563.757424][    C0]  hid_input_report+0x41d/0x580
[  563.757497][    C0]  ? __pfx_mcp2221_raw_event+0x10/0x10
[  563.757526][    C0]  hid_irq_in+0x47e/0x6d0
[  563.757641][    C0]  __usb_hcd_giveback_urb+0x376/0x540
[  563.757736][    C0]  dummy_timer+0xbc0/0x4650
[  563.757816][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  563.757835][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  563.757854][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  563.757873][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  563.757899][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  563.757917][    C0]  __hrtimer_run_queues+0x3c0/0xa20
[  563.757944][    C0]  hrtimer_run_softirq+0x17a/0x240
[  563.757966][    C0]  handle_softirqs+0x22a/0x840
[  563.757995][    C0]  ? __irq_exit_rcu+0xca/0x220
[  563.758014][    C0]  __irq_exit_rcu+0xca/0x220
[  563.758029][    C0]  irq_exit_rcu+0x9/0x30
[  563.758044][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  563.758070][    C0]  </IRQ>
[  563.758076][    C0]  <TASK>
[  563.758084][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  563.758104][    C0] RIP: 0010:debug_object_init_on_stack+0xb/0x20
[  563.758156][    C0] Code: e5 fd ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 80 3d ad bc 58 0b 00 <74> 06 c3 cc cc cc cc cc ba 01 00 00 00 e9 f3 fa ff ff 0f 1f 00 90
[  563.758173][    C0] RSP: 0018:ffffc90004557cf8 EFLAGS: 00000246
[  563.758192][    C0] RAX: ffffc90004557d40 RBX: dffffc0000000000 RCX: 0000000000000000
[  563.758207][    C0] RDX: 0000000000000000 RSI: ffffffff8bcf5e40 RDI: ffffc90004557d40
[  563.758221][    C0] RBP: ffffc90004557e10 R08: ffffc90004557d97 R09: 0000000000000000
[  563.758233][    C0] R10: ffffc90004557d40 R11: fffff520008aafb3 R12: 0000000000000000
[  563.758246][    C0] R13: ffffc90004557d40 R14: 0000000000000001 R15: 1ffff920008aafa4
[  563.758267][    C0]  hrtimer_nanosleep+0xca/0x3a0
[  563.758289][    C0]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  563.758316][    C0]  __se_sys_clock_nanosleep+0x35b/0x3b0
[  563.758339][    C0]  ? __pfx___se_sys_clock_nanosleep+0x10/0x10
[  563.758364][    C0]  do_syscall_64+0x14d/0xf80
[  563.758389][    C0]  ? trace_irq_disable+0x3b/0x140
[  563.758411][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.758428][    C0]  ? clear_bhb_loop+0x40/0x90
[  563.758449][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.758466][    C0] RIP: 0033:0x7f8ab335cfce
[  563.758482][    C0] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  563.758497][    C0] RSP: 002b:00007ffcfd0bcf78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  563.758515][    C0] RAX: ffffffffffffffda RBX: 000055556cd7d500 RCX: 00007f8ab335cfce
[  563.758529][    C0] RDX: 00007ffcfd0bcfd0 RSI: 0000000000000000 RDI: 0000000000000000
[  563.758540][    C0] RBP: 00007ffcfd0bd03c R08: 0000000000000000 R09: 0000000000000000
[  563.758552][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388
[  563.758564][    C0] R13: 00000000000927c0 R14: 00000000000899d6 R15: 00007ffcfd0bd090
[  563.758591][    C0]  </TASK>
[  563.758597][    C0] 
[  564.127129][    C0] The buggy address belongs to the physical page:
[  564.133549][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888000000000 pfn:0x48413
[  564.143601][    C0] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  564.150716][    C0] raw: 00fff00000000000 dead000000000100 dead000000000122 0000000000000000
[  564.159289][    C0] raw: ffff888000000000 0000000000000000 00000000ffffffff 0000000000000000
[  564.167864][    C0] page dumped because: kasan: bad access detected
[  564.174280][    C0] page_owner tracks the page as freed
[  564.179649][    C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x402dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), pid 16978, tgid 16977 (syz.5.3634), ts 524062774258, free_ts 524229127871
[  564.199903][    C0]  post_alloc_hook+0x231/0x280
[  564.204690][    C0]  get_page_from_freelist+0x2418/0x24b0
[  564.210233][    C0]  __alloc_frozen_pages_noprof+0x233/0x3d0
[  564.216033][    C0]  __alloc_pages_noprof+0x10/0x100
[  564.221135][    C0]  alloc_pages_bulk_noprof+0x5ff/0x7c0
[  564.226581][    C0]  alloc_pages_bulk_mempolicy_noprof+0x34e/0x1680
[  564.232985][    C0]  __vmalloc_node_range_noprof+0xad1/0x1750
[  564.238868][    C0]  __vmalloc_noprof+0xd2/0x120
[  564.243623][    C0]  kvm_arch_prepare_memory_region+0x7ce/0xee0
[  564.249727][    C0]  kvm_set_memslot+0x585/0x1220
[  564.254575][    C0]  kvm_set_memory_region+0x93c/0xb90
[  564.259849][    C0]  kvm_vm_ioctl_set_memory_region+0x66/0xb0
[  564.265728][    C0]  kvm_vm_ioctl+0xa58/0xd50
[  564.270230][    C0]  __se_sys_ioctl+0xfc/0x170
[  564.274809][    C0]  do_syscall_64+0x14d/0xf80
[  564.279397][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.285275][    C0] page last free pid 16977 tgid 16977 stack trace:
[  564.291759][    C0]  __free_frozen_pages+0xbc7/0xd30
[  564.296864][    C0]  vfree+0x1d1/0x2f0
[  564.300766][    C0]  kvm_arch_free_memslot+0x13e/0x170
[  564.306049][    C0]  kvm_free_memslots+0x15b/0x200
[  564.310987][    C0]  kvm_put_kvm+0x8b2/0xa50
[  564.315392][    C0]  kvm_vm_release+0x43/0x50
[  564.319884][    C0]  __fput+0x44f/0xa70
[  564.323867][    C0]  task_work_run+0x1d9/0x270
[  564.328460][    C0]  exit_to_user_mode_loop+0xed/0x480
[  564.333747][    C0]  do_syscall_64+0x32d/0xf80
[  564.338333][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.344214][    C0] 
[  564.346520][    C0] Memory state around the buggy address:
[  564.352132][    C0]  ffff888048413e80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  564.360180][    C0]  ffff888048413f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  564.368227][    C0] >ffff888048413f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  564.376269][    C0]                                                                 ^
[  564.384225][    C0]  ffff888048414000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.392273][    C0]  ffff888048414080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  564.400316][    C0] ==================================================================
[  564.408390][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  564.415597][    C0] CPU: 0 UID: 0 PID: 7390 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  564.426622][    C0] Tainted: [L]=SOFTLOCKUP
[  564.430940][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  564.440987][    C0] Call Trace:
[  564.444261][    C0]  <IRQ>
[  564.447094][    C0]  vpanic+0x56c/0xa60
[  564.451081][    C0]  ? __pfx_vpanic+0x10/0x10
[  564.455586][    C0]  panic+0xc5/0xd0
[  564.459306][    C0]  ? __pfx_panic+0x10/0x10
[  564.463725][    C0]  ? mcp2221_raw_event+0x106a/0x1240
[  564.469010][    C0]  ? rcu_is_watching+0x15/0xb0
[  564.473767][    C0]  ? mcp2221_raw_event+0x106a/0x1240
[  564.479055][    C0]  ? mcp2221_raw_event+0x106a/0x1240
[  564.484341][    C0]  check_panic_on_warn+0x89/0xb0
[  564.489282][    C0]  ? mcp2221_raw_event+0x106a/0x1240
[  564.494564][    C0]  end_report+0x73/0x170
[  564.498803][    C0]  ? mcp2221_raw_event+0x106a/0x1240
[  564.504092][    C0]  kasan_report+0x128/0x150
[  564.508605][    C0]  ? mcp2221_raw_event+0x106a/0x1240
[  564.513892][    C0]  mcp2221_raw_event+0x106a/0x1240
[  564.519009][    C0]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  564.524815][    C0]  ? down_trylock+0x50/0xb0
[  564.529309][    C0]  hid_input_report+0x41d/0x580
[  564.534162][    C0]  ? __pfx_mcp2221_raw_event+0x10/0x10
[  564.539623][    C0]  hid_irq_in+0x47e/0x6d0
[  564.543952][    C0]  __usb_hcd_giveback_urb+0x376/0x540
[  564.549319][    C0]  dummy_timer+0xbc0/0x4650
[  564.553846][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  564.558778][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  564.563709][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  564.568641][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  564.574449][    C0]  ? __pfx_dummy_timer+0x10/0x10
[  564.579382][    C0]  __hrtimer_run_queues+0x3c0/0xa20
[  564.584584][    C0]  hrtimer_run_softirq+0x17a/0x240
[  564.589693][    C0]  handle_softirqs+0x22a/0x840
[  564.594467][    C0]  ? __irq_exit_rcu+0xca/0x220
[  564.599230][    C0]  __irq_exit_rcu+0xca/0x220
[  564.603811][    C0]  irq_exit_rcu+0x9/0x30
[  564.608044][    C0]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  564.613680][    C0]  </IRQ>
[  564.616604][    C0]  <TASK>
[  564.619551][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  564.625529][    C0] RIP: 0010:debug_object_init_on_stack+0xb/0x20
[  564.631772][    C0] Code: e5 fd ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 80 3d ad bc 58 0b 00 <74> 06 c3 cc cc cc cc cc ba 01 00 00 00 e9 f3 fa ff ff 0f 1f 00 90
[  564.651390][    C0] RSP: 0018:ffffc90004557cf8 EFLAGS: 00000246
[  564.657474][    C0] RAX: ffffc90004557d40 RBX: dffffc0000000000 RCX: 0000000000000000
[  564.665440][    C0] RDX: 0000000000000000 RSI: ffffffff8bcf5e40 RDI: ffffc90004557d40
[  564.673404][    C0] RBP: ffffc90004557e10 R08: ffffc90004557d97 R09: 0000000000000000
[  564.681366][    C0] R10: ffffc90004557d40 R11: fffff520008aafb3 R12: 0000000000000000
[  564.689334][    C0] R13: ffffc90004557d40 R14: 0000000000000001 R15: 1ffff920008aafa4
[  564.697314][    C0]  hrtimer_nanosleep+0xca/0x3a0
[  564.702175][    C0]  ? __pfx_hrtimer_nanosleep+0x10/0x10
[  564.707638][    C0]  __se_sys_clock_nanosleep+0x35b/0x3b0
[  564.713185][    C0]  ? __pfx___se_sys_clock_nanosleep+0x10/0x10
[  564.719256][    C0]  do_syscall_64+0x14d/0xf80
[  564.723851][    C0]  ? trace_irq_disable+0x3b/0x140
[  564.728871][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.734933][    C0]  ? clear_bhb_loop+0x40/0x90
[  564.739605][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.745492][    C0] RIP: 0033:0x7f8ab335cfce
[  564.749901][    C0] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  564.769502][    C0] RSP: 002b:00007ffcfd0bcf78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e6
[  564.777919][    C0] RAX: ffffffffffffffda RBX: 000055556cd7d500 RCX: 00007f8ab335cfce
[  564.785890][    C0] RDX: 00007ffcfd0bcfd0 RSI: 0000000000000000 RDI: 0000000000000000
[  564.793852][    C0] RBP: 00007ffcfd0bd03c R08: 0000000000000000 R09: 0000000000000000
[  564.801816][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000001388
[  564.809782][    C0] R13: 00000000000927c0 R14: 00000000000899d6 R15: 00007ffcfd0bd090
[  564.817763][    C0]  </TASK>
[  564.821408][    C0] Kernel Offset: disabled
[  564.825722][    C0] Rebooting in 86400 seconds..