last executing test programs:

9m29.507280449s ago: executing program 32 (id=105):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0), 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000000140)={0x100, 0x640, &(0x7f0000000240), 0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

9m22.127709387s ago: executing program 33 (id=121):
socket$netlink(0x10, 0x3, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x11, 0x2, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f00000006c0)='ns/pid\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x2000000000000021, 0x2, 0x10000000000002)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet(0x2, 0xa, 0x9ab7)
socket$inet(0x2, 0x3, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r0, @ANYRES64=0x0, @ANYBLOB="ed"], 0x20)

9m13.980354664s ago: executing program 34 (id=131):
r0 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc)
r1 = syz_clone(0x20b20000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r4 = dup(r3)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x10020)
fchdir(r2)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs(r1, &(0x7f0000000280)='fdinfo\x00')

9m6.874594625s ago: executing program 35 (id=140):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
socket$tipc(0x1e, 0x5, 0x0)
pipe2(&(0x7f0000000000), 0x80)
socket$tipc(0x1e, 0x5, 0x0)
pipe2(&(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRES16=r0, @ANYRES8, @ANYRES16=r1, @ANYRES16=r2], 0x0)

9m0.616828327s ago: executing program 36 (id=145):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB=',\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000001000000000300000018000180100001006574683a73797a5f74756e"], 0x2c}}, 0x0)

8m32.412800555s ago: executing program 6 (id=122):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x54, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x4}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}}, {0x4}}]}]}, 0x54}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0500000005050000fd09000084", @ANYRESDEC], 0x48)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe8381, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db07", 0x2f, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x9, 0xfc, 0x2, '\x00', 0x8001})
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000002c0)=0x10000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8m31.562085075s ago: executing program 7 (id=132):
r0 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setregid(r1, r1)
r2 = syz_clone(0x20b20000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
dup(r4)
fchdir(r3)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
syz_open_procfs(r2, &(0x7f0000000280)='fdinfo\x00')

8m31.088074916s ago: executing program 6 (id=150):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
write$binfmt_script(r2, &(0x7f0000000200), 0xfea7)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x4, 0x8001, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x0, 0x2]})
copy_file_range(r1, 0x0, r0, 0x0, 0xffffffffa003e45c, 0x700000000000000)

8m30.143876938s ago: executing program 7 (id=152):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000016038308c5109a8146e40102230109022d0001000000000904000003030000000905be3b"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000bc0)={0x84, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000680)={0x84, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

8m28.782734354s ago: executing program 6 (id=154):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000016038308c5109a8146e40102230109022d0001000000000904000003030000000905be3b"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000bc0)={0x84, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000680)={0x84, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

8m26.380661897s ago: executing program 6 (id=157):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000180)='./file0\x00', 0x1d0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r3, 0x0, 0x0, 0x8, 0x7, 0x4)

8m26.312198262s ago: executing program 7 (id=158):
socket$netlink(0x10, 0x3, 0x10)
socket$key(0xf, 0x3, 0x2)
socket$netlink(0x10, 0x3, 0x8)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502"], 0x3c}}, 0x10)

8m23.104494139s ago: executing program 37 (id=157):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000180)='./file0\x00', 0x1d0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r3, 0x0, 0x0, 0x8, 0x7, 0x4)

8m22.975342108s ago: executing program 7 (id=163):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
write$binfmt_script(r2, &(0x7f0000000200), 0xfea7)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x4, 0x8001, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x0, 0x2]})
copy_file_range(r1, 0x0, r0, 0x0, 0xffffffffa003e45c, 0x700000000000000)

8m22.916027625s ago: executing program 8 (id=164):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x0, @none, 0xe6}, 0xe)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000004440)=""/5)

8m20.895112919s ago: executing program 8 (id=167):
getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2)

8m20.301279756s ago: executing program 7 (id=168):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x2, 0x0)
r2 = syz_usb_connect$cdc_ncm(0x0, 0x72, 0x0, 0x0)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x500, 0x0)
ioctl$SOUND_PCM_READ_CHANNELS(r4, 0x80045006, 0x0)
write$char_usb(r3, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000040)={0x13, 0x0, 0x0, 0x3, 0x0, 0xfffffffffffffffd, 0xa, 0x1}, 0x0, 0x0, 0x0, 0x0)
syz_usb_disconnect(r2)
socket(0x10, 0x803, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000500)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x80, 0xfffffffc}})
socket$inet_udp(0x2, 0x2, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
mremap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f00007fe000/0x800000)=nil)
r6 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
write$binfmt_aout(r6, &(0x7f0000000000)=ANY=[@ANYBLOB="03040000b500000000000000feefffff"], 0xc8)
close_range(r5, r6, 0x0)
r7 = socket(0x10, 0x803, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000780)=@newtfilter={0x58, 0x2c, 0xd27, 0x70bd26, 0x2, {0x0, 0x0, 0x0, r9, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x28, 0x2, [@TCA_BASIC_EMATCHES={0x24, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x8000}, {{0x4, 0x0, 0x1}, {0x0, 0x1, 0x1}}}}]}]}]}}]}, 0x58}}, 0x0)

8m18.965489991s ago: executing program 8 (id=172):
syz_usb_connect(0x0, 0x3f, 0x0, 0x0)

8m18.524590849s ago: executing program 7 (id=173):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000440)={0x24, &(0x7f0000000000)={0x20, 0x16, 0x1, "ce"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)

8m15.539115611s ago: executing program 38 (id=173):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000440)={0x24, &(0x7f0000000000)={0x20, 0x16, 0x1, "ce"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)

8m15.397109619s ago: executing program 8 (id=177):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
write$binfmt_script(r2, &(0x7f0000000200), 0xfea7)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x4, 0x8001, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x0, 0x2]})
copy_file_range(r1, 0x0, r0, 0x0, 0xffffffffa003e45c, 0x700000000000000)

8m13.274679957s ago: executing program 8 (id=180):
r0 = syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f00000005c0)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xa2a8}}, {@usrjquota}]}, 0x1, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
ioctl$TCXONC(r0, 0x540a, 0x2)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r1, 0x4, 0x6000)
io_setup(0x200, &(0x7f0000000140)=<r2=>0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000080), 0x208e24b)
io_submit(r2, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r1, &(0x7f0000000000), 0x4000}])

8m11.148843176s ago: executing program 8 (id=182):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000200)={r0, 0x2000000, 0x8, 0x0, &(0x7f0000000280)="1343d6f4f3eb175e", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

8m7.01709314s ago: executing program 39 (id=182):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000200)={r0, 0x2000000, 0x8, 0x0, &(0x7f0000000280)="1343d6f4f3eb175e", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

5m9.977239451s ago: executing program 5 (id=598):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000500)=ANY=[], 0x0, 0x235, &(0x7f00000002c0)="$eJzs2k+LW2UUB+Bz20jrlGlG/EcL4otudHPpZOXCRQdpQQwo2ggqSG+dGw3JJENuGIhIm51b8RO4FpfuBOkXmI2foAt3s5llF+KVaUY6GSpYtA3tPM8mB978yHk5STiLu/f2d1v9bpV3i0mcyrJoXI5Z3M1iLU7F6ZibxZs337rzykeffPreRrt95cOUrm5cW2+llM6/+utn3/z02u3JuY9/Pv/Lmdhd+3xvv/X77ku7F/b+vPZVr0q9Kg1Hk1SkG6PRpLgxKNNmr+rnKX0wKIuqTL1hVY4XzruD0fb2LBXDzdWV7XFZVakYTlO/nKbJKE3G01R8WfSGKc/ztLoS/BedH+/WdezXz1yPuq6f/SHO3Y7VO9GM7LmUPX85e/F69vIsu7Bf181lt8oj8S/nny27Tx4Nv/+TzfxPtiNL3dmIrW93Ojud+ev8fKMbvRhEGZeiGX/Ewdfk0Ly++m77yqV0z1qkrVuH+Vs7ndOL+fVoxtqD8983DptZyJ+JlaP5VjTjhQfnW/PPT4v5s/HG60fyeTTjty9iFIPYjIPs/fzN9ZTeeb99LH/x3vsAAJ42+cHe1Ij4p/0tz9Pfjp3P8w+xHx7brxpxsbHcuxNRTb/uF4NBOVY82UXDKBX/Z7HsfyYeh/tDX3YnAAAAAAAAAAAAPIzH8Tjhsu8IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwZ/goAAP//jELvTw==")
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r1=>0x0})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r0, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r1, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff0802110000010569ea7fa08e8df3d0edd086922799ded6be01d09a95b66d3d"], 0x398}, 0x1, 0x0, 0x0, 0x4094}, 0x0)

5m9.541306333s ago: executing program 3 (id=600):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000000000205804115000fa6d00000109022400010000"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095000000000000002d55715f11e961"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

5m8.823142573s ago: executing program 5 (id=602):
r0 = socket$nl_route(0x10, 0x3, 0x0)
recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f00000019c0)=""/4085, 0xff5}, {&(0x7f00000007c0)=""/147, 0x93}, {&(0x7f0000000040)=""/27, 0x1b}], 0x3}, 0x1005}], 0x1, 0x0, 0x0)

5m7.303255674s ago: executing program 5 (id=606):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file5\x00', 0x4080, &(0x7f0000000540)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRESHEX=0x0], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8")
r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
write$FUSE_WRITE(r0, 0x0, 0x0)

5m6.187561926s ago: executing program 5 (id=609):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
write$binfmt_script(r2, &(0x7f0000000200), 0xfea7)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r3 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x4, 0x8001, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x0, 0x2]})
copy_file_range(r1, 0x0, r0, 0x0, 0xffffffffa003e45c, 0x700000000000000)

5m5.553375618s ago: executing program 3 (id=610):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000007c0), 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0xc0189436, &(0x7f0000000140))

5m4.499569788s ago: executing program 3 (id=614):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000"], 0x48)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000300)=ANY=[@ANYBLOB="1201010201e44120b8040202b7330102030109021b00020c6110070904e158b52dafde0d0904ad06000efaf0ff95b435152a7a52c645347312b29926368d95b22a91ea68b521255575bbfac39e447a4a39bfdcefefc2b1c1918c4b802d76a7f70fb9f9a8048c203fd04020e33d545df6f9b4ba96214c8ea76fd8187f466a0e0cabf9065e98538db3de564dae35da7cea500f7eb6997924c5a017f31acfb7de9dc8c9c845845b8ffdef967eddaf89674cce32e2"], &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0})

5m3.416442911s ago: executing program 5 (id=618):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newtaction={0x48, 0x30, 0x1, 0x0, 0x0, {}, [{0x34, 0x1, [@m_vlan={0x30, 0x1, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0)

5m2.150607495s ago: executing program 5 (id=622):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r0, @ANYRESHEX=r0], 0x20)

4m58.592090418s ago: executing program 40 (id=622):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r0, @ANYRESHEX=r0], 0x20)

4m58.284544722s ago: executing program 3 (id=627):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000500)=ANY=[], 0x0, 0x235, &(0x7f00000002c0)="$eJzs2k+LW2UUB+Bz20jrlGlG/EcL4otudHPpZOXCRQdpQQwo2ggqSG+dGw3JJENuGIhIm51b8RO4FpfuBOkXmI2foAt3s5llF+KVaUY6GSpYtA3tPM8mB978yHk5STiLu/f2d1v9bpV3i0mcyrJoXI5Z3M1iLU7F6ZibxZs337rzykeffPreRrt95cOUrm5cW2+llM6/+utn3/z02u3JuY9/Pv/Lmdhd+3xvv/X77ku7F/b+vPZVr0q9Kg1Hk1SkG6PRpLgxKNNmr+rnKX0wKIuqTL1hVY4XzruD0fb2LBXDzdWV7XFZVakYTlO/nKbJKE3G01R8WfSGKc/ztLoS/BedH+/WdezXz1yPuq6f/SHO3Y7VO9GM7LmUPX85e/F69vIsu7Bf181lt8oj8S/nny27Tx4Nv/+TzfxPtiNL3dmIrW93Ojud+ev8fKMbvRhEGZeiGX/Ewdfk0Ly++m77yqV0z1qkrVuH+Vs7ndOL+fVoxtqD8983DptZyJ+JlaP5VjTjhQfnW/PPT4v5s/HG60fyeTTjty9iFIPYjIPs/fzN9ZTeeb99LH/x3vsAAJ42+cHe1Ij4p/0tz9Pfjp3P8w+xHx7brxpxsbHcuxNRTb/uF4NBOVY82UXDKBX/Z7HsfyYeh/tDX3YnAAAAAAAAAAAAPIzH8Tjhsu8IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwZ/goAAP//jELvTw==")
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r1=>0x0})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r0, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r1, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff0802110000010569ea7fa08e8df3d0edd086922799ded6be01d09a95b66d3d"], 0x398}, 0x1, 0x0, 0x0, 0x4094}, 0x0)

4m56.866631417s ago: executing program 3 (id=629):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
write$binfmt_script(r1, &(0x7f0000000200), 0xfea7)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x4, 0x8001, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4117639c2eb4b78c66ee677df701905b9aafab4afaaf755a3f6a004", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x0, 0x2]})
copy_file_range(0xffffffffffffffff, 0x0, r0, 0x0, 0xffffffffa003e45c, 0x700000000000000)

4m53.866770394s ago: executing program 3 (id=637):
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000480), &(0x7f0000000f00)='./file1\x00', 0x208800, &(0x7f0000003100)=ANY=[], 0x1, 0xf04, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0T8MT0gKiGKhDhVHKi4UCqlSK0EqlShntqeWvXWE+qFSlUqBfXQRkpc2X5vvX72sOuxPbv2/n7St2/fvNn5vslazsx49m0AhlZj5fHkydkihHc/fefRl58qfru87K72GkdWHovYa4UQmh39Itve53HBtSsvndmsLcLxlcfUD49dbr92MoSwGI6Ez0IrfDS/8OWH7z1y9OPXJ2556+Izr+zS7rfl+wEAAPvRpT8v/P2+f/7pgZmrlw6fDuPt5en4vBX7k/G4/1g8UE7Hy42wvl90RKexbL2RGI1svZFsvdEsz2hJvma2nWbJemNd8o10LNtsPwEAAGAvSue1rVA05tb1G425udXz/mWfT48Vc8+dXzh3oU+FAgAAAJX959WVm26FEEIIIUSt0RyAGoQQQgxTLE33+woEAAAAMGzy+cI2WNzZmbraW2v1lv/yw43NXw87oO6ff/n3Vv4PXvMbBwCA6vbr0WTar3QcneYxyOcRHMlet9Xj/0a2ndEt1lk2r+C65cXgvk1l9ef/roOqrP6tvo/9UlZ/Ph/moCqrP5+nc1CV1T9ecx1VldU/UXMdVZXVf6DmOqoqq/9gzXVUVVb/ZM11VFVW/1TNdVRVVv8NNddRVVn9h2quo6qy+vfKbbVl9bdqrqOqsvpnaq6jqrL6b6y5jqrK6r+p5jqqKqv/5prr6Jc7Y5v+HQ5n453nz/k53V45xwMAAIBh9z/z/wkhhBAbYuU+iAGoQ4j9HcUA1CC+Ktp/7xuAWoQQ249X+3r1AQAAABgE6XMB6QPoS1EaH+kyPho/S7QyPrG2Qhpvdnn9WJfx8S7jAAAAQAi/e+PcbW8Xa5/z3+58eB3zRl0PFeYxyie622r+7c57tt38e2XeMgAAAIZL8b3Prt//6PsvzFy9dPh0x9nv9Xi+m+YBHY3XBj6J/XRfwFTWL9I59On1eRol6+XXB24o297j29xRAAAAGGLp/L0VisZcx3l3KzQac3Nr5+OzoVmcO79w9ljsp+9n+eN0c3x5+UM11w0AAAD0bu18f/Pz//Q9vrNhrJh77vzCuQur/an28maj87rA9NryovO6QCtbfrxk+YnYT9/f+YPpAyvL5878cOGpnd55AAAAGBIXXrz4zJMLC2d/5IknnnjSftLv30wAAMBO++KLd5o/PjH1+9XP/6/Nf5c+/38k9ltxbr+/xBXSfQLpcwAbPq//xPo802XrPb9+vVa23kiM8azuiY7tLDuQvW6mLF9r/XbGSvJNZvmmsnz5PAWj2fop36FseT4/YVpvOluez8M4muUosvx3BwAAACg3/8Kzz89fePHig+efffLps0+ffe7E8VPfPXXq2EPfeWh+5b7++c67+wEAAIC9aO2m335XAgAAAAAAAAAAAAAAAAAAAMOrjq8T6/c+AgAAwLD796shhEUhhKgcS+P9r0EIIYQQQog9Eyvf7V5/3ka/rz8AAAAAw+falZfOhDARQlhuN7FY7Gi+9tZaq831K6t5Uzv14N9mliOtdvnhkXWvP7ij1TDsrsWfu9RusMM///LvrfwfvLaz+SfSk55//2WXjE9Xy3vv/C9nO/PfPtpj/nz/H6+W/2iW/97QW/6l97P8T1TLf1+W/2CP+Tfs//PV8t8f88/G/tF7es2//v0fj23ajwM95v92tv9PhV7zZ/vf6jFh5oGYHwCG0X69ASAdJaTj6MnYT/sbDzfDSPa6rR7/N7LtjG678vXbTcdBt8Z+Ol6ayvImW61/MtveDRXrzOV1Daqy+nfqfdxtZfU3a66jqrL6x2quo6qy+sdrrqOqsvonaq6jqrL6ez0P7bey+vfKdeWy+idrrqOqsvqnaq6jqrL6t/r/eL+U1X+o5jqqKqt/uuY6qiqrv+JltdqV1T9Tcx1VldV/Y811VFVW/00111FVWf0311xHv9wR27Lz4XT+OR3HUr+V9cc3+bfcr9cWAAAAYK/519DO/xevdPS9DiGEEELs1ZgY9GOJZFe2P7rL2xd1x3+XVvW7DiHE7sXSUt1XHBgku/tpZgAGld//w837P9y8/8PN+89XSffwF1k/GekyPtplvNllfCwbz39ex7uM35Rtdyld14xu7jL+tS7jh7qM39plfLbL+G1dxm/vMn5Hl3EAAACGwy2xdX4IAAAA+9fLv/rkzd/c+8SVmauXDp8OYxvmnT8W++Pxb+tvxH4+733SjH/z/0ns/yK2f4jtP7L13X8CAAAAuy99T4y//wMAAMD+lb6n1Pk/AAAA7F8zsXX+DwAAAPvXjbF1/g8AAAD7WDGx+eLYpusCd8e213n9AIDB9/XY3hnbw7G9K7bfiG06Drgntt+sqT4AYOf8/Ps/PfV2sTbf/4ls/FpcntoNFlevFBSN9TP5H4jtwdh+q8d68u8D6DV/cqjHPLuVf3qb+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/aOx8njy5GwRwrufvvPoz8be/OvysrvaaxxZeSxirxVCaLZfl0bX+r+OK1678tKZzvZ6bItwPBShaC8Pj11uZ5oMISyGI+Gz0AofzS98+eF7jxz9+PWJW966+Mwru/hPsG7/AAAAYD/6fwAAAP//ScMebw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x105042, 0x150)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2, 0x11, r0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, 0x0, 0x0, 0x1054)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

4m34.857453574s ago: executing program 41 (id=637):
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000480), &(0x7f0000000f00)='./file1\x00', 0x208800, &(0x7f0000003100)=ANY=[], 0x1, 0xf04, &(0x7f0000000f40)="$eJzs3U9sHNUZAPA3a6/txCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0T8MT0gKiGKhDhVHKi4UCqlSK0EqlShntqeWvXWE+qFSlUqBfXQRkpc2X5vvX72sOuxPbv2/n7St2/fvNn5vslazsx49m0AhlZj5fHkydkihHc/fefRl58qfru87K72GkdWHovYa4UQmh39Itve53HBtSsvndmsLcLxlcfUD49dbr92MoSwGI6Ez0IrfDS/8OWH7z1y9OPXJ2556+Izr+zS7rfl+wEAAPvRpT8v/P2+f/7pgZmrlw6fDuPt5en4vBX7k/G4/1g8UE7Hy42wvl90RKexbL2RGI1svZFsvdEsz2hJvma2nWbJemNd8o10LNtsPwEAAGAvSue1rVA05tb1G425udXz/mWfT48Vc8+dXzh3oU+FAgAAAJX959WVm26FEEIIIUSt0RyAGoQQQgxTLE33+woEAAAAMGzy+cI2WNzZmbraW2v1lv/yw43NXw87oO6ff/n3Vv4PXvMbBwCA6vbr0WTar3QcneYxyOcRHMlet9Xj/0a2ndEt1lk2r+C65cXgvk1l9ef/roOqrP6tvo/9UlZ/Ph/moCqrP5+nc1CV1T9ecx1VldU/UXMdVZXVf6DmOqoqq/9gzXVUVVb/ZM11VFVW/1TNdVRVVv8NNddRVVn9h2quo6qy+vfKbbVl9bdqrqOqsvpnaq6jqrL6b6y5jqrK6r+p5jqqKqv/5prr6Jc7Y5v+HQ5n453nz/k53V45xwMAAIBh9z/z/wkhhBAbYuU+iAGoQ4j9HcUA1CC+Ktp/7xuAWoQQ249X+3r1AQAAABgE6XMB6QPoS1EaH+kyPho/S7QyPrG2Qhpvdnn9WJfx8S7jAAAAQAi/e+PcbW8Xa5/z3+58eB3zRl0PFeYxyie622r+7c57tt38e2XeMgAAAIZL8b3Prt//6PsvzFy9dPh0x9nv9Xi+m+YBHY3XBj6J/XRfwFTWL9I59On1eRol6+XXB24o297j29xRAAAAGGLp/L0VisZcx3l3KzQac3Nr5+OzoVmcO79w9ljsp+9n+eN0c3x5+UM11w0AAAD0bu18f/Pz//Q9vrNhrJh77vzCuQur/an28maj87rA9NryovO6QCtbfrxk+YnYT9/f+YPpAyvL5878cOGpnd55AAAAGBIXXrz4zJMLC2d/5IknnnjSftLv30wAAMBO++KLd5o/PjH1+9XP/6/Nf5c+/38k9ltxbr+/xBXSfQLpcwAbPq//xPo802XrPb9+vVa23kiM8azuiY7tLDuQvW6mLF9r/XbGSvJNZvmmsnz5PAWj2fop36FseT4/YVpvOluez8M4muUosvx3BwAAACg3/8Kzz89fePHig+efffLps0+ffe7E8VPfPXXq2EPfeWh+5b7++c67+wEAAIC9aO2m335XAgAAAAAAAAAAAAAAAAAAAMOrjq8T6/c+AgAAwLD796shhEUhhKgcS+P9r0EIIYQQQog9Eyvf7V5/3ka/rz8AAAAAw+falZfOhDARQlhuN7FY7Gi+9tZaq831K6t5Uzv14N9mliOtdvnhkXWvP7ij1TDsrsWfu9RusMM///LvrfwfvLaz+SfSk55//2WXjE9Xy3vv/C9nO/PfPtpj/nz/H6+W/2iW/97QW/6l97P8T1TLf1+W/2CP+Tfs//PV8t8f88/G/tF7es2//v0fj23ajwM95v92tv9PhV7zZ/vf6jFh5oGYHwCG0X69ASAdJaTj6MnYT/sbDzfDSPa6rR7/N7LtjG678vXbTcdBt8Z+Ol6ayvImW61/MtveDRXrzOV1Daqy+nfqfdxtZfU3a66jqrL6x2quo6qy+sdrrqOqsvonaq6jqrL6ez0P7bey+vfKdeWy+idrrqOqsvqnaq6jqrL6t/r/eL+U1X+o5jqqKqt/uuY6qiqrv+JltdqV1T9Tcx1VldV/Y811VFVW/00111FVWf0311xHv9wR27Lz4XT+OR3HUr+V9cc3+bfcr9cWAAAAYK/519DO/xevdPS9DiGEEELs1ZgY9GOJZFe2P7rL2xd1x3+XVvW7DiHE7sXSUt1XHBgku/tpZgAGld//w837P9y8/8PN+89XSffwF1k/GekyPtplvNllfCwbz39ex7uM35Rtdyld14xu7jL+tS7jh7qM39plfLbL+G1dxm/vMn5Hl3EAAACGwy2xdX4IAAAA+9fLv/rkzd/c+8SVmauXDp8OYxvmnT8W++Pxb+tvxH4+733SjH/z/0ns/yK2f4jtP7L13X8CAAAAuy99T4y//wMAAMD+lb6n1Pk/AAAA7F8zsXX+DwAAAPvXjbF1/g8AAAD7WDGx+eLYpusCd8e213n9AIDB9/XY3hnbw7G9K7bfiG06Drgntt+sqT4AYOf8/Ps/PfV2sTbf/4ls/FpcntoNFlevFBSN9TP5H4jtwdh+q8d68u8D6DV/cqjHPLuVf3qb+QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/aOx8njy5GwRwrufvvPoz8be/OvysrvaaxxZeSxirxVCaLZfl0bX+r+OK1678tKZzvZ6bItwPBShaC8Pj11uZ5oMISyGI+Gz0AofzS98+eF7jxz9+PWJW966+Mwru/hPsG7/AAAAYD/6fwAAAP//ScMebw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file2\x00', 0x105042, 0x150)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2, 0x11, r0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, 0x0, 0x0, 0x1054)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

17.216241696s ago: executing program 0 (id=1206):
socket(0x2a, 0x2, 0x0)

15.909710952s ago: executing program 4 (id=1209):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000980)=ANY=[@ANYBLOB="1400000042000b06"], 0x14}}, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x0, 0x0)

15.326532763s ago: executing program 0 (id=1210):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x3c, r4, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x3c}}, 0x4000000)

15.040641468s ago: executing program 1 (id=1211):
r0 = syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x400, &(0x7f0000000580)=ANY=[@ANYBLOB='force,barrier,uid=', @ANYRESHEX=0x0, @ANYBLOB=',gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c6e6c733d69736f383835392d372c6465636f6d706f73652c666f7263652c756d61736b3d30303030303030303030303030303030303030313633312c747970653d35c9a9492c00a2448f86db78549e1625f8dccf5d9c1c09ee08af59fa6a28e57eab30da70d26847dfd9e41c6f631bff814ed0e68346f1f3ddba82693aa097377b9d718458c7f6cf8d8d810423b2ab635da6baf2097aef292ae873b170d4a42296e9b47a4e762bc72f2bf023f6d7a499df8b93760809d6a4f738fabee8ac0e5c92593f97268b5f90bc076f609aa8d53f97804aef51fb6a64bd8ca4886d6c50d3a8398062d1b2d0767a0b2c2e325640836cbc7f4b3573e1bd20d26ead2d527e9d0237f69834f07bf59ea547d11d21973963b4c3b2a3ee0acb98999135d1964dec5c8bae6531661e3ae6d7ddebeee4ceb9def2c307af61c1273f21860c95485777f740e073c9666346bb82cc19dc82474ab44693999fc0259c1bc8bcd0b167a82b84d773c665f6"], 0x3, 0x6b3, &(0x7f0000000780)="$eJzs3U9sHFcdB/DvbDbrbJBSt03TgJBiNVIFjUjsrEqChNSAEMohQhFcerUSp7HipJXjorRCZAMUJE6cUA8cilA49IQQQionRDkjIXHhlHskbhxyAIzmz9pre+PYieN1289Hmp03+96895tf5s/ubKwJ8Jl1/vXs76fI+RMXbpXL9+72Fu7d7V0flJNMJGkl7XqWopsUHyfnUk/5fPlm013xsHFevf9R0X7/w1691G6mqn1rs/U2GNmynxxYWdiXZKou/mcLHbZG91dNVT+XVvt7TMVK3GXCjg8SB+O2vEF/tXLUobHW1o9bYM+6XV83N5hMDqa+upafA9KcHR59Zhi/Tc9N/d2LAwAAAJ6Wkd/lhz3zIA9yK4d2JxwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4dCjqZwYWzdQalKdSDJ7/3xl6pn5nzOE+ofeuVLPvPjPuQAAAAAAAAADgiRx7kAe5lUOD5eWi+s3/pWrhcPX6ubydm5nLYk7mVmazlKUsZibJ5FBHnVuzS0uLMxvX/GXKNZeXl283a54euebptXH11wc66n8abGgEAAAAAAAAAJ9ZP8r51d//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgLyiSffWsmg4PypNptZMcSNIpplaad8Ya7A7487gDAAAAgKev28wPFf+rC8tF9Z3/SPW9/0Dezo0sZT5LWchcLlf3Aupv/a2/93sL9+72rpfTxo6/8a9txVH1mPrew+iRp6sWL6yscT7fzvdyIlO5mMXM5/uZzVLmMpVvVaXZFJls7l5M3rvbzSDWjfGeW7N0cX1sx4bKZXxHq0i6uZL5KraTudQZhN5q2h0dGu2PnWTdiHfK7BSvNbaYo8vNvNyiXzTzvWGy2vL9KxmZbnJfZuPZ4bxvzP0295P1I82ktXIP6vDqKOXi+pEeK+cHm3mZ658+3Zxv81ba2kz0f14uDfa+I5vnPPnyP/5y8WrrxrWrV26e2Du70WNav0/0hjLx4pYysVBmov8EmTjwJPHvnE6Tjfosur2z5UvVuocyn+/kzVzOXM5kOjM5m+l8LafTy+mhvL6weV6rY621vWPt+JeaQnlN+tnQtWnXTDysoszrs0N5HT7TTVZ1w++sZum5LWSp6GR0lv45MpT2F5pCOcaPh64447c+EzNDmXh+80z8+r/LSW4u3Li2eHX2rS2O93IzLw/b99aem3+zIxu0fc3mlvvLc+U/VurLxvDeUdY9P6hbl69O84tLu+lsTV0n1fFc1z3qSC17OnJnVE913YsjR+lVdUeH6tZ8ysmbWVj5FNLY9YMUgC04+MrBTvd+92/dD7o/6V7tXjjwzYmzE1/sZP9f23/a97vWb1tfL17JB/lhDo07UgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DS4+c6712YXFuYW92AhrR3u8M7IqkEq6nc6I9ocyx7IxiejMLHZHvX71I9resjqnXHE3M1D49ndQtq7MNZERlRdWHmnm7RW4klybY884A54Gk4tXX/r1M133v3K/PXZN+bemLtx+uyZ1870vjpz+9SV+YW56fq1adwec7DAjlr9GDDuSAAAAAAAAAAAAICt2o0/bxgxbNEfw7YCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAn0znX8/+forMTJ+cLpfv3e0tlNOgvNqynaSVpPhBUnycnEs9ZXKou+Jh47x6/6Nfvfz+h73VvtqD9q116/3h38vL29yKfjNlKsm+Zv5oE1vq79JQf/1tBlYrVrawTNjxQeJg3P4fAAD//+/HBYc=")
setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=ANY=[@ANYRESDEC=r0, @ANYRESHEX, @ANYRESHEX=r0, @ANYRES64=r0, @ANYRESHEX=r0], 0x0, 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000180), 0xf, 0x5e491594599c92a0)
sendmsg$xdp(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000001c0)="ce3f3fccb56e1e1bfdc273890b05c021b4b1a8ae08f44ae7b517e8f5fe41d6d78bec7debb62dadcd3155ef64b182eeecc15da8a4a4a55d522e40ca4e2a4da64b9123757b73fab6a27dbcb9add36fb54a42538853f6843702be816e6af7ec9cff6a66dc3096e8f122bd9fb3a713ea6da1e7e9a34d7d4b602fd91c1745edcb99156e5a8692683514352cd16567c111d805ac3d0b921ce0f8db82b8862d02c9afe49d4099cb8306df2ada6d9c098e6d14f9571fa74b1db75007ed11c79d287f4665530b3f6de9996298c1", 0xc9}, {&(0x7f00000002c0)="8d01a4356091cfd2976e699a9d512699a39c754a56823201abd86471f767a40f5fbf560577b509a61a1793099dc1b8363d4bfe095361cb3dd65f5bc2bf7dac53176a117e00e5c75f8ba67c23ec21404367cd33d564e15d67dd0333a2eb536d51680bb883303356d9a12308ff92a341028911279dbf920d", 0x77}, {&(0x7f0000000340)="e05b49e4a61eb33800c473958e4d452ed1e2832e96c528c0de31a14be1fd43407b21708b08d9a0b8c0a79d891f11bd87ba9928b13dad657ab512d848a7b3da26999f279d6b8075b7eaf0508bec414e415b00722f68953b834427e2ad2ea079ed5ed5ef5b9e6f", 0x66}, {&(0x7f00000003c0)="35760196060be5b8b13130e4a6f96129a27e82ff0e", 0x15}, {&(0x7f0000000400)="28d094060cf9507e458878cef3793e35ca81b2915e9f4cb9f96154b631581103c4f62d22a30f52fd5661633487d3caae4530e45729a4d38270d187ab3bef844911d9ce23772960526012cd448253d5b063b5b3098a90c101a71c56f4a115498dd04fd3da8eabeb98811b21bee05a4bdcd8c7a0c9e9c3ff8b1d38d26de4cc49150d9d03f0496727d88a57ab573d6571eec16cdf70b8a8a002ce04b26243bc6349cfa5f7b8a2cbe9e293e24af9e9f18d2831385981071b768f4c931a75d53e6b55ecef1816ef305467766f81ed4b583779c7dff1eb96cd1b037b", 0xd9}], 0x5}, 0x44084)
listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)

14.493815033s ago: executing program 4 (id=1213):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe8381, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000d40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)}], 0x1}}], 0x1, 0x1405c891)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x9, 0xfc, 0x2, '\x00', 0x8001})
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000002c0)=0x10000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13.991613666s ago: executing program 0 (id=1215):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x2, &(0x7f0000000040)=[{0x40, 0x5d, 0x2, 0x190b87f9}, {0x6, 0x0, 0x6, 0x1}]}, 0x10)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000140)="24000000010006", 0x7)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{0xffffffffffffffff, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000100)}, 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_int(r2, 0x1, 0x2a, &(0x7f0000000200)=0x7ffe, 0x4)
splice(r2, 0x0, r3, 0x0, 0x39000, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000100)={0x1d, r5, 0x0, {0x0, 0x0, 0x4}, 0x1}, 0x18)
r6 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f00000002c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x8, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x4, 0x7c9558a2}}, @restrict={0xe, 0x0, 0x0, 0xb, 0x5}, @ptr={0x2, 0x0, 0x0, 0x2, 0x3}, @func={0x8, 0x0, 0x0, 0xc, 0x2}]}, {0x0, [0x0, 0x61, 0x0, 0x30, 0x30, 0x5f]}}, &(0x7f0000000340)=""/140, 0x5c, 0x8c, 0x1, 0xf, 0x0, @void, @value}, 0x28)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000740)={0x6, 0x12, &(0x7f00000004c0)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7fff}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @ldst={0x1, 0x0, 0x1, 0x1, 0x1, 0x40, 0xffffffffffffffff}], &(0x7f0000000580)='GPL\x00', 0x80000, 0xab, &(0x7f00000005c0)=""/171, 0x41000, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000680)={0x8, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000006c0)=[0x1], &(0x7f0000000700)=[{0x2, 0x1, 0x9}], 0x10, 0x7, @void, @value}, 0x94)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000800)={0xffffffffffffffff, 0x10000000}, 0xc)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x4, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000008c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x80000000, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x2, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r11 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000940)='/proc/sys/net/ipv4/vs/sloppy_tcp\x00', 0x2, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
r12 = dup2(r0, r0)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x13, 0xd, &(0x7f00000001c0)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, 0x1}}, @tail_call={{0x18, 0x2, 0x1, 0x0, r1}}, @map_val={0x18, 0x1, 0x2, 0x0, r3, 0x0, 0x0, 0x0, 0x6}, @cb_func={0x18, 0x4, 0x4, 0x0, 0xfffffffffffffff9}], &(0x7f0000000240)='GPL\x00', 0xffffffa8, 0x32, &(0x7f0000000280)=""/50, 0x40f00, 0x40, '\x00', r5, @fallback=0x27, r6, 0x8, &(0x7f0000000440)={0x2, 0x5}, 0x8, 0x10, &(0x7f0000000480)={0x3, 0xa, 0x7923, 0x1}, 0x10, 0x0, r7, 0x0, &(0x7f0000000980)=[r8, r9, r10, r11, r12], 0x0, 0x10, 0x7fff, @void, @value}, 0x94)

13.020190802s ago: executing program 1 (id=1216):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x9}}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x60, 0x2c, 0xd27, 0xfffffffd, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x30, 0x2, [@TCA_BASIC_EMATCHES={0x2c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x20, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1}, @TCF_EM_IPT={0xc, 0x1, 0x0, 0x0, {{0x7, 0x9, 0x3}}}]}]}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4004}, 0x0) (fail_nth: 1)

12.98413292s ago: executing program 9 (id=1217):
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000540)={0x24, &(0x7f0000000300)={0x20, 0x1, 0x2, {0x2, 0x21}}, &(0x7f0000000400)={0x0, 0x3, 0x90, @string={0x90, 0x3, "dc906b6b4c7c4b017fb0d1f52f591a2791e5d9ce9e6fc28d9e6b17e9ab2e5e0fd3468bf7e2c7f9f09d6bb9565d403a6f451f0359f26a52f18501f988bb840f7ec079da62552f73b0e7007dd6833e8ef258af7270090020c50fb905340e96302d31ec235fdaf08ea1ff585f8cdfd624a91af0121d9b1bda050deceac867409fa50a3e4a8fe29f0ba9e49782b2e2f1"}}, 0x0, &(0x7f0000000500)={0x0, 0x21, 0x9, {0x9, 0x21, 0x30, 0x2, 0x1, {0x22, 0xb67}}}}, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f0000000080), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x4, 0x804, 0x7, 0xf, 0x120000, 0xff, 0x0, 0x8, 0x8000000000000001, 0x2, 0x0, 0x101, 0x6, 0x1], 0x8000000, 0x141200})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x10, 0x2, 0xb6, '\x00', 0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

12.932036864s ago: executing program 4 (id=1218):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000000000205804115000fa6d00000109022400010000000009040000050300000009210000000122940309058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

11.615664104s ago: executing program 2 (id=1220):
r0 = gettid()
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r1 = socket(0x2b, 0x1, 0x0)
listen(r1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r2, 0xc1485544, &(0x7f0000000040))
poll(&(0x7f0000000200)=[{r1, 0x4040}], 0x1, 0xb7)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
pipe2$9p(&(0x7f0000000140), 0x84800)
socket$xdp(0x2c, 0x3, 0x0)
clock_gettime(0x6, &(0x7f0000000280))
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000003c0)={<r6=>0xffffffffffffffff})
sendmmsg$inet(r6, &(0x7f0000003f80)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000280)={0x1e, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}}], 0x2, 0x2001c111)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r5, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r7, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000b"], 0xe4}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f0000000280)="db", 0x1}], 0x1}, 0x41)
recvmsg(r8, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2)
mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x8)
read(r8, &(0x7f0000000080)=""/111, 0x6f)

11.298113591s ago: executing program 1 (id=1221):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000022c0)=@newtaction={0x64, 0x30, 0x300, 0x70bd2d, 0x25dfdbff, {}, [{0x50, 0x1, [@m_sample={0x4c, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x1d, 0x6, "f8962b722d1256323ad996fb1593fdb0000000008d0be1f265"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x64}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

10.413804467s ago: executing program 9 (id=1222):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r0, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000) (fail_nth: 1)

10.228126726s ago: executing program 2 (id=1223):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', <r3=>0x0})
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10)
sendto$inet(r4, &(0x7f0000000280)='7', 0x1, 0x0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000480)=[@in6={0xa, 0x4e20, 0x0, @loopback, 0xffffffff}], 0x1c)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e20, @loopback}]}, &(0x7f00000002c0)=0x10)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r6, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x100, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x1c, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x10, 0x3}, @TCA_FQ_FLOW_MAX_RATE={0x8, 0x2}, @TCA_FQ_FLOW_MAX_RATE={0x8, 0x7, 0x3}]}}]}, 0x48}}, 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[])
read$FUSE(r7, &(0x7f0000006300)={0x2020, 0x0, <r8=>0x0}, 0x2020)
syz_fuse_handle_req(r7, &(0x7f0000004300)="afe28a28263ffd9dbc5af980196765a3c1f82c4a1fae7a322fdf0f6eec50303f6104db417704a701a8d6c5e7f5c99a5cf3eed4e0e1c82545122d6933469933ec605aaf61a5b8b1f8aacbafca498796976da62837e4a0d818ea71474d0412cfe162a7260456c425f2604cbd262e2aef92d09d6d2e105b7e7d377c95ccfe1d0f9af9f7e6a6d85d4a8ebee6fa703efd8c4a106793205a405938d47f97266eaa5fda88f11a03a8305399889ccc48f85c4b6a7747f489dc76c93b06be84635190224018e13954cd2fe714fec88f6aac3c57d5fec99307b8c8327e8854000e81d781e2f5bc37e96bbc3077555f696c6fadd199d9bfbf0997e76925fe17923ac5976e32f52ee407c43070cd8a709a2326ac96b94051cd0cc8f29b43edbc4ed850ae7a30b45db7e72114aeb46bd3a91775582c9206a638456a0e3da847a7be2e21620df89ea7e2da53f77f39cf0eb2d0b601d507d4dd57a534b5c77076052cdb03dd0c241f75f442fdb07624ad9d9fcbba92a4f20b20b424e3c9c92f2831e5efe0be454f3b4dbb9dbe6152bb152206ff0451edeffdbaba54deb39f00e74297c676effb60950dce7a847031ca85a1b3690f573bc31094d6e7d95f5821c0eae6a2685958619d94108eefcbc0dc5dda47ca509878dd8caa875d69af6c88997b5d67e5c67bf9daf89547a55061eb0cc55e2c696b71c7384ba16928fa81f7394a048329c467ef813df172236464f9d1418e5d5386b0eb6d5c4f765d0246ee91ab39c07310b61680788e3a57dab96d1eabe1a0efc2b6c882aed50d993d15f8561bc1f6bde7e79b711bb206685344aae196c1c4b97cd515911341cd60c6ad108e0013f87d063385ea5f057de4315284cb6f8545436981ce1c4bbf13f178e3a504bc0c8b1bead105f7e7622c288aca7206ee18dbb97b1b393d102d9c65e3a765e87f554d98383e4e49ad1c600d8fac4acb970ce04e0c866806bd44b21b5c891c3bccefb87bdf389d6a36992cacfe52b96e7e1014cc58ec29fe0ac221ea6d49f759f2a746e7603272d572515fbbb33d2b6f94eb9c6571118b606e18ef88ff88366aa3ecccd6c845f9b8534f49997c940a930693fcdf742fde3676c6cee9eda06ab856a4dfee75c7c9cda6b11da6441644b62116e6fdcae5b5e0148047028a5842c21fb9637771a5ac84ba9740c9c9b56b58c08730a48e81c05b312449edd27843c173d1875c28aeca43761a06fed193378129243aa514bf74d6b76ccd70807440401948d6f3bd9a352cd432e1289f2d4e78add381e4477dd8ac2f2ccd3b6533121ac51c393dc773b9e120ea8194e51d76749b4f0c4e6e40132ba1535015d5ff224ff77310be5a31a6defa004262918136b9db98a94a1fd244be1f5a7cf6762e7bea536df1d312a72776baa881833d295f1a60f2ac98d54f302d8fc72f135ab3256d065a618b60d2a6982ee89c60bac90dd81e0cfc24118c568e8e3a29a9f29e55f479a8fb5638d6cd724605b69aaacafd440020f4776652537454041acc13cdb0bf1489fbac78c4bfae755b259764756407204b22cfe838ddf82523c03b4bc1eeb55c43b1f50b7d03fd4da448ae51cc4a844fd0240e0d131c2693ed770844bf25e3bbea974a5c2a40ed65f1c3a729ed93ec22b93899aa861ce301e1cc1f3e98846a39a49169cbe3eef35e3595207f1014a8dc89d6b512dc05cd23ed4b4741f6ac778794cd1282f42a72301f37816859cb92d53db6793f294df19d0ef1bb453685f3c666b3941c25c92b204c8307c0e83469032f276cef4ce538a4570d652aa212de6fae8ae4d62399de49f0d4bfc0a47fbd79e7a86e12c9d863dde004f9e9d605dac7d688dc5daff78c27bbe727fbab0cd3058e75544261d5d83468ef23e3a224f0ec460855aad927c5c5b3bfce0a3e3c45abb0ee6dbd04242ec765e324209bdf07f4ed21eb15e2f030476fbc3cd05554f54858232625e9b37ac41b8e354ebc85a0282fbf9ad5d6e0c2d7b093bc1f887646faa1e7622f110b546dadf44eff6bafb2a58631a93e560bd67b42ab96d4a9f044f26a481feb8b3f2018a7236799c2d1877a63e5fe64dd207be729eb1cda7977d59bc139e1d2f6cae1defe90b8f6a99ae4dbac317413745521247f3691e894af33c7484afb11f4d2f858ee87e93ad202f9853c6ceee0a92e052225ebf283a017ae2e7cfcf924ea4e3b319a05a9bfe3f476308aa5039fb8a7d3642043957a2090e0727120a7aea16d16e7a4b15d5676966041f76188fb69d89080b6eb2d4d42bc84e298dedda4db06b78df5c7198230ab439f0c3b4f3f649d531664c59eee2d73fe14f01133776b717f6b7118afdb264ace9e44af5bfdf35bfa7f7ab538004c0085c11da725ed284a34c7f27da78acf488bd0f54e6026efbf81af934558c36473d0fdc85519e11b4f30fa3b7ef757c35f4c88a360549def898cc460557433e44621589e71f3118003b4695f3130dc005d32c0330b950c12e430d2a2a6b9a68995bc9e1345dcfa30585603f09e74296cffe8d758b216de00e8302eed0e06f94e7bdf835cf27fcbe57651f36d6d2de82f179f42fc8e7fed4f5c7f5b691c6e038a76cab3e604e42ceda945e155db89cc0013564726053ccd77cd8e626bac72468ae0998f686450d5e0a17ce88e1b15d05f212c336d7cb5013eb94fa861b588be01ed252b487b4d1918c87a341b5daf74f3083bd49ccc6ee26ff8993b5398145ae7f9505c1398f1bdd2cb90636f9e99da243cedccc97252fe15ee10e886c187e5c614f33bbf630c654b1d87e693b765f3a36b67bd1fb46afcd24c96a0b7784e4cabb8a8a5abca853d51694da85296a430b8856f51173946c9f143db65fd1b51b9534657d3a7953ba7186651ddc6f0a625563c3b43cfbc83330507d399ae87731e1ab1f15320779da21d2000d85155a8c9cbd6f642695a565dec615d7bdf8a47a76005b3607cde6176b8303b7eeb2212179d6f5176e45b1759810fcec418e6c41e7b33da9f92211631a070257cea55e644498466d5fc5744f903e6c4a2d3809eb6e70d50a82f66a1a05079ebe9ae0b756bb2781dafd14b1a06c0eb2c9b77b0d8d005d47aacf5447a104f85df3decb0ef8bf1483b47be9c945b95634c474f9cebdc97a91f85aba7172d05cd7b06afa043b8900ab400770fa270029e34ebab31a69367a18057ce532cd66e52b807b8665475977a56ec5407c778994ce9c85e8b96f1313e468cf83d266f14250acee2a4a52001de174d2208bc2a679916e4231fb30a99263a0398e99e9f8236010f17a5de367d673a95b374158d2baae4612ec6898d0fec2f95b45c6bd760a0cabcac1067470492c5e66c11ea745ae803dd24a5c89cac5a0d64bcc15648b1d812be638d10311d640b3251a8001619d09f138bf04e35c02807c2c87c222a6f54da320f0169cece864f4d37af54f0fdcfd455051c0effe17d2c04b3b67807af05cd8176017cd8e35c1ca1b13112f2dddde84be95ef67a6c8ad8a4ab0e7175fd124bda62656c4afec4dc8c0261a855e75575ddbb375e45a5b635fc7bc528ba387dd24f485ba69a9ba2761c243d359bce078d0ba0cdc13b6ee7d66a8546c49a4429af5866f866ba2e1e0a10ff4a3c3b5e240d918f6a896c35f51ad7b02e6d0747ee80a99c8812577600e359b703e571ec18d6b88866f28aef250de65f39b266f6795237f7d3f741127f3d47cefb255d1b3c06c7d8fec9bb8e5c666d7ca7b803dbabc6cacecbca1ed8e89ddc2140f45c4f8572c146d7ab2be20eb72baaee4b1d371aa9f06833ba1a0cb66b701c1fd90e8bcdcfb9bd57a8cad381e7cb2b99250d21384ebf771833ac6f32f4115fcb0ffa177dcae6673b1ff80cbefbaec2c863b263035ad2a0d0a340fed260d4fbf008745bc1b51e5b011b54584f6c0cf3a401f8cfd23f23e830a311bec365064895cbe8a664184aff212bac6f164f6b619e4d8521ae447abc8f59b284aa2e94061aa15afd9070fef452d4fd644da4b6b716784109d92abd31d3221a76eaf592e6529e70a67bd92cdb431c7af9f658b2ace3d954c4a5208f1edcdb8a04461262ed26b24bb3df41b1c28ec42880590b3685f56a3982250ae96c7e1fcb9aa6a9887639d2209cf190e9ea82d5634513eb36c5c0e0769250948967240e29921da36aa0c07c76c81c7bd8b7f1c1c9063b4b1fcd88f63aaf568a7cc9249fad5c996853dd160d80f5251673643fb5e0067c97b0d2b513c1d22a3c2e73786c3c5c17f14c57c2df7c830216e5c3ef066468069428501e1a78c935f4c520c5cfe9daa89ca4bb4895fec8a328453ff630848eeac719bcc09d7bee73e58f4b7cf90f098bb7019c73912b630af92ed9b309c53c5c4edaa3788f9e6d486bd363619cd2c140d9a7175f6c5f977eb6e6f58f18c8d0ace671570e0dd6ed78ca228782ddb71c6f137cf0e27fa85b52b1c15ddf184a72dab098a8b1c1f6746238a8a92848f2478b690b80c131c85e90b69953f5eb54c0b47d59b7e440190e1c9b2d72fdd94c64296ca33aab32cc8f69091df05aaefd4ea00303a3522672f01b5373abae33d34844831a1af2e51276b61e637a93e02e09c306e5fb9619e82bbcf0e43e2f5e8ec8a458b9f1c612634645eb82051fa34f4b13439c3ba2e016972df37f197d09121bd377b1472a2da64698efb11cc88fa36ac173c83ee155b73716639f5d73a29fb783fb27e5ccbab5f9b95a4dca6a7406cd053a7ac9ff25f42ebddd9afe7df308979c314acaacecea602267c6d57fb5f5222e4ccd4b18573b32d6a19f1798a1d78b36b32f0723f7b33b06c2ca43b22e4cce6cda741b3e68a056a0cd6d51b6929cf4a16fb7b2490cbe87e5612dfa7d26ad40ec412021f9033aa2884ee86c7610623fb64663ac5554e694e84877708e77d243bcdb198714fff672b0f927f9cbe5b2436002f02a559dda5232cc150170d7b32d547a080f852c6838809f8ae1995e7ad4b24c7d1ecdb6b5dabca5da671493a3a1b4da1e7ad13ca4b4dbcf53a71348366cef7ee45cb719a8321205aa70da47104e66f344393e64dcfcd015b9d6bc75ec3dd31551de4b614bdc4d89c8de1254a91c4f33cdddf98d8ddf36e8cdc537a7d11dbf51913ca87ca9f644a2a08905e15c0f2bc58168e425b52055e7878ba468909dbed30815e01720df5a1be196471d30c1525070efa59fe62720960e473dc237d7866d77e8ac69cbaa50cea6205b7ccef9437b132f41e87906f3b9c48e9750e7ed1993597f8e599ab8596f4378853ee10e26289e72b92c425f5f0ad0f94d4694415739ccfc06bc5a49237157071116578df4f8aaa1eb4c123c8ada753e4a631f3f9660fbc9404d8af9ef1af380ccee1f2e520c03615fe7c5d276e917d84061f8cc0e5814caac9ecb0ebdf8bfae551197d66ff22236832a0ac38586b059a4ae9054d1810d361f50da921b33904cb6ea7faf44b811e7f7348d07cd32c8f83da01d4d74092493ef5cd3d2cbb9eeed6986f3e4615b8d341cbe13d6eac3bc1e9217fc2f86dd0cab958a6b4e0f0604501b48d352118611e96a974e3642fa785538e7d5b3bc7a363ca95a98a0816e6179bb438f3c110036770da0978987ebcd241464136b2a8d45bf1c2b499b6dba8e44448c73163ae7df71d7c98b705af886dc195cc918c2552fc1696d6749222a4e83279a14001ccb540a64a713fa1691c30e99ae0bf8fdacaaf4aea9d4f89db7d4f364f7a30c80b782f5cd7af01347d78769902f2ed675b6b859b5467cad1bed59a64f13a4b5a827e029c9a3107b08e5f18b930855f7d85f1d78d45d7d3c909b87213158dbe5cfda90936388885a32a61529ab30bf31fcc1d6df9ead0f49ada899dc8be042d2289383f6d09411aea11e6002359ff2e36345b8454ec5f126db94349666a3666323ca164a0f72873b63c9dcc0c60785a66862655d4ab5749bc00bd98ba9e20325e78a572fc93739ce884f3398218c614f8ea33cdff4b797dc2c2874d20670733f30acf52ae4d14c9e83f54533acd42931ea42fcbf89f7a8e68c3c8ecefa4a1e1c693244d4604f9488df30718c455f719a6d93b30173305264c9bdb21e8a68a74e7310dbecdc27afc7b162466c444ce4bda0d937104e683349828a4f0ca8723d54fe13287286f7a6dbb8ece6a7ece355fbee7424e7e524ec33ed5fed03a1ea964af0830108c5e69a071606d9d28450977245cba4d0e1ed8177752526e218cb5e113dff2236c663808533c580da3d83ad502a3d5d30949ca2cea660ccb613cc7661d6857b3b70588976ac8ceed944f7f738e43101369bea05a26ff31692ab45b6c95f794a5c92d8bd42ce8803162cc730782e0c1e468c9d090488763d9d1f1471c2ab1cd8599e078d81a0e84707ea02a0f91c3d588bb54f1f5ba58845617b80263ab8fb2c6757d72eebe00591c7b6cffddb969f6fee2ef9f016f641aa2ccfd59c839ba40ac1a10bb9d94f96e1c6829dd4d2dcb9d0f71726c31d813fa78af8b7621fa47f4b0ed9d9d98e4209676969728a00a92dd592dfee41c806076f0e4100e371c7427f888ef91f03c5b16d87b2ade294f69b77afb199de38bfebfa3ec9285d1829c7c0714bd100c84efc8eb71146a1d4c7f659d77c42119b738d6bcfede23855780a6627d4a417aab498ec60bf69c44fc1f3fd4f99ed941a1234ad1f3120dcc71275c464be23453749841dc1c36a76b28b3659e809a1216aea67658ff76e99580cb202eedb9d4cab23e879723d11f8d4086362271f8f2e6816d47eaeaa5066c3c4338868fd3c8b832581490b6801278e9d1d59771dcc73eef6b9903ba9b9f5e565eece392568c878662ad9cbb931242a27d883fe7839e7e502c368e736f5dc057ed2e4b5c963c54712c772535e22e94c61a13ed50682c065cad0d861b3888ef332ed0236e2747720f97793b46eb39b51057b44f2b9e05de8c077cff7ef5afb56a5d28754d76161909a05573f8aaee5fdf260d80eda7e1b83539e09362a4f9aa0e8f069e0cf221eca87593457b342de27c99cf14c4bc0d8050aa19c8e4a56b3b5d2c3fcc23633f5ab20ec063270c9922292b645a5523f9bba5c6f66368c227bb4b2ad6c1f4c8927552f6b41a312a4bec49669e2968a7d6bf30cf09f8d3fb473ce5a839ed27fa906dbf504aec3a5a2884bf4c569235202dffa763b14f4501ecb8608e77aeb4fda0e4177fad0bc02da3224f183355ad62f6c50efa3c8f8e02bf3cf47ff31210606bb87ce4acb53ead7eff942d65d9905e9bf6acf5829eed4855da2488e0896ad346da16a5c988e31b0632592a2dc3030d28b6d62a3a4638a0a3736f5103ce5fe72baac7fa23d5295c42cd81075ca9f7a9a7fe3cf418f50f7eccd8a7c3e6fb1e8b30c5d8dbb0772a8b44f44cebd8249ce10eb24d1f668765796b4a56a482580456ac49db677284f3b2deaa9514973ad5c156bb4961b2ad05bcde1bcea522790765208eab6eb27777c2ef643ab0c85e9625d259ae29a3b2e864bf936cefd90b63ba2281f8bf8505ef6040335c258d338c014c31810a324dfe382699ac0b92a2747973a297e94fcd75ec7d156bd61cf848d7144f9a9dd89c72b9c323ed6f37110f722da90396816050ad800fb33a92651b0356fd15c4cf876a3509ab32cca3f5bd6906ce5ec186391effb13fac0a10525622023645bfb9742472695c81461db0298f84af1983b6e5e94ae355e0e790fb51fe558bd70e889744872c9ababf42b930340e192ab4295ee72e1392f2bbb137533a919d72e651cbafa37a88232d0f464bd4531e49c65abd629f3e8b920ae3bde61a3538514866f18a937848f7bd99e4a0fbea506b9ee5ab47e41cad31dc261020f91d65c88bf2251c617cfde3314ec540c8128adf417f1ee716473c3d3c049dc7714a832c128869bb4a9bad6f8be1b0a6bb5c0e40417d594a876a5fb50055e7c67e2519698e5ca89fada7c84032a811b0eb5c67364ea809c6be960c9a7b98afc8e6315e780d8f556b97ea65b7fd27ca6fab61164d60a109d182b9b8f7995ee915eb68be320000db4b0bb821ce13a8d55ff70629a5f2bb89a1c7a4b874b49bcb13105493a9560344f89877e7c5e409a15bcda6d27073c3b744b386b0b82098d307dc3aab1ead4306a73cf8382bd3451c0aaa14a8333c6f34e6b5e5d3b240e01243749b3938840c835e16129ddca5d9439511b4fd22752d904dcd60f9405467918e48fa17547493e51a14ccb47128c7449b51cef63178f32cb06155b9e9cb65dba65f8a6f9a45d8d49852609dd0cf8418f463cb15eaaea77c1c89f530c1f6c6c7820d66957ff2fe731628a328f4e7896d5cf6fcc0782c05c47b8f01d28908913e379334fa90ea01906e865202fc6386fc69fb683a1dfd037ec5bbdb368b3530a3cbbbecf2107faeaf32081c65b48a3bd352998df0a781dd86c7c8112407db1bf1ac6446a0c77e8f2e3374fb8217abd59b3d40c9582a3ab663f278a83b22685914b4b2bacc973ffb2dec5e6eb98d6c16463c1e9a896ca4e65206687ca4423c359b4e1ce06a57ecb083b750026719dff109a1d823b4ccff79e5ce416bf3756d913b31faad8c0bab1c62276a581ba8830da7c59c5224db7dd38b032db7cf7022502a8f3cef31dc8344a2d02af978d6f901b1b0097dc425f4f34b73c6ee02a8b48d7a23299c1c6e5190221f84c2ecfe5bdb67b36c5dc23455ae466722c5e4f52b07aa667a6cb55c6a411225e88cf513c7cdd2065a1e044c0008f8b6a5b28f3f00f14e7da47e944ca666cec951593ac26ce5e75f17ca2d438dd8f926ac57d1761a72024187a2f77ef42a7d246f906166afecdcdcf8db8cef6f8855ecd97185fda05bae717eaf3165b99021fbdcee50384a22c8c025c8f82d4839dcb0a6075642dc453c21a4dcdc997d70315dce9a3ac7eb0185924436965d1376624b5c08772ba59b142a066bcd0ad044628e463921d78f1efcf8e8cd1e0fcf525115ae2b104c31561574003770c21e847ab80b65d3a2b53e6ad4a3d5227e3bc82b58b5feabc9c70b55264b32b658227851518664baa871f8128bd826ce818be1edef708e033155ed69a0bd83b246d83ac85b33d7370dcc7f930c25609e2e5f86f1738ba266b079a3743180b9b84a24e4915b1743834ec319e5b238ba6942e4128348be821b21892477e4c5ad3a2031f0ef11d9d54cc90f87cf093e582b1384c8960c36421969f7ee247001f37c66f10ff6dc3edc7de984acb599e9b8bd3e792855ddc703698578edfe74bd27e967dbe77bd4cd0bcbe08ebfa7c5bf95745e670438097ee29215d3ecbde9e8e50e14ec41a9d746de20230140d854e36e95f7c13446db26715b9a30a3d3afa3a5645e0afd3eaf8457a87c528792241e99a415b8709ae334bfa81fd8508c77b50e3d1f2ecf8f7b6b1d187bbac0bd3d49f00fb5c21836a2bd79ea2839bd3a1d396422699dfe0958479c36964efdb2f602d25f202a534df612f347696de6fecffb673d2162f2572c6d04895fc22b638dbf54dfad4d6058683919ec47cc3d3d1f5e4528bae31632081b9b80770ce0e7d44287e18fde786801e7beda77c0b9ee3965f3a4956496fe8e892b65e137d9e47e8e164f7c6fe9c6ac9ece1b7eead32a5a188df5539537e1b736f1c5d67b604d064eda6b6730c51e182cae81e65290f12f68a7146888e438a799d04931f2a0b9b6c565d47d9d322e7358ccdbc08eafc2470414c44f97e33013b976b995bcf96409789bc2bc97d7add4b6eaaa84c18ea936f0eb332185f9de597d6f7793215df2c0be4b5b4085910adb83d248be16deeac399070ad00a24a67cebef51694726a612ea5763f1bbff03a77357d867ec5461c33d73a47db4a51b496be6960ca7c8cb92a51dd578f99e4b1d2b18ce406b2751aeb065ad0225aeb1eedce3b26e3feec915361cd6b4acc105a2962edcd6547691a557f4deb9ca96d39bd92ebc96e763b6139a0421f42c561a7a20ffebef94bc0b7538466064610134ede0221cde98d085531471c0e9761880904952234f0ae34502b3790aad682fe6e7fd7977816e21aa3f7793ca99312ee07ef9b34a31102710bbaa31dcd57d941e6d5fd6b6607d3449bbffb1434d67edc10727230c3283ab7e212152039e9403bc7ae082cb3934794468dc7549aa35cdf35d3c0f754b7fdf47dbb5bc5047923f6841b9a4054a0eef23de222f0ecc04410fccfe3779820d2ac659b84ea56eeefaae980f1bd43aef8e78705ce1995cee4f88400903f66e6d24307090e23d04387909a62a3394890118549baec01b6f2a5c416f68b71bfc2b7a0bf289587664a2b6194d4eccb51bd4177c9487b724f91d088ce68f20882a8dd633b17ad73584e68382877eba4fae1af839baca07f3adc4c9796e07dc69e90bd5efe3a84d3ca40fa8209c2bc9c9303ff2c7979a9508d925c021cea6c7f1483b5c5b00232c292f302fad79aa5fa4820b04a5aed1f9be4cbf4430bd2b6b559133979e5239f514e87559950808fd098792c0b1bd0b9cb94463b22be92962692dca35a8bd0fe0edc28e7e759d2d753177fc29860d419a29fd89c0a2c11e957483f9c13637e2f66e96bf3454b943b7dd368b71243ef58b0b3d469cdf5572a990a5c998c5796b80031f56bc98f5bf70a717cc5ff4febbfc32b29543548d8862f1ab57fbdbeda2a9901593c0d92d4eca205312c18ce649ed5a3263b66d8ca52734a16035daaa182c24e9ae2851e8dd153d2fe34978e8df50402f133190ada04cfaaac56ca6fa20771a195c76a84651ca4aa9c7c4eb16007ef1e965055ab6cb08a02db6c1a82f8c695ec370095c0afd535ed8abf17ff514451055854a99de69863f393e1679ddf5326e1f4de42220df3839ee71c8fab2c3faee9af0f5e9ee5a3c4c146ae7d36536064a11644a9a195290f3d75f64652050ca8a1ef17eed6f5077a651af1ce5304f2e6fa781a83df2a7c4f5e1c8337d35f93633d684803b7bec4fea60e1f9925580f9199f40f307bfd84de2d51f1df191eeb52a48ed4a19c4f524cc26f7043bbabb1c43c4f20d950e218dbcf09a8bda0e1ca1759466938dd764c85c3d8de92b3534ff5c492d024e6ca87952243fe8b6379ba189032926685afcd3839a4423ba19cb0c5488982ce7cad134c60bc329f855ba4be63475ade6110d6db66613c3c7647e76e3949f8e5299738014743523662fd6b1626bcc0cffdb3b757ddcbeefa2facc49da06d907d21888b9344a3167d143e5f8e022d8c75229fd491145c451ac92f000aeee43219215a8136c7c17327f6e0a3eef7fe1861930d143d92f33aa74984c89f9ba3e9ee887bef4f9b16654cbc739fd6b2eebb255596dfd6639896685b72b0e1ea92019884468f5c78d21a3a69df24a3d8d517cec2122417bad0ac7db0182cc87b8b752e7474a36acb8508d118d44d509cd8594dea3a3a611a6c1c0b3bcf48b4834d8bb5cd18f420ed7aea21810c0303ca2d5fc67b116491f1bbd055221c79ec0dfcfc22c17cba3eb4fea49127615fdcef9cbecba603dd2e01e07af17ab0f4a6179f54edb34db2dc0c937a0aa1151c8a9474afd1af7c0a83174aa1fdd8e4bfb9b10841df5ccf068a5612627c8724b1c68fd3879a57265836409a6d851f1baf0023ca", 0x2000, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x78, 0xfffffffffffffff5, 0x401, {0x88, 0x0, 0x0, {0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x5, 0xffffffffffffffff, 0x0, 0xffffffff, 0x9}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r7, &(0x7f0000004200)={0x50, 0x0, r8, {0x7, 0x21, 0x0, 0x50339398, 0x2, 0x6, 0x0, 0x0, 0x0, 0x0, 0x40}}, 0x50)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2(&(0x7f00000000c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x80800)
write$P9_RGETLOCK(r10, &(0x7f00000000c0)=ANY=[], 0xffffff6a)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
tee(r9, r11, 0xfffffffffffffc01, 0x0)
tee(r9, r11, 0x60000000000, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)

9.937909311s ago: executing program 0 (id=1224):
mmap$IORING_OFF_SQ_RING(&(0x7f0000a51000/0x3000)=nil, 0x3000, 0x2000006, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffd)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
io_setup(0x4, &(0x7f0000000000)=<r0=>0x0)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r1, 0x10d, 0xe0, &(0x7f0000000240), &(0x7f00000003c0)=0x4)
r2 = syz_open_dev$vcsn(&(0x7f0000000080), 0x2, 0x10000)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge0\x00'})
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x4004810}, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0)
write$uinput_user_dev(r4, 0x0, 0x0)
ioctl$UI_SET_SWBIT(r4, 0x4004556d, 0x0)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x5)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000000c0)={'syz0\x00', {0xfff7, 0xc, 0x100, 0x81}, 0x1d, [0x7b, 0xb7e2, 0x3, 0x9, 0x100, 0x3, 0x1, 0x7, 0x9, 0x2, 0x7, 0xa, 0x3, 0x0, 0x7f, 0xd, 0x7fff, 0x6, 0x6, 0x5, 0x6, 0x6, 0x7, 0x6, 0xff, 0x2, 0xfffff5ee, 0x401, 0x0, 0xfc75, 0x8, 0x9, 0x4, 0x2, 0xffffffff, 0x81, 0xfffff765, 0x2, 0x3, 0xfffffff9, 0xa, 0x2, 0x5, 0x0, 0x3ff, 0x6, 0x7, 0x4c, 0xfffffffd, 0x80, 0x8, 0x8, 0x9, 0x7, 0x8000101, 0xc3c, 0x1733, 0x7fff, 0x7ffc, 0x1, 0x6, 0x5, 0x1, 0x4], [0x8, 0x3, 0x8, 0x8, 0x0, 0x8, 0x4, 0x0, 0x25, 0x10, 0x6, 0x7, 0x8, 0xe62, 0xffffff73, 0x1000, 0x6, 0x13e5, 0x3, 0x3, 0x1000, 0x7, 0x1, 0x3b40, 0x4, 0x1000, 0x5, 0x7fff, 0x8, 0x5a, 0xffff2503, 0x7fffffff, 0x6995, 0x1, 0x80000000, 0x8, 0xdaa, 0x5, 0x2, 0x76c4, 0xfffffffd, 0x5, 0x4, 0x10000, 0xd, 0x2, 0x9, 0x10, 0x4000e, 0x9, 0x7, 0xa, 0x9, 0x3, 0x8, 0x3, 0x2, 0x3a6, 0x27f8, 0xc0d, 0xfffffffd, 0x9, 0xc, 0xfffffffb], [0xa3, 0x6, 0x6, 0x9, 0x1000, 0x0, 0x80000000, 0x5, 0x7f, 0xa, 0x100, 0x1000, 0xf1, 0x6, 0xc, 0x10000, 0x72, 0xc, 0x633, 0xd, 0x7, 0x6, 0x80000000, 0x6, 0x0, 0x7, 0x8, 0x2ef3adcb, 0x10, 0x2, 0x8, 0x8, 0x74, 0x4, 0x7, 0x7ff, 0xfffffff2, 0x63, 0x7, 0x2, 0x3, 0x3, 0x20a7fd9e, 0xfffffffd, 0x2, 0xa1, 0x0, 0x9d, 0x7, 0xa8a, 0x2, 0x6, 0x77, 0x8, 0x1ff, 0x7, 0x7, 0x2, 0x0, 0x2, 0x8, 0x2, 0x3, 0x5], [0x4, 0x4, 0x5, 0x8000, 0x493e, 0x3, 0x35ff4447, 0x7, 0x5, 0x4, 0x7fff, 0x5, 0x5, 0x3ff, 0xb88f, 0xffff0000, 0x9, 0xf7df, 0x2, 0x10, 0x8, 0x2, 0xff, 0x6, 0x4, 0x4, 0x0, 0x0, 0x7, 0x4e6, 0x8, 0x6, 0x5ef, 0x8000, 0xc, 0x4, 0x401, 0x1, 0x5, 0x0, 0x9a8, 0x99f, 0x231, 0x3ff, 0x8, 0x1, 0xffff0001, 0x1, 0x1, 0x10, 0x8, 0x5396, 0x6161, 0x9, 0x101, 0x1ff, 0x8, 0x431, 0x6, 0x5, 0x4, 0x7b, 0x7fc, 0x9]}, 0x45c)
io_submit(r0, 0x3, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2, 0xfff, r1, &(0x7f0000000040), 0x0, 0x3, 0x0, 0x1, r2}, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x1, 0x3, 0xffffffffffffffff, &(0x7f0000000100)="630d9e9e17d83e", 0x7, 0xef3d, 0x0, 0x3}, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x4, r3, &(0x7f00000011c0)="0a9ed3a0c8cb752321b0d3cc324b52423b93d2c93f652a31cf59291034eee4ed83dc350c601eb0dfcdbc", 0x2a, 0x7f}])
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

9.42477028s ago: executing program 4 (id=1225):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000003a000900d80500000000000001000000040000000c0001"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=")
setxattr$security_ima(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000000), &(0x7f0000000200)=@v2={0x3, 0x1, 0x9, 0xfffff25d, 0x85, "2cd08a362cda144815e6e97d46b7239600b5b9ee52e2ce5255210869392ebd7fe4f45a299b5fd845ac4f3fc5e0043db4199b6e19ea92fb293b1a7ca690a6b62255eb779caf2d41813413100ce44411ea022c8191e8534985f1f6cc437e92d7abfcc69a3b9dd4c93b8f739124b020da0445d34df6a2e32e9c9593135fb5205d4d59ed9d2179"}, 0x8e, 0x3)

9.347931592s ago: executing program 1 (id=1226):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000140)={0x0, 0x9, 0x4, {0xb, @pix_mp={0xb, 0x5, 0x36314d4e, 0x6, 0x8, [{0x4, 0x100}, {0x9, 0xfffffff7}, {0x3, 0x3}, {0xffffffb8, 0x80000000}, {0x1ac, 0x6}, {0x6, 0x7fff}, {0x2, 0x9}, {0x10, 0x7fffffff}], 0x0, 0x99, 0x6, 0x1, 0x6}}, 0x1})
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000040)=<r1=>0x0)
capget(&(0x7f0000000080)={0x20071026, r1}, &(0x7f00000000c0)={0xa, 0x2, 0x4001, 0x100, 0x5, 0x1})
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$sock_inet6_udp_SIOCINQ(r2, 0x40603d07, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r3, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000)

8.446671558s ago: executing program 9 (id=1227):
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r1, &(0x7f0000002840), 0x0, 0x20044000)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$sndctrl(&(0x7f0000000140), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[], 0xec}}, 0x0)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r3, @ANYBLOB="010000000000fbdbdf250100000008000200000000000500050000000000080003000100000048000180050002002000000006000100020000000800060003000000080003"], 0x84}}, 0x20000000)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, 0x0, 0x800)

7.72419659s ago: executing program 1 (id=1228):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xe8381, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000d40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)}], 0x1}}], 0x1, 0x1405c891)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = dup(r2)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000)=@arm64={0x9, 0xfc, 0x2, '\x00', 0x8001})
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000002c0)=0x10000)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7.308176085s ago: executing program 2 (id=1229):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_mmap}], [], 0x6b}})
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
write$UHID_INPUT(r3, 0x0, 0x0)

6.423170418s ago: executing program 4 (id=1230):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x1000004, &(0x7f0000000300)=ANY=[], 0x6, 0x2cc, &(0x7f0000000580)="$eJzs3b+LI1UcAPDv5MckKpoUViI4oIXVcXutTRa5A3ErjxRqoYd3B5IE4RYWTsW4la2NhYV/gSD4h9jYWgm2gp0rLIzMZGaTrDGbSOIq9/k0+/bN9zvv+x6P2d2BfXn/xcnofhYPTz/9ObrdJBqDGMRZEv1oRO3zWDL4MgCA/7OzPI/f8plt8pKI6O6vLABgj+qf/831Yc9dtL7ff00AwH7dffudNw+Pjm6/lWXduDP54mRY/GVffJ1dP3wYH8Y4HsTN6MV5RPmioB3l24KieSfP82krK/Tjlcn0ZFhkTt77obr/4a8RZf5B9KJfdl28bSjz3zi6fZDNLORPizqersYfFPm3ohfPXyQv5d9akR/DNF59eaH+G9GLHz+Ij2Ic98si5vmfHWTZ6/lXv3/yblFekZ9MT4adMm7uql+RAAAAAAAAAAAAAAAAAAAAAABgczeqs3M6UZ7fU3RV5+80z4tv2pHV+svn88zyk/pGi+cD5Xk+zeOb+nydm1mW5VXgPL8VL7SidT2zBgAAAAAAAAAAAAAAAAAAgP+W48cfj+6Nxw8e7aRRnwbQiog/7kb80/sMFnpeivXBnXLETjFWoxp+Oaa12BPNOiaJWFtGMYkdLcuskSQrL7VX1Vw1vv1u27G6V8e0l8Z6qlqPXc50VO+u0b1k9Rp2ou7pVpvk6zRiHpNuUs9Pzx4/Tv8uJo9ttl+68lJv67mnz5SN6ZqYSNYV9tovs5WrepLLs0jLVV29karGQvqlvbHRfo7uLP2vz4pkflpHc9fPIQAAAAAAAAAAAAAAAAAAYPH//1dcPF2b2sg7eysLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5V88//36IxrZI3CE7j0fE1TxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAnwJ8BAAD//5pWUyw=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
write$binfmt_script(r0, &(0x7f0000000280), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r0, 0x0)

6.215105957s ago: executing program 0 (id=1231):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf2, 0x30, 0x39, 0x20, 0x2c42, 0x1202, 0x8540, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xc, 0x2, 0x2, 0xc1, 0x7f, 0xc, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000180)={0x40, 0x12}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)

6.034523606s ago: executing program 9 (id=1232):
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000540)={0x24, &(0x7f0000000300)={0x20, 0x1, 0x2, {0x2, 0x21}}, &(0x7f0000000400)={0x0, 0x3, 0x90, @string={0x90, 0x3, "dc906b6b4c7c4b017fb0d1f52f591a2791e5d9ce9e6fc28d9e6b17e9ab2e5e0fd3468bf7e2c7f9f09d6bb9565d403a6f451f0359f26a52f18501f988bb840f7ec079da62552f73b0e7007dd6833e8ef258af7270090020c50fb905340e96302d31ec235fdaf08ea1ff585f8cdfd624a91af0121d9b1bda050deceac867409fa50a3e4a8fe29f0ba9e49782b2e2f1"}}, 0x0, &(0x7f0000000500)={0x0, 0x21, 0x9, {0x9, 0x21, 0x30, 0x2, 0x1, {0x22, 0xb67}}}}, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f0000000080), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x4, 0x804, 0x7, 0xf, 0x120000, 0xff, 0x0, 0x8, 0x8000000000000001, 0x2, 0x0, 0x101, 0x6, 0x1], 0x8000000, 0x141200})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x10, 0x2, 0xb6, '\x00', 0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5.900363833s ago: executing program 1 (id=1233):
socket(0x10, 0x3, 0x0) (async)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f00000001c0)={0x5813}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000080)=@ipv6_getaddrlabel={0x24, 0x1e, 0x492dfc465ae32a8d, 0x0, 0x0, {}, [@IFAL_LABEL={0x8}]}, 0x24}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000080)=@ipv6_getaddrlabel={0x24, 0x1e, 0x492dfc465ae32a8d, 0x0, 0x0, {}, [@IFAL_LABEL={0x8}]}, 0x24}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_emit_vhci(&(0x7f0000000e40)=ANY=[@ANYBLOB="04040a00"], 0xd) (async)
syz_emit_vhci(&(0x7f0000000e40)=ANY=[@ANYBLOB="04040a00"], 0xd)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x800008, 0x20000008b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x800008, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x800000, &(0x7f00000003c0)=ANY=[], 0xff, 0x5978, &(0x7f0000002080)="$eJzs3X+QHNV9IPDXM7Pa0a5WWgkIMpjVIlBCILZW/Cpsp2Ill9gpIJRcpBzEyQaBVkS2JFSSCEiQIHLggwN8OOVUguM/sAtThy27qIKzkSkwP07ibAzF2UddYerMHfYfvsIcKgM6yuXzpnan3+xs7/T27MyskODzKWl73pue7/t295uZfm96dwIAAADvCQdu2XHoohP+7Ad/P/rWjX/+3S03hf7yRH01rjCYLq97pzLkcOqtLJ1YZvvF713/9Z8PX/kn33+g72tv799w8saf/OkxVz7ymfP33f0vT7w58NBvXymKG/vT6ZPl5LUkhOqjB//xc/ufOX68LgkhlJPBPSEsTpY8sTjJhBj+dQhhQ1pYmrnzwbfO2ji+vOn23in1izLr6e/vbdW0n+0+dO0Z4ad/vPbmZ5d965s9e1/dM7lKUm3oTyEsvLzx8T0hhPnp/3Gxt8X+GDvtmhBCX8PjzivI65QW81+ZUz4xXc5Ll/0FceL9yzPlUma9bDnqySz7CtrrVF4e7a5XZEGmnH0x6lRenrF+cbr8Tro8fZbxy/F/EkpJqNTT35xM9pHQcNySkEwcy2q9XKof25Buf6acZMqlTLnck9muiXbTjlZOkqn1cb1MfXw5rqT1Jze+VjdxcU79+9JlNX2ivh3LIXujpn/ajfp2TYh5HZwhl8Oh1PAa1Ky+fuDTg9Gf1vUnS6Y9ZqyJeN/+tXesKK978sBgTh7JA0kaP2kr/u4fLl7w6W/cdk32fb0e//JSGr+UiZ+0FP/lC557/dLbvvql3Ph3xfjltvI/87G+1y546pblufvnYNw/lVbil0Mm/vpXnr5z2bFX7M3N/54Yv9pW/qv3Pdc7cOixx3PzH4n7Z35b8V/6yMd+dv8LD7+aGz/E+H1txV+3b9vne4cOnZYb//G4f/rbiv/yG3vPfXFo6BfDjQ84bWAy/vMx/kBb8e/bc/eH7110+/m5x3dN3D+DbcW/8NRHbl5w6OGT8l47k3u69c4J8N50THqOdWtabnec2amG8cI/D1dqZ0kL0v8D3Wwoc/I53s7CbsYHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgBDCcWf814//708OvlZJy73pjZdKtWWsnxdCMj+EsGPn+u07N229avgzV1+zfev89N6d23cNn/0Hw9tHt21ev2v83pEPnFW7Z0lIasvkpGlt946NjZUGp9bF9v7NqXt/uuK8//PLEEaO+/FQJTf/lXdvuffYJj8zktVjH91yzUU/Pucr6XYNpnkNNslrbGxsLOTk9X8v+c29/3Dw56eFMPI7M+X19Et/9L0pCU1UTMZJlXpDLaHepK9pHvWsB0PoGX9Amldl46bNoyMz79/xx5dztuPfXv/qrzde94Xf1PZvNXc7Wty/81ePbS7909oL//8/3VCrKMrrnTruRfs7bkXML+6/arq/F6bbtTBnuyo523XLs4+/8OgJt725J4xU3lg2ve2i7epJO2RP8r6W2o0t9CWLp9RX0/XjEY+PW7lzy7aVO3bt/sCmLeuvGr1qdOuHVp296tyRc849Z+XElq/s8vbH9n+3xe0/PP1p0d/s+U782Vp/KsqraH+M51W8Pxozynv+9V38uS9+6O6nLqpVFPXzuHb99SRd9o0f51Whob9N31fNtqtoP4QQhpvth9ffPD8c/z823Vz0OtR4ZBp/ZiSrx55Z/quvnPflpX9Yqzgsr/ONCbX5Ol/PejKfif1VTY/H2BG6f3tDOd2u/qZ5rXrmqZ47Dvzyb+v5zZsXrlu/c+f2VbWfC9JMFyQnNs0rWxu3a9nEz3JId0uod9Mm/XVcT6jll339jKtn92p/el9/sqTpdmXF+/avvWNFed2TB/L2dPIfai3ODwO1ZfL+nDU3Zx5YrifcrP0j9flX1D+GPv7lhz750LfPntY/zqz9LNquJGe7vvXCfV/82hf+/be7t10f/6PnBn/1P/96Ra3iaHldqWed5pM0vq6cGULR829ZaL4duc+/UvPtKXr+ZduZXL95vOFMuT+U23q+nvlY32sXPHXL8tzn68FWn683TCmVC56vR0r/yT6/ksrUPObu+TWloySrx75/6zF7nrhxzQm1iqJ+XV+7Wb8+q4XxR852fe/SF4euHv53/717rxtf/4MHL/vJ+tV/V6uYetznT8sr/7jHXLpz3Kvp/q3m7N961mk+pcb9+8Err968oVZ/5J7/psuC8U98Kdmxa/dn12/ePLp9R2vb1er7aWwnu5fbfT+Nr25LCrarNG27euONXd2+0cr+avX5FvPf0Pb+mvp86w9JW+8Lu3+4eMGnv3HbNYPTHpU2dHkpjV9qK/7LFzz3+qW3ffVLufHvivErbcVf/8rTdy479oq9ufHvSdL41bbir973XO/Aoccez40/EvOf31b8lz7ysZ/d/8LDr+bGDzF+f3v7/4295744NPSL3PjPJ2k74+dIITz41lkba+VkYh6u2pBHz5S8QracZMqlTLncWC7V5lrrDZSTZGp9XC+tP7khl2b+Kqc+noVVl9aWb8dyyN6Yuf5IU2p47W9WX3SeCgDwbhc//4/noPHz/9H0RCl/pgEmdToOW5oTN47DJudz5k25f2kaPz4+zgMOfTCMjC9vGq6d6M/2c4T4fMjOc8Z2Tjtlaox25zmL5t+XZ8oxr9p8eaVhHJqaPq6phBbm36e3M/P8e2bzi+fHh2+dltZww7xV9vj1pDNmza53yORbGY+Q1z+y82Lxeo6hhWHNRHst9o/sdTTxOGSvo4ntnJB54Wz3OppO+0dMe4b+MZFy8ecb049fmGH/Th6/5tGyx28Wx7s6vv6cfT77QJwX63jesOlL2uGbN5zbz8PMS+bET59gczxvOH6zo3nDWB+3o9LifOInc+prz9o99XJb84nlyZsxr4Mz5HI4mE8E3q3i+D++R4yP/8dPwP9fZr2i89DsWWOMl3udULl5PkXjjunX6fW19T6+bt+2z/cOHTot9zzn8Vav+9k2pdRXcN1P0X5ckSkX7secCZqi8V62naL9nr0uoz8MtLXf79tz94fvXXT7+bn7fU3tjbR4v39xSmmgYL8fBeOF5vGNF94T44W5nj97x65jSC98mqvxyF/m1M/2+oa+aTfq2zXhqBuP9BzevACAo0cc/9c/P0vH//8rrpCeRxSNW0/PlGO83HFrzvlJ3rj1L9LldZn1+9PfqJjtefOFpz5y84JDD5/U9NyyMj6uaHUc+p+mlAYLx6GdjZtzxxFrunO9eO44oj7O6mycmJt/fZzY2Tg9N359nN7ZODp3/9TH0Z3NA+TGr88DHO3j3IL5ukxjsdjqfN27dhyd/vrsXI2jL86pn+04un/ajfp2TTCOBgB4Z8XxfzyNi+P/pzLrdfo5e+64oEvn7dm/B1KP//zhGlfO9bhvrsetcz2un+t5iaN9XDzX80KzmierDy1nnCcLk/Nk7/lxcdqocTEAAEeyOP6Pf4kwf/zf2fik2fitZ8r4xPi8aXzj8yNkfH60z3/NwXUyxv8+FwcA4KgSx//x1x7j3//7L2k5+3frjdNz4hunG6fP1H9aHqd3f54ttH8dgHmAVEfzAA1f82IeAACAd0LPxEhp+u/ZfypdZn/PPu/38i/NWb9VlfT0+Iqd20dHL7tm24b1O0cv23r1htEdl127fdPOnaNba+t1Om7MHbek48aeUEn3R/P1suO2RenfQ1iU8/cQsuvHsCdO3Jj+9xCyzc4v+DsCk8evtXzzjl9phvWb9Y+8450X/69y1o/qx//Kvz7zso07Ltu0ddPOTes3b9o9OnW98VFr3yy+LzXulll9X2rmxzSl2X/vb3fyKE3LoyfdH3nfz55k8licZrI47/sPcvL+wX/7h785dew394cwclz5/R3tv2T12H++ZPQvdh748bbx/Esz5l9fM82r6PtKs+vH7alsvnrHzjM2Xn3N1uw3SrYnzmeU6uU5ms9In/7lFucn1uXUz/Y6hfK0G0emlucnAACYIn7+H89n4+eHX0hPoGJ96+P0zj4/zh2nj7Q2Ts9+L1nROD27ftzeVsfp1Q7H6dn2i8bpzdZvNk7PG3fnxf/LnPVnq/V+0tl1Hrn95PLW+kn2+wyK+kl2/eb9pJTbT5IO+0m2/aJ+0mz9Zv0k77jnxf9Ezvp5Wu8PnV2Xk9sf7mqtP/x+plzUH7Lrz/Z1o9Rhf8i2X9Qfmq3frD/kHd+8+BflrN+qqf1jvGNM9IvRy669evtnG9ab6++/6Dy/uf3+j3a1nv/cXvc19/nP7XVlc59/Z9eV5eb/fGczYa3nP7ff79KuwzZfm15sVnT9WdE87tqc+tnO486bduPIZB4X3jlx/B8/7onj/9vTZbc/Bjr6vyfN95g1jd+l7zErOo/xfp4um71pHgG8nwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0preydGJ54JYdhy464c9+8Pejb93459/dctPvXf/1nw9f+Sfff6Dva2/v33Dyxp/86TFXPvKZ8/fd/S9PvDnw0G9fKQw8OPGzcnparIaQvJaEUH304D9+bv8zx4/XJSGEcjK4J4TFyZInFieZCCO/DiFsqOc59c4H3zpr4/jyptt7p9QvygTJblfoL8d8QpLU8wzhulb2FkebatrPdh+69ozw0z9ee/Ozy771zZ69r+6ZXCWpNvSnEBZe3vj4nhDC/PT/uNjblsYHp8s1IYS+hsedV5DXKfVbvTOutzKnfGK6nJcu+wvai/cvz5RLmfWy5agns+wraK9TeXm0u16RBZly9sWoptJ2/Lw8Y/3idPmddHn6LOOX4/8klJJQqae/OZnsI6HhuCUhmTiW1Xq5VD+2Id3+TDnJlEuZcrkns10T7aYdrZwkU+vjepn6+HJcSetPnsixnLvdF+fUvy9dVtMn6tuxHLI3avqn3ahv14SY18HcTA6PUs4rRqyvH/j0YPSndf3JkmmPGWsi3rd/7R0ryuuePDCYk0fyQJLGT9qKv/uHixd8+hu3XbM0L/7lpTR+qa34L1/w3OuX3vbVL+XGvyvGL7cV/8zH+l674Klblufun4Nx/1Tair/+lafvXHbsFXtz87+nFv+FUG0r/up9z/UOHHrs8dz8R+L+md9W/Jc+8rGf3f/Cw6/mxg8xfl9b8dft2/b53qFDp+XGfzzu//72+s8be899cWjoF8N58Z+P8Qfain/fnrs/fO+i28/PPb5r4v4ZbCv+hac+cvOCQw+fVG0W/NFnQ3JPt945Ad6bjknPsW5Ny+2OMzvVMF745+FK7ZxvQfp/oJsNZYy3s3AO4wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8O70oxvO/tQlH/3E2koSQpKzzlgT8b7yvNWrh9tod/0rT9+57Ngr9jbWLW0jDgAAAFAsjsNL9ZpqWBquTeaHE5uuH+cIToylZGp9dg4hxsnOEbQbp9SlOOUuxal0KU5Pl+LM61Kc3i7FqRbEqYbW4syfIU5lvFe0mE/fjPm0Hqe/S3EWdCnOQPtxnlnbEGdhQZw4/1eUz6IubdfgjHFa74eLuxRnSZfiHNM0zon/cbZxju1SPsd1Kc7vtBFnXpM4x3cpn+yc8mz74UC65gl5cSZulAvjVJJy/Y5m8+nHp+2c1GE7/QXtDBS9H7fYzvwW2zkl87jSLNupttjO73bYTtJiO7/fYTulgnZiv70um19sJ5ZmbqcS4+zqLE79ebS7S3Gu71KcG7oU52+7FOfvuhTnxg7jALQqjv8nx3uDobfyh6EvfcXJzgLE8e6yiZ/T3+/yXpBivPdn6ucVxcsO1DPxls02v+wEQibe8kx9z5R4lfp4ZIZ41cZ4KzJ3Fm5vdkIhk9/pmfreonjZiQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmEM/uuHsT13y0U+sDUkY/9fUWBPxvvK81auH22h3/9o7VpTXPXmgsa630kYgAAAAoFAch/fUa6qht7Iq9CbzpqxXTecBqmm5PFhbDi0Ma8aXyXBpotyXLJ7xcZX0cSt3btm2cseu3R/YtGX9VaNXjW790KqzV507cs6556zcuGnz6EjtZwi9BfFCCBPTDzt27f7s+s2bR7fvqFVm81+aPm5pWk7Sxw19MIyML29K819S0F5pWntzd6P46AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/yq7dhch1lg8Af8/M7Mx02/w7f/o1Dc1myEeJWjSJW0m1dA4IFtokZCnITHUtwSZY3DShTSTWsY3Y1gRFaAmESC6MxGJr8aYftoj9IBCp0YAbg7RFe6EXSquVtORCUkayM2d2ZnYmsx1C08bf7+J8PO/zvs95z8XCc2YBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA/WdG18slKeqI5GIUR9cuo9JGPpbByXhqj75ee3/TA3dmpFeyyXGWIhAAAAYKCkDx9pRfIhl0mHdLh65m5JaBsIs30/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwv2e6Nj5ZKU9UL45CiPrk1HtIxtLZOC4NUfeNd578zKtjY39vjxWHWAcAAAAYLOnDU61IPhTD0jASXd2Rl3wbWNg1vzsvWWfRPPO6vx30y1s6z7xr55n3sQF565vnnQEAAAA++pL+P9OKFEIus6Bv/z+or0/yFnflpUP4zjl7aAAAAOB9Sfr/XCtSDLlM8Uy/PmO+/f6Srrxk/qDf7ZP5y/vMH/R7/rrm2e/0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDRMV0bn6yUJ6rpKISoT069h2QsnY3j0hB1V78w+s9bDz+0pD2WywyxEAAAADBQ0ofPtt75kMuMhpFw8UzfP3bzgae/+PSz4yGERpufzYadG7dvv2d145jkrTp6eOQHR9769py8VY3jedsgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwzkzXxicr5YnqRVEIUZ+ceg/JWDobx6Uh6r7+uS/89fETz73ZHisOsQ4AAAAwWNKHz/b++VAM2ZANV87ctff6Z6S65vf7ZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcOO795n1f3zg1tekeFy5cuGhdnO+/TAAAwLm2OESh/j5dteF8PzUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBhMF0bn6yUJ6r5KISoT069h2QsnY3j0hB14+eP5RaceuGl9lhxiHUAAACAwZI+fLb3z4diGAkj4YqZu17fBGb6/8IH+JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAh8p0bXyyUp6oLohCiPrk1HtIxtLZOC4NUfexXfs/e+jS79/SHstlhlgIAAAAGCjpw7OtSD7kMh8PuXBN836qc0KUbp57fxeYnbetY9rovOfVOual5z1vd9fOMs3dNOblk/UKjXNrXmnuvFLbvGJolS91zAt7O2YtGPCcAQAAAM6jpP/PtSKFkMvk2vrcn3XkF/S5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAf07XxyUp5ohpFIUR9cuo9JGPpbByXhqh73+/+/5Kv/HzPjvZYcYh1AAAAgMGSPny298+HYlgU/i8smun7Q6EzP8n7V+X0oUf//bcVIay88vhYpnvZHycXv3n9phe7DyGkOrNTIVzarBf1qffbPzyaXlY//XgIK69IXzOnXjh7vc4l4/ozlU3rth85vm3AywEAAIALRNL/j7QihZDL3N23/0867wH9f8tMA37pN3b98vLmsdmRd81IFZr1Un3qfX7Zk39ZvuYfb53p/89W71P7txy6vKNgI9IliuvlLTvWH7/+YCrZdaN+uqt+8l6+9K03/7N55yOnG/XzId+ML8xketSfe+xyUVyfSu2rrn1vX62zfqbP/h/6/Usnfr1wz7tn6r+zeLRV/9qz7P/s9Udve3jvDfsPr++sH0Io9ar/9ru3hKv+dNeD3fsf7Vq4/c23H7tEcf3okpMH1xwo3thZP+qqn7z/X5x4bO9PH/nes0n95H9FViydb/1UV/1Xdl+26+UHNizsrJ/qs/8Xb391bGvpu3/s3v+dHatm+j7F3P0/cd1Td7y2Mb6/ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODCMl0bn6yUJ6qpKIQohJDrkVPvIRlLZ+O4NETdN2499vbte37yo8Zdo2px6F0AAAAAZ5P04VErkg/FkA3ZMDrT9z9T2bRu+5Hj20KhMRo1z5mprfdu/8TmrTvuvvM8PTkAAAAwX0n/n2lFCiGXWRZGmv1/ecuO9cevP5hK+v9U0v9vvmtq08rQyntl92W7Xn5gw8LWd4IQZv4tIH8m79OzeTffdKxw8s9fW94zb/Vs3tElJw+uOVC8MckL7XmrQuv7xBPXPXXHaxvj+1vP1573ya9unWp+nkjWHb3t4b037D+8vrWP5nm0uW6SN5XaV1373r5akpdunvPNfQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAc03Xxicr5YlqSIcQ9cmp95CMpbNxXBqi7tplv3rwklPPLWqP5TJDLAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/ZQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgr79RMaR9nHAfx5djdvttmkTdoXrIppWhWlHiwKInpRUZFWpOCpUqTa2oMoCCJKPZhKK5aqeBGsXoqooEYpKNhYLK2Siv+KFw8qKFQPQikGtKF4MJLdZ7abSca1kyqonw8sz/6enfnOb2aenU0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH+Qnva7IzsfnLrtvJs+efyek4/d8t792y959PUfRjbf8PG+vldOTWxZufXrG5dtPnDv2vE9Lx7+ZeCd3451jX6kNaxOZT2EeCKGUH9/8rknJj49Z2YuhhCqcXA0hKG49PBQzCWs+TWEsCUVvbXZH7598sqtM+P23b2z5pfkQvLnFRrVrJ+Wwdn98u9ST+ts29TDl4Vvr9+w4/MVb73ZM3Z89PQmsd6xnkJYvKlz/5lvyKL0mpGttuXZzmlcH0Lo69jv6i59Xfgn+7+8oD4/jf9LY6NLTvb5qlxdyW2XrzM9ubGvy/EWqqiPstt105+r8w+jhSrqM5sfSuO7aVx9hvnV7BVDJYZau/374uk1EjruWwyxeS/r7brS8WvQOv9cHXN1JVdXe3Ln1TxuWmjVGGfPZ9vl5rPHcS3Nr+x8Vs/j9oL5c9NYT1/UU1kd8m9aGnPetM+rKetr8g96+TtUOp5B8823b3y6GY0014hL5+wzPUdtOvtsYsNTF1c3fnBksKCPuC+m/HgG+dPt/G2fDfXf+cauh5YX5W+qpPxKqfzv1h396Y5dL71QmP9sll8tlX/Fwb4T6z7cuarw+kxm16dWKv+uYx89veL/d4/Nd6+b+Xuz/Hqp/OvGj/YOTB08VNj/muz6LCqV/821N3//2pf7jxfmhyy/r1T+xvEHnukdnrq0MP9Q66vQaK7QEuvn57Grvhoe/nGkKP+L7PoPzJMfu+a/OrrnmpeX7F5buD7XZ9dnsFT/t150YEf/1P4Lip6dce/Z+uUE+G9alv7GejLVZf/PXKiO/xeeH6m1foH602vgbB4oZ+Y4i//CfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4nR04IAEAAAAQ9P91OwIFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4KAAD//8RoLc4=")
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}}}, 0x14)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff) (async)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) (async)
r1 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
ioctl$IOCTL_GET_NCIDEV_IDX(r1, 0x0, &(0x7f00000000c0))
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x200000, &(0x7f0000000380)={[{}, {@dir_umask={'dir_umask', 0x3d, 0x7}}, {@iocharset={'iocharset', 0x3d, 'macturkish'}}, {@codepage={'codepage', 0x3d, 'koi8-ru'}}, {}, {@uid}, {@file_umask={'file_umask', 0x3d, 0x2b4}}, {@creator={'creator', 0x3d, "8c10b081"}}]}, 0x2, 0x36b, &(0x7f0000000d80)="$eJzs3c1O1EAAB/D/tPspBCtgMN5ETTyRBQ8aY6Ix3HwBD4aIUBJCxQQwUaIBPXgyxpuJiUdvno2+gl6ML6AnDsSTXggx1Mx0uu2Wme4uHwXC/5ewdNv5nnY6g+4WRHRs3Rr/+eHymvwRZQAugGuAA6AGlACcxlDt0fzS7FLgT+cl5KoY8kcgiim2hZma901RZTwVQ/PkuxJ60/tof4RhGP5qG+pPIWWhgyOia38bB6jqq1MdrxVesh1Z7SBAtZiiHCKpHhYb2DD3OBERHSf6/u/ou0Svnr87DnBRz8OP0v0/ll5BtNztNoCnJ4svz6Gh7v+Pk94MhWwf1SIiWe+pJZxsQydeJZrSUqmUMzvDpLkriM6slg4QhlVly4xMlcWpz8wG/siqSuAFbmipYIPqdTo6dWO20laiX8OGtWmOvLrn61F1KMs6lC3lH+g6xy/reGvObuJbpX2ZxFfxXUwID+8wjT69sxQK2TgqugfU9e64TWcDv2FPUdXSU7VstNQyufpOqUzOxj3w+WNSy7qtXWtwZVlMZCoiO3/XJQDeWFpB7e5vHRR074zaa6diDRhjjTXfbxpjDWZj1WfKgT8y9TCITvpwxZ7tXjDO78VrcUcM4zc+YbzZ/7KrXTnUW67M7MgvVMioFRrN+piUVEhLP7ZQJ9uDrq5Mwua/MKLfZ8dhMw+vcB9X0bf4ZHluMgj8hcI25GhhPBRfKgWXx7YRnYj6dJR75O9UGNTkhmzuPct0KwxD46GSucXiDaejLCpxUW1ljk6dK++bVVbDrP5Tyu4qiNWoDVOHbtoDJ8OmqrvWZaYq+kozlrxbdBP9b5S77HdjGJGUcKGyvydknNVkEJxpdpyLakdXSn0Hmd5+NjcZ7HhEoiNk8eU5PeZg6O769YMuDhVPzrtEtP5LrVcaatSRL17OaiRsl3gqxVHLCqhfvZ5IVhtC//0+Z83VY1/B9cQbgT+Wt+Y6fwm4kNopc3MQ5/g8m6yHeLJ+CP9VsmoqVj27Yzm1LcbxA/dS838iIiIiIiIiIiIiIiIiIiIiIiIiIjoSkv/07+3y4wRb+nNI5k9iJNaO4RdvEBERERERERERERERERERERERERERERHtTur5v4CrnhhT2fPn/8Zf7N3p83/dDp7/K9o+4pOI2vgfAAD//xhyY3Q=") (async)
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x200000, &(0x7f0000000380)={[{}, {@dir_umask={'dir_umask', 0x3d, 0x7}}, {@iocharset={'iocharset', 0x3d, 'macturkish'}}, {@codepage={'codepage', 0x3d, 'koi8-ru'}}, {}, {@uid}, {@file_umask={'file_umask', 0x3d, 0x2b4}}, {@creator={'creator', 0x3d, "8c10b081"}}]}, 0x2, 0x36b, &(0x7f0000000d80)="$eJzs3c1O1EAAB/D/tPspBCtgMN5ETTyRBQ8aY6Ix3HwBD4aIUBJCxQQwUaIBPXgyxpuJiUdvno2+gl6ML6AnDsSTXggx1Mx0uu2Wme4uHwXC/5ewdNv5nnY6g+4WRHRs3Rr/+eHymvwRZQAugGuAA6AGlACcxlDt0fzS7FLgT+cl5KoY8kcgiim2hZma901RZTwVQ/PkuxJ60/tof4RhGP5qG+pPIWWhgyOia38bB6jqq1MdrxVesh1Z7SBAtZiiHCKpHhYb2DD3OBERHSf6/u/ou0Svnr87DnBRz8OP0v0/ll5BtNztNoCnJ4svz6Gh7v+Pk94MhWwf1SIiWe+pJZxsQydeJZrSUqmUMzvDpLkriM6slg4QhlVly4xMlcWpz8wG/siqSuAFbmipYIPqdTo6dWO20laiX8OGtWmOvLrn61F1KMs6lC3lH+g6xy/reGvObuJbpX2ZxFfxXUwID+8wjT69sxQK2TgqugfU9e64TWcDv2FPUdXSU7VstNQyufpOqUzOxj3w+WNSy7qtXWtwZVlMZCoiO3/XJQDeWFpB7e5vHRR074zaa6diDRhjjTXfbxpjDWZj1WfKgT8y9TCITvpwxZ7tXjDO78VrcUcM4zc+YbzZ/7KrXTnUW67M7MgvVMioFRrN+piUVEhLP7ZQJ9uDrq5Mwua/MKLfZ8dhMw+vcB9X0bf4ZHluMgj8hcI25GhhPBRfKgWXx7YRnYj6dJR75O9UGNTkhmzuPct0KwxD46GSucXiDaejLCpxUW1ljk6dK++bVVbDrP5Tyu4qiNWoDVOHbtoDJ8OmqrvWZaYq+kozlrxbdBP9b5S77HdjGJGUcKGyvydknNVkEJxpdpyLakdXSn0Hmd5+NjcZ7HhEoiNk8eU5PeZg6O769YMuDhVPzrtEtP5LrVcaatSRL17OaiRsl3gqxVHLCqhfvZ5IVhtC//0+Z83VY1/B9cQbgT+Wt+Y6fwm4kNopc3MQ5/g8m6yHeLJ+CP9VsmoqVj27Yzm1LcbxA/dS838iIiIiIiIiIiIiIiIiIiIiIiIiIjoSkv/07+3y4wRb+nNI5k9iJNaO4RdvEBERERERERERERERERERERERERERERHtTur5v4CrnhhT2fPn/8Zf7N3p83/dDp7/K9o+4pOI2vgfAAD//xhyY3Q=")
syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x2200050, &(0x7f0000000000)=ANY=[], 0x1, 0x1516, &(0x7f0000003140)="$eJzs3Am4T+X2OPC13vfdHDJ8k8x7vWvzTYaXJMmQJEOSJCGZE5IkSZLEIVMSkpDxJJlD5nTSMc9D5qSTK0mSkJDk/T+n4e823H/33l/3r9896/M8+znv2nu/a6991vmePTzPOV90HVa9UY0q9ZkZ/h365wH++CURABIAYCAAZAeAAADK5CiTI217Jo2J/9ZBxH9IgxmXuwJxOUn/0zfpf/om/U/fpP/pm/Q/fZP+p2/S//RN+i9EujYr75WypN9F3v//L6f+J5Pl+v/fB/G3q/7RvtL//zb6X9pb+p9uZPi9ldL/9OL3LwHS//RN+p+eBZe7AHGZyec/fZP+C5Gu/envlDecu9zvtGX5FxYhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOL/g3P+EgMAP48vd11CCCGEEEIIIYT48/i3LncFQgghhBBCCCGE+M9DUKDBQAAZICMkQCbIDFdAFsgK2SA7xOBKyAFXQU64GnJBbsgDeSEf5IcCEAKBBYYICkIhiMM1UBiuhSJQFIpBcXBQAkrCdVAKrofScAOUgRuhLNwE5aA8VICKcDNUglugMtwKVeA2qArVoDrUgNuhJtwBteBOqA13QR24G+rCPVAP7oX60AAawn3QCO6HxtAEmkIzaA4toOUfzE/K/nvzn4Ee8Cz0hF6QCL2hDzwHfaEf9IcBMBCeh0HwAgyGF2EIDIVh8BIMh5dhBLwCI2EUjIZXYQyMhXEwHibAREiC12ASvA6T4Y37s8JUmAbTYQbMhFnwJsyGOTAX3oJ5MB8WQFKmRbAYlsDbsBTegWR4F5bBe5ACy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW2Abvw3bYATthF+yGPbAXPoB98CHsh48gFT/+F+ef/eV86IaAgAoVGjSYATNgAiZgZsyMWTALZsNsGMMY5sAcmBNzYi7MhXkwD+bDfFgACyAhISNjQSyIcYxjYSyMRbAIFsNi6NBhSSyJpfB6LI2lsQyWwbJYFstheSyPFbEiVsJKWBkrYxWsglWxKlbH6ng73o53YC2shbWxNtbBOlgX62I9rIf1sT42xIbYCBthY2yMTbEpNsfm2BJbYitsha2xNbbFttgO22F7bI8dsAN2xI7YCTthZ+yMXbALdsWu2A2fxqfxGXwGn8VnsRdWVb2xD/bBvtgX++MAHIDP4yB8AV/AF3EIDsVh+BK+hC/jCDyDI3EUjsbRWEmNxXE4HllNxCRMwowwCSfjZJyCU3EqTscZOBNn4SycjXNwDr6F83A+zseFuBAX4xJcgkvxHUzGZFyGZzEFl+MKXImrcDWuwrW4DtfiBtyIG3AzbsatuBXfx/dxB+7AXbgL9+Ae/AA/wA/xQxyCqZiKB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5wDgPJ7HC3gBL+LFtA+/SmOUURlUBpWgElRmlVllUVlUNpVNxVRM5VA5VE6VU+VSuVQelUflU/lUAVVAkSLFKlIFVUEVV3FVWBVWRVQRVUwVU045VVKVVKVUKVValVZl1I2qrLpJlVPlVRtXUVVUlVRbV1ndqqqoKqqqqqaqqxqqhqqpaqpaqpaqrWqrOqqOqqvuUfVUb+yPDVRaZxqpodhYDcOmqplqrlqol/EB1UqNwNaqjWqrHlKjcCS2V61cB/Wo6qjGYSf1uBqPT6guaiJ2VU+pbupp1V09o3qo1q6n6qWmYG/VR03Hvqqf6q8GqNlYTaV1rLp6UQ1RQ9Uw9ZJajC+rEeoVNVKNUqPVq2qMGqvGqfFqgpqoktRrapJ6XU1Wb6gpaqqapqarGWqmmqXeVLPVHDVXvaXmqflqgVqoFqnFaol6Wy1V76hk9a5apt5TKWq5WqFWqlVqtVqj1qp1ar3aoDaqTWqz2qK2qm3qfbVd7VA71S61W+1Re9UHap/6UO1XH6lU9bE6oP6mDqpP1CH1qTqsPlNH1OfqqPpCHVNfquPqK3VCnVSn1NfqtPpGnVFn1Tn1rTqvvlMX1PfqovIKNGqltTY60Bl0Rp2gM+nM+gqdRWfV2XR2HdNX6hz6Kp1TX61z6dw6j8mr8+n8uoAONWmrWUe6oC6k4/oaXVhfq4voorqYLq6dLqFL6ut0KX29Lq1v0GX0jbqsvkmX0+V1BQ/6Zl1J36Ir61t1FX2brqqr6eq6hr5d19R36Fr6Tl1b36Xr6Lt1XX2Prqfv1fV1A91Q36cb6ft1Y91EN9XNdHPdQrfUD+hW+kHdWrfRbfVDup1+WLfXj+gO+lHdUT+mO+nHdWf9hO6in9Rd9VO6m35ad9ff64va6566l07UvXUf/Zzuq/vp/nqAHqif14P0C3qwflEP0UP1MP2SHq5f1iP0K3qkHqVH61f1GD1Wj9Pj9QQ9USfp1/Qk/bqerN/QU/RUPU1P1zP0TN3/p0xz/4n5r//O/ME/HH2r3qbf19v1Dr1T79K79R69V+/V+/Q+vV/v16k6VR/QB/RBfVAf0of0YX1YH9FH9FF9VB/Tx/RxfVyf0Cf1t/prfVp/o8/os/qs/laf1+f1hZ++B2DQKKONMYHJYDKaBJPJZDZXmCwmq8lmspuYudLkMFeZnOZqk8vkNnlMXpPP5DcFTGjIWMMmMgVNIRM315jC5lpTxBQ1xUxx40wJU9Jc9z+e/0f1tTQtTSvTyrQ2rU1b09a0M+1Me9PedDAdTEfT0XQynUxn09l0MV1MV9PVdDPdTHfT3fQwPUxP09MkmkTTxzxn+pp+pr8ZYAaa580gM8gMNoPNEDPEDDPDzHAz3IwwI8xIM9KMNqPNGDPGjDPjzAQzwST57GaSmWQmm8lmiplipg3MbmaYGWaWmWVmm9lmrplr5pl5ZoFZYBaZRWaJWWKWmqUm2SSbZWaZSTHLzXKz0qw0q81qs9asNevNerPRbDSbzWaTYraZbWa72W52mp1mt9lt9pq9Zp/ZZ/ab/SbVpJoD5oA5aA6aQ+aQOWwOmyPmiDlqjppj5pg5bo6bE+aEOWVOmdPmtDljzphz5pw5b86bC+aCuWgupt32BSpQgQlMkCHIECQECUHmIHOQJcgSZAuyBbEgFuQIcgQ5g6uDXEHuIE+QN8gX5A8KBGFAgQ04iIKCQaEgHlwTFA6uDYoERYNiQfHABSWCksF1Qang+qB0cENQJrgxKBvcFJQLygcVgorBzUGl4JagcnBrUCW4LagaVAuqBzWC24OawR1BreDOoHZwV1AnuDuoG9wT1AvuDeoHDYKGwX1Bo+D+oHHQJGgaNAuaBy2Cln9qfu/P5H7Q9Qx7hYlh77BP+FzYN+wX9g8HhAPD58NB4Qvh4PDFcEg4NBwWvhQOD18OR4SvhCPDUeHo8NVwTDg2HBeODyeEE8Ok8LVwUvh6ODl8I5wSTg2nBdPDGeHMcFb4Zjg7nBPODd8K54XzwwXhwnBRuDhE/PFuPDl8N1wWvhemhMvDFeHKcFW4OlwTrg3XhevDDeHGcFO4ucygH3cNt4c7wp3hrnB3uCfcG34Q7gs/DPeHH4Wp4cfhgfBv4cHwk/BQ+Gl4OPwsPBJ+Hh4NvwiPhV+Gx8OvwhPhyUwQfh2eDr8Jz4Rnw3Pht+H58LvwQvh9eDH0aTf3aZd3MmQoA2WgBEqgzJSZslAWykbZKEYxykE5KCflpFyUi/JQHspH+agAFaA0TEwFqSDFKU6FqTAVoSJUjIqRI0clqSSVolJUmkpTGSpDZakslSNLFagC3Uw30y10C91Kt9JtdBtVo2pUg2oQYk2qRbWoNtWmOlSH6lJdqkf1qD7Vp4bUkBpRI2pMjakpNaXm1JxaUktqRa2oNbWmttSW2lE7ak/tqQN1oI7UkTpRJ+pMnakLdaGu1JW6UTfqTt2pB/WgntSTEimR+lAf6kt9qT/1p4E0kAbRIBpMg2kIDaFhNIyG03AaQSNoJI2i0fQqjaGxNI7G0wSaSEmURJNoEk2myTSFptA0mkYzaAbNolk0m2bTXJpL82geLaAFtIgW0RJaQktpKSVTMi2jZZRCKbSCVtAqWkVraA2to3W0gTbQJtpEW2gLbaNttJ22007aSbtpN+2lvbSP9tF+2k+plEoH6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifoBJ2iU3SaTtMZOkPn6Bydp+/oAn1PF8lTgs1kM9srbBab1Waz2e2v4zw2r81n89sCNrS5bO5fxGStLWKL2mK2uHW2hC1pr/tNXM6WtxVsRXuzrWRvsZVtOZsJ/j6uae+wteydtra9y9awt/8irmPvtnXt/baebWLr22a2oW1hG9n7bWPbxDa1zWxz28K2sw/b9vYR28E+ajvax34TL7Xv2HV2vd1gN9p99kN7zn5rj9ov7Hn7ne1pe9mB9nk7yL5gB9sX7RA79JcxgB1tX7Vj7Fg7zo63E+zE38TT7HQ7w860s+ybdrad85t4iX3bzrPJdoFdaBfZxT/EaTUl23ftMvueTbHL7Qq70q6yq+0au/b/1rrSbrZb7Fa7135gt9sddqfdZXfbPT/Eaeex335kU+3H9oj93B60n9hD9pg9bD/7IU47v2P2S3vcfmVP2JP2lP3anrbf2DP27A/nn3buX9vv7UXrLTCyYs2GA87AGTmBM3FmvoKzcFbOxtk5xldyDr6Kc/LVnItzcx7Oy/k4PxfgkIktM0dckAtxnK/hwnwtF+GiXIyLs+MSXJKv41J8PZfmG7gM38hl+SYux+W5Alfkm7kS38KV+VauwrdxVa7G1bkG3841+Q6uxXdybb6L6/DdXJfv4Xp8L9fnBtyQ7+NGfD835ibclJtxc27BLfkBbsUPcmtuw235IW7HD3N7foQ78KPckR/jTvw4d+YnuAs/yV35Ke7GT3N3foZ78LPck3txIvfmPvwc9+V+3J8H8EB+ngfxCzyYX+QhPJSH8Us8nF/mEfwKj+RRPJpf5TE8lsfxeJ7AEzmJX+NJ/DpP5jd4Ck/laTydZ/BMnsVv8myew3P5LZ7H83kBL+RFvJiX8Nu8lN/hZH6Xl/F7nMLLeQWv5FW8mtfwWl7H63kDb+RNvJm38Fbexu/zdt7BO3kX7+Y9vJc/4H38Ie/njziVP+YD/Dc+yJ/wIf6UD/NnfIQ/56P8BR/jL/k4f8Un+CSf4q/5NH/DZ/gsn+Nv+Tx/xxf4e77IniHCSEU6MlEQZYgyRglRpihzdEWUJcoaZYuyR7HoyihHdFWUM7o6yhXljvJEeaN8Uf6oQBRGFNmIoygqGBWK4tE1UeHo2qhIVDQqFhWPXFQiKhldF5WKro9KRzdEZaIbo7LRTVG5qHxUIaoY3RxVim6JKke3RlWi26KqUbWoelQjuj2qGd0R1YrujGpHd0Wlo7ujutE9Ub3o3qh+1CBqGN0XNYrujxpHTaKmUbOoedQiahk9ELWKHoxaR22ittFDUbvo4ah99EjUIXo06hg9dml70eDHq+mvtidGvSP90xuyO/Wi+OL4kvjb8aXxd+LJ8Xfjy+LvxVPiy+Mr4ivjq+Kr42via+Pr4uvjG+Ib45vim+Nb4lvj3tfICA7THoTBuMBlcBldgsvkMrsrXBaX1WVz2V3MXelyuKtcTne1y+Vyuzwur8vn8rsCLnTkrGMXuYKukIu7a1xhd60r4oq6Yq64c66EK+lauJaupWvlHnStXRvX1j3kHnIPu4fdI+4R96jr6B5zndzjrrN7wnVxT7on3VOum3vadXfPuB7uWdfT9XKJLtH1cX1cX9fX9Xf93UA30A1yg9xgN9gNcUPcMDfMDXfD3Qg3wo10I91oN9qNcWPcODfOTXATXJJLcpPcJDfZTXZT3BQ3zU1zM9wMN8vNcrPdbDfXzXXz3Dy3wC1wi9wit8QtcUvdUpfskt0yt8yluBS3wq1wq9wqt8atcevcOrfBbXCb3Ca3xW1x29w2t91tdzvdTrfb7XZ73V63z+1z+91+l+pS3QF3wB10B90h96k77D5zR9zn7qj7wh1zX7rj7it3wp10p9zX7rT7xp1xZ9059607775zF9z37qLzLin2WmxS7PXY5NgbsSmxqbFpsemxGbGZsVmxN2OzY3Nic2NvxebF5scWxBbGFsUWx5bE3o4tjb0TS469G1sWey+WElseWxFbGVsVWx3zPv/2yBf0hXzcX+ML+2t9EV/UF/PFvfMlfEl/nS/lr/el/Q2+jL/Rl/U3+XK+vK/gm/imvplv7lv4lv4B38o/6Fv7Nr6tf8i38w/79v4R38E/6jv6x3wn/7jv7J/wXfyTvqt/av5PP56+h3/W9/S9fKLv7fv453xf38/39wP8QP+8H+Rf8IP9i36IH+qH+Zf8cP+yH+Ff8SP9KD/av+rH+LF+nB/vJ/iJPsm/5if51/1k/4af4qf6aX66n+Fn+ln+TT/bz/Fz/Vt+np/vF/iFfpFf7Jf4t/1S/45P9u/6Zf49n+KX+xV+pV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mM8J2v8Pv9Lv8br/H7/Uf+H3+Q7/ff+RT/cf+gP+bP+g/8Yf8p/6w/8wf8Z/7o/4Lf8x/6Y/7r/wJf9Kf8l/70/4bf8af9ef8t/68/85f8N/7i/I3a0IIIYQQ/xT9B9t7/8469dNiAKAPAGTdkffwr3NuyvXjuJ/a1zEGAI/26trg56VBg8TExJ/2TdEQFFoIALFL8zPApXg5tIWHoQO0gVK/W18/VQH5V/mDv9uelj9+I0BmgEw/r0uAH+Jf5b/+H+Rv8vav8/+6/vhCgCKFLs1JO9DP8aX8pf9B/j3t/iB/pk+SAFr/3ZwscCm+lL8kPAiPQYdf7CmEEEIIIYQQQvyonzrf7Y+eb9Oez/OZS3MywqX4j57P/0DlP+MchBBCCCGEEEII8f/2xNPdH3mgQ4c2nf+bBxn/GmX8BQYIAH+BMmTw1x9c7t9MQgghhBBCiD/bpZv+y12JEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRfv37/yFM/dM7X+5zFEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIS63/xMAAP//gUVOqg==")
fchdir(0xffffffffffffffff)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10) (async)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, 0x1)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0xd931d3864d39dcce)
rename(&(0x7f00000006c0)='./control\x00', &(0x7f0000001080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

5.662383973s ago: executing program 2 (id=1234):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000200)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x7, [@type_tag={0x6, 0x0, 0x0, 0x12, 0x5}]}, {0x0, [0x30, 0x2e, 0x0, 0x5f, 0x0]}}, 0x0, 0x2b, 0x0, 0x1, 0xfff, 0x0, @void, @value}, 0x28)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r0, 0x5609, 0x0)

4.404944998s ago: executing program 2 (id=1235):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000000000205804115000fa6d00000109022400010000000009040000050300000009210000000122940309058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3.508918003s ago: executing program 9 (id=1236):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000022c0)=@newtaction={0x260, 0x30, 0x300, 0x70bd2d, 0x25dfdbff, {}, [{0x24c, 0x1, [@m_skbedit={0x1fc, 0x19, 0x0, 0x0, {{0xc}, {0x4}, {0x1cd, 0x6, "de616dd9ce3b892bb6fafca061bed3e644dcf9151f4527045657b89def02bb9cad6c62f8293cff1e7df3eb0803889f2fd92b151ed17ab9007c47463bf4e7afe47ab1d24292b0103cbbc15977a51c0ae02a16535a666c86a6321ae76cba859e771aa7d0ff9fa033e50e56e0f68419fd47894ab8f8d473fc2af5fc18fb9399fdbb44bce22ac4c64feea69875f61ef4f46591d0547ce0f025b0a5f6dc470fd9635a05e318fa41b23e07582b3128621edbf17703923cea8b079f042f9924f50ce06116fc38e34430e0a4b60e7144cccb31d0a0457e528dd78226b2989e534df535b22243ec2971118b283cebb23130d1622a675cabf8788d71473f98949841ab1c34d28257f4b10e6eec198365490620753627951432cf82875ec0fccc70181d74035e141d4bbdd59571d5c3fa68b6a9365539b7e734e38e7083fe43b3104f03a618c99dc38b7b166c71dcda72645a7ddd09b867d20ef1d0f2154c6c2af7bfc13509c92a055f4ba6134cf5124359fccca93ea9ef30597c542c2e259bbd96051f001127d7e760711d895b0ae2dabbb4385da14ffe779acd84bec05fb4fc35fefad1a62e114c5f2ca5c6e884ddd618acecb553d05d8ec7fb455e2684ed4d3c3df3c35bee69ce9725b115e33d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_sample={0x4c, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x1d, 0x6, "f8962b722d1256323ad996fb1593fdb0000000008d0be1f265"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}]}]}, 0x260}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

2.16234078s ago: executing program 0 (id=1237):
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
write$vga_arbiter(r0, &(0x7f0000000040)=@unlock_all, 0xb)
setreuid(0xee00, 0x0)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
syz_clone3(&(0x7f00000006c0)={0x192142100, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, &(0x7f0000000680)=[0x0], 0x1}, 0x58)

1.201269669s ago: executing program 9 (id=1238):
setreuid(0xee00, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
syz_clone3(&(0x7f00000006c0)={0x192142100, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, 0x0}, 0x58) (fail_nth: 1)

460.578562ms ago: executing program 2 (id=1239):
setreuid(0xee00, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
fsetxattr(r0, &(0x7f0000000040)=@known='user.incfs.size\x00', &(0x7f0000000080)='.\x00', 0x2, 0x0)
r1 = getpid()
syz_pidfd_open(r1, 0x0)
r2 = syz_open_procfs$userns(r1, &(0x7f0000000000))
setns(r2, 0x0)
syz_clone3(&(0x7f00000006c0)={0xc08349b72eb8bdeb, 0x0, 0x0, 0x0, {0x40}, 0x0, 0xffffffffffffff5c, 0x0, 0x0}, 0x58)

0s ago: executing program 4 (id=1240):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000003a000900d80500000000000001000000040000000c0001"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x200000, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=")
setxattr$security_ima(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000000), &(0x7f0000000200)=@v2={0x3, 0x1, 0x9, 0xfffff25d, 0x85, "2cd08a362cda144815e6e97d46b7239600b5b9ee52e2ce5255210869392ebd7fe4f45a299b5fd845ac4f3fc5e0043db4199b6e19ea92fb293b1a7ca690a6b62255eb779caf2d41813413100ce44411ea022c8191e8534985f1f6cc437e92d7abfcc69a3b9dd4c93b8f739124b020da0445d34df6a2e32e9c9593135fb5205d4d59ed9d2179"}, 0x8e, 0x3)

kernel console output (not intermixed with test programs):

3-1: Product: syz
[  776.236404][ T6913] usb 3-1: Manufacturer: syz
[  776.241550][ T6913] usb 3-1: SerialNumber: syz
[  776.451802][ T6913] usb 3-1: config 0 descriptor??
[  777.273038][ T9789] loop9: detected capacity change from 0 to 1764
[  777.548037][ T9789] iso9660: Corrupted directory entry in block 2 of inode 1920
[  777.609974][ T9793] lo speed is unknown, defaulting to 1000
[  777.631507][ T9793] lo speed is unknown, defaulting to 1000
[  777.638876][ T9793] lo speed is unknown, defaulting to 1000
[  777.658218][ T6913] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  778.002819][ T6913] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  778.013774][ T6913] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  778.053713][ T6913] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  778.064079][ T6913] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  778.073358][ T6913] usb 5-1: SerialNumber: syz
[  778.644696][ T5872] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  778.657763][ T9793] infiniband s
z1: set active
[  778.662759][ T9793] infiniband s
z1: added lo
[  778.671856][ T9793] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  778.681562][ T9793] infiniband s
z1: Couldn't open port 1
[  778.702296][   T24] lo speed is unknown, defaulting to 1000
[  778.734646][ T9793] RDS/IB: s
z1: added
[  778.739061][ T9793] smc: adding ib device s
z1 with port count 1
[  778.756738][ T9793] smc:    ib device s
z1 port 1 has pnetid 
[  778.766292][ T9793] lo speed is unknown, defaulting to 1000
[  778.919274][ T5872] usb 2-1: Using ep0 maxpacket: 32
[  779.068364][ T5872] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[  779.077176][ T5872] usb 2-1: config 0 has no interface number 0
[  779.083812][ T5872] usb 2-1: config 0 interface 12 has no altsetting 0
[  779.296044][ T9793] lo speed is unknown, defaulting to 1000
[  779.399129][ T5839] usb 3-1: USB disconnect, device number 36
[  779.455694][   T24] lo speed is unknown, defaulting to 1000
[  779.536331][ T6913] usb 5-1: 0:2 : does not exist
[  779.541774][ T6913] usb 5-1: unit 255 not found!
[  779.637308][ T5872] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  779.647896][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  779.656591][ T5872] usb 2-1: Product: syz
[  779.666097][ T5872] usb 2-1: Manufacturer: syz
[  779.670981][ T5872] usb 2-1: SerialNumber: syz
[  779.820691][ T6913] usb 5-1: 5:0: cannot get min/max values for control 2 (id 5)
[  779.889897][ T9800] loop0: detected capacity change from 0 to 1024
[  779.927667][ T5872] usb 2-1: config 0 descriptor??
[  779.965262][ T9800] EXT4-fs: Ignoring removed i_version option
[  780.294142][ T9800] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  780.436967][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  780.436967][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  780.450364][ T9793] lo speed is unknown, defaulting to 1000
[  780.450834][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  781.024557][   T30] audit: type=1800 audit(1743089087.998:43): pid=9800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.971" name="file1" dev="loop0" ino=15 res=0 errno=0
[  781.050269][ T9793] lo speed is unknown, defaulting to 1000
[  781.216508][ T5872] f81534 2-1:0.12: f81534_set_register: reg: 1003 data: 20 failed: -71
[  781.225748][ T5872] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[  781.233418][ T5872] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  781.241727][ T5872] f81534 2-1:0.12: probe with driver f81534 failed with error -71
[  781.692373][ T9793] lo speed is unknown, defaulting to 1000
[  782.077784][ T8716] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  782.135016][ T5872] usb 2-1: USB disconnect, device number 61
[  782.413604][ T9793] lo speed is unknown, defaulting to 1000
[  782.567872][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  782.574830][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  783.220627][ T6913] usb 5-1: USB disconnect, device number 27
[  783.544587][ T5872] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  783.794695][ T5872] usb 2-1: Using ep0 maxpacket: 32
[  783.839739][ T5872] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  783.852252][ T5872] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  783.868020][ T5872] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  784.055850][ T5872] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice=fa.00
[  784.070572][ T5872] usb 2-1: New USB device strings: Mfr=109, Product=0, SerialNumber=0
[  784.080845][ T5872] usb 2-1: Manufacturer: syz
[  784.223814][ T5872] usb 2-1: config 0 descriptor??
[  784.945495][ T5839] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  784.977891][ T5872] usbhid 2-1:0.0: can't add hid device: -71
[  784.985031][ T5872] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  785.052099][ T5872] usb 2-1: USB disconnect, device number 62
[  785.199913][ T9828] usb 10-1: new high-speed USB device number 62 using dummy_hcd
[  785.251886][ T5839] usb 3-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  785.261720][ T5839] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  785.270657][ T5839] usb 3-1: Product: syz
[  785.275193][ T5839] usb 3-1: Manufacturer: syz
[  785.280077][ T5839] usb 3-1: SerialNumber: syz
[  785.457956][ T5839] usb 3-1: config 0 descriptor??
[  785.472649][ T9828] usb 10-1: Using ep0 maxpacket: 8
[  785.517786][ T9828] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  785.528847][ T9828] usb 10-1: config 0 has no interfaces?
[  785.538635][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  785.538635][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  785.553147][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  785.659680][ T9828] usb 10-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  785.669723][ T9828] usb 10-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  785.678440][ T9828] usb 10-1: Product: syz
[  785.683046][ T9828] usb 10-1: Manufacturer: syz
[  785.688514][ T9828] usb 10-1: SerialNumber: syz
[  785.926236][ T9828] usb 10-1: config 0 descriptor??
[  785.982939][ T5839] cx82310_eth 3-1:0.0: probe with driver cx82310_eth failed with error -22
[  786.088196][ T5839] cxacru 3-1:0.0: usbatm_usb_probe: bind failed: -19!
[  786.160596][ T5839] usb 3-1: USB disconnect, device number 37
[  786.326194][ T9828] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  786.587927][ T9828] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  786.598806][ T9828] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  786.756043][ T9828] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  786.766409][ T9828] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  786.775363][ T9828] usb 1-1: SerialNumber: syz
[  786.782274][ T9843] loop1: detected capacity change from 0 to 1024
[  786.869260][ T9843] EXT4-fs: Ignoring removed i_version option
[  786.873497][ T7230] udevd[7230]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  787.117079][ T9843] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  787.260437][ T9828] usb 1-1: 0:2 : does not exist
[  787.265891][ T9828] usb 1-1: unit 255 not found!
[  787.413163][ T9828] usb 1-1: 5:0: cannot get min/max values for control 2 (id 5)
[  787.680878][ T9828] usb 1-1: USB disconnect, device number 19
[  787.818713][ T6876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  788.790385][ T5872] usb 10-1: USB disconnect, device number 62
[  789.245317][ T9860] loop0: detected capacity change from 0 to 47
[  790.185137][ T7230] udevd[7230]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  790.657403][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  790.657403][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  790.671847][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  790.870256][ T9838] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  791.105130][ T9828] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  791.125282][ T9838] usb 1-1: Using ep0 maxpacket: 32
[  791.204607][ T9838] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  791.216573][ T9838] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  791.228938][ T9838] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  791.360453][ T9868] loop4: detected capacity change from 0 to 1764
[  791.442927][ T9872] loop9: detected capacity change from 0 to 32768
[  791.546696][ T9868] ISOFS: unable to read i-node block
[  791.552309][ T9868] isofs_fill_super: get root inode failed
[  791.568163][ T9838] usb 1-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice=fa.00
[  791.578854][ T9838] usb 1-1: New USB device strings: Mfr=109, Product=0, SerialNumber=0
[  791.587825][ T9838] usb 1-1: Manufacturer: syz
[  791.602522][ T9828] usb 3-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  791.612492][ T9828] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  791.621961][ T9828] usb 3-1: Product: syz
[  791.626634][ T9828] usb 3-1: Manufacturer: syz
[  791.631515][ T9828] usb 3-1: SerialNumber: syz
[  791.680111][ T9872] XFS (loop9): DAX unsupported by block device. Turning off DAX.
[  791.698181][ T9872] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  791.711788][ T9838] usb 1-1: config 0 descriptor??
[  791.829070][ T9828] usb 3-1: config 0 descriptor??
[  792.406638][ T9828] cx82310_eth 3-1:0.0: probe with driver cx82310_eth failed with error -22
[  792.503085][ T9828] cxacru 3-1:0.0: usbatm_usb_probe: bind failed: -19!
[  792.532975][ T9838] usbhid 1-1:0.0: can't add hid device: -71
[  792.540597][ T9838] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  792.653959][ T9828] usb 3-1: USB disconnect, device number 38
[  792.735989][ T9838] usb 1-1: USB disconnect, device number 20
[  793.059598][ T9872] XFS (loop9): Ending clean mount
[  793.147478][ T9872] XFS (loop9): Quotacheck needed: Please wait.
[  793.265847][ T9893] netlink: 24 bytes leftover after parsing attributes in process `syz.1.997'.
[  793.376802][ T9872] XFS (loop9): Quotacheck: Done.
[  793.649840][ T6518] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  794.299270][ T9892] loop1: detected capacity change from 0 to 32768
[  794.342847][ T9892] (syz.1.997,9892,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  794.357909][ T9892] (syz.1.997,9892,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  794.569512][ T9892] JBD2: Ignoring recovery information on journal
[  794.726928][ T9892] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  794.885030][ T9889] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  795.155225][ T9889] usb 3-1: Using ep0 maxpacket: 8
[  795.221844][ T9889] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  795.237354][ T9889] usb 3-1: config 0 has no interfaces?
[  795.348789][ T9889] usb 3-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  795.358859][ T9889] usb 3-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  795.367452][ T9889] usb 3-1: Product: syz
[  795.371909][ T9889] usb 3-1: Manufacturer: syz
[  795.376979][ T9889] usb 3-1: SerialNumber: syz
[  795.503608][ T6876] ocfs2: Unmounting device (7,1) on (node local)
[  795.618968][ T9889] usb 3-1: config 0 descriptor??
[  795.778293][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  795.778293][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  795.792269][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  795.871283][ T9905] vivid-000: disconnect
[  796.344813][ T9905] vivid-000: reconnect
[  796.479038][ T9912] loop0: detected capacity change from 0 to 47
[  797.801348][ T9889] usb 3-1: USB disconnect, device number 39
[  798.212545][ T9916] loop4: detected capacity change from 0 to 2048
[  798.293127][ T9923] netlink: 36 bytes leftover after parsing attributes in process `syz.9.999'.
[  798.310471][ T9923] netlink: 16 bytes leftover after parsing attributes in process `syz.9.999'.
[  798.322155][ T9923] netlink: 36 bytes leftover after parsing attributes in process `syz.9.999'.
[  798.331898][ T9923] netlink: 36 bytes leftover after parsing attributes in process `syz.9.999'.
[  798.367675][ T9916] udf: Unknown parameter 'ictur'
[  798.597817][ T9927] netlink: 'syz.2.1008': attribute type 4 has an invalid length.
[  798.935037][   T30] audit: type=1800 audit(1743089105.998:44): pid=9931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1008" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  798.955632][    C0] vkms_vblank_simulate: vblank timer overrun
[  800.252366][ T9933] loop1: detected capacity change from 0 to 40427
[  800.277051][ T9933] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x1fffff
[  800.289596][ T9933] F2FS-fs (loop1): invalid crc value
[  800.371885][ T9933] F2FS-fs (loop1): Found nat_bits in checkpoint
[  800.615260][ T9889] usb 10-1: new high-speed USB device number 63 using dummy_hcd
[  800.773821][ T9933] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  800.866663][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  800.866663][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  800.881281][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  801.100393][ T9889] usb 10-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  801.110401][ T9889] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  801.119284][ T9889] usb 10-1: Product: syz
[  801.123831][ T9889] usb 10-1: Manufacturer: syz
[  801.129124][ T9889] usb 10-1: SerialNumber: syz
[  801.220042][ T9889] usb 10-1: config 0 descriptor??
[  801.818326][ T9889] cx82310_eth 10-1:0.0: probe with driver cx82310_eth failed with error -22
[  801.976247][ T9889] cxacru 10-1:0.0: usbatm_usb_probe: bind failed: -19!
[  802.036982][ T9889] usb 10-1: USB disconnect, device number 63
[  802.558656][ T9957] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1013'.
[  802.969787][ T9959] loop0: detected capacity change from 0 to 16
[  803.079819][ T9959] cramfs: Unknown parameter 'an_�)�McmM�'
[  803.190984][ T9963] loop1: detected capacity change from 0 to 47
[  803.956204][ T9828] usb 10-1: new high-speed USB device number 64 using dummy_hcd
[  804.184964][ T9828] usb 10-1: Using ep0 maxpacket: 8
[  804.255372][ T9828] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  804.266648][ T9828] usb 10-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  804.451497][ T9828] usb 10-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  804.461646][ T9828] usb 10-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  804.470440][ T9828] usb 10-1: Product: syz
[  804.475036][ T9828] usb 10-1: Manufacturer: syz
[  804.479996][ T9828] usb 10-1: SerialNumber: syz
[  804.566290][ T9971] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1020'.
[  804.576076][ T9971] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1020'.
[  804.585812][ T9971] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1020'.
[  804.595190][ T9971] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1020'.
[  804.743036][ T9828] usb 10-1: config 0 descriptor??
[  804.928627][ T9975] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  805.929796][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  805.929796][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  805.943922][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  806.245469][ T9988] syz_tun: entered allmulticast mode
[  806.326998][ T9987] syz_tun: left allmulticast mode
[  806.997565][ T9889] usb 10-1: USB disconnect, device number 64
[  807.066886][ T9993] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1027'.
[  807.555119][ T9999] overlay: Unknown parameter 'mask'
[  807.702722][T10005] fuse: Bad value for 'fd'
[  808.081629][ T9996] loop4: detected capacity change from 0 to 4096
[  808.326222][ T9996] NILFS (loop4): invalid segment: Checksum error in segment payload
[  808.344137][ T9996] NILFS (loop4): trying rollback from an earlier position
[  808.676789][ T9996] NILFS (loop4): recovery complete
[  808.719955][T10011] loop1: detected capacity change from 0 to 16
[  808.771497][T10013] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  808.842698][T10011] erofs (device loop1): mounted with root inode @ nid 36.
[  809.085344][T10017] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  809.249001][T10011] erofs (device loop1): invalid tail-packing pclustersize 0
[  809.263155][T10011] erofs (device loop1): readahead error at folio 2 @ nid 89
[  809.272813][T10011] erofs (device loop1): invalid tail-packing pclustersize 0
[  809.280617][T10011] erofs (device loop1): readahead error at folio 0 @ nid 89
[  809.288711][T10011] erofs (device loop1): invalid tail-packing pclustersize 0
[  809.296658][T10011] erofs (device loop1): invalid tail-packing pclustersize 0
[  809.304450][T10011] erofs (device loop1): read error -117 @ 0 of nid 89
[  809.372447][   T30] audit: type=1800 audit(1743089116.408:45): pid=10011 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1032" name="file3" dev="loop1" ino=89 res=0 errno=0
[  810.964625][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  810.964625][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  810.979017][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  811.528478][T10039] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1041'.
[  812.170460][T10047] FAULT_INJECTION: forcing a failure.
[  812.170460][T10047] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  812.184406][T10047] CPU: 1 UID: 0 PID: 10047 Comm: syz.0.1042 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  812.184565][T10047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  812.184647][T10047] Call Trace:
[  812.184706][T10047]  <TASK>
[  812.184758][T10047]  dump_stack_lvl+0x216/0x2d0
[  812.184958][T10047]  dump_stack+0x1e/0x24
[  812.185119][T10047]  should_fail_ex+0x77b/0x840
[  812.185338][T10047]  should_fail+0x2a/0x40
[  812.185505][T10047]  should_fail_usercopy+0x2e/0x40
[  812.185701][T10047]  _copy_from_user+0x35/0x110
[  812.185894][T10047]  ___sys_sendmsg+0x120/0x3c0
[  812.186062][T10047]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  812.186285][T10047]  ? __rcu_read_unlock+0x7b/0xe0
[  812.186502][T10047]  ? __fget_files+0x443/0x520
[  812.186661][T10047]  ? kmsan_get_metadata+0x13e/0x1c0
[  812.186872][T10047]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  812.187092][T10047]  __x64_sys_sendmsg+0x212/0x3c0
[  812.187259][T10047]  ? kmsan_get_metadata+0x13e/0x1c0
[  812.187464][T10047]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  812.187675][T10047]  ? kmsan_get_metadata+0x13e/0x1c0
[  812.187902][T10047]  x64_sys_call+0x2e0f/0x3c80
[  812.188101][T10047]  do_syscall_64+0xcd/0x1e0
[  812.188280][T10047]  ? clear_bhb_loop+0x25/0x80
[  812.188437][T10047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.188598][T10047] RIP: 0033:0x7f095a38d169
[  812.188735][T10047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  812.188864][T10047] RSP: 002b:00007f095b1e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  812.189003][T10047] RAX: ffffffffffffffda RBX: 00007f095a5a5fa0 RCX: 00007f095a38d169
[  812.189111][T10047] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000006
[  812.189206][T10047] RBP: 00007f095b1e7090 R08: 0000000000000000 R09: 0000000000000000
[  812.189299][T10047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  812.189388][T10047] R13: 0000000000000000 R14: 00007f095a5a5fa0 R15: 00007ffc7ae8a568
[  812.189512][T10047]  </TASK>
[  812.465688][ T9889] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  812.745576][ T9889] usb 5-1: Using ep0 maxpacket: 8
[  812.766908][ T9889] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  812.778307][ T9889] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  812.891615][ T5785] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  812.917144][ T9889] usb 5-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  812.926977][ T9889] usb 5-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  812.935651][ T9889] usb 5-1: Product: syz
[  812.940219][ T9889] usb 5-1: Manufacturer: syz
[  812.949842][ T9889] usb 5-1: SerialNumber: syz
[  813.035420][ T5785] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  813.050457][ T5785] Bluetooth: hci2: Injecting HCI hardware error event
[  813.069863][ T5785] Bluetooth: hci2: hardware error 0x00
[  813.197844][ T9889] usb 5-1: config 0 descriptor??
[  814.346823][T10065] loop9: detected capacity change from 0 to 16
[  814.432680][T10065] erofs (device loop9): mounted with root inode @ nid 36.
[  814.761036][T10070] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1048'.
[  814.770831][T10070] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1048'.
[  814.778519][ T6914] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  814.780541][T10070] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1048'.
[  814.804716][T10070] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1048'.
[  814.912090][T10074] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  814.921568][T10074] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  814.931058][T10074] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  814.940435][T10074] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  814.961508][T10074] team0: Port device vxlan0 added
[  815.130560][ T6914] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  815.140396][ T6914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  815.148865][ T6914] usb 2-1: Product: syz
[  815.153304][ T6914] usb 2-1: Manufacturer: syz
[  815.158340][ T6914] usb 2-1: SerialNumber: syz
[  815.204862][ T5785] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  815.278183][ T6914] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  815.470200][ T9828] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  815.976962][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  815.976962][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  815.992596][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  816.036361][ T9889] usb 5-1: USB disconnect, device number 28
[  816.546046][ T9828] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  816.556473][ T9828] ath9k_htc: Failed to initialize the device
[  816.850382][ T9828] usb 2-1: ath9k_htc: USB layer deinitialized
[  817.005970][T10083] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1052'.
[  817.214795][ T9889] usb 2-1: USB disconnect, device number 63
[  817.954052][T10086] loop0: detected capacity change from 0 to 32768
[  817.978378][T10086] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1054 (10086)
[  818.011082][T10086] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  818.021883][T10086] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  818.032422][T10086] BTRFS info (device loop0): using free-space-tree
[  818.615637][ T5785] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  818.624530][ T5785] Bluetooth: hci3: Injecting HCI hardware error event
[  818.632750][ T5785] Bluetooth: hci3: hardware error 0x00
[  818.903839][   T30] audit: type=1800 audit(1743089125.958:46): pid=10086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1054" name="file1" dev="loop0" ino=260 res=0 errno=0
[  818.935616][T10109] loop2: detected capacity change from 0 to 1024
[  818.945262][T10109] EXT4-fs: Ignoring removed i_version option
[  819.005647][T10086] loop0: detected capacity change from 32768 to 64
[  819.335014][T10109] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  819.357703][ T9776] kworker/u8:1: attempt to access beyond end of device
[  819.357703][ T9776] loop0: rw=2049, sector=10440, nr_sectors = 8 limit=64
[  819.372631][ T9776] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0
[  819.540529][   T30] audit: type=1800 audit(1743089126.628:47): pid=10109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1056" name="file1" dev="loop2" ino=15 res=0 errno=0
[  819.831239][T10105] loop9: detected capacity change from 0 to 4096
[  819.926187][T10105] ntfs3(loop9): Different NTFS sector size (1024) and media sector size (512).
[  819.991154][T10105] ntfs3(loop9): ino=0, mi_enum_attr
[  819.997357][T10105] ntfs3(loop9): Mark volume as dirty due to NTFS errors
[  820.287986][ T6823] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  820.373237][ T4603] kworker/u8:23: attempt to access beyond end of device
[  820.373237][ T4603] loop0: rw=67112961, sector=10440, nr_sectors = 8 limit=64
[  820.377144][T10105] ntfs3(loop9): volume is dirty and "force" flag is not set!
[  820.387955][ T4603] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0
[  820.388392][ T4603] kworker/u8:23: attempt to access beyond end of device
[  820.388392][ T4603] loop0: rw=67112961, sector=10448, nr_sectors = 8 limit=64
[  820.427523][ T4603] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 3, rd 0, flush 0, corrupt 0, gen 0
[  820.440645][ T4603] kworker/u8:23: attempt to access beyond end of device
[  820.440645][ T4603] loop0: rw=67112961, sector=13448, nr_sectors = 8 limit=64
[  820.455448][ T4603] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 4, rd 0, flush 0, corrupt 0, gen 0
[  820.467789][ T8716] BTRFS error (device loop0 state A): Transaction aborted (error -5)
[  820.476562][ T8716] BTRFS: error (device loop0 state A) in __btrfs_free_extent:3203: errno=-5 IO failure
[  820.486846][ T8716] BTRFS info (device loop0 state EA): forced readonly
[  820.494028][ T8716] BTRFS error (device loop0 state EA): failed to run delayed ref for logical 5296128 num_bytes 12288 type 178 action 2 ref_mod 1: -5
[  820.508835][ T8716] BTRFS: error (device loop0 state EA) in btrfs_run_delayed_refs:2160: errno=-5 IO failure
[  820.718216][ T5785] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  820.772120][ T8716] BTRFS info (device loop0 state EA): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  821.054140][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  821.054140][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  821.069262][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  821.387945][T10132] loop2: detected capacity change from 0 to 16
[  821.454561][T10127] loop1: detected capacity change from 0 to 2048
[  821.509606][T10130] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1062'.
[  821.520568][T10130] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1062'.
[  821.530296][T10130] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1062'.
[  821.539891][T10130] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1062'.
[  821.558497][T10132] erofs (device loop2): mounted with root inode @ nid 36.
[  821.634618][T10127] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  821.869389][T10127] syz.1.1059: attempt to access beyond end of device
[  821.869389][T10127] loop1: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  821.888708][T10135] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  822.119858][T10127] NILFS error (device loop1): nilfs_check_folio: bad entry in directory #2: directory entry across blocks - offset=0, inode=2, rec_len=42000, name_len=5
[  822.246171][T10139] FAULT_INJECTION: forcing a failure.
[  822.246171][T10139] name failslab, interval 1, probability 0, space 0, times 0
[  822.265079][T10139] CPU: 0 UID: 0 PID: 10139 Comm: syz.1.1059 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  822.265239][T10139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  822.265326][T10139] Call Trace:
[  822.265384][T10139]  <TASK>
[  822.265437][T10139]  dump_stack_lvl+0x216/0x2d0
[  822.265634][T10139]  dump_stack+0x1e/0x24
[  822.265801][T10139]  should_fail_ex+0x77b/0x840
[  822.266013][T10139]  should_failslab+0x17f/0x210
[  822.266223][T10139]  __kmalloc_noprof+0x17c/0x1260
[  822.266391][T10139]  ? kfree+0x20/0xdd0
[  822.266532][T10139]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  822.266735][T10139]  ? tomoyo_realpath_from_path+0x104/0xaa0
[  822.266954][T10139]  ? tomoyo_path_number_perm+0xfc/0x7d0
[  822.267163][T10139]  tomoyo_realpath_from_path+0x104/0xaa0
[  822.267382][T10139]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  822.267613][T10139]  tomoyo_path_number_perm+0x1cf/0x7d0
[  822.267795][T10139]  ? kmsan_internal_set_shadow_origin+0x6c/0x100
[  822.268010][T10139]  ? kmsan_get_metadata+0x13e/0x1c0
[  822.268207][T10139]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  822.268461][T10139]  tomoyo_file_ioctl+0x3f/0x50
[  822.268613][T10139]  security_file_ioctl+0x145/0x590
[  822.268799][T10139]  __se_sys_ioctl+0xd0/0x430
[  822.269015][T10139]  __x64_sys_ioctl+0x96/0xe0
[  822.269198][T10139]  x64_sys_call+0x1a16/0x3c80
[  822.269401][T10139]  do_syscall_64+0xcd/0x1e0
[  822.269575][T10139]  ? clear_bhb_loop+0x25/0x80
[  822.269737][T10139]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  822.269900][T10139] RIP: 0033:0x7fdd1878d169
[  822.270010][T10139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  822.270135][T10139] RSP: 002b:00007fdd19668038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  822.270269][T10139] RAX: ffffffffffffffda RBX: 00007fdd189a6080 RCX: 00007fdd1878d169
[  822.270372][T10139] RDX: 0000200000000200 RSI: 00000000401c5820 RDI: 0000000000000007
[  822.270468][T10139] RBP: 00007fdd19668090 R08: 0000000000000000 R09: 0000000000000000
[  822.270560][T10139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  822.270648][T10139] R13: 0000000000000000 R14: 00007fdd189a6080 R15: 00007ffe5f1a6698
[  822.270779][T10139]  </TASK>
[  822.270843][T10139] ERROR: Out of memory at tomoyo_realpath_from_path.
[  822.351307][T10127] Remounting filesystem read-only
[  822.988495][ T9889] usb 10-1: new high-speed USB device number 65 using dummy_hcd
[  823.228291][ T9889] usb 10-1: Using ep0 maxpacket: 8
[  823.277601][ T9889] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  823.292942][ T9889] usb 10-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  823.474492][ T9889] usb 10-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  823.484872][ T9889] usb 10-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  823.497869][ T9889] usb 10-1: Product: syz
[  823.502488][ T9889] usb 10-1: Manufacturer: syz
[  823.509237][ T9889] usb 10-1: SerialNumber: syz
[  823.728292][T10149] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1066'.
[  823.758996][ T9889] usb 10-1: config 0 descriptor??
[  824.069866][T10147] loop4: detected capacity change from 0 to 2048
[  824.263232][T10147] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  824.456521][T10147] syz.4.1064: attempt to access beyond end of device
[  824.456521][T10147] loop4: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  824.483841][T10155] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  824.690885][T10147] NILFS error (device loop4): nilfs_check_folio: bad entry in directory #2: directory entry across blocks - offset=0, inode=2, rec_len=42000, name_len=5
[  824.815935][T10147] Remounting filesystem read-only
[  825.215059][ T6914] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  825.415121][ T6914] usb 1-1: Using ep0 maxpacket: 32
[  825.424789][ T6914] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  825.424936][ T6914] usb 1-1: config 0 has no interface number 0
[  825.425080][ T6914] usb 1-1: config 0 interface 12 has no altsetting 0
[  825.485630][ T6914] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  825.485800][ T6914] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  825.485935][ T6914] usb 1-1: Product: syz
[  825.486045][ T6914] usb 1-1: Manufacturer: syz
[  825.486154][ T6914] usb 1-1: SerialNumber: syz
[  825.503659][ T6914] usb 1-1: config 0 descriptor??
[  825.816930][ T5785] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  825.827107][ T5785] Bluetooth: hci1: Injecting HCI hardware error event
[  825.835676][ T5785] Bluetooth: hci1: hardware error 0x00
[  825.914525][ T9889] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  826.007736][ T6914] f81534 1-1:0.12: required endpoints missing
[  826.080101][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  826.080101][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  826.094891][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  826.114649][ T9889] usb 2-1: Using ep0 maxpacket: 16
[  826.182394][ T9889] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  826.193491][ T9889] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  826.208785][ T9889] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  826.219067][ T9889] usb 2-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  826.276452][ T6914] usb 10-1: USB disconnect, device number 65
[  826.578849][ T9889] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  826.588505][ T9889] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.597223][ T9889] usb 2-1: Product: syz
[  826.601673][ T9889] usb 2-1: Manufacturer: syz
[  826.606880][ T9889] usb 2-1: SerialNumber: syz
[  826.841477][T10168] loop4: detected capacity change from 0 to 1024
[  826.903636][T10168] EXT4-fs: Ignoring removed i_version option
[  827.090301][T10173] loop2: detected capacity change from 0 to 256
[  827.122566][T10168] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  827.349305][   T30] audit: type=1800 audit(1743089134.448:48): pid=10168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1071" name="file1" dev="loop4" ino=15 res=0 errno=0
[  827.456547][ T9889] usb 2-1: USB disconnect, device number 64
[  827.899392][ T5785] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  827.973602][ T6872] udevd[6872]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  828.043154][ T8554] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  828.514821][ T9828] usb 1-1: USB disconnect, device number 21
[  828.941021][T10195] loop4: detected capacity change from 0 to 16
[  829.088499][T10196] 9pnet_fd: Insufficient options for proto=fd
[  829.097052][T10195] erofs (device loop4): mounted with root inode @ nid 36.
[  829.823993][T10200] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1079'.
[  830.457978][T10212] ./file0: Can't open blockdev
[  830.520968][ T9889] usb 10-1: new high-speed USB device number 66 using dummy_hcd
[  830.560672][T10211] FAULT_INJECTION: forcing a failure.
[  830.560672][T10211] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  830.574926][T10211] CPU: 0 UID: 0 PID: 10211 Comm: syz.4.1083 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  830.575083][T10211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  830.575163][T10211] Call Trace:
[  830.575218][T10211]  <TASK>
[  830.575268][T10211]  dump_stack_lvl+0x216/0x2d0
[  830.575458][T10211]  dump_stack+0x1e/0x24
[  830.575610][T10211]  should_fail_ex+0x77b/0x840
[  830.575797][T10211]  should_fail+0x2a/0x40
[  830.575955][T10211]  should_fail_usercopy+0x2e/0x40
[  830.576127][T10211]  _copy_from_user+0x35/0x110
[  830.576301][T10211]  __sys_bpf+0x2dc/0xd90
[  830.576514][T10211]  __x64_sys_bpf+0xa0/0xe0
[  830.576676][T10211]  x64_sys_call+0x2a32/0x3c80
[  830.576861][T10211]  do_syscall_64+0xcd/0x1e0
[  830.577017][T10211]  ? clear_bhb_loop+0x25/0x80
[  830.577160][T10211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  830.577302][T10211] RIP: 0033:0x7fb313d8d169
[  830.577400][T10211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  830.577515][T10211] RSP: 002b:00007fb314ca9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  830.577641][T10211] RAX: ffffffffffffffda RBX: 00007fb313fa5fa0 RCX: 00007fb313d8d169
[  830.577740][T10211] RDX: 0000000000000010 RSI: 00002000000002c0 RDI: 000000000000001c
[  830.577825][T10211] RBP: 00007fb314ca9090 R08: 0000000000000000 R09: 0000000000000000
[  830.577944][T10211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  830.578025][T10211] R13: 0000000000000000 R14: 00007fb313fa5fa0 R15: 00007ffd0a45f628
[  830.578139][T10211]  </TASK>
[  831.009590][ T9889] usb 10-1: Using ep0 maxpacket: 8
[  831.036833][ T9889] usb 10-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  831.124707][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  831.124707][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  831.138773][ T9889] usb 10-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  831.138938][ T9889] usb 10-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  831.139082][ T9889] usb 10-1: Product: syz
[  831.139190][ T9889] usb 10-1: Manufacturer: syz
[  831.149331][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  831.157202][ T9889] usb 10-1: SerialNumber: syz
[  831.431181][T10215] loop2: detected capacity change from 0 to 1024
[  831.436070][ T9889] usb 10-1: config 0 descriptor??
[  831.513703][T10218] FAULT_INJECTION: forcing a failure.
[  831.513703][T10218] name failslab, interval 1, probability 0, space 0, times 0
[  831.527187][T10218] CPU: 0 UID: 0 PID: 10218 Comm: syz.0.1084 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  831.527348][T10218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  831.527435][T10218] Call Trace:
[  831.527489][T10218]  <TASK>
[  831.527544][T10218]  dump_stack_lvl+0x216/0x2d0
[  831.527745][T10218]  dump_stack+0x1e/0x24
[  831.527914][T10218]  should_fail_ex+0x77b/0x840
[  831.528124][T10218]  should_failslab+0x17f/0x210
[  831.528332][T10218]  __kmalloc_cache_noprof+0xc5/0xe00
[  831.528510][T10218]  ? kmsan_get_metadata+0x13e/0x1c0
[  831.528704][T10218]  ? __se_sys_memfd_create+0x534/0x11e0
[  831.528869][T10218]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  831.529083][T10218]  ? kmsan_get_metadata+0x13e/0x1c0
[  831.529280][T10218]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  831.529489][T10218]  __se_sys_memfd_create+0x534/0x11e0
[  831.529673][T10218]  __x64_sys_memfd_create+0x6c/0xa0
[  831.529838][T10218]  x64_sys_call+0x13f7/0x3c80
[  831.530039][T10218]  do_syscall_64+0xcd/0x1e0
[  831.530211][T10218]  ? clear_bhb_loop+0x25/0x80
[  831.530367][T10218]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.530523][T10218] RIP: 0033:0x7f095a38d169
[  831.530631][T10218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  831.530760][T10218] RSP: 002b:00007f095b1e6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  831.530899][T10218] RAX: ffffffffffffffda RBX: 000000000000054e RCX: 00007f095a38d169
[  831.531003][T10218] RDX: 00007f095b1e6ef0 RSI: 0000000000000000 RDI: 00007f095a40ec3c
[  831.531115][T10218] RBP: 0000200000001040 R08: 00007f095b1e6bb7 R09: 00007f095b1e6e40
[  831.531222][T10218] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000540
[  831.531314][T10218] R13: 00007f095b1e6ef0 R14: 00007f095b1e6eb0 R15: 0000200000000380
[  831.531447][T10218]  </TASK>
[  831.546470][T10215] EXT4-fs: Ignoring removed i_version option
[  832.086599][T10215] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  832.349121][   T30] audit: type=1800 audit(1743089139.428:49): pid=10214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1085" name="file1" dev="loop2" ino=15 res=0 errno=0
[  832.983923][ T6823] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  833.127680][ T9828] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  833.257522][ T5785] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  833.267157][ T5785] Bluetooth: hci4: Injecting HCI hardware error event
[  833.276537][ T5785] Bluetooth: hci4: hardware error 0x00
[  833.327584][ T9828] usb 1-1: Using ep0 maxpacket: 32
[  833.448391][ T9828] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  833.457207][ T9828] usb 1-1: config 0 has no interface number 0
[  833.463737][ T9828] usb 1-1: config 0 interface 12 has no altsetting 0
[  833.603461][ T9828] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  833.613753][ T9828] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  833.623196][ T9828] usb 1-1: Product: syz
[  833.627802][ T9828] usb 1-1: Manufacturer: syz
[  833.638759][ T9828] usb 1-1: SerialNumber: syz
[  833.705834][ T9828] usb 1-1: config 0 descriptor??
[  833.746909][ T9828] f81534 1-1:0.12: required endpoints missing
[  833.876023][ T9889] usb 10-1: USB disconnect, device number 66
[  834.507447][T10243] 9pnet_fd: Insufficient options for proto=fd
[  834.631257][T10247] loop4: detected capacity change from 0 to 16
[  834.795709][T10247] erofs (device loop4): mounted with root inode @ nid 36.
[  835.346817][ T5785] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  835.476625][ T9889] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  835.503015][T10255] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1095'.
[  835.665089][ T5839] IPVS: starting estimator thread 0...
[  835.693550][ T9889] usb 3-1: Using ep0 maxpacket: 32
[  835.755771][T10257] IPVS: using max 192 ests per chain, 9600 per kthread
[  835.843536][ T9889] usb 3-1: config 0 has an invalid interface number: 12 but max is 0
[  835.852665][ T9889] usb 3-1: config 0 has no interface number 0
[  835.859927][ T9889] usb 3-1: config 0 interface 12 has no altsetting 0
[  836.197540][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  836.197540][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  836.211908][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  836.245431][ T9889] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  836.255375][ T9889] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  836.263725][ T9889] usb 3-1: Product: syz
[  836.268516][ T9889] usb 3-1: Manufacturer: syz
[  836.273406][ T9889] usb 3-1: SerialNumber: syz
[  836.389485][ T5839] usb 10-1: new low-speed USB device number 67 using dummy_hcd
[  836.473076][T10255] loop1: detected capacity change from 0 to 32768
[  836.489547][T10255] (syz.1.1095,10255,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  836.513978][T10255] (syz.1.1095,10255,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  836.630158][T10255] JBD2: Ignoring recovery information on journal
[  836.647374][ T9889] usb 3-1: config 0 descriptor??
[  836.681357][ T5839] usb 10-1: device descriptor read/64, error -71
[  836.828997][T10255] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  836.986930][ T5839] usb 10-1: new low-speed USB device number 68 using dummy_hcd
[  837.178046][ T5839] usb 10-1: device descriptor read/64, error -71
[  837.183762][ T9828] usb 1-1: USB disconnect, device number 22
[  837.306622][T10266] FAULT_INJECTION: forcing a failure.
[  837.306622][T10266] name failslab, interval 1, probability 0, space 0, times 0
[  837.325142][T10266] CPU: 0 UID: 0 PID: 10266 Comm: syz.4.1097 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  837.325304][T10266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  837.325393][T10266] Call Trace:
[  837.325447][T10266]  <TASK>
[  837.325502][T10266]  dump_stack_lvl+0x216/0x2d0
[  837.325709][T10266]  dump_stack+0x1e/0x24
[  837.325873][T10266]  should_fail_ex+0x77b/0x840
[  837.326083][T10266]  should_failslab+0x17f/0x210
[  837.326293][T10266]  __kmalloc_cache_noprof+0xc5/0xe00
[  837.326469][T10266]  ? io_uring_alloc_task_context+0x66/0x730
[  837.326639][T10266]  ? kstrtoull+0xbf/0x3b0
[  837.326774][T10266]  ? kmsan_get_metadata+0x13e/0x1c0
[  837.326980][T10266]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  837.327201][T10266]  io_uring_alloc_task_context+0x66/0x730
[  837.327359][T10266]  ? kmsan_get_metadata+0x13e/0x1c0
[  837.327579][T10266]  __io_uring_add_tctx_node+0x119/0x980
[  837.327744][T10266]  ? kmsan_get_metadata+0x13e/0x1c0
[  837.327955][T10266]  __io_uring_add_tctx_node_from_submit+0xed/0x1b0
[  837.328139][T10266]  __se_sys_io_uring_enter+0x155f/0x4da0
[  837.328332][T10266]  ? kmsan_get_metadata+0x13e/0x1c0
[  837.328526][T10266]  ? kmsan_internal_set_shadow_origin+0x6c/0x100
[  837.328728][T10266]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  837.328930][T10266]  ? kmsan_get_metadata+0x13e/0x1c0
[  837.329141][T10266]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  837.329343][T10266]  ? fput+0x12f/0x170
[  837.329498][T10266]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  837.329728][T10266]  __x64_sys_io_uring_enter+0x11f/0x1a0
[  837.329943][T10266]  x64_sys_call+0x2dbb/0x3c80
[  837.330142][T10266]  do_syscall_64+0xcd/0x1e0
[  837.330318][T10266]  ? clear_bhb_loop+0x25/0x80
[  837.330477][T10266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.330641][T10266] RIP: 0033:0x7fb313d8d169
[  837.330752][T10266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  837.330884][T10266] RSP: 002b:00007fb314c7b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  837.331026][T10266] RAX: ffffffffffffffda RBX: 00007fb313fa6080 RCX: 00007fb313d8d169
[  837.331133][T10266] RDX: 0000000000000000 RSI: 00000000000047f6 RDI: 0000000000000003
[  837.331221][T10266] RBP: 00007fb314c7b090 R08: 0000000000000000 R09: 0000000000000000
[  837.331316][T10266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  837.331401][T10266] R13: 0000000000000001 R14: 00007fb313fa6080 R15: 00007ffd0a45f628
[  837.331527][T10266]  </TASK>
[  837.762000][ T5839] usb usb10-port1: attempt power cycle
[  837.773398][ T9889] f81534 3-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  837.781531][ T9889] f81534 3-1:0.12: f81534_find_config_idx: read failed: -71
[  837.789278][ T9889] f81534 3-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  837.797601][ T9889] f81534 3-1:0.12: probe with driver f81534 failed with error -71
[  837.817406][ T9889] usb 3-1: USB disconnect, device number 40
[  838.025939][ T6876] ocfs2: Unmounting device (7,1) on (node local)
[  838.105386][ T5839] usb 10-1: new low-speed USB device number 69 using dummy_hcd
[  838.147520][ T5839] usb 10-1: device descriptor read/8, error -71
[  838.306564][T10268] loop0: detected capacity change from 0 to 512
[  838.355742][T10268] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  838.371272][T10268] EXT4-fs warning (device loop0): read_mmp_block:115: Error -117 while reading MMP block 0
[  838.549037][ T5839] usb 10-1: new low-speed USB device number 70 using dummy_hcd
[  839.023085][ T5839] usb 10-1: device descriptor read/8, error -71
[  839.146158][ T5839] usb usb10-port1: unable to enumerate USB device
[  839.370611][T10274] loop0: detected capacity change from 0 to 1024
[  839.428295][T10274] EXT4-fs: Ignoring removed i_version option
[  839.552357][T10279] loop1: detected capacity change from 0 to 512
[  839.621269][T10274] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  839.683981][ T9889] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  839.818089][T10283] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1103'.
[  839.827868][T10283] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1103'.
[  839.837439][T10283] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1103'.
[  839.847284][T10283] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1103'.
[  839.905466][   T30] audit: type=1800 audit(1743089146.958:50): pid=10274 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1100" name="file1" dev="loop0" ino=15 res=0 errno=0
[  839.998733][ T9889] usb 3-1: Using ep0 maxpacket: 8
[  840.057410][T10279] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  840.072109][T10279] ext4 filesystem being mounted at /188/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  840.107382][ T9889] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  840.195076][ T9889] usb 3-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  840.204849][ T9889] usb 3-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  840.213153][ T9889] usb 3-1: Product: syz
[  840.217997][ T9889] usb 3-1: Manufacturer: syz
[  840.222896][ T9889] usb 3-1: SerialNumber: syz
[  840.433008][ T9889] usb 3-1: config 0 descriptor??
[  840.763907][ T8716] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  841.281219][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  841.281219][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  841.295781][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  841.373698][ T6876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  841.831173][T10296] loop9: detected capacity change from 0 to 1024
[  841.944587][T10296] EXT4-fs: Ignoring removed i_version option
[  841.962238][T10300] loop4: detected capacity change from 0 to 16
[  842.016312][T10300] erofs (device loop4): mounted with root inode @ nid 36.
[  842.161726][T10296] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  842.512192][   T30] audit: type=1800 audit(1743089149.608:51): pid=10296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.1106" name="file1" dev="loop9" ino=15 res=0 errno=0
[  842.709917][T10306] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1108'.
[  843.155906][ T9828] usb 3-1: USB disconnect, device number 41
[  843.572378][T10306] loop1: detected capacity change from 0 to 32768
[  843.624365][T10306] (syz.1.1108,10306,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  843.641073][T10306] (syz.1.1108,10306,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  843.685168][ T6518] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  843.822339][T10306] JBD2: Ignoring recovery information on journal
[  843.931663][ T9828] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  843.972175][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  843.980903][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  844.091420][T10306] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  844.184703][ T9828] usb 1-1: Using ep0 maxpacket: 32
[  844.257671][ T9828] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  844.267185][ T9828] usb 1-1: config 0 has no interface number 0
[  844.273599][ T9828] usb 1-1: config 0 interface 12 has no altsetting 0
[  844.306671][ T6914] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  844.478043][ T9828] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  844.494055][ T9828] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  844.504644][ T9828] usb 1-1: Product: syz
[  844.509092][ T9828] usb 1-1: Manufacturer: syz
[  844.514060][ T9828] usb 1-1: SerialNumber: syz
[  844.545252][T10314] loop4: detected capacity change from 0 to 1024
[  844.592233][ T6914] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  844.603687][ T6914] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  844.613665][ T6914] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  844.657073][ T6876] ocfs2: Unmounting device (7,1) on (node local)
[  844.726047][ T9828] usb 1-1: config 0 descriptor??
[  844.780494][ T6914] usb 3-1: config 0 descriptor??
[  844.836650][ T9828] f81534 1-1:0.12: required endpoints missing
[  844.879343][ T6914] pwc: Askey VC010 type 2 USB webcam detected.
[  845.116012][ T6914] pwc: send_video_command error -71
[  845.121523][ T6914] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  845.130371][ T6914] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[  845.144532][ T9838] usb 10-1: new high-speed USB device number 71 using dummy_hcd
[  845.276597][ T6914] usb 3-1: USB disconnect, device number 42
[  845.366789][T10314] 9pnet_fd: Insufficient options for proto=fd
[  845.381353][ T9838] usb 10-1: Using ep0 maxpacket: 32
[  845.432390][ T9838] usb 10-1: config 0 has an invalid interface number: 12 but max is 0
[  845.441222][ T9838] usb 10-1: config 0 has no interface number 0
[  845.447990][ T9838] usb 10-1: config 0 interface 12 has no altsetting 0
[  845.635371][ T9838] usb 10-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  845.645031][ T9838] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  845.653427][ T9838] usb 10-1: Product: syz
[  845.658971][ T9838] usb 10-1: Manufacturer: syz
[  845.663930][ T9838] usb 10-1: SerialNumber: syz
[  845.805523][ T6914] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  845.888081][ T9838] usb 10-1: config 0 descriptor??
[  846.078070][ T6914] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  846.093408][ T6914] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  846.103379][ T6914] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  846.250732][ T6914] usb 3-1: config 0 descriptor??
[  846.288566][ T6914] pwc: Askey VC010 type 2 USB webcam detected.
[  846.301016][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  846.301016][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  846.316520][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  846.349372][ T4603] hfsplus: b-tree write err: -5, ino 4
[  846.475007][ T9838] f81534 10-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  846.483236][ T9838] f81534 10-1:0.12: f81534_find_config_idx: read failed: -71
[  846.491291][ T9838] f81534 10-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  846.501303][ T9838] f81534 10-1:0.12: probe with driver f81534 failed with error -71
[  846.673967][ T6914] pwc: recv_control_msg error -32 req 02 val 2b00
[  846.740357][ T6914] pwc: recv_control_msg error -32 req 02 val 2700
[  846.760603][ T6914] pwc: recv_control_msg error -32 req 02 val 2c00
[  846.815238][ T6914] pwc: recv_control_msg error -32 req 04 val 1000
[  846.823476][ T9838] usb 10-1: USB disconnect, device number 71
[  846.886875][ T6914] pwc: recv_control_msg error -32 req 04 val 1300
[  846.917567][ T6914] pwc: recv_control_msg error -32 req 04 val 1400
[  846.986601][ T6914] pwc: recv_control_msg error -32 req 02 val 2000
[  847.060652][ T6914] pwc: recv_control_msg error -32 req 02 val 2100
[  847.174975][ T9889] usb 1-1: USB disconnect, device number 23
[  847.425315][T10330] QAT: Stopping all acceleration devices.
[  847.435839][ T6914] pwc: recv_control_msg error -32 req 04 val 1500
[  847.511002][T10330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  847.521330][T10330] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  847.535793][ T6914] pwc: recv_control_msg error -32 req 02 val 2500
[  847.782088][ T6914] pwc: recv_control_msg error -32 req 02 val 2400
[  847.870709][ T6914] pwc: recv_control_msg error -32 req 02 val 2600
[  847.951405][ T6914] pwc: recv_control_msg error -32 req 02 val 2900
[  848.303076][T10334] loop0: detected capacity change from 0 to 1024
[  848.403230][T10334] EXT4-fs: Ignoring removed i_version option
[  848.669072][T10334] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  848.767618][T10337] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1116'.
[  848.777325][T10337] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1116'.
[  848.791865][T10337] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1116'.
[  848.803084][T10337] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1116'.
[  848.926058][ T9838] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  849.210801][ T9838] usb 2-1: Using ep0 maxpacket: 32
[  849.315946][ T9838] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  849.327617][ T9838] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  849.338217][ T9838] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  849.611946][ T9838] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice=fa.00
[  849.621923][ T9838] usb 2-1: New USB device strings: Mfr=109, Product=0, SerialNumber=0
[  849.631009][ T9838] usb 2-1: Manufacturer: syz
[  849.677504][ T6914] pwc: recv_control_msg error -71 req 02 val 2800
[  849.697006][ T8716] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  849.716979][ T6914] pwc: recv_control_msg error -71 req 04 val 1100
[  849.725010][ T6914] pwc: recv_control_msg error -71 req 04 val 1200
[  849.736826][ T6914] pwc: Registered as video103.
[  849.745906][ T6914] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input41
[  849.763299][ T9838] usb 2-1: config 0 descriptor??
[  849.956655][ T6914] usb 3-1: USB disconnect, device number 43
[  850.782559][ T9838] usbhid 2-1:0.0: can't add hid device: -71
[  850.790110][ T9838] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  850.903818][ T9838] usb 2-1: USB disconnect, device number 65
[  850.996540][T10355] loop4: detected capacity change from 0 to 16
[  851.104941][T10355] erofs (device loop4): mounted with root inode @ nid 36.
[  851.145390][ T6914] usb 10-1: new high-speed USB device number 72 using dummy_hcd
[  851.353282][ T6914] usb 10-1: Using ep0 maxpacket: 8
[  851.366460][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  851.366460][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  851.380791][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  851.435622][ T6914] usb 10-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  851.620677][ T6914] usb 10-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  851.630749][ T6914] usb 10-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  851.640663][ T6914] usb 10-1: Product: syz
[  851.645370][ T6914] usb 10-1: Manufacturer: syz
[  851.656917][ T6914] usb 10-1: SerialNumber: syz
[  851.933481][ T6914] usb 10-1: config 0 descriptor??
[  852.327869][T10360] loop2: detected capacity change from 0 to 1024
[  852.387712][T10360] EXT4-fs: Ignoring removed i_version option
[  852.474095][T10366] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1123'.
[  852.708029][T10360] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  852.973159][   T30] audit: type=1800 audit(1743089160.068:52): pid=10360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1122" name="file1" dev="loop2" ino=15 res=0 errno=0
[  853.344878][T10366] loop4: detected capacity change from 0 to 32768
[  853.361640][T10366] (syz.4.1123,10366,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  853.376563][T10366] (syz.4.1123,10366,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  853.400565][ T6914] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  853.542351][T10366] JBD2: Ignoring recovery information on journal
[  853.688460][T10366] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  853.734614][ T6914] usb 1-1: Using ep0 maxpacket: 32
[  853.808459][ T6914] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  853.817570][ T6914] usb 1-1: config 0 has no interface number 0
[  853.824015][ T6914] usb 1-1: config 0 interface 12 has no altsetting 0
[  853.828279][ T6823] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  854.045590][ T6914] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  854.055414][ T6914] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  854.063717][ T6914] usb 1-1: Product: syz
[  854.068436][ T6914] usb 1-1: Manufacturer: syz
[  854.073495][ T6914] usb 1-1: SerialNumber: syz
[  854.206697][ T9838] usb 10-1: USB disconnect, device number 72
[  854.275878][ T8554] ocfs2: Unmounting device (7,4) on (node local)
[  854.276969][ T6914] usb 1-1: config 0 descriptor??
[  854.287737][T10378] FAULT_INJECTION: forcing a failure.
[  854.287737][T10378] name failslab, interval 1, probability 0, space 0, times 0
[  854.301243][T10378] CPU: 0 UID: 0 PID: 10378 Comm: syz.1.1126 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  854.301405][T10378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  854.301494][T10378] Call Trace:
[  854.301548][T10378]  <TASK>
[  854.301616][T10378]  dump_stack_lvl+0x216/0x2d0
[  854.301819][T10378]  dump_stack+0x1e/0x24
[  854.301984][T10378]  should_fail_ex+0x77b/0x840
[  854.302195][T10378]  should_failslab+0x17f/0x210
[  854.302406][T10378]  kmem_cache_alloc_lru_noprof+0xf5/0xe30
[  854.302582][T10378]  ? kmsan_get_metadata+0x13e/0x1c0
[  854.302785][T10378]  ? sock_alloc_inode+0x62/0x150
[  854.302974][T10378]  ? kmsan_get_metadata+0x13e/0x1c0
[  854.303208][T10378]  sock_alloc_inode+0x62/0x150
[  854.303391][T10378]  ? __pfx_sock_alloc_inode+0x10/0x10
[  854.303579][T10378]  alloc_inode+0x8a/0x470
[  854.303793][T10378]  __sock_create+0x201/0xf10
[  854.303993][T10378]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  854.304225][T10378]  __sys_socket+0x145/0x680
[  854.304408][T10378]  ? kmsan_get_metadata+0x13e/0x1c0
[  854.304629][T10378]  __x64_sys_socket+0x8e/0xe0
[  854.304834][T10378]  x64_sys_call+0x3229/0x3c80
[  854.305036][T10378]  do_syscall_64+0xcd/0x1e0
[  854.305223][T10378]  ? clear_bhb_loop+0x25/0x80
[  854.305383][T10378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.305541][T10378] RIP: 0033:0x7fdd1878d169
[  854.305645][T10378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.305769][T10378] RSP: 002b:00007fdd19689038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  854.305908][T10378] RAX: ffffffffffffffda RBX: 00007fdd189a5fa0 RCX: 00007fdd1878d169
[  854.306016][T10378] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000022
[  854.306108][T10378] RBP: 00007fdd19689090 R08: 0000000000000000 R09: 0000000000000000
[  854.306194][T10378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  854.306279][T10378] R13: 0000000000000001 R14: 00007fdd189a5fa0 R15: 00007ffe5f1a6698
[  854.306408][T10378]  </TASK>
[  854.518648][T10378] socket: no more sockets
[  854.569866][ T6914] f81534 1-1:0.12: required endpoints missing
[  854.983540][T10382] loop2: detected capacity change from 0 to 1764
[  855.444639][ T9889] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  855.705192][ T9889] usb 3-1: unable to get BOS descriptor or descriptor too short
[  855.742094][ T9889] usb 3-1: config 81 has an invalid interface number: 13 but max is 0
[  855.755913][ T9889] usb 3-1: config 81 has an invalid descriptor of length 0, skipping remainder of the config
[  855.768296][ T9889] usb 3-1: config 81 has no interface number 0
[  855.775024][ T9889] usb 3-1: config 81 interface 13 has no altsetting 0
[  855.852859][T10390] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1130'.
[  855.862931][T10390] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1130'.
[  855.872531][T10390] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1130'.
[  855.882054][T10390] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1130'.
[  855.946707][T10389] loop1: detected capacity change from 0 to 128
[  856.050798][ T9889] usb 3-1: New USB device found, idVendor=12d1, idProduct=0ec1, bcdDevice=29.23
[  856.065793][ T9889] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  856.076268][ T9889] usb 3-1: Product: syz
[  856.080718][ T9889] usb 3-1: Manufacturer: syz
[  856.086037][ T9889] usb 3-1: SerialNumber: syz
[  856.271704][T10389] tipc: Started in network mode
[  856.277887][T10389] tipc: Node identity 4, cluster identity 4711
[  856.284572][T10389] tipc: Node number set to 4
[  856.405884][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  856.405884][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  856.420078][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  856.589310][ T9889] qmi_wwan 3-1:81.13: bogus CDC Union: master=0, slave=1
[  856.624857][ T9838] usb 1-1: USB disconnect, device number 24
[  856.661832][ T9889] qmi_wwan 3-1:81.13: probe with driver qmi_wwan failed with error -22
[  856.845133][ T9889] usb 3-1: USB disconnect, device number 44
[  857.209582][T10399] loop9: detected capacity change from 0 to 16
[  857.400665][T10399] erofs (device loop9): mounted with root inode @ nid 36.
[  857.939506][T10405] FAULT_INJECTION: forcing a failure.
[  857.939506][T10405] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  857.953592][T10405] CPU: 0 UID: 0 PID: 10405 Comm: syz.4.1128 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  857.953748][T10405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  857.953836][T10405] Call Trace:
[  857.953888][T10405]  <TASK>
[  857.953944][T10405]  dump_stack_lvl+0x216/0x2d0
[  857.954142][T10405]  dump_stack+0x1e/0x24
[  857.954309][T10405]  should_fail_ex+0x77b/0x840
[  857.954518][T10405]  should_fail+0x2a/0x40
[  857.954682][T10405]  should_fail_usercopy+0x2e/0x40
[  857.954876][T10405]  _copy_to_user+0x34/0x120
[  857.955063][T10405]  simple_read_from_buffer+0x199/0x340
[  857.955284][T10405]  proc_fail_nth_read+0x1e5/0x2c0
[  857.955487][T10405]  vfs_read+0x29f/0xf70
[  857.955656][T10405]  ? stack_depot_save_flags+0x2c/0x750
[  857.955834][T10405]  ? kmsan_get_metadata+0x13e/0x1c0
[  857.956036][T10405]  ? kmsan_internal_set_shadow_origin+0x6c/0x100
[  857.956231][T10405]  ? kmsan_get_metadata+0x13e/0x1c0
[  857.956427][T10405]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  857.956650][T10405]  ksys_read+0x240/0x4b0
[  857.956822][T10405]  ? kmsan_get_metadata+0x13e/0x1c0
[  857.957033][T10405]  __x64_sys_read+0x93/0xe0
[  857.957221][T10405]  x64_sys_call+0x34c9/0x3c80
[  857.957417][T10405]  do_syscall_64+0xcd/0x1e0
[  857.957603][T10405]  ? clear_bhb_loop+0x25/0x80
[  857.957760][T10405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.957920][T10405] RIP: 0033:0x7fb313d8bb7c
[  857.958032][T10405] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  857.958163][T10405] RSP: 002b:00007fb314ca9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  857.958307][T10405] RAX: ffffffffffffffda RBX: 00007fb313fa5fa0 RCX: 00007fb313d8bb7c
[  857.958415][T10405] RDX: 000000000000000f RSI: 00007fb314ca90a0 RDI: 0000000000000004
[  857.958516][T10405] RBP: 00007fb314ca9090 R08: 0000000000000000 R09: 0000000000000000
[  857.958609][T10405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  857.958700][T10405] R13: 0000000000000000 R14: 00007fb313fa5fa0 R15: 00007ffd0a45f628
[  857.958833][T10405]  </TASK>
[  858.484683][ T5839] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  858.674921][ T5839] usb 2-1: Using ep0 maxpacket: 32
[  858.701080][ T5839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  858.712563][ T5839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  858.727965][ T5839] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  858.935941][T10412] loop9: detected capacity change from 0 to 2048
[  858.946468][T10412] udf: Unknown parameter 'Footdir'
[  859.913790][T10412] loop9: detected capacity change from 0 to 32768
[  859.926407][ T5839] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice=fa.00
[  859.936052][ T5839] usb 2-1: New USB device strings: Mfr=109, Product=0, SerialNumber=0
[  859.949114][ T5839] usb 2-1: Manufacturer: syz
[  860.027858][ T5839] usb 2-1: config 0 descriptor??
[  860.107445][T10412] XFS (loop9): Realtime group size (0) must be at least 2 rt extents.
[  860.116579][T10412] XFS (loop9): SB validate failed with error -22.
[  860.310789][ T9838] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  860.566473][ T9838] usb 3-1: Using ep0 maxpacket: 8
[  860.769791][ T9838] usb 3-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  860.779632][ T9838] usb 3-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  860.788217][ T9838] usb 3-1: Product: syz
[  860.792748][ T9838] usb 3-1: Manufacturer: syz
[  860.797749][ T9838] usb 3-1: SerialNumber: syz
[  860.883552][T10425] loop0: detected capacity change from 0 to 64
[  861.013213][ T9838] usb 3-1: config 0 descriptor??
[  861.067726][ T5839] usbhid 2-1:0.0: can't add hid device: -71
[  861.081612][ T5839] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  861.131273][T10425] FAULT_INJECTION: forcing a failure.
[  861.131273][T10425] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  861.145572][T10425] CPU: 1 UID: 0 PID: 10425 Comm: syz.0.1140 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  861.145740][T10425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  861.145827][T10425] Call Trace:
[  861.145881][T10425]  <TASK>
[  861.145935][T10425]  dump_stack_lvl+0x216/0x2d0
[  861.146129][T10425]  dump_stack+0x1e/0x24
[  861.146295][T10425]  should_fail_ex+0x77b/0x840
[  861.146509][T10425]  should_fail+0x2a/0x40
[  861.146684][T10425]  should_fail_usercopy+0x2e/0x40
[  861.146880][T10425]  _copy_to_user+0x34/0x120
[  861.147078][T10425]  simple_read_from_buffer+0x199/0x340
[  861.147324][T10425]  proc_fail_nth_read+0x1e5/0x2c0
[  861.147532][T10425]  vfs_read+0x29f/0xf70
[  861.147704][T10425]  ? stack_depot_save_flags+0x2c/0x750
[  861.147887][T10425]  ? kmsan_get_metadata+0x13e/0x1c0
[  861.148097][T10425]  ? kmsan_internal_set_shadow_origin+0x6c/0x100
[  861.148302][T10425]  ? kmsan_get_metadata+0x13e/0x1c0
[  861.148510][T10425]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  861.148735][T10425]  ksys_read+0x240/0x4b0
[  861.148909][T10425]  ? kmsan_get_metadata+0x13e/0x1c0
[  861.149136][T10425]  __x64_sys_read+0x93/0xe0
[  861.149328][T10425]  x64_sys_call+0x34c9/0x3c80
[  861.149535][T10425]  do_syscall_64+0xcd/0x1e0
[  861.149714][T10425]  ? clear_bhb_loop+0x25/0x80
[  861.149877][T10425]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.150030][T10425] RIP: 0033:0x7f095a38bb7c
[  861.150139][T10425] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  861.150271][T10425] RSP: 002b:00007f095b1e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  861.150411][T10425] RAX: ffffffffffffffda RBX: 00007f095a5a5fa0 RCX: 00007f095a38bb7c
[  861.150531][T10425] RDX: 000000000000000f RSI: 00007f095b1e70a0 RDI: 0000000000000005
[  861.150622][T10425] RBP: 00007f095b1e7090 R08: 0000000000000000 R09: 0000000000000000
[  861.150718][T10425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  861.150808][T10425] R13: 0000000000000000 R14: 00007f095a5a5fa0 R15: 00007ffc7ae8a568
[  861.150938][T10425]  </TASK>
[  861.223269][ T5839] usb 2-1: USB disconnect, device number 66
[  861.268192][ T9838] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  861.497879][T10427] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1136'.
[  861.510629][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  861.510629][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  861.525386][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  861.770856][ T9838] gspca_zc3xx: reg_r err -32
[  861.776383][ T9838] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -32
[  861.918642][ T9838] usb 3-1: USB disconnect, device number 45
[  862.575227][ T5839] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  862.823571][ T5839] usb 1-1: Using ep0 maxpacket: 32
[  862.855752][T10437] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1143'.
[  862.865800][T10437] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1143'.
[  862.875476][T10437] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1143'.
[  862.884895][T10437] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1143'.
[  862.910336][ T5839] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  862.923635][ T5839] usb 1-1: config 0 has no interface number 0
[  862.931722][ T5839] usb 1-1: config 0 interface 12 has no altsetting 0
[  863.215866][ T5839] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  863.229779][ T5839] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  863.239724][ T5839] usb 1-1: Product: syz
[  863.244405][ T5839] usb 1-1: Manufacturer: syz
[  863.249292][ T5839] usb 1-1: SerialNumber: syz
[  863.417651][ T5839] usb 1-1: config 0 descriptor??
[  863.484603][ T5839] f81534 1-1:0.12: required endpoints missing
[  863.794973][ T9838] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  864.060499][ T9838] usb 5-1: Using ep0 maxpacket: 16
[  864.127478][ T9838] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  864.138545][ T9838] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  864.156584][ T9838] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  864.168935][ T9838] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  864.561579][ T9838] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  864.571272][ T9838] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  864.579886][ T9838] usb 5-1: Product: syz
[  864.584440][ T9838] usb 5-1: Manufacturer: syz
[  864.589400][ T9838] usb 5-1: SerialNumber: syz
[  865.541598][T10458] loop9: detected capacity change from 0 to 1024
[  865.631041][T10458] EXT4-fs: Ignoring removed i_version option
[  865.676076][ T9838] usb 5-1: USB disconnect, device number 29
[  865.947039][T10458] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  866.544939][ T9838] usb 1-1: USB disconnect, device number 25
[  866.563289][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  866.563289][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  866.578409][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  867.084974][ T6518] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  867.607339][ T5839] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  867.874701][ T5839] usb 3-1: Using ep0 maxpacket: 32
[  867.965234][ T5839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  867.977890][ T5839] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  867.988480][ T5839] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  868.348872][ T5839] usb 3-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice=fa.00
[  868.358847][ T5839] usb 3-1: New USB device strings: Mfr=109, Product=0, SerialNumber=0
[  868.367679][ T5839] usb 3-1: Manufacturer: syz
[  868.464695][ T9838] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  868.603126][ T5839] usb 3-1: config 0 descriptor??
[  868.674796][ T9838] usb 2-1: Using ep0 maxpacket: 8
[  868.881834][ T9838] usb 2-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  868.891719][ T9838] usb 2-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  868.901036][ T9838] usb 2-1: Product: syz
[  868.905592][ T9838] usb 2-1: Manufacturer: syz
[  868.910457][ T9838] usb 2-1: SerialNumber: syz
[  869.000805][T10484] capability: warning: `syz.4.1156' uses deprecated v2 capabilities in a way that may be insecure
[  869.240778][ T9838] usb 2-1: config 0 descriptor??
[  869.334463][ T7230] udevd[7230]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  869.381703][ T9838] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  869.892419][ T5839] usbhid 3-1:0.0: can't add hid device: -71
[  869.901279][ T5839] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  869.996514][ T9838] gspca_zc3xx: reg_r err -32
[  870.001670][ T9838] gspca_zc3xx 2-1:0.0: probe with driver gspca_zc3xx failed with error -32
[  870.045781][ T5839] usb 3-1: USB disconnect, device number 46
[  870.116736][T10486] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1157'.
[  870.126927][T10486] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1157'.
[  870.136575][T10486] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1157'.
[  870.146213][T10486] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1157'.
[  870.279505][ T9838] usb 2-1: USB disconnect, device number 67
[  871.586439][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  871.586439][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  871.601015][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  871.661385][T10496] Bluetooth: MGMT ver 1.23
[  871.854924][ T5839] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  871.864864][ T9838] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  872.104672][ T9838] usb 2-1: Using ep0 maxpacket: 16
[  872.112973][ T5839] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  872.124796][ T5839] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  872.139635][ T5839] usb 1-1: New USB device found, idVendor=0853, idProduct=0146, bcdDevice= 0.00
[  872.150779][ T5839] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  872.172289][ T9838] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  872.183531][ T9838] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  872.195871][ T9838] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  872.206372][ T9838] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  872.447508][ T5839] usb 1-1: config 0 descriptor??
[  872.476295][ T9838] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  872.486020][ T9838] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  872.495011][ T9838] usb 2-1: Product: syz
[  872.499699][ T9838] usb 2-1: Manufacturer: syz
[  872.504992][ T9838] usb 2-1: SerialNumber: syz
[  872.696469][ T6914] usb 10-1: new high-speed USB device number 73 using dummy_hcd
[  872.895866][ T6914] usb 10-1: Using ep0 maxpacket: 32
[  873.074045][ T6914] usb 10-1: config 0 has an invalid interface number: 12 but max is 0
[  873.082989][ T6914] usb 10-1: config 0 has no interface number 0
[  873.090117][ T6914] usb 10-1: config 0 interface 12 has no altsetting 0
[  873.130266][T10507] loop2: detected capacity change from 0 to 1024
[  873.142391][ T5839] topre 0003:0853:0146.0008: hidraw0: USB HID v0.00 Device [HID 0853:0146] on usb-dummy_hcd.0-1/input0
[  873.255393][T10507] EXT4-fs: Ignoring removed i_version option
[  873.368715][ T6914] usb 10-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  873.378797][ T6914] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  873.387401][ T6914] usb 10-1: Product: syz
[  873.392005][ T6914] usb 10-1: Manufacturer: syz
[  873.397113][ T6914] usb 10-1: SerialNumber: syz
[  873.487728][T10507] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  873.501465][ T9838] usb 2-1: USB disconnect, device number 68
[  873.515445][ T6914] usb 10-1: config 0 descriptor??
[  873.536525][ T6914] f81534 10-1:0.12: required endpoints missing
[  874.023797][ T6868] udevd[6868]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  874.172461][ T5839] usb 1-1: USB disconnect, device number 26
[  874.518406][ T6823] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  874.910650][T10521] loop1: detected capacity change from 0 to 64
[  875.810761][T10529] FAULT_INJECTION: forcing a failure.
[  875.810761][T10529] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  875.831495][T10529] CPU: 1 UID: 0 PID: 10529 Comm: syz.0.1168 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  875.831659][T10529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  875.831741][T10529] Call Trace:
[  875.831792][T10529]  <TASK>
[  875.831846][T10529]  dump_stack_lvl+0x216/0x2d0
[  875.832056][T10529]  dump_stack+0x1e/0x24
[  875.832222][T10529]  should_fail_ex+0x77b/0x840
[  875.832431][T10529]  should_fail+0x2a/0x40
[  875.832603][T10529]  should_fail_usercopy+0x2e/0x40
[  875.832790][T10529]  _copy_from_user+0x35/0x110
[  875.832982][T10529]  __sys_bpf+0x2dc/0xd90
[  875.833216][T10529]  __x64_sys_bpf+0xa0/0xe0
[  875.833399][T10529]  x64_sys_call+0x2a32/0x3c80
[  875.833598][T10529]  do_syscall_64+0xcd/0x1e0
[  875.833777][T10529]  ? clear_bhb_loop+0x25/0x80
[  875.833942][T10529]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  875.834102][T10529] RIP: 0033:0x7f095a38d169
[  875.834215][T10529] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  875.834340][T10529] RSP: 002b:00007f095b1e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  875.834478][T10529] RAX: ffffffffffffffda RBX: 00007f095a5a5fa0 RCX: 00007f095a38d169
[  875.834586][T10529] RDX: 0000000000000030 RSI: 00002000000003c0 RDI: 000000000000001c
[  875.834678][T10529] RBP: 00007f095b1e7090 R08: 0000000000000000 R09: 0000000000000000
[  875.834770][T10529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  875.834860][T10529] R13: 0000000000000000 R14: 00007f095a5a5fa0 R15: 00007ffc7ae8a568
[  875.834998][T10529]  </TASK>
[  876.292062][ T5839] usb 10-1: USB disconnect, device number 73
[  876.389258][T10531] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1169'.
[  876.398851][T10531] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1169'.
[  876.408331][T10531] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1169'.
[  876.417864][T10531] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1169'.
[  876.621355][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  876.621355][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  876.642742][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  877.064596][ T5839] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  877.096700][ T9889] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  877.181818][T10540] loop9: detected capacity change from 0 to 1024
[  877.294944][ T5839] usb 2-1: Using ep0 maxpacket: 32
[  877.304713][ T9889] usb 3-1: Using ep0 maxpacket: 8
[  877.344503][ T9838] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  877.389095][ T5839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  877.400950][ T5839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  877.411261][ T5839] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  877.517123][ T9889] usb 3-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  877.527240][ T9889] usb 3-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  877.535953][ T9889] usb 3-1: Product: syz
[  877.540495][ T9889] usb 3-1: Manufacturer: syz
[  877.545572][ T9889] usb 3-1: SerialNumber: syz
[  877.681341][ T5839] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice=fa.00
[  877.682156][ T9838] usb 1-1: Using ep0 maxpacket: 16
[  877.691356][ T5839] usb 2-1: New USB device strings: Mfr=109, Product=0, SerialNumber=0
[  877.705537][ T5839] usb 2-1: Manufacturer: syz
[  877.743006][ T9889] usb 3-1: config 0 descriptor??
[  877.852303][ T9838] usb 1-1: config 0 has an invalid interface number: 126 but max is 0
[  877.861922][ T9838] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  877.880036][ T9838] usb 1-1: config 0 has no interface number 0
[  877.888822][ T9838] usb 1-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  877.895485][ T9889] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  877.901728][ T9838] usb 1-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024
[  877.920016][ T9838] usb 1-1: config 0 interface 126 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  877.931457][ T9838] usb 1-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  877.943895][ T9838] usb 1-1: config 0 interface 126 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  877.955253][ T9838] usb 1-1: config 0 interface 126 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4
[  877.975155][ T9838] usb 1-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88
[  877.986684][ T9838] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  877.987994][ T5839] usb 2-1: config 0 descriptor??
[  878.011144][T10540] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  878.019391][T10540] hfsplus: xattr searching failed
[  878.036459][T10546] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1172'.
[  878.196807][ T9838] usb 1-1: config 0 descriptor??
[  878.207981][T10542] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  878.231982][ T9838] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  878.271603][T10544] loop4: detected capacity change from 0 to 512
[  878.291238][ T9889] gspca_zc3xx: reg_r err -32
[  878.296975][ T9889] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -32
[  878.343265][T10544] EXT4-fs: Ignoring removed nomblk_io_submit option
[  878.437130][T10544] EXT4-fs (loop4): Test dummy encryption mode enabled
[  878.565803][ T9889] usb 3-1: USB disconnect, device number 47
[  878.641404][T10544] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.1174: iget: bogus i_mode (0)
[  878.696844][T10544] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.1174: couldn't read orphan inode 15 (err -117)
[  878.796950][ T9838] usb 1-1: USB disconnect, device number 27
[  878.815151][ T6914] usb 10-1: new high-speed USB device number 74 using dummy_hcd
[  878.829961][T10544] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  878.944872][ T5839] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0458:5011.0009/input/input42
[  879.105961][ T6914] usb 10-1: Using ep0 maxpacket: 16
[  879.260852][ T6914] usb 10-1: config 1 has an invalid interface number: 244 but max is 1
[  879.269905][ T6914] usb 10-1: config 1 has an invalid interface number: 170 but max is 1
[  879.278748][ T6914] usb 10-1: config 1 has an invalid interface number: 67 but max is 1
[  879.282524][ T5839] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0458:5011.0009/input/input43
[  879.287247][ T6914] usb 10-1: config 1 has 3 interfaces, different from the descriptor's value: 2
[  879.287393][ T6914] usb 10-1: config 1 has no interface number 0
[  879.323307][ T6914] usb 10-1: config 1 has no interface number 1
[  879.330305][ T6914] usb 10-1: config 1 has no interface number 2
[  879.336967][ T6914] usb 10-1: config 1 interface 244 altsetting 6 has an invalid descriptor for endpoint zero, skipping
[  879.348390][ T6914] usb 10-1: config 1 interface 244 altsetting 6 has an endpoint descriptor with address 0xB4, changing to 0x84
[  879.360568][ T6914] usb 10-1: config 1 interface 244 altsetting 6 endpoint 0x84 has invalid maxpacket 39167, setting to 64
[  879.372306][ T6914] usb 10-1: config 1 interface 244 altsetting 6 has 3 endpoint descriptors, different from the interface descriptor's value: 13
[  879.386822][ T6914] usb 10-1: too many endpoints for config 1 interface 170 altsetting 121: 243, using maximum allowed: 30
[  879.405533][ T6914] usb 10-1: config 1 interface 170 altsetting 121 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  879.419397][ T6914] usb 10-1: config 1 interface 170 altsetting 121 endpoint 0x9 has invalid wMaxPacketSize 0
[  879.430143][ T6914] usb 10-1: config 1 interface 170 altsetting 121 bulk endpoint 0x9 has invalid maxpacket 0
[  879.440929][ T6914] usb 10-1: config 1 interface 170 altsetting 121 has a duplicate endpoint with address 0xD, skipping
[  879.452521][ T6914] usb 10-1: config 1 interface 170 altsetting 121 has a duplicate endpoint with address 0x9, skipping
[  879.465098][ T6914] usb 10-1: config 1 interface 170 altsetting 121 has an endpoint descriptor with address 0xB4, changing to 0x84
[  879.478048][ T6914] usb 10-1: config 1 interface 170 altsetting 121 has a duplicate endpoint with address 0x84, skipping
[  879.489696][ T6914] usb 10-1: config 1 interface 170 altsetting 121 has a duplicate endpoint with address 0x3, skipping
[  879.507484][ T6914] usb 10-1: config 1 interface 170 altsetting 121 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  879.521605][ T6914] usb 10-1: config 1 interface 170 altsetting 121 endpoint 0x2 has invalid maxpacket 3059, setting to 64
[  879.533756][ T6914] usb 10-1: config 1 interface 170 altsetting 121 has 11 endpoint descriptors, different from the interface descriptor's value: 243
[  879.547908][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has a duplicate endpoint with address 0xB, skipping
[  879.559464][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has a duplicate endpoint with address 0x1, skipping
[  879.570903][ T6914] usb 10-1: config 1 interface 67 altsetting 128 endpoint 0xE has invalid maxpacket 1024, setting to 64
[  879.583235][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has an endpoint descriptor with address 0xB4, changing to 0x84
[  879.595512][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has a duplicate endpoint with address 0x84, skipping
[  879.613038][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has a duplicate endpoint with address 0x8E, skipping
[  879.626571][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has a duplicate endpoint with address 0xE, skipping
[  879.637888][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has a duplicate endpoint with address 0x4, skipping
[  879.649278][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has a duplicate endpoint with address 0xD, skipping
[  879.660571][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has an invalid descriptor for endpoint zero, skipping
[  879.672342][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has a duplicate endpoint with address 0x4, skipping
[  879.683713][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has an invalid descriptor for endpoint zero, skipping
[  879.695194][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has a duplicate endpoint with address 0x5, skipping
[  879.712662][ T6914] usb 10-1: config 1 interface 67 altsetting 128 has a duplicate endpoint with address 0x6, skipping
[  879.726095][ T6914] usb 10-1: config 1 interface 244 has no altsetting 0
[  879.733259][ T6914] usb 10-1: config 1 interface 170 has no altsetting 0
[  879.745248][ T6914] usb 10-1: config 1 interface 67 has no altsetting 0
[  879.798365][ T6716] udevd[6716]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.126/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  879.904619][ T9838] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  880.057872][ T5839] kye 0003:0458:5011.0009: input,hiddev0,hidraw0: USB HID v0.00 Mouse [syz] on usb-dummy_hcd.1-1/input0
[  880.132969][ T9838] usb 5-1: Using ep0 maxpacket: 32
[  880.227682][ T9838] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  880.238511][ T9838] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  880.420303][ T9838] usb 5-1: config 0 descriptor??
[  880.544930][ T8576] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  880.571527][ T9838] gspca_main: nw80x-2.14.0 probing 055f:d001
[  880.728466][ T6914] usb 10-1: New USB device found, idVendor=257a, idProduct=2608, bcdDevice=83.73
[  880.745295][ T6914] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  880.856566][ T3678] hfsplus: b-tree write err: -5, ino 4
[  880.914689][ T5839] usb 2-1: USB disconnect, device number 69
[  881.095132][ T9838] gspca_nw80x: reg_w err -110
[  881.100388][ T9838] nw80x 5-1:0.0: probe with driver nw80x failed with error -110
[  881.174483][ T6914] usb 10-1: can't set config #1, error -71
[  881.290608][ T6914] usb 10-1: USB disconnect, device number 74
[  881.354644][ T9889] usb 5-1: USB disconnect, device number 30
[  881.443006][T10558] mmap: syz.0.1176 (10558) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  881.569007][ T8554] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  881.734924][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  881.734924][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  881.749051][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  881.804735][T10556] loop1: detected capacity change from 0 to 1024
[  882.078245][T10556] EXT4-fs: Ignoring removed i_version option
[  882.505195][T10556] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  883.427037][ T6876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  883.540458][T10570] loop2: detected capacity change from 0 to 256
[  883.568334][T10570] exfat: Deprecated parameter 'namecase'
[  884.081582][T10570] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  884.183424][ T6914] usb 10-1: new high-speed USB device number 75 using dummy_hcd
[  884.414997][ T6914] usb 10-1: Using ep0 maxpacket: 32
[  884.511442][ T6914] usb 10-1: config 0 has an invalid interface number: 12 but max is 0
[  884.526823][ T6914] usb 10-1: config 0 has no interface number 0
[  884.537203][ T6914] usb 10-1: config 0 interface 12 has no altsetting 0
[  884.655874][ T6914] usb 10-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  884.666024][ T6914] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  884.674715][ T6914] usb 10-1: Product: syz
[  884.679230][ T6914] usb 10-1: Manufacturer: syz
[  884.685007][ T6914] usb 10-1: SerialNumber: syz
[  884.719866][ T9838] usb 2-1: new full-speed USB device number 70 using dummy_hcd
[  884.849774][ T6914] usb 10-1: config 0 descriptor??
[  885.066645][ T9838] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  885.079722][ T9838] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  885.092043][ T9838] usb 2-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x2F, changing to 0xF
[  885.104431][ T9838] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 29557, setting to 64
[  885.116232][ T9838] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  885.520833][ T9838] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  885.530797][ T9838] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  885.539518][ T9838] usb 2-1: SerialNumber: syz
[  885.694751][ T6914] f81534 10-1:0.12: f81534_set_register: reg: 1003 data: 20 failed: -71
[  885.703724][ T6914] f81534 10-1:0.12: f81534_find_config_idx: read failed: -71
[  885.714069][ T6914] f81534 10-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  885.722627][ T6914] f81534 10-1:0.12: probe with driver f81534 failed with error -71
[  885.808157][T10579] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  885.890749][T10579] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  885.991491][ T9838] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[  886.106644][ T6914] usb 10-1: USB disconnect, device number 75
[  886.300418][ T9838] cdc_acm 2-1:1.0: ttyACM0: USB ACM device
[  886.344879][ T5839] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  886.423111][ T9838] usb 2-1: USB disconnect, device number 70
[  886.584682][ T5839] usb 5-1: Using ep0 maxpacket: 32
[  886.667228][ T5839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  886.683715][ T5839] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  886.695535][ T5839] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  886.804901][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  886.804901][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  886.820938][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  887.071317][ T5839] usb 5-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice=fa.00
[  887.086580][ T5839] usb 5-1: New USB device strings: Mfr=109, Product=0, SerialNumber=0
[  887.096889][ T5839] usb 5-1: Manufacturer: syz
[  887.223161][ T5839] usb 5-1: config 0 descriptor??
[  887.987406][ T9838] usb 10-1: new high-speed USB device number 76 using dummy_hcd
[  888.282246][ T9838] usb 10-1: config 220 has an invalid interface number: 76 but max is 2
[  888.291275][ T9838] usb 10-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  888.301478][ T9838] usb 10-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  888.318483][ T9838] usb 10-1: config 220 has no interface number 2
[  888.327269][ T9838] usb 10-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  888.340033][ T5839] input: syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5011.000A/input/input44
[  888.341221][ T9838] usb 10-1: config 220 interface 0 has no altsetting 0
[  888.359164][ T9838] usb 10-1: config 220 interface 76 has no altsetting 0
[  888.366625][ T9838] usb 10-1: config 220 interface 1 has no altsetting 0
[  888.612289][ T5839] input: syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5011.000A/input/input45
[  889.005326][ T9838] usb 10-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  889.015686][ T9838] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  889.031349][ T9838] usb 10-1: Product: syz
[  889.038040][ T9838] usb 10-1: Manufacturer: syz
[  889.043006][ T9838] usb 10-1: SerialNumber: syz
[  889.086858][ T5839] kye 0003:0458:5011.000A: input,hiddev0,hidraw0: USB HID v0.00 Mouse [syz] on usb-dummy_hcd.4-1/input0
[  889.273535][ T5839] usb 5-1: USB disconnect, device number 31
[  889.726132][ T9838] usb 10-1: selecting invalid altsetting 0
[  889.739041][ T9838] usb 10-1: Found UVC 7.01 device syz (8086:0b07)
[  889.755504][ T9838] usb 10-1: No valid video chain found.
[  891.241573][ T9838] usb 10-1: selecting invalid altsetting 0
[  891.247992][ T9838] usbtest 10-1:220.1: probe with driver usbtest failed with error -22
[  891.390688][ T9838] usb 10-1: USB disconnect, device number 76
[  891.707021][T10619] process 'syz.1.1193' launched '/dev/fd/4' with NULL argv: empty string added
[  891.835360][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  891.835360][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  891.849917][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  891.931696][T10619] loop9: detected capacity change from 0 to 7
[  891.974028][T10619] Buffer I/O error on dev loop9, logical block 0, async page read
[  891.982998][T10619] Buffer I/O error on dev loop9, logical block 0, async page read
[  891.991813][T10619] Buffer I/O error on dev loop9, logical block 0, async page read
[  892.008980][T10619] Buffer I/O error on dev loop9, logical block 0, async page read
[  892.020076][T10619] Buffer I/O error on dev loop9, logical block 0, async page read
[  892.028686][T10619] Buffer I/O error on dev loop9, logical block 0, async page read
[  892.038062][T10619] Buffer I/O error on dev loop9, logical block 0, async page read
[  892.046490][T10619] ldm_validate_partition_table(): Disk read failed.
[  892.053482][T10619] Buffer I/O error on dev loop9, logical block 0, async page read
[  892.061989][T10619] Buffer I/O error on dev loop9, logical block 0, async page read
[  892.070497][T10619] Dev loop9: unable to read RDB block 0
[  892.076906][T10619]  loop9: unable to read partition table
[  892.258106][T10619] loop9: partition table beyond EOD, truncated
[  892.266434][T10619] loop_reread_partitions: partition scan of loop9 (�被������ڬ��dƤ����ݡ�����
[  892.266434][T10619] 
U�������) failed (rc=-5)
[  892.805376][T10631] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1197'.
[  892.820547][T10631] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1197'.
[  892.832619][T10631] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1197'.
[  892.842738][T10631] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1197'.
[  893.564640][ T9838] usb 10-1: new high-speed USB device number 77 using dummy_hcd
[  893.785721][ T5839] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  893.804972][ T9838] usb 10-1: Using ep0 maxpacket: 8
[  894.040856][ T5839] usb 2-1: Using ep0 maxpacket: 32
[  894.130467][ T5839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  894.142220][ T5839] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  894.157007][ T5839] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  894.209578][ T9838] usb 10-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  894.220108][ T9838] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  894.228841][ T9838] usb 10-1: Product: syz
[  894.233396][ T9838] usb 10-1: Manufacturer: syz
[  894.238647][ T9838] usb 10-1: SerialNumber: syz
[  894.389250][ T5839] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice=fa.00
[  894.399041][ T5839] usb 2-1: New USB device strings: Mfr=109, Product=0, SerialNumber=0
[  894.407764][ T5839] usb 2-1: Manufacturer: syz
[  894.408140][T10645] loop4: detected capacity change from 0 to 1024
[  894.546546][ T5839] usb 2-1: config 0 descriptor??
[  894.584584][ T9838] usb 10-1: config 0 descriptor??
[  894.935637][ T9838] usb 10-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  895.221179][T10655] macvlan0: entered allmulticast mode
[  895.227598][T10655] veth1_vlan: entered allmulticast mode
[  895.896275][ T5839] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0458:5011.000B/input/input46
[  896.272333][ T5839] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0458:5011.000B/input/input47
[  896.772064][ T5839] kye 0003:0458:5011.000B: input,hiddev0,hidraw0: USB HID v0.00 Mouse [syz] on usb-dummy_hcd.1-1/input0
[  896.902823][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  896.902823][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  896.923577][ T8574] buffer_io_error: 5 callbacks suppressed
[  896.923653][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  896.969997][ T5839] usb 2-1: USB disconnect, device number 71
[  897.649457][ T9838] usb 10-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  897.662030][ T9838] dvbdev: DVB: registering new adapter (TerraTec NOXON DAB Stick)
[  897.670354][ T9838] usb 10-1: media controller created
[  897.812582][ T9838] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  899.626141][T10677] loop1: detected capacity change from 0 to 1024
[  899.710938][ T9838] i2c i2c-1: Added multiplexed i2c bus 2
[  899.717238][ T9838] rtl2832 1-0010: Realtek RTL2832 successfully attached
[  899.728591][ T9838] usb 10-1: DVB: registering adapter 1 frontend 0 (Realtek RTL2832 (DVB-T))...
[  899.739208][ T9838] dvbdev: dvb_create_media_entity: media entity 'Realtek RTL2832 (DVB-T)' registered.
[  900.100462][T10682] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1212'.
[  900.109961][T10682] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1212'.
[  900.119631][T10682] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1212'.
[  900.129142][T10682] netlink: 36 bytes leftover after parsing attributes in process `syz.9.1212'.
[  900.670869][ T9838] DVB: Unable to find symbol r820t_attach()
[  900.792818][ T9776] hfsplus: b-tree write err: -5, ino 4
[  901.604863][T10701] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1216'.
[  901.640255][ T6914] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  901.712593][T10701] FAULT_INJECTION: forcing a failure.
[  901.712593][T10701] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  901.713346][ T9838] usb 10-1: USB disconnect, device number 77
[  901.731566][T10701] CPU: 0 UID: 0 PID: 10701 Comm: syz.1.1216 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  901.731734][T10701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  901.731825][T10701] Call Trace:
[  901.731880][T10701]  <TASK>
[  901.731932][T10701]  dump_stack_lvl+0x216/0x2d0
[  901.732138][T10701]  dump_stack+0x1e/0x24
[  901.732306][T10701]  should_fail_ex+0x77b/0x840
[  901.732512][T10701]  should_fail+0x2a/0x40
[  901.732673][T10701]  should_fail_usercopy+0x2e/0x40
[  901.732868][T10701]  _copy_from_user+0x35/0x110
[  901.733098][T10701]  ___sys_sendmsg+0x120/0x3c0
[  901.733275][T10701]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  901.733515][T10701]  ? __rcu_read_unlock+0x7b/0xe0
[  901.733734][T10701]  ? __fget_files+0x443/0x520
[  901.733901][T10701]  ? kmsan_get_metadata+0x13e/0x1c0
[  901.734125][T10701]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  901.734366][T10701]  __x64_sys_sendmsg+0x212/0x3c0
[  901.734539][T10701]  ? kmsan_get_metadata+0x13e/0x1c0
[  901.734759][T10701]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  901.734987][T10701]  ? kmsan_get_metadata+0x13e/0x1c0
[  901.735216][T10701]  x64_sys_call+0x2e0f/0x3c80
[  901.735430][T10701]  do_syscall_64+0xcd/0x1e0
[  901.735613][T10701]  ? clear_bhb_loop+0x25/0x80
[  901.735786][T10701]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  901.735965][T10701] RIP: 0033:0x7fdd1878d169
[  901.736087][T10701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  901.736227][T10701] RSP: 002b:00007fdd19689038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  901.736378][T10701] RAX: ffffffffffffffda RBX: 00007fdd189a5fa0 RCX: 00007fdd1878d169
[  901.736495][T10701] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  901.736596][T10701] RBP: 00007fdd19689090 R08: 0000000000000000 R09: 0000000000000000
[  901.736693][T10701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  901.736791][T10701] R13: 0000000000000000 R14: 00007fdd189a5fa0 R15: 00007ffe5f1a6698
[  901.736932][T10701]  </TASK>
[  902.058461][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  902.058461][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  902.072793][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  902.354416][ T6914] usb 5-1: Using ep0 maxpacket: 32
[  902.426547][ T6914] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  902.438262][ T6914] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  902.460836][ T6914] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  902.584421][ T6914] usb 5-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice=fa.00
[  902.595776][ T6914] usb 5-1: New USB device strings: Mfr=109, Product=0, SerialNumber=0
[  902.605187][ T6914] usb 5-1: Manufacturer: syz
[  902.669804][T10705] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1220'.
[  902.685079][ T6914] usb 5-1: config 0 descriptor??
[  903.828398][ T6914] input: syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5011.000C/input/input48
[  903.960737][T10713] FAULT_INJECTION: forcing a failure.
[  903.960737][T10713] name failslab, interval 1, probability 0, space 0, times 0
[  903.974111][T10713] CPU: 1 UID: 0 PID: 10713 Comm: syz.9.1222 Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  903.974276][T10713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  903.974363][T10713] Call Trace:
[  903.974419][T10713]  <TASK>
[  903.974479][T10713]  dump_stack_lvl+0x216/0x2d0
[  903.974673][T10713]  dump_stack+0x1e/0x24
[  903.974837][T10713]  should_fail_ex+0x77b/0x840
[  903.975043][T10713]  should_failslab+0x17f/0x210
[  903.975250][T10713]  __kmalloc_cache_noprof+0xc5/0xe00
[  903.975427][T10713]  ? pagemap_read+0x3a6/0x1320
[  903.975595][T10713]  ? security_capable+0x133/0x660
[  903.975784][T10713]  ? kmsan_get_metadata+0x13e/0x1c0
[  903.975986][T10713]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  903.976206][T10713]  pagemap_read+0x3a6/0x1320
[  903.976375][T10713]  ? kmsan_get_metadata+0xe0/0x1c0
[  903.976586][T10713]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  903.976804][T10713]  ? kmsan_get_metadata+0x13e/0x1c0
[  903.977021][T10713]  vfs_read+0x29f/0xf70
[  903.977192][T10713]  ? __fget_files+0x443/0x520
[  903.977364][T10713]  ? kmsan_get_metadata+0x13e/0x1c0
[  903.977571][T10713]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  903.977792][T10713]  __x64_sys_pread64+0x2c5/0x3b0
[  903.978002][T10713]  x64_sys_call+0x2d91/0x3c80
[  903.978199][T10713]  do_syscall_64+0xcd/0x1e0
[  903.978374][T10713]  ? clear_bhb_loop+0x25/0x80
[  903.978542][T10713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  903.978693][T10713] RIP: 0033:0x7ff06518d169
[  903.978806][T10713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  903.978936][T10713] RSP: 002b:00007ff065fa2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  903.979077][T10713] RAX: ffffffffffffffda RBX: 00007ff0653a5fa0 RCX: 00007ff06518d169
[  903.979187][T10713] RDX: 0000000000019000 RSI: 0000200000001240 RDI: 0000000000000003
[  903.979283][T10713] RBP: 00007ff065fa2090 R08: 0000000000000000 R09: 0000000000000000
[  903.979376][T10713] R10: 0000001000000000 R11: 0000000000000246 R12: 0000000000000001
[  903.979478][T10713] R13: 0000000000000000 R14: 00007ff0653a5fa0 R15: 00007ffdfbe78398
[  903.979608][T10713]  </TASK>
[  904.457757][ T6914] input: syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5011.000C/input/input49
[  904.971523][T10714] fuse: Unknown parameter './file0'
[  905.469222][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  905.477277][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  905.521583][T10716] loop4: detected capacity change from 0 to 32768
[  905.567188][ T6914] kye 0003:0458:5011.000C: input,hiddev0,hidraw0: USB HID v0.00 Mouse [syz] on usb-dummy_hcd.4-1/input0
[  905.590321][ T6914] usb 5-1: USB disconnect, device number 32
[  905.690341][T10716] (syz.4.1225,10716,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  905.724852][T10716] (syz.4.1225,10716,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  906.149626][T10716] JBD2: Ignoring recovery information on journal
[  906.919876][T10716] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  907.094635][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  907.094635][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  907.109002][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  907.502031][ T8554] ocfs2: Unmounting device (7,4) on (node local)
[  908.465665][ T6914] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  908.804592][ T6914] usb 1-1: Using ep0 maxpacket: 32
[  908.938287][ T6914] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  908.947336][ T6914] usb 1-1: config 0 has no interface number 0
[  908.953987][ T6914] usb 1-1: config 0 interface 12 has no altsetting 0
[  909.207899][T10747] loop1: detected capacity change from 0 to 32768
[  909.320007][ T6914] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  909.329802][ T6914] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  909.338481][ T6914] usb 1-1: Product: syz
[  909.342910][ T6914] usb 1-1: Manufacturer: syz
[  909.348557][ T6914] usb 1-1: SerialNumber: syz
[  909.500964][ T6914] usb 1-1: config 0 descriptor??
[  909.756712][T10747] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  909.774561][T10747] bcachefs (loop1): recovering from clean shutdown, journal seq 10
[  909.784490][T10747] bcachefs (loop1): Version upgrade required:
[  909.784490][T10747] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  909.784490][T10747] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.20: directory_size
[  909.784490][T10747]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  910.065621][T10747] bcachefs (loop1): error validating btree node on loop1 at btree dirents level 0/0
[  910.065743][T10747]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 281474976710656: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0  
[  910.065865][T10747]   node offset 0/24: incorrect min_key: got 0:0:7 should be POS_MIN
[  910.100173][T10747] bcachefs (loop1): running explicit recovery pass check_topology (2), currently at recovery_pass_empty (0)
[  910.112924][T10747] bcachefs (loop1): flagging btree dirents lost data
[  910.125807][T10747] bcachefs (loop1): running explicit recovery pass scan_for_btree_nodes (1), currently at recovery_pass_empty (0)
[  910.165525][T10747] error reading btree root btree=dirents level=0: btree_node_read_error, fixing
[  910.254738][T10747] bcachefs (loop1): error validating btree node on loop1 at btree alloc level 0/0
[  910.254861][T10747]   u64s 11 type btree_ptr_v2 18446744073709551360:288230376151711743:U32_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0  
[  910.255103][T10747]   node offset 0/24 bset u64s 0: incorrect max key SPOS_MAX
[  910.291680][T10747] bcachefs (loop1): flagging btree alloc lost data
[  910.442749][T10747] error reading btree root btree=alloc level=0: btree_node_read_error, fixing
[  910.538531][ T6914] f81534 1-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  910.547062][ T6914] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71
[  910.554953][ T6914] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  910.563063][ T6914] f81534 1-1:0.12: probe with driver f81534 failed with error -71
[  910.655568][ T9838] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  910.670569][T10747] bcachefs (loop1): error validating btree node on loop1 at btree freespace level 0/0
[  910.670685][T10747]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq e81e1ed936acf3df written 32 min_key 0:3703155162349568:0 durability: 1 ptr: 0:29:0 gen 0  
[  910.670808][T10747]   node offset 0/32: incorrect min_key: got POS_MIN should be 0:3703155162349568:0
[  910.710300][T10747] bcachefs (loop1): flagging btree freespace lost data
[  910.727947][T10747] error reading btree root btree=freespace level=0: btree_node_read_error, fixing
[  910.845737][ T6914] usb 1-1: USB disconnect, device number 28
[  910.846819][T10747] bcachefs (loop1): scan_for_btree_nodes...
[  910.931000][ T9838] usb 3-1: Using ep0 maxpacket: 32
[  910.979861][ T9838] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  910.991351][ T9838] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  911.002112][ T9838] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  911.136059][ T9838] usb 3-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice=fa.00
[  911.151636][ T9838] usb 3-1: New USB device strings: Mfr=109, Product=0, SerialNumber=0
[  911.162357][ T9838] usb 3-1: Manufacturer: syz
[  911.258359][ T9838] usb 3-1: config 0 descriptor??
[  912.143466][ T8574] kmmpd-loop3: attempt to access beyond end of device
[  912.143466][ T8574] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64
[  912.158384][ T8574] Buffer I/O error on dev loop3, logical block 64, lost sync page write
[  912.324942][ T9838] input: syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5011.000D/input/input50
[  912.533403][ T9838] input: syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0458:5011.000D/input/input51
[  912.548033][T10747] bcachefs (loop1): btree node scan found 7 nodes after overwrites
[  912.558531][T10747]  done
[  912.737626][T10747] bcachefs (loop1): check_topology...
[  912.743573][T10747] bcachefs (loop1): btree root dirents unreadable, must recover from scan
[  912.759812][T10747] bcachefs (loop1): bch2_get_scanned_nodes(): recovery btree=dirents level=0 POS_MIN - SPOS_MAX
[  912.771855][T10747] bcachefs (loop1): bch2_get_scanned_nodes(): recovering u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key 0:0:7 durability: 1 ptr: 0:41:0 gen 0
[  912.835867][T10747] bcachefs (loop1): bch2_get_scanned_nodes(): recovery btree=dirents level=0 POS_MIN - 0:0:6
[  912.848744][T10747] btree node with incorrect min_key  at btree=dirents level=1:
[  912.848847][T10747]   parent: u64s 5 type btree_ptr SPOS_MAX len 0 ver 0
[  912.848940][T10747]   next: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key 0:0:7 durability: 1 ptr: 0:41:0 gen 0, fixing
[  912.882872][T10747] bcachefs (loop1): set_node_min(): u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key 0:0:7 durability: 1 ptr: 0:41:0 gen 0 -> POS_MIN
[  912.907353][T10747]  done
[  912.947774][T10747] bcachefs (loop1): accounting_read... done
[  912.956803][T10747] bcachefs (loop1): alloc_read... done
[  912.962850][T10747] bcachefs (loop1): stripes_read... done
[  912.970185][T10747] bcachefs (loop1): snapshots_read... done
[  912.976941][T10747] bcachefs (loop1): check_allocations...
[  912.984677][T10747] bucket 0:34 data type user ptr gen 0 missing in alloc btree
[  912.984800][T10747] while marking u64s 7 type extent 4099:8:U32_MAX len 8 ver 0: durability: 1 crc: c_size 8 size 8 offset 0 nonce 0 csum none 0:0  compress incompressible ptr: 0:34:0 gen 0, fixing
[  913.033936][T10747] bucket 0:27 data type btree ptr gen 0 missing in alloc btree
[  913.034048][T10747] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c6c25c03258c59c5 written 16 min_key POS_MIN durability: 1 ptr: 0:27:0 gen 0, fixing
[  913.085887][T10747] bucket 0:38 data type btree ptr gen 0 missing in alloc btree
[  913.085999][T10747] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[  913.132958][T10747] bucket 0:41 data type btree ptr gen 0 missing in alloc btree
[  913.133063][T10747] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key R POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[  913.161062][T10747] bucket 0:31 data type btree ptr gen 0 missing in alloc btree
[  913.161170][T10747] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2285c34bed0abe32 written 16 min_key POS_MIN durability: 1 ptr: 0:31:0 gen 0, fixing
[  913.236888][ T9838] kye 0003:0458:5011.000D: input,hiddev0,hidraw0: USB HID v0.00 Mouse [syz] on usb-dummy_hcd.2-1/input0
[  913.256748][T10747] bucket 0:35 data type btree ptr gen 0 missing in alloc btree
[  913.256853][T10747] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[  913.322337][T10747] bucket 0:32 data type btree ptr gen 0 missing in alloc btree
[  913.322447][T10747] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[  913.359628][T10747] bucket 0:28 data type btree ptr gen 0 missing in alloc btree
[  913.359752][T10747] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 28f61e078e70b95c written 16 min_key POS_MIN durability: 1 ptr: 0:28:0 gen 0, fixing
[  913.389059][T10747] bucket 0:37 data type btree ptr gen 0 missing in alloc btree
[  913.389162][T10747] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 4a8b0fa43a9980a6 written 24 min_key POS_MIN durability: 1 ptr: 0:37:0 gen 0, fixing
[  913.424407][T10747] bucket 0:42 data type btree ptr gen 0 missing in alloc btree
[  913.424511][T10747] while marking u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 1 ptr: 0:42:0 gen 0, fixing
[  913.505820][T10747]  done
[  913.554642][ T9838] usb 3-1: USB disconnect, device number 48
[  913.575402][T10747] bcachefs (loop1): going read-write
[  913.632387][T10747] bcachefs (loop1): journal_replay...
[  913.783775][ T3749] bucket incorrectly unset in freespace btree
[  913.783946][ T3749]   u64s 5 type deleted 0:29:0 len 0 ver 0, , continuing
[  913.951888][ T3749] bucket incorrectly unset in freespace btree
[  913.951975][ T3749]   u64s 5 type deleted 0:33:0 len 0 ver 0, , continuing
[  913.976803][T10760] =====================================================
[  913.977014][T10760] BUG: KMSAN: uninit-value in bch2_btree_ptr_v2_validate+0x51c/0xb20
[  913.977152][T10760]  bch2_btree_ptr_v2_validate+0x51c/0xb20
[  913.977276][T10760]  bch2_bkey_val_validate+0x357/0x530
[  913.977405][T10760]  validate_bset_keys+0x204b/0x22c0
[  913.977536][T10760]  validate_bset_for_write+0x2b3/0x410
[  913.977673][T10760]  __bch2_btree_node_write+0x5460/0x68b0
[  913.977813][T10760]  bch2_btree_node_write_trans+0xd7/0x8a0
[  913.977952][T10760]  __btree_node_flush+0x5e6/0x660
[  913.978129][T10760]  bch2_btree_node_flush1+0x38/0x60
[  913.978305][T10760]  journal_flush_pins+0x1335/0x1fa0
[  913.978476][T10760]  __bch2_journal_reclaim+0xdab/0x1680
[  913.978643][T10760]  bch2_journal_reclaim_thread+0x17f/0x750
[  913.978819][T10760]  kthread+0x6b9/0xef0
[  913.978921][T10760]  ret_from_fork+0x6d/0x90
[  913.979090][T10760]  ret_from_fork_asm+0x1a/0x30
[  913.979253][T10760] 
[  913.979285][T10760] Uninit was stored to memory at:
[  913.979498][T10760]  bch2_sort_keys_keep_unwritten_whiteouts+0x15d9/0x1850
[  913.979663][T10760]  __bch2_btree_node_write+0x3b69/0x68b0
[  913.979803][T10760]  bch2_btree_node_write_trans+0xd7/0x8a0
[  913.979946][T10760]  __btree_node_flush+0x5e6/0x660
[  913.980117][T10760]  bch2_btree_node_flush1+0x38/0x60
[  913.980291][T10760]  journal_flush_pins+0x1335/0x1fa0
[  913.980460][T10760]  __bch2_journal_reclaim+0xdab/0x1680
[  913.980627][T10760]  bch2_journal_reclaim_thread+0x17f/0x750
[  913.980806][T10760]  kthread+0x6b9/0xef0
[  913.980911][T10760]  ret_from_fork+0x6d/0x90
[  913.981075][T10760]  ret_from_fork_asm+0x1a/0x30
[  913.981260][T10760] 
[  913.981287][T10760] Uninit was created at:
[  913.981479][T10760]  ___kmalloc_large_node+0x365/0x420
[  913.981612][T10760]  __kmalloc_large_node_noprof+0x3f/0x1e0
[  913.981760][T10760]  __kvmalloc_node_noprof+0xa2/0x13d0
[  913.981911][T10760]  bch2_btree_node_mem_alloc+0xa98/0x2f10
[  913.982077][T10760]  bch2_btree_reserve_get+0x382/0x22b0
[  913.982238][T10760]  bch2_btree_update_start+0x22b8/0x2ec0
[  913.982380][T10760]  bch2_btree_split_leaf+0x12b/0xcb0
[  913.982516][T10760]  bch2_trans_commit_error+0x1d8/0x2080
[  913.982695][T10760]  __bch2_trans_commit+0x1d6a/0xd3c0
[  913.982884][T10760]  bch2_journal_replay+0x3147/0x4e40
[  913.983064][T10760]  bch2_run_recovery_passes+0x5a2/0x1160
[  913.983193][T10760]  bch2_fs_recovery+0x489c/0x6230
[  913.983369][T10760]  bch2_fs_start+0x7ca/0xc20
[  913.983525][T10760]  bch2_fs_get_tree+0x1564/0x24e0
[  913.983691][T10760]  vfs_get_tree+0xb1/0x5a0
[  913.983850][T10760]  do_new_mount+0x71f/0x15e0
[  913.984023][T10760]  path_mount+0x742/0x1f10
[  913.985720][T10760]  __se_sys_mount+0x71f/0x800
[  913.985834][T10760]  __x64_sys_mount+0xe4/0x150
[  913.985949][T10760]  x64_sys_call+0xed5/0x3c80
[  913.986112][T10760]  do_syscall_64+0xcd/0x1e0
[  913.986253][T10760]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  913.986384][T10760] 
[  913.986436][T10760] CPU: 1 UID: 0 PID: 10760 Comm: bch-reclaim/loo Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  913.986583][T10760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  913.986659][T10760] =====================================================
[  913.986703][T10760] Disabling lock debugging due to kernel taint
[  913.986764][T10760] Kernel panic - not syncing: kmsan.panic set ...
[  913.986852][T10760] CPU: 1 UID: 0 PID: 10760 Comm: bch-reclaim/loo Tainted: G    B              6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
[  913.987021][T10760] Tainted: [B]=BAD_PAGE
[  913.987067][T10760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  913.987142][T10760] Call Trace:
[  913.987187][T10760]  <TASK>
[  913.987234][T10760]  dump_stack_lvl+0x216/0x2d0
[  913.987392][T10760]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  913.987588][T10760]  dump_stack+0x1e/0x24
[  913.987733][T10760]  panic+0x4e5/0xcf0
[  913.987894][T10760]  ? kmsan_internal_poison_memory+0x80/0x90
[  913.988098][T10760]  kmsan_report+0x2ca/0x2d0
[  913.988254][T10760]  ? ret_from_fork_asm+0x1a/0x30
[  913.988441][T10760]  ? kmsan_get_metadata+0x13e/0x1c0
[  913.988615][T10760]  ? kmsan_get_metadata+0x13e/0x1c0
[  913.988789][T10760]  ? __msan_warning+0x95/0x120
[  913.988948][T10760]  ? bch2_btree_ptr_v2_validate+0x51c/0xb20
[  913.989074][T10760]  ? bch2_bkey_val_validate+0x357/0x530
[  913.989210][T10760]  ? validate_bset_keys+0x204b/0x22c0
[  913.989342][T10760]  ? validate_bset_for_write+0x2b3/0x410
[  913.989484][T10760]  ? __bch2_btree_node_write+0x5460/0x68b0
[  913.989620][T10760]  ? bch2_btree_node_write_trans+0xd7/0x8a0
[  913.989754][T10760]  ? __btree_node_flush+0x5e6/0x660
[  913.989941][T10760]  ? bch2_btree_node_flush1+0x38/0x60
[  913.990116][T10760]  ? journal_flush_pins+0x1335/0x1fa0
[  913.990292][T10760]  ? __bch2_journal_reclaim+0xdab/0x1680
[  913.990465][T10760]  ? bch2_journal_reclaim_thread+0x17f/0x750
[  913.990646][T10760]  ? kthread+0x6b9/0xef0
[  913.990748][T10760]  ? ret_from_fork+0x6d/0x90
[  913.990930][T10760]  ? ret_from_fork_asm+0x1a/0x30
[  913.991109][T10760]  ? filter_irq_stacks+0x60/0x1b0
[  913.991281][T10760]  ? kmsan_get_metadata+0x13e/0x1c0
[  913.991462][T10760]  ? kmsan_get_metadata+0x13e/0x1c0
[  913.991641][T10760]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  913.991828][T10760]  ? kmsan_get_metadata+0x13e/0x1c0
[  913.992014][T10760]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  913.992213][T10760]  ? kmsan_get_metadata+0x13e/0x1c0
[  913.992393][T10760]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  913.992586][T10760]  __msan_warning+0x95/0x120
[  913.992747][T10760]  bch2_btree_ptr_v2_validate+0x51c/0xb20
[  913.992922][T10760]  ? __pfx_bch2_btree_ptr_v2_validate+0x10/0x10
[  913.993058][T10760]  bch2_bkey_val_validate+0x357/0x530
[  913.993229][T10760]  validate_bset_keys+0x204b/0x22c0
[  913.993466][T10760]  validate_bset_for_write+0x2b3/0x410
[  913.993634][T10760]  __bch2_btree_node_write+0x5460/0x68b0
[  913.993797][T10760]  ? trace_kmalloc+0x29/0x160
[  913.993939][T10760]  ? filter_irq_stacks+0x60/0x1b0
[  913.994186][T10760]  bch2_btree_node_write_trans+0xd7/0x8a0
[  913.994320][T10760]  ? kmsan_get_metadata+0x13e/0x1c0
[  913.994490][T10760]  ? kmsan_internal_set_shadow_origin+0x6c/0x100
[  913.994667][T10760]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  913.994852][T10760]  __btree_node_flush+0x5e6/0x660
[  913.995031][T10760]  ? __btree_node_flush+0xc7/0x660
[  913.995234][T10760]  bch2_btree_node_flush1+0x38/0x60
[  913.995425][T10760]  journal_flush_pins+0x1335/0x1fa0
[  913.995660][T10760]  ? __pfx_bch2_btree_node_flush1+0x10/0x10
[  913.995866][T10760]  __bch2_journal_reclaim+0xdab/0x1680
[  913.996049][T10760]  ? __try_to_del_timer_sync+0x3c0/0x410
[  913.996275][T10760]  bch2_journal_reclaim_thread+0x17f/0x750
[  913.996511][T10760]  kthread+0x6b9/0xef0
[  913.996611][T10760]  ? __pfx_bch2_journal_reclaim_thread+0x10/0x10
[  913.996822][T10760]  ? __pfx_kthread+0x10/0x10
[  913.996937][T10760]  ret_from_fork+0x6d/0x90
[  913.997109][T10760]  ? __pfx_kthread+0x10/0x10
[  913.997220][T10760]  ret_from_fork_asm+0x1a/0x30
[  913.997416][T10760]  </TASK>
[  913.997824][T10760] Kernel Offset: disabled