last executing test programs:

8m53.167927231s ago: executing program 4 (id=5):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xd5cd7000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
tgkill(0x0, 0x0, 0x21)
tkill(r0, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
open$dir(0x0, 0x20040, 0x40)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbHdpgR8/KiIKoi6isdHYQkHh4AWjiQdMjHjQY9MWghRqaE2EECmJwaMh8W48evXgVb0ZTyZe8WhiSIjhAnhaM7sz7e52t//Y7oL7+SRL35t9s+99982bfTNvlwD6Vjn9J4n4X0TcjIidtWxjgXLtz707Vybv37kyGQuVyqm/k2q5u2k+k++3PcuMFCIKXyRNL1gzd+nyuYmZmemLWX5s/vwnY3OXLr969vzEmekz0xfGjx8/euTwsdfHX1t/UC3qS+O6u+/z2f173/noxruTxXz7UPa3Po5OKUe5VVOqXux0ZT22oy6dFHvYENZlICLS7ipVx//OGAidB/2iUqlUBts/vVBpdm3ZFuCRlUSvWwD0Rv5Bn17/5o8uTT0eCrdP1C6A0rjvZY/aM8UoZGVKTde3nTQUER8u/PNN+ohNug8BAFDvpxP5TLB5/leIPXXl/p+toQxHxGMRsSsiHo+I3RHxRES17JMR8VTT65cjorJC/eWm/PL5T+HWAwW4inT+90a2ttU4/8tnfzE8kOV2ROQT5ulD2XsyEqXB02dnpg+vUMfPb/3+VbvnynXzv/SR1p/PBbN23Co23aCbmpif2HDATW5fi9hXbI4/KUYkiysBSUTsjYh963jd4br02Ze/27+YKTWWWz3+qkrLdbQOLFVUvo14qdb/C9HQ/0s1JiuvT44Nxcz0obH0KDjUso5ff7v+Xrv6V43/hz+bd3n72I+nHjTsRWn/b6s7/iNfv12KfziJSBbXa+fWX8f1P75se02ztuP/asM+6fG/Jfmgmt6SbftsYn7+4uGILcnJ5dvHl/bN83n5NP6Rg63H/65sn/SdeDoi0oP4mYh4NiKey9p+ICKej4iDK8T/y5svfLzx+DdXGv9Uy/NfQ/8vrdfPncwTl9aaGDh34Ob9NiePtfX/0WpqJNvS+vyXNJwi1trADryFAAAA8NArRPW7/4XRxXShMDpauwe0O7YVZmbn5l85PfvphanabwSGo1TI73TV7geXkvz+53BdfrwpfyS7b/z1wNZqfnRydmaq18FDn9teHfPJsvGf+mug160DNp2f/ED/Wm3877nRpYYAXefzH/pX3fhfaFNkwTdl4L+p9ed/qevtALqv1fi/uoF9gEdLxViGvmb8Q/8qxvuL6UJPWwJ0m89/6Etr/xX/RhKVwdZPDcXywjG0Oc3Y2qKuniTSmVVPat+6kb3y/02hbZkorPY6xYZjbDCWlxmInvTFmT0dP/gr2XflO93U71cep/l0fRPeqO6ehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbLvwEAAP//cdfX0w==")

8m48.68562991s ago: executing program 4 (id=9):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000fc0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x28, r1, 0xb15, 0xfffffffe, 0x0, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x28}}, 0x80)
r2 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000240))
capset(0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
keyctl$session_to_parent(0x12)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x280, 0x4e23, @local}, 0x10)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
ppoll(&(0x7f0000000000), 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00'})

8m46.80293087s ago: executing program 4 (id=11):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x50)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2002b08030300ecff3f0000", 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$kcm(0x10, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket(0x11, 0x2, 0x10001)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000280)=ANY=[@ANYBLOB="40000000100005ff00000008000000000000004a", @ANYRES32=0x0, @ANYBLOB="6f77000000000000140012800b0001006261746164760000040002800a000100"], 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x20000840)
getpid()
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x62)
listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4000000}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$evdev(0x0, 0x0, 0x0)
syz_usb_connect$lan78xx(0x3, 0x3f, &(0x7f0000000540)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xfffffffffffffefa}}]}}, 0x0)

8m46.558877511s ago: executing program 5 (id=6):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000001440)={{0x1, 0x1, 0x18, <r1=>r0, {0x4}}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'})
getsockopt$EBT_SO_GET_INFO(r1, 0x0, 0x80, &(0x7f0000002480)={'nat\x00', 0x0, 0x0, 0x0, [0xffffffffffffffff, 0x4aca3e29, 0x6, 0x4, 0x2, 0xd4]}, &(0x7f0000002500)=0x78)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x20)
syz_usb_connect(0x2, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x0, 0x96, 0xd1, 0xca}}]}}]}}, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000240)=ANY=[@ANYRESOCT], 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000000)=0xffb)
timerfd_create(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
execve(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x20, 0x0, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x2}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r8 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
syz_io_uring_submit(r6, r7, &(0x7f0000000300)=@IORING_OP_SYMLINKAT={0x26, 0x1e, 0x0, r8, &(0x7f0000000440)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000400)='./file0\x00', 0x0, 0x0, 0x1})
sendmsg$NFNL_MSG_ACCT_NEW(0xffffffffffffffff, 0x0, 0x80)
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
ioctl$SOUND_MIXER_WRITE_VOLUME(0xffffffffffffffff, 0xc0040d07, &(0x7f0000000040)=0x121)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x2, 0x0, 0x80, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000001, 0x32, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000540)=0x7b1)

8m42.867504639s ago: executing program 4 (id=15):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
r1 = socket(0x2c, 0x3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x60002016})
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x10005)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f0000000140), 0x0}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
listen(0xffffffffffffffff, 0xfffffffd)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f00000003c0)={[{@nodiscard}, {}, {@background_gc_on}, {@alloc_mode_reuse}, {@noquota}, {@disable_roll_forward}, {@gc_merge}, {@nouser_xattr}, {@alloc_mode_reuse}, {@user_xattr}, {@fsync_mode_strict}, {@adaptive_mode}, {@block_mode}, {@noinline_dentry}]}, 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1811e000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
connect$unix(r1, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x183341, 0x2)
ioctl$F2FS_IOC_SET_PIN_FILE(r4, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
ioctl$SNDCTL_SEQ_GETINCOUNT(r5, 0x80045105, &(0x7f0000000100))
r6 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x800000, &(0x7f00000004c0)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030362c696f636861727365743d6b6f69382d722c646d61736b3d30303030303134303030303030303030303030303030302c6e616d65636173653d312c646973636172642c616c6c6f775f7574696d653d303a3030303030303030303030303030303030303031302c7569643d676d07728aea616e91f401cbca998d11be44a9bb1c788e764abc81e56ef3aa88d54615430f320dc5b585cc913be041086d554e6fddb12789dc0643b841fa165ec339578b9f86f220be4e33e31ed3b7c08102910ceeb31b7f1cba671e8533df737e47b0f87a5fec781c339a5071508d95c87ed3a5c77e46a97e75c736687d5d5ded922b9fbf9c22", @ANYRESHEX=0x0, @ANYBLOB=',codepage=koi8-u,umask=00000000000000000007614,\x00'], 0x1, 0x151e, &(0x7f0000000880)="$eJzs3AucT9XaOPDnWWvtMSbp1ySXYa31bH7JZZkkySVJLkmSJEluCUmTHElIDLklDUlILkNyGUJymZg07ve7JCRJkyQhuSXr/5ni73TqvOec9/Qe7+ed5/v57I/1zN7P2s/+PbNnXzDfdh1Wq0nt6o2ICP4t+OsfyQAQCwCDAOAaAAgAoHx8+fjs9bklJv97O2F/rofSrnQF7Eri/uds3P+cjfufs3H/czbuf87G/c/ZuP85G/efsZxsy4xC1/KScxd+/5+T8fX//4aLJx98ua7M9d0AYv7ZPO5/zsb9/z8r+Gc24v7nbNz/nCr2ShfA/hfg8z8nyPV313D/czbuP2M52ZV+/3ylF4jk7M/gSn//McYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLGc74yxQAXBpf6boYY4wxxhhjjDH25/G5rnQFjDHGGGOMMcYY+5+HIECCggBiIBfEQm6IAwEAV0NeuAYicC3Ew3WQD66H/FAACkIhSIDCUAQ0GIgBghCKQjGIwg1QHG6EElASSkFpcFAGEuEmKAs3Qzm4BcrDrVABboOKUAkqQxW4HarCHVAN7oTqcBfUgJpQC2rD3VAH7oG6cC/Ug/ugPtwPDeABaAgPQiN4CBrDw9AEHoGm8Cg0g+bQAlpCq/9W/gvQE16EXtAbkqEP9IWXoB/0hwEwEAbByzAYXoEh8CqkwFAYBq/BcHgdRsAbMBJGwWh4E8bAWzAWxsF4mACpMBEmwdswGd6BKTAVpsF0SIMZMBPehVkwG+bAezAX3od5MB8WwEJIhw9gESyGDPgQlsBHkAlLYRkshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHHfAx7IRPYBd8CrthD+yFz2AffP4v5p/+m/xuCAgoUKBChTEYg7EYi3EYh3kwD+bFvBjBCMZjPObDfJgf82NBLIgJmIBFsAgaNEhIWBSLYhSjWByLYwksgaWwFDp0mIiJWBZvxnJYDstjeayAFbAiVsJKWAWrYFWsitWwGlbH6lgDa2AtrIV3493YB+tiXayH9bA+1r/0egobYSNsjI2xCTbBptgUm2EzbIEtsBW2wtbYGttgG2yH7bA9tscO2AGTMAk7YkfshJ2wM3bGLtgFu2JX7IbdsXvWC7kAX8QXsTfWEH2wL/bFfpiSawAOxIH4Mg7GV/AVfBVTcCgOw9fwNXwdR+ApHImjcDSOxqriLRyL45DEBEzFVJyEk3AyTsYpOBWn4nRMwxk4E2fiLJyNs/E9nIvv4/s4H+fjQkzHdFyEizEDM3AJnsZMXIrLcDmuwJW4AlfjGlyN63A9rsONuBE342bciltxO27Hj/Fj/AQVAH6Ke3APpuA+3If7cT8ewAN4EA9iFmbhITyEh/EwHsEjeBSP4jE8jifwOJ7Ek3gKT+MZPIPn8Byex+cSvm78Scm1KSCyKaFEjIgRsSJWxIk4kUfkEXlFXhEREREv4kU+kU/kF/lFQVFQJIgEUUQUEUYYQSKMAQARFVFRXBQXJUQJUUqUEk44kSgSRVlRVpQT5UR5cauoIG4TFUUl0dZVEVVEVdHOVRN3iuqiuqghaopaoraoLeqIOqKuqCvqiXqivqgvGogHREPRBwfgQyK7M03EUGwqhmEz0VzIiz/BWosR2Ea0Fe3EE2IUjsQOorVLEk+LjmIsdhJ/EePwWdFFTMCu4nnRTXQXPcQLoqdo43qJ3mIK9hF9xXTsJ/qLAWKgmIU1xXs4N3ct8apIEUPFMPGaWIivixHiDTFSjBKjxZtijHhLjBXjxHgxQaSKiWKSeFtMFu+IKWKqmCamizQxQ8wU74pZYraYI94Tc8X7Yp6YLxaIhSJdfCAWicUiQ3woloiPRKZYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih/hY7BSfiF3iU7Fb7BF7xWdin/hc7BdfiAPiS3FQfCWyxNfikPhGHBbfiiPiO3FUfC+OiePihPhBnBQ/ilPitDgjzopz4idxXvwsLggvQKIUUkolAxkjc8lYmVvGyatkHhlc/HSvlfHyOplPXi/zywKyoCwkE2RhWURqaaSVJENZVBaTUXmDLC5vlCVkSVlKlpZOlpGJ8iZZVt4sy8lbZHl5q6wgb5MVZSVZWVaRt8uq8g4JkV/3UUPWlLVkbXm3TIZ7ZF15r6wn75P15f2ygXxANpQPykbyIdlYPiybyEdkU/mobCabyxaypWwlH5Ot5eOyjWwr28knZHv5pOwgn5JJ8mnZUfqL3yLPyi7yOdlVPi+7ye6yh/xZXpBe9pK9JfQB2Ve+JPvJ/nKAHCgHyZflYPmKHCJflSlyqBwmX5PD5etyhHxDjpSj5Gj5phwj35Jj5Tg5Xk6QqXKinCTflpPlO3KKnCqnyekyTc6QAy7ONEfKf5j/9h/kD/ll75vlFrlVbsOLrZCfyF1yl9wtd8u9cq/cJ/fJ/XK/PCAPyIPyoMySWfKQPCQPy8PyiDwij8qj8pg8Ls/KH+RJ+aM8JU/L0/KsPCfPyfMXPwNQqISSSqlAxahcKlblVnHqKpVHXa3yqmtURF2r4tV1Kp+6XuVXBVRBVUglqMKqiNLKKKtIhaqoKqai6oZLVapSqrRyqoxKVDf9K/mquLpRlVAlf5N/qb7kv1NfK9VKtVatVRvVRrVT7VR71V51UB1UkkpSHVVH1Ul1Up1VZ9VFdVFdVVfVTXVTPVQP1VP1VL1UL5WsklVf9ZLqp/qrAWqgGqReVoPVYDVEDVEpKkUNU8PUcDVcjVAj1Eg1Uo1Wo9UYNUaNVWPVeDVepapUNUlNUpPVZDVFTVHT1DSVptLUTDVTzVKz1Bw1R81Vc9U8NU8tUAtUukpXi9QilaEy1BK1RGWqpWqpWq6Wq5VqpVqtVqu1aq1ar9arjWqjylRb1Ba1TW1TO9QOtVPtVLvULrVb7VZ71V61T+1T+9V+dUAdUAfVQZWlstQhdUgdVofVEXVEHVVH1TF1TJ1QJ9RJdVKdUqfUGXVGnVPn1Hl1Xl1QF7Jv+wIRiEAF2VfamCA2iA3igrggT5AnyBvkDSJBJIgP4oN8wfVB/qBAUDAoFCQEhYMigQ5MYANxsenR4IageHBjUCIoGZQKSgcuKBMkBjcFZYObg3LBLUH54NagQnBbUDGoFFQOqgS3B1WDO4JqwZ1B9eCuoEZQM6gV1A7uDuoE9wR1g3uDesF9Qf3g/qBB8EDQMHgwaBQ8FDQOHg6aBI8ETYNHg2ZB86BF0DJo9afO7/2pAo+7zbq3TtZ9dF/9ku6n++sBeqAepF/Wg/Ureoh+VafooXqYfk0P16/rEfoNPVKP0qP1m3qMfkuP1eP0eD1Bp+qJepJ+W0/W7+gpeqqepqfrND1Dz9Tv6ll6tp6j39Nz9ft6np6vF+iFOl1/oBfpxTpDf6iX6I90pl6ql+nleoVeqVfp1XqNXqvX6fV6g96oN+nNeoveqrfp7XqH/ljv1J/oXfpTvVvv0Xv1Z3qf/lzv11/oA/pLfVB/pbP01/qQ/kYf1t/qI/o7fVR/r4/p4/qE/kGf1D/qU/q0PqPP6nP6J31e/6wvaJ99c599eTfKKBNjYkysiTVxJs7kMXlMXpPXREzExJt4k8/kM/lNflPQFDQJJsEUMUVMNjJkipqiJmqiprgpbkqYEqaUKWWccSbRJJqypqwpZ8qZ8qa8qWAqmIqmoqlsKpvbze3mDnOHudPcae4yd5mapqapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWwamyamiWlqmppmpplpYVqYVqaVaW1amzamjWln2pn2pr3pYDqYJJNkOpqOppPpZDqbzqaL6WK6mq6mm+lmepgepqfpaXqZXibZJJu+pq/pZ/qZAWaAGWQGmcFmsBlihpgUk2KGmWFmuBluRpgRZqQZZUZnnz7mLTPWjDPjzQSTalLNJDPJTDaTzRQzxUwz00yaSTMzzUwzy8wyc8wcM9fMNfPMPLPALDDpJt0sMotMhskwS8wSk2kyzTKzzKwwK8wqs8qsMWvMOrPObIANZpPZZLaYLWab2WZ2mB1mp9lpdpldZrfZbfaavWaf2Wf2m/3mgDlgDpqDJstkmUPmkDlsDpsj5og5ao6aY+aYOWFOmJPmpDllTpkz5ow5ZwpcvF56E2tz2zh7lc1jr7Z57TX2b+OCtpBNsIVtEattflvgN7Gx1pawJW0pW9o6W8Ym2pt+F1e0lWxlW8XebqvaO2y138V17D22rr3X1rP32dr27t/E9e39toF9xDZEBLDNbWPb0jaxj9im9lHbzDa3LWxL294+aTvYp2ySfdp2tM/8Ll5kF9s1dq1dZ9fb3XaPPWPP2sP2W3vO/mR72d52kH3ZDrav2CH2VZtih/4uHm3ftGPsW3asHWfH2wm/i6fZ6TbNzrAz7bt2lp39uzjdfmDn2gw7z863C+zCX+LsmjLsh3aJ/chm2gCW2eV2hV1pV9nV/7/W5Xaj3WQ32132U7vNbrc77Md256UbYbvH7rWf2X32c3vIfmMP2C/tQXvEZtmvf4mzj++I/c4etd/bY/a4PWF/sCftj+pSdvax/2B/thest0BIQJIUBRRDuSiWclMcXUV56GrKS9dQhK6leLqO8tH1lJ8KUEEqRAlUmIqQJkOWiEIqSsUoSjfQpfJKUWlyVIYS6SYqSzdTObqFytOtVIFuo4pUiSpTFbqdqtIdVI3upOp0F9WgmlSLatPdVIfuobp0L9WD+6g+3U8N6AFqSA9SI3qIGtPD1IQeoab0KDWj5tSCWlIreoxa0+PUhtpSO3qC2tOT1IGeoiR6mjrSM9SJ/kKd6VnqQs9RV3qeulF36kEvUE96kXpRb0qmPtSXXqJ+1J8G0EAaRC/TYHqFhtCrlEJDaRi9RsPpdRpBb9BIGkWj6U0aQ2/RWBpH42kCpdJEmkRv02R6h6bQVJpG0ymNZtBMepdm0WyaQ+/RXHqf5tF8WkALKZ0+oEW0mDLoQ1pCH1EmLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQx7STPqFd9Cntpj20lz6jffQ57acv6AB9SQfpK8qir+kQfUOH6Vs6Qt/53vQ9HaPjdIJ+oJP0I52i03SGztI5+onO0890gTxBiKEIZajCIIwJc4WxYe4wLrwqzBNeHeYNrwkj4bVhfHhdmC+8PswfFggLhoXChLBwWCTUoQltSGEYFg2LhdHwhrB4eGNYIiwZlgpLhy4sEyaGN4Vlw5vDcuEtYfnw1rBCeFtYMawUPnJflfD2sGp4R1gtvDOsHt4V1ghrhrXC2uHdYZ3wnrBueG9YL7wvLBfeHzYIHwgbhg+GjcKHwsbhw2GT8JGwafho2CxsHrYIW4atwsfC1uHjYZuwbdgufCJsHz4ZdgifCpPCp8OO4TO/rL9/8d9fnxz2CfuGL4Uvhd7fKxdEF0bTox9EF0UXRzOiH0aXRD+KZkaXRpdFl0dXRFdGV0VXR9dE10bXRddHN0Q3RjdFN0e9r50LHDrhpFMucDEul4t1uV2cu8rlcVe7vO4aF3HXunh3ncvnrnf5XQFX0BVyCa6wK+K0M846cqEr6oq5qLvBFXc3uhKupCvlSjvnyrhE19K1cq1ca/e4a+PaunbuCfeEe9I96Z5yT7mnXUf3jOvk/uI6u2ddF/ece84977q57q6He8H1dBPz/npOJru+rq/r5/q5AW6AG+QGucFusBvihrgUl+KGuWFuuBvuRrgRbqQb6Ua70W6MG+PGurFuvBvvUl2qm+QmucluspviprhpbppLc2luppvpZrlZrursX/cyz81zC9wCl+7S3SKXfc+Y4Za4JS7TZbplbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vldrnd/ppfJ3X73H633x1wB9xB95XLcl+7Q+4bd9h9646479xR97075o67E+4Hd9L96E650+6MO+vOuZ/cefezu+C8S41MjEyKvB2ZHHknMiUyNTItMj2SFpkRmRl5NzIrMjsyJ/JeZG7k/ci8yPzIgsjCSHrkg8iiyOJIRuTDyJLIR5HMyNLIssjyyIrIyoj3hbeFvqgv5qP+Bl/c3+hL+JK+lC/tnS/jE/1Nvqy/2Zfzt/jy/lZfwd/mK/pKvrJ/1DfzzX0L39K38o/51v5x38a39e38E769f9J38E/5JP+07+if8Z38X3xn/6zv4p/zXf3zvpvv7nv4F3xP/6Lv5Xv7ZN/H9/Uv+X6+vx/gB/pB/mU/2L/ih/hXfYof6of51/xw/7of4d/wI/0oPzrmTT/m0iMyTPCpfqKf5N/2k/07cKef6qf56T7Nz/Az/bt+lp/t5/j3/Fz/vp/n5/sFfqFP9x/4RX6xz/Af+iX+I5/pl156qexX+dV+jV/r1/n1foPf6Df5zX6L3+q3+e1+h//Y7/Sf+F3+U7/b7/F7/Wd+n//c7/df+AP+S3/Qf+Wz/Nf+kP/GH/bf+iP+O3/Uf++P+eP+hP/Bn/Q/+lP+tD/jz/pz/id/3v/sL/D/WWOMMcYY+6dMvDwUv13z6+v8Pn+QI/5q474AcPX2Qll/vT77jnJD/l/H/UVC+wgAPN2760OXlho1kpOTL26bKSEoNh/g0t8EZYuBy/FSaAdPQhK0hbJ/WH9/0f0c/YP5o7cCxP1VTixcji/P/wUAJv/B/I89MXpRhfBM/H8x/3yAEsUu5+SGy/FSaPfL+5W2UO7v1F+g9T+oP/eXqQBt/ionD1yOL9efCI/DM5D0my0ZY4wxxhhjjLFf9ReVO196/rz0Lz7/6Pk8QV3OyQWX43/0fM4YY4wxxhhjjLEr79nuPZ56LCmpbed/fVDtv5X1Tw+awv/UzDz4w4H3AJe+ogDg35wQIHsg/5NHsfU/sq+Ui6fO365acdYH8L+jlX/G4Ar/YGKMMcYYY4z96S7f9P/26+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVA/4lfJ3alj5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5fAAAA//85evzE")
fallocate(r6, 0x0, 0xfc01, 0x1000f4)
r7 = dup(r0)
sendmsg$inet(r7, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0xffdf}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x73}, @noop]}}}], 0x40}, 0x0)
syz_usb_connect(0x5, 0x46, &(0x7f0000000780)=ANY=[@ANYBLOB="12010000e75fcc08c0070515c5b8010203010902340001000080000904"], 0x0)

8m37.01253163s ago: executing program 5 (id=21):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
syz_open_dev$loop(0x0, 0x8, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10117, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmmsg(r2, &(0x7f0000000180), 0x4000190, 0x0)

8m27.01633027s ago: executing program 32 (id=15):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
r1 = socket(0x2c, 0x3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000040)={0x60002016})
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x10005)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={0xffffffffffffffff, &(0x7f0000000140), 0x0}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
listen(0xffffffffffffffff, 0xfffffffd)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f00000003c0)={[{@nodiscard}, {}, {@background_gc_on}, {@alloc_mode_reuse}, {@noquota}, {@disable_roll_forward}, {@gc_merge}, {@nouser_xattr}, {@alloc_mode_reuse}, {@user_xattr}, {@fsync_mode_strict}, {@adaptive_mode}, {@block_mode}, {@noinline_dentry}]}, 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1811e000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
connect$unix(r1, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x183341, 0x2)
ioctl$F2FS_IOC_SET_PIN_FILE(r4, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0)
ioctl$SNDCTL_SEQ_GETINCOUNT(r5, 0x80045105, &(0x7f0000000100))
r6 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x800000, &(0x7f00000004c0)=ANY=[@ANYBLOB="696f636861727365743d6b6f69382d72752c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030362c696f636861727365743d6b6f69382d722c646d61736b3d30303030303134303030303030303030303030303030302c6e616d65636173653d312c646973636172642c616c6c6f775f7574696d653d303a3030303030303030303030303030303030303031302c7569643d676d07728aea616e91f401cbca998d11be44a9bb1c788e764abc81e56ef3aa88d54615430f320dc5b585cc913be041086d554e6fddb12789dc0643b841fa165ec339578b9f86f220be4e33e31ed3b7c08102910ceeb31b7f1cba671e8533df737e47b0f87a5fec781c339a5071508d95c87ed3a5c77e46a97e75c736687d5d5ded922b9fbf9c22", @ANYRESHEX=0x0, @ANYBLOB=',codepage=koi8-u,umask=00000000000000000007614,\x00'], 0x1, 0x151e, &(0x7f0000000880)="$eJzs3AucT9XaOPDnWWvtMSbp1ySXYa31bH7JZZkkySVJLkmSJEluCUmTHElIDLklDUlILkNyGUJymZg07ve7JCRJkyQhuSXr/5ni73TqvOec9/Qe7+ed5/v57I/1zN7P2s/+PbNnXzDfdh1Wq0nt6o2ICP4t+OsfyQAQCwCDAOAaAAgAoHx8+fjs9bklJv97O2F/rofSrnQF7Eri/uds3P+cjfufs3H/czbuf87G/c/ZuP85G/efsZxsy4xC1/KScxd+/5+T8fX//4aLJx98ua7M9d0AYv7ZPO5/zsb9/z8r+Gc24v7nbNz/nCr2ShfA/hfg8z8nyPV313D/czbuP2M52ZV+/3ylF4jk7M/gSn//McYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLGc74yxQAXBpf6boYY4wxxhhjjDH25/G5rnQFjDHGGGOMMcYY+5+HIECCggBiIBfEQm6IAwEAV0NeuAYicC3Ew3WQD66H/FAACkIhSIDCUAQ0GIgBghCKQjGIwg1QHG6EElASSkFpcFAGEuEmKAs3Qzm4BcrDrVABboOKUAkqQxW4HarCHVAN7oTqcBfUgJpQC2rD3VAH7oG6cC/Ug/ugPtwPDeABaAgPQiN4CBrDw9AEHoGm8Cg0g+bQAlpCq/9W/gvQE16EXtAbkqEP9IWXoB/0hwEwEAbByzAYXoEh8CqkwFAYBq/BcHgdRsAbMBJGwWh4E8bAWzAWxsF4mACpMBEmwdswGd6BKTAVpsF0SIMZMBPehVkwG+bAezAX3od5MB8WwEJIhw9gESyGDPgQlsBHkAlLYRkshxWwElbBalgDa2EdrIcNsBE2wWbYAlthG2yHHfAx7IRPYBd8CrthD+yFz2AffP4v5p/+m/xuCAgoUKBChTEYg7EYi3EYh3kwD+bFvBjBCMZjPObDfJgf82NBLIgJmIBFsAgaNEhIWBSLYhSjWByLYwksgaWwFDp0mIiJWBZvxnJYDstjeayAFbAiVsJKWAWrYFWsitWwGlbH6lgDa2AtrIV3493YB+tiXayH9bA+1r/0egobYSNsjI2xCTbBptgUm2EzbIEtsBW2wtbYGttgG2yH7bA9tscO2AGTMAk7YkfshJ2wM3bGLtgFu2JX7IbdsXvWC7kAX8QXsTfWEH2wL/bFfpiSawAOxIH4Mg7GV/AVfBVTcCgOw9fwNXwdR+ApHImjcDSOxqriLRyL45DEBEzFVJyEk3AyTsYpOBWn4nRMwxk4E2fiLJyNs/E9nIvv4/s4H+fjQkzHdFyEizEDM3AJnsZMXIrLcDmuwJW4AlfjGlyN63A9rsONuBE342bciltxO27Hj/Fj/AQVAH6Ke3APpuA+3If7cT8ewAN4EA9iFmbhITyEh/EwHsEjeBSP4jE8jifwOJ7Ek3gKT+MZPIPn8Byex+cSvm78Scm1KSCyKaFEjIgRsSJWxIk4kUfkEXlFXhEREREv4kU+kU/kF/lFQVFQJIgEUUQUEUYYQSKMAQARFVFRXBQXJUQJUUqUEk44kSgSRVlRVpQT5UR5cauoIG4TFUUl0dZVEVVEVdHOVRN3iuqiuqghaopaoraoLeqIOqKuqCvqiXqivqgvGogHREPRBwfgQyK7M03EUGwqhmEz0VzIiz/BWosR2Ea0Fe3EE2IUjsQOorVLEk+LjmIsdhJ/EePwWdFFTMCu4nnRTXQXPcQLoqdo43qJ3mIK9hF9xXTsJ/qLAWKgmIU1xXs4N3ct8apIEUPFMPGaWIivixHiDTFSjBKjxZtijHhLjBXjxHgxQaSKiWKSeFtMFu+IKWKqmCamizQxQ8wU74pZYraYI94Tc8X7Yp6YLxaIhSJdfCAWicUiQ3woloiPRKZYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie1ih/hY7BSfiF3iU7Fb7BF7xWdin/hc7BdfiAPiS3FQfCWyxNfikPhGHBbfiiPiO3FUfC+OiePihPhBnBQ/ilPitDgjzopz4idxXvwsLggvQKIUUkolAxkjc8lYmVvGyatkHhlc/HSvlfHyOplPXi/zywKyoCwkE2RhWURqaaSVJENZVBaTUXmDLC5vlCVkSVlKlpZOlpGJ8iZZVt4sy8lbZHl5q6wgb5MVZSVZWVaRt8uq8g4JkV/3UUPWlLVkbXm3TIZ7ZF15r6wn75P15f2ygXxANpQPykbyIdlYPiybyEdkU/mobCabyxaypWwlH5Ot5eOyjWwr28knZHv5pOwgn5JJ8mnZUfqL3yLPyi7yOdlVPi+7ye6yh/xZXpBe9pK9JfQB2Ve+JPvJ/nKAHCgHyZflYPmKHCJflSlyqBwmX5PD5etyhHxDjpSj5Gj5phwj35Jj5Tg5Xk6QqXKinCTflpPlO3KKnCqnyekyTc6QAy7ONEfKf5j/9h/kD/ll75vlFrlVbsOLrZCfyF1yl9wtd8u9cq/cJ/fJ/XK/PCAPyIPyoMySWfKQPCQPy8PyiDwij8qj8pg8Ls/KH+RJ+aM8JU/L0/KsPCfPyfMXPwNQqISSSqlAxahcKlblVnHqKpVHXa3yqmtURF2r4tV1Kp+6XuVXBVRBVUglqMKqiNLKKKtIhaqoKqai6oZLVapSqrRyqoxKVDf9K/mquLpRlVAlf5N/qb7kv1NfK9VKtVatVRvVRrVT7VR71V51UB1UkkpSHVVH1Ul1Up1VZ9VFdVFdVVfVTXVTPVQP1VP1VL1UL5WsklVf9ZLqp/qrAWqgGqReVoPVYDVEDVEpKkUNU8PUcDVcjVAj1Eg1Uo1Wo9UYNUaNVWPVeDVepapUNUlNUpPVZDVFTVHT1DSVptLUTDVTzVKz1Bw1R81Vc9U8NU8tUAtUukpXi9QilaEy1BK1RGWqpWqpWq6Wq5VqpVqtVqu1aq1ar9arjWqjylRb1Ba1TW1TO9QOtVPtVLvULrVb7VZ71V61T+1T+9V+dUAdUAfVQZWlstQhdUgdVofVEXVEHVVH1TF1TJ1QJ9RJdVKdUqfUGXVGnVPn1Hl1Xl1QF7Jv+wIRiEAF2VfamCA2iA3igrggT5AnyBvkDSJBJIgP4oN8wfVB/qBAUDAoFCQEhYMigQ5MYANxsenR4IageHBjUCIoGZQKSgcuKBMkBjcFZYObg3LBLUH54NagQnBbUDGoFFQOqgS3B1WDO4JqwZ1B9eCuoEZQM6gV1A7uDuoE9wR1g3uDesF9Qf3g/qBB8EDQMHgwaBQ8FDQOHg6aBI8ETYNHg2ZB86BF0DJo9afO7/2pAo+7zbq3TtZ9dF/9ku6n++sBeqAepF/Wg/Ureoh+VafooXqYfk0P16/rEfoNPVKP0qP1m3qMfkuP1eP0eD1Bp+qJepJ+W0/W7+gpeqqepqfrND1Dz9Tv6ll6tp6j39Nz9ft6np6vF+iFOl1/oBfpxTpDf6iX6I90pl6ql+nleoVeqVfp1XqNXqvX6fV6g96oN+nNeoveqrfp7XqH/ljv1J/oXfpTvVvv0Xv1Z3qf/lzv11/oA/pLfVB/pbP01/qQ/kYf1t/qI/o7fVR/r4/p4/qE/kGf1D/qU/q0PqPP6nP6J31e/6wvaJ99c599eTfKKBNjYkysiTVxJs7kMXlMXpPXREzExJt4k8/kM/lNflPQFDQJJsEUMUVMNjJkipqiJmqiprgpbkqYEqaUKWWccSbRJJqypqwpZ8qZ8qa8qWAqmIqmoqlsKpvbze3mDnOHudPcae4yd5mapqapbWqbOqaOqWvqmnqmnqlv6psGpoFpaBqaRqaRaWwamyamiWlqmppmpplpYVqYVqaVaW1amzamjWln2pn2pr3pYDqYJJNkOpqOppPpZDqbzqaL6WK6mq6mm+lmepgepqfpaXqZXibZJJu+pq/pZ/qZAWaAGWQGmcFmsBlihpgUk2KGmWFmuBluRpgRZqQZZUZnnz7mLTPWjDPjzQSTalLNJDPJTDaTzRQzxUwz00yaSTMzzUwzy8wyc8wcM9fMNfPMPLPALDDpJt0sMotMhskwS8wSk2kyzTKzzKwwK8wqs8qsMWvMOrPObIANZpPZZLaYLWab2WZ2mB1mp9lpdpldZrfZbfaavWaf2Wf2m/3mgDlgDpqDJstkmUPmkDlsDpsj5og5ao6aY+aYOWFOmJPmpDllTpkz5ow5ZwpcvF56E2tz2zh7lc1jr7Z57TX2b+OCtpBNsIVtEattflvgN7Gx1pawJW0pW9o6W8Ym2pt+F1e0lWxlW8XebqvaO2y138V17D22rr3X1rP32dr27t/E9e39toF9xDZEBLDNbWPb0jaxj9im9lHbzDa3LWxL294+aTvYp2ySfdp2tM/8Ll5kF9s1dq1dZ9fb3XaPPWPP2sP2W3vO/mR72d52kH3ZDrav2CH2VZtih/4uHm3ftGPsW3asHWfH2wm/i6fZ6TbNzrAz7bt2lp39uzjdfmDn2gw7z863C+zCX+LsmjLsh3aJ/chm2gCW2eV2hV1pV9nV/7/W5Xaj3WQ32132U7vNbrc77Md256UbYbvH7rWf2X32c3vIfmMP2C/tQXvEZtmvf4mzj++I/c4etd/bY/a4PWF/sCftj+pSdvax/2B/thest0BIQJIUBRRDuSiWclMcXUV56GrKS9dQhK6leLqO8tH1lJ8KUEEqRAlUmIqQJkOWiEIqSsUoSjfQpfJKUWlyVIYS6SYqSzdTObqFytOtVIFuo4pUiSpTFbqdqtIdVI3upOp0F9WgmlSLatPdVIfuobp0L9WD+6g+3U8N6AFqSA9SI3qIGtPD1IQeoab0KDWj5tSCWlIreoxa0+PUhtpSO3qC2tOT1IGeoiR6mjrSM9SJ/kKd6VnqQs9RV3qeulF36kEvUE96kXpRb0qmPtSXXqJ+1J8G0EAaRC/TYHqFhtCrlEJDaRi9RsPpdRpBb9BIGkWj6U0aQ2/RWBpH42kCpdJEmkRv02R6h6bQVJpG0ymNZtBMepdm0WyaQ+/RXHqf5tF8WkALKZ0+oEW0mDLoQ1pCH1EmLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQx7STPqFd9Cntpj20lz6jffQ57acv6AB9SQfpK8qir+kQfUOH6Vs6Qt/53vQ9HaPjdIJ+oJP0I52i03SGztI5+onO0890gTxBiKEIZajCIIwJc4WxYe4wLrwqzBNeHeYNrwkj4bVhfHhdmC+8PswfFggLhoXChLBwWCTUoQltSGEYFg2LhdHwhrB4eGNYIiwZlgpLhy4sEyaGN4Vlw5vDcuEtYfnw1rBCeFtYMawUPnJflfD2sGp4R1gtvDOsHt4V1ghrhrXC2uHdYZ3wnrBueG9YL7wvLBfeHzYIHwgbhg+GjcKHwsbhw2GT8JGwafho2CxsHrYIW4atwsfC1uHjYZuwbdgufCJsHz4ZdgifCpPCp8OO4TO/rL9/8d9fnxz2CfuGL4Uvhd7fKxdEF0bTox9EF0UXRzOiH0aXRD+KZkaXRpdFl0dXRFdGV0VXR9dE10bXRddHN0Q3RjdFN0e9r50LHDrhpFMucDEul4t1uV2cu8rlcVe7vO4aF3HXunh3ncvnrnf5XQFX0BVyCa6wK+K0M846cqEr6oq5qLvBFXc3uhKupCvlSjvnyrhE19K1cq1ca/e4a+PaunbuCfeEe9I96Z5yT7mnXUf3jOvk/uI6u2ddF/ece84977q57q6He8H1dBPz/npOJru+rq/r5/q5AW6AG+QGucFusBvihrgUl+KGuWFuuBvuRrgRbqQb6Ua70W6MG+PGurFuvBvvUl2qm+QmucluspviprhpbppLc2luppvpZrlZrursX/cyz81zC9wCl+7S3SKXfc+Y4Za4JS7TZbplbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vldrnd/ppfJ3X73H633x1wB9xB95XLcl+7Q+4bd9h9646479xR97075o67E+4Hd9L96E650+6MO+vOuZ/cefezu+C8S41MjEyKvB2ZHHknMiUyNTItMj2SFpkRmRl5NzIrMjsyJ/JeZG7k/ci8yPzIgsjCSHrkg8iiyOJIRuTDyJLIR5HMyNLIssjyyIrIyoj3hbeFvqgv5qP+Bl/c3+hL+JK+lC/tnS/jE/1Nvqy/2Zfzt/jy/lZfwd/mK/pKvrJ/1DfzzX0L39K38o/51v5x38a39e38E769f9J38E/5JP+07+if8Z38X3xn/6zv4p/zXf3zvpvv7nv4F3xP/6Lv5Xv7ZN/H9/Uv+X6+vx/gB/pB/mU/2L/ih/hXfYof6of51/xw/7of4d/wI/0oPzrmTT/m0iMyTPCpfqKf5N/2k/07cKef6qf56T7Nz/Az/bt+lp/t5/j3/Fz/vp/n5/sFfqFP9x/4RX6xz/Af+iX+I5/pl156qexX+dV+jV/r1/n1foPf6Df5zX6L3+q3+e1+h//Y7/Sf+F3+U7/b7/F7/Wd+n//c7/df+AP+S3/Qf+Wz/Nf+kP/GH/bf+iP+O3/Uf++P+eP+hP/Bn/Q/+lP+tD/jz/pz/id/3v/sL/D/WWOMMcYY+6dMvDwUv13z6+v8Pn+QI/5q474AcPX2Qll/vT77jnJD/l/H/UVC+wgAPN2760OXlho1kpOTL26bKSEoNh/g0t8EZYuBy/FSaAdPQhK0hbJ/WH9/0f0c/YP5o7cCxP1VTixcji/P/wUAJv/B/I89MXpRhfBM/H8x/3yAEsUu5+SGy/FSaPfL+5W2UO7v1F+g9T+oP/eXqQBt/ionD1yOL9efCI/DM5D0my0ZY4wxxhhjjLFf9ReVO196/rz0Lz7/6Pk8QV3OyQWX43/0fM4YY4wxxhhjjLEr79nuPZ56LCmpbed/fVDtv5X1Tw+awv/UzDz4w4H3AJe+ogDg35wQIHsg/5NHsfU/sq+Ui6fO365acdYH8L+jlX/G4Ar/YGKMMcYYY4z96S7f9P/26+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVA/4lfJ3alj5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5fAAAA//85evzE")
fallocate(r6, 0x0, 0xfc01, 0x1000f4)
r7 = dup(r0)
sendmsg$inet(r7, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000140)="be38", 0xffdf}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}, @ip_retopts={{0x1c, 0x0, 0x7, {[@timestamp={0x44, 0x4, 0x73}, @noop]}}}], 0x40}, 0x0)
syz_usb_connect(0x5, 0x46, &(0x7f0000000780)=ANY=[@ANYBLOB="12010000e75fcc08c0070515c5b8010203010902340001000080000904"], 0x0)

8m21.460433185s ago: executing program 33 (id=21):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
syz_open_dev$loop(0x0, 0x8, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10117, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff00c}, {0x6}]}, 0x10)
sendmmsg(r2, &(0x7f0000000180), 0x4000190, 0x0)

7m34.208098844s ago: executing program 0 (id=73):
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
eventfd(0x4870)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_VERDICT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1400000003030102000000d32cd28e3d83269952000000000005000000"], 0x14}, 0x1, 0x0, 0x0, 0xc010}, 0x4000)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000001580)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x4}, @in=@local, 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0xd, 0x9}, {}, 0x1, 0x0, 0x1}, {{@in=@multicast2, 0x4d2, 0x33}, 0x0, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3506, 0x0, 0x2, 0xb7, 0x2}}, 0xe8)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0x1c)

7m32.916194065s ago: executing program 0 (id=75):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_open_dev$vim2m(&(0x7f00000000c0), 0x8aaf, 0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xfffffffffffffffe, 0x2000a000000, 0xfffffffffffffffd, 0x0, 0x10, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3fa, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xe, 0x80000006}, 0x0, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
write$P9_RUNLINKAT(r2, &(0x7f0000000280)={0x7, 0x4d, 0x2}, 0x7)
r4 = dup(r1)
write$FUSE_BMAP(r4, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r4, &(0x7f00000004c0)={0x18}, 0x18)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000200)={0x50, 0x0, r6, {0x7, 0x29, 0x20200, 0x20, 0x0, 0x0, 0x0, 0x2ac, 0x0, 0x0, 0x10}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4014, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_fscache}]}})
r7 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r7, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
io_uring_register$IORING_REGISTER_PROBE(r7, 0x8, &(0x7f0000000400)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x13)

7m31.499030263s ago: executing program 0 (id=76):
openat(0xffffffffffffff9c, 0x0, 0x101c02, 0x26)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$TIOCSRS485(0xffffffffffffffff, 0x542f, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804071, 0x0, 0x0, 0x0, &(0x7f0000000d40))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

7m28.337781332s ago: executing program 0 (id=78):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48)
r0 = socket$inet6(0xa, 0x80000, 0x10000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x4b301, 0x0)
write(r2, &(0x7f0000000040)="9035d1a1facb75526d6b945626", 0xd)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000000c0)={0x0, <r5=>0x0})
rt_sigqueueinfo(r5, 0x17, &(0x7f0000000300)={0x1c, 0xf, 0xf})
mmap(&(0x7f00000ee000/0x1000)=nil, 0x1000, 0x2, 0x10, r0, 0x23495000)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mremap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', 0xe02, 0x1c0)
r9 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000200)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r9, r8, 0x0, 0x3a)

7m26.587626264s ago: executing program 0 (id=80):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000007794608cd0c39007b90000000010902120001fc0000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2603)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f00000000c0)={0x0})

7m22.14336808s ago: executing program 0 (id=83):
inotify_add_watch(0xffffffffffffffff, 0x0, 0x52000775)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x202)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00'}, 0x18)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000bc0)=ANY=[@ANYBLOB='iocharset=maciceland,iocharset=default,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d636f6e74696e75652c696f636861727365743d63703835352c666d61736b3d30303030303030303030303030303030303030303230342c756d61736b3d30303030303030303030303030303030303031303030002c6b6565705f6c6173745f646f74732c757466382c696f636861727365743d69736f383835382d322c00716e38bcb049da85848e6756a3bd4745417549b1cb9a33b753aa8794c7e33757ce7c8e8fffc81ac6d5041b8ed65bd4dbe75b53ad789c5f492cb5866d74265428e77c8824127d6f36cd183083f016bdaf33c30f8645e367d089cb4235517369a13ead2b4ea75585050ac51ba363c593780cf08ef99a97db4c453e6fded10a48d332668e93902504c38866c149921b590e1dd141206e28b0b817e984629c659b02a0508f2b8ca4ae4a125af4831e79e8bbb571147676f45a4e36f460952320d5a1d97c98508c7f149f9a30b543949899e532f8be39abce"], 0x1, 0x152c, &(0x7f0000001f80)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSUJyS9b/mfB3OnX+dc7pn/OceX/Ps59Z76y91n73936Xtfcz833TZUitxrWrNyQi+I/g+R9JABALAAMAIC8ABABQPq58XFZ/TolJ/9lB2J/rgdTLnQG7nLj+2RvXP3vj+mdvXP/sjeufvXH9szeuf/bG9WcsO9s4tdBVvGXfje//Z2f8+f8/JLPMmC9Wl7mmK0DMHx3C9c/euP7/s4I/shPXP3vj+mdXsZc7AfZfgF//2UGOf9rD9c/euP6MZWeX+/7z5d4g8l/2GBzOeb4wf9X5M8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjf4FT/hIFABfblzsvxhhjjDHGGGOM/Xl8jsudAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBAFdCHsgLEbgK4uBqyAfXQH4oAAWhEMRDYSgCGgxYIAihKBSDKFwLxeE6KAEloRSUBgdlIAGuh7JwA5SDG6E83AQV4GaoCJWgMlSBW6Aq3ArV4DaoDrdDDagJtaA23AF14E6oC3dBPbgb6sM9cC/cBw3gfmgID0AjeBAaw0PQBB6GptAMmkMLaPlvjX8OesDz0BN6QRL0hj7wAvSFftAfXoQB8BIMhJdhELwCyTAYhsCrMBReg2HwOgyHETAS3oBR8CaMhjEwFsZBCoyHCfAWTIS3YRK8A5NhCqTCVJgG78J0mAEz4T2YBe/DbJgDc2EepMEHMB8WQDp8CAvhI8iARbAYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtvhY9gBn8BO2AW74VPYA5/9i+NP/sP4rggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYD/NhfsyPBbEgxmM8FsEiaNAgIWFRLIpRjGJxLI4lsASWwlLo0GECJmBZvAHLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oF3YG+si3WxHtbD+lj/4u0pbIgNsRE2wsbYGJtgE2yKTbE5NseW2BJbYStsja2xLbbFdtgO22N7TMRE7IAdsCN2xE7YCTtjZ+yCXbArdsNumc/lAHwen8deWEP0xj7YB/tico7++CK+iC/hQHwZX8ZXMBkH4xB8FV/F13AYnsDhOAJH4kisKt7E0TgGSYzDFEzBCTgBJ+JEzEr0HZyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4T/1Wjj0uuSgaRRQklYkSMiBWxIpfIJXKL3CKPyCMiIiLiRJzIJ/KJ/CK/KCgKingRL4qIIsIII0iEMQAgoiIqioviooQoIUqJUsIJJxJEgigryopyopwoL24SFcTNoqKoJNq4KqKKqCraumriNlFdVBc1RE1RS9QWtUUdUUfUFXVFPVFP1Bf1xb3iPtFA9Mb++IDIqkxjMRibiCHYVDQT8sI7WCsxDFuLNqKteEyMwOHYXrRyieJJ0UGMxo7ib2IMPi06i3HYRTwruopuort4TvQQrV1P0UtMwt6ij5iCfUU/0V+8KKZjTfEezspZS7wiksVgMUS8Kubha2KYeF0MFyPESPGGGCXeFKPFGDFWjBMpYryYIN4SE8XbYpJ4R0wWU0SqmCqmiXfFdDFDzBTviVnifTFbzBFzxTyRJj4Q88UCkS4+FAvFRyJDLBKLxRKxVCwTy8UKsVKsEqvFGrFWrBPrxQaxUWwSm0UsbBXbxHbxsdghPhE7xS6xW3wq9ojPxF7xudgnvhD7xZciU3wlDoivxUHxjTgkvhWHxXfiiDgqjonvxXHxgzghTopT4rQ4I34UZ8VP4pzwAiRKIaVUMpAxMoeMlTllLnmFzC2DC4/uVTJOXi3zyWtkfllAFpSFZLwsLItILY20kmQoi8piMiqvlcXldbKELClLydLSyTIyQV4vy8obZDl5oywvb5IV5M2yoqwkK8sq8hZZVd4qIXL+GDVkTVlL1pZ3yCS4U9aVd8l68m5ZX94j75X3yQbyftlQPiAbyQdlY/mQbCIflk1lM9lctpAt5SOylXxUtpZtZFv5mGwnH5ft5RMyUT4pO0h/4SnytOwsn5Fd5LOyq+wmu8uf5DnpZU/ZS0JvkH3kC7Kv7Cf7xwKAfEkOlC/LQfIVmSwHyyHyVTlUviaHydflcDlCjpRvyFHyTTlajpFj5TiZIsfLCfItOVG+LSfJd+RkOUWmyqmyvxzw80wzpfzd8W/9xvhBPx99g9woN8nNcovcKrfJ7fJjuUPukDvlTrlb7pZ75B65V+6V++Q+uV/ul5kyUx6QB+RBeVAekofkYXlYHpFH5Wn5vTwuf5An5El5Up6WZ+QZefbCYwAKlVBSKRWoGJVDxaqcKpe6QuVWV6o8Kq+KqKtUnLpa5VPXqPyqgCqoCql4VVgVUVoZZRWpUBVVxVRUXYsXnjCqlCqtnCqjEtT1/8p4VVxdp0qokr8YfzG/pH+SX0vVUrVSrVRr1Vq1VW1VO9VOtVftVaJKVB1UB9VRdVSdVCfVWXVWXVSXrOeD6q66qx6qh+qpeqoklaT6qBdUX9VP9VcvqgHqJTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUwdV8fVCXVCnVKn1Bl1Rp1VZ9U5dS5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuCaIH9QICgYFArig8JBkUAHJrCBuFD0aHBtUDy4LigRlAxKBaUDF5QJEoLrg7LBDUG54MagfHBTUCG4OagYVAoqB1WCW4Kqwa1BteC2oHpwe1AjqBnUCmoHdwR1gjuDusFdQb3g7qB+cE9wb3Bf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmQbOgedAiaPmnzu/9iQKPup66l07SvXUf/YLuq/vp/vpFPUC/pAfql/Ug/YpO1oP1EP2qHqpf08P063q4HqFH6jf0KP2mHq3H6LF6nE7R4/UE/ZaeqN/Wk/Q7erKeolP1VD1Nv6un6xl6pn5Pz9Lv69l6jp6r5+k0/YGerxfodP2hXqg/0hl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1jv0J3qn3qV360/1Hv2Z3qs/1/v0F3q//lJn6q/0Af21Pqi/0Yf0t/qw/k4f0Uf1Mf29Pq5/0Cf0SX1Kn9Zn9I/6rP5Jn9M+a3Gf9fFulFEmxsSYWBNrcplcJrfJbfKYPCZiIibOxJl8Jp/Jb/KbgqagiTfxpogpYrKQIVPUFDVREzXFTXFTwpQwpUwp44wzCSbBlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3GJuMbeaW81t5jZzu7nd1DQ1TW1T29QxdUxdU9fUM/VMfVPf3GvuNQ1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1Nc9PStDStTCvT2rQ2bU1b0860M+1Ne5NoEk0H08F0NB1NJ9PJdDadTRfTxXQ1XU130930MD1MT9PTJJkk08f0MX1NX9Pf9DcDzAAz0Aw0g8wgk2ySzRAzxAw1Q80wM8wMNyPMyKyFqnnTjDZjzFgzzqSYFDPBTDATzUQzyUwyk81kk2pSzTQzzUw3081MM9PMMrPMbDPbzDVzTZpJM/PNfJNu0s1Cs9BkmAyz2Cw2S81Ss9wsNyvNSrParDZrYa1Zb9abjWaj2Ww2m61mq9lutpsdZofZaXaa3Wa32WP2mL1mr9ln9pn9Zr/JNJnmgDlgDpqD5pA5ZA6bw+aIOWKOmWPmuDluTpgT5pQ5Zc6YAhc+L72JtTltLnuFzW2vtHlsXvuPcUFbyMbbwraI1Ta/LfCL2FhrS9iStpQtbZ0tYxPs9b+KK9pKtrKtYm+xVe2tttqv4jr2TlvX3mXr2bttbXvHL+L69h6btTppgAhgm9lGtoVtbB+yTezDtqltZpvbFradfdy2t0/YRPuk7WCf+lU83y6wK+0qu9qusTvtLnvKnrYH7Tf2jP3R9rS97AD7kh1oX7aD7Cs22Q7+VTzSvmFH2TftaDvGjrXjfhVPtlNsqp1qp9l37XQ741dxmv3AzrLpdradY+faeT/HWTml2w/tQvuRzbABLLZL7FK7zC63Ky7m6vPadXa93WB32E/sZrvFbrXb7PaLC2G7y+62n9o99jN7wH5t99kv7H57yGbar36Os87vkP3WHrbf2SP2qD1mv7fH7Q/q4uisc//e/mTPWW+BkIAkKQoohnJQLOWkXHQF5aYrKQ/lpQhdRXF0NeWjayg/FaCCVIjiqTAVIU2GLBGFVJSKUZSupYvplaLS5KgMJdD1VJZuoHJ0I5Wnm6gC3UwVqRJVpip0C1WlW6ka3UbV6XaqQTWpFtWmO6gO3Ul16S6qR3dTfbqH7qX7qAHdTw3pAWpED1Jjeoia0MPUlJpRc2pBLekRakWPUmtqQ23pMWpHj1N7eoIS6UnqQE9RR/obdaKnqTM9Q13oWepK3ag7PUc96HnqSb0oiXpTH3qB+lI/6k8v0gB6iQbSyzSIXqFkGkxD6FUaSq/RMHqdhtMIGklv0Ch6k0bTGBpL4yiFxtMEeosm0ts0id6hyTSFUmkqTaN3aTrNoJn0Hs2i92k2zaG5NI/S6AOaTwsonT6khfQRZdAiWkxLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTFtoK22j7fQx7aBPaCftot30Ke2hzwjpc9pHX9B++pIy6Ss6QF/TQfqGDtG3vhd9R0foKB2j7+k4/UAn6CSdotN0hn6ks/QTnSNPEGIoQhmqMAhjwhxhbJgzzBVeEeYOrwzzhHnDSHhVGBdeHeYLrwnzhwXCgmGhMD4sHBYJdWhCG1IYhkXDYmE0vDYsHl4XlghLhqXC0qELy4QJ4fVh2fCGsFx4Y1g+vCmsEN4cVgwrhQ/dXSW8Jawa3hpWC28Lq4e3hzXCmmGtsHZ4R1gnvDOsG94V1gvvDsuF94T3hveFDcL7w4bhA2Gj8MGwcfhQ2CR8OGwaNgubhy3CluEjYavw0bB12CZsGz4WtgsfD9uHT4SJ4ZNhh/Cpn/vvWfDP+5PC3mGf8IXwhdD7u+Tc6LxoWvSD6Pzogmh69MPowuhH0Yzoouji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iao97VzgEMnnHTKBS7G5XCxLqfL5a5wud2VLo/L6yLuKhfnrnb53DUuvyvgCrpCLt4VdkWcdsZZRy50RV0xF3XXuuLuOlfClXSlXGnnXBmX4Fq4lq6la+Ueda1dG9fWPeYec4+7x90T7gn3pOvgnnId3d9cJ/e06+yecc+4Z11X1811d8+5Hm58nvOvySTXx/VxfV1f19/1dwPcADfQDXSD3CCX7JLdEDfEDXVD3TA3zA13w91IN9KNcqPcaDfajXVjXYpLcRPcBDfRTXST3CQ32U12qS7VTXPT3HQ33VWdcf4os91sN9fNdWkuzc13WWvGdLfQLXQZLsMtdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W13290Ot8Pt9HnPT+r2uL1ur9vn9rn97kuX6b5yB9zX7qD7xh1y37rD7jt3xB11x9z37rj7wZ1wJ90pd9qdcT+6s+4nd855lxIZH5kQeSsyMfJ2ZFLknaxZI6mRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF94c+iL+mI+6q/1xf11voQv6Uv50t75Mj7BX+/L+ht8OX+jL+9v8hX8zb6ir+Qr+4d9U9/MN/ctfEv/iG/lH/WtfRvf1j/m2/nHfXv/hE/0T/oO/inf0f/Nd/JP+87+Gd/FP+u7+m6+u3/O9/DP+56+l0/yvX0f/4Lv6/v5/v5FP8C/5Af6l/0g/4pP9oP9EP+qH+pf88P86364H+FHxrzhR128RIZxPsWP9xP8W36if9tP8u/4yX6KT/VT/TT/rp/uZ/iZ/j0/y7/vZ/s5fq6f59P8B36+X+DT/Yd+of/IZ/hFF28q++V+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/nt/mO/w3/id/pdfrf/1O/xn/m9/nO/z3/h9/svfab/yh/wX/uD/ht/yH/rD/vv/BF/1B/z3/vj/gd/wp/0p/xpf8b/6M/6n/w5/p81xhhjjLE/ZPylpvhlz/nb+b1/Y4z4u537AMCVWwpl/n1/1opybf7z7X4ivl0EAJ7s1eWBi1uNGklJSRf2zZAQFJuTte6+ND4GLsWLoC08DonQBsr+Zv79RLcz9DvzR28CyPV3Y2LhUnxp/s8BMOk35n/ksZHzK4Sn4v4f888BKFHs0piccCleBG1/vr/SBsr9k/wLtPqd/HN+kQLQ+u/G5IZL8aX8E+BReAoSf7EnY4wxxhhjjDF2Xj9RudPF68+Lf/H5W9fn8erSmBxwKf6963PGGGOMMcYYY4xdfk936/7EI4mJbTr9641qv7+P+mMTxvxWVxP4dxPjxr/V8B7g/xYOAP7DCQGyGvKvPItNf8mxki+8dP6xa+lpH8B/Ryn/jMZlfmNijDHGGGOM/ekuLfp/+Xt1uRJijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayof/0O97gD3xL3+U+R8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+z8BAAD//9t19x0=")
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000003680)='sched_switch\x00', r3}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x1)
lsetxattr$security_capability(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000240)=@v3={0x3000000, [{0xdb, 0x200b}, {0x1ff}]}, 0x18, 0x0)
open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)

7m6.097179682s ago: executing program 34 (id=83):
inotify_add_watch(0xffffffffffffffff, 0x0, 0x52000775)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000380)=0x202)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00'}, 0x18)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000bc0)=ANY=[@ANYBLOB='iocharset=maciceland,iocharset=default,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d636f6e74696e75652c696f636861727365743d63703835352c666d61736b3d30303030303030303030303030303030303030303230342c756d61736b3d30303030303030303030303030303030303031303030002c6b6565705f6c6173745f646f74732c757466382c696f636861727365743d69736f383835382d322c00716e38bcb049da85848e6756a3bd4745417549b1cb9a33b753aa8794c7e33757ce7c8e8fffc81ac6d5041b8ed65bd4dbe75b53ad789c5f492cb5866d74265428e77c8824127d6f36cd183083f016bdaf33c30f8645e367d089cb4235517369a13ead2b4ea75585050ac51ba363c593780cf08ef99a97db4c453e6fded10a48d332668e93902504c38866c149921b590e1dd141206e28b0b817e984629c659b02a0508f2b8ca4ae4a125af4831e79e8bbb571147676f45a4e36f460952320d5a1d97c98508c7f149f9a30b543949899e532f8be39abce"], 0x1, 0x152c, &(0x7f0000001f80)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSUJyS9b/mfB3OnX+dc7pn/OceX/Ps59Z76y91n73936Xtfcz833TZUitxrWrNyQi+I/g+R9JABALAAMAIC8ABABQPq58XFZ/TolJ/9lB2J/rgdTLnQG7nLj+2RvXP3vj+mdvXP/sjeufvXH9szeuf/bG9WcsO9s4tdBVvGXfje//Z2f8+f8/JLPMmC9Wl7mmK0DMHx3C9c/euP7/s4I/shPXP3vj+mdXsZc7AfZfgF//2UGOf9rD9c/euP6MZWeX+/7z5d4g8l/2GBzOeb4wf9X5M8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjf4FT/hIFABfblzsvxhhjjDHGGGOM/Xl8jsudAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBAFdCHsgLEbgK4uBqyAfXQH4oAAWhEMRDYSgCGgxYIAihKBSDKFwLxeE6KAEloRSUBgdlIAGuh7JwA5SDG6E83AQV4GaoCJWgMlSBW6Aq3ArV4DaoDrdDDagJtaA23AF14E6oC3dBPbgb6sM9cC/cBw3gfmgID0AjeBAaw0PQBB6GptAMmkMLaPlvjX8OesDz0BN6QRL0hj7wAvSFftAfXoQB8BIMhJdhELwCyTAYhsCrMBReg2HwOgyHETAS3oBR8CaMhjEwFsZBCoyHCfAWTIS3YRK8A5NhCqTCVJgG78J0mAEz4T2YBe/DbJgDc2EepMEHMB8WQDp8CAvhI8iARbAYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtvhY9gBn8BO2AW74VPYA5/9i+NP/sP4rggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYD/NhfsyPBbEgxmM8FsEiaNAgIWFRLIpRjGJxLI4lsASWwlLo0GECJmBZvAHLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oF3YG+si3WxHtbD+lj/4u0pbIgNsRE2wsbYGJtgE2yKTbE5NseW2BJbYStsja2xLbbFdtgO22N7TMRE7IAdsCN2xE7YCTtjZ+yCXbArdsNumc/lAHwen8deWEP0xj7YB/tico7++CK+iC/hQHwZX8ZXMBkH4xB8FV/F13AYnsDhOAJH4kisKt7E0TgGSYzDFEzBCTgBJ+JEzEr0HZyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4T/1Wjj0uuSgaRRQklYkSMiBWxIpfIJXKL3CKPyCMiIiLiRJzIJ/KJ/CK/KCgKingRL4qIIsIII0iEMQAgoiIqioviooQoIUqJUsIJJxJEgigryopyopwoL24SFcTNoqKoJNq4KqKKqCraumriNlFdVBc1RE1RS9QWtUUdUUfUFXVFPVFP1Bf1xb3iPtFA9Mb++IDIqkxjMRibiCHYVDQT8sI7WCsxDFuLNqKteEyMwOHYXrRyieJJ0UGMxo7ib2IMPi06i3HYRTwruopuort4TvQQrV1P0UtMwt6ij5iCfUU/0V+8KKZjTfEezspZS7wiksVgMUS8Kubha2KYeF0MFyPESPGGGCXeFKPFGDFWjBMpYryYIN4SE8XbYpJ4R0wWU0SqmCqmiXfFdDFDzBTviVnifTFbzBFzxTyRJj4Q88UCkS4+FAvFRyJDLBKLxRKxVCwTy8UKsVKsEqvFGrFWrBPrxQaxUWwSm0UsbBXbxHbxsdghPhE7xS6xW3wq9ojPxF7xudgnvhD7xZciU3wlDoivxUHxjTgkvhWHxXfiiDgqjonvxXHxgzghTopT4rQ4I34UZ8VP4pzwAiRKIaVUMpAxMoeMlTllLnmFzC2DC4/uVTJOXi3zyWtkfllAFpSFZLwsLItILY20kmQoi8piMiqvlcXldbKELClLydLSyTIyQV4vy8obZDl5oywvb5IV5M2yoqwkK8sq8hZZVd4qIXL+GDVkTVlL1pZ3yCS4U9aVd8l68m5ZX94j75X3yQbyftlQPiAbyQdlY/mQbCIflk1lM9lctpAt5SOylXxUtpZtZFv5mGwnH5ft5RMyUT4pO0h/4SnytOwsn5Fd5LOyq+wmu8uf5DnpZU/ZS0JvkH3kC7Kv7Cf7xwKAfEkOlC/LQfIVmSwHyyHyVTlUviaHydflcDlCjpRvyFHyTTlajpFj5TiZIsfLCfItOVG+LSfJd+RkOUWmyqmyvxzw80wzpfzd8W/9xvhBPx99g9woN8nNcovcKrfJ7fJjuUPukDvlTrlb7pZ75B65V+6V++Q+uV/ul5kyUx6QB+RBeVAekofkYXlYHpFH5Wn5vTwuf5An5El5Up6WZ+QZefbCYwAKlVBSKRWoGJVDxaqcKpe6QuVWV6o8Kq+KqKtUnLpa5VPXqPyqgCqoCql4VVgVUVoZZRWpUBVVxVRUXYsXnjCqlCqtnCqjEtT1/8p4VVxdp0qokr8YfzG/pH+SX0vVUrVSrVRr1Vq1VW1VO9VOtVftVaJKVB1UB9VRdVSdVCfVWXVWXVSXrOeD6q66qx6qh+qpeqoklaT6qBdUX9VP9VcvqgHqJTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUwdV8fVCXVCnVKn1Bl1Rp1VZ9U5dS5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuCaIH9QICgYFArig8JBkUAHJrCBuFD0aHBtUDy4LigRlAxKBaUDF5QJEoLrg7LBDUG54MagfHBTUCG4OagYVAoqB1WCW4Kqwa1BteC2oHpwe1AjqBnUCmoHdwR1gjuDusFdQb3g7qB+cE9wb3Bf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmQbOgedAiaPmnzu/9iQKPup66l07SvXUf/YLuq/vp/vpFPUC/pAfql/Ug/YpO1oP1EP2qHqpf08P063q4HqFH6jf0KP2mHq3H6LF6nE7R4/UE/ZaeqN/Wk/Q7erKeolP1VD1Nv6un6xl6pn5Pz9Lv69l6jp6r5+k0/YGerxfodP2hXqg/0hl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1jv0J3qn3qV360/1Hv2Z3qs/1/v0F3q//lJn6q/0Af21Pqi/0Yf0t/qw/k4f0Uf1Mf29Pq5/0Cf0SX1Kn9Zn9I/6rP5Jn9M+a3Gf9fFulFEmxsSYWBNrcplcJrfJbfKYPCZiIibOxJl8Jp/Jb/KbgqagiTfxpogpYrKQIVPUFDVREzXFTXFTwpQwpUwp44wzCSbBlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3GJuMbeaW81t5jZzu7nd1DQ1TW1T29QxdUxdU9fUM/VMfVPf3GvuNQ1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1Nc9PStDStTCvT2rQ2bU1b0860M+1Ne5NoEk0H08F0NB1NJ9PJdDadTRfTxXQ1XU130930MD1MT9PTJJkk08f0MX1NX9Pf9DcDzAAz0Aw0g8wgk2ySzRAzxAw1Q80wM8wMNyPMyKyFqnnTjDZjzFgzzqSYFDPBTDATzUQzyUwyk81kk2pSzTQzzUw3081MM9PMMrPMbDPbzDVzTZpJM/PNfJNu0s1Cs9BkmAyz2Cw2S81Ss9wsNyvNSrParDZrYa1Zb9abjWaj2Ww2m61mq9lutpsdZofZaXaa3Wa32WP2mL1mr9ln9pn9Zr/JNJnmgDlgDpqD5pA5ZA6bw+aIOWKOmWPmuDluTpgT5pQ5Zc6YAhc+L72JtTltLnuFzW2vtHlsXvuPcUFbyMbbwraI1Ta/LfCL2FhrS9iStpQtbZ0tYxPs9b+KK9pKtrKtYm+xVe2tttqv4jr2TlvX3mXr2bttbXvHL+L69h6btTppgAhgm9lGtoVtbB+yTezDtqltZpvbFradfdy2t0/YRPuk7WCf+lU83y6wK+0qu9qusTvtLnvKnrYH7Tf2jP3R9rS97AD7kh1oX7aD7Cs22Q7+VTzSvmFH2TftaDvGjrXjfhVPtlNsqp1qp9l37XQ741dxmv3AzrLpdradY+faeT/HWTml2w/tQvuRzbABLLZL7FK7zC63Ky7m6vPadXa93WB32E/sZrvFbrXb7PaLC2G7y+62n9o99jN7wH5t99kv7H57yGbar36Os87vkP3WHrbf2SP2qD1mv7fH7Q/q4uisc//e/mTPWW+BkIAkKQoohnJQLOWkXHQF5aYrKQ/lpQhdRXF0NeWjayg/FaCCVIjiqTAVIU2GLBGFVJSKUZSupYvplaLS5KgMJdD1VJZuoHJ0I5Wnm6gC3UwVqRJVpip0C1WlW6ka3UbV6XaqQTWpFtWmO6gO3Ul16S6qR3dTfbqH7qX7qAHdTw3pAWpED1Jjeoia0MPUlJpRc2pBLekRakWPUmtqQ23pMWpHj1N7eoIS6UnqQE9RR/obdaKnqTM9Q13oWepK3ag7PUc96HnqSb0oiXpTH3qB+lI/6k8v0gB6iQbSyzSIXqFkGkxD6FUaSq/RMHqdhtMIGklv0Ch6k0bTGBpL4yiFxtMEeosm0ts0id6hyTSFUmkqTaN3aTrNoJn0Hs2i92k2zaG5NI/S6AOaTwsonT6khfQRZdAiWkxLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTFtoK22j7fQx7aBPaCftot30Ke2hzwjpc9pHX9B++pIy6Ss6QF/TQfqGDtG3vhd9R0foKB2j7+k4/UAn6CSdotN0hn6ks/QTnSNPEGIoQhmqMAhjwhxhbJgzzBVeEeYOrwzzhHnDSHhVGBdeHeYLrwnzhwXCgmGhMD4sHBYJdWhCG1IYhkXDYmE0vDYsHl4XlghLhqXC0qELy4QJ4fVh2fCGsFx4Y1g+vCmsEN4cVgwrhQ/dXSW8Jawa3hpWC28Lq4e3hzXCmmGtsHZ4R1gnvDOsG94V1gvvDsuF94T3hveFDcL7w4bhA2Gj8MGwcfhQ2CR8OGwaNgubhy3CluEjYavw0bB12CZsGz4WtgsfD9uHT4SJ4ZNhh/Cpn/vvWfDP+5PC3mGf8IXwhdD7u+Tc6LxoWvSD6Pzogmh69MPowuhH0Yzoouji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iao97VzgEMnnHTKBS7G5XCxLqfL5a5wud2VLo/L6yLuKhfnrnb53DUuvyvgCrpCLt4VdkWcdsZZRy50RV0xF3XXuuLuOlfClXSlXGnnXBmX4Fq4lq6la+Ueda1dG9fWPeYec4+7x90T7gn3pOvgnnId3d9cJ/e06+yecc+4Z11X1811d8+5Hm58nvOvySTXx/VxfV1f19/1dwPcADfQDXSD3CCX7JLdEDfEDXVD3TA3zA13w91IN9KNcqPcaDfajXVjXYpLcRPcBDfRTXST3CQ32U12qS7VTXPT3HQ33VWdcf4os91sN9fNdWkuzc13WWvGdLfQLXQZLsMtdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W13290Ot8Pt9HnPT+r2uL1ur9vn9rn97kuX6b5yB9zX7qD7xh1y37rD7jt3xB11x9z37rj7wZ1wJ90pd9qdcT+6s+4nd855lxIZH5kQeSsyMfJ2ZFLknaxZI6mRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF94c+iL+mI+6q/1xf11voQv6Uv50t75Mj7BX+/L+ht8OX+jL+9v8hX8zb6ir+Qr+4d9U9/MN/ctfEv/iG/lH/WtfRvf1j/m2/nHfXv/hE/0T/oO/inf0f/Nd/JP+87+Gd/FP+u7+m6+u3/O9/DP+56+l0/yvX0f/4Lv6/v5/v5FP8C/5Af6l/0g/4pP9oP9EP+qH+pf88P86364H+FHxrzhR128RIZxPsWP9xP8W36if9tP8u/4yX6KT/VT/TT/rp/uZ/iZ/j0/y7/vZ/s5fq6f59P8B36+X+DT/Yd+of/IZ/hFF28q++V+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/nt/mO/w3/id/pdfrf/1O/xn/m9/nO/z3/h9/svfab/yh/wX/uD/ht/yH/rD/vv/BF/1B/z3/vj/gd/wp/0p/xpf8b/6M/6n/w5/p81xhhjjLE/ZPylpvhlz/nb+b1/Y4z4u537AMCVWwpl/n1/1opybf7z7X4ivl0EAJ7s1eWBi1uNGklJSRf2zZAQFJuTte6+ND4GLsWLoC08DonQBsr+Zv79RLcz9DvzR28CyPV3Y2LhUnxp/s8BMOk35n/ksZHzK4Sn4v4f888BKFHs0piccCleBG1/vr/SBsr9k/wLtPqd/HN+kQLQ+u/G5IZL8aX8E+BReAoSf7EnY4wxxhhjjDF2Xj9RudPF68+Lf/H5W9fn8erSmBxwKf6963PGGGOMMcYYY4xdfk936/7EI4mJbTr9641qv7+P+mMTxvxWVxP4dxPjxr/V8B7g/xYOAP7DCQGyGvKvPItNf8mxki+8dP6xa+lpH8B/Ryn/jMZlfmNijDHGGGOM/ekuLfp/+Xt1uRJijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayof/0O97gD3xL3+U+R8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+z8BAAD//9t19x0=")
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000003680)='sched_switch\x00', r3}, 0x10)
syz_open_dev$tty20(0xc, 0x4, 0x1)
lsetxattr$security_capability(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000240)=@v3={0x3000000, [{0xdb, 0x200b}, {0x1ff}]}, 0x18, 0x0)
open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)

18.51085199s ago: executing program 1 (id=552):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000a00)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@resgid}, {@barrier}, {@bsdgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'team_slave_0\x00', <r3=>0x0})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', r3, 0x8000, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x67, 0x0, 0x0, 0x29, 0x0, @multicast1, @empty}}}})
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x2, {{0x5, 0x4, 0x0, 0x24, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, @multicast1, @empty}}}})
r6 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r8}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r9, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RREADLINK(r0, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
fadvise64(r0, 0x7f, 0x0, 0x4)

16.197577196s ago: executing program 1 (id=555):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2002b08030300ecff3f0000", 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$kcm(0x10, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000280)=ANY=[@ANYBLOB="40000000100005ff00000008000000000000004a", @ANYRES32=0x0, @ANYBLOB="6f77000000000000140012800b0001006261746164760000040002800a000100"], 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x20000840)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x62)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

15.833876927s ago: executing program 2 (id=557):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x87)
connect$inet6(r3, &(0x7f0000000500)={0xa, 0xfffd, 0x0, @loopback, 0x5}, 0x1c)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000440), 0x1000a)
sendfile(r3, r4, &(0x7f0000000000)=0x5, 0x20001)
socket$inet6_udp(0xa, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x2a8, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x328, 0x3d8, 0x3d8, 0x328, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0, 0x4001}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x308)
accept$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @mcast2}, &(0x7f0000000580)=0x1c)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYBLOB, @ANYBLOB], 0x50)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x759, &(0x7f0000000c00)={[{@noload}, {@noblock_validity}, {@discard}, {@errors_remount}, {@discard, 0x0}, {@noauto_da_alloc}, {@noload}, {@journal_checksum}, {@mblk_io_submit}, {@noacl}, {@journal_dev={'journal_dev', 0x3d, 0x4}}, {@test_dummy_encryption_v1}, {@journal_dev={'journal_dev', 0x3d, 0x765}}, {@norecovery}, {@nobarrier}, {@data_writeback}, {@nombcache}], [{@audit}, {@uid_lt}], 0x2c}, 0x2, 0x4f8, &(0x7f0000000700)="$eJzs3EtvVGUfAPD/mbaUvtC3fXm9cVFG0dhopLRcFy6AaMLGxERjcFnbQpAChtYESCPFGEhcaPgEXnYmfgJXujFqXGjcStwaE2K6AV2YY87MmTrt6fTGtGPp75fM8JzbPM//nPMwz2VOA9iwytlbErE1In6OiJ7q4uwdytV/7k5PDv8xPTmcRJq+8ntS2e/O9ORwbdfacVvyhb5SROm9JHYWs+0cv3zl7NDY2OjFfEX/RClPnRs6PXp69PzgkSMH9ncdPjR4sClxZmW6s+OdC7u2n3j95kvDJ2++8e3nWXnTfHt9HFW9lfdNS86hrbCmHOXZ57LOU0sv+rrQXZdO2rP3UusKw5Jld212uToq9b8n2ipLVT3x4rstLRywqtI0TTsLa2e+y6bSeklSPSBNr6XAfSCJVpcAaI3aF/2d6aynOjlc7Aff324fi0oPKIv7bv6qbmmv9GDLvdW+Uccq5f9ARJyc+vOj7BXzjkMAADTXl8cibhyvtjtqr+qWUjxUt99/87mh3oj4X0Rsi4j/5+2XByMq+z4cEY/UHdO9hFmA8pzlYvvnx648Ud9cbZqs/fd8Prc1u/03U/LetnypuxJ/R3LqzNjovvyc9EVHZ7Y8UPzomWG1r1746cNG+Zfr2n/ZK8u/1hbMy/Fb+5wBupGhiaF7jbvm9rXKib1ajD+J9qSWitgeETtW8PnZOTvzzGe7Gm2fFX8WZyH+Dxp/ePsKCjRH+knE09XrPxVz4o98/i+pzE+ee6t//PKV587Uz08OHD40eLB/c4yN7uuv3RVF3/1w/eU8WehGLHD9a1VjVSfSsuv/n3nv/5mZy94sNTNfO778PK7futGwT7PS+39T8molXZufvTQ0MXFxIGJTMlVcP/jPsZeGumbtn8Xft2f++r8t4q+P8+N2RkR2Ez8aEY9FxO687I9HxBMRsWeB+L85/uSbjbqQi8e/urL4R5Z1/Rsljn4fMf+mtrNff1HI+P1yIf6OaHT9D1RSffmakaGJzYvFtVBJ6xP3fAIBAABgHdgdEVsjKe3NB5q2Rqm0d2/ElpkRlPGJZ09dePv8SPUZgd7oKNVGunrqxkMH8rHhbDk7arBuOdu+vzJunKZp2pUtZ/33se7Whg4b3pYG9T/za/GRFuB+s6x5tEZPtAHr0tz6f2vJRzb/BxnA2mrC72iAdUr9h41ryfV/tZ6CA1pmvvp/NeJuC4oCrLH56v9rhTVH16QswNrS/4eNa+X1348BYL3z/Q8b0pIekl9BYtuJBfZJ2lcn08aJUiz8VwB6I2pram2ahT/wl1JEc0rY1tRIu2Zd09K8+2yOZuQVpUX3aV/GH2JY20Tp31GMaqIzIha5e2dutqu1xJXVLlilEnza2v+dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7t3fAQAA///tUdPr")

12.39871549s ago: executing program 2 (id=559):
listen(0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c0001800600060065580000040502"], 0x528}, 0x1, 0x0, 0x0, 0x4000}, 0xc000)

12.124228015s ago: executing program 3 (id=560):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1900000004000000040000000a"], 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x3d}]}, &(0x7f00000000c0)='GPL\x00', 0x1}, 0x94)
r2 = inotify_init1(0x800)
inotify_add_watch(r2, &(0x7f0000000180)='./control\x00', 0xa4000960)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r0}, &(0x7f0000000140), &(0x7f0000000080)=r1}, 0x30)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r0}, 0x20)

11.723562064s ago: executing program 1 (id=561):
mkdir(&(0x7f0000000380)='./file1\x00', 0xa)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r1, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r3=>r2}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, r3, {0x7}}, './file1\x00'})

10.817184824s ago: executing program 1 (id=562):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$FICLONE(r0, 0x40049409, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
ustat(0x801, 0x0)

9.311309938s ago: executing program 1 (id=563):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000001440)={{0x1, 0x1, 0x18, <r1=>r0, {0x4}}, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00'})
getsockopt$EBT_SO_GET_INFO(r1, 0x0, 0x80, &(0x7f0000002480)={'nat\x00', 0x0, 0x0, 0x0, [0xffffffffffffffff, 0x4aca3e29, 0x6, 0x4, 0x2, 0xd4]}, &(0x7f0000002500)=0x78)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x20)
syz_usb_connect(0x2, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x0, 0x96, 0xd1, 0xca}}]}}]}}, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000240)=ANY=[@ANYRESOCT], 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000000)=0xffb)
timerfd_create(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
execve(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x20, 0x0, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x2}, &(0x7f00000000c0), &(0x7f0000000280))
fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
sendmsg$NFNL_MSG_ACCT_NEW(0xffffffffffffffff, 0x0, 0x80)
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
r6 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000700), 0x101180, 0x0)
ioctl$SOUND_MIXER_WRITE_VOLUME(r6, 0xc0040d07, &(0x7f0000000040)=0x121)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000080)={{0x1009, 0x2, 0x0, 0x80, 'syz0\x00'}, 0x5, 0x0, 0x1, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000001, 0x32, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000540)=0x7b1)

8.306378815s ago: executing program 3 (id=564):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_open_dev$vim2m(&(0x7f00000000c0), 0x8aaf, 0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xfffffffffffffffe, 0x2000a000000, 0xfffffffffffffffd, 0x0, 0x10, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3fa, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xe, 0x80000006}, 0x0, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
write$P9_RUNLINKAT(r2, &(0x7f0000000280)={0x7, 0x4d, 0x2}, 0x7)
r4 = dup(r1)
write$FUSE_BMAP(r4, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r4, &(0x7f00000004c0)={0x18}, 0x18)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
read$FUSE(r5, &(0x7f00000021c0)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000200)={0x50, 0x0, r6, {0x7, 0x29, 0x20200, 0x20, 0x0, 0x0, 0x0, 0x2ac, 0x0, 0x0, 0x10}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4014, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_fscache}]}})

7.372669898s ago: executing program 2 (id=565):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000007794608cd0c39007b90000000010902120001fc0000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
r1 = syz_open_dev$I2C(0x0, 0x1, 0x2603)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f00000000c0)={0x0})

7.231674572s ago: executing program 3 (id=566):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000a00)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@resgid}, {@barrier}, {@bsdgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'team_slave_0\x00', <r3=>0x0})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', r3, 0x8000, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x67, 0x0, 0x0, 0x29, 0x0, @multicast1, @empty}}}})
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r1, 0x89f3, &(0x7f0000000940)={'syztnl0\x00', &(0x7f0000000140)={'ip_vti0\x00', 0x0, 0x0, 0x0, 0x0, 0x2, {{0x5, 0x4, 0x0, 0x24, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, @multicast1, @empty}}}})
r6 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r8}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$P9_RREADLINK(r0, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
fadvise64(r0, 0x7f, 0x0, 0x4)

6.280261753s ago: executing program 3 (id=567):
ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x12e042, 0x92)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xb, 0xff, 0x4932, 0x7f, 0x1, 0x1}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000340)={{r0}, &(0x7f0000000000)=0x7d8, &(0x7f0000000180)='%ps    \x00'}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000001c0)={{r0, <r2=>0xffffffffffffffff}, &(0x7f0000000100)=0x7d8, &(0x7f0000000140)='%pi6   \x00'}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000480)={0x0, &(0x7f0000000200)=""/197, &(0x7f0000000380), &(0x7f0000000300), 0x2, r2}, 0x38)

6.120339787s ago: executing program 1 (id=568):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xd5cd7000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
tgkill(0x0, 0x0, 0x21)
tkill(r0, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbHdpgR8/KiIKoi6isdHYQkHh4AWjiQdMjHjQY9MWghRqaE2EECmJwaMh8W48evXgVb0ZTyZe8WhiSIjhAnhaM7sz7e52t//Y7oL7+SRL35t9s+99982bfTNvlwD6Vjn9J4n4X0TcjIidtWxjgXLtz707Vybv37kyGQuVyqm/k2q5u2k+k++3PcuMFCIKXyRNL1gzd+nyuYmZmemLWX5s/vwnY3OXLr969vzEmekz0xfGjx8/euTwsdfHX1t/UC3qS+O6u+/z2f173/noxruTxXz7UPa3Po5OKUe5VVOqXux0ZT22oy6dFHvYENZlICLS7ipVx//OGAidB/2iUqlUBts/vVBpdm3ZFuCRlUSvWwD0Rv5Bn17/5o8uTT0eCrdP1C6A0rjvZY/aM8UoZGVKTde3nTQUER8u/PNN+ohNug8BAFDvpxP5TLB5/leIPXXl/p+toQxHxGMRsSsiHo+I3RHxRES17JMR8VTT65cjorJC/eWm/PL5T+HWAwW4inT+90a2ttU4/8tnfzE8kOV2ROQT5ulD2XsyEqXB02dnpg+vUMfPb/3+VbvnynXzv/SR1p/PBbN23Co23aCbmpif2HDATW5fi9hXbI4/KUYkiysBSUTsjYh963jd4br02Ze/27+YKTWWWz3+qkrLdbQOLFVUvo14qdb/C9HQ/0s1JiuvT44Nxcz0obH0KDjUso5ff7v+Xrv6V43/hz+bd3n72I+nHjTsRWn/b6s7/iNfv12KfziJSBbXa+fWX8f1P75se02ztuP/asM+6fG/Jfmgmt6SbftsYn7+4uGILcnJ5dvHl/bN83n5NP6Rg63H/65sn/SdeDoi0oP4mYh4NiKey9p+ICKej4iDK8T/y5svfLzx+DdXGv9Uy/NfQ/8vrdfPncwTl9aaGDh34Ob9NiePtfX/0WpqJNvS+vyXNJwi1trADryFAAAA8NArRPW7/4XRxXShMDpauwe0O7YVZmbn5l85PfvphanabwSGo1TI73TV7geXkvz+53BdfrwpfyS7b/z1wNZqfnRydmaq18FDn9teHfPJsvGf+mug160DNp2f/ED/Wm3877nRpYYAXefzH/pX3fhfaFNkwTdl4L+p9ed/qevtALqv1fi/uoF9gEdLxViGvmb8Q/8qxvuL6UJPWwJ0m89/6Etr/xX/RhKVwdZPDcXywjG0Oc3Y2qKuniTSmVVPat+6kb3y/02hbZkorPY6xYZjbDCWlxmInvTFmT0dP/gr2XflO93U71cep/l0fRPeqO6ehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbLvwEAAP//cdfX0w==")
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@bridge_getneigh={0x20, 0x1e, 0x3c964e403b131b43}, 0x20}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x0)

5.703184552s ago: executing program 2 (id=569):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mount$overlay(0x30, 0x0, 0x0, 0x80, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200"], 0x0}, 0x94)
unshare(0x22020600)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x13, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
io_setup(0x1, &(0x7f0000000b80)=<r6=>0x0)
io_submit(r6, 0x0, &(0x7f0000001d00))
signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0x72]}, 0x8, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r7, 0x40345410, &(0x7f0000000400)={{0x0, 0x1, 0xfffffffe, 0x0, 0xd335}})
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r7, 0x54a3)

5.685475094s ago: executing program 3 (id=570):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f0000000100)={0x0, 'erspan0\x00', {0x1}, 0x26})
read$FUSE(0xffffffffffffffff, &(0x7f0000009780)={0x2020}, 0x2020)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x2004c890}, 0x2000c800)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
timer_create(0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2010042, &(0x7f0000000000)={[{@subsystem='hugetlb'}, {@subsystem='memory'}, {@xattr}]})
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x40078, &(0x7f0000000000))
ioctl$HCIINQUIRY(r3, 0x400448ca, 0x0)
ioctl$sock_bt_hci(r3, 0x400448c9, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000180)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000))
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000380)={[{@noauto_da_alloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
statx(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x2000, 0x2dd8806920477201, 0x0)

3.800344368s ago: executing program 2 (id=571):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
socket$nl_generic(0x11, 0x3, 0x10)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
syz_open_dev$vim2m(&(0x7f00000000c0), 0x8aaf, 0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xfffffffffffffffe, 0x2000a000000, 0xfffffffffffffffd, 0x0, 0x10, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3fa, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xe, 0x80000006}, 0x0, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
write$P9_RUNLINKAT(r2, &(0x7f0000000280)={0x7, 0x4d, 0x2}, 0x7)
r4 = dup(r1)
write$FUSE_DIRENTPLUS(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r4, &(0x7f00000004c0)={0x18}, 0x18)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000000200)={0x50, 0x0, r5, {0x7, 0x29, 0x20200, 0x20, 0x0, 0x0, 0x0, 0x2ac, 0x0, 0x0, 0x10}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4014, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_fscache}]}})
r6 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r6, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
io_uring_register$IORING_REGISTER_PROBE(r6, 0x8, &(0x7f0000000400)={0x0, 0x0, 0x0, '\x00', [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}, 0x13)

3.600449726s ago: executing program 3 (id=572):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xd5cd7000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
tgkill(0x0, 0x0, 0x21)
tkill(r0, 0x38)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbHdpgR8/KiIKoi6isdHYQkHh4AWjiQdMjHjQY9MWghRqaE2EECmJwaMh8W48evXgVb0ZTyZe8WhiSIjhAnhaM7sz7e52t//Y7oL7+SRL35t9s+99982bfTNvlwD6Vjn9J4n4X0TcjIidtWxjgXLtz707Vybv37kyGQuVyqm/k2q5u2k+k++3PcuMFCIKXyRNL1gzd+nyuYmZmemLWX5s/vwnY3OXLr969vzEmekz0xfGjx8/euTwsdfHX1t/UC3qS+O6u+/z2f173/noxruTxXz7UPa3Po5OKUe5VVOqXux0ZT22oy6dFHvYENZlICLS7ipVx//OGAidB/2iUqlUBts/vVBpdm3ZFuCRlUSvWwD0Rv5Bn17/5o8uTT0eCrdP1C6A0rjvZY/aM8UoZGVKTde3nTQUER8u/PNN+ohNug8BAFDvpxP5TLB5/leIPXXl/p+toQxHxGMRsSsiHo+I3RHxRES17JMR8VTT65cjorJC/eWm/PL5T+HWAwW4inT+90a2ttU4/8tnfzE8kOV2ROQT5ulD2XsyEqXB02dnpg+vUMfPb/3+VbvnynXzv/SR1p/PBbN23Co23aCbmpif2HDATW5fi9hXbI4/KUYkiysBSUTsjYh963jd4br02Ze/27+YKTWWWz3+qkrLdbQOLFVUvo14qdb/C9HQ/0s1JiuvT44Nxcz0obH0KDjUso5ff7v+Xrv6V43/hz+bd3n72I+nHjTsRWn/b6s7/iNfv12KfziJSBbXa+fWX8f1P75se02ztuP/asM+6fG/Jfmgmt6SbftsYn7+4uGILcnJ5dvHl/bN83n5NP6Rg63H/65sn/SdeDoi0oP4mYh4NiKey9p+ICKej4iDK8T/y5svfLzx+DdXGv9Uy/NfQ/8vrdfPncwTl9aaGDh34Ob9NiePtfX/0WpqJNvS+vyXNJwi1trADryFAAAA8NArRPW7/4XRxXShMDpauwe0O7YVZmbn5l85PfvphanabwSGo1TI73TV7geXkvz+53BdfrwpfyS7b/z1wNZqfnRydmaq18FDn9teHfPJsvGf+mug160DNp2f/ED/Wm3877nRpYYAXefzH/pX3fhfaFNkwTdl4L+p9ed/qevtALqv1fi/uoF9gEdLxViGvmb8Q/8qxvuL6UJPWwJ0m89/6Etr/xX/RhKVwdZPDcXywjG0Oc3Y2qKuniTSmVVPat+6kb3y/02hbZkorPY6xYZjbDCWlxmInvTFmT0dP/gr2XflO93U71cep/l0fRPeqO6ehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbLvwEAAP//cdfX0w==")
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@bridge_getneigh={0x20, 0x1e, 0x3c964e403b131b43}, 0x20}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x0)

0s ago: executing program 2 (id=573):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2, &(0x7f00000003c0)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1bb9ec930dabfc165907d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31c0971007f269f873e14e5fe3c46c0ac2b22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b98ade053b2f9b7918"], 0x1, 0x625c, &(0x7f000000bdc0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEQEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRCMhFjwECIklIJaseIAs2LLjAbBkIwFZpVDNnDOuabrdvmS6eub8ftKk6qtTNX0q/67pbldVnwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4nvf/cGZKiIu/TwtOBbxmehH9CJWmnotIlbWjuX1BxHxXGw3x7MRMVyKqHLj0xGvRcRHRyPu3ru13iw6+5D9+M6f/v67Hx75/t/+MDz1nz/f6L8+bb2bN3/977/cfvz9BQAAgBLVdV1X6WP+8fT5vtd1pwCAuciv/3WSl6sXrt5csP6o1Wq1+gDWbfVkt9tFRGy2t2neMzgdDwAHzGZ83HUX6JD8izaIiCNddwJYaFXXHWBf3L13a71K+Vbt14O1nfZ8Lcie/Der3fs7pk1nGb/GZF7Pr63oxzNT+rMypz4skpx/bzz/Szvto7Tefuc/L9PyH+3c+lScnH9/PP8xhyf/3sT8S5XzHzxS/n35AwAAAADAAsv//n+s4/O/S0++Kw/lQed/1+bUBwAAAAAAAAD4tD3p+H+7KuP/AQAAwKJqPqs3fnP0/rJp38XWLL9YRTw1tj5QmHSzzGrX/QAAAAAAAAAAAACAkgx2ruG9WEUMI+Kp1dW6rpuftvH6UT3p9gdd6fsPJev6jzwAAOz46OjYvfxVxHJEXEzf9TdcXV2t6+WV1Xq1XlnK72dHS8v1SutzbZ42y5ZGs98Pr8Sobn7Zcmu7tlmfl2e1j/++5rFGdX92x+akw8ABICJ2Xo3uekU6ZOr66ej6XQ4Hg+P/8HH88zC6fp4CAAAA+6+u67pKX+d9PJ3z73XdKQBgLvLr//h5AbVarVar1Yevbqsnu90uImKzvU3znsFw/ABwwGzGxxOX/9IAv0WYlj9FGETEc113AlhoVdcdYF/cvXdrvUr5Vu3XgzS+e74WZE/+m9X2dnn7SdNZxq8xmdfzayv68cyU/jw7pz4skpx/bzz/Szvto7Tefuc/L9Pyb/bzWAf96VrOvz+e/5jDk39vYv6lyvkPHin/vvwBAAAAAGCB5X//P7ZQ539Hj7s7Mz3o/O/avj0qAAAAAAAAAOyvu/duref7XvP5/89NWM/9n4dTzr+Sf5Fy/un+/90Lb14aW6/fmr/z1v38/3Xv1vrvb/zzs3n6sPkv5ZkqPbOq9Iyo0iNVgzR9zB2bYmvYHzWPNKx6/UG65qcevhNX4mpsxOk96/bS8XC//cye9qanw+32ur/TfnZP+2C3PW9/bk/7MF3pVK/k9pOxHj+Jq/H2dnvTtjRj/5dntNcz2nP+fcd/kXL+g9ZPk/9qaq/Gpo07H/b+77hvTyc9zptXPv+r0/u/OzNtRX9339qa/Xuhg/5s/z85MoqfXd+4dvLm5Rs3rp2JNNmz9Gykyacs5z9MPzn/l17cac9/99vH650PR4+c/6LYisHU/F9szTf7+/Kc+9aFnP8o/eT8307tk4//g5z/9OP/lQ76AwAAAAAAAAAAAAAAAA9S1/X2LaJvRsT5dP9PV/dmAgDzlV//6yQvn1fdf9zt/7h3P7rqv1o957pasP7Mtf6kXqz+qBey/u+C9Wfh6rZ6sjfaRUT8tb1N857hF5N+GQCwyD6JiH903Qk6I/+C5e/7a6Ynuu4MMFfX3//gR5evXt24dr3rngAAAAAAAAAAjyuP/7nWGv/5RF3Xt8fW2zP+61ux9qTjfw7yzO4Ao1MGqu4/+j49yFZv1O+1hht/PqaN/z3cnXvQ+N+DGY83nNE+mtG+NKN9eUb7xBs9WnL+z7fGOz8REcfHhl8vYfzX8THvS5Dzf6H1fG7y/9LYeu38698e5Px7e/I/deO9n566/v4Hr1557/K7G+9u/PjcmTOnz50/f+HChVPvXLm6cXrnvx32eH/l/PPY164DLUvOP2cu/7Lk/L+QavmXJef/xVTLvyw5//x+T/5lyfnnzz7yL0vO/+VUy78sOf8vp1r+Zcn5v5Jq+Zcl5/+VVMu/LDn/V1Mt/7Lk/E+mWv5lyfmfSvVD5r+y3/1iPnL++QyX478sOf98ZYP8y5LzP5tq+Zcl538u1fIvS87/tVTLvyw5/6+mWv5lyfmfT7X8y5Lz/1qq5V+WnP+FVMu/LDn/r6da/mXJ+X8j1fIvS87/9VTLvyw5/2+mWv5lyfl/K9XyL0vO/9upln9Zcv5vpFr+Zbn//f9mzJgxk2e6/ssEAAAAAAAAAAAAAIybx+XEXe8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyPHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5Drr+4Gf2TdvHEgMhPyd/E3YOCaEZJNd24lfaFNMeG14Kwmh0Bds17s2C37Da5dAo9pRoETCqKiibbhoCwi1uamIWi5oBSgXqFXVStBe0BtEhcpFVAUUkFBpBWw15zzPszOzZ2d2vWNn5pzPR0p+2Zkzc86ceWZ2v3a+OwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ6ubXzX+ikWVZo9EoLtiSZS9ozqumtuSXvPr5PT4AAABg436e//u5a9MFB9Zwo5Zt/vGmb355aWlpKXvP6B+Pf2ZpKV0xlWXjm7Isvy566nvvbbRuEzyWTTZGWr4e6bH70R7Xj/W4frzH9RM9rt/U4/rJHtevOAErXJU10p3tyP9zS3FKs+uy8fy6HSW3eqyxaaR57tJts0Z+m6Xxo9lCdjybz2bbti+2beTbf/Xm5r7enMV9jbTsa1tzhfzokSPxGBrhHO9o29fyfUY/eG029eMfPXLkL88+e0PZ7Hka2u6vOM7btjeP82PhkuJYG9mmdE7icY60HOe2kudktO04G/ntmv/deZzPrfE4R5cP84rqfM4ns5H8v7+Vn6exRlZynraFy356S5ZlF5YPu3ObFfvKRrLNbZeMLD8/k8WKbN5Hcym9OBtb1zq9eQ3rtDnndrSv087XRHz+bw63G1vlGFqfph88OtHyvP9s6VLWadR81Ku9VjrXYL9fK4OyBuO6+Fb+oB8vXYM7wuN/5NbV12Dp2ilZg+lxt6zB7b3W4MjEaH7M6Ulo5LdZXoM727YfzffUyOczt3ZfgzNnT5yeWfzIR+9cOHH42Pyx+ZO7d+6c3b1nz759+2aOLhyfny3+fYlne/BtzkbSa2B7OHfxNfDKjm1bl+rS5ydWvP9e6utwssvrcEvHtv1+HY51PrjGlXlBrlzTxWvjXc2TPnlxJFvlNZY/P7dv/HWYHnfL63Cs5XVY+j2l5HU4tobXYXOb07ev7WeWsZZ/yo5h9e8FG1uDW1rWYOfPI51rsN8/jwzKGpwM6+I7t6/+vWBbON7Hp9f788joijWYHm5472lekn7en9yXj7J1eWPziqsnsnOL82fuevjw2bNndmZhXBEvaVkrnet1c8tjylas15F1r9cDCzc9fmPJ5VvCuZq8s/mvyVWfq+Y2d9/V/bnKv7uVn8+2S3dlYfTZlT6fZd/Nm+dzIss++41HH/jaI5993arns5k3Pzaz8Z/FUy5tef8dX+X9N+b+XxT7S3f12Oj4WPH6HU1nZ7zt/bj9qRrL37sa+b6fm1nb+/F4+OdKvx9f1+X9eGvHtv1+Px7vfHDx/bjR6087Nqbz+ZwM6+T4bPf34+Y2W3etd02OdX0/viXMRjj/rwpJIeWilrWz2rpN+xobGw+PayzuoX2d7m7bfjxks+a+ntx1aev0tluK+xpNj27ZlVqnUx3b9nudpj/7Wm2dNnr96dul6Xw+J8O6uG5393Xa3Obpuzf+3nlV/M+W986JXmtwfHSieczjaRHm7/fZ0lVxDd6VHclOZcezufzaiXw9NfJ9Td+ztjU4Ef650u+VW7uswds6tu33Gkzfx1Zbe42xlQ++Dzqfz8mwLp64p/sabG7z+r39/dn1tnBJ2qblZ9fOP19b7c+8buw4TZdrrYyF4/zG3u5/Ntvc5vi+9ebM7ufpjnDJ1SXnqfP1u9prai67MudpazjOZ/etfp6ax9Pc5jP717ieDmRZdv5D9+V/3hv+fuVvzn37y21/71L2dzrnP3TfD1949B/Wc/wADL9fFGNz8b2u5W+m1vL3/wAAAMBQiLl/JMxE/gcAAIDKiLk//l/hifwPAAAAlRFz/1iYSU3y/9bXP7vwi/NZauYvBfH6dBruL7aLHdfZ8PXU0rLm5fd9cf4nf39+bfseybLsZ/f/Xun2W++Px1WYCsf51BvaL1/hy3euad+HHjqf9tvaX/9cuP/4eNa6DMoquLNZln312k/l+5l678V8Pn3/oXw+cOHxx5rbPLe/+Dre/pmXFNv/WSj/Hjh6uO32z4Tz8P0wZ99Sfj7i7b508VXb9r57eX/xdo3t1+QP+4n3Ffcbf0/Opx8rto/nebXj/9onn/xSc/uHX1F+/OdHyo//yXC/Xwzzf15WbN/6HDS/jrf7eDj+uL94u7u+8PXS43/qE8X2p99YbHcozLj/28LXO9747ELr+Xq4cbjtcWVvKraL+5/99h/m18f7i/ffefyTBy+2nY/O9fH0vxX3M9Oxfbw87if6u479N++ndX3G/T/5B4faznOv/T/1wDMva95v5/7v6Nju9Iduz/e/fH/tv7Hpzz/+qdL9xeM58Nen2x7PgXeG13HY/xPvC+sxXP+/TxX31/nbFQ69s/39J27/uS3n2x5P9OYfF/t/6jXH8rlp8qrNV7/ghddceHnz3GXZtzYV99dr/8f+4lTb8X/++uJ8xOtjR79z/6uJ+z/z4emTpxbPLcyls/rItfnvznlrcTzxeK8N762dXx88dfb982emZqdms2yqur9C75J9IcwfFuNC962XVryD3v5QeD5v/NOvbr71Xz8ZL//3dxWXX3xL8X3rlWG7T4fLt4Tnb337X+mJm6/PX9+Np8MRLq38fcEbsW3Hf+1b04bh8Xf+XBDX++mXvj8/D83r8u8b8XW9weP/7lxxP18J53Up/Gbm7dcv7691+/i7ES4+WLzeN3z+wttcfF7/Kjzfb/t+cf/xuOLj/W74OebrW9vf7+L6+Mr5kc77z3+Lx4XwfpJdKK6PW8XzffG560sPL/4ekuzCDfnXf5Tu54Z1PczVLH5kceb4wslzD8+cnV88O7P4kY8ePHHq3MmzB/Pf5XnwA71uv/z+tDl/f5qb33N3lr9bnSrGZfZ8H//ph47M7Z29dW7+6OFzR88+dHr+zLEji4tH5ucWbz189Oj8h3vdfmHu3p279u/eu2v62MLcvfv279+9f3rh5KnmYRQH1cOe2Q9OnzxzML/J4r137995zz13z06fODU3f+/e2dnpc71un39vmm7e+nenz8wfP3x24cT89OLCR+fv3bl/z55dLb8N8Celtz9x+uji1MyZcydnzi3On5kpHsvU2fzi5ve+Xvunmhb/o/h5tlOj+EV82Tvu2JN+P2vTFx9d9a6KTTp+geiz4XfR/NOLTu9by9cx94+HmdQk/wMAAEAdxNw/EWYi/wMAAEBlxNy/KcxE/gcAAIDKiLl/MsykJvm/cv3/refXtH/9f/3/1vOl/1+z/v+Dg9b/L94v9P/7Y6P9e/3/QP9f/1//X/9/1f5/Of1/ygxa/z/m/quyrJb5HwAAAOog5v7NYSbyPwAAAFRGzP1Xh5nI/wAAAFAZMfe/IMykJvlf/1//X/9f/1//v3z/+v/DSf+/O/3/HvT/Z7J69f8v9PP49f/1/1lp0Pr/Mfe/MMykJvkfAAAA6iDm/mvCTOR/AAAAqIyY+68NM5H/AQAAoDJi7t8SZlKT/K//r/+v/6//r/9fvn/9/+Gk/9+d/n8P+v8+/1//X/+fvhq0/n/M/S8KM6lJ/gcAAIA6iLn/xWEm8j8AAAAMnrFLu1nM/S8JM1mR/y9xBwAAAMDzLub+67KOInhN/v5f/1//f/D7/5vSdfr/+v/ZQPb/RzP9/8Gh/9+d/n8P+v/6//r/+v/01aD1//Pcn01mLw0zqUn+BwAAgDqIuf/6MBP5HwAAACoj5v7/F2Yi/wMAAEBlxNy/NcykJvlf/1//f/D7/z7/X/9/0Pv/Pv9/kOj/d6f/34P+v/6//r/+P301aP3/mPtvCDOpSf4HAACAOoi5/8YwE/kfAAAAKiPm/v8fZiL/AwAAQGXE3L8tzKQm+V//f8D7/7E5qv+v/6//r/+v/78m+v/d6f/3oP+v/6//r/9PXw1a/z/m/peFmdQk/wMAAEAdxNx/U5iJ/A8AAACVEXP/y8NM5H8AAACojJj7p8JMapL/9f8HvP9f9OAnfP6//r/+v/6//v/a6P93p//fg/6//n9f+v9L5/X/9f8pDFr/P+b+m8NMapL/AQAAoA5i7t8eZiL/AwAAQGXE3H9LmIn8DwAAAJURc/+OMJOa5H/9/6Ho/2f6//r/+v/6//r/a6P/353+fw/6//r/Pv9f/5++GrT+f8z9rwgzqUn+BwAAgDqIuf/WMBP5HwAAACoj5v5XhpnI/wAAAFAZMfffFmZSk/yv/6//r/+v/6//X75//f/hpP/fnf5/D/r/+v/6//r/9NWg9f9j7n9VmElN8j8AAADUQcz9t4eZyP8AAABQGTH33xFmIv8DAABAZcTcPx1mUpP8r/+v/6//r/+v/7/8HOr/Dz/9/+70/3vQ/9f/1//X/6evBq3/H3P/nWEmNcn/AAAAUAcx998VZiL/AwAAQGXE3D8TZiL/AwAAQGXE3D8bZlKT/K//r/+v/6//v67+/8uX77dK/f+y/ev/Dyf9/+70/3vQ/9f/f977/+P6/1TKoPX/Y+7fGWZSk/wPAAAAdRBz/64wE/kfAAAAKiPm/t1hJvI/AAAAVEbM/XeHmdQk/+v/6//r/+v/+/z/8v3r/w8n/f/u+t//jw9R/1//X//f5//r/7PSoPX/Y+6/J8ykJvkfAAAA6iDm/j1hJvI/AAAAVEbM/XvDTOR/AAAAqIyY+/eFmdQk/+v/6//r/+v/6/+X71//fzjp/3fn8/970P/X/9f/1/9ngx78/davLq3/P1F2x33p/8fcvz/MpCb5HwAAAOog5v5Xh5nI/wAAAFAZMff/Uj7/efkK+R8AAAAqo8j9k9kvh5nUJP/r/7d1z5sPV/9f/1//X/8/p/8/nPT/u9P/70H/X/9f/1//n75atf8fond5/79UX/r/MfffG2ZSk/wPAAAAdRBz/6+Emcj/AAAAUBkx978mzET+BwAAgMqIuf9AmElN8r/+v8//1//X/9f/L9//le7/x0+61f/fGP3/7vT/e9D/1//X/9f/p68u7fP/S/Wl/x9z/2vDTGqS/wEAAKAOYu6/L8xE/gcAAIDKiLn/dWEm8j8AAABURsz9rw8zqUn+1//X/9f/1//X/y/fv8//H076/93p//eg/6//r/+v/09fDVr/P+b+N4SZ1CT/AwAAQB3E3P/GMBP5HwAAACoj5v43hZnI/wAAAFAZMfe/OcykJvlf/1//X/9f/1//v3z/+v/DSf+/O/3/HvT/9f/1//X/6atB6//H3P+rYSY1yf8AAAAwlCbXt3nM/fd33lj+BwAAgMqIuf8tYSbyPwAAAFRGzP1vDTOpSf7X/9f/1//X/9f/L9+//v9w0v/vbsj6/z+/Jlyu/1/Q/x/s419v/3+s4+vL0v//3mr9/6VNnbfX/+dyGLT+f8z9bwszqUn+BwAAgDqIuf/tYSbyPwAAAFRGzP3vCDOR/wEAAKAyYu7/tTCTmuR//f/mcSy3l/X/q9r/H9H/H7z+/99+J8v0//X/+07/v7sh6//7/P8O+v+Dffw+/1//n5UGrf8fc/87w0xqkv8BAACgDmLufyDMRP4HAACAyoi5/8EwE/kfAAAAKiPm/neFmdQk/+v/+/z/evT/ff5/Nnj9f5//33JW9f/7R/+/O/3/HvT/9f8Hrf//n/r/DLdB6//H3P9QmElN8j8AAADUQcz97w4zkf8BAACgMmLu//UwE/kfAAAAKiPm/veEmdQk/+v/D0v/f2pI+/+P6v9fxv7/TdcU2+n/6/+zTP+/O/3/HvT/9f8Hrf/v8/8ZcoPW/4+5/71hJmvP/5Nr3hIAAAB4XsTc/xthJjX5+38AAACog5j7fzPMRP4HAACAyoi5/7fCTGqS//X/h6X/7/P/M/1/n//f8Xj0//X/y1y5/n9859H/1//X/4/0//X/9f/pNGj9/5j7fzvMpCb5HwAAAOog5v73hZnI/wAAADAUyv6f7E4x9x8MM5H/AQAAoDJi7j8UZlKT/K//v4b+/6be96f/3378+v/l62Nd/f8/2f4v3/nm2w/t1P/X/9f/X5cr+vn/zRe/z//X/9f/T/T/9f/1/+k0aP3/mPsPh5nUJP8DAABAHcTc/zthJvI/AAAAVEbM/UfCTOR/AAAAqIyY++fCTGqS//X/ff6//v+A9v+H+PP/4/nQ/2/Xt/5/fNPV/y9V9O/TKrq8/f93L/fE9f/X2/+fKL1U/1//f5iPX/9f/5+VBq3/H3P/fJhJTfI/AAAA1EHI/SNHi7l8hfwPAAAAlRFz/7EwE/kfAAAAKiPm/veHmdQk/+v/6//r/+v/+/z/8v136/83xnz+/6BK/fuf5i8U/f8Og9P/L6f/r/8/zMev/6//z0qD1v+PuX8hzKQm+R8AAADqIOb+D4SZyP8AAABQGTH3fzDMRP4HAACAyoi5/3iYSU3yv/7/8PX/47b6//r/+v81/fx//f+uNtq/1/8P9P/r3f//b/1//X/9f/pj0Pr/MfefCDP5P/bu5MnWur7j+Onkktu3yCKLVGWRTaqyzDJLFsk6+QOyyCabVFkucEDFmYvziKLirAjOAw4giKjgPIATijOoOM8DDiBKXYvu7/fb09Pn9HC6+3l+v9drwRcbmnOgbjV8bt+3Tyf7HwAAAHqQu//CuMX+BwAAgGbk7n9Y3GL/AwAAQDNy9z88bulk/+v/D9P/b1TKnv+/9f2Pov//D/3/bq+v/9f/t0z/P5/+fwH9v+f/6//1/yzV2Pr/3P2PiFs62f8AAADQg9z9j4xb7H8AAABoRu7+i+IW+x8AAACakbv/UXFLJ/t/W/+/Muuz/8+MdxLP/9f/e/6//n+d/l//P+R4+/9LH/zKp//X/+v/g/5/T/3/6d0+X/9Pi8bW/+fuf3Tc0sn+BwAAgB7k7n9M3GL/AwAAQDNy918ct9j/AAAA0Izc/Y+NWzrZ/8t7/v+ZtY9PtP8v+n/9/9oH9P/6f/3/ZHn+/3w99f8X3XH+hffc8M837uf19f/6f8//1/+zXGPr/3P3Py5u6WT/AwAAQA9y9z8+brH/AQAAoBm5+58Qt9j/AAAA0Izc/U+MWzrZ/8vr/yf9/P+i/9f/r31A/6//1/9Plv5/vp76/4O8vv5f/6//1/+zXGPr/3P3Pylu6WT/AwAAQA9y9z85brH/AQAAoBm5+y+JW+x/AAAAaEbu/rNxSyf7X/9/9P3/A/p//X9c/b/+X/9/9PT/8+n/F9D/6//1//p/lmps/X/u/kvjlk72PwAAAPQgd/9T4hb7HwAAAJqRu/+pcYv9DwAAAM3I3f+0uKWT/a//9/x//b/+X/8//Pr6/2nS/8+n/19A/3/Yfv48/b/+X//PZvvs/++f82V7Kf1/7v6nxy2d7H8AAADoQe7+Z8Qt9j8AAAA0I3f/M+MW+x8AAACakbv/WXFLJ/tf/6//1//r/w/c/+/8obdG/z9M/3889P/zjab/Xzk1+GH9/+T7f8//1//r/9libM//z93/7Lilk/0PAAAAPcjd/5y4Zc7+3/dP5gMAAAAnKnf/c+MW3/8HAACAycvqLHf/8+KWTva//l//r//X/3v+//Drz+v/b9z0/vT/46L/n280/f8u9P/6/ym/f/2//p+dxtb/5+5/ftzSyf4HAACAHuTuvyxusf8BAACgGbn7XxC32P8AAADQjNz9L4xbOtn/w/3/xh/X/++N/n/r+9f/D//4WFb/n39F/f/c/v8/Pf+/T/r/+Y6//z+t/9/61z9g/7/+FUf/P+7333j/f2bR5+v/GTK2/j93/+VxSyf7HwAAAHqQu/9FcYv9DwAAAM3I3f/iuMX+BwAAgEn793/caMFy978kbulk/3v+v/5f/z+9/t/z/9ed5PP/Z8fe/5/S/++R/n8+z/9fYLT9/zr9/7jff+P9v+f/cyBj6/9z918Rt3Sy/wEAAKAHV9w3W9v9L53N7H8AAACYos2/dmD7LygNuftfFrfY/wAAANCM3P0vj1s62f/6f/2//l//r/8ffv1x9f+e/79Xk+7/T238rv5f/z9kov3/qcb6/yt3+/wx9P+X6P8ZmS39/80bHz+p/j93/yvilk72PwAAAPQgd/8r4xb7HwAAAJqRu/9VcYv9DwAAAM3I3f/quKWT/X/k/f+Z3V9b/6//1//r//X/+v9lm3T/7/n/+v82+3/P//f8f/1/xzb6/61fD0+q/8/d/5q4pZP9DwAAAD3I3f/auMX+BwAAgGbk7r8ybrH/AQAAoBm5+18Xt3Sy/z3/X/+v/9f/6/+HX1//P036//n0/wvo//X/+n/9P0u15fn/m5xU/5+7/6q4pZP9DwAAAD3I3X913GL/AwAAQDNy978+brH/AQAAoBm5+98Qt3Sy//X/R9v/58f1//r/mf5f/6//Pxbd9v8rQ/8m2mmX/v+2h5z9760f0f/r//X/+n/9P0swiv7/3MZ/Xebuf2Pc0sn+BwAAgB7k7n9T3GL/AwAAQDNy9785brH/AQAAoBm5+98St+xz///DUt/V8dH/e/6//l//r/8ffn39/zR12//vkef/L6D/1//r//X/LNWR9P/3bnxx3+/z/3P3vzVu8f1/AAAAaEbu/rfFLfY/AAAANCN3/9vjFvsfAAAAmpG7/x1xSyf7X/+v/9f/6//1/8Ovf9D+f3U2TP9/PPT/8+n/F9D/6//1//p/lupI+v9N9tv/5+6/Jm7pZP8DAABAD3L3vzNusf8BAACgGbn73xW32P8AAADQjNz9745bOtn/+n/9v/5f/6//H359z/+fJv3/fPr/2Wx27Zw3MNT/nzut/9f/6//1/xzQ2Pr/3P3viVs62f8AAADQg9z918Yt9j8AAAA0I3f/dXGL/Q8AAADNyN3/3rilk/2v/9f/6//1//r/4dfX/0+T/n8+/f8Cnv9/2H7+nP5f/6//Z7Ox9f+5+6+PWzrZ/wAAANCD3P03xC32PwAAADQjd//74hb7HwAAAJqRu//GuKWT/a//1//r//X/R9L/n9X/b6f/Px5H1//P9P/6f/3/Ap7/r//X/7PdcfX/98fX+0X9f+7+98ctnex/AAAA6EHu/pviFvsfAAAAmpG7/wNxi/0PAAAAzcjd/8G4pZP9r//X/+v/9f+e/z/8+vr/afL8//n0/wvo//X/+n/9P0t1XP3/br3/9v+du/9DcUsn+x8AAAB6kLv/5rjF/gcAAIBm5O6/JW6x/wEAAKAZufs/HLd0sv/1//r/rf3/bKb/1//r/9cdQ/+/OtP/L53+fz79/wL6/zb7/7+ZNdT/n9n18/X/jNHY+v/c/R+JWzrZ/wAAANCD3P0fjVvsfwAAAGhG7v6PxS32PwAAADQjd//H45aW9v8Du6dv0+//T2/7RP3/bDa782LP/9f/z3l9/f9o+v/6p6r/Xx79/3z6/wX0/232/57/r//nxIyt/8/d/4m4paX9DwAAAJ3L3f/JuMX+BwAAgGbk7v9U3GL/AwAAQDNy9386bulk/2/p/+/dCM/yj4+//9/+ifr/2aGe/6//X/uA/l//r/+frMP291etxr/T9P/6f/3/YD+/sst/98z0//p//T8Dxtb/5+7/TNzSyf4HAACAHuTuvzVusf8BAACgGbn7b4tb7H8AAABoRu7+z8Ytnez/6T//f/sn6v9n+v8u+v9V/b/+X/8/aCzP/7/ggv+6Xf+v/2+x/59H/6//1/+z3dj6/9z9n4tbOtn/AAAA0IPc/Z+PW+x/AAAAaEbu/i/ELfY/AAAANCN3/xfjlk72/87+/7zZeqG6bqj/j0ZN/7+J/n/r+9f/D//48Px//b/+/+iNpf/3/P+DvX/9v/5/yu9/X/3/v+z8fP0/LRpb/5+7//a4pZP9DwAAAD3I3f+luMX+BwAAgGbk7v9y3GL/AwAAQDNy998Rt3Sy/z3/X/+v/9f/6/+HX1//P036//n0/wvo/w/fz+dXVf3/dJ///7f6f5ZnbP1/7v6vxC1rw+9f//6Af5sAAADAiOTu/2rc0sn3/wEAAKAHufu/FrfY/wAAANCM3P1fj1s62f/6f/2//l//r/8ffn39/zTp/+fT/y/QT/+/OvTBk+7nD+uk338z/b/n/7NEY+v/c/d/I27pZP8DAABA2+5b+23u/m/GLfY/AAAANCN3/7fiFvsfAAAAmpG7/864pZP9r//X/7ff//+f/n/b6+v/9f8t0//nv9GH6f8X6Kf/H3TS/fzU33/1/+dO6//1/4Sx9f+5+++KWzrZ/wAAANCD3P3fjlvsfwAAAGhG7v7vxC32PwAAADQjd/9345ZO9r/+v6/+f2XWY//v+f+t9P+r2/5+9P/6/yHT6f+vPjX0Uc//1//r/6f7/j3/X//PTmPr/3P3371yqsv9DwAAAFP1P//20Lv2+ufevfbb1dn34hb7HwAAAJqRu//7cYv9DwAAAM3I3f+DuKWT/a//76v/7/P5//r/Vvp/z//X/+/FdPr/Yfp//b/+f7rvX/+v/2ensfX/uft/GLdsGn6D/wc9AAAAwMn5u/396bn7fxS3dPL9fwAAAOhB7v4fxy079v+5Pf6qdgAAAGBscvf/JG7p5Pv/+v+R9/+zI+r/48/T/6/T/+v/h15f/z9N+v/5Dtn/n1vR/+v/59D/6//1/2w3tv4/d/9N18+63P8AAADQqC0/o/DTtd+uzn4Wt9j/AAAA0Izc/T+PW+x/AAAAaEbu/l/ELZ3sf/3/yPv/Az3//0z9nuf/d97/X7Y6+Pr6f/1/y/T/83n+/wL6f/2//l//z1Lto/9fG6RH3f/n7v9l3NLJ/gcAAIAe5O7/Vdxi/wMAAEAzcvf/Om6x/wEAAKAZuft/E7d0sv/1/yfQ/19+ejY70v5/D8//1//30f/v8vrt9P//dP7ZW//3/6+7Rv/PhuPs//PHgv5f/6//X6f/1//r/9lubM//z93/27ilk/0PAAAAPcjdf0/cYv8DAABAM3L3/y5ueXD/33JS7woAAABYptz9v49bOvn+v/6/xef/T7P/z3/WJ9D/n51e/59Nce/9v+f/6/938vz/+fT/C+j/9f/6f/0/SzW2/j93/x/ilk72PwAAAPQgd/8f45bc/yv7/ql7AAAAYGRy998bt/j+PwAAADQjd/99cUsn+1//r/8fS/+fPP9/4/M8/3+d/l//vx/6//n0/wvo//X/+n/9P0s1tv4/d/+f4pZO9j8AAAD0IHf//XGL/Q8AAADNyN3/57jF/gcAAIBm5O7/S9zSyf7X/+v/9f/6f/3/8Ovr/6dJ/z+f/n8B/b/+X/+v/2epxtb/5+7/awAAAP//Tx5w3g==")
open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x7b)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
writev(r1, &(0x7f0000000300)=[{&(0x7f0000000a40)="06090a9f20b1b9868e7ebadd1f41f08be54eb7c953d712020eeb05420629fe7eb494191c97bf6df48fc879b91d658def0f964d5f2cecbbefe31455845f5e1373c15ef4e3be2f6ae58f81d933738c1f43068aac227a9def8a3026cbd3128363ed126e8f8bd5f9e0e0b268f51969e7c48b42ed796902377a312744bd14c67deb01c6b12c9d8f49118fc74b98613d973fc72eaae7d2d431e31e5ce7dfc8ae5a394fcec9c3fa577c6f9c7aa196449681bbc300792bbd7ff8205d0295f6e159e5c75bedeef2c52ca15bced3ac2072e6721b48093683a093948e6786f2e386fd45c70cb88eb1d04e6f68a285016a9eafd23a81d1836e80bec1989933601eb201c11ea7d218ba03b6ec597894c379592f89441c7a5615d26a3fc2ef33d8b76d1091b5b8c0b3a715cb8e6d85d22e3e7d6bbb3ba59d596cd8987713607b64a4b23a51813937fb209909e36716675f2a2f95a611624ea24cb596a8af10dec7d1384ea908e527f5eb30ab33f02128e0b2b79d7ef164c26cd6d2b2cf8d8d175b618ba5119ac12c65dbb63d855579a1347e94c3bc05d1b731e510522e3d7c2c686f0311fbfb02f1a7f9a92640ff4fb342f308d3f64f91d9c712fc893c8cc9759ab3624eeeb8fc8076bf004988bca3f56bf04d98bcb6a3b377c5e7239803f272ef859b1c862c453478048e2192550f9611855c6ec9f6101c5499a9e216c7537c14d218f6bd18fafa8b20aee2c1e078e20430e57766e8efffa775b6a35697997536fdf08b7b67951f5ece95cac5970f939080ba6c438971471a8956f1b3143c0989e56e11b7d983fe06c8c57dfc3f3b44dc68ecb3fd9ea9dc984d339e57bcbe6a7334072caf45186b58426d67502e3e8f98a4f0793f34ee34debe3f08bd35ff0d2d23b9e19cfca6f9db896d9220c41d5590157ef03201a9587ac407a3f974398ef7b9def3d730c630ab15a440bc13cdfe069ce38f313f028d9eca734715ca2f757e15068b36e462ff6852e8f56a1c3e316bb31c49127afbeaf9dfc138c4b9e4e7b37fb6ca83bd7d54df1454303527ca3e0a51c3335c4d5aef1c4bd8c005b0b2f775da34b7a718c4dae04ff12651b341f51258689ab281187425499fa7021fe20dd8e68acb3ec1d5ddf16da258fe256b4595a9e362a6c471cca3fe622a592c1d0277177eff34504200f8ebd7c65a56993d742895414b39aa076d8787871696739c628e69aed2a571c2979c041ff8d05082e4cc649170ccbf6f812aadad2a3f62164606b5812ef7f5a1dbf48acd7543072d4cab8e741d419a0066b422e5a5814081fa434fd0726c38a57814ceea0a0fdb98b8264e8405397e697c61ab4cf0cdf195cf3eeb8c971766f779cf75a63837f3102836b3847d9ba7cfd63b05b882f8339a93f7582de3d4a660c6af1d478d3d5b1965484373cf5575ae39f067836eb15432ae0e63be2f5e3f02e8c67118bf5463f5eb7dae2a0739f28cecdcd92db21b28dba874a75752af018f3426922864a6154efe257e4681e2754ca2d9913a5bf1985aca31c6698febf9e9d0321ff47f69c32f87d38547f5456c9799a2cded8dadd3ad0f8d1f525a463336271c6948678e7878cd4806cf96c1a418374e3f5ab79145877fd458dff805ec1d3d16f5724439d3f2970172f90ba03f0f2a32e63ee1b14d9113babc464da040a0c82c311e25e1c51ce9e7f64d6e1c49d0f3abb226a7c9794ecdc052fec91ea5d6abeac9fc7a2e5c8a3ac0b82ac1854b45b6b8d733dc37452133e1174f802494835844ce257ca04ec4af11e88b2e8d2d2025cd5316bbc7cc53d2433c1aa3968521c4dd3024963baf5acf919d95fe31ebddcd5c0d87e2efcae20af109e40f69395adfd5d1434af14d948fc4bebad14e9afa6ef55e56e2488dc8cdb5f00104fe365461f709c6612530a3ac8e6422b7e9db1535a8f224a432613809bb8b2d60ba1f4de68bc91fa1cfa2e6057827d1d373ba587fc7c36c674a9c505e571345916c9f9686daa63e8022d6db316237fea469d2901ca0404e9e613c4a0a1500a74a4da038fb01f840957befc1baa9fc087ff8a7ad284fb347b5987e28ab5395c8f2dfdee06cf7cbabf7f84c5e1b3152c3cb898d26015897f33cdd45a390f042e722b627273941854c76e46591ccc25534911a24fb377a2974a6bd224807ffe15af76733a535f3b85e259660857920c8415422ff0283702921f188d07f99ba1e35ad642865ad430346bed5fff218be768780b6380f96e48d543b7e8ce08be8f2a28f77ae60aa8c3dec943d61f3111128c0567aad7045c97a7777b658dfb1104d9381f7ecc3dba6c0b17808274cb6b7e6926652460c29bfb87c3bcaab4b5badcf7a80d402ee7f12f027127c989a76dc9e942706b8426f1714012f187da10df8ccc6ea9d53a2c33b94c0b86190c31e905cf6ecb7e53adac8ef86ee6828fe4ed9fb564eb22fcfca91981bd62e114b70b1232b8a96f8162eab52823c3c80cb3273114bc9b7a7ca3df7cbdb2d0fd0dca403ea4d8861c651591f7f67fec475794b8809a3d5d2bbed2769994e566cda0b2ffe4c507740372651e81a60289fe52e45cc1f925ffaf9aaec4c6ca44f4e130b3f51e4dfbbf8a9df1d8476df7e03f633d4300ef7ab15399153640a0af489433bf274732030bc98d32dfda3f8b4609033374d2ccc56dc9b714e76ed11b3271027704fa54bc56dd5b920e92ea3a143eb313ec09cf6fb9fad25e1fb02036e885e3a0f1a67a0c81bcf71e4de68d270a045665067dea2935e5b1a3978de762760bb2930711a84b0c5b2894ab56039f2199a9a7fa9bdbdb00b04cbc5a4e89055914f2e7776abcfc9090baf978dfe0065737e70a284f7b497292c7ff0d5e9d2a41318b22d6a72b5b59b48c36b7e46693d695adaf1a5aa349b2899c152516014e2ed8530224791889c7c80e33cdbb04ee7d494855fc5c73f305521a41e1d93125974fe015f988feb1ced21fb038440a88295f2a3fb81390795e220e320a3d1edc3e494c3f62a659f11d010710b7dd9b0c816d14a3bd4ce6b876362cdc7e65bc88f14e50a54008f81ef56de1fe17897df9a84a6a9e28f8452afeed282fd232fec79a03504f0b5471cad33af440a6f4f3d81fa69ea2201bcf618777b7afd21cafc10d19356777927351d40cea0e4b4f0562c803f6c3a7d059c7b9c898d2f0b67d94219665152663c230ff7172e8b7e20245a00dcaadc46f02ca4ccf88ac187b5107cfe0df54d40191eba506b9c9605d619ea22b525aafa305d52083d0bffff3ffecbce2d786a4e9b96ec8063748a42d84e7d0becd4091e9edf3acb4c4a75d5f6877cf91f053782f051d5296c5050709fd04eda3f317471e358a3c3b85ef2ce5f6db8527297a7e5cfc1685b347902a00acfb2395de04bffce3a72cdbd38daa5cb2f1da2220149882445acbf8ab4b5e246836874422bd77493ef7be801cb6b4e1ce72ead8fe6fbc66e404b58cdef067403adf070d40a34feacf332e7c502a8147944c7c4365b5e9622edb3b14aa978a11a7f5ca105cba4a4467e11b9b21c17d2c5a47d3da7b0bbdfc8ca095056a9765eae081c2d4ba411ef5d37c3bd1df9298d828eacb93aecc443e6b947743ddc68295925b1c2645e5c2be3ac7c166ba415757bfe7aa54ce597c57ee022059187c1603831176668ad22270b4ca2f04c291872d32ddfcc3a634ab5ed68e8467ae3d873d55cfafb69c1892f36887a02a85d253a4244e4678c6d9be62698f3eb8723dd38389cd6122d643c511a6bea021c87cb63b5edbc37698028dc876ab6f2b1fa138bf4b303b12882c610c7559bcd63a8d149f4a0f86776a2c3665fafdc9ce4044fabf79f7c21518b6734ce04236b3bee92d762c6918433cb35999dbec34258d17f81c5415b990f712f2d01aa51157f128fd46aa99342ab5acb332535d4efd89494aeb2602824e7893f403277b9dbd254cda64a28a952313b5a590c0a6b7201276879cb038816a35dee813aff30c2ee3bfe332669f74419dcd7836000ec4bb7505905cba77eb91286639d61f97dac93c19328397b4b7db7bb145e4b1b44ba1fd7a839972d2ebb7716a93be19234e1d13b6a8d84525a08f1b601a24df1d9e59e3f62fc542d669a8d3767cb4379a130f686221c36036a048b97b2d8e806ec4d76a7c9a3b132f8a80c739fc6bcc235023c26cf0a1271ac22b76004b7619d7e081db4197119437a3798ea13a6bf027394fbd6d3af19aff1efb8f87137f6375f57e43e8e9da71400ef657fca03d30f8b807a33764bb1e2e47e9a58fa5473ad6adcc934f4d658d21ed56d82ce5e22a11ed5bb43e2b195e00db80ae250ad807dd086cbd9c8d0543a997e5d6539064c3ef23074aa3ce1bd92c8be7102f3106fedb07b6c66dc19b2820afd10bd801d0271b99f67ce221eaa48e4256acd652b686b49d4550a1f413156a89722c8aa71960ed961b348652ac843e769a83b5990f4280672bd3a65c4b23514bf664de2e54fca07458ab3b4ddfaced3b38024fce5ac667e33b8b8e65b4e4d69d3b1adbfbe258bf738778f199cd191ff330c56288c2ea509b0e6149aa5670c6d15e3418f3b40dca0266543ee5bb6feaa06a533d13a3fb3eefab7d80e0b4cefc11e53f54a8ba2e0397cdeb0a1438a634c69708d5c526d8a023d7a8ebe6afeb4940c006169c2a90e7bcd849b7ee977503a947830e92e0eff3d02da0aefd95012015f4372171eb2a4e80c755eb12a96e6bfcc4992ffd7c40f804a01f42c0123192cd730a02ff4bbc0022f8dfc3a46c246c4b657dcf1a653d6619133fc7cd47fd26cccafa90e98a221461c2822b06a6adaa8dad37c21b67c0180da881bc1312e505a8bc696bd939025ebf4aebc6d8b2daa7a2e9c3ed142e53c16bf95e4b97f857887e539e3c15edf291311f44be020d699cb218ec50b0ada694516101fc9b1caff4d7649b691091f6386daec50a21ff7c1155ecce5e4dd2c19c23e65c73f42891d98373e0dfe15b4e0e4e581daf5450fb7f44cb606cd33928e2db023a8535376830c58dc0f541815a38d3f644a99d0dcabd64c6c0418ca60271698829e0c972cf187d27f8bd7a931819339d8adba08884201ba57b5a90d5612fbcd4a03fc583e96d6244c1395d2e75090fb7d783fdde40797c7302bf4a2a2259ccc6482d39219e11b3239263a144771ac1dd515ad12b58c8b77ae00578e1573a712f5f0f305a50358053f0d826ef56e32f584c5fd7fc4f60fcb8dbaa62c8040a0575b8ad5200e38a78aeb1c5bd3b49fdb7d8db80363c86a9ef1b29f0e29c929fe691b148d12767f31ede93937a118b3caf85f754a91f5b268f5b2a347863225d54414511454550c817cabaecb33a8345f4df219a439105cd0185c3af2ab7c32139c9d68354393798aa5fa75c5f2be89c7a5403d4424e475b619af059c82bd1e537354feef00dd49c1ba8dfb3f59a7004e7cdb70fac395d7f82d0550c6165c1f7c4b12e7b906f84a6055afa2404bed8f8eda7dec4786bc8b0046b2a866025de98d0b8a3ce33e917813972899ed9eb11df32167e26c4ae2537693622355491385738728c5effe25b7eccfe9c61f0933fe7f1c71a61b89eb65d0a1973fe5477e76b933e9b1c62098f0ce3f6cbcae62ed83702e5495d19866d3eeff66ddc3aeaa16310e790a8d823635364e9bc037b14a1045268ccc7ff7ec1f5905690bf0b3a3998e531421a678e14f3d2f8b6f37d7ab1d1a830082dd42ffcf3a1dba7df1b06fbef3f431ac992ab1984109fb1d98d2d58f4408e87e890cdd5e9a196b06809f5b03a0d7c409ef0f2332ec00cf410ebbe644f93fc4", 0x1000}, {&(0x7f0000001a40)="c2f3a88da071d96c72693eb3431ab283e02e0f363a04667af64004fe25072cc8bdec97165b7cd5d3da1b40b282d040be0ac8e3dd5506c17ba5ea29f255230cbfea68c4809c41644dc5c8b675bf747a993b6a25f51f3acc86cba6be4c34e2cd78402771438492d4751b2fcbca206dfe5a20c18a1cb52d11cc980e7237ab298eaa282fb7ff6b605f5188894fd4b12728eb7982052826a1f10a2057340624271c430fc2ace54ef24f4c24f2223a177fd124fb45249912ec79e522d58e131811a06a6ff11acae9329cb8174b75750ed6a3ec7aa65a253a1551a6504b3c81ad34106194508af4a90a", 0xe6}, {&(0x7f0000001c40)="fcbd815ab68b3ab64697ca9e25b5e0bb927240f9842d9c6e7d1ee514b58f43554b32e2791121f4887c33febbb30edaed735efb3f89916e1b4a422d6129d12d1c143f95c6e7dd6712055b21ba42890aff8472f213c520ef67281edd62fd970cc0cb97fd78858ae0d7185720c0b1d4f0ad6fc3943821730f2be6ddb139c3c355490d758dc787ad983d173e7f6ad230ac604768aa4517d960b6a6b359b7d79ebb98b9dd455d8c19f726fe83c9fe5d428597d559e0186f20804e5288e7bc6321fea6c4d925f1", 0xc4}, {&(0x7f0000000200)="b6ac7564e536a21701b6ab4ee0133f998c65696c3f15287fe317b2166e2f01df8d297f14e79de9eac4cc05ce13b4a05389", 0x31}, {&(0x7f0000000280)="3e9ce7e6e91d128b5c2bf133cbe88cc591cc", 0x12}], 0x5)

kernel console output (not intermixed with test programs):

39][   T30] audit: type=1800 audit(1759855739.518:34): pid=7606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.278" name="file1" dev="loop1" ino=10 res=0 errno=0
[  407.082877][ T5864] Bluetooth: hci5: command tx timeout
[  408.233480][   T30] audit: type=1804 audit(1759855739.538:35): pid=7606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.278" name="/newroot/89/file1/file1" dev="loop1" ino=10 res=1 errno=0
[  408.334457][ T6288] kworker/u8:13: attempt to access beyond end of device
[  408.334457][ T6288] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  408.426338][ T6288] CPU: 1 UID: 0 PID: 6288 Comm: kworker/u8:13 Not tainted syzkaller #0 PREEMPT(full) 
[  408.426386][ T6288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  408.426410][ T6288] Workqueue: writeback wb_workfn (flush-7:1)
[  408.426476][ T6288] Call Trace:
[  408.426487][ T6288]  <TASK>
[  408.426500][ T6288]  dump_stack_lvl+0x16c/0x1f0
[  408.426555][ T6288]  f2fs_handle_critical_error+0x624/0x9f0
[  408.426600][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.426642][ T6288]  ? f2fs_build_fault_attr+0x53/0x1f0
[  408.426688][ T6288]  f2fs_write_end_io+0x958/0xcf0
[  408.426737][ T6288]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  408.426789][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.426842][ T6288]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  408.426885][ T6288]  bio_endio+0x713/0x860
[  408.426942][ T6288]  submit_bio_noacct+0x306/0x1f60
[  408.426994][ T6288]  __submit_merged_bio+0x33c/0x770
[  408.427046][ T6288]  __submit_merged_write_cond+0x319/0x3f0
[  408.427110][ T6288]  f2fs_write_cache_pages+0x2067/0x2570
[  408.427191][ T6288]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  408.427250][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.427294][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.427399][ T6288]  ? find_held_lock+0x2b/0x80
[  408.427461][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.427509][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.427552][ T6288]  ? do_raw_spin_unlock+0x172/0x230
[  408.427615][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.427655][ T6288]  ? f2fs_available_free_memory+0x279/0xa30
[  408.427780][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.427826][ T6288]  f2fs_write_data_pages+0x4ad/0xd90
[  408.427885][ T6288]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  408.427948][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.427989][ T6288]  ? __lock_acquire+0xb97/0x1ce0
[  408.428031][ T6288]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  408.428084][ T6288]  do_writepages+0x27a/0x600
[  408.428140][ T6288]  ? __pfx_do_writepages+0x10/0x10
[  408.428182][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.428224][ T6288]  ? reacquire_held_locks+0xcd/0x1f0
[  408.428267][ T6288]  ? writeback_sb_inodes+0x3b0/0xfa0
[  408.428326][ T6288]  __writeback_single_inode+0x160/0xfb0
[  408.428384][ T6288]  ? __pfx___writeback_single_inode+0x10/0x10
[  408.428436][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.428479][ T6288]  ? do_raw_spin_unlock+0x172/0x230
[  408.428531][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.428580][ T6288]  writeback_sb_inodes+0x60d/0xfa0
[  408.428654][ T6288]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  408.428705][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.428751][ T6288]  ? find_held_lock+0x2b/0x80
[  408.428865][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.428908][ T6288]  ? rcu_is_watching+0x12/0xc0
[  408.428966][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.429009][ T6288]  ? queue_io+0x3f6/0x520
[  408.429059][ T6288]  wb_writeback+0x419/0xb70
[  408.429127][ T6288]  ? __pfx_wb_writeback+0x10/0x10
[  408.429175][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.429229][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.429271][ T6288]  ? mark_held_locks+0x49/0x80
[  408.429319][ T6288]  wb_workfn+0x14d/0xbe0
[  408.429378][ T6288]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  408.429430][ T6288]  ? __pfx_wb_workfn+0x10/0x10
[  408.429487][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.429533][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.429582][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.429625][ T6288]  ? rcu_is_watching+0x12/0xc0
[  408.429690][ T6288]  process_one_work+0x9cf/0x1b70
[  408.429759][ T6288]  ? __pfx_process_one_work+0x10/0x10
[  408.429810][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.429864][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.429906][ T6288]  ? assign_work+0x1a0/0x250
[  408.429958][ T6288]  worker_thread+0x6c8/0xf10
[  408.430018][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.430063][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.430112][ T6288]  ? __kthread_parkme+0x19e/0x250
[  408.430148][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.430194][ T6288]  ? __pfx_worker_thread+0x10/0x10
[  408.430244][ T6288]  kthread+0x3c5/0x780
[  408.430290][ T6288]  ? __pfx_kthread+0x10/0x10
[  408.430336][ T6288]  ? srso_alias_return_thunk+0x5/0xfbef5
[  408.430379][ T6288]  ? rcu_is_watching+0x12/0xc0
[  408.430436][ T6288]  ? __pfx_kthread+0x10/0x10
[  408.430484][ T6288]  ret_from_fork+0x56d/0x730
[  408.430525][ T6288]  ? __pfx_kthread+0x10/0x10
[  408.430571][ T6288]  ret_from_fork_asm+0x1a/0x30
[  408.430641][ T6288]  </TASK>
[  408.431703][ T6288] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  409.825257][   T52] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  409.836838][   T52] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  409.864077][   T52] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  409.885708][   T52] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  409.911002][   T52] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  410.712249][ T7642] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  411.252599][ T7650] loop3: detected capacity change from 0 to 2048
[  411.365620][ T7650] NILFS (loop3): invalid segment: Inconsistency found
[  411.413988][ T7650] NILFS (loop3): trying rollback from an earlier position
[  411.569172][ T7650] NILFS (loop3): recovery complete
[  411.833178][ T7549] chnl_net:caif_netlink_parms(): no params data found
[  411.988707][ T7654] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  412.142845][   T52] Bluetooth: hci6: command tx timeout
[  413.070204][ T7573] chnl_net:caif_netlink_parms(): no params data found
[  413.349341][ T7668] loop1: detected capacity change from 0 to 512
[  413.597056][ T7668] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.288: bad orphan inode 13
[  413.608190][ T7668] ext4_test_bit(bit=12, block=4) = 1
[  413.616709][ T7668] is_bad_inode(inode)=0
[  413.621043][ T7668] NEXT_ORPHAN(inode)=0
[  413.625597][ T7668] max_ino=32
[  413.628801][ T7668] i_nlink=1
[  413.635520][ T7668] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  414.462914][   T52] Bluetooth: hci6: command tx timeout
[  415.151693][ T7549] bridge0: port 1(bridge_slave_0) entered blocking state
[  415.173046][ T7549] bridge0: port 1(bridge_slave_0) entered disabled state
[  415.180363][ T7549] bridge_slave_0: entered allmulticast mode
[  415.204535][ T7549] bridge_slave_0: entered promiscuous mode
[  415.293948][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.511515][ T7689] loop1: detected capacity change from 0 to 1024
[  415.538433][ T7549] bridge0: port 2(bridge_slave_1) entered blocking state
[  415.555586][ T7549] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.559760][ T7689] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  415.564994][ T7549] bridge_slave_1: entered allmulticast mode
[  415.589457][ T7549] bridge_slave_1: entered promiscuous mode
[  416.573009][   T52] Bluetooth: hci6: command tx timeout
[  416.798989][ T7636] chnl_net:caif_netlink_parms(): no params data found
[  416.819971][ T7702] netlink: 4 bytes leftover after parsing attributes in process `syz.3.293'.
[  416.847687][ T7549] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  416.856221][ T7698] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  416.859950][   T30] audit: type=1800 audit(1759855750.258:36): pid=7698 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.292" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  416.866669][ T7698] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  416.896790][ T7698] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  416.914640][ T7549] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  416.954668][ T7573] bridge0: port 1(bridge_slave_0) entered blocking state
[  416.969826][ T7573] bridge0: port 1(bridge_slave_0) entered disabled state
[  417.003929][ T7573] bridge_slave_0: entered allmulticast mode
[  417.041335][ T7573] bridge_slave_0: entered promiscuous mode
[  417.086663][ T7687] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  417.100268][ T7573] bridge0: port 2(bridge_slave_1) entered blocking state
[  417.108955][ T7687] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  417.122256][ T7687] EXT4-fs (loop1): This should not happen!! Data will be lost
[  417.122256][ T7687] 
[  417.131973][ T7687] EXT4-fs (loop1): Total free blocks count 0
[  417.144842][ T7573] bridge0: port 2(bridge_slave_1) entered disabled state
[  417.166768][ T7573] bridge_slave_1: entered allmulticast mode
[  417.183234][ T7687] EXT4-fs (loop1): Free/Dirty block details
[  417.189179][ T7687] EXT4-fs (loop1): free_blocks=68451041280
[  417.192499][ T7573] bridge_slave_1: entered promiscuous mode
[  417.220482][ T7687] EXT4-fs (loop1): dirty_blocks=32
[  417.253904][ T7687] EXT4-fs (loop1): Block reservation details
[  417.262464][ T7687] EXT4-fs (loop1): i_reserved_data_blocks=2
[  418.652850][   T52] Bluetooth: hci6: command tx timeout
[  419.165783][ T7573] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  419.192360][ T7573] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  419.874960][ T7726] loop2: detected capacity change from 0 to 512
[  422.663139][ T7726] EXT4-fs: error -4 creating inode table initialization thread
[  422.672498][ T7726] EXT4-fs (loop2): mount failed
[  423.070640][ T1332] bridge_slave_1: left allmulticast mode
[  423.083210][ T1332] bridge_slave_1: left promiscuous mode
[  423.089031][ T1332] bridge0: port 2(bridge_slave_1) entered disabled state
[  423.148066][ T1332] bridge_slave_0: left allmulticast mode
[  423.171058][ T1332] bridge_slave_0: left promiscuous mode
[  423.427374][ T1332] bridge0: port 1(bridge_slave_0) entered disabled state
[  424.191099][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.211523][ T1332] bridge_slave_1: left allmulticast mode
[  424.222341][ T1332] bridge_slave_1: left promiscuous mode
[  424.233420][ T1332] bridge0: port 2(bridge_slave_1) entered disabled state
[  424.253821][ T1332] bridge_slave_0: left allmulticast mode
[  424.262307][ T1332] bridge_slave_0: left promiscuous mode
[  424.272622][ T1332] bridge0: port 1(bridge_slave_0) entered disabled state
[  424.357804][ T1332] bridge_slave_1: left allmulticast mode
[  424.372866][ T1332] bridge_slave_1: left promiscuous mode
[  424.378748][ T1332] bridge0: port 2(bridge_slave_1) entered disabled state
[  424.424066][ T1332] bridge_slave_0: left allmulticast mode
[  424.442765][ T1332] bridge_slave_0: left promiscuous mode
[  424.448645][ T1332] bridge0: port 1(bridge_slave_0) entered disabled state
[  424.486323][ T7737] loop1: detected capacity change from 0 to 512
[  424.544567][ T7737] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.300: bad orphan inode 13
[  424.633105][ T7737] ext4_test_bit(bit=12, block=4) = 1
[  424.643256][ T7737] is_bad_inode(inode)=0
[  424.647433][ T7737] NEXT_ORPHAN(inode)=0
[  424.651503][ T7737] max_ino=32
[  424.655275][ T7737] i_nlink=1
[  424.659994][ T7737] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  425.623526][ T1332] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  425.686210][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.715796][ T1332] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  425.756332][ T1332] bond0 (unregistering): Released all slaves
[  426.014959][ T1332] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  426.034500][ T1332] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  426.072505][ T1332] bond0 (unregistering): Released all slaves
[  427.292575][ T1332] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  427.314353][ T1332] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  427.343066][ T1332] bond0 (unregistering): Released all slaves
[  427.384649][ T7549] team0: Port device team_slave_0 added
[  427.483743][ T7549] team0: Port device team_slave_1 added
[  427.583505][ T7573] team0: Port device team_slave_0 added
[  427.589869][ T7636] bridge0: port 1(bridge_slave_0) entered blocking state
[  427.720707][ T7636] bridge0: port 1(bridge_slave_0) entered disabled state
[  427.729453][ T7636] bridge_slave_0: entered allmulticast mode
[  427.737951][ T7636] bridge_slave_0: entered promiscuous mode
[  428.660861][ T7770] loop1: detected capacity change from 0 to 512
[  429.014423][ T1332] hsr_slave_0: left promiscuous mode
[  429.053763][ T1332] hsr_slave_1: left promiscuous mode
[  429.071405][ T1332] batman_adv: batadv0: Removing interface: batadv_slave_0
[  429.090857][ T7770] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  429.104136][ T7770] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  429.135890][ T1332] batman_adv: batadv0: Removing interface: batadv_slave_1
[  429.163557][ T1332] hsr_slave_0: left promiscuous mode
[  429.188678][ T1332] hsr_slave_1: left promiscuous mode
[  429.209519][ T1332] batman_adv: batadv0: Removing interface: batadv_slave_0
[  429.229733][ T7769] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  429.257941][ T1332] batman_adv: batadv0: Removing interface: batadv_slave_1
[  429.277371][ T1332] hsr_slave_0: left promiscuous mode
[  429.304095][ T1332] hsr_slave_1: left promiscuous mode
[  429.310344][ T1332] batman_adv: batadv0: Removing interface: batadv_slave_0
[  429.343927][ T1332] batman_adv: batadv0: Removing interface: batadv_slave_1
[  429.479731][ T7779] netlink: 4 bytes leftover after parsing attributes in process `syz.3.306'.
[  429.645346][ T1332] team0 (unregistering): Port device team_slave_1 removed
[  429.687449][ T1332] team0 (unregistering): Port device team_slave_0 removed
[  429.897604][ T7781] loop2: detected capacity change from 0 to 32768
[  429.912054][ T7781] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  429.970702][ T7781] XFS (loop2): Ending clean mount
[  430.217483][ T1332] team0 (unregistering): Port device team_slave_1 removed
[  430.263498][ T1332] team0 (unregistering): Port device team_slave_0 removed
[  430.931221][ T7792] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  430.937871][ T7792] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  430.945628][ T7792] vhci_hcd vhci_hcd.0: Device attached
[  431.132925][ T7794] vhci_hcd: connection closed
[  431.183293][ T6051] vhci_hcd: stop threads
[  431.203613][ T6051] vhci_hcd: release socket
[  431.218506][ T6051] vhci_hcd: disconnect device
[  431.262843][  T909] usb 37-1: new high-speed USB device number 4 using vhci_hcd
[  431.272525][  T909] usb 37-1: enqueue for inactive port 0
[  431.286849][ T1332] team0 (unregistering): Port device team_slave_1 removed
[  431.316808][ T1332] team0 (unregistering): Port device team_slave_0 removed
[  431.342822][  T909] vhci_hcd: vhci_device speed not set
[  431.484180][ T7573] team0: Port device team_slave_1 added
[  431.490425][ T7636] bridge0: port 2(bridge_slave_1) entered blocking state
[  431.499250][ T7636] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.506661][ T7636] bridge_slave_1: entered allmulticast mode
[  431.515308][ T7636] bridge_slave_1: entered promiscuous mode
[  431.583673][ T7549] batman_adv: batadv0: Adding interface: batadv_slave_0
[  431.600913][ T7549] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  431.646313][ T7549] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  431.663598][ T7549] batman_adv: batadv0: Adding interface: batadv_slave_1
[  431.670698][ T7549] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  431.699519][ T7549] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  431.835344][ T7549] hsr_slave_0: entered promiscuous mode
[  431.852393][ T7549] hsr_slave_1: entered promiscuous mode
[  431.880332][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.904385][ T5846] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  432.000203][ T7636] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  432.991631][ T7573] batman_adv: batadv0: Adding interface: batadv_slave_0
[  432.999445][ T7573] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  433.026729][ T7573] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  433.058740][ T7573] batman_adv: batadv0: Adding interface: batadv_slave_1
[  433.662899][ T7573] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  433.689018][ T7573] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  433.703517][ T7636] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  434.594320][ T7812] loop2: detected capacity change from 0 to 512
[  434.753083][ T7812] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.311: bad orphan inode 13
[  434.932810][ T7812] ext4_test_bit(bit=12, block=4) = 1
[  434.938323][ T7812] is_bad_inode(inode)=0
[  434.943373][ T7812] NEXT_ORPHAN(inode)=0
[  434.944029][ T7636] team0: Port device team_slave_0 added
[  434.947446][ T7812] max_ino=32
[  434.947462][ T7812] i_nlink=1
[  434.949689][ T7812] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  435.674812][ T7573] hsr_slave_0: entered promiscuous mode
[  435.747026][ T7573] hsr_slave_1: entered promiscuous mode
[  435.756143][ T7573] debugfs: 'hsr0' already exists in 'hsr'
[  435.761884][ T7573] Cannot create hsr debugfs directory
[  435.923017][ T7818] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  435.927294][ T7636] team0: Port device team_slave_1 added
[  435.932445][ T7818] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  435.939046][   T30] audit: type=1800 audit(1759855769.328:37): pid=7818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.313" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  435.970877][ T7818] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  437.146666][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.147101][ T7826] loop1: detected capacity change from 0 to 512
[  437.222908][ T7826] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.314: bad orphan inode 11862016
[  437.279920][ T7826] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  437.370228][ T7826] ext4 filesystem being mounted at /99/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  437.440538][ T7636] batman_adv: batadv0: Adding interface: batadv_slave_0
[  437.484040][ T7636] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  437.763198][ T7636] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  437.837680][ T7842] overlayfs: missing 'lowerdir'
[  438.530190][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  438.543077][ T7636] batman_adv: batadv0: Adding interface: batadv_slave_1
[  438.552760][ T7636] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  438.636108][ T7636] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  439.737503][ T7851] loop3: detected capacity change from 0 to 512
[  439.808182][ T7851] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  439.820991][ T7851] ext4 filesystem being mounted at /96/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  439.950275][ T7850] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  440.200633][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.603948][ T7636] hsr_slave_0: entered promiscuous mode
[  441.611911][ T7636] hsr_slave_1: entered promiscuous mode
[  441.662142][ T7636] debugfs: 'hsr0' already exists in 'hsr'
[  441.954848][ T7868] loop3: detected capacity change from 0 to 32768
[  441.973769][ T7636] Cannot create hsr debugfs directory
[  442.692970][ T7868] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  442.768414][ T7868] XFS (loop3): Ending clean mount
[  443.739340][ T7885] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[  443.746070][ T7885] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  443.753896][ T7885] vhci_hcd vhci_hcd.0: Device attached
[  443.828155][ T7887] vhci_hcd: connection closed
[  443.874164][ T4767] vhci_hcd: stop threads
[  443.990249][ T4767] vhci_hcd: release socket
[  443.995004][  T909] usb 39-1: new high-speed USB device number 4 using vhci_hcd
[  444.041079][ T4767] vhci_hcd: disconnect device
[  445.169517][ T5855] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  445.387452][   T30] audit: type=1800 audit(1759855778.798:38): pid=7900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.323" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  445.387701][ T7900] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  445.419465][ T7900] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  445.429244][ T7900] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  446.521383][ T7915] loop3: detected capacity change from 0 to 512
[  446.590425][ T7915] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.324: bad orphan inode 13
[  446.663513][ T7915] ext4_test_bit(bit=12, block=4) = 1
[  446.668854][ T7915] is_bad_inode(inode)=0
[  446.697904][ T7915] NEXT_ORPHAN(inode)=0
[  446.702024][ T7915] max_ino=32
[  446.705324][ T7915] i_nlink=1
[  446.740568][ T7915] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  446.759752][   T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  446.841198][ T7922] loop2: detected capacity change from 0 to 512
[  446.906793][ T7922] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.328: bad orphan inode 11862016
[  446.924100][   T10] usb 2-1: device descriptor read/64, error -71
[  446.966029][ T7922] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  447.019136][ T7549] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  447.074857][ T7549] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  447.080515][ T7922] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  447.129400][ T7549] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  448.098937][   T10] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  448.365672][ T7932] overlayfs: missing 'lowerdir'
[  448.706251][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  448.742542][ T7549] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  449.018419][   T10] usb 2-1: device descriptor read/64, error -71
[  449.118506][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  449.149189][   T10] usb usb2-port1: attempt power cycle
[  449.301320][  T909] vhci_hcd: vhci_device speed not set
[  449.618796][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  449.625276][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  449.793804][ T7949] loop3: detected capacity change from 0 to 512
[  449.950715][ T7949] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  449.963679][ T7949] ext4 filesystem being mounted at /100/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  449.993013][   T10] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  450.012479][ T7549] kthread_run failed with err -4
[  450.061754][ T7636] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  450.100376][   T10] usb 2-1: device descriptor read/8, error -71
[  450.111115][ T7948] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  450.576259][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  450.814221][ T7636] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  453.065476][ T7636] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  453.395983][ T7636] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  453.404417][ T7976] loop2: detected capacity change from 0 to 32768
[  453.423423][ T5864] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  453.434000][ T5864] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  453.443018][ T5864] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  453.451899][ T5864] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  453.462586][ T5864] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  453.514706][ T7976] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  453.766447][ T7976] XFS (loop2): Ending clean mount
[  455.445116][ T7998] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  455.451849][ T7998] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  455.460589][ T7998] vhci_hcd vhci_hcd.0: Device attached
[  455.525874][ T7573] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  455.548984][ T8006] vhci_hcd: connection closed
[  455.565928][ T5864] Bluetooth: hci3: command tx timeout
[  455.793368][ T6288] vhci_hcd: stop threads
[  455.803017][ T6288] vhci_hcd: release socket
[  455.941156][ T6288] vhci_hcd: disconnect device
[  456.010557][   T10] usb 37-1: new high-speed USB device number 5 using vhci_hcd
[  456.118894][   T10] usb 37-1: enqueue for inactive port 0
[  456.436758][   T10] vhci_hcd: vhci_device speed not set
[  456.453071][ T5846] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  456.453763][ T8014] loop3: detected capacity change from 0 to 512
[  456.644134][ T8014] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.339: bad orphan inode 11862016
[  456.687993][ T8014] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  456.753335][ T8014] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  457.612802][ T5864] Bluetooth: hci3: command tx timeout
[  457.700672][ T8022] overlayfs: missing 'lowerdir'
[  458.349714][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  458.526901][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  458.542913][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  458.551913][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  458.576988][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  458.615908][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  459.752210][   T52] Bluetooth: hci3: command tx timeout
[  459.842772][ T5923] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  460.264532][ T5923] usb 3-1: device descriptor read/64, error -71
[  460.809384][   T52] Bluetooth: hci0: command tx timeout
[  461.762875][ T5923] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  461.773175][   T52] Bluetooth: hci3: command tx timeout
[  461.875037][ T7636] 8021q: adding VLAN 0 to HW filter on device bond0
[  461.910962][ T1332] bridge_slave_1: left allmulticast mode
[  461.930491][ T1332] bridge_slave_1: left promiscuous mode
[  461.957646][ T1332] bridge0: port 2(bridge_slave_1) entered disabled state
[  463.292860][   T52] Bluetooth: hci0: command tx timeout
[  464.808882][ T1332] bridge_slave_0: left allmulticast mode
[  464.822848][ T1332] bridge_slave_0: left promiscuous mode
[  464.854840][ T1332] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.373050][   T52] Bluetooth: hci0: command tx timeout
[  465.585055][ T1332] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  465.601427][ T1332] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  465.720410][ T1332] bond0 (unregistering): Released all slaves
[  466.193260][ T7977] chnl_net:caif_netlink_parms(): no params data found
[  466.277302][ T8083] loop3: detected capacity change from 0 to 512
[  466.308893][ T7636] 8021q: adding VLAN 0 to HW filter on device team0
[  466.450407][ T8083] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.350: bad orphan inode 11862016
[  466.502132][ T1332] hsr_slave_0: left promiscuous mode
[  466.517630][ T8083] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  466.544035][ T8083] ext4 filesystem being mounted at /109/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  466.568890][ T1332] hsr_slave_1: left promiscuous mode
[  466.576196][ T1332] batman_adv: batadv0: Removing interface: batadv_slave_0
[  466.603539][ T1332] batman_adv: batadv0: Removing interface: batadv_slave_1
[  467.463227][   T52] Bluetooth: hci0: command tx timeout
[  469.123769][ T8117] overlayfs: missing 'lowerdir'
[  469.729445][ T8119] loop1: detected capacity change from 0 to 32768
[  469.774232][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  469.802971][ T8119] 
[  469.802971][ T8119]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  469.802971][ T8119] 
[  469.867136][   T30] audit: type=1800 audit(1759855803.248:39): pid=8119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.355" name="file1" dev="loop1" ino=4 res=0 errno=0
[  469.913461][   T60] 
[  469.913461][   T60]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  469.913461][   T60] 
[  469.952832][   T60] 
[  469.952832][   T60]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  469.952832][   T60] 
[  469.989815][   T60] 
[  469.989815][   T60]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  469.989815][   T60] 
[  470.015620][ T5844] 
[  470.015620][ T5844]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  470.015620][ T5844] 
[  470.042856][  T111] 
[  470.042856][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  470.042856][  T111] 
[  470.062840][ T5844] 
[  470.062840][ T5844]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  470.062840][ T5844] 
[  470.253987][ T1332] team0 (unregistering): Port device team_slave_1 removed
[  470.363742][ T1332] team0 (unregistering): Port device team_slave_0 removed
[  470.402860][   T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  470.556077][   T24] usb 4-1: device descriptor read/64, error -71
[  470.776462][ T8104] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  470.796943][   T30] audit: type=1800 audit(1759855804.188:40): pid=8104 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.348" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  470.837137][ T8104] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  470.847054][ T8104] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  470.868492][ T5864] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  470.878344][ T5864] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  470.886667][ T5864] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  470.903804][ T5864] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  470.912954][ T5864] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  470.954249][   T24] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  471.104879][   T24] usb 4-1: device descriptor read/64, error -71
[  471.213765][   T24] usb usb4-port1: attempt power cycle
[  471.575076][ T7977] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.582241][ T7977] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.597077][   T24] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  471.633408][   T24] usb 4-1: device descriptor read/8, error -71
[  471.658954][ T7977] bridge_slave_0: entered allmulticast mode
[  471.690363][ T7977] bridge_slave_0: entered promiscuous mode
[  471.751969][ T7977] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.763541][ T7977] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.770793][ T7977] bridge_slave_1: entered allmulticast mode
[  471.781305][ T8143] loop2: detected capacity change from 0 to 2048
[  471.892793][   T24] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  471.998711][ T8143] NILFS (loop2): invalid segment: Inconsistency found
[  472.024596][ T7977] bridge_slave_1: entered promiscuous mode
[  472.101464][ T8143] NILFS (loop2): trying rollback from an earlier position
[  472.154281][   T24] usb 4-1: device descriptor read/8, error -71
[  472.586395][   T24] usb usb4-port1: unable to enumerate USB device
[  472.641522][ T8143] NILFS (loop2): recovery complete
[  472.678924][ T8024] chnl_net:caif_netlink_parms(): no params data found
[  472.691304][ T8151] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  472.972884][   T52] Bluetooth: hci5: command tx timeout
[  473.035899][ T7977] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  474.005958][ T7977] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  476.455807][   T52] Bluetooth: hci5: command tx timeout
[  476.609051][ T8167] loop2: detected capacity change from 0 to 512
[  476.651974][ T8167] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.362: bad orphan inode 13
[  476.755445][ T8167] ext4_test_bit(bit=12, block=4) = 1
[  476.792812][ T8167] is_bad_inode(inode)=0
[  476.803563][ T8167] NEXT_ORPHAN(inode)=0
[  476.807816][ T8167] max_ino=32
[  476.811196][ T8167] i_nlink=1
[  476.850120][ T8167] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  478.492770][   T52] Bluetooth: hci5: command tx timeout
[  478.526797][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  478.579600][ T7977] team0: Port device team_slave_0 added
[  478.990659][ T8198] loop2: detected capacity change from 0 to 2048
[  479.016811][ T7977] team0: Port device team_slave_1 added
[  479.109244][ T8198] NILFS (loop2): invalid segment: Inconsistency found
[  479.118371][ T8198] NILFS (loop2): trying rollback from an earlier position
[  479.181500][ T8198] NILFS (loop2): recovery complete
[  479.195626][ T8203] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  479.896244][ T8024] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.924092][ T8024] bridge0: port 1(bridge_slave_0) entered disabled state
[  479.953640][ T8024] bridge_slave_0: entered allmulticast mode
[  480.002899][ T8024] bridge_slave_0: entered promiscuous mode
[  480.174753][ T7977] batman_adv: batadv0: Adding interface: batadv_slave_0
[  480.196483][ T7977] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  480.236488][ T7977] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  480.509307][ T8024] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.517106][ T8024] bridge0: port 2(bridge_slave_1) entered disabled state
[  480.528268][ T8024] bridge_slave_1: entered allmulticast mode
[  480.536668][ T8024] bridge_slave_1: entered promiscuous mode
[  480.551071][ T8125] chnl_net:caif_netlink_parms(): no params data found
[  480.567446][ T7977] batman_adv: batadv0: Adding interface: batadv_slave_1
[  480.574600][ T7977] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  480.582987][   T52] Bluetooth: hci5: command tx timeout
[  480.601560][ T7977] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  481.298843][ T8024] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  481.359705][ T8216] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  481.361421][ T8024] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  481.379213][   T30] audit: type=1800 audit(1759855814.768:41): pid=8216 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.367" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  481.452935][ T8216] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  481.499314][ T7977] hsr_slave_0: entered promiscuous mode
[  481.505097][ T8216] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  481.515729][ T7977] hsr_slave_1: entered promiscuous mode
[  481.562858][ T5973] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  481.735603][ T8024] team0: Port device team_slave_0 added
[  481.768797][ T8024] team0: Port device team_slave_1 added
[  481.793172][ T5973] usb 4-1: device descriptor read/64, error -71
[  482.042935][ T5973] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  482.222818][ T5973] usb 4-1: device descriptor read/64, error -71
[  482.246501][ T8125] bridge0: port 1(bridge_slave_0) entered blocking state
[  482.264407][ T8125] bridge0: port 1(bridge_slave_0) entered disabled state
[  482.282210][ T8125] bridge_slave_0: entered allmulticast mode
[  482.310548][ T8125] bridge_slave_0: entered promiscuous mode
[  482.319544][ T8024] batman_adv: batadv0: Adding interface: batadv_slave_0
[  482.332774][ T8024] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  482.352814][ T5973] usb usb4-port1: attempt power cycle
[  482.360038][ T8024] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  482.487772][ T8125] bridge0: port 2(bridge_slave_1) entered blocking state
[  482.513028][ T8125] bridge0: port 2(bridge_slave_1) entered disabled state
[  482.523367][ T8125] bridge_slave_1: entered allmulticast mode
[  482.540754][ T8125] bridge_slave_1: entered promiscuous mode
[  482.652251][ T8024] batman_adv: batadv0: Adding interface: batadv_slave_1
[  482.670563][ T8024] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  482.748064][ T8024] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  482.762922][ T5973] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  482.815227][ T5973] usb 4-1: device descriptor read/8, error -71
[  483.093700][ T5973] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  483.105045][ T8125] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  483.124376][ T5973] usb 4-1: device descriptor read/8, error -71
[  483.190468][ T8125] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  483.284587][ T5973] usb usb4-port1: unable to enumerate USB device
[  485.060574][ T8024] hsr_slave_0: entered promiscuous mode
[  485.119051][ T8024] hsr_slave_1: entered promiscuous mode
[  485.132909][ T8024] debugfs: 'hsr0' already exists in 'hsr'
[  485.142771][ T8024] Cannot create hsr debugfs directory
[  485.192212][ T8253] loop2: detected capacity change from 0 to 512
[  485.224516][ T8125] team0: Port device team_slave_0 added
[  485.235946][ T8253] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.375: bad orphan inode 13
[  485.246534][ T8125] team0: Port device team_slave_1 added
[  485.265575][ T8253] ext4_test_bit(bit=12, block=4) = 1
[  485.270915][ T8253] is_bad_inode(inode)=0
[  485.276365][ T8253] NEXT_ORPHAN(inode)=0
[  485.280494][ T8253] max_ino=32
[  485.284842][ T8253] i_nlink=1
[  485.298280][ T8253] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  485.328064][ T8258] loop3: detected capacity change from 0 to 16
[  485.376038][ T8258] erofs (device loop3): mounted with root inode @ nid 36.
[  486.416601][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.141818][ T8274] loop2: detected capacity change from 0 to 512
[  488.941192][ T8125] batman_adv: batadv0: Adding interface: batadv_slave_0
[  488.963606][ T8125] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  489.941073][ T8125] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  489.967547][ T8274] EXT4-fs: error -4 creating inode table initialization thread
[  489.975523][ T8274] EXT4-fs (loop2): mount failed
[  490.691878][ T8125] batman_adv: batadv0: Adding interface: batadv_slave_1
[  490.741122][ T8125] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  490.772836][ T8125] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  491.998005][ T8125] hsr_slave_0: entered promiscuous mode
[  492.040993][ T8125] hsr_slave_1: entered promiscuous mode
[  492.056243][ T8125] debugfs: 'hsr0' already exists in 'hsr'
[  492.062760][ T8125] Cannot create hsr debugfs directory
[  492.881045][ T1332] bridge_slave_1: left allmulticast mode
[  492.888020][ T1332] bridge_slave_1: left promiscuous mode
[  492.904248][ T1332] bridge0: port 2(bridge_slave_1) entered disabled state
[  492.928189][ T1332] bridge_slave_0: left allmulticast mode
[  492.941144][ T1332] bridge_slave_0: left promiscuous mode
[  492.949001][ T1332] bridge0: port 1(bridge_slave_0) entered disabled state
[  492.980784][ T1332] bridge_slave_1: left allmulticast mode
[  492.986780][ T1332] bridge_slave_1: left promiscuous mode
[  492.992722][ T1332] bridge0: port 2(bridge_slave_1) entered disabled state
[  493.022267][ T1332] bridge_slave_0: left allmulticast mode
[  493.038688][ T1332] bridge_slave_0: left promiscuous mode
[  493.045698][ T1332] bridge0: port 1(bridge_slave_0) entered disabled state
[  493.704736][ T1332] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  493.717213][ T1332] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  493.784573][ T1332] bond0 (unregistering): Released all slaves
[  494.759510][ T1332] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  494.772090][ T1332] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  494.813239][ T5931] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  495.062794][ T5931] usb 2-1: Using ep0 maxpacket: 8
[  495.068588][ T5931] usb 2-1: no configurations
[  495.074034][ T5931] usb 2-1: can't read configurations, error -22
[  495.096164][ T1332] bond0 (unregistering): Released all slaves
[  495.218229][ T5931] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  495.338001][   T30] audit: type=1800 audit(1759855828.748:42): pid=8310 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.381" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  495.340479][ T8310] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -12
[  495.423196][ T5931] usb 2-1: Using ep0 maxpacket: 8
[  495.437943][ T1332] hsr_slave_0: left promiscuous mode
[  495.449902][ T5931] usb 2-1: no configurations
[  495.456523][ T1332] hsr_slave_1: left promiscuous mode
[  495.462384][ T5931] usb 2-1: can't read configurations, error -22
[  495.478554][ T1332] batman_adv: batadv0: Removing interface: batadv_slave_0
[  495.493705][ T8310] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -12
[  495.493744][ T5931] usb usb2-port1: attempt power cycle
[  495.522429][ T8310] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  495.532301][ T1332] batman_adv: batadv0: Removing interface: batadv_slave_1
[  495.747497][ T1332] hsr_slave_0: left promiscuous mode
[  495.784161][ T1332] hsr_slave_1: left promiscuous mode
[  495.824537][ T1332] batman_adv: batadv0: Removing interface: batadv_slave_0
[  495.858510][ T1332] batman_adv: batadv0: Removing interface: batadv_slave_1
[  496.016172][ T5931] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  496.053569][ T5931] usb 2-1: Using ep0 maxpacket: 8
[  496.062647][ T5931] usb 2-1: no configurations
[  496.075635][ T5931] usb 2-1: can't read configurations, error -22
[  496.223033][ T5931] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  496.263624][ T5931] usb 2-1: Using ep0 maxpacket: 8
[  496.276774][ T5931] usb 2-1: no configurations
[  496.281410][ T5931] usb 2-1: can't read configurations, error -22
[  496.332496][ T8318] loop3: detected capacity change from 0 to 512
[  496.341225][ T5931] usb usb2-port1: unable to enumerate USB device
[  496.403447][ T8318] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.385: bad orphan inode 11862016
[  496.420730][ T8318] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  496.463012][ T8318] ext4 filesystem being mounted at /117/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  496.620832][ T1332] team0 (unregistering): Port device team_slave_1 removed
[  496.686065][ T8323] loop2: detected capacity change from 0 to 512
[  496.705623][ T8323] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.386: bad orphan inode 13
[  496.706171][ T1332] team0 (unregistering): Port device team_slave_0 removed
[  496.724170][ T8323] ext4_test_bit(bit=12, block=4) = 1
[  496.729600][ T8323] is_bad_inode(inode)=0
[  496.734869][ T8323] NEXT_ORPHAN(inode)=0
[  496.739182][ T8323] max_ino=32
[  496.772238][ T8323] i_nlink=1
[  496.778057][ T8323] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  498.683338][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  498.802609][ T8335] overlayfs: missing 'lowerdir'
[  500.208334][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  500.679393][ T8346] netlink: 'syz.2.391': attribute type 7 has an invalid length.
[  500.687924][ T8346] netlink: 8 bytes leftover after parsing attributes in process `syz.2.391'.
[  501.034249][ T8348] loop1: detected capacity change from 0 to 2048
[  501.160243][ T8348] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  501.173021][ T8348] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  501.492930][ T8354] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set
[  502.081986][ T8354] EXT4-fs (loop1): Remounting filesystem read-only
[  502.149152][ T1332] team0 (unregistering): Port device team_slave_1 removed
[  502.190489][ T1332] team0 (unregistering): Port device team_slave_0 removed
[  502.961908][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  504.300331][ T7977] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  505.338928][ T7977] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  505.404226][ T7977] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  505.460412][ T7977] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  505.802756][ T6029] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  505.953131][ T8387] syz.1.395 (8387) used greatest stack depth: 19720 bytes left
[  506.052870][ T6029] usb 4-1: Using ep0 maxpacket: 8
[  506.075332][ T6029] usb 4-1: no configurations
[  506.091472][ T6029] usb 4-1: can't read configurations, error -22
[  506.149607][ T8389] loop2: detected capacity change from 0 to 512
[  506.161084][ T8125] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  506.188951][ T7977] 8021q: adding VLAN 0 to HW filter on device bond0
[  506.228306][ T8125] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  506.236359][ T6029] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  506.264034][ T8389] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.399: bad orphan inode 11862016
[  506.287140][ T8125] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  506.308015][ T8389] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  506.382128][ T8389] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  506.420299][ T8125] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  506.434212][ T6029] usb 4-1: Using ep0 maxpacket: 8
[  506.440298][ T6029] usb 4-1: no configurations
[  506.707330][ T6029] usb 4-1: can't read configurations, error -22
[  506.723693][ T6029] usb usb4-port1: attempt power cycle
[  506.762207][ T7977] 8021q: adding VLAN 0 to HW filter on device team0
[  506.864734][ T8396] overlayfs: missing 'lowerdir'
[  507.084366][ T6029] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  507.466960][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  507.471026][ T6029] usb 4-1: Using ep0 maxpacket: 8
[  507.483766][ T6029] usb 4-1: no configurations
[  507.508074][ T6029] usb 4-1: can't read configurations, error -22
[  507.580164][ T5970] bridge0: port 1(bridge_slave_0) entered blocking state
[  507.587381][ T5970] bridge0: port 1(bridge_slave_0) entered forwarding state
[  507.706794][ T6029] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  507.737290][ T8024] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  507.849802][ T6029] usb 4-1: Using ep0 maxpacket: 8
[  507.938867][ T6029] usb 4-1: no configurations
[  507.992213][ T6029] usb 4-1: can't read configurations, error -22
[  508.068423][ T6029] usb usb4-port1: unable to enumerate USB device
[  508.087191][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  508.094382][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  508.142333][ T8024] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  508.186588][ T8024] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  508.210545][ T8024] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  508.442340][ T7977] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  509.562621][ T8423] loop2: detected capacity change from 0 to 256
[  510.599355][ T8421] loop3: detected capacity change from 0 to 2048
[  511.556542][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  511.570041][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  512.085721][ T8423] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  512.389315][ T8125] 8021q: adding VLAN 0 to HW filter on device bond0
[  512.554386][ T8125] 8021q: adding VLAN 0 to HW filter on device team0
[  512.627626][ T7449] bridge0: port 1(bridge_slave_0) entered blocking state
[  512.634829][ T7449] bridge0: port 1(bridge_slave_0) entered forwarding state
[  512.776784][ T7449] bridge0: port 2(bridge_slave_1) entered blocking state
[  512.783985][ T7449] bridge0: port 2(bridge_slave_1) entered forwarding state
[  512.903706][ T8431] overlayfs: failed to resolve './file0': -2
[  513.032293][ T8024] 8021q: adding VLAN 0 to HW filter on device bond0
[  513.074613][ T8024] 8021q: adding VLAN 0 to HW filter on device team0
[  513.141255][ T8024] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  513.157549][ T8024] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  513.517664][ T8439] loop1: detected capacity change from 0 to 256
[  513.859998][ T8439] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  514.373226][ T7449] bridge0: port 1(bridge_slave_0) entered blocking state
[  514.373444][ T7449] bridge0: port 1(bridge_slave_0) entered forwarding state
[  514.397019][ T7449] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.404279][ T7449] bridge0: port 2(bridge_slave_1) entered forwarding state
[  516.011626][ T8443] loop3: detected capacity change from 0 to 32768
[  516.059689][ T8443] 
[  516.059689][ T8443]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  516.059689][ T8443] 
[  516.083500][   T30] audit: type=1800 audit(1759855849.498:43): pid=8443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.408" name="file1" dev="loop3" ino=4 res=0 errno=0
[  516.827173][ T5855] 
[  516.827173][ T5855]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  516.827173][ T5855] 
[  516.839331][ T8448] loop1: detected capacity change from 0 to 512
[  516.872446][ T5855] 
[  516.872446][ T5855]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  516.872446][ T5855] 
[  516.980313][ T8448] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.410: bad orphan inode 11862016
[  517.465148][ T8448] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  517.577411][ T8448] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  518.009673][ T5864] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  518.023331][ T5864] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  518.031407][ T5864] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  518.039764][ T5864] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  518.047706][ T5864] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  518.252963][ T8464] overlayfs: missing 'lowerdir'
[  519.183114][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  520.874453][ T5864] Bluetooth: hci3: command tx timeout
[  521.787811][ T8485] loop3: detected capacity change from 0 to 40427
[  522.193098][ T8490] netlink: 'syz.3.416': attribute type 64 has an invalid length.
[  522.201617][ T8490] netlink: 9 bytes leftover after parsing attributes in process `syz.3.416'.
[  522.910406][ T5864] Bluetooth: hci3: command tx timeout
[  523.246915][   T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  523.261765][   T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  523.269820][   T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  523.279125][   T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  523.291332][   T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  523.349823][ T8497] loop1: detected capacity change from 0 to 512
[  523.464674][ T8497] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.418: bad orphan inode 13
[  523.524774][ T8497] ext4_test_bit(bit=12, block=4) = 1
[  523.531128][ T8497] is_bad_inode(inode)=0
[  523.613639][ T8497] NEXT_ORPHAN(inode)=0
[  523.619559][ T8497] max_ino=32
[  523.626980][ T8497] i_nlink=1
[  523.665224][ T8497] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  523.757535][ T8501] overlayfs: failed to resolve './file0': -2
[  524.829794][ T8508] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  525.070222][ T8125] 8021q: adding VLAN 0 to HW filter on device batadv0
[  525.077922][   T52] Bluetooth: hci3: command tx timeout
[  525.118820][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  525.603865][ T8511] loop2: detected capacity change from 0 to 32768
[  525.611895][   T52] Bluetooth: hci0: command tx timeout
[  525.633039][ T8511] 
[  525.633039][ T8511]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  525.633039][ T8511] 
[  526.318055][ T5970] 
[  526.318055][ T5970]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.318055][ T5970] 
[  526.357975][ T5970] 
[  526.357975][ T5970]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.357975][ T5970] 
[  526.390499][ T5970] 
[  526.390499][ T5970]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.390499][ T5970] 
[  526.407429][  T110] 
[  526.407429][  T110]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.407429][  T110] 
[  526.445695][ T5846] 
[  526.445695][ T5846]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.445695][ T5846] 
[  526.508326][ T5846] 
[  526.508326][ T5846]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  526.508326][ T5846] 
[  526.788875][ T8523] netlink: 18128 bytes leftover after parsing attributes in process `syz.2.424'.
[  527.142858][   T52] Bluetooth: hci3: command tx timeout
[  527.702915][   T52] Bluetooth: hci0: command tx timeout
[  527.797841][ T1311] bridge_slave_1: left allmulticast mode
[  527.822723][ T1311] bridge_slave_1: left promiscuous mode
[  527.839327][ T1311] bridge0: port 2(bridge_slave_1) entered disabled state
[  528.269688][ T1311] bridge_slave_0: left allmulticast mode
[  528.294028][ T1311] bridge_slave_0: left promiscuous mode
[  528.305588][ T1311] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.394417][ T8545] overlayfs: failed to resolve './file0': -2
[  529.774232][   T52] Bluetooth: hci0: command tx timeout
[  530.195638][ T1311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  530.207002][ T1311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  530.217626][ T1311] bond0 (unregistering): Released all slaves
[  530.460038][ T8553] loop1: detected capacity change from 0 to 512
[  530.476712][ T1311] hsr_slave_0: left promiscuous mode
[  530.511867][ T1311] hsr_slave_1: left promiscuous mode
[  530.524182][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_0
[  530.751365][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_1
[  531.086732][ T8553] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.432: bad orphan inode 13
[  531.146832][ T8553] ext4_test_bit(bit=12, block=4) = 1
[  531.152165][ T8553] is_bad_inode(inode)=0
[  531.195632][ T8553] NEXT_ORPHAN(inode)=0
[  531.199738][ T8553] max_ino=32
[  531.472836][ T8553] i_nlink=1
[  531.480892][ T8553] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  531.862819][   T52] Bluetooth: hci0: command tx timeout
[  532.617604][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  532.908102][ T5864] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  532.922862][ T5864] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  532.942889][ T5864] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  532.970789][ T5864] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  532.981474][ T5864] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  534.612215][ T1311] team0 (unregistering): Port device team_slave_1 removed
[  534.646927][ T8580] loop2: detected capacity change from 0 to 2048
[  534.679912][ T8580] NILFS (loop2): invalid segment: Inconsistency found
[  534.693950][ T1311] team0 (unregistering): Port device team_slave_0 removed
[  534.713123][ T8580] NILFS (loop2): trying rollback from an earlier position
[  534.767313][ T8580] NILFS (loop2): recovery complete
[  534.780871][ T8581] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  535.164205][ T5864] Bluetooth: hci5: command tx timeout
[  535.924678][ T8558] batadv1: entered promiscuous mode
[  535.945821][ T8558] batadv1: entered allmulticast mode
[  537.259360][ T5864] Bluetooth: hci5: command tx timeout
[  537.323462][ T8494] chnl_net:caif_netlink_parms(): no params data found
[  538.283282][ T8460] chnl_net:caif_netlink_parms(): no params data found
[  539.296947][ T5864] Bluetooth: hci5: command tx timeout
[  541.999948][ T5864] Bluetooth: hci5: command tx timeout
[  542.132323][ T8617] Cache volume key already in use (9p,(null),)
[  542.351313][ T8621] autofs: Unknown parameter '0x0000000000000000'
[  542.643107][ T8460] bridge0: port 1(bridge_slave_0) entered blocking state
[  542.652784][ T8460] bridge0: port 1(bridge_slave_0) entered disabled state
[  542.660147][ T8460] bridge_slave_0: entered allmulticast mode
[  542.672429][ T8460] bridge_slave_0: entered promiscuous mode
[  542.683070][ T8460] bridge0: port 2(bridge_slave_1) entered blocking state
[  542.690464][ T8460] bridge0: port 2(bridge_slave_1) entered disabled state
[  542.698036][ T8460] bridge_slave_1: entered allmulticast mode
[  542.744276][ T8460] bridge_slave_1: entered promiscuous mode
[  542.807445][ T8626] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  542.837326][ T8628] fuse: Bad value for 'group_id'
[  542.842418][ T8628] fuse: Bad value for 'group_id'
[  544.495367][ T8494] bridge0: port 1(bridge_slave_0) entered blocking state
[  545.453189][ T8494] bridge0: port 1(bridge_slave_0) entered disabled state
[  545.480135][ T8494] bridge_slave_0: entered allmulticast mode
[  545.493726][ T8494] bridge_slave_0: entered promiscuous mode
[  546.512422][ T8460] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  546.526223][ T8460] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  546.801410][ T8642] loop2: detected capacity change from 0 to 40427
[  546.883103][ T8642] F2FS-fs (loop2): invalid crc value
[  547.270873][ T8642] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  547.392082][ T8642] F2FS-fs (loop2): Start checkpoint disabled!
[  547.430598][ T8642] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  547.438883][ T8642] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  547.564081][ T8494] bridge0: port 2(bridge_slave_1) entered blocking state
[  547.571360][ T8494] bridge0: port 2(bridge_slave_1) entered disabled state
[  547.605835][ T8640] loop1: detected capacity change from 0 to 32768
[  547.630251][ T8494] bridge_slave_1: entered allmulticast mode
[  547.953814][   T30] audit: type=1800 audit(1759855881.128:44): pid=8642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.450" name="file1" dev="loop2" ino=10 res=0 errno=0
[  547.955316][ T8494] bridge_slave_1: entered promiscuous mode
[  547.974662][   T30] audit: type=1804 audit(1759855881.128:45): pid=8642 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.450" name="/newroot/137/file1/file1" dev="loop2" ino=10 res=1 errno=0
[  548.845347][ T6001] kworker/u8:9: attempt to access beyond end of device
[  548.845347][ T6001] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  548.883171][ T6001] CPU: 1 UID: 0 PID: 6001 Comm: kworker/u8:9 Not tainted syzkaller #0 PREEMPT(full) 
[  548.883221][ T6001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  548.883247][ T6001] Workqueue: writeback wb_workfn (flush-7:2)
[  548.883313][ T6001] Call Trace:
[  548.883326][ T6001]  <TASK>
[  548.883339][ T6001]  dump_stack_lvl+0x16c/0x1f0
[  548.883396][ T6001]  f2fs_handle_critical_error+0x624/0x9f0
[  548.883443][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.883487][ T6001]  ? f2fs_build_fault_attr+0x53/0x1f0
[  548.883553][ T6001]  f2fs_write_end_io+0x958/0xcf0
[  548.883603][ T6001]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  548.883653][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.883708][ T6001]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  548.883753][ T6001]  bio_endio+0x713/0x860
[  548.883810][ T6001]  submit_bio_noacct+0x306/0x1f60
[  548.883866][ T6001]  __submit_merged_bio+0x33c/0x770
[  548.883919][ T6001]  __submit_merged_write_cond+0x319/0x3f0
[  548.883979][ T6001]  f2fs_write_cache_pages+0x2067/0x2570
[  548.884064][ T6001]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  548.884140][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.884184][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.884226][ T6001]  ? find_held_lock+0x2b/0x80
[  548.884284][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.884332][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.884374][ T6001]  ? do_raw_spin_unlock+0x172/0x230
[  548.884445][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.884489][ T6001]  ? f2fs_available_free_memory+0x279/0xa30
[  548.884649][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.884702][ T6001]  f2fs_write_data_pages+0x4ad/0xd90
[  548.884767][ T6001]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  548.884835][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.884878][ T6001]  ? __lock_acquire+0xb97/0x1ce0
[  548.884923][ T6001]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  548.884982][ T6001]  do_writepages+0x27a/0x600
[  548.885034][ T6001]  ? __pfx_do_writepages+0x10/0x10
[  548.885075][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.885119][ T6001]  ? reacquire_held_locks+0xcd/0x1f0
[  548.885161][ T6001]  ? writeback_sb_inodes+0x3b0/0xfa0
[  548.885223][ T6001]  __writeback_single_inode+0x160/0xfb0
[  548.885282][ T6001]  ? __pfx___writeback_single_inode+0x10/0x10
[  548.885334][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.885378][ T6001]  ? do_raw_spin_unlock+0x172/0x230
[  548.885431][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.885482][ T6001]  writeback_sb_inodes+0x60d/0xfa0
[  548.885567][ T6001]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  548.885621][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.885664][ T6001]  ? mark_held_locks+0x49/0x80
[  548.885776][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.885823][ T6001]  ? rcu_is_watching+0x12/0xc0
[  548.885881][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.885927][ T6001]  ? queue_io+0x3f6/0x520
[  548.885979][ T6001]  wb_writeback+0x419/0xb70
[  548.886047][ T6001]  ? __pfx_wb_writeback+0x10/0x10
[  548.886098][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.886155][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.886199][ T6001]  ? mark_held_locks+0x49/0x80
[  548.886250][ T6001]  wb_workfn+0x14d/0xbe0
[  548.886310][ T6001]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  548.886362][ T6001]  ? __pfx_wb_workfn+0x10/0x10
[  548.886421][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.886468][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.886525][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.886567][ T6001]  ? rcu_is_watching+0x12/0xc0
[  548.886631][ T6001]  process_one_work+0x9cf/0x1b70
[  548.886704][ T6001]  ? __pfx_process_one_work+0x10/0x10
[  548.886755][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.886812][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.886855][ T6001]  ? assign_work+0x1a0/0x250
[  548.886912][ T6001]  worker_thread+0x6c8/0xf10
[  548.886975][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.887020][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.887063][ T6001]  ? __kthread_parkme+0x19e/0x250
[  548.887099][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.887146][ T6001]  ? __pfx_worker_thread+0x10/0x10
[  548.887196][ T6001]  kthread+0x3c5/0x780
[  548.887244][ T6001]  ? __pfx_kthread+0x10/0x10
[  548.887292][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  548.887335][ T6001]  ? rcu_is_watching+0x12/0xc0
[  548.887392][ T6001]  ? __pfx_kthread+0x10/0x10
[  548.887440][ T6001]  ret_from_fork+0x56d/0x730
[  548.887480][ T6001]  ? __pfx_kthread+0x10/0x10
[  548.887534][ T6001]  ret_from_fork_asm+0x1a/0x30
[  548.887611][ T6001]  </TASK>
[  548.887625][ T6001] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  549.564867][ T8494] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  549.590779][ T8460] team0: Port device team_slave_0 added
[  549.669029][ T8460] team0: Port device team_slave_1 added
[  551.870235][ T8494] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  551.926009][ T8460] batman_adv: batadv0: Adding interface: batadv_slave_0
[  551.933160][ T8460] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  551.959536][ T8460] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  551.982353][ T8460] batman_adv: batadv0: Adding interface: batadv_slave_1
[  551.990283][ T8460] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  552.038095][ T8460] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  552.225340][ T8494] team0: Port device team_slave_0 added
[  552.248152][ T8669] loop3: detected capacity change from 0 to 512
[  552.288292][ T8494] team0: Port device team_slave_1 added
[  552.325585][ T8669] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.458: bad orphan inode 13
[  552.356465][ T8669] ext4_test_bit(bit=12, block=4) = 1
[  552.361790][ T8669] is_bad_inode(inode)=0
[  552.366642][ T8669] NEXT_ORPHAN(inode)=0
[  552.370722][ T8669] max_ino=32
[  552.374493][ T8669] i_nlink=1
[  552.379694][ T8669] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  552.598571][ T8671] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters
[  552.636393][ T8494] batman_adv: batadv0: Adding interface: batadv_slave_0
[  552.655387][ T8494] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  552.713451][ T8494] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  553.302429][ T8460] hsr_slave_0: entered promiscuous mode
[  553.338700][ T8460] hsr_slave_1: entered promiscuous mode
[  553.507391][ T8494] batman_adv: batadv0: Adding interface: batadv_slave_1
[  553.517438][ T8494] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  553.560777][ T8666] loop1: detected capacity change from 0 to 32768
[  553.569694][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  553.622699][ T8666] 
[  553.622699][ T8666]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  553.622699][ T8666] 
[  553.644855][ T8494] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  553.686329][   T30] audit: type=1800 audit(1759855887.088:46): pid=8666 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.457" name="file1" dev="loop1" ino=4 res=0 errno=0
[  554.634010][ T8666] ERROR: (device loop1): xtSearch: stack overrun!
[  554.634010][ T8666] 
[  554.899249][ T8666] ERROR: (device loop1): xtSearch: stack overrun!
[  554.899249][ T8666] 
[  555.048019][ T8666] xtLookup: xtSearch returned -5
[  555.165020][ T8666] ERROR: (device loop1): xtTruncate: stack overrun!
[  555.165020][ T8666] 
[  555.462218][   T30] audit: type=1800 audit(1759855888.858:47): pid=8684 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.457" name="file1" dev="loop1" ino=4 res=0 errno=0
[  555.637600][ T6001] 
[  555.637600][ T6001]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  555.637600][ T6001] 
[  555.670306][ T6001] 
[  555.670306][ T6001]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  555.670306][ T6001] 
[  555.689312][ T6001] 
[  555.689312][ T6001]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  555.689312][ T6001] 
[  555.700693][ T6001] 
[  555.700693][ T6001]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  555.700693][ T6001] 
[  555.734020][ T6001] JFS: metapage_get_blocks failed
[  555.739222][ T6001] 
[  555.739222][ T6001]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  555.739222][ T6001] 
[  555.767909][ T5844] 
[  555.767909][ T5844]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  555.767909][ T5844] 
[  555.801967][ T5844] 
[  555.801967][ T5844]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  555.801967][ T5844] 
[  555.833759][  T909] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  556.007362][  T909] usb 3-1: Using ep0 maxpacket: 8
[  556.024789][ T8494] hsr_slave_0: entered promiscuous mode
[  556.031821][ T8494] hsr_slave_1: entered promiscuous mode
[  556.046104][  T909] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  556.064243][ T8494] debugfs: 'hsr0' already exists in 'hsr'
[  556.070234][  T909] usb 3-1: config 0 has no interfaces?
[  556.080810][  T909] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  556.101214][ T8494] Cannot create hsr debugfs directory
[  556.133981][  T909] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.239656][  T909] usb 3-1: config 0 descriptor??
[  556.542021][ T8691] loop1: detected capacity change from 0 to 2048
[  556.625485][ T8691] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  556.702916][ T8691] ext4 filesystem being mounted at /149/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  557.036010][ T8691] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm syz.1.461: bg 0: block 345: padding at end of block bitmap is not set
[  557.056248][ T8691] EXT4-fs (loop1): Remounting filesystem read-only
[  557.088797][   T13] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4980: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  557.167312][ T8568] chnl_net:caif_netlink_parms(): no params data found
[  557.189578][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  558.683102][   T10] usb 3-1: USB disconnect, device number 7
[  558.760459][ T8711] autofs: Unknown parameter '0x0000000000000000'
[  558.935923][ T8709] loop1: detected capacity change from 0 to 2048
[  558.991159][ T8709] NILFS (loop1): invalid segment: Inconsistency found
[  559.008528][ T8709] NILFS (loop1): trying rollback from an earlier position
[  560.247142][ T8719] loop2: detected capacity change from 0 to 256
[  560.269340][ T8719] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  561.856993][ T8568] bridge0: port 1(bridge_slave_0) entered blocking state
[  561.894796][ T8709] NILFS (loop1): recovery complete
[  561.937965][ T8568] bridge0: port 1(bridge_slave_0) entered disabled state
[  561.946934][ T8568] bridge_slave_0: entered allmulticast mode
[  561.955815][ T8568] bridge_slave_0: entered promiscuous mode
[  561.980218][ T8709] NILFS (loop1): error -4 creating segctord thread
[  562.238263][ T8568] bridge0: port 2(bridge_slave_1) entered blocking state
[  562.292889][ T8568] bridge0: port 2(bridge_slave_1) entered disabled state
[  562.304549][ T8568] bridge_slave_1: entered allmulticast mode
[  562.348359][ T8568] bridge_slave_1: entered promiscuous mode
[  563.299369][ T1311] bridge_slave_1: left allmulticast mode
[  563.305940][ T1311] bridge_slave_1: left promiscuous mode
[  563.311810][ T1311] bridge0: port 2(bridge_slave_1) entered disabled state
[  563.467481][ T1311] bridge_slave_0: left allmulticast mode
[  563.482813][ T1311] bridge_slave_0: left promiscuous mode
[  563.501800][ T1311] bridge0: port 1(bridge_slave_0) entered disabled state
[  564.356786][ T1311] bridge_slave_1: left allmulticast mode
[  564.362480][ T1311] bridge_slave_1: left promiscuous mode
[  564.514394][ T1311] bridge0: port 2(bridge_slave_1) entered disabled state
[  564.834346][ T1311] bridge_slave_0: left allmulticast mode
[  564.842806][ T1311] bridge_slave_0: left promiscuous mode
[  564.853206][ T1311] bridge0: port 1(bridge_slave_0) entered disabled state
[  565.544824][ T8742] loop2: detected capacity change from 0 to 512
[  566.368536][ T8742] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  567.381101][ T8742] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0002]
[  567.391709][ T8742] EXT4-fs (loop2): orphan cleanup on readonly fs
[  567.402350][ T8742] EXT4-fs error (device loop2): ext4_validate_block_bitmap:440: comm syz.2.471: bg 0: block 361: padding at end of block bitmap is not set
[  567.417204][ T8742] EXT4-fs (loop2): Remounting filesystem read-only
[  567.427826][ T8742] EXT4-fs (loop2): 1 truncate cleaned up
[  567.559886][ T8742] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  568.294068][ T8746] overlayfs: failed to resolve './file1': -2
[  568.355635][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  569.113664][ T8759] loop3: detected capacity change from 0 to 512
[  569.242411][ T8759] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm syz.3.473: bg 0: block 393: padding at end of block bitmap is not set
[  569.259843][ T8759] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  569.285123][ T8759] EXT4-fs (loop3): 2 truncates cleaned up
[  569.318514][ T8759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  571.676353][ T8775] autofs: Unknown parameter '0x0000000000000000'
[  571.702888][ T1311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  571.754913][ T1311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  571.781921][ T1311] bond0 (unregistering): Released all slaves
[  572.513406][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  572.519962][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  573.109909][ T1311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  573.123797][ T1311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  573.139781][ T1311] bond0 (unregistering): Released all slaves
[  573.263489][ T8568] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  573.277026][ T8568] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  573.402413][ T8568] team0: Port device team_slave_0 added
[  573.441904][ T8568] team0: Port device team_slave_1 added
[  573.467017][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  573.624950][ T8568] batman_adv: batadv0: Adding interface: batadv_slave_0
[  573.631930][ T8568] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  573.683681][ T8568] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  573.706822][ T1311] hsr_slave_0: left promiscuous mode
[  573.713015][ T1311] hsr_slave_1: left promiscuous mode
[  573.719110][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_0
[  573.727233][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_1
[  573.742006][ T1311] hsr_slave_0: left promiscuous mode
[  573.753110][ T1311] hsr_slave_1: left promiscuous mode
[  573.759496][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_0
[  573.767873][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_1
[  576.502268][ T8805] overlayfs: failed to resolve './file1': -2
[  576.715196][ T8811] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  576.735230][ T8811] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  576.743637][ T8811] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  576.754668][ T8811] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  576.764257][ T8811] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  576.905627][ T1311] team0 (unregistering): Port device team_slave_1 removed
[  577.614124][ T1311] team0 (unregistering): Port device team_slave_0 removed
[  578.912715][ T5864] Bluetooth: hci3: command tx timeout
[  580.426996][ T8835] netlink: 32 bytes leftover after parsing attributes in process `syz.2.491'.
[  581.012978][ T5864] Bluetooth: hci3: command tx timeout
[  581.916695][ T8811] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  581.927182][ T8811] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  581.936612][ T8811] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  581.945080][ T8811] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  581.954961][ T8811] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  582.907796][ T1311] team0 (unregistering): Port device team_slave_1 removed
[  583.053824][ T8811] Bluetooth: hci3: command tx timeout
[  583.098680][ T1311] team0 (unregistering): Port device team_slave_0 removed
[  584.042883][ T8811] Bluetooth: hci6: command tx timeout
[  584.732144][ T8862] loop1: detected capacity change from 0 to 512
[  585.090844][ T8862] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  585.103592][ T8862] ext4 filesystem being mounted at /162/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  585.133624][ T8811] Bluetooth: hci3: command tx timeout
[  585.231036][ T8861] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  585.518002][ T8867] loop3: detected capacity change from 0 to 32768
[  585.544897][ T8867] 
[  585.544897][ T8867]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  585.544897][ T8867] 
[  585.558295][   T30] audit: type=1800 audit(1759855918.968:48): pid=8867 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.498" name="file1" dev="loop3" ino=4 res=0 errno=0
[  586.106100][ T8811] Bluetooth: hci6: command tx timeout
[  586.224080][ T8568] batman_adv: batadv0: Adding interface: batadv_slave_1
[  586.231067][ T8568] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  586.277888][ T6001] 
[  586.277888][ T6001]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  586.277888][ T6001] 
[  586.289490][ T6001] 
[  586.289490][ T6001]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  586.289490][ T6001] 
[  586.302059][ T6001] 
[  586.302059][ T6001]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  586.302059][ T6001] 
[  586.312692][ T8568] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  586.327158][  T111] 
[  586.327158][  T111]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  586.327158][  T111] 
[  586.388844][ T5855] 
[  586.388844][ T5855]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  586.388844][ T5855] 
[  586.410262][ T5855] 
[  586.410262][ T5855]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  586.410262][ T5855] 
[  586.685856][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  586.822390][ T8872] loop1: detected capacity change from 0 to 512
[  586.857267][ T8872] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.501: bad orphan inode 13
[  586.880116][ T8872] ext4_test_bit(bit=12, block=4) = 1
[  586.886023][ T8872] is_bad_inode(inode)=0
[  586.890350][ T8872] NEXT_ORPHAN(inode)=0
[  586.895542][ T8872] max_ino=32
[  586.898747][ T8872] i_nlink=1
[  586.904672][ T8872] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  588.189729][ T8811] Bluetooth: hci6: command tx timeout
[  588.324446][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  589.740549][ T8568] hsr_slave_0: entered promiscuous mode
[  589.808463][ T8568] hsr_slave_1: entered promiscuous mode
[  590.307542][ T5864] Bluetooth: hci6: command tx timeout
[  591.130782][ T8568] debugfs: 'hsr0' already exists in 'hsr'
[  591.136657][ T8568] Cannot create hsr debugfs directory
[  592.345323][ T5864] Bluetooth: hci6: command 0x0405 tx timeout
[  592.462740][ T8070] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  592.713698][ T8070] usb 3-1: Using ep0 maxpacket: 8
[  592.735019][ T8070] usb 3-1: config 252 has an invalid descriptor of length 0, skipping remainder of the config
[  592.805512][ T8070] usb 3-1: config 252 has 0 interfaces, different from the descriptor's value: 1
[  592.820776][ T8844] chnl_net:caif_netlink_parms(): no params data found
[  592.863412][ T8070] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  592.872499][ T8070] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  593.233892][ T8811] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  593.244779][ T8811] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  593.255123][ T8811] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  593.275285][ T8811] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  593.292420][ T8811] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  594.756854][ T8808] chnl_net:caif_netlink_parms(): no params data found
[  595.464221][ T8811] Bluetooth: hci0: command tx timeout
[  595.857393][ T8944] loop1: detected capacity change from 0 to 32768
[  595.880299][ T8944] 
[  595.880299][ T8944]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  595.880299][ T8944] 
[  595.901303][ T8844] bridge0: port 1(bridge_slave_0) entered blocking state
[  595.952516][   T30] audit: type=1800 audit(1759855929.338:49): pid=8944 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.509" name="file1" dev="loop1" ino=4 res=0 errno=0
[  595.952800][  T909] usb 3-1: USB disconnect, device number 8
[  595.973062][ T8844] bridge0: port 1(bridge_slave_0) entered disabled state
[  595.973329][ T8844] bridge_slave_0: entered allmulticast mode
[  596.460597][ T8844] bridge_slave_0: entered promiscuous mode
[  596.544625][ T8844] bridge0: port 2(bridge_slave_1) entered blocking state
[  596.551799][ T8844] bridge0: port 2(bridge_slave_1) entered disabled state
[  596.580392][ T8947] netlink: 32 bytes leftover after parsing attributes in process `syz.3.510'.
[  596.591586][ T8844] bridge_slave_1: entered allmulticast mode
[  596.604023][ T8844] bridge_slave_1: entered promiscuous mode
[  596.892302][ T5970] 
[  596.892302][ T5970]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  596.892302][ T5970] 
[  597.348585][ T8952] loop2: detected capacity change from 0 to 512
[  597.494480][ T8952] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  597.507761][ T8952] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  597.562674][ T5970] 
[  597.562674][ T5970]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  597.562674][ T5970] 
[  597.573744][ T5970] 
[  597.573744][ T5970]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  597.573744][ T5970] 
[  597.584499][ T5844] 
[  597.584499][ T5844]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  597.584499][ T5844] 
[  597.595642][ T5844] 
[  597.595642][ T5844]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  597.595642][ T5844] 
[  597.623248][  T110] 
[  597.623248][  T110]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  597.623248][  T110] 
[  597.680760][ T8953] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  597.852201][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  597.883274][ T8844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  598.084836][ T8844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  598.473274][ T8966] loop1: detected capacity change from 0 to 512
[  599.250530][ T8966] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  599.329239][ T8966] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0002]
[  599.339859][ T8966] EXT4-fs (loop1): orphan cleanup on readonly fs
[  599.365956][ T8966] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm syz.1.512: bg 0: block 361: padding at end of block bitmap is not set
[  599.386831][ T8966] EXT4-fs (loop1): Remounting filesystem read-only
[  600.221793][ T8966] EXT4-fs (loop1): 1 truncate cleaned up
[  600.285949][ T8966] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  600.677792][ T8808] bridge0: port 1(bridge_slave_0) entered blocking state
[  601.036725][ T8808] bridge0: port 1(bridge_slave_0) entered disabled state
[  601.332593][ T8808] bridge_slave_0: entered allmulticast mode
[  602.065664][ T8808] bridge_slave_0: entered promiscuous mode
[  602.106071][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  602.129706][ T8808] bridge0: port 2(bridge_slave_1) entered blocking state
[  602.155687][ T8808] bridge0: port 2(bridge_slave_1) entered disabled state
[  602.163538][ T8808] bridge_slave_1: entered allmulticast mode
[  602.172391][ T8808] bridge_slave_1: entered promiscuous mode
[  602.465698][ T8844] team0: Port device team_slave_0 added
[  602.505440][ T8981] loop2: detected capacity change from 0 to 2048
[  602.523019][ T8844] team0: Port device team_slave_1 added
[  602.544680][ T8981] NILFS (loop2): invalid segment: Inconsistency found
[  602.551597][ T8981] NILFS (loop2): trying rollback from an earlier position
[  602.632878][ T8981] NILFS (loop2): recovery complete
[  602.877118][ T8988] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  603.317428][ T8808] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  603.876723][ T1311] bridge_slave_1: left allmulticast mode
[  603.902919][ T1311] bridge_slave_1: left promiscuous mode
[  603.923259][ T1311] bridge0: port 2(bridge_slave_1) entered disabled state
[  603.991502][ T1311] bridge_slave_0: left allmulticast mode
[  604.006222][ T1311] bridge_slave_0: left promiscuous mode
[  604.019180][ T1311] bridge0: port 1(bridge_slave_0) entered disabled state
[  604.088622][ T8998] binder: 8996:8998 ioctl c0306201 200000000640 returned -14
[  604.190892][ T1311] bridge_slave_1: left allmulticast mode
[  604.214505][ T1311] bridge_slave_1: left promiscuous mode
[  604.243181][ T1311] bridge0: port 2(bridge_slave_1) entered disabled state
[  604.284788][ T1311] bridge_slave_0: left allmulticast mode
[  604.290472][ T1311] bridge_slave_0: left promiscuous mode
[  604.334990][ T1311] bridge0: port 1(bridge_slave_0) entered disabled state
[  604.602234][ T1311] bridge_slave_1: left allmulticast mode
[  604.633951][ T1311] bridge_slave_1: left promiscuous mode
[  604.639758][ T1311] bridge0: port 2(bridge_slave_1) entered disabled state
[  604.642751][ T8070] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  604.678204][ T1311] bridge_slave_0: left allmulticast mode
[  604.692823][ T1311] bridge_slave_0: left promiscuous mode
[  604.708140][ T1311] bridge0: port 1(bridge_slave_0) entered disabled state
[  604.833700][ T8070] usb 3-1: Using ep0 maxpacket: 8
[  604.846064][ T8070] usb 3-1: config 252 has 0 interfaces, different from the descriptor's value: 1
[  604.866121][ T8070] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  604.897898][ T8070] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.963259][ T1311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  605.006930][ T1311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  605.026076][ T1311] bond0 (unregistering): Released all slaves
[  605.497354][ T1311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  605.518082][ T1311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  605.641363][ T9019] loop1: detected capacity change from 0 to 256
[  606.509693][ T9019] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  607.193636][ T1311] bond0 (unregistering): Released all slaves
[  608.140989][ T6029] usb 3-1: USB disconnect, device number 9
[  608.559720][ T9023] loop2: detected capacity change from 0 to 40427
[  608.664856][ T9023] F2FS-fs (loop2): invalid crc value
[  608.885354][ T9023] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  608.897214][ T9023] F2FS-fs (loop2): Start checkpoint disabled!
[  609.309803][ T1311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  609.428102][ T1311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  609.463031][ T9023] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  609.480723][ T9023] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  609.524565][ T1311] bond0 (unregistering): Released all slaves
[  609.536234][ T9031] loop1: detected capacity change from 0 to 512
[  609.607479][   T30] audit: type=1800 audit(1759855943.018:50): pid=9023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.524" name="file1" dev="loop2" ino=10 res=0 errno=0
[  609.760882][ T9031] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.527: bad orphan inode 13
[  609.872076][   T30] audit: type=1804 audit(1759855943.058:51): pid=9023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.524" name="/newroot/160/file1/file1" dev="loop2" ino=10 res=1 errno=0
[  609.907687][ T9031] ext4_test_bit(bit=12, block=4) = 1
[  609.929934][ T9031] is_bad_inode(inode)=0
[  609.991676][ T9031] NEXT_ORPHAN(inode)=0
[  610.716659][ T9031] max_ino=32
[  610.719904][ T9031] i_nlink=1
[  610.726533][ T9031] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  610.972193][ T6001] kworker/u8:9: attempt to access beyond end of device
[  610.972193][ T6001] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  611.632760][ T6001] CPU: 0 UID: 0 PID: 6001 Comm: kworker/u8:9 Not tainted syzkaller #0 PREEMPT(full) 
[  611.632802][ T6001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  611.632823][ T6001] Workqueue: writeback wb_workfn (flush-7:2)
[  611.632878][ T6001] Call Trace:
[  611.632888][ T6001]  <TASK>
[  611.632900][ T6001]  dump_stack_lvl+0x16c/0x1f0
[  611.632947][ T6001]  f2fs_handle_critical_error+0x624/0x9f0
[  611.632986][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.633022][ T6001]  ? f2fs_build_fault_attr+0x53/0x1f0
[  611.633061][ T6001]  f2fs_write_end_io+0x958/0xcf0
[  611.633105][ T6001]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  611.633148][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.633193][ T6001]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  611.633231][ T6001]  bio_endio+0x713/0x860
[  611.633280][ T6001]  submit_bio_noacct+0x306/0x1f60
[  611.633327][ T6001]  __submit_merged_bio+0x33c/0x770
[  611.633372][ T6001]  __submit_merged_write_cond+0x319/0x3f0
[  611.633424][ T6001]  f2fs_write_cache_pages+0x2067/0x2570
[  611.633504][ T6001]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  611.633552][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.633590][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.633625][ T6001]  ? find_held_lock+0x2b/0x80
[  611.633674][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.633717][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.633758][ T6001]  ? do_raw_spin_unlock+0x172/0x230
[  611.633825][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.633865][ T6001]  ? f2fs_available_free_memory+0x279/0xa30
[  611.634011][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.634064][ T6001]  f2fs_write_data_pages+0x4ad/0xd90
[  611.634128][ T6001]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  611.634195][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.634237][ T6001]  ? __lock_acquire+0xb97/0x1ce0
[  611.634282][ T6001]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  611.634339][ T6001]  do_writepages+0x27a/0x600
[  611.634390][ T6001]  ? __pfx_do_writepages+0x10/0x10
[  611.634431][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.634479][ T6001]  ? reacquire_held_locks+0xcd/0x1f0
[  611.634522][ T6001]  ? writeback_sb_inodes+0x3b0/0xfa0
[  611.634581][ T6001]  __writeback_single_inode+0x160/0xfb0
[  611.634639][ T6001]  ? __pfx___writeback_single_inode+0x10/0x10
[  611.634690][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.634732][ T6001]  ? do_raw_spin_unlock+0x172/0x230
[  611.634783][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.634832][ T6001]  writeback_sb_inodes+0x60d/0xfa0
[  611.634909][ T6001]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  611.634959][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.635001][ T6001]  ? find_held_lock+0x2b/0x80
[  611.635129][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.635178][ T6001]  ? rcu_is_watching+0x12/0xc0
[  611.635235][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.635278][ T6001]  ? queue_io+0x3f6/0x520
[  611.635330][ T6001]  wb_writeback+0x419/0xb70
[  611.635394][ T6001]  ? __pfx_wb_writeback+0x10/0x10
[  611.635452][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.635510][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.635553][ T6001]  ? mark_held_locks+0x49/0x80
[  611.635603][ T6001]  wb_workfn+0x14d/0xbe0
[  611.635662][ T6001]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  611.635718][ T6001]  ? __pfx_wb_workfn+0x10/0x10
[  611.635776][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.635824][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.635872][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.635914][ T6001]  ? rcu_is_watching+0x12/0xc0
[  611.635979][ T6001]  process_one_work+0x9cf/0x1b70
[  611.636053][ T6001]  ? __pfx_process_one_work+0x10/0x10
[  611.636103][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.636159][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.636201][ T6001]  ? assign_work+0x1a0/0x250
[  611.636253][ T6001]  worker_thread+0x6c8/0xf10
[  611.636314][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.636359][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.636401][ T6001]  ? __kthread_parkme+0x19e/0x250
[  611.636446][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.636492][ T6001]  ? __pfx_worker_thread+0x10/0x10
[  611.636543][ T6001]  kthread+0x3c5/0x780
[  611.636590][ T6001]  ? __pfx_kthread+0x10/0x10
[  611.636637][ T6001]  ? srso_alias_return_thunk+0x5/0xfbef5
[  611.636681][ T6001]  ? rcu_is_watching+0x12/0xc0
[  611.636738][ T6001]  ? __pfx_kthread+0x10/0x10
[  611.636786][ T6001]  ret_from_fork+0x56d/0x730
[  611.636827][ T6001]  ? __pfx_kthread+0x10/0x10
[  611.636875][ T6001]  ret_from_fork_asm+0x1a/0x30
[  611.636955][ T6001]  </TASK>
[  611.636969][ T6001] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  611.964065][ T9033] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters
[  612.131018][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  612.131811][ T8808] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  612.323905][ T8844] batman_adv: batadv0: Adding interface: batadv_slave_0
[  612.552749][ T8844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  613.382750][ T8844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  613.412745][ T1311] hsr_slave_0: left promiscuous mode
[  613.516267][ T1311] hsr_slave_1: left promiscuous mode
[  613.534849][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_0
[  613.580638][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_1
[  613.647187][ T1311] hsr_slave_0: left promiscuous mode
[  613.659771][ T1311] hsr_slave_1: left promiscuous mode
[  613.688256][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_0
[  613.721965][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_1
[  613.768426][ T1311] hsr_slave_0: left promiscuous mode
[  613.778333][ T1311] hsr_slave_1: left promiscuous mode
[  613.784618][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_0
[  613.818145][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_1
[  615.067338][ T9060] loop2: detected capacity change from 0 to 512
[  615.146608][ T9060] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  615.159570][ T9060] ext4 filesystem being mounted at /161/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  615.248980][ T1311] team0 (unregistering): Port device team_slave_1 removed
[  615.288831][ T9059] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  615.409392][ T1311] team0 (unregistering): Port device team_slave_0 removed
[  616.529768][ T9079] overlayfs: failed to resolve './file0': -2
[  616.820853][ T9082] loop1: detected capacity change from 0 to 2048
[  616.844636][ T9082] NILFS (loop1): invalid segment: Inconsistency found
[  616.851462][ T9082] NILFS (loop1): trying rollback from an earlier position
[  617.606192][ T9082] NILFS (loop1): recovery complete
[  617.623164][ T9085] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  618.939943][ T1311] team0 (unregistering): Port device team_slave_1 removed
[  619.339401][ T1311] team0 (unregistering): Port device team_slave_0 removed
[  619.826976][ T9096] loop3: detected capacity change from 0 to 512
[  619.845185][ T9096] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.538: bad orphan inode 13
[  619.967725][ T9096] ext4_test_bit(bit=12, block=4) = 1
[  620.105849][ T9096] is_bad_inode(inode)=0
[  620.141337][ T9096] NEXT_ORPHAN(inode)=0
[  620.170725][ T9096] max_ino=32
[  620.214553][ T9096] i_nlink=1
[  620.367256][ T9096] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  622.585565][ T9098] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1286: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters
[  622.626178][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  622.710047][ T1311] team0 (unregistering): Port device team_slave_1 removed
[  622.756990][ T1311] team0 (unregistering): Port device team_slave_0 removed
[  622.861330][ T9109] loop1: detected capacity change from 0 to 40427
[  622.876913][ T9109] F2FS-fs (loop1): invalid crc value
[  622.964497][ T9109] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  622.974231][ T9109] F2FS-fs (loop1): Start checkpoint disabled!
[  622.986848][ T9109] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  623.003538][ T9109] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  623.390693][   T30] audit: type=1800 audit(1759855956.538:52): pid=9109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.540" name="file1" dev="loop1" ino=10 res=0 errno=0
[  624.282818][   T30] audit: type=1804 audit(1759855956.548:53): pid=9109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.540" name="/newroot/183/file1/file1" dev="loop1" ino=10 res=1 errno=0
[  624.332210][   T36] kworker/u8:2: attempt to access beyond end of device
[  624.332210][   T36] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  624.512723][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) 
[  624.512770][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  624.512794][   T36] Workqueue: writeback wb_workfn (flush-7:1)
[  624.512858][   T36] Call Trace:
[  624.512869][   T36]  <TASK>
[  624.512881][   T36]  dump_stack_lvl+0x16c/0x1f0
[  624.512937][   T36]  f2fs_handle_critical_error+0x624/0x9f0
[  624.512983][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.513027][   T36]  ? f2fs_build_fault_attr+0x53/0x1f0
[  624.513071][   T36]  f2fs_write_end_io+0x958/0xcf0
[  624.513121][   T36]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  624.513172][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.513224][   T36]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  624.513269][   T36]  bio_endio+0x713/0x860
[  624.513324][   T36]  submit_bio_noacct+0x306/0x1f60
[  624.513375][   T36]  __submit_merged_bio+0x33c/0x770
[  624.513426][   T36]  __submit_merged_write_cond+0x319/0x3f0
[  624.513484][   T36]  f2fs_write_cache_pages+0x2067/0x2570
[  624.513572][   T36]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  624.513630][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.513674][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.513716][   T36]  ? find_held_lock+0x2b/0x80
[  624.513774][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.513820][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.513863][   T36]  ? do_raw_spin_unlock+0x172/0x230
[  624.513930][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.513972][   T36]  ? f2fs_available_free_memory+0x279/0xa30
[  624.514102][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.514152][   T36]  f2fs_write_data_pages+0x4ad/0xd90
[  624.514213][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  624.514276][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.514319][   T36]  ? __lock_acquire+0xb97/0x1ce0
[  624.514363][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  624.514418][   T36]  do_writepages+0x27a/0x600
[  624.514467][   T36]  ? __pfx_do_writepages+0x10/0x10
[  624.514513][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.514556][   T36]  ? reacquire_held_locks+0xcd/0x1f0
[  624.514598][   T36]  ? writeback_sb_inodes+0x3b0/0xfa0
[  624.514656][   T36]  __writeback_single_inode+0x160/0xfb0
[  624.514712][   T36]  ? __pfx___writeback_single_inode+0x10/0x10
[  624.514763][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.514806][   T36]  ? do_raw_spin_unlock+0x172/0x230
[  624.514857][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.514906][   T36]  writeback_sb_inodes+0x60d/0xfa0
[  624.514980][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  624.515029][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.515072][   T36]  ? find_held_lock+0x2b/0x80
[  624.515187][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.515230][   T36]  ? rcu_is_watching+0x12/0xc0
[  624.515285][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.515326][   T36]  ? queue_io+0x3f6/0x520
[  624.515373][   T36]  wb_writeback+0x419/0xb70
[  624.515433][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  624.515480][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.515546][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.515586][   T36]  ? mark_held_locks+0x49/0x80
[  624.515627][   T36]  wb_workfn+0x14d/0xbe0
[  624.515671][   T36]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  624.515710][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  624.515753][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.515789][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.515825][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.515857][   T36]  ? rcu_is_watching+0x12/0xc0
[  624.515905][   T36]  process_one_work+0x9cf/0x1b70
[  624.515958][   T36]  ? __pfx_process_one_work+0x10/0x10
[  624.515996][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.516036][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.516068][   T36]  ? assign_work+0x1a0/0x250
[  624.516107][   T36]  worker_thread+0x6c8/0xf10
[  624.516160][   T36]  ? __pfx_worker_thread+0x10/0x10
[  624.516198][   T36]  kthread+0x3c5/0x780
[  624.516232][   T36]  ? __pfx_kthread+0x10/0x10
[  624.516269][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  624.516301][   T36]  ? rcu_is_watching+0x12/0xc0
[  624.516344][   T36]  ? __pfx_kthread+0x10/0x10
[  624.516380][   T36]  ret_from_fork+0x56d/0x730
[  624.516411][   T36]  ? __pfx_kthread+0x10/0x10
[  624.516446][   T36]  ret_from_fork_asm+0x1a/0x30
[  624.516508][   T36]  </TASK>
[  624.517486][   T36] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  625.051953][ T8844] batman_adv: batadv0: Adding interface: batadv_slave_1
[  625.074857][ T8844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  625.105017][ T8844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  625.278068][ T8808] team0: Port device team_slave_0 added
[  625.289728][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  625.302515][ T8808] team0: Port device team_slave_1 added
[  625.496905][ T8844] hsr_slave_0: entered promiscuous mode
[  625.566548][ T8844] hsr_slave_1: entered promiscuous mode
[  626.649742][ T8808] batman_adv: batadv0: Adding interface: batadv_slave_0
[  626.679996][ T8808] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  626.763268][ T8808] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  627.198020][ T9143] loop3: detected capacity change from 0 to 512
[  627.927084][ T9143] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  628.933100][ T9143] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0002]
[  628.933617][ T8808] batman_adv: batadv0: Adding interface: batadv_slave_1
[  628.941302][ T9143] EXT4-fs (loop3): orphan cleanup on readonly fs
[  628.959793][ T9143] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm syz.3.546: bg 0: block 361: padding at end of block bitmap is not set
[  629.912944][ T9143] EXT4-fs (loop3): Remounting filesystem read-only
[  629.921879][ T9143] EXT4-fs (loop3): 1 truncate cleaned up
[  629.951025][ T8808] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  630.000253][ T9143] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  630.400117][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  630.600990][ T8808] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  632.232735][  T909] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  632.607264][ T9169] loop1: detected capacity change from 0 to 2048
[  632.681551][ T9169] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  632.714038][ T8919] chnl_net:caif_netlink_parms(): no params data found
[  632.747262][ T9169] ext4 filesystem being mounted at /188/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  632.794355][  T909] usb 4-1: Using ep0 maxpacket: 8
[  632.814687][  T909] usb 4-1: config 252 has 0 interfaces, different from the descriptor's value: 1
[  632.832688][  T909] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  632.849338][  T909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.728719][ T9184] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm syz.1.552: bg 0: block 345: padding at end of block bitmap is not set
[  633.793590][ T9184] EXT4-fs (loop1): Remounting filesystem read-only
[  633.814444][   T36] EXT4-fs warning (device loop1): ext4_convert_unwritten_extents:4980: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  633.858995][ T8808] hsr_slave_0: entered promiscuous mode
[  633.884269][ T8808] hsr_slave_1: entered promiscuous mode
[  633.907227][ T8808] debugfs: 'hsr0' already exists in 'hsr'
[  633.920410][ T8808] Cannot create hsr debugfs directory
[  633.943243][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  633.949618][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  634.037730][ T5844] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  634.690081][ T5947] usb 4-1: USB disconnect, device number 16
[  635.889530][ T9216] loop2: detected capacity change from 0 to 512
[  636.714478][ T9216] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  637.657279][ T9216] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e12c, mo2=0002]
[  637.665509][ T9216] EXT4-fs (loop2): orphan cleanup on readonly fs
[  638.418836][ T9216] EXT4-fs error (device loop2): ext4_validate_block_bitmap:440: comm syz.2.557: bg 0: block 361: padding at end of block bitmap is not set
[  638.445842][ T9216] EXT4-fs (loop2): Remounting filesystem read-only
[  638.456924][ T9216] EXT4-fs (loop2): 1 truncate cleaned up
[  638.464783][ T9216] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  638.944900][ T5846] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  639.117772][ T8919] bridge0: port 1(bridge_slave_0) entered blocking state
[  639.132909][ T8919] bridge0: port 1(bridge_slave_0) entered disabled state
[  639.167399][ T8919] bridge_slave_0: entered allmulticast mode
[  639.207321][ T8919] bridge_slave_0: entered promiscuous mode
[  639.265282][ T5864] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  639.281492][ T5864] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  639.322995][ T5864] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  639.357692][ T5864] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  639.374625][ T5864] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  639.388158][ T8919] bridge0: port 2(bridge_slave_1) entered blocking state
[  639.405263][ T8919] bridge0: port 2(bridge_slave_1) entered disabled state
[  639.441900][ T8919] bridge_slave_1: entered allmulticast mode
[  639.461410][ T8919] bridge_slave_1: entered promiscuous mode
[  639.607871][ T8919] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  639.678860][ T8919] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  639.850483][ T8919] team0: Port device team_slave_0 added
[  639.930988][ T8919] team0: Port device team_slave_1 added
[  640.182366][ T8919] batman_adv: batadv0: Adding interface: batadv_slave_0
[  640.201056][ T8919] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  640.259594][ T8919] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  640.275705][ T9240] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  640.571708][ T8919] batman_adv: batadv0: Adding interface: batadv_slave_1
[  640.607307][ T8919] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  640.752766][ T8919] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  640.870345][ T1311] bridge_slave_1: left allmulticast mode
[  641.056844][ T1311] bridge_slave_1: left promiscuous mode
[  641.148998][ T1311] bridge0: port 2(bridge_slave_1) entered disabled state
[  641.580860][ T8811] Bluetooth: hci3: command tx timeout
[  641.866987][ T1311] bridge_slave_0: left allmulticast mode
[  641.888283][ T1311] bridge_slave_0: left promiscuous mode
[  641.931871][ T1311] bridge0: port 1(bridge_slave_0) entered disabled state
[  642.213089][ T6029] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  642.242084][ T1311] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  642.283897][ T5864] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  642.298276][ T5864] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  642.298701][ T1311] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  642.308688][ T5864] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  642.325777][ T5864] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  642.333700][ T5864] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  642.385899][ T6029] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  642.386071][ T1311] bond0 (unregistering): Released all slaves
[  642.403132][ T6029] usb 2-1: config 0 has no interface number 0
[  642.409248][ T6029] usb 2-1: config 0 interface 184 has no altsetting 0
[  642.435452][ T6029] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  642.452675][ T6029] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  642.460710][ T6029] usb 2-1: Product: syz
[  642.465204][ T6029] usb 2-1: Manufacturer: syz
[  642.470088][ T6029] usb 2-1: SerialNumber: syz
[  642.481777][ T6029] usb 2-1: config 0 descriptor??
[  642.490367][ T6029] smsc75xx v1.0.0
[  642.494516][ T6029] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  642.505268][ T6029] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -22
[  642.735287][ T9250] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  642.794087][ T9250] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  642.808466][ T1311] hsr_slave_0: left promiscuous mode
[  643.632406][ T5864] Bluetooth: hci3: command tx timeout
[  643.710398][ T1311] hsr_slave_1: left promiscuous mode
[  643.716743][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_0
[  643.729722][ T1311] batman_adv: batadv0: Removing interface: batadv_slave_1
[  643.899790][ T1311] team0 (unregistering): Port device team_slave_1 removed
[  643.958860][ T1311] team0 (unregistering): Port device team_slave_0 removed
[  643.982676][   T24] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  643.988757][ T9269] loop3: detected capacity change from 0 to 2048
[  644.060239][ T9269] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  644.074771][ T9269] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  644.145673][   T24] usb 3-1: Using ep0 maxpacket: 8
[  644.159095][   T24] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  644.169771][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  644.211886][   T24] pvrusb2: Hardware description: Terratec Grabster AV400
[  644.219625][   T24] pvrusb2: **********
[  644.223909][   T24] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  644.234284][   T24] pvrusb2: Important functionality might not be entirely working.
[  644.242196][   T24] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  644.253704][   T24] pvrusb2: **********
[  644.365118][ T9276] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm syz.3.566: bg 0: block 345: padding at end of block bitmap is not set
[  644.413009][ T5864] Bluetooth: hci5: command tx timeout
[  644.413423][ T9276] EXT4-fs (loop3): Remounting filesystem read-only
[  644.442384][ T2339] pvrusb2: Invalid write control endpoint
[  644.458706][   T36] EXT4-fs warning (device loop3): ext4_convert_unwritten_extents:4980: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  644.484801][ T8919] hsr_slave_0: entered promiscuous mode
[  644.508640][ T8919] hsr_slave_1: entered promiscuous mode
[  644.528437][ T8919] debugfs: 'hsr0' already exists in 'hsr'
[  644.539130][ T8919] Cannot create hsr debugfs directory
[  644.558910][ T2339] pvrusb2: Invalid write control endpoint
[  644.568208][ T2339] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  644.585455][ T2339] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  644.594229][ T2339] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  644.606277][ T2339] pvrusb2: Device being rendered inoperable
[  644.612359][ T2339] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  644.619979][ T2339] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  644.633730][ T2339] pvrusb2: Attached sub-driver cx25840
[  644.634828][  T976] usb 3-1: USB disconnect, device number 10
[  644.639275][ T2339] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  644.657361][ T2339] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  644.775357][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  644.944811][ T6029] usb 2-1: USB disconnect, device number 12
[  645.448557][ T9223] chnl_net:caif_netlink_parms(): no params data found
[  645.730437][ T5864] Bluetooth: hci3: command tx timeout
[  646.598525][ T5864] Bluetooth: hci5: command tx timeout
[  646.739953][ T9299] loop3: detected capacity change from 0 to 512
[  646.959959][ T9299] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  646.972880][ T9299] ext4 filesystem being mounted at /177/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  647.045337][ T9300] loop1: detected capacity change from 0 to 512
[  647.102238][ T9298] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  647.187980][ T9300] EXT4-fs error (device loop1): ext4_validate_block_bitmap:440: comm syz.1.568: bg 0: block 393: padding at end of block bitmap is not set
[  647.203136][ T9300] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  647.213193][ T9300] EXT4-fs (loop1): 2 truncates cleaned up
[  647.221189][ T9300] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  647.451507][ T5855] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  647.797187][ T5864] Bluetooth: hci3: command tx timeout
[  648.653110][ T5864] Bluetooth: hci5: command tx timeout
[  649.197482][ T9315] loop3: detected capacity change from 0 to 512
[  649.746189][ T9223] bridge0: port 1(bridge_slave_0) entered blocking state
[  649.754811][ T9223] bridge0: port 1(bridge_slave_0) entered disabled state
[  649.762071][ T9223] bridge_slave_0: entered allmulticast mode
[  649.769879][ T9223] bridge_slave_0: entered promiscuous mode
[  649.875404][ T9315] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm syz.3.572: bg 0: block 393: padding at end of block bitmap is not set
[  649.932059][ T9315] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  650.733882][ T5864] Bluetooth: hci5: command tx timeout
[  650.770889][ T9315] EXT4-fs (loop3): 2 truncates cleaned up
[  650.842785][ T9315] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  651.007136][ T9223] bridge0: port 2(bridge_slave_1) entered blocking state
[  651.671699][ T9223] bridge0: port 2(bridge_slave_1) entered disabled state
[  651.917084][ T9319] loop2: detected capacity change from 0 to 32768
[  651.938630][ T9223] bridge_slave_1: entered allmulticast mode
[  651.952415][ T9319] 
[  651.952415][ T9319]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  651.952415][ T9319] 
[  651.971830][   T30] audit: type=1800 audit(1759855985.378:54): pid=9319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.573" name="file1" dev="loop2" ino=4 res=0 errno=0
[  652.526118][ T9223] bridge_slave_1: entered promiscuous mode
[  652.648600][ T5970] 
[  652.648600][ T5970]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  652.648600][ T5970] 
[  652.686802][ T5970] 
[  652.686802][ T5970]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  652.686802][ T5970] 
[  652.750273][ T5970] 
[  652.750273][ T5970]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  652.750273][ T5970] 
[  652.774153][ T5846] 
[  652.774153][ T5846]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  652.774153][ T5846] 
[  652.812188][ T5846] 
[  652.812188][ T5846]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  652.812188][ T5846] 
[  652.882746][  T111] ==================================================================
[  652.890844][  T111] BUG: KASAN: slab-use-after-free in __mutex_lock+0xe87/0x1060
[  652.898424][  T111] Read of size 8 at addr ffff88801ea93908 by task jfsCommit/111
[  652.906061][  T111] 
[  652.908394][  T111] CPU: 0 UID: 0 PID: 111 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  652.908439][  T111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  652.908462][  T111] Call Trace:
[  652.908473][  T111]  <TASK>
[  652.908486][  T111]  dump_stack_lvl+0x116/0x1f0
[  652.908541][  T111]  print_report+0xcd/0x630
[  652.908586][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.908631][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.908674][  T111]  ? __phys_addr+0xe8/0x180
[  652.908712][  T111]  ? __mutex_lock+0xe87/0x1060
[  652.908763][  T111]  kasan_report+0xe0/0x110
[  652.908803][  T111]  ? __mutex_lock+0xe87/0x1060
[  652.908860][  T111]  ? jfs_syncpt+0x2a/0xa0
[  652.908899][  T111]  __mutex_lock+0xe87/0x1060
[  652.908957][  T111]  ? jfs_syncpt+0x2a/0xa0
[  652.909002][  T111]  ? __pfx___mutex_lock+0x10/0x10
[  652.909060][  T111]  ? do_raw_spin_lock+0x12c/0x2b0
[  652.909115][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.909158][  T111]  ? find_held_lock+0x2b/0x80
[  652.909218][  T111]  ? jfs_syncpt+0x2a/0xa0
[  652.909256][  T111]  jfs_syncpt+0x2a/0xa0
[  652.909296][  T111]  txEnd+0x30a/0x5a0
[  652.909340][  T111]  jfs_lazycommit+0x783/0xb30
[  652.909392][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  652.909440][  T111]  ? __pfx_default_wake_function+0x10/0x10
[  652.909498][  T111]  ? lockdep_hardirqs_on+0x7c/0x110
[  652.909547][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.909596][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.909640][  T111]  ? __kthread_parkme+0x19e/0x250
[  652.909677][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  652.909725][  T111]  kthread+0x3c5/0x780
[  652.909769][  T111]  ? __pfx_kthread+0x10/0x10
[  652.909814][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  652.909856][  T111]  ? rcu_is_watching+0x12/0xc0
[  652.909913][  T111]  ? __pfx_kthread+0x10/0x10
[  652.909958][  T111]  ret_from_fork+0x56d/0x730
[  652.910000][  T111]  ? __pfx_kthread+0x10/0x10
[  652.910044][  T111]  ret_from_fork_asm+0x1a/0x30
[  652.910104][  T111]  </TASK>
[  652.910116][  T111] 
[  653.105399][  T111] Allocated by task 9319:
[  653.109724][  T111]  kasan_save_stack+0x33/0x60
[  653.114414][  T111]  kasan_save_track+0x14/0x30
[  653.119104][  T111]  __kasan_kmalloc+0xaa/0xb0
[  653.123706][  T111]  lmLogOpen+0x571/0x13c0
[  653.128048][  T111]  jfs_mount_rw+0x2e9/0x6f0
[  653.132566][  T111]  jfs_fill_super+0xc46/0x1040
[  653.137358][  T111]  get_tree_bdev_flags+0x38c/0x620
[  653.142477][  T111]  vfs_get_tree+0x8e/0x340
[  653.146928][  T111]  path_mount+0x7b9/0x23a0
[  653.151372][  T111]  __x64_sys_mount+0x293/0x310
[  653.156159][  T111]  do_syscall_64+0xcd/0x4e0
[  653.160691][  T111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.166596][  T111] 
[  653.168912][  T111] Freed by task 5846:
[  653.172885][  T111]  kasan_save_stack+0x33/0x60
[  653.177574][  T111]  kasan_save_track+0x14/0x30
[  653.182257][  T111]  __kasan_save_free_info+0x3b/0x60
[  653.187481][  T111]  __kasan_slab_free+0x5f/0x80
[  653.192261][  T111]  kfree+0x2b8/0x6d0
[  653.196179][  T111]  lmLogClose+0x585/0x710
[  653.200522][  T111]  jfs_umount+0x2f0/0x440
[  653.204859][  T111]  jfs_put_super+0x88/0x1d0
[  653.209390][  T111]  generic_shutdown_super+0x156/0x390
[  653.214791][  T111]  kill_block_super+0x3b/0x90
[  653.219516][  T111]  deactivate_locked_super+0xc1/0x1a0
[  653.224919][  T111]  deactivate_super+0xde/0x100
[  653.229712][  T111]  cleanup_mnt+0x225/0x450
[  653.234154][  T111]  task_work_run+0x150/0x240
[  653.238766][  T111]  exit_to_user_mode_loop+0xec/0x130
[  653.244081][  T111]  do_syscall_64+0x419/0x4e0
[  653.248700][  T111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.254609][  T111] 
[  653.256927][  T111] The buggy address belongs to the object at ffff88801ea93800
[  653.256927][  T111]  which belongs to the cache kmalloc-1k of size 1024
[  653.270988][  T111] The buggy address is located 264 bytes inside of
[  653.270988][  T111]  freed 1024-byte region [ffff88801ea93800, ffff88801ea93c00)
[  653.284906][  T111] 
[  653.287238][  T111] The buggy address belongs to the physical page:
[  653.293644][  T111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ea90
[  653.302507][  T111] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  653.311021][  T111] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  653.319022][  T111] page_type: f5(slab)
[  653.323022][  T111] raw: 00fff00000000040 ffff88801b026dc0 0000000000000000 dead000000000001
[  653.331616][  T111] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  653.340215][  T111] head: 00fff00000000040 ffff88801b026dc0 0000000000000000 dead000000000001
[  653.348901][  T111] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  653.357591][  T111] head: 00fff00000000003 ffffea00007aa401 00000000ffffffff 00000000ffffffff
[  653.366362][  T111] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  653.375038][  T111] page dumped because: kasan: bad access detected
[  653.381450][  T111] page_owner tracks the page as allocated
[  653.387157][  T111] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 1976261614, free_ts 0
[  653.406903][  T111]  post_alloc_hook+0x1c0/0x230
[  653.411705][  T111]  get_page_from_freelist+0x10a3/0x3a30
[  653.417284][  T111]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  653.423209][  T111]  alloc_pages_mpol+0x1fb/0x550
[  653.428077][  T111]  new_slab+0x24a/0x360
[  653.432338][  T111]  ___slab_alloc+0xdc4/0x1ae0
[  653.437037][  T111]  __slab_alloc.constprop.0+0x63/0x110
[  653.442522][  T111]  __kvmalloc_node_noprof+0x5aa/0x9c0
[  653.447912][  T111]  bucket_table_alloc.isra.0+0x88/0x460
[  653.453486][  T111]  rhashtable_init_noprof+0x41a/0x7e0
[  653.458893][  T111]  netlink_proto_init+0xbc/0x320
[  653.463856][  T111]  do_one_initcall+0x123/0x6e0
[  653.468664][  T111]  kernel_init_freeable+0x5c2/0x910
[  653.473887][  T111]  kernel_init+0x1c/0x2b0
[  653.478231][  T111]  ret_from_fork+0x56d/0x730
[  653.483283][  T111]  ret_from_fork_asm+0x1a/0x30
[  653.488087][  T111] page_owner free stack trace missing
[  653.493448][  T111] 
[  653.495763][  T111] Memory state around the buggy address:
[  653.501388][  T111]  ffff88801ea93800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  653.509457][  T111]  ffff88801ea93880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  653.517529][  T111] >ffff88801ea93900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  653.525683][  T111]                       ^
[  653.530109][  T111]  ffff88801ea93980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  653.538184][  T111]  ffff88801ea93a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  653.546265][  T111] ==================================================================
[  653.555788][  T111] Disabling lock debugging due to kernel taint
[  653.561949][  T111] ==================================================================
[  653.570094][  T111] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x26f/0x2b0
[  653.577940][  T111] Read of size 4 at addr ffff88801ea938c4 by task jfsCommit/111
[  653.585583][  T111] 
[  653.587919][  T111] CPU: 0 UID: 0 PID: 111 Comm: jfsCommit Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  653.587974][  T111] Tainted: [B]=BAD_PAGE
[  653.587987][  T111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  653.588009][  T111] Call Trace:
[  653.588022][  T111]  <TASK>
[  653.588035][  T111]  dump_stack_lvl+0x116/0x1f0
[  653.588092][  T111]  print_report+0xcd/0x630
[  653.588131][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  653.588177][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  653.588220][  T111]  ? __phys_addr+0xe8/0x180
[  653.588256][  T111]  ? do_raw_spin_lock+0x26f/0x2b0
[  653.588307][  T111]  kasan_report+0xe0/0x110
[  653.588347][  T111]  ? do_raw_spin_lock+0x26f/0x2b0
[  653.588402][  T111]  ? jfs_syncpt+0x2a/0xa0
[  653.588442][  T111]  do_raw_spin_lock+0x26f/0x2b0
[  653.588491][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  653.588535][  T111]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  653.588591][  T111]  ? lock_acquire+0x2cd/0x350
[  653.588633][  T111]  ? __mutex_lock+0xe87/0x1060
[  653.588689][  T111]  _raw_spin_lock_irqsave+0x42/0x60
[  653.588734][  T111]  ? __mutex_lock+0x851/0x1060
[  653.588786][  T111]  __mutex_lock+0x851/0x1060
[  653.588837][  T111]  ? jfs_syncpt+0x2a/0xa0
[  653.588882][  T111]  ? __pfx___mutex_lock+0x10/0x10
[  653.588935][  T111]  ? do_raw_spin_lock+0x12c/0x2b0
[  653.588989][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  653.589032][  T111]  ? find_held_lock+0x2b/0x80
[  653.589090][  T111]  ? jfs_syncpt+0x2a/0xa0
[  653.589130][  T111]  jfs_syncpt+0x2a/0xa0
[  653.589170][  T111]  txEnd+0x30a/0x5a0
[  653.589214][  T111]  jfs_lazycommit+0x783/0xb30
[  653.589265][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  653.589314][  T111]  ? __pfx_default_wake_function+0x10/0x10
[  653.589372][  T111]  ? lockdep_hardirqs_on+0x7c/0x110
[  653.589421][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  653.589465][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  653.589508][  T111]  ? __kthread_parkme+0x19e/0x250
[  653.589547][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  653.589598][  T111]  kthread+0x3c5/0x780
[  653.589643][  T111]  ? __pfx_kthread+0x10/0x10
[  653.589688][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  653.589731][  T111]  ? rcu_is_watching+0x12/0xc0
[  653.589789][  T111]  ? __pfx_kthread+0x10/0x10
[  653.589834][  T111]  ret_from_fork+0x56d/0x730
[  653.589876][  T111]  ? __pfx_kthread+0x10/0x10
[  653.589921][  T111]  ret_from_fork_asm+0x1a/0x30
[  653.589980][  T111]  </TASK>
[  653.589992][  T111] 
[  653.826181][  T111] Allocated by task 9319:
[  653.830510][  T111]  kasan_save_stack+0x33/0x60
[  653.835200][  T111]  kasan_save_track+0x14/0x30
[  653.839877][  T111]  __kasan_kmalloc+0xaa/0xb0
[  653.844521][  T111]  lmLogOpen+0x571/0x13c0
[  653.848863][  T111]  jfs_mount_rw+0x2e9/0x6f0
[  653.853367][  T111]  jfs_fill_super+0xc46/0x1040
[  653.858152][  T111]  get_tree_bdev_flags+0x38c/0x620
[  653.863264][  T111]  vfs_get_tree+0x8e/0x340
[  653.867695][  T111]  path_mount+0x7b9/0x23a0
[  653.872118][  T111]  __x64_sys_mount+0x293/0x310
[  653.876886][  T111]  do_syscall_64+0xcd/0x4e0
[  653.881410][  T111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.887318][  T111] 
[  653.889663][  T111] Freed by task 5846:
[  653.893629][  T111]  kasan_save_stack+0x33/0x60
[  653.898307][  T111]  kasan_save_track+0x14/0x30
[  653.902992][  T111]  __kasan_save_free_info+0x3b/0x60
[  653.908208][  T111]  __kasan_slab_free+0x5f/0x80
[  653.912973][  T111]  kfree+0x2b8/0x6d0
[  653.916876][  T111]  lmLogClose+0x585/0x710
[  653.921220][  T111]  jfs_umount+0x2f0/0x440
[  653.925550][  T111]  jfs_put_super+0x88/0x1d0
[  653.930081][  T111]  generic_shutdown_super+0x156/0x390
[  653.935471][  T111]  kill_block_super+0x3b/0x90
[  653.940161][  T111]  deactivate_locked_super+0xc1/0x1a0
[  653.945556][  T111]  deactivate_super+0xde/0x100
[  653.950338][  T111]  cleanup_mnt+0x225/0x450
[  653.954770][  T111]  task_work_run+0x150/0x240
[  653.959375][  T111]  exit_to_user_mode_loop+0xec/0x130
[  653.964680][  T111]  do_syscall_64+0x419/0x4e0
[  653.969285][  T111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.975178][  T111] 
[  653.977487][  T111] The buggy address belongs to the object at ffff88801ea93800
[  653.977487][  T111]  which belongs to the cache kmalloc-1k of size 1024
[  653.991540][  T111] The buggy address is located 196 bytes inside of
[  653.991540][  T111]  freed 1024-byte region [ffff88801ea93800, ffff88801ea93c00)
[  654.005590][  T111] 
[  654.007910][  T111] The buggy address belongs to the physical page:
[  654.014309][  T111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ea90
[  654.023066][  T111] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  654.031565][  T111] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  654.039542][  T111] page_type: f5(slab)
[  654.043524][  T111] raw: 00fff00000000040 ffff88801b026dc0 0000000000000000 dead000000000001
[  654.052110][  T111] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  654.060698][  T111] head: 00fff00000000040 ffff88801b026dc0 0000000000000000 dead000000000001
[  654.069376][  T111] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  654.078052][  T111] head: 00fff00000000003 ffffea00007aa401 00000000ffffffff 00000000ffffffff
[  654.086729][  T111] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  654.095396][  T111] page dumped because: kasan: bad access detected
[  654.101809][  T111] page_owner tracks the page as allocated
[  654.107519][  T111] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 1976261614, free_ts 0
[  654.127168][  T111]  post_alloc_hook+0x1c0/0x230
[  654.131965][  T111]  get_page_from_freelist+0x10a3/0x3a30
[  654.137537][  T111]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  654.143456][  T111]  alloc_pages_mpol+0x1fb/0x550
[  654.148319][  T111]  new_slab+0x24a/0x360
[  654.152487][  T111]  ___slab_alloc+0xdc4/0x1ae0
[  654.157177][  T111]  __slab_alloc.constprop.0+0x63/0x110
[  654.162655][  T111]  __kvmalloc_node_noprof+0x5aa/0x9c0
[  654.168033][  T111]  bucket_table_alloc.isra.0+0x88/0x460
[  654.173597][  T111]  rhashtable_init_noprof+0x41a/0x7e0
[  654.178985][  T111]  netlink_proto_init+0xbc/0x320
[  654.183932][  T111]  do_one_initcall+0x123/0x6e0
[  654.188709][  T111]  kernel_init_freeable+0x5c2/0x910
[  654.193926][  T111]  kernel_init+0x1c/0x2b0
[  654.198259][  T111]  ret_from_fork+0x56d/0x730
[  654.202854][  T111]  ret_from_fork_asm+0x1a/0x30
[  654.207635][  T111] page_owner free stack trace missing
[  654.212988][  T111] 
[  654.215295][  T111] Memory state around the buggy address:
[  654.220913][  T111]  ffff88801ea93780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  654.228981][  T111]  ffff88801ea93800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  654.237043][  T111] >ffff88801ea93880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  654.245184][  T111]                                            ^
[  654.251330][  T111]  ffff88801ea93900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  654.259392][  T111]  ffff88801ea93980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  654.267451][  T111] ==================================================================
[  654.275507][  T111] ==================================================================
[  654.283563][  T111] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x27f/0x2b0
[  654.291392][  T111] Read of size 8 at addr ffff88801ea938d0 by task jfsCommit/111
[  654.299112][  T111] 
[  654.301440][  T111] CPU: 0 UID: 0 PID: 111 Comm: jfsCommit Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  654.301488][  T111] Tainted: [B]=BAD_PAGE
[  654.301500][  T111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  654.301521][  T111] Call Trace:
[  654.301533][  T111]  <TASK>
[  654.301546][  T111]  dump_stack_lvl+0x116/0x1f0
[  654.301598][  T111]  print_report+0xcd/0x630
[  654.301635][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.301676][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.301715][  T111]  ? __phys_addr+0xe8/0x180
[  654.301748][  T111]  ? do_raw_spin_lock+0x27f/0x2b0
[  654.301793][  T111]  kasan_report+0xe0/0x110
[  654.301834][  T111]  ? do_raw_spin_lock+0x27f/0x2b0
[  654.301883][  T111]  ? jfs_syncpt+0x2a/0xa0
[  654.301919][  T111]  do_raw_spin_lock+0x27f/0x2b0
[  654.301964][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.302004][  T111]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  654.302049][  T111]  ? lock_acquire+0x2cd/0x350
[  654.302086][  T111]  ? __mutex_lock+0xe87/0x1060
[  654.302138][  T111]  _raw_spin_lock_irqsave+0x42/0x60
[  654.302178][  T111]  ? __mutex_lock+0x851/0x1060
[  654.302224][  T111]  __mutex_lock+0x851/0x1060
[  654.302271][  T111]  ? jfs_syncpt+0x2a/0xa0
[  654.302311][  T111]  ? __pfx___mutex_lock+0x10/0x10
[  654.302360][  T111]  ? do_raw_spin_lock+0x12c/0x2b0
[  654.302408][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.302448][  T111]  ? find_held_lock+0x2b/0x80
[  654.302500][  T111]  ? jfs_syncpt+0x2a/0xa0
[  654.302535][  T111]  jfs_syncpt+0x2a/0xa0
[  654.302572][  T111]  txEnd+0x30a/0x5a0
[  654.302615][  T111]  jfs_lazycommit+0x783/0xb30
[  654.302664][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  654.302707][  T111]  ? __pfx_default_wake_function+0x10/0x10
[  654.302759][  T111]  ? lockdep_hardirqs_on+0x7c/0x110
[  654.302804][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.302849][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.302888][  T111]  ? __kthread_parkme+0x19e/0x250
[  654.302923][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  654.302965][  T111]  kthread+0x3c5/0x780
[  654.303005][  T111]  ? __pfx_kthread+0x10/0x10
[  654.303046][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  654.303085][  T111]  ? rcu_is_watching+0x12/0xc0
[  654.303137][  T111]  ? __pfx_kthread+0x10/0x10
[  654.303177][  T111]  ret_from_fork+0x56d/0x730
[  654.303215][  T111]  ? __pfx_kthread+0x10/0x10
[  654.303256][  T111]  ret_from_fork_asm+0x1a/0x30
[  654.303310][  T111]  </TASK>
[  654.303321][  T111] 
[  654.539014][  T111] Allocated by task 9319:
[  654.543337][  T111]  kasan_save_stack+0x33/0x60
[  654.548021][  T111]  kasan_save_track+0x14/0x30
[  654.552703][  T111]  __kasan_kmalloc+0xaa/0xb0
[  654.557296][  T111]  lmLogOpen+0x571/0x13c0
[  654.561633][  T111]  jfs_mount_rw+0x2e9/0x6f0
[  654.566140][  T111]  jfs_fill_super+0xc46/0x1040
[  654.570924][  T111]  get_tree_bdev_flags+0x38c/0x620
[  654.576034][  T111]  vfs_get_tree+0x8e/0x340
[  654.580504][  T111]  path_mount+0x7b9/0x23a0
[  654.584929][  T111]  __x64_sys_mount+0x293/0x310
[  654.589700][  T111]  do_syscall_64+0xcd/0x4e0
[  654.594221][  T111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.600121][  T111] 
[  654.602432][  T111] Freed by task 5846:
[  654.606399][  T111]  kasan_save_stack+0x33/0x60
[  654.611081][  T111]  kasan_save_track+0x14/0x30
[  654.615756][  T111]  __kasan_save_free_info+0x3b/0x60
[  654.620975][  T111]  __kasan_slab_free+0x5f/0x80
[  654.625999][  T111]  kfree+0x2b8/0x6d0
[  654.629908][  T111]  lmLogClose+0x585/0x710
[  654.634329][  T111]  jfs_umount+0x2f0/0x440
[  654.638659][  T111]  jfs_put_super+0x88/0x1d0
[  654.643177][  T111]  generic_shutdown_super+0x156/0x390
[  654.648565][  T111]  kill_block_super+0x3b/0x90
[  654.653255][  T111]  deactivate_locked_super+0xc1/0x1a0
[  654.658646][  T111]  deactivate_super+0xde/0x100
[  654.663426][  T111]  cleanup_mnt+0x225/0x450
[  654.667861][  T111]  task_work_run+0x150/0x240
[  654.672483][  T111]  exit_to_user_mode_loop+0xec/0x130
[  654.677781][  T111]  do_syscall_64+0x419/0x4e0
[  654.682397][  T111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.688294][  T111] 
[  654.690606][  T111] The buggy address belongs to the object at ffff88801ea93800
[  654.690606][  T111]  which belongs to the cache kmalloc-1k of size 1024
[  654.704654][  T111] The buggy address is located 208 bytes inside of
[  654.704654][  T111]  freed 1024-byte region [ffff88801ea93800, ffff88801ea93c00)
[  654.718541][  T111] 
[  654.720855][  T111] The buggy address belongs to the physical page:
[  654.727253][  T111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ea90
[  654.736012][  T111] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  654.744506][  T111] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  654.752482][  T111] page_type: f5(slab)
[  654.756461][  T111] raw: 00fff00000000040 ffff88801b026dc0 0000000000000000 dead000000000001
[  654.765046][  T111] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  654.773634][  T111] head: 00fff00000000040 ffff88801b026dc0 0000000000000000 dead000000000001
[  654.782308][  T111] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  654.790989][  T111] head: 00fff00000000003 ffffea00007aa401 00000000ffffffff 00000000ffffffff
[  654.799668][  T111] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  654.808337][  T111] page dumped because: kasan: bad access detected
[  654.814738][  T111] page_owner tracks the page as allocated
[  654.820480][  T111] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 1976261614, free_ts 0
[  654.840127][  T111]  post_alloc_hook+0x1c0/0x230
[  654.844917][  T111]  get_page_from_freelist+0x10a3/0x3a30
[  654.850497][  T111]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  654.856412][  T111]  alloc_pages_mpol+0x1fb/0x550
[  654.861272][  T111]  new_slab+0x24a/0x360
[  654.865439][  T111]  ___slab_alloc+0xdc4/0x1ae0
[  654.870129][  T111]  __slab_alloc.constprop.0+0x63/0x110
[  654.875604][  T111]  __kvmalloc_node_noprof+0x5aa/0x9c0
[  654.881063][  T111]  bucket_table_alloc.isra.0+0x88/0x460
[  654.886628][  T111]  rhashtable_init_noprof+0x41a/0x7e0
[  654.892018][  T111]  netlink_proto_init+0xbc/0x320
[  654.896967][  T111]  do_one_initcall+0x123/0x6e0
[  654.901745][  T111]  kernel_init_freeable+0x5c2/0x910
[  654.906953][  T111]  kernel_init+0x1c/0x2b0
[  654.911287][  T111]  ret_from_fork+0x56d/0x730
[  654.915883][  T111]  ret_from_fork_asm+0x1a/0x30
[  654.920663][  T111] page_owner free stack trace missing
[  654.926016][  T111] 
[  654.928328][  T111] Memory state around the buggy address:
[  654.933947][  T111]  ffff88801ea93780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  654.942004][  T111]  ffff88801ea93800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  654.950060][  T111] >ffff88801ea93880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  654.958123][  T111]                                                  ^
[  654.964804][  T111]  ffff88801ea93900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  654.972869][  T111]  ffff88801ea93980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  654.980923][  T111] ==================================================================
[  654.989150][  T111] ==================================================================
[  654.997204][  T111] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x265/0x2b0
[  655.005031][  T111] Read of size 4 at addr ffff88801ea938c8 by task jfsCommit/111
[  655.012675][  T111] 
[  655.015011][  T111] CPU: 0 UID: 0 PID: 111 Comm: jfsCommit Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  655.015059][  T111] Tainted: [B]=BAD_PAGE
[  655.015071][  T111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  655.015092][  T111] Call Trace:
[  655.015104][  T111]  <TASK>
[  655.015116][  T111]  dump_stack_lvl+0x116/0x1f0
[  655.015169][  T111]  print_report+0xcd/0x630
[  655.015205][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.015245][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.015283][  T111]  ? __phys_addr+0xe8/0x180
[  655.015316][  T111]  ? do_raw_spin_lock+0x265/0x2b0
[  655.015361][  T111]  kasan_report+0xe0/0x110
[  655.015397][  T111]  ? do_raw_spin_lock+0x265/0x2b0
[  655.015445][  T111]  ? jfs_syncpt+0x2a/0xa0
[  655.015480][  T111]  do_raw_spin_lock+0x265/0x2b0
[  655.015524][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.015571][  T111]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  655.015615][  T111]  ? lock_acquire+0x2cd/0x350
[  655.015651][  T111]  ? __mutex_lock+0xe87/0x1060
[  655.015701][  T111]  _raw_spin_lock_irqsave+0x42/0x60
[  655.015740][  T111]  ? __mutex_lock+0x851/0x1060
[  655.015785][  T111]  __mutex_lock+0x851/0x1060
[  655.015831][  T111]  ? jfs_syncpt+0x2a/0xa0
[  655.015870][  T111]  ? __pfx___mutex_lock+0x10/0x10
[  655.015918][  T111]  ? do_raw_spin_lock+0x12c/0x2b0
[  655.015966][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.016004][  T111]  ? find_held_lock+0x2b/0x80
[  655.016055][  T111]  ? jfs_syncpt+0x2a/0xa0
[  655.016090][  T111]  jfs_syncpt+0x2a/0xa0
[  655.016126][  T111]  txEnd+0x30a/0x5a0
[  655.016164][  T111]  jfs_lazycommit+0x783/0xb30
[  655.016209][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  655.016252][  T111]  ? __pfx_default_wake_function+0x10/0x10
[  655.016302][  T111]  ? lockdep_hardirqs_on+0x7c/0x110
[  655.016345][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.016384][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.016423][  T111]  ? __kthread_parkme+0x19e/0x250
[  655.016456][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  655.016498][  T111]  kthread+0x3c5/0x780
[  655.016537][  T111]  ? __pfx_kthread+0x10/0x10
[  655.016584][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.016623][  T111]  ? rcu_is_watching+0x12/0xc0
[  655.016674][  T111]  ? __pfx_kthread+0x10/0x10
[  655.016715][  T111]  ret_from_fork+0x56d/0x730
[  655.016752][  T111]  ? __pfx_kthread+0x10/0x10
[  655.016792][  T111]  ret_from_fork_asm+0x1a/0x30
[  655.016847][  T111]  </TASK>
[  655.016857][  T111] 
[  655.252865][  T111] Allocated by task 9319:
[  655.257182][  T111]  kasan_save_stack+0x33/0x60
[  655.261862][  T111]  kasan_save_track+0x14/0x30
[  655.266550][  T111]  __kasan_kmalloc+0xaa/0xb0
[  655.271153][  T111]  lmLogOpen+0x571/0x13c0
[  655.275483][  T111]  jfs_mount_rw+0x2e9/0x6f0
[  655.279988][  T111]  jfs_fill_super+0xc46/0x1040
[  655.284769][  T111]  get_tree_bdev_flags+0x38c/0x620
[  655.289879][  T111]  vfs_get_tree+0x8e/0x340
[  655.294306][  T111]  path_mount+0x7b9/0x23a0
[  655.298730][  T111]  __x64_sys_mount+0x293/0x310
[  655.303497][  T111]  do_syscall_64+0xcd/0x4e0
[  655.308019][  T111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.313913][  T111] 
[  655.316221][  T111] Freed by task 5846:
[  655.320186][  T111]  kasan_save_stack+0x33/0x60
[  655.324880][  T111]  kasan_save_track+0x14/0x30
[  655.329566][  T111]  __kasan_save_free_info+0x3b/0x60
[  655.334782][  T111]  __kasan_slab_free+0x5f/0x80
[  655.339611][  T111]  kfree+0x2b8/0x6d0
[  655.343519][  T111]  lmLogClose+0x585/0x710
[  655.347860][  T111]  jfs_umount+0x2f0/0x440
[  655.352186][  T111]  jfs_put_super+0x88/0x1d0
[  655.356701][  T111]  generic_shutdown_super+0x156/0x390
[  655.362085][  T111]  kill_block_super+0x3b/0x90
[  655.366776][  T111]  deactivate_locked_super+0xc1/0x1a0
[  655.372170][  T111]  deactivate_super+0xde/0x100
[  655.376954][  T111]  cleanup_mnt+0x225/0x450
[  655.381913][  T111]  task_work_run+0x150/0x240
[  655.386512][  T111]  exit_to_user_mode_loop+0xec/0x130
[  655.391815][  T111]  do_syscall_64+0x419/0x4e0
[  655.396419][  T111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.402334][  T111] 
[  655.404646][  T111] The buggy address belongs to the object at ffff88801ea93800
[  655.404646][  T111]  which belongs to the cache kmalloc-1k of size 1024
[  655.418870][  T111] The buggy address is located 200 bytes inside of
[  655.418870][  T111]  freed 1024-byte region [ffff88801ea93800, ffff88801ea93c00)
[  655.432752][  T111] 
[  655.435062][  T111] The buggy address belongs to the physical page:
[  655.441460][  T111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ea90
[  655.450217][  T111] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  655.458710][  T111] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  655.466689][  T111] page_type: f5(slab)
[  655.470758][  T111] raw: 00fff00000000040 ffff88801b026dc0 0000000000000000 dead000000000001
[  655.479344][  T111] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  655.488020][  T111] head: 00fff00000000040 ffff88801b026dc0 0000000000000000 dead000000000001
[  655.496698][  T111] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  655.505376][  T111] head: 00fff00000000003 ffffea00007aa401 00000000ffffffff 00000000ffffffff
[  655.514050][  T111] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  655.522713][  T111] page dumped because: kasan: bad access detected
[  655.529124][  T111] page_owner tracks the page as allocated
[  655.534828][  T111] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 1976261614, free_ts 0
[  655.554473][  T111]  post_alloc_hook+0x1c0/0x230
[  655.559260][  T111]  get_page_from_freelist+0x10a3/0x3a30
[  655.564826][  T111]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  655.570738][  T111]  alloc_pages_mpol+0x1fb/0x550
[  655.575595][  T111]  new_slab+0x24a/0x360
[  655.579761][  T111]  ___slab_alloc+0xdc4/0x1ae0
[  655.584457][  T111]  __slab_alloc.constprop.0+0x63/0x110
[  655.589931][  T111]  __kvmalloc_node_noprof+0x5aa/0x9c0
[  655.595318][  T111]  bucket_table_alloc.isra.0+0x88/0x460
[  655.600898][  T111]  rhashtable_init_noprof+0x41a/0x7e0
[  655.606291][  T111]  netlink_proto_init+0xbc/0x320
[  655.611249][  T111]  do_one_initcall+0x123/0x6e0
[  655.616030][  T111]  kernel_init_freeable+0x5c2/0x910
[  655.621240][  T111]  kernel_init+0x1c/0x2b0
[  655.625574][  T111]  ret_from_fork+0x56d/0x730
[  655.630180][  T111]  ret_from_fork_asm+0x1a/0x30
[  655.634955][  T111] page_owner free stack trace missing
[  655.640309][  T111] 
[  655.642616][  T111] Memory state around the buggy address:
[  655.648234][  T111]  ffff88801ea93780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  655.656287][  T111]  ffff88801ea93800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  655.664341][  T111] >ffff88801ea93880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  655.672391][  T111]                                               ^
[  655.678962][  T111]  ffff88801ea93900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  655.687028][  T111]  ffff88801ea93980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  655.695087][  T111] ==================================================================
[  655.703130][  T111] ==================================================================
[  655.711177][  T111] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x11d/0x2b0
[  655.719001][  T111] Write of size 4 at addr ffff88801ea938c0 by task jfsCommit/111
[  655.726714][  T111] 
[  655.729034][  T111] CPU: 0 UID: 0 PID: 111 Comm: jfsCommit Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  655.729080][  T111] Tainted: [B]=BAD_PAGE
[  655.729093][  T111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  655.729113][  T111] Call Trace:
[  655.729124][  T111]  <TASK>
[  655.729136][  T111]  dump_stack_lvl+0x116/0x1f0
[  655.729187][  T111]  print_report+0xcd/0x630
[  655.729222][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.729263][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.729301][  T111]  ? __phys_addr+0xe8/0x180
[  655.729334][  T111]  ? do_raw_spin_lock+0x11d/0x2b0
[  655.729378][  T111]  kasan_report+0xe0/0x110
[  655.729415][  T111]  ? do_raw_spin_lock+0x11d/0x2b0
[  655.729465][  T111]  ? jfs_syncpt+0x2a/0xa0
[  655.729501][  T111]  kasan_check_range+0x100/0x1b0
[  655.729545][  T111]  do_raw_spin_lock+0x11d/0x2b0
[  655.729589][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.729629][  T111]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  655.729673][  T111]  ? lock_acquire+0x2cd/0x350
[  655.729711][  T111]  ? __mutex_lock+0xe87/0x1060
[  655.729761][  T111]  _raw_spin_lock_irqsave+0x42/0x60
[  655.729801][  T111]  ? __mutex_lock+0x851/0x1060
[  655.729853][  T111]  __mutex_lock+0x851/0x1060
[  655.729899][  T111]  ? jfs_syncpt+0x2a/0xa0
[  655.729940][  T111]  ? __pfx___mutex_lock+0x10/0x10
[  655.729988][  T111]  ? do_raw_spin_lock+0x12c/0x2b0
[  655.730036][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.730076][  T111]  ? find_held_lock+0x2b/0x80
[  655.730128][  T111]  ? jfs_syncpt+0x2a/0xa0
[  655.730163][  T111]  jfs_syncpt+0x2a/0xa0
[  655.730201][  T111]  txEnd+0x30a/0x5a0
[  655.730240][  T111]  jfs_lazycommit+0x783/0xb30
[  655.730286][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  655.730330][  T111]  ? __pfx_default_wake_function+0x10/0x10
[  655.730381][  T111]  ? lockdep_hardirqs_on+0x7c/0x110
[  655.730426][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.730465][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.730504][  T111]  ? __kthread_parkme+0x19e/0x250
[  655.730539][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  655.730581][  T111]  kthread+0x3c5/0x780
[  655.730621][  T111]  ? __pfx_kthread+0x10/0x10
[  655.730662][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  655.730701][  T111]  ? rcu_is_watching+0x12/0xc0
[  655.730753][  T111]  ? __pfx_kthread+0x10/0x10
[  655.730794][  T111]  ret_from_fork+0x56d/0x730
[  655.730837][  T111]  ? __pfx_kthread+0x10/0x10
[  655.730877][  T111]  ret_from_fork_asm+0x1a/0x30
[  655.730931][  T111]  </TASK>
[  655.730942][  T111] 
[  655.972459][  T111] Allocated by task 9319:
[  655.976796][  T111]  kasan_save_stack+0x33/0x60
[  655.981489][  T111]  kasan_save_track+0x14/0x30
[  655.986163][  T111]  __kasan_kmalloc+0xaa/0xb0
[  655.990749][  T111]  lmLogOpen+0x571/0x13c0
[  655.995081][  T111]  jfs_mount_rw+0x2e9/0x6f0
[  655.999587][  T111]  jfs_fill_super+0xc46/0x1040
[  656.004373][  T111]  get_tree_bdev_flags+0x38c/0x620
[  656.009515][  T111]  vfs_get_tree+0x8e/0x340
[  656.013956][  T111]  path_mount+0x7b9/0x23a0
[  656.018378][  T111]  __x64_sys_mount+0x293/0x310
[  656.023152][  T111]  do_syscall_64+0xcd/0x4e0
[  656.027671][  T111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  656.033574][  T111] 
[  656.035887][  T111] Freed by task 5846:
[  656.039854][  T111]  kasan_save_stack+0x33/0x60
[  656.044533][  T111]  kasan_save_track+0x14/0x30
[  656.049209][  T111]  __kasan_save_free_info+0x3b/0x60
[  656.054417][  T111]  __kasan_slab_free+0x5f/0x80
[  656.059187][  T111]  kfree+0x2b8/0x6d0
[  656.063089][  T111]  lmLogClose+0x585/0x710
[  656.067426][  T111]  jfs_umount+0x2f0/0x440
[  656.071764][  T111]  jfs_put_super+0x88/0x1d0
[  656.076278][  T111]  generic_shutdown_super+0x156/0x390
[  656.081663][  T111]  kill_block_super+0x3b/0x90
[  656.086352][  T111]  deactivate_locked_super+0xc1/0x1a0
[  656.091740][  T111]  deactivate_super+0xde/0x100
[  656.096517][  T111]  cleanup_mnt+0x225/0x450
[  656.100957][  T111]  task_work_run+0x150/0x240
[  656.105558][  T111]  exit_to_user_mode_loop+0xec/0x130
[  656.110854][  T111]  do_syscall_64+0x419/0x4e0
[  656.115458][  T111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  656.121350][  T111] 
[  656.123661][  T111] The buggy address belongs to the object at ffff88801ea93800
[  656.123661][  T111]  which belongs to the cache kmalloc-1k of size 1024
[  656.137797][  T111] The buggy address is located 192 bytes inside of
[  656.137797][  T111]  freed 1024-byte region [ffff88801ea93800, ffff88801ea93c00)
[  656.151685][  T111] 
[  656.154004][  T111] The buggy address belongs to the physical page:
[  656.160405][  T111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1ea90
[  656.169272][  T111] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  656.177778][  T111] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  656.185757][  T111] page_type: f5(slab)
[  656.189742][  T111] raw: 00fff00000000040 ffff88801b026dc0 0000000000000000 dead000000000001
[  656.198326][  T111] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  656.206930][  T111] head: 00fff00000000040 ffff88801b026dc0 0000000000000000 dead000000000001
[  656.215607][  T111] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  656.224287][  T111] head: 00fff00000000003 ffffea00007aa401 00000000ffffffff 00000000ffffffff
[  656.232968][  T111] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  656.241636][  T111] page dumped because: kasan: bad access detected
[  656.248045][  T111] page_owner tracks the page as allocated
[  656.253753][  T111] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 1976261614, free_ts 0
[  656.273441][  T111]  post_alloc_hook+0x1c0/0x230
[  656.278234][  T111]  get_page_from_freelist+0x10a3/0x3a30
[  656.283802][  T111]  __alloc_frozen_pages_noprof+0x25f/0x2470
[  656.289719][  T111]  alloc_pages_mpol+0x1fb/0x550
[  656.294585][  T111]  new_slab+0x24a/0x360
[  656.298762][  T111]  ___slab_alloc+0xdc4/0x1ae0
[  656.303454][  T111]  __slab_alloc.constprop.0+0x63/0x110
[  656.308933][  T111]  __kvmalloc_node_noprof+0x5aa/0x9c0
[  656.314310][  T111]  bucket_table_alloc.isra.0+0x88/0x460
[  656.319879][  T111]  rhashtable_init_noprof+0x41a/0x7e0
[  656.325269][  T111]  netlink_proto_init+0xbc/0x320
[  656.330222][  T111]  do_one_initcall+0x123/0x6e0
[  656.335000][  T111]  kernel_init_freeable+0x5c2/0x910
[  656.340212][  T111]  kernel_init+0x1c/0x2b0
[  656.344547][  T111]  ret_from_fork+0x56d/0x730
[  656.349150][  T111]  ret_from_fork_asm+0x1a/0x30
[  656.353937][  T111] page_owner free stack trace missing
[  656.359296][  T111] 
[  656.361607][  T111] Memory state around the buggy address:
[  656.367225][  T111]  ffff88801ea93780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  656.375286][  T111]  ffff88801ea93800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  656.383344][  T111] >ffff88801ea93880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  656.391395][  T111]                                            ^
[  656.397542][  T111]  ffff88801ea93900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  656.405618][  T111]  ffff88801ea93980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  656.413670][  T111] ==================================================================
[  656.421722][  T111] Kernel panic - not syncing: kasan.fault=panic_on_write set ...
[  656.429530][  T111] CPU: 0 UID: 0 PID: 111 Comm: jfsCommit Tainted: G    B               syzkaller #0 PREEMPT(full) 
[  656.440403][  T111] Tainted: [B]=BAD_PAGE
[  656.444545][  T111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  656.454607][  T111] Call Trace:
[  656.457879][  T111]  <TASK>
[  656.460799][  T111]  dump_stack_lvl+0x3d/0x1f0
[  656.465413][  T111]  vpanic+0x640/0x6f0
[  656.469409][  T111]  panic+0xca/0xd0
[  656.473142][  T111]  ? __pfx_panic+0x10/0x10
[  656.477605][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  656.483424][  T111]  ? rcu_is_watching+0x12/0xc0
[  656.488219][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  656.493871][  T111]  ? lock_release+0x201/0x2f0
[  656.498566][  T111]  ? print_report+0x2bd/0x630
[  656.503249][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  656.508898][  T111]  end_report+0x159/0x170
[  656.513238][  T111]  kasan_report+0xee/0x110
[  656.517662][  T111]  ? do_raw_spin_lock+0x11d/0x2b0
[  656.522794][  T111]  ? jfs_syncpt+0x2a/0xa0
[  656.527133][  T111]  kasan_check_range+0x100/0x1b0
[  656.532101][  T111]  do_raw_spin_lock+0x11d/0x2b0
[  656.536973][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  656.542683][  T111]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  656.548082][  T111]  ? lock_acquire+0x2cd/0x350
[  656.552788][  T111]  ? __mutex_lock+0xe87/0x1060
[  656.557622][  T111]  _raw_spin_lock_irqsave+0x42/0x60
[  656.562836][  T111]  ? __mutex_lock+0x851/0x1060
[  656.567630][  T111]  __mutex_lock+0x851/0x1060
[  656.572241][  T111]  ? jfs_syncpt+0x2a/0xa0
[  656.576587][  T111]  ? __pfx___mutex_lock+0x10/0x10
[  656.581634][  T111]  ? do_raw_spin_lock+0x12c/0x2b0
[  656.586681][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  656.592326][  T111]  ? find_held_lock+0x2b/0x80
[  656.597028][  T111]  ? jfs_syncpt+0x2a/0xa0
[  656.601367][  T111]  jfs_syncpt+0x2a/0xa0
[  656.605537][  T111]  txEnd+0x30a/0x5a0
[  656.609444][  T111]  jfs_lazycommit+0x783/0xb30
[  656.614142][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  656.619359][  T111]  ? __pfx_default_wake_function+0x10/0x10
[  656.625190][  T111]  ? lockdep_hardirqs_on+0x7c/0x110
[  656.630406][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  656.636053][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  656.641702][  T111]  ? __kthread_parkme+0x19e/0x250
[  656.646739][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  656.651962][  T111]  kthread+0x3c5/0x780
[  656.656045][  T111]  ? __pfx_kthread+0x10/0x10
[  656.660653][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  656.666294][  T111]  ? rcu_is_watching+0x12/0xc0
[  656.671080][  T111]  ? __pfx_kthread+0x10/0x10
[  656.675680][  T111]  ret_from_fork+0x56d/0x730
[  656.680284][  T111]  ? __pfx_kthread+0x10/0x10
[  656.684889][  T111]  ret_from_fork_asm+0x1a/0x30
[  656.689678][  T111]  </TASK>
[  656.692926][  T111] Kernel Offset: disabled
[  656.697238][  T111] Rebooting in 86400 seconds..