last executing test programs:

5m55.567179693s ago: executing program 3 (id=27):
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x14, 0x4, 0x4, 0x22}, 0x50)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x70d31000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r6, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @loopback, 0x18000}, {0xa, 0x0, 0xfffffffd, @dev, 0x4}, 0x0, {[0xe, 0xfffffffd, 0x0, 0xfffffef9, 0x0, 0x1, 0x8]}}, 0x5c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r1, 0x0, &(0x7f00000004c0)=@udp=r2}, 0x20)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r7, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000200))
keyctl$KEYCTL_MOVE(0x1e, r0, 0xfffffffffffffffd, r0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x48, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5m53.819421174s ago: executing program 3 (id=29):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00'})
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f00000001c0), 0x428480, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, 0x0, 0x24000000)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xb}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x2c, 0xd, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, 0x0, 0x0)

5m52.700393211s ago: executing program 3 (id=30):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x18, &(0x7f00000000c0)=0x3ff, 0x4)
mmap(&(0x7f0000516000/0x3000)=nil, 0x3000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
socket(0x28, 0x80000, 0x1)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000000)={0xfffffffb, 0x1d}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000005b00)=ANY=[@ANYBLOB="2c00000012009702000000000000000007000000", @ANYRESHEX=r2], 0x2c}}, 0x400)
socket(0x10, 0x4, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x54}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value=0x20}, 0x80)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
lseek(r3, 0x289e0cb5, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_ASSOCIATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000003c0)={0x1c, r5, 0x1, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r7}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000815}, 0x850)

5m50.768153956s ago: executing program 3 (id=35):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$kcm(0x10, 0x2, 0x0)
io_setup(0x2, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$setregs(0xf, r2, 0x80000200000006, 0xfffffffffffffffe)
syz_emit_ethernet(0x68, &(0x7f0000000040)=ANY=[], 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000240)={'filter\x00', 0xb001, 0x4, 0x388, 0x0, 0x1c4, 0x1c4, 0x2a8, 0x2a8, 0x2a8, 0x7fffffe, 0x0, {[{{@arp={@multicast1, @loopback, 0xff000000, 0xff, 0xe, 0x9, {@empty, {[0xff, 0x0, 0xff, 0xff]}}, {@mac=@remote, {[0x0, 0x0, 0xff, 0xff, 0x0, 0xff]}}, 0x8, 0x101, 0x10, 0x7, 0x3, 0x101, 'ipvlan0\x00', 'macvtap0\x00', {}, {0xff}, 0x0, 0xa}, 0xbc, 0xe0}, @unspec=@STANDARD={0x24, '\x00', 0x0, 0x1c4}}, {{@uncond, 0xbc, 0xe4, 0x0, {0x0, 0x1e03}}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x46e, 0xfffc}}}, {{@uncond, 0xbc, 0xe4}, @unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x0, 0x12ed}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x3d4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
syz_genetlink_get_family_id$devlink(&(0x7f0000000580), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendmsg$kcm(r1, 0x0, 0x0)
ioctl$PIO_CMAP(r0, 0x4b71, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000002c0)=0x11)
socket$inet6(0xa, 0x80002, 0x200)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
socket(0x23, 0x4, 0x1)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

5m46.106636709s ago: executing program 3 (id=41):
ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, &(0x7f0000000100)=0x10000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x18, '\x00', 0x0, 0x2}, 0x94)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x1c, r3, 0x7d243a6ea807936d, 0x12, 0x25dfdbf8, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x404c881}, 0x4000080)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r5, 0x0, 0x44000080)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r7 = dup(r6)
ioctl$BLKRRPART(r7, 0x125f, 0x0)
r8 = socket$phonet(0x23, 0x2, 0x1)
ioctl$SIOCPNDELRESOURCE(r8, 0x89ef, &(0x7f0000000000)=0x591e)
kexec_load(0x0, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0x1000000, 0x10000}], 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)

5m42.404193986s ago: executing program 3 (id=46):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
name_to_handle_at(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet(0xa, 0x801, 0x84)
socket$netlink(0x10, 0x3, 0x11)
socket$kcm(0x10, 0x2, 0x0)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r3, 0xfffffffd)
r4 = accept4(r3, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xc, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000001000), 0x581, 0x4000001f, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f00000002c0)={0x3, 0x1, 0x2, 0xff, 0xa4, 0x0, 0x1, 0x0, 0x5, 0x8, 0x81, 0x0, 0x2, 0x20}, 0xe)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000300))
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00'})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffff0180c2938201fc20962979a9427f0b14e2b2c000000008004500002000000000002f9078"], 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

5m26.78882143s ago: executing program 32 (id=46):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
close(0xffffffffffffffff)
name_to_handle_at(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
r3 = socket$inet(0xa, 0x801, 0x84)
socket$netlink(0x10, 0x3, 0x11)
socket$kcm(0x10, 0x2, 0x0)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r3, 0xfffffffd)
r4 = accept4(r3, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xc, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000001000), 0x581, 0x4000001f, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f00000002c0)={0x3, 0x1, 0x2, 0xff, 0xa4, 0x0, 0x1, 0x0, 0x5, 0x8, 0x81, 0x0, 0x2, 0x20}, 0xe)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000300))
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00'})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffff0180c2938201fc20962979a9427f0b14e2b2c000000008004500002000000000002f9078"], 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

4m56.431871048s ago: executing program 4 (id=98):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000000180))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b00)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [], {0x14}}, 0x28}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000000c0), r1)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r3, &(0x7f0000000e40)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x7, 0x0, 0x3, 0x4, 0x2, 0x3, 0x3, 0x309, 0x38, 0xce, 0xe, 0xb, 0x20, 0x1, 0x5, 0x5}, [{0x3, 0x8, 0xf3, 0x7f, 0x204, 0x200004, 0xce1, 0x400}], "", ['\x00', '\x00']}, 0x258)
close(r3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1b, 0x21, &(0x7f00000005c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x773}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@exit, @jmp={0x5, 0x0, 0x0, 0x6, 0xa, 0x20, 0xffffffffffffffff}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0xd, 0x0, 0x0, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x400008}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x900000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
sendmsg$IEEE802154_LLSEC_ADD_DEV(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)={0x14, 0x0, 0x20, 0x1, 0xa5dfdbfb}, 0x14}, 0x4, 0x700000000000000, 0x0, 0x40000}, 0x0)
syz_genetlink_get_family_id$net_dm(&(0x7f0000000100), 0xffffffffffffffff)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="e0000000", @ANYRES16=r2, @ANYBLOB="01000000000000000000010000000800010000000000140004800500030007000000050003000100000008000200010000000800020001000000a0000880"], 0xe0}}, 0x0)
r7 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0)
r8 = add_key$fscrypt_v1(&(0x7f00000002c0), &(0x7f0000000300)={'fscrypt:', @desc1}, &(0x7f0000000340)={0x0, "8527d2413790af54bfbca283be11c0de7af30e90937920fcba13d90af61beaa44d66a6535daf1bc35fb3af1e9197e31d26589ddb3c101840af347c1a253ec5fb", 0x18}, 0x48, 0xffffffffffffffff)
keyctl$read(0xb, r8, &(0x7f0000000000)=""/43, 0x2b)
ioctl$COMEDI_DEVCONFIG(r7, 0x40946400, &(0x7f0000000140)={'ni_at_a2150\x00', [0xb013, 0x5, 0x0, 0x2, 0x88d7, 0x8f, 0x1007, 0x8010, 0x1002, 0xffffffff, 0x200, 0x7, 0x10000009, 0x4, 0x5, 0x1, 0x8, 0x3, 0x9, 0x8e, 0x108, 0x3, 0x7, 0xa, 0x5, 0x1, 0xb0c4, 0xc, 0x8, 0x400002, 0x2]})

4m54.473001314s ago: executing program 4 (id=100):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f00000007c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYRES32=r1], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e"], 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000280)="b9ff03076804268c989e14f088a8", 0x0, 0x2, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket(0x1d, 0x2, 0x6)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r2, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f00000000c0)=@ccm_128={{0x304}, "c801beb100000047", "f8f26ae06508255f4c930e80aedcd08e", "6d81108a", "c440238952152069"}, 0x28)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000000)=@gcm_256={{0x304}, "9b00", "25110528444d684ad9c60100000000000100dd3600", "5cb6d254", "160000009a00"}, 0xba3f6f2771eade19)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
syz_open_pts(0xffffffffffffffff, 0x8182)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
socket$inet_icmp(0x2, 0x2, 0x1)

4m51.52102026s ago: executing program 4 (id=105):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = ioctl$KVM_GET_STATS_FD_cpu(r3, 0xaece)
accept$nfc_llcp(r4, &(0x7f0000000280), &(0x7f00000000c0)=0x60)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
readlink(0x0, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
r5 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_INITMSG(r5, 0x84, 0x2, &(0x7f0000000080)={0x7ff, 0x10, 0x8, 0x2}, 0x8)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x60, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x34, 0x4, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, @match={{0xa}, @val={0x20, 0x2, 0x0, 0x1, [@NFTA_MATCH_REV={0x8}, @NFTA_MATCH_NAME={0x9, 0x1, 'dscp\x00'}, @NFTA_MATCH_INFO={0x6, 0x3, "ebae"}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x20}}, 0x88}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, 0x0, 0x0)
shutdown(r6, 0x1)
sendto$inet6(r5, &(0x7f0000000040)='H', 0x1, 0x44004, &(0x7f0000000100)={0xa, 0x4e24, 0xb, @loopback, 0xc5f}, 0x1c)

4m49.64186028s ago: executing program 4 (id=106):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r0, 0x0, 0xcc, &(0x7f0000000000)={@local, @dev={0xac, 0x14, 0x14, 0x38}, 0x0, "cba3b5d37b22d90252e1547eb1ce271a5974f758d04197bb09b8079543977b01", 0x5, 0x4, 0x8004, 0x8b83}, 0x3c)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8800}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
mmap$IORING_OFF_SQ_RING(&(0x7f0000445000/0x1000)=nil, 0x1000, 0x0, 0x4000010, 0xffffffffffffffff, 0x0)
r1 = socket(0x29, 0x3, 0x37)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x2000000000000, 0xfffffdfffffffffe, 0xfa11, 0xffffffff}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000240)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x2, &(0x7f0000130000/0x800000)=nil)
r4 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f00090582020002"], 0x0)
syz_usb_ep_write$ath9k_ep1(r4, 0x82, 0x4, &(0x7f00000001c0)={[{}]})
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000180)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000100)={@my=0x1})
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r5, 0x7ac, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

4m40.489581055s ago: executing program 4 (id=115):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ff2000/0xe000)=nil, 0xe000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc020aa08, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f00000004c0), 0x0, 0x805, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r5, 0xc0285700, &(0x7f0000000000)={0x2, "fa02c80a3a1e9d4b9aaf000000008d674fe69b5b7638dd031dd7504fe5809639", <r6=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r6, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45b00e4f5b53e0ca34dd02acecdc67c5e3126628168"})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file1\x00', 0x8000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2b2, &(0x7f0000000880)="$eJzs3NFLU28cx/Hvz6mbE91+EEFB9aVu6uag6w+oEQrRoDAn1UVwzLMaO21yzlgsIncT3fZ3SJfdBdU/4E100313EgTdeBGd8Jwd3XTa1M2t+X6BnO/xeT4+jzrlewSf9XtvnhZyrpEzyzIUUxkSqcmGSHKzqvuvfh3y61FpVJMr4z+/nrt7/8GtdCYzM6c6m56/mlLVyQsfnr14e/FTeXzh3eT7qKwlH67/SH1bO712Zv33/JO8q3lXi6WymrpYKpXNRdvSpbxbMFTv2JbpWpovupbTNJ6zS8vLVTWLSxPxZcdyXTWLVS1YVS2XtOxU1Xxs5otqGIZOxOVkG25jTnZ1bs5M7znsRTq6I3RetPl2rNUcx0nXWg9mV7u1LwAA0L/27/+DXn/v/j+zEFw73P+L0P93Sa3p7i/9PwaC46TNeP3ntxn9PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIr+FbVERiIhLe93qf6I5Dfv+v9Wi76LCGf9yLidivK9lKNrgG4+mc5MUWS6YkIb/810NdUM/ezMxMqW+k/iE38yuVbMQ/m8DPh5Kt8uf/nw7yKh83c5V6fkTijeunJCGnWq+f2s6HxyGsVLKjcvlSQ96QhHx+JCWxZcl/XW/nX06r3rid2bH+mD8PAAAAAIBBYOiWZPPzb3D2o+FPiMnu8SB/gL8P7Hi+Hpaz7RxRCQAAAAAAjsytPi+Ytm05hyiiInKE+KAWEemLbeworotIH2zjuIqYiATv0cPEv2/F20p5bcwZFpGef1kOUPT6NxMAAACATttu+g8Q+vKqizsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafc8sHD+rqFwYJ94w3KRY/8EAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD7yJwAA//+j7Rqj")
r7 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r7, &(0x7f0000000440)=ANY=[@ANYBLOB="7f454c461d"], 0x58)
close(r7)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)

4m37.10546385s ago: executing program 4 (id=117):
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b0000080039503230"], 0x15)
r0 = dup(0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r2)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x181a41, 0x20)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
mount(0x0, &(0x7f0000000140)='./cgroup\x00', 0x0, 0x21a8f5, 0x0)
write$FUSE_BMAP(r0, 0x0, 0x0)
write$FUSE_DIRENTPLUS(r0, &(0x7f00000012c0)=ANY=[], 0xb0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000500)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00'}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000000), &(0x7f00000002c0)}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r4 = dup(r3)
ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, 0x0)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x1, 0x0, @dev={0xfe, 0x80, '\x00', 0xd}, 0x4}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0xa}], 0x1, 0x0)
getresuid(&(0x7f0000000440), &(0x7f0000000400), 0x0)

4m21.906810995s ago: executing program 33 (id=117):
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b0000080039503230"], 0x15)
r0 = dup(0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r2)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x181a41, 0x20)
mount(&(0x7f0000000000), &(0x7f0000000280)='./cgroup\x00', 0x0, 0x75809, 0x0)
mount(0x0, &(0x7f0000000140)='./cgroup\x00', 0x0, 0x21a8f5, 0x0)
write$FUSE_BMAP(r0, 0x0, 0x0)
write$FUSE_DIRENTPLUS(r0, &(0x7f00000012c0)=ANY=[], 0xb0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000500)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00'}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000000), &(0x7f00000002c0)}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, 0x0, 0x40, 0x0)
r4 = dup(r3)
ioctl$sock_inet6_tcp_SIOCINQ(r4, 0x541b, 0x0)
r5 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x1, 0x0, @dev={0xfe, 0x80, '\x00', 0xd}, 0x4}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}, 0xa}], 0x1, 0x0)
getresuid(&(0x7f0000000440), &(0x7f0000000400), 0x0)

5.75628144s ago: executing program 5 (id=1104):
pipe(&(0x7f0000000380)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000000180)=0x1, 0x4)
fcntl$setpipe(r0, 0x407, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x14, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r1, &(0x7f0000000300)={0x2, 0x0, @remote}, 0x10)
sendto$inet(r1, &(0x7f0000000200)="e1", 0xfea8, 0x0, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0xfea8, 0xa)

5.531807805s ago: executing program 5 (id=1107):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000680)='./file2\x00', 0x800000, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f757365725f78617474722c666c7573685f6d657267652c6673796e635f6d6f64653d706f7369782c64697361626c655f6578745f6964656e746966792c6261636b67726f756e645f67633d73796e632c6673796e635f6d6f64653d7374726963742c6e6f626172726965722c6e6f696e6c696e655f646174612c6e6f626172726965722c71756f74612c6261636b67726f756e645f67633d6f66662c6e6f61636c2c6e6f657874656e745f63616368652c6e6f646973636172642c6163746976655f6c6f67733d342c00e62bc03000c35169ed09803fa1bee488c680f339e530b5e8ad120a2b4f078093a8e0ba2b3d1b5fe99356b80a454c1ec2f8e12392bbffe9fae2fa05e18a6b61f5eded2e484f574d2757a5fe762c770477aa3460313ee54451c6a6159eca600d6c85a8c09cef9996dc851a5f5edf1a4a22576c6dfe6b9e8dade2d3a8e6a8c7710733c1f69aabd8880291"], 0x1, 0x5504, &(0x7f000000c0c0)="$eJzs3M1rI2UYAPB32u1+uxbx4G0HFqGFTWj6seit6i5+YJey6sGTpsk0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJl3qls/QGma2O3vB5Nn5p03zzxvKIVnJiQA59Z8+vOPSbgRroQQZkMI10Mo9pNyK6zH8Fx5buaxLSnHfx+4GEK4GkK4MUoecyblqU9vD2+t/fDGT199c+nCtc++/HZ6qwam7fkQQncn7u93Y8xbMT4sx+vDdhG7q8MyxhPdR+VxHuN+tlVk2K8fzasXcaUV5+c7e/1R3O7UG6PYam8X4zu9eMH+sHWUp3jDw/pucdzMtorY7udFbB3Gug4O4/+2w/4g5mmW+T4o0ofB4CjG8ewgi+vZeVTERm9Qjse8eTM7GMVhGcvLhUbeaRZ1bJ3kk/5/e7Pd2ztIh9luv5330rVq7YVq7U6ltps3s0G2Wql3m3dW04VWZzStMsjq3fVWnrc6WbWRdxfThVajUanV0oW72Va73ktrtepKdamytlju3U5fvf9O2mmmC6P4cru3N2h3+ul2vpvGdyymy9WVFxfTW7X0rY3NdPPBvXsbm2+/d/fd+y9tvP5KOekvZaULy0vLy5XaUmW5tniO1v9RWfQY1w8nkky7AICz57/2/zf1/8AYnF7/v/sghNPv/4P+fyzOVP973vv/U1g/nIj+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3Ppu7vPXip35eHytHH+qHHqmPE5CCDMhhF//xmy4eCznbJln7h/mz/2phq+TUGQYXeNSuV0NIayX2y9Pn/anAAAAAE+uLz68+Uns1uPL/LQLYpLiTZuZ6++PKV8SQpib/35M2WZGL8+OKVnx930hHIwpW3ED6/KYksVbbhfGle1fmT0WLj8WkhhmJloOAAAwEcc7gcl2IQAAAEzSx9MugOlIwtGjzKNnwcU37/94IHjl2BEAAABwBiXTLgAAAAA4dUX/7/f/AAAA4MkWf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5j535yUgfiOID/WuiD9y+PvLj3Ku7gGB7BpUvDAbwER8AreAHPgDuPYMDQqUQU3XRKI/l8kjJMQ77MELqY3yQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTpsVrO7m7Ob9vmrDft5JkNAAAAcMiqWs7qN5PU/93c/9vc+t/0i4goI+LQ2n0QP/YyB01O9cnnq3djuI+oE7bfMWquXxFx0VzP/7r+FQAAAOB0PcwX07RaTy+TvgfEMaWiTfnnMlNeERHV5ClTWrnNO8sUVv+/h3GdKa0uYI0zhaWS2zBX2kcHouvHfVe1G79pitSUX0dmmzsAAHBEg72mw1UIAAAAPbvqewD0o4jXrczdVuAoNc323s+9HgAAAPANFX0PAAAAAOhcvf53/h8AAACctnT+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF1aVctZNV9M2+asN+3kmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALywP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/uzs7WVsUYJYeIKHjQi023tbU38aAED/4JQki3NXbrjzYHW4qQizfJuRfRo4igxFv/h55b6KXeesihghcvlTc/kmkMuFo7s20+H3jzvjsZ3vu+GQj5zkwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNr2u7txljZzZdyv9t28d3U19bf29Mn1zduLqaW412bSj4eXmx96C90lAgAAwMGR1fV9RNzJt5ZT358r6v+8PibV/N89W8Z1Pb+37q/7uvZP7ddf7r64M9FcOU8a9OzaZHzs76kMHt0qZ9tz/3jEoDjzxb2XrLgg/Q82XtjOi/PZ++bGjfeGRXiojWwBgP/iaN1XQf33UOpHXSYGwIExaBTedf2fzXWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAbtjfi6TruRcTiYDdObt27urpff33z9mLdTl27ttkcMw2RR8TZtcn4WItrmXWXLl85vzKZjC+2H7wSEV3N/k61/PMfTXFwRCfnR/A/Bf3qYs9KPg8T5NVaHv1cHf1CAgDgiZVXLdX1d/Kt5bSvNx9x//sH6//XG3FMWf/f/fjUzeZczfp/1NoKZ9/S+oXPly5dvvLm2oWVc+Nz40/fOj56e3Ti9MmTp5eKeyVL7pgAAADwcIZVa9b/wz3HpJ8dacQxZf3/xbejr5rjZOr/fe0+9Os6EwAAgIPt+Vf/+L23z/7ecBhfrqyvXxyV253Px8ttB6n+a4eq1qz/s/muswIAAADasL3Re+D9/zONOKZ8/v/MDy/91Bwzi4jD1fP/o6ufTc60t5yZ1sa/Lne9RgAAALp1uGrN5//5fKr/+zuvPPQj4o3Xyrj6GsCp6v/s/a9/bM7VfP//RHtLnEn9hfJ8FP1CxGCh64wAAAB4Uv15P+KpKFsq9n/Lt5Y/+fnIh0Pv/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC07a8AAAD//3npOno=")
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f4)
r1 = open(&(0x7f00000000c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r1, &(0x7f0000000240), 0x1, 0x0, 0x0, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000000)='k', 0x1}], 0x1, 0x2, 0x6, 0xa)

4.056939558s ago: executing program 6 (id=1121):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./bus\x00', 0x100040, 0x0, 0x1, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000440)=ANY=[], 0x1, 0x0, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

3.828082544s ago: executing program 1 (id=1122):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d80762ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0xffffffffffffffff, {0x4, 0x2, 0x101, 0x0, 0x0, 0x10000000, {0x40, 0xfff, 0xfffffffffffffffe, 0x100, 0x0, 0x0, 0x7, 0x0, 0x122, 0x6000, 0x9, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x0, 0x0, 0x2, 0xfffffffd, 0x2, 0x0, 0x0, 0x0, 0x1}}, 0x50)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)
ioctl$TIOCGPTPEER(r2, 0x4004092b, 0x7ffffffffffffffd)

3.827910884s ago: executing program 6 (id=1123):
r0 = io_uring_setup(0x2e34, &(0x7f0000000180))
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r2}, 0x18)
connect$can_j1939(r1, &(0x7f0000000080)={0x1d, r2, 0x0, {0x0, 0xf0, 0x2}, 0xfe}, 0x18)
sendmsg$can_j1939(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)='.', 0x1a000}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_usb_connect$uac1(0x0, 0x0, 0x0, 0x0)

3.496947077s ago: executing program 2 (id=1125):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000002c0)={0x0, 0x2}, 0x4)
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="480000001c00110c0000001400000f0007000000", @ANYRES32=r1, @ANYBLOB="800202000a000200577f0000aabb000020000e80050001008f00000005000100010000000400020005"], 0x48}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x48}}, 0x0)
sendmmsg$alg(r2, &(0x7f00000000c0), 0x492492492492627, 0x0)

3.494826707s ago: executing program 1 (id=1126):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0xa, 0x801, 0x84)
socket$inet(0xa, 0x801, 0x84)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

3.387088634s ago: executing program 5 (id=1127):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000001c0)="d8df7e23b3b9ce000000b807000000ba000000000f301b8154fea900b9b60a000080320000c4e28ddc8dcd000000c182fd3f0000c8b950020000b801000000b9a6080000b800000100ba000000000f300f300fc79d53bf0000c4b9e16dc301012202", 0x62}], 0x1, 0x10, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000900)=[@text16={0x10, 0x0}], 0x1, 0x1, 0x0, 0x0)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000580)={0x20, 0x5, 0x1})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x5, 0x9, 0x2, 0x8, 0x13, 0x0, 0x4f, 0x100000000000, 0x9, 0xffffffffffffffff, 0x100080, 0xffffffff, 0x7f, 0x8, 0x5fba, 0x7ff], 0x4, 0x200002})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.278049172s ago: executing program 2 (id=1128):
r0 = socket(0xa, 0x3, 0x3a)
close(0x3)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000480)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r2, 0x0, {0x1, 0x1, 0x4}, 0x1}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000001c0)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x4804}, 0x8884)
recvmsg(r0, &(0x7f0000000b40)={0x0, 0x0, 0x0}, 0x0)

3.156167781s ago: executing program 1 (id=1129):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000340)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x3})
ioctl$UFFDIO_ZEROPAGE(r1, 0xc018aa06, &(0x7f0000000380)={{&(0x7f0000411000/0x1000)=nil, 0x1000}})

3.1559657s ago: executing program 0 (id=1130):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$I2C(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/3, 0x1e000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x0, r3, 0x1f00}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
set_mempolicy(0x6005, 0x0, 0x4)

2.393797713s ago: executing program 0 (id=1131):
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./bus\x00', 0x2200c12, &(0x7f0000000380)=ANY=[@ANYBLOB='norock,check=strict,map=normal,map=acorn,map=acorn,utf8,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6d6f64653d3078303030323030303030303030612c696f626861727365743d6d6163696e8365f19464c48d29a883ab75693483012db3ff601a32a2ce40742c63686563"], 0x5, 0xa29, &(0x7f0000000bc0)="$eJzs3UtsXNd5B/D/5UOiaVeSbdV1DdsayZVM2yxFUrVUwQtXIkcSXT4KkgIsdGG5FlWoYuvWagHbKGAZCLKKkQAJskh2RlbJxoA38SbwLtklqywCBF5lb2QTZcXgzgwpPmY4JMWX7d+PuHNf3z3nu4+5RzOamRO+WhYOr5hbWKgNW5y/+tNdyJh97OLoFx9/8lE5fHg3B9KZl4ufJz1JKklXkieT7pHR6amJNgXdTq4n+TwpkhxMfbwh11N8N4/cn/88xY/Lels6sNGSaWeBb7S9vv4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGA/KkZGBweHigMZm7z6eqUuqawxMjo9VWRhYe2axW3qPqv1+l181rbepCiH9PQsdvX95NH7q59IUjmRp+tzT9c6JE9P3n/4iSOvPN7Vsbh9q2weyMGNF3vnvfdvvzk/P/dO65CFD+r7sD257TOXq5NjM1NjExcuVytjM1OV82fPDp6+cmmmcmlsvDpzbWa2OlEZma5emJ2arvSNvFAZOn/+TKU6cG3q6uTl0YHx6uLCc38/PDh4tvLawL9UL0zPTE2efm1gZuTK2Pj42OTlWky5uow5V16I/zw2W5mtXpioVG7emp87s5TNwuHysXP1wS6DhtrtSRk03C5oeHB4eGhoeHjow0bv2UsLzr58/uVzg4Ndg6tkTcQOXbTsLw+1Ps3bfAeHreuot//5j/GMZTJX83oqTf9GMprpTGWixfqGxfb/5OnquvUub/8brXzXstVPlQ8n8mxjtqdF+98il937u5P38n5u583MZz5zeWfPM2r+d6pxILe73MupZjJjmclUxjKRC7UllcaSSs7nbM5mMG/kSo5lJpVcyljGU81MrmUms6nWrqiRTKeaC5nNVKZTSV9G8kIqGcr5nM+ZVFLNQK5lKlczmcsZzYVaKTdzq3bcz6yT41LQ0EaChtcJWt2Yl9f65tr/6tf1X4Js2PbewOEBLDTa/wPtQ/tGdiMhAAAAYNv97a9y6Ohjv/x9UuSZ2vvyl8bGq6/udVoAAADANqp9XO/pctRdTj3TU3v9P7jXaQEAAADbqKh9x65I0ptj9anFb0J5EwAAAAC+JspX/n+V1F77Nxas//q/2M3sAAAAgO3Q/jf220YU/Ys//1u5UR/faETU54reS2Pj1YGRqfFXhnKq9isDSZ5ZW1pnUnTXvn7wYo7Xo4731se990ss6+wpo4YGXhnKiznR2JG+58rRc31NIofrkc/XI59fHtmZFZFnykgA+Lo7sU57vNH2/8X01yP6n6o1+V1PNWmDB7WsALBfLPWx8+dGl2ZN2v9GxLOt2v9/WOf1fxnxWG4eq3+kYCBv5e3M50b6Fz9xcKxZqYu9EdQ/htDf5t2A3sZHFn5zriP9a94P6Fna1+WxcxlOf9N3BJaVWyzmcKYe17kz5wAAdtuJddvhjbX//W1e//f6SiEA7CtLPdhvYuKDzQTPvXNnr/cRAFhJKw0AAAAAAAAAAAAAAAAAAAAAAAAAAADbb0M/4P/rU8n8/Fyyhc4CtjzRs5kM15/oyC7lvOcTnUkeqJxD2fJZfjWb3qo8xw+wyz97qLH5H/bkgP+p0WXmPjjvOzCxxzcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdkWRdDZb3pEcTDKY5PTuZ7Vz7u51AtulcmBLmxX3ci/v5tC25wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8A3X+P3/jtTHD9cXpasjOZnkepJ/3esct9O9vU5gZxSN8ZHWIf9ZD7z/+/8dSXcWinTVT3uK7pHR6amJsqjiYLn+i48/+agc2le/tleFsoCyhhWdSzRqWLake+VWj9a26h2du3P7f9/+78roxdqFeXH20vjoxOXpf7of+ETxaVJJfVi0mO//n/zF95YtbnSUUHxa7mlzq+u9VKt3dG29f9Ns6xb1bsCt+bnhsqbZ6uuz//dft95dtuqxHE+e60v6Vtb07+XQoqbjq4/nSsWXxbeLQ/lhrtfOf3k0ioWiPEWHa/v/0M1b83MDb709f2Mppw9W5HQkx5LcSHo2ntOxpWtzjdpV19Fd1jpYCyofjrYpb5XZR1qUONTiuD5au2R6N7UPldb7UNPmuDcyOtM0o+//z+M5tekzfapNjU0VXxa/K67kt/nWsv4/OsrzfzJNn51NiqhFLrtSlq9b8fTqqEfW9nx4+Yo3VpfZ8lnJDvhO/i3/uHT+O5bd/xvnanfuR8tqbP68SDb/vPjJ4TUtyn21FunoqhapcfdptU0jz6P1qBZ5/nVeqpe5iTvKS23uKDv1/P9R0Zc/5q7+fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP2vSDqbLe9ITiY5kuRwOV9JFlbH3N1CfR29xVbS3DZbyfmrp2i5o8W93Mu7ObTbGQEAAAAAAACwMy6OfvHxJx+VQ+3/4zvzdx2NNZWkK8mR4gfdI6PTUxNtCupOri/+l37P5nK4Xj48cn/+83LuyTYb7e3HBwDgK+0vAQAA///8BXI5")
syz_mount_image$btrfs(&(0x7f0000000080), &(0x7f0000000040)='./file1\x00', 0x1c005, &(0x7f00000002c0)={[{@nobarrier}, {@thread_pool={'thread_pool', 0x3d, 0x200006}}, {@autodefrag}, {@nossd}, {@nossd_spread}, {@noflushoncommit}, {@nodiscard}, {@compress_force}, {@acl}, {@datacow}, {@ssd_spread}]}, 0x9, 0x559d, &(0x7f000000ac40)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")

2.391094064s ago: executing program 2 (id=1132):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc0}, 0x3a85ef35342a412e)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x7, 0x5, 0xa, 0x9, 0x9, 0x3, 0x1041, 0x4, 0x0, 0x33a, 0x3, 0x100000002, 0x49, 0x9, 0x800005, 0x6b], 0xd000, 0x101052})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.792152515s ago: executing program 0 (id=1133):
mkdir(0x0, 0x0)
open(0x0, 0x400, 0x43)
chdir(&(0x7f00000003c0)='./bus\x00')
syz_open_dev$vcsa(0x0, 0x4, 0x1212c2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
capget(0x0, 0x0)

1.762743857s ago: executing program 0 (id=1134):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
r2 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r3=>0x0})
bind$can_j1939(r2, &(0x7f0000000100)={0x1d, r3, 0x2, {0x1, 0x0, 0x2}}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=@getchain={0x24, 0x11, 0x1, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {}, {0x7, 0x2}, {0x0, 0xa}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000}, 0x98)

1.660652284s ago: executing program 1 (id=1135):
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd70003c0200000200000008000100", @ANYRES32=r3], 0x1c}}, 0x0)
read$nci(r0, &(0x7f00000030c0)=""/2, 0x2)

1.636901836s ago: executing program 2 (id=1136):
timer_create(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000200)={0x40000000008, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.532124973s ago: executing program 5 (id=1137):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000000)={[{0x80000000, 0x4, 0xc2, 0x4f, 0x40, 0x5d, 0x80, 0x1, 0x3, 0x44, 0x8, 0x0, 0x100000000009}, {0xb, 0xa6f2, 0x6, 0x8, 0x9, 0xff, 0x4, 0x87, 0xa, 0x13, 0x7, 0x6, 0x1}, {0x1ff, 0x7, 0xd, 0x10, 0x25, 0x9, 0x0, 0x6, 0x4, 0x15, 0x0, 0x2, 0x4}], 0x9})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x67a, 0x6, 0xf3b8, 0x0, 0x1000, 0x400, 0x4002004c4, 0x1000, 0x0, 0x97, 0x10, 0x0, 0x3, 0x4], 0xeeee8000, 0x400})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.531927733s ago: executing program 6 (id=1138):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009})
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f00000000c0)={0x4000001, 0x71, 0x200000009})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f0000000300)={r2, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000400)={0x0, 0x0, r3, 0x0, 0x0, 0x1f5, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "b4bc323ef77d1f000071849800000000dfff00"}})

1.405007102s ago: executing program 6 (id=1139):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
r2 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r1}, 0x8)
close(r2)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$LINK_DETACH(0x22, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r2, 0x0, 0x0}, 0x10)

1.281667111s ago: executing program 6 (id=1140):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x2c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}, @NL80211_ATTR_4ADDR={0x5, 0x53, 0x1}]}, 0x2c}}, 0x0)

1.257018042s ago: executing program 2 (id=1141):
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
socket$kcm(0x2, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000005d40)='./file0\x00', 0x4040, &(0x7f0000001e40)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5ff2cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb69658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d96700e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bed545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177df97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65290b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b808451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f5035d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e606a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fbad8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c400"/2294], 0x3, 0x5e9d, &(0x7f000000bc00)="$eJzs3cuOHFcZB/CvL9NzMXGsCEXGYjFxICSE+G5DuMVhwQIWIKGssTWZRAYHkG0QiSw8kReIDfAIsPGGRV6BB8gzoDwAlmzYZEEoVDPn2DU1Pe4x9nR1z/n9pHHVV6dr+pT/U1PdU1V9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIH3z/J6d7EXHpN2nBkYjPxSCiH7Fc16tRz1zMjx9GxNHYbI7nI2KwGFGvv/nPsxHnIuLjwxH37t9cqxef2WM/zp+6ce2zH37vH7//0+2jP3v7p3fa7T/+/NmP/nAr4siPXv/os1tPZ9sBAACgFFVVVb30Nv9Yen/f77pTAMBU5ON/leTlarVarX6q9R/7s9UfdaF1UzXerWYRERvNderXDE7HA8Cc2YhPu+4CHZJ/0YYRcajrTgAzrdd1B9gX9+7fXOulfHvN48HqVnv+O+W2/Dd6D+7v2G06Sfsak2n9fN2OQTy3S3+Wp9SHWZLz77fzv7TVPkqP2+/8p2W3/Edbtz4VJ+c/aOffsi3/P0fE3ObfH5t/qXL+w8fJf2Mwx/u//AEAAAAAOPjy3/+PdHz+d/HJN2VPHnX+d3VKfQAAAAAAAACAp+1Jx/97wPh/AAAAMLPq9+q1vxx+uGy3z2Krl7/Vi3im9XigMKuNDwcEAAAAAAAAAAAAAKZjGLGSrutfiIhnVlaqqqq/mtr143rS9edd6dsPJev6lzwAAGz5+HDrXv5exFJEvJU+629hZWWlqpaWV6qVankxv54dLS5Vy433tXlaL1sc7eEF8XBU1d9sqbFe06T3y5Pa29+vfq5RNdhDx6ajw8ABICK2jkb3HJEOmKp6Nrp+lcN8sP8fPPZ/9qLrn1MAAABg/1VVVfXSx3kfS+f8+113CgCYinz8b58XUKvVarVaffDqpmq8W80iIjaa69SvGQzHDwBzZiM+7boLdEj+RRtGxNGuOwHMtF7XHWBf3Lt/c62X8u01jwerW+35WpBt+W/0NtfL64+bTtK+xmRaP1+3YxDP7dKf56fUh1mS8++387+01Z6H+N/v/Kdlt/zr7TzSQX+6lvMftPNvOTj598fmX6qc//Cx8h/IHwAAAAAAZlj++/8R53/zJgMAAAAAAADA3Ll3/+Zavu81n///4pjH9Zpz7v88MHL+vT3n7/7fgyTn32/n37ogZ9CYv/vmw/z/df/m2p0b//xCns58/guDUf3cC73+YJiu+akW3okrcTXW49SOxw+3tZ/e0b6wrf3MhPazO9pHdftybj8Ra/HLuBpvP2hfnHBh1NKE9mpCe85/YP8vUs5/2Piq819J7b3WtHb3w/6O/b45Hfc8F//2n5d27l3TdzsGD7atqd6+4x30Z/P/5NAofn19/dqJ316+cePa6UiTbUvPRJo8ZTn/hfSV83/5xa32/Hu/ub/e/XD02PnPitsx3DX/Fxvz9fa+MuW+dSHnP0pfOf98BBq//89z/rvv/6920B8AAAAAAAAAAAAAAAB4lKqqNm8RvRgRF9L9P13dmwkATFc+/ldJXq5Wq9Vq9UGqPzk0W/3pqm6qxnujWUTE35vr1K8ZfjfumwEAs+y/EfFJ152gM/IvWP68v3r6pa47A0zV9fc/+Pnlq1fXr13vuicAAAAAAAAAwP8rj/+52hj/efM6oNa40dvGf30zVud2/M/+aLA51nnaoBfi0eN/H49Hj/89nPB8CxPaRxPaFye0L01oH3ujR0PO/4WUcc7/WNqwksZ/fbmD/nQt5388jfWc8/9K63HN/Ku/znP+/W35n7zx3q9OXn//g9euvHf53fV3139x+tSFc2fPnzt7/vzJd65cXT+19W+HPd5fOf889rXrQMuS88+Zy78sOf8vp1r+Zcn5v5Rq+Zcl559f78m/LDn//N5H/mXJ+b+SavmXJef/1VTLvyw5/1dTLf+y5Py/lmr5lyXn/1qq5V+WnP+JVMu/LDn/k6mWf1ly/vkMl/zLkvPPVzbIvyw5/zOpln9Zcv5nUy3/suT8z6Va/mXJ+Z9PtfzLkvO/kGr5lyXn//VUy78sOf9vpFr+Zcn5v55q+Zcl5//NVMu/LDn/b6Va/mXJ+X871fIvS87/O6mWf1ly/t9NtfzLkvN/I9XyL8vDz/83Y8bMFGbu/DtiBroxaabr30wAAAAAAAAAAAAAQNs0LifuehsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4HztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwt69xchZ3vcDf/fotSHgfzgTB2xzMrCwuz6BQwwmCflT0gMlIW1aUuPYa+PEp3rXnITKptCWKEhFai/oRdMkSqNIbQWqojaVaITUSO1dc9WIm6iVcuELqByUVEoV2OqdeZ5nZ2ZnZ9aHtWfe5/NB9s87887MM++8M7vfRd8ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg0YaPT//JQFEU5Z/aX2uL4uLy36uLXeWXc9sv9AoBAACAs/Ve7e+/vTSdsGsZF2rY5l+v+/fvzs/PzxdfePfk+382P5/OWF8UQ6uKonZe9G+/+Pl84zbBC8XYwGDD14Ndbn6oy/nDXc4f6XL+aJfzV3U5f6zL+Yt2wCKr67+PqV3ZjbV/rq3v0uLyYqR23o1tLvXCwKrBwfi7nJqB2mXmR/YXB4tDxXQxuegyA7X/iuKNDeVtPVjE2xpsuK11RVGc+ulze+MaBsI+vrFourGaxsfunfuL9e/+9Lm93559+5p2s+tuWLTSoti0sVzni0Wx8OuqYqBYlfZJXOdgwzrXtVnnUNM6B2qXK//dus5Ty1xnvN9jYZ0/7LDOdeG0p28oimKuWHKbVi8Ug8WalltN+3usfkSU11E+lB8shk/rONmwjOOkvMxPbmg+TlqPybj/N4R9MrzEGhofjne+PLpov5/pcVLe6144Vsvrfri80bGxxl+tNh2r5TbP3bT0MdD2sWtzDKRjueEY2NjtGBgcHaodA4MLa97YdAxMLbrMYDFQu62TN3U+BiZmDx+bmHnm2TsOHt5zYPrA9JGpye1bt2zbumXbton9Bw9NT9b/Pr1d2kfWFIPpGNwYXmviMXhLy7aNh+T8N87d82CsR54H5X3/zM3lgi4eLJY4xsttXtx09s+D9H2/4Xkw3PA8aPua2uZ5MLyM50G5zalNy/ueOdzwp90aVuq1cG3DMXAhvx+Wt/nYrUu/Fq4L63rpttP9fji06BiId2sgPPfKU9LPe2N3h/2y+Li4tjzjotHixMz08Tuf3jM7e3yqCOO8uKzhsWo9XtY03Kdi0fEyeNrHy66/+eXN17Y5fW3YV2O3d36sym22jnd+rGqv7u33Z9Opm4swzrHzvT/bfTcr92fKEh32Z7nNi3ec/c+CKZc0vP6NdHv9GxoZrr/+DaW9MdL0+rf4oRmqrawoTt2xvNe/kfDnfL/+Xd4jr3/lvnrszs7HQLnNSxOnewwMd3z9uyHMgbCeW0NiGGvI/e/Xzp+rH6YNj2XX42Z4eCQcN8PxFpuPmy2LLlNeW3nbmybP7LjZdEPzY9X0c0sFj5tyX/35ZOfjptzmzamzf+1YHf/Z8Nox2u0YGBkaLdc7kg6C+uvd/Op4DNxZ7C2OFoeKfeky5aNc3tb45uUdA6Phz/l+7bi6R46Bcl+9urnzMVBu84Mt5/Znp03hlLRNw89Orb9fWCrzXzu8cH2tu+1cZ/5ynZ/Y2vl3Q+U2b2893ZzReT/dHk65qM1+an3+LHVM7yvOz366Oqzz0LbOv5sqt7l8+zKPp11FUbw19Vbt913h97t/f+I/vtv0e992v1N+a+qthyYe+dHprB8AgDP3fu3vudH6z5oN/8d6Of//HwAAAOgLMfcPhpnI/wAAAFAZMfcPhZnI/wAAAFAZMfcPh5lkkv+fuHvHa+89X6R3A5wP4vlxNzx8b3272PGeC1+vn19Qnv6xb4289pXnl3fbg0VR/PKhD7Xd/ol747rqjsV1fqT59EWuvn5Zt//4owvbNb5/wqkd9euP92e5h0HsKr8xsbl2veufmarNNx8qavORuZdeqF9//eu4/ckt9e3/Mrxpya79A02X3xTWc2OY68N7yjy8a2E/lDNe7rV11/3LZZ9duL14uYGNl9Tu5qt/UL/e+B5Rr1xW3z7e76XW/89f/c5r5fZP39R+/c8Ptl//yXC9PwnzFzvr2zfu8680rP+Pwvrj7cXL3fnN77dd/+tX1bd/PRwXXw+zdf33/+mH32v3eMXb2XVP/XLx9if/Z2vtcvH64vW3rn/s+amm/dF6/W++W7+enU/+bKhx+3h6vJ3o8Xuaj++B8Pg29ciLovjOHxdN+7n4aP1y/9Sy/nh9x+5pv/7bW9Z5bOD62uUX7s/apvv1tb/e3Pb+xvXs+ru1TffnlQfC/nt34gfl9Z58JByP4fz//WH9+lrfy/T1B5pfb+L2X19bf97G65toWf8rLeufu77cd93X/+C79fW/ft+qpvXv+mQ4nh6sz27rP/BXlzZd/hvfrj8ex58aP3J05sTBfQ17tfF5vGps9ZqLLv7AJZeG19LWr3cfnX1i+vj6yfWTRbG+D98ycKXX/80w/7s+5s79LdT96Gf14+7lT9W/b93y8/rXr4TTHw+PZ/z++LW/GGk6Xlsf97n76vNs139bWMdyXfXV/7p+WRue/PwbJ/7xD99u/bkg3p9jV4zV7t+rG66snTfwZv381terbv7ziubn9Y+HJ2vze2G/zod3Zt54Zf32Wq8/vjfJy5+uP3/jT3Lx8kXL+4msHWq+H2e7/h+Hn2O+f3Xz6188Pr73fMu7Oa8tBsolzIXXh2Kufn7cKu7vl09d2fb24vvwFHPXnM4ylzTzzMzEoYNHTjw9MTs9Mzsx88yzuw8fPXFkdnftvUt3f7Hb5Ree32tqz+9909u3FrVn+9H6WGEXev3HHt27767Jm/dN799zYv/so8emjx/YOzOzd3rfzM179u+ffqrb5Q/u2zm1eceWuzaPHzi4b+fdO3Zs2TF+8MjRchn1RXWxffJL40eO765dZGbn1h1T27ZtnRw/fHTf9M67JifHT3S7fO1703h56SfHj08f2jN78PD0+MzBZ6d3Tu3Yvn1z13d/PHxs/8z6ieMnjkycmJk+PlG/L+tnayeX3/u6XZ48zBwNr3ctBsJP55+7fXt6f9zSt7685FXVN2n+8bR4J7wXVPz+1u3rmPtHwkwyyf8AAACQg5j7wxv/L5wh/wMAAEBlxNy/KsxE/gcAAIDKiLl/LMwkk/yv/6//r/+v/78i/f/4IOn/6//r/+v/d6D/r//fz+vX/9f/p7te6//H3L+6KLLM/wAAAJCDmPvXhJnI/wAAAFAZMfdfFGYi/wMAAEBlxNx/cZhJHvl/pPWf+v/6//r/jf3/uK3+f+Hz//X/z5D+v/5/J/r/+v/9vP4e7P+vXvn+/8Ixrf/Pciyr/z+6cPpK9/9j7v9AmEke+R8AAACyEHP/JWEm8j8AAABURsz9l4aZyP8AAABQGTH3rw0zyST/+/x//X/9f5//r/+v/7+S9P/1/zvR/9f/7+f192D/3+f/03N67fP/Y+7/f2EmmeR/AAAAyEHM/R8MM5H/AQAAoDJi7r8szET+BwAAgMqIuf/yMJNM8r/+v/6//r/+v/5///T/T6+Z3Bv0//X/O9H/1//v5/Xr/+v/012v9f9j7r8izCST/A8AAAA5iLn/yjAT+R8AAAAqI+b+q8JM5H8AAACojJj7rw4zyST/93v/f7j1gvr/+v/6//r/4fQq9v99/v9i+v/6/4X+/xm70P35fl+//r/+P931Wv8/5v5rwkwyyf8AAACQg5j7rw0zkf8BAACgMmLu/1CYifwPAAAAlRFz/7owk0zyf7/3/xfR/9f/1//X/w+n6//3hv7q/w8ueY7+f53+fzP9f/1//X/9fzpbov9/6kL1/2Pu/3CYSSb5HwAAAHIQc/91YSbyPwAAAFRGzP3Xh5nI/wAAAFAZMfevDzPJJP/r/+v/6//r/+v/6/+vpP7q/y9N/79O/7+Z/r/+v/6//j+d9drn/8fcvyHMJJP8DwAAADmIuX9jmIn8DwAAAJURc/8NYSbyPwAAAFRGzP03hplkkv/1//X/9f/1//X/9f9Xkv6//n8n+v/6//28fv3/5fX/R7tdEZXWa/3/mPtvCjPJJP8DAABADmLuvznMRP4HAACAyoi5/5YwE/kfAAAAKiPm/k1hJpnkf/1//X/9f/1//X/9/5Wk/6//34n+v/5/P69f/9/n/9Ndr/X/Y+6/Ncwkk/wPAAAAOYi5/7YwE/kfAAAAKiPm/tvDTOR/AAAAqIyY+8fDTDLJ//r/+v/6//r/+v/6/yupqv3/9Dqq/6//r/+v/6//r//Pknqt/x9z/x1hJpnkfwAAAMhBzP13hpnI/wAAAFAZMfdPhJnI/wAAAFAZMfdPhplkkv/1//X/9f/1//X/9f9XUlX7/z7/X/+/0P/X/9f/1/+nq17r/8fcPxVmkkn+BwAAgBzE3L85zET+BwAAgMqIuX9LmIn8DwAAAJURc//WMJNM8r/+/xn2/1c1f6n/3379+v/6//r/+v/6//r/nej/6//38/r1//X/aTbY5rRe6//H3L8tzCST/A8AAAA5iLl/e5iJ/A8AAACVEXP/XWEm8j8AAABURsz9d4eZZJL/9f99/r/+v/6//n+/9v9Hi36g/6//34n+v/5/P69f/1//n+56rf8fc/+OMJNM8j8AAADkIOb+j4SZyP8AAABQGTH33xNmIv8DAABAX2n3OYRRzP0fDTPJJP/r/1e9/z+/Sv9f/1//v/P6+7f/3x/0//X/O9H/1//v5/Xr/+v/012v9f9j7t8ZZpJJ/gcAAIAcxNx/b5iJ/A8AAACVEXP/fWEm8j8AAABURsz9u8JMMsn/+v9V7//7/H/9//7p/4/Ex1X/X///NOj/6/8X+v9n7Ez78+HHFv3/Hur/l8eQ/j+9qNf6/zH33x9mkkn+BwAAgBzE3P+xMBP5HwAAACoj5v6Ph5nI/wAAAFAZMfd/Iswkk/yv/6//r/+v/98r/f9I/1///3To/+v/F/r/Z+xC9+f7ff291P/3+f/0ql7r/8fc/0CYSSb5HwAAAHIQc/8nw0zkfwAAAKiMmPv/f5iJ/A8AAACVEXP/g2EmmeR//X/9f/1//X/9f/3/laT/r//fif6//n8/r1//X/+f7nqt/x9z/6+EmWSS/wEAACAHMfc/FGYi/wMAAEBlxNz/qTAT+R8AAAAqI+b+Xw0zyST/6/+fn/7/YLp+/X/9f/1//X/9/3NJ/1//v9D/P2MXuj/f7+vX/9f/p7te6//H3P9rYSaZ5H8AAADIQcz9vx5mIv8DAABAZcTc/xthJvI/AAAAVEbM/Q+HmWSS//X/ff6//r/+v/6//v9K0v/X/+9E/1//v5/Xr/+v/093vdb/j7n/N8NMMsn/AAAAkIOY+x8JM5H/AQAAoDJi7v90mIn8DwAAAJURc/9nwkwyyf/6//r/+v/6//r/+v8rSf9f/78T/X/9/35ev/6//j/d9Vr/P+b+R8NMMsn/AAAAkIOY+z8bZiL/AwAAQGXE3P9bYSbyPwAAAFRGzP2/HWaSSf7X/9f/1//X/9f/1/9fSfr/i/v/5WvYhez/jy5nQ/3/ZdH/1//X/9f/p7Ne6//H3P+5MJNM8j8AAADkIOb+3wkzkf8BAACgMmLu/90wE/kfAAAAKiPm/sfCTDLJ//r/+v/6//r/+v/6/ytJ/9/n/3ei/6//38/r1//X/6e7Jfr/p/4h/ON89/9j7v98mEkm+R8AAAByEHP/74WZyP8AAABQGTH37w4zkf8BAACgMmLufzzMJJP8r/+v/6//r/+v/6//v5L0//X/O9H/1//v5/Xr/+v/012vff5/zP17wkwyyf8AAACQg5j7vxBmIv8DAABAZcTcvzfMRP4HAACAyoi5f1+YSSb5X/9f/1//X/9f/1//fyXp/+v/d6L/r//fz+vX/9f/p7te6//H3D8dZpJJ/gcAAIAcxNy/P8xE/gcAAIDKiLn/QJiJ/A8AAACVEXP/E2EmmeR//X/9f/1//X/9f/3/laT/r//fif6//n8/r1//X/+f7nqt/x9z/8Ewk0zyPwAAAOQg5v4vhpnI/wAAAFAZMfd/KcxE/gcAAIDKiLn/UJhJJvlf/1//X/9f/1//X/9/Jen/6/93ov+v/9/P69f/1/+nu17r/8fcfzjMJJP8DwAAADmIuf9ImIn8DwAAAJURc//RMBP5HwAAACoj5v5jYSaZ5H/9f/1//X/9f/1//f+VpP+/uP8/Gq5T/1//X/+/v9ev/6//T3e91v+Puf/3w0wyyf8AAACQg5j7j4eZyP8AAABQGTH3z4SZyP8AAABQGTH3z4aZZJL/9f/1//X/9f/1//X/V5L+v8//70T/X/+/n9ev/6//T3e91v+Puf9EmEkm+R8AAAByEHP/k2Em8j8AAABURsz9T4X5f+zddY4g9xHH0XGikKIoZ8kJcoScIbcIMznMzMzMzMwOM7MTh1FyFE9VrRXvdC+4Pd1V7/3hMqzknzyWpa+sj7rY/wAAANBG7v77xC1D9r/+X/+v/99N/3/a+en/9f/6/8ui/7/N+/+b/pXX/5/S/+v/9f/6f5btrf/P3X/fuGXI/gcAAIAJcvffL26x/wEAAKCN3P33j1vsfwAAAGgjd/8D4pYh+1//r//X/++m//f9//y56v/1/5dB/+/7/yf6/yt23v380d+v/9f/s25v/X/u/gfGLUP2PwAAAEyQu/9BcYv9DwAAAG3k7n9w3GL/AwAAQBu5+x8StwzZ//p//b/+X/+v/9f/b0n/r/9fov/X/x/5/fp//T/r9tb/5+5/aNwyZP8DAADABLn7Hxa32P8AAADQRu7+h8ct9j8AAAC0kbv/EXHLkP2v/9f/6//1//p//f+W9P/6/yX6f/3/kd+v/9f/s25v/X/u/kfGLUP2PwAAAEyQu/9RcYv9DwAAAG3k7n903GL/AwAAQBu5+x8TtwzZ//p//b/+X/+v/9f/b0n/r/9fov/X/x/5/fp//T/rNu//73XtTfdS+//c/dfGLUP2PwAAAEyQu/+xcYv9DwAAAG3k7n9c3GL/AwAAQBu5+x8ftwzZ//p//f+F/v/Ga/T/+n/9/4U/r/+/dej/9f9L9P977f8v7Z+E/l//r/9nzeb9/0rv//9/nLv/CXHLkP0PAAAAE+Tuf2LcYv8DAABAG7n7nxS32P8AAADQRu7+J8ctQ/b/Ufr/u+Tv6P99/1//r//X/x+K/l//v0T/v9f+3/f/r7b/v+clvF//zwR76/9z9z8lbhmy/wEAAGCC3P1PjVvsfwAAAGgjd//T4hb7HwAAANrI3f/0uGXI/j9K/+/7//r/i71f/6//P9H/757+X/+/RP+v/z/y+33/X//Pur31/7n7nxG3DNn/AAAAMEHu/mfGLfY/AAAAtJG7/1lxi/0PAAAAbeTuf3bcMmT/6//1//p//f9V9f+31//r/5fp/5f7/2uu8v36/1P6/ytz3v380d9/9f3//36r/6e3vfX/ufufE7cM2f8AAAAwQe7+58Yt9j8AAAC0kbv/eXGL/Q8AAABt5O5/ftwyZP/r//X/+n/9v+//6/+3pP9v9/3/a/T/F+j/9f++/6//Z9ne+v/c/S+IW4bsfwAAAJggd/8L4xb7HwAAANrI3f+iuMX+BwAAgDZy9784bhmy//X/+n/9v/5f/6//35L+v13/7/v/N6P/1//r//X/LNtb/5+7/yVxy5D9DwAAABPk7n9p3GL/AwAAQBu5+18Wt9j/AAAA0Ebu/pfHLUP2v/5f/6//1//r//X/W9L/6/+X6P8v3v/f+Yy/n/5/X+/X/+v/Wbe3/j93/yviliH7HwAAACbI3f/KuMX+BwAAgDZy978qbrH/AQAAoI3c/a+OW4bs/7P6/xvuevrX9f+XRv9/8ffr//X/+n/9v/5f/79E/+/7/0d+v/5f/8+6vfX/uftfE7cM2f8AAAAwQe7+18Yt9j8AAAC0kbv/dXGL/Q8AAABt5O5/fdwyZP/7/r/+X/+v/9f/6/+3pP/X/y/R/+v/j/x+/b/+n3V76/9z978hbhmy/wEAAGCC3P1vjFvsfwAAAGgjd/+b4hb7HwAAANrI3f/muGXI/tf/6//Pvf+/3dn9f/4E9P/6/xP9v/7/DPp//f+J/v+KnXc/f/T36//1/6zbW/+fu/8tccuQ/Q8AAAAT5O5/a9xi/wMAAEAbufvfFrfY/wAAANBG7v63xy1D9r/+X/9/7v2/7/8X/X/8XPX/+v/LoP/X/5/o/6/YeffzR3+//l//z7q99f+5+98RtwzZ/wAAADBB7v53xi32PwAAALSRu/9dcYv9DwAAAG3k7n933DJk/+v/9f/6f/2//l//vyX9v/5/if5f/3/k9+v/9f+s21v/n7v/PXHLkP0PAAAAE+Tuf2/cYv8DAABAG7n73xe32P8AAADQRu7+98ctQ/a//v/o/f+9r48X6P/1//p//f8u6f/1/0v0//r/I79f/6//Z93e+v/c/R+IW4bsfwAAAJggd/8H4xb7HwAAANrI3f+huMX+BwAAgDZy9384bhmy/2f0/3e4xS/r0//7/r/+X/+v/983/b/+f4n+X/9/5Pfr//X/rNtb/5+7/yNxy5D9DwAAABPk7v9o3GL/AwAAQBu5+z8Wt9j/AAAA0Ebu/o/HLUP2/4z+/5b0/6du9f7/xrvr//X/Rf+v/z/R/+v/V+j/9f9Hfr/+X//Pur31/7n7PxG3DNn/AAAAMEHu/k/GLfY/AAAAtJG7/1Nxi/0PAAAAbeTu/3TccI+7nd+TblP6f/2/7//r//X/+v8t6f/1/0v0//r/I79f/6//Z93e+v/c/Z+JW/z/fwAAAGgjd/9n4xb7HwAAANrI3f+5uMX+BwAAgDZy938+bhmy//X/+n/9v/5f/6//35L+X/+/RP+v/z/y+/X/+n/W7a3/z93/hbhlyP4HAACACXL3fzFusf8BAACgjdz9X4pb7H8AAABoI3f/l+OWIftf/6//1//r//X/+v8t6f/1/0v0//r/I79f/6//Z93e+v/c/V+JW4bsfwAAAJggd/9X4xb7HwAAANrI3X9d3GL/AwAAQBu5+78WtwzZ//p//b/+X/+v/9f/b0n/r/9fov+/Wf+f/zHR/x/m/fp//T/r9tb/5+7/etwyZP8DAADABLn7vxG32P8AAADQRu7+b8Yt9j8AAAC0kbv/W3HLkP3fuf9f+mX6/1P6f/3/if5f/78x/b/+f4n+3/f/j/x+/b/+n3V76/9z9387bhmy/wEAAGCC3P3fiVvsfwAAAGgjd/934xb7HwAAANrI3f+9uGXI/u/c/y/R/5/S/+v/T/T/+v+N6f/1/0v0//r/I79f/6//Z93e+v/c/d+PW4bsfwAAAJggd/8P4hb7HwAAANrI3f/DuMX+BwAAgDZy9/8obhmy//X/+n/9v/5f/6//35L+X/+/RP+v/z/y+/X/+n/W7a3/z93/47hlyP4HAACACXL3/yRusf8BAACgjdz9P41b7H8AAABoI3f/z+KWIftf/6//1//r//X/+v8t6f/1/0v0//r/I79f/6//Z93e+v/c/T+PW4bsfwAAAJggd/8v4hb7HwAAANrI3f/LuMX+BwAAgDZy9/8qbhmy//X/+n/9v/5f/6//35L+X/+/RP+v/z/y+/X/+n/W7a3/z93/67hlyP4HAACACXL3/yZusf8BAACgjdz9v41b7H8AAABoI3f/7+KWIftf/6//1//r//X/+v8t6f/1/0v0//r/I79f/6//Z93e+v/c/dfHLUP2PwAAAEyQu//3cYv9DwAAAG3k7v9D3GL/AwAAQBu5+2+IW4bs/879/3V3PPuX6f9Pte3/76T/1//r//dC/6//X6L/1/8f+f36f/0/6/bW/+fu/2PcMmT/AwAAwAS5+/8Ut9j/AAAA0Ebu/j/HLfY/AAAAtJG7/y9xy5D937n/X6L/P9W2//f9f/2//n839P/6/yX6f/3/kd+v/9f/s25v/X/u/r/GLUP2PwAAAEyQu/9vcYv9DwAAAG3k7v973GL/AwAAQBu5+/8RtwzZ//p//b/+X/+v/9f/b0n/r/9fov/X/x/5/fp//T/r9tb/5+7/Z9wyZP8DAADABLn7/xW32P8AAADQRu7+f8ct9j8AAAC0kbv/P3HLkP2v/9f/6//1//p//f+W9P/6/yX6f/3/kd+v/9f/s25v/X/u/v8GAAD//59qIuc=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x1eb182, 0x0)
sendfile(r0, r1, 0x0, 0x20fffe82)

1.209936846s ago: executing program 5 (id=1142):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$I2C(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/3, 0x1e000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x0, r2, 0x1f00}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
set_mempolicy(0x6005, 0x0, 0x4)

1.036137418s ago: executing program 0 (id=1143):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70ad2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {0xffff, 0xffff}, {0x0, 0x5}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x1}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x800)
r4 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xb, 0xfff2}, {}, {0x7}}, [@filter_kind_options=@f_basic={{0xa}, {0x54, 0x2, [@TCA_BASIC_ACT={0x50, 0x3, [@m_mpls={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0x4, 0xffff, 0x3f, 0x2, 0x6}, 0x2}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x78, 0xfa}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x4)

173.445548ms ago: executing program 1 (id=1144):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='huge=always,huge=within_size,nr_blocks=5'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ftruncate(r0, 0x8008976)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x101042, 0x1b6)
fallocate(r1, 0x0, 0x9, 0x5)

154.247109ms ago: executing program 6 (id=1145):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$inet(r1, &(0x7f0000000c40)=[{{&(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x23, 0x0}}], 0x3284b164842c97f7, 0x8014)

106.770642ms ago: executing program 0 (id=1146):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000400)=[@text16={0x10, &(0x7f0000000380)="f3f20f9a0f66b98205000066b8e200000066ba000000000f30f40907f3640fa966b8f50000000f23c86635080010000f23f80f01c866b98601000066b80f00000066ba000000000f3066b8da0000000f23d00f21f86635200000000f0130660fc737", 0x62}], 0x1, 0x11, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x3, @rand_addr=' \x01\x00'}, 0x1c)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0xd, 0x0, 0x0)
syz_open_dev$video(&(0x7f0000000040), 0x100, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

86.884404ms ago: executing program 5 (id=1147):
socket$nl_audit(0x10, 0x3, 0x9)
epoll_create1(0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/slabinfo\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
socket$kcm(0x10, 0x2, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000ff7f0000000080000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b\x00', @ANYRES32=r0], 0x24}}, 0x0)

56.503386ms ago: executing program 2 (id=1148):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x90, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r2, {0x0, 0x10}, {}, {0x8, 0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x58, 0x2, [@TCA_FLOW_ACT={0x54, 0x9, 0x0, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x4000000, 0x20000001, 0x4, 0x2}, 0x1, r2}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xff, 0xf8}}]}, 0x90}, 0x1, 0x4000000}, 0x0)

0s ago: executing program 1 (id=1149):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f0000000180)=0x6f)
r1 = epoll_create1(0x0)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000780)={0x10000000})
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)

kernel console output (not intermixed with test programs):

5][ T4283] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  254.538871][ T4283] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  254.611201][ T4543] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  254.671186][ T5571] loop5: detected capacity change from 0 to 64
[  255.018927][ T5573] loop5: detected capacity change from 0 to 1024
[  255.674330][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  255.684285][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  256.072568][ T5581] loop0: detected capacity change from 0 to 8
[  256.783379][ T4277] Bluetooth: hci5: command 0x0409 tx timeout
[  256.794706][ T5581] SQUASHFS error: lzo decompression failed, data probably corrupt
[  256.802767][ T5581] SQUASHFS error: Failed to read block 0x28d: -5
[  256.810310][ T5581] SQUASHFS error: Unable to read metadata cache entry [28b]
[  256.818406][ T5581] SQUASHFS error: Unable to read inode 0x11f
[  257.169173][ T4543] bond0 (unregistering): Released all slaves
[  257.250968][   T26] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  257.316338][ T5565] netlink: 28 bytes leftover after parsing attributes in process `syz.1.218'.
[  257.368225][ T4320] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  257.448171][   T26] usb 3-1: Using ep0 maxpacket: 16
[  257.464198][   T26] usb 3-1: unable to get BOS descriptor or descriptor too short
[  257.560178][   T26] usb 3-1: config 13 has an invalid interface number: 50 but max is 0
[  257.579586][ T4320] usb 1-1: Using ep0 maxpacket: 8
[  257.581313][   T26] usb 3-1: config 13 has no interface number 0
[  257.632473][   T26] usb 3-1: config 13 interface 50 altsetting 167 bulk endpoint 0x8 has invalid maxpacket 16
[  257.634711][ T4320] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  257.668276][   T26] usb 3-1: config 13 interface 50 has no altsetting 0
[  257.738194][ T4320] usb 1-1: config 0 has no interface number 0
[  257.746650][ T4320] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[  257.762853][   T26] usb 3-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[  257.788383][ T4320] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  257.809076][   T26] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  257.832038][   T26] usb 3-1: Product: syz
[  257.836355][   T26] usb 3-1: Manufacturer: syz
[  257.847076][   T26] usb 3-1: SerialNumber: syz
[  257.855872][ T5587] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  257.894637][ T4320] usb 1-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[  257.938137][ T4320] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.030986][ T4320] usb 1-1: config 0 descriptor??
[  258.093253][ T4320] hso 1-1:0.1: Failed to find BULK IN ep
[  258.144986][   T26] usb 3-1: MIDIStreaming interface descriptor not found
[  258.267540][   T26] usb 3-1: USB disconnect, device number 2
[  258.281567][ T4900] usb 1-1: USB disconnect, device number 2
[  258.347218][ T5568] chnl_net:caif_netlink_parms(): no params data found
[  258.606702][ T4343] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  258.681037][ T4611] udevd[4611]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:13.50/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  258.701036][ T5568] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.728253][ T5568] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.775088][ T5568] device bridge_slave_0 entered promiscuous mode
[  258.799696][ T5568] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.808399][ T4343] usb 6-1: Using ep0 maxpacket: 8
[  258.825189][ T4343] usb 6-1: New USB device found, idVendor=10d2, idProduct=2865, bcdDevice=a4.c9
[  258.843370][ T5568] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.858177][ T4343] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.869505][ T4277] Bluetooth: hci5: command 0x041b tx timeout
[  258.877632][ T5568] device bridge_slave_1 entered promiscuous mode
[  258.911552][ T4343] usb 6-1: config 0 descriptor??
[  258.961818][ T4343] usblcd 6-1:0.0: USBLCD model not supported.
[  259.080187][ T5568] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  259.120387][ T5568] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  259.182669][   T26] usb 6-1: USB disconnect, device number 4
[  259.422521][ T5568] team0: Port device team_slave_0 added
[  259.452960][ T5568] team0: Port device team_slave_1 added
[  259.579654][ T5568] batman_adv: batadv0: Adding interface: batadv_slave_0
[  259.586678][ T5568] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  259.657337][ T5604] loop1: detected capacity change from 0 to 32768
[  259.679882][ T5568] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  259.704127][ T5604] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  259.760465][ T5604] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  259.890792][ T5568] batman_adv: batadv0: Adding interface: batadv_slave_1
[  259.897866][ T5568] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  260.075397][ T5568] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  260.118031][ T5645] loop0: detected capacity change from 0 to 128
[  260.141028][ T5645] qnx6: superblock #1 checksum error
[  260.330260][ T5604] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 7ms
[  260.433388][ T5646] loop5: detected capacity change from 0 to 8
[  260.474654][   T26] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  260.484653][ T5646] SQUASHFS error: zlib decompression failed, data probably corrupt
[  260.490959][   T26] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  260.527245][ T5646] SQUASHFS error: Failed to read block 0x9b: -5
[  260.586898][ T5646] SQUASHFS error: Unable to read metadata cache entry [99]
[  260.595099][ T5646] SQUASHFS error: Unable to read inode 0x127
[  260.720463][   T26] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 229ms
[  260.736963][   T26] gfs2: fsid=syz:syz.0: jid=0: Done
[  260.744046][ T5604] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  260.746962][ T5650] loop0: detected capacity change from 0 to 64
[  260.758649][ T4378] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  260.948221][ T4283] Bluetooth: hci5: command 0x040f tx timeout
[  261.004676][ T5568] device hsr_slave_0 entered promiscuous mode
[  261.080231][ T5568] device hsr_slave_1 entered promiscuous mode
[  261.146950][ T5657] loop0: detected capacity change from 0 to 2048
[  261.194751][ T5659] loop5: detected capacity change from 0 to 512
[  261.224790][ T5657] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  261.257080][ T5659] EXT4-fs (loop5): orphan cleanup on readonly fs
[  261.277885][ T5657] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  261.293815][ T5659] EXT4-fs warning (device loop5): ext4_xattr_inode_get:509: inode #11: comm syz.5.244: EA inode hash validation failed
[  261.358446][ T5657] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  261.369268][ T5657] UDF-fs: Scanning with blocksize 512 failed
[  261.411024][ T5659] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  261.432996][ T5657] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  261.469559][ T5659] EXT4-fs error (device loop5): ext4_do_update_inode:5254: inode #15: comm syz.5.244: corrupted inode contents
[  261.533141][ T5659] EXT4-fs error (device loop5): ext4_dirty_inode:6119: inode #15: comm syz.5.244: mark_inode_dirty error
[  261.574908][ T5604] gfs2: fsid=syz:syz.0: found 1 quota changes
[  261.682303][ T5659] EXT4-fs error (device loop5): ext4_do_update_inode:5254: inode #15: comm syz.5.244: corrupted inode contents
[  261.751379][ T5659] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2963: inode #15: comm syz.5.244: mark_inode_dirty error
[  261.768662][ T5659] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2966: inode #15: comm syz.5.244: mark inode dirty (error -117)
[  261.785950][ T4274] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[  261.786467][ T5659] EXT4-fs warning (device loop5): ext4_evict_inode:299: xattr delete (err -117)
[  261.849292][ T5659] EXT4-fs (loop5): 1 orphan inode deleted
[  261.864109][ T4274] CPU: 0 PID: 4274 Comm: syz-executor Not tainted syzkaller #0
[  261.871761][ T4274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  261.874473][ T5659] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  261.881848][ T4274] Call Trace:
[  261.881893][ T4274]  <TASK>
[  261.881903][ T4274]  dump_stack_lvl+0x168/0x22e
[  261.901340][ T4274]  ? show_regs_print_info+0x12/0x12
[  261.906587][ T4274]  ? load_image+0x3b0/0x3b0
[  261.911146][ T4274]  ? __lock_acquire+0x7c50/0x7c50
[  261.916234][ T4274]  ? do_raw_spin_unlock+0x11d/0x230
[  261.921493][ T4274]  gfs2_assert_warn_i+0x18f/0x2c0
[  261.926571][ T4274]  gfs2_quota_cleanup+0x4b4/0x6a0
[  261.931642][ T4274]  gfs2_make_fs_ro+0x3b0/0x4a0
[  261.936448][ T4274]  ? gfs2_put_super+0x1d7/0x8c0
[  261.941346][ T4274]  ? gfs2_dinode_out+0xb00/0xb00
[  261.946334][ T4274]  ? __lock_acquire+0x7c50/0x7c50
[  261.951405][ T4274]  ? __rwlock_init+0x140/0x140
[  261.956217][ T4274]  ? hook_inode_free_security+0xa0/0xa0
[  261.961811][ T4274]  ? do_raw_spin_unlock+0x11d/0x230
[  261.967078][ T4274]  gfs2_put_super+0x220/0x8c0
[  261.971829][ T4274]  ? gfs2_evict_inode+0x1170/0x1170
[  261.977079][ T4274]  generic_shutdown_super+0x130/0x340
[  261.982491][ T4274]  kill_block_super+0x7c/0xe0
[  261.987212][ T4274]  deactivate_locked_super+0x93/0xf0
[  261.992539][ T4274]  cleanup_mnt+0x463/0x4f0
[  261.997010][ T4274]  ? lockdep_hardirqs_on+0x94/0x140
[  262.002255][ T4274]  task_work_run+0x1ca/0x250
[  262.006901][ T4274]  ? task_work_cancel+0x230/0x230
[  262.011977][ T4274]  ? exit_to_user_mode_loop+0x3b/0x110
[  262.017490][ T4274]  exit_to_user_mode_loop+0xe6/0x110
[  262.022831][ T4274]  exit_to_user_mode_prepare+0xee/0x180
[  262.028428][ T4274]  syscall_exit_to_user_mode+0x16/0x40
[  262.033941][ T4274]  do_syscall_64+0x58/0xa0
[  262.038396][ T4274]  ? clear_bhb_loop+0x60/0xb0
[  262.043117][ T4274]  ? clear_bhb_loop+0x60/0xb0
[  262.047844][ T4274]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  262.051016][ T5648] loop2: detected capacity change from 0 to 32768
[  262.053756][ T4274] RIP: 0033:0x7f41d75901f7
[  262.053790][ T4274] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  262.084513][ T4274] RSP: 002b:00007ffca9235248 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  262.092970][ T4274] RAX: 0000000000000000 RBX: 00007f41d7611d7d RCX: 00007f41d75901f7
[  262.100986][ T4274] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca9235300
[  262.109000][ T4274] RBP: 00007ffca9235300 R08: 0000000000000000 R09: 0000000000000000
[  262.117020][ T4274] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca9236390
[  262.125032][ T4274] R13: 00007f41d7611d7d R14: 000000000003f031 R15: 00007ffca92363d0
[  262.133063][ T4274]  </TASK>
[  262.186643][ T4759] EXT4-fs (loop5): unmounting filesystem.
[  262.200066][ T5648] (syz.2.240,5648,0):ocfs2_read_blocks:239 ERROR: status = -12
[  262.213062][ T4543] device hsr_slave_0 left promiscuous mode
[  262.215971][ T5648] (syz.2.240,5648,0):ocfs2_map_slot_buffers:388 ERROR: status = -12
[  262.236220][ T5648] (syz.2.240,5648,0):ocfs2_init_slot_info:426 ERROR: status = -12
[  262.245579][ T5648] (syz.2.240,5648,0):ocfs2_initialize_super:2279 ERROR: status = -12
[  262.255249][ T5648] (syz.2.240,5648,0):ocfs2_fill_super:1176 ERROR: status = -12
[  262.373928][ T4543] device hsr_slave_1 left promiscuous mode
[  262.397655][ T4543] batman_adv: batadv0: Removing interface: batadv_slave_0
[  262.523995][ T4543] batman_adv: batadv0: Removing interface: batadv_slave_1
[  262.551275][ T4543] device bridge_slave_1 left promiscuous mode
[  262.557585][ T4543] bridge0: port 2(bridge_slave_1) entered disabled state
[  262.595614][ T4543] device bridge_slave_0 left promiscuous mode
[  262.608426][ T4543] bridge0: port 1(bridge_slave_0) entered disabled state
[  262.672661][ T4543] device veth1_vlan left promiscuous mode
[  262.704082][ T4543] device veth0_vlan left promiscuous mode
[  262.796999][ T5676] netlink: set zone limit has 4 unknown bytes
[  262.868438][ T4283] Bluetooth: hci1: command 0x0406 tx timeout
[  263.028403][ T4283] Bluetooth: hci5: command 0x0419 tx timeout
[  263.354059][ T5689] usb usb8: usbfs: process 5689 (syz.1.250) did not claim interface 0 before use
[  264.564633][ T5686] loop2: detected capacity change from 0 to 32768
[  264.629474][ T5686] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.259 (5686)
[  265.481887][ T5697] could not allocate digest TFM handle rmd320
[  265.508512][ T5686] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  265.583641][ T5686] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  265.623686][ T5686] BTRFS info (device loop2): using free space tree
[  265.753493][ T4543] team0 (unregistering): Port device team_slave_1 removed
[  265.898783][ T4543] team0 (unregistering): Port device team_slave_0 removed
[  265.978727][ T4543] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  266.892073][ T5686] BTRFS error (device loop2): open_ctree failed: -12
[  267.181446][ T4543] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  267.768763][ T5733] loop2: detected capacity change from 0 to 8192
[  267.804520][ T5733] FAT-fs (loop2): error, invalid access to FAT (entry 0x0000ff00)
[  267.812465][ T5733] FAT-fs (loop2): Filesystem has been set read-only
[  269.511032][ T4543] bond0 (unregistering): Released all slaves
[  269.618306][   T22] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  269.679972][ T5672] bridge0: port 1(bridge_slave_0) entered disabled state
[  269.711377][ T5672] netlink: 16 bytes leftover after parsing attributes in process `syz.5.248'.
[  269.720438][ T5672] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  269.746900][ T5732] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  269.940437][   T22] usb 2-1: unable to get BOS descriptor or descriptor too short
[  269.957347][   T22] usb 2-1: config 1 has an invalid interface number: 48 but max is 1
[  269.967232][   T22] usb 2-1: config 1 has no interface number 1
[  269.973676][   T22] usb 2-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  270.007231][   T22] usb 2-1: too many endpoints for config 1 interface 48 altsetting 120: 102, using maximum allowed: 30
[  270.048421][   T22] usb 2-1: config 1 interface 48 altsetting 120 has 0 endpoint descriptors, different from the interface descriptor's value: 102
[  270.127712][   T22] usb 2-1: config 1 interface 0 has no altsetting 0
[  270.148190][   T22] usb 2-1: config 1 interface 48 has no altsetting 0
[  270.178188][   T22] usb 2-1: string descriptor 0 read error: -22
[  270.216154][   T22] usb 2-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  270.239924][ T5568] 8021q: adding VLAN 0 to HW filter on device bond0
[  270.250187][   T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.295953][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  270.322025][   T22] smsusb:smsusb_probe: board id=8, interface number 0
[  270.331095][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  270.351786][   T22] smsusb:smsusb_probe: board id=8, interface number 48
[  270.364046][ T5568] 8021q: adding VLAN 0 to HW filter on device team0
[  270.442005][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  270.471568][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  270.489025][ T5240] bridge0: port 1(bridge_slave_0) entered blocking state
[  270.496236][ T5240] bridge0: port 1(bridge_slave_0) entered forwarding state
[  270.524558][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  270.539088][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  270.557947][ T5240] bridge0: port 2(bridge_slave_1) entered blocking state
[  270.561243][   T22] usb 2-1: USB disconnect, device number 2
[  270.565148][ T5240] bridge0: port 2(bridge_slave_1) entered forwarding state
[  270.587873][ T5725] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  270.637963][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  270.660670][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  270.690086][ T5240] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  270.740139][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  270.773955][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  270.801427][ T5725] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  270.806618][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  270.819055][ T5725] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  270.845576][ T5725] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  270.855340][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  270.864303][ T5725] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.873122][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  270.882809][ T5725] usb 6-1: Product: syz
[  270.887021][ T5725] usb 6-1: Manufacturer: syz
[  270.897363][ T5725] usb 6-1: SerialNumber: syz
[  270.937504][ T5725] usb 6-1: config 0 descriptor??
[  271.090049][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  271.107675][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  271.116833][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  271.164136][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  271.989638][ T5725] usb 6-1: USB disconnect, device number 5
[  272.038718][ T5568] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  272.320220][ T4378] udevd[4378]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  272.384882][ T5790] xt_hashlimit: overflow, rate too high: 0
[  273.256759][ T5806] netlink: 'syz.1.277': attribute type 10 has an invalid length.
[  273.308347][ T5806] bridge0: port 3(team0) entered blocking state
[  273.320912][ T5806] bridge0: port 3(team0) entered disabled state
[  273.344976][ T5807] loop5: detected capacity change from 0 to 2048
[  273.349792][ T5806] device team0 entered promiscuous mode
[  273.372763][ T5806] device team_slave_0 entered promiscuous mode
[  273.384038][ T5807] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=2361, location=2361
[  273.389953][ T5806] device team_slave_1 entered promiscuous mode
[  273.429768][ T5806] bridge0: port 3(team0) entered blocking state
[  273.436239][ T5806] bridge0: port 3(team0) entered forwarding state
[  273.455034][ T5807] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  273.468310][ T5725] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  273.515594][ T5807] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  273.575226][ T5807] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 2016: 0x5c != 0x1b
[  273.617554][ T5807] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  273.668471][ T5725] usb 3-1: Using ep0 maxpacket: 32
[  273.685190][ T5725] usb 3-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=10.ae
[  273.705527][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  273.725143][ T5725] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.725388][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  273.748507][ T5725] usb 3-1: Product: syz
[  273.752760][ T5725] usb 3-1: Manufacturer: syz
[  273.782600][ T5568] 8021q: adding VLAN 0 to HW filter on device batadv0
[  273.788484][ T5816] netlink: 4 bytes leftover after parsing attributes in process `syz.1.280'.
[  273.789620][ T5725] usb 3-1: SerialNumber: syz
[  273.836073][ T5725] usb 3-1: config 0 descriptor??
[  273.890009][ T5725] ums_eneub6250 3-1:0.0: USB Mass Storage device detected
[  274.135030][ T5727] usb 3-1: USB disconnect, device number 3
[  274.183756][   T27] audit: type=1326 audit(1759780031.756:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5832 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66f3d8eec9 code=0x7ffc0000
[  274.218695][   T27] audit: type=1326 audit(1759780031.756:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5832 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7f66f3d8eec9 code=0x7ffc0000
[  274.272901][   T27] audit: type=1326 audit(1759780031.756:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5832 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66f3d8eec9 code=0x7ffc0000
[  274.343920][   T27] audit: type=1326 audit(1759780031.756:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5832 comm="syz.0.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66f3d8eec9 code=0x7ffc0000
[  278.574300][ T5876] netlink: 4 bytes leftover after parsing attributes in process `syz.1.291'.
[  279.843312][ T5874] loop5: detected capacity change from 0 to 4096
[  279.916113][ T5874] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512)
[  280.000278][ T5884] loop0: detected capacity change from 0 to 256
[  280.044111][ T5882] device wlan0 entered promiscuous mode
[  280.071662][ T5884] FAT-fs (loop0): Directory bread(block 64) failed
[  280.098298][ T5884] FAT-fs (loop0): Directory bread(block 65) failed
[  280.109788][ T5884] FAT-fs (loop0): Directory bread(block 66) failed
[  280.116412][ T5884] FAT-fs (loop0): Directory bread(block 67) failed
[  280.150113][ T5126] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  280.181983][ T5884] FAT-fs (loop0): Directory bread(block 68) failed
[  280.191532][ T5126] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  280.209332][ T5884] FAT-fs (loop0): Directory bread(block 69) failed
[  280.216038][ T5884] FAT-fs (loop0): Directory bread(block 70) failed
[  280.267076][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  280.276686][ T5884] FAT-fs (loop0): Directory bread(block 71) failed
[  280.289805][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  280.321837][ T5884] FAT-fs (loop0): Directory bread(block 72) failed
[  280.332026][ T5568] device veth0_vlan entered promiscuous mode
[  280.368986][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  280.378853][ T5884] FAT-fs (loop0): Directory bread(block 73) failed
[  280.398603][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  280.421870][ T5568] device veth1_vlan entered promiscuous mode
[  280.553771][ T4543] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  280.577723][ T4543] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  280.646306][ T4543] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  280.680388][ T4543] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  280.706211][ T5568] device veth0_macvtap entered promiscuous mode
[  280.740190][ T5898] loop1: detected capacity change from 0 to 256
[  280.788970][ T5568] device veth1_macvtap entered promiscuous mode
[  280.904430][ T5568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  280.951716][ T5568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.028159][ T5568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  281.058120][ T5568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.094088][ T5568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  281.117759][ T5568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  281.133271][ T5568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  281.144170][ T5568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  282.069708][ T5568] batman_adv: batadv0: Interface activated: batadv_slave_0
[  282.082684][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  282.126037][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  282.137971][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  282.152297][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  282.225498][ T5914] netlink: 4 bytes leftover after parsing attributes in process `syz.2.307'.
[  282.837710][ T5568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  283.801160][ T5568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  283.961954][ T5568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.111873][ T5568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.385742][ T5922] loop0: detected capacity change from 0 to 256
[  284.403219][ T5922] FAT-fs (loop0): count of clusters too big (66845694)
[  284.410257][ T5922] FAT-fs (loop0): Can't find a valid FAT filesystem
[  284.585242][ T5568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.681551][ T5568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.765122][ T5568] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  284.850785][ T5568] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  284.962385][ T5568] batman_adv: batadv0: Interface activated: batadv_slave_1
[  284.994244][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  285.002736][ T4378] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  285.300473][ T5920] loop0: detected capacity change from 0 to 32768
[  285.336864][ T4463] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  285.351658][ T5920] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  285.359967][ T5920] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  285.371056][ T5920] syz.0.306: attempt to access beyond end of device
[  285.371056][ T5920] loop0: rw=12288, sector=549755814040, nr_sectors = 8 limit=32768
[  285.385927][ T5920] gfs2: fsid=syz:syz.0: can't acquire journal inode glock: -5
[  285.634809][ T5923] netlink: 4 bytes leftover after parsing attributes in process `syz.1.304'.
[  286.444300][ T5935] netlink: 52 bytes leftover after parsing attributes in process `syz.0.310'.
[  286.811990][ T5942] netlink: 'syz.5.313': attribute type 21 has an invalid length.
[  286.825639][ T5942] netlink: 132 bytes leftover after parsing attributes in process `syz.5.313'.
[  287.085936][ T4417] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  287.089827][ T5126] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  287.118700][ T4417] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  287.169855][ T5126] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  287.229153][ T5220] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  287.296692][ T5220] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  287.795792][ T5946] random: crng reseeded on system resumption
[  288.093386][ T5958] loop5: detected capacity change from 0 to 512
[  288.109240][ T5958] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  288.287452][ T5958] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  288.296826][ T5958] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  288.375093][   T27] audit: type=1800 audit(1759780045.946:117): pid=5958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.317" name="file1" dev="loop5" ino=15 res=0 errno=0
[  288.773968][ T5963] loop6: detected capacity change from 0 to 512
[  288.883430][ T5963] EXT4-fs error (device loop6): ext4_read_inode_bitmap:140: comm syz.6.137: Invalid inode bitmap blk 4 in block_group 0
[  289.076538][ T5963] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  289.106514][ T4759] EXT4-fs (loop5): unmounting filesystem.
[  290.625233][ T5968] netlink: 4 bytes leftover after parsing attributes in process `syz.2.318'.
[  290.717459][ T5977] netlink: 4 bytes leftover after parsing attributes in process `syz.0.319'.
[  292.316914][ T5568] EXT4-fs (loop6): unmounting filesystem.
[  293.734321][ T5997] netlink: 'syz.0.324': attribute type 10 has an invalid length.
[  293.797811][ T5997] bridge0: port 3(team0) entered blocking state
[  293.838605][ T5997] bridge0: port 3(team0) entered disabled state
[  293.856273][ T5997] device team0 entered promiscuous mode
[  293.874891][ T5997] device team_slave_0 entered promiscuous mode
[  293.914446][ T5997] device team_slave_1 entered promiscuous mode
[  293.952110][ T5997] bridge0: port 3(team0) entered blocking state
[  293.958568][ T5997] bridge0: port 3(team0) entered forwarding state
[  294.936337][ T6018] loop6: detected capacity change from 0 to 512
[  295.010569][ T6018] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  296.661619][ T6018] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  296.675083][ T6018] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  296.725725][   T27] audit: type=1800 audit(1759780054.296:118): pid=6018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.329" name="file1" dev="loop6" ino=15 res=0 errno=0
[  297.567175][ T5568] EXT4-fs (loop6): unmounting filesystem.
[  298.743667][ T6052] loop1: detected capacity change from 0 to 2048
[  302.043869][ T6052] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  302.051782][ T6052] UDF-fs: Scanning with blocksize 512 failed
[  302.065964][ T6052] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  303.770321][ T6053] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  303.985504][ T6080] loop2: detected capacity change from 0 to 256
[  304.359695][ T6080] FAT-fs (loop2): count of clusters too big (66845694)
[  304.368331][ T6080] FAT-fs (loop2): Can't find a valid FAT filesystem
[  304.756819][ T6078] loop2: detected capacity change from 0 to 32768
[  304.766096][ T6078] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  304.774386][ T6078] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  304.785095][ T6078] syz.2.344: attempt to access beyond end of device
[  304.785095][ T6078] loop2: rw=12288, sector=549755814040, nr_sectors = 8 limit=32768
[  304.799957][ T6078] gfs2: fsid=syz:syz.0: can't acquire journal inode glock: -5
[  305.205900][ T6092] netlink: 20 bytes leftover after parsing attributes in process `syz.1.340'.
[  305.216300][ T6093] loop6: detected capacity change from 0 to 16
[  305.254308][ T6093] erofs: (device loop6): mounted with root inode @ nid 36.
[  305.453471][ T6094] input input8: cannot allocate more than FF_MAX_EFFECTS effects
[  305.741774][ T6101] erofs: (device loop6): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 36
[  305.752554][ T6101] syz.6.348: attempt to access beyond end of device
[  305.752554][ T6101] loop6: rw=524288, sector=34359738360, nr_sectors = 1976 limit=16
[  306.747848][ T6113] loop2: detected capacity change from 0 to 2048
[  306.840311][ T6113] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  306.975158][ T6113] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  307.049800][ T6113] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  307.358116][ T6113] UDF-fs: Scanning with blocksize 512 failed
[  307.469950][ T6113] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  311.848311][ T4343] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  312.048262][ T4343] usb 3-1: Using ep0 maxpacket: 8
[  312.062203][ T4343] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  312.248248][ T4343] usb 3-1: config 179 has no interface number 0
[  312.279023][ T4343] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  313.006430][ T4343] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  313.120306][ T4343] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  313.158348][ T4343] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  313.181406][ T6167] loop6: detected capacity change from 0 to 128
[  313.205252][ T4343] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  313.270561][ T4343] usb 3-1: config 179 interface 65 has no altsetting 0
[  313.296798][ T4343] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  313.307268][   T27] audit: type=1800 audit(1759780070.886:119): pid=6167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.363" name="file1" dev="loop6" ino=1048608 res=0 errno=0
[  313.326604][ T4343] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.433079][ T4343] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input10
[  313.580997][ T6173] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0)
[  313.777060][ T4897] usb 3-1: USB disconnect, device number 4
[  313.779348][    C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  313.791742][ T4897] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  313.826947][ T6175] loop6: detected capacity change from 0 to 2048
[  313.912921][ T6175] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  313.978192][ T6175] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  314.044558][ T6175] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  314.085256][ T6175] UDF-fs: Scanning with blocksize 512 failed
[  314.136494][ T6175] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  315.596006][ T6203] netlink: zone id is out of range
[  315.600936][ T6204] overlayfs: './file0' not a directory
[  315.622649][ T6203] netlink: zone id is out of range
[  317.362282][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  317.368719][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  317.816747][ T6221] loop1: detected capacity change from 0 to 2048
[  317.888468][ T6221] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  317.957185][ T6221] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  317.988099][ T6221] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  318.038319][ T6221] UDF-fs: Scanning with blocksize 512 failed
[  318.055006][ T6221] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  319.537954][   T27] audit: type=1326 audit(1759780077.006:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6244 comm="syz.2.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6cb38eec9 code=0x7ffc0000
[  319.564377][   T27] audit: type=1326 audit(1759780077.006:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6244 comm="syz.2.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7ff6cb38eec9 code=0x7ffc0000
[  319.614685][ T6247] Malformed UNC in devname
[  319.614685][ T6247] 
[  319.621508][ T6247] CIFS: VFS: Malformed UNC in devname
[  319.672511][   T27] audit: type=1326 audit(1759780077.006:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6244 comm="syz.2.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff6cb38eec9 code=0x7ffc0000
[  320.543029][ T6255] loop2: detected capacity change from 0 to 256
[  320.629471][ T6255] FAT-fs (loop2): Directory bread(block 64) failed
[  320.666728][ T6255] FAT-fs (loop2): Directory bread(block 65) failed
[  320.689150][ T6255] FAT-fs (loop2): Directory bread(block 66) failed
[  320.715003][ T6255] FAT-fs (loop2): Directory bread(block 67) failed
[  320.806034][ T6255] FAT-fs (loop2): Directory bread(block 68) failed
[  320.930717][ T6255] FAT-fs (loop2): Directory bread(block 69) failed
[  321.515234][ T6255] FAT-fs (loop2): Directory bread(block 70) failed
[  321.525647][ T6249] comedi comedi0: reset error (fatal)
[  321.538401][ T6255] FAT-fs (loop2): Directory bread(block 71) failed
[  321.596060][ T6255] FAT-fs (loop2): Directory bread(block 72) failed
[  321.604028][ T6255] FAT-fs (loop2): Directory bread(block 73) failed
[  322.346432][ T6278] loop5: detected capacity change from 0 to 16
[  322.418976][ T6278] erofs: (device loop5): mounted with root inode @ nid 36.
[  323.118695][ T6290] Malformed UNC in devname
[  323.118695][ T6290] 
[  323.125361][ T6290] CIFS: VFS: Malformed UNC in devname
[  323.252672][ T6287] erofs: (device loop5): erofs_map_blocks_flatmode: inline data cross block boundary @ nid 36
[  323.263046][ T6287] syz.5.390: attempt to access beyond end of device
[  323.263046][ T6287] loop5: rw=524288, sector=34359738360, nr_sectors = 1976 limit=16
[  324.777926][ T6314] xt_limit: Overflow, try lower: 687865856/40
[  324.997704][ T6312] loop5: detected capacity change from 0 to 2048
[  325.128460][ T6312] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  325.340738][ T6312] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  325.358155][ T6312] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  326.107032][ T6312] UDF-fs: Scanning with blocksize 512 failed
[  326.316655][ T6312] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  328.550179][ T6345] loop5: detected capacity change from 0 to 2048
[  328.758275][ T6350] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  330.380085][ T6358] NILFS error (device loop5): nilfs_check_page: bad entry in directory #12: rec_len is smaller than minimal - offset=1024, inode=0, rec_len=0, name_len=0
[  330.396843][ T6358] Remounting filesystem read-only
[  330.647293][ T4759] NILFS (loop5): disposed unprocessed dirty file(s) when detaching log writer
[  331.464745][ T6377] loop1: detected capacity change from 0 to 2048
[  331.540017][ T6377] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  331.787758][ T6377] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  331.810374][ T6377] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  331.844617][ T6377] UDF-fs: Scanning with blocksize 512 failed
[  332.142570][ T6377] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  333.384616][ T6410] overlayfs: './bus' not a directory
[  335.409422][ T6425] loop5: detected capacity change from 0 to 2048
[  335.530751][ T6425] NILFS (loop5): corrupt root inode
[  335.621681][ T6433] loop6: detected capacity change from 0 to 2048
[  335.783206][ T6433] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  335.862571][ T6433] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  335.892759][ T6433] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  336.338510][ T6433] UDF-fs: Scanning with blocksize 512 failed
[  336.609171][ T6433] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  337.636268][ T6462] loop6: detected capacity change from 0 to 1024
[  337.814526][ T6466] loop0: detected capacity change from 0 to 2048
[  339.413196][ T6472] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  339.446041][ T6471] loop5: detected capacity change from 0 to 512
[  339.469917][ T6471] EXT4-fs: Ignoring removed mblk_io_submit option
[  339.504555][ T6471] EXT4-fs: Ignoring removed bh option
[  339.542862][ T6471] EXT4-fs (loop5): orphan cleanup on readonly fs
[  339.599314][ T6471] EXT4-fs error (device loop5): ext4_orphan_get:1426: comm syz.5.441: bad orphan inode 14
[  339.673911][ T6471] ext4_test_bit(bit=13, block=18) = 1
[  339.683776][ T6471] is_bad_inode(inode)=0
[  339.688008][ T6471] NEXT_ORPHAN(inode)=0
[  339.753358][ T6471] max_ino=32
[  339.756608][ T6471] i_nlink=1
[  339.829973][ T6471] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  341.396270][ T6457] loop2: detected capacity change from 0 to 32768
[  341.457414][ T6457] syz.2.435: attempt to access beyond end of device
[  341.457414][ T6457] loop2: rw=0, sector=67109120, nr_sectors = 8 limit=32768
[  341.471955][ T6457] metapage_read_end_io: I/O error
[  341.477043][ T6457] read_mapping_page failed!
[  341.482310][ T6457] jfs_mount: diMount failed w/rc = -5
[  341.491021][ T6457] Mount JFS Failure: -5
[  341.495794][ T6457] jfs_mount failed w/return code = -5
[  341.894464][ T6483] random: crng reseeded on system resumption
[  342.487726][ T4759] EXT4-fs (loop5): unmounting filesystem.
[  342.850882][ T6483] Restarting kernel threads ... done.
[  343.623669][ T6496] netlink: 8 bytes leftover after parsing attributes in process `syz.1.451'.
[  343.787424][ T6501] loop5: detected capacity change from 0 to 1024
[  343.914599][ T6501] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  343.948347][ T6501] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  344.188767][ T6489] orangefs_mount: mount request failed with -4
[  344.265035][ T4759] EXT4-fs (loop5): unmounting filesystem.
[  344.433415][ T6524] loop1: detected capacity change from 0 to 128
[  344.559585][ T6527] loop5: detected capacity change from 0 to 512
[  344.655482][ T6527] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  344.812345][ T4759] EXT4-fs (loop5): unmounting filesystem.
[  345.638644][ T6545] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  345.750472][ T6545] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  345.867884][ T6545] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  346.391300][ T6547] loop2: detected capacity change from 0 to 2048
[  346.583189][ T6540] loop1: detected capacity change from 0 to 4096
[  346.592791][ T6547] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  346.833976][ T6536] loop6: detected capacity change from 0 to 32768
[  346.855884][ T6536] syz.6.460: attempt to access beyond end of device
[  346.855884][ T6536] loop6: rw=0, sector=67109120, nr_sectors = 8 limit=32768
[  346.869986][ T6536] metapage_read_end_io: I/O error
[  346.875139][ T6536] read_mapping_page failed!
[  346.879935][ T6536] jfs_mount: diMount failed w/rc = -5
[  346.888348][ T6536] Mount JFS Failure: -5
[  346.892601][ T6536] jfs_mount failed w/return code = -5
[  347.115083][ T6548] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  347.922507][ T6552] loop5: detected capacity change from 0 to 256
[  348.049813][ T6552] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011d93, chksum : 0x4501cc6b, utbl_chksum : 0xe619d30d)
[  348.101412][ T6557] loop6: detected capacity change from 0 to 1024
[  348.325840][ T6557] hfsplus: invalid xattr key length: 0
[  349.222223][ T6579] xt_limit: Overflow, try lower: 687865856/40
[  350.176710][ T6566] loop5: detected capacity change from 0 to 32768
[  350.339960][ T6566] read_mapping_page failed!
[  350.388864][ T6566] ERROR: (device loop5): txCommit: 
[  350.388864][ T6566] 
[  350.632933][ T6603] loop2: detected capacity change from 0 to 4096
[  350.648993][ T6607] loop6: detected capacity change from 0 to 128
[  350.712471][ T6607] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  350.759407][ T6603] ntfs: volume version 3.1.
[  350.796843][ T6607] hpfs: filesystem error: improperly stopped
[  350.840195][ T6607] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  350.875779][ T6605] loop0: detected capacity change from 0 to 4096
[  350.879693][ T6607] hpfs: You really don't want any checks? You are crazy...
[  350.955336][ T6607] hpfs: hpfs_map_sector(): read error
[  351.002634][ T6607] hpfs: code page support is disabled
[  351.002779][ T6605] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  351.048229][ T6607] hpfs: hpfs_map_4sectors(): unaligned read
[  351.066746][ T6607] hpfs: hpfs_map_4sectors(): unaligned read
[  351.110197][ T6607] hpfs: filesystem error: unable to find root dir
[  351.191784][ T6617] loop5: detected capacity change from 0 to 512
[  351.209916][ T6605] ntfs3: loop0: Failed to load $Extend.
[  351.266561][ T6618] hpfs: hpfs_map_4sectors(): unaligned read
[  351.359307][ T6617] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  351.403713][ T6617] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  351.466473][ T6624] loop2: detected capacity change from 0 to 512
[  351.572699][ T6624] EXT4-fs: Ignoring removed bh option
[  351.615960][ T6624] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  351.679873][ T4759] EXT4-fs (loop5): unmounting filesystem.
[  351.755984][ T6624] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2818: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  351.853427][ T6624] EXT4-fs (loop2): 1 truncate cleaned up
[  351.898129][ T6624] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  352.094848][ T4276] EXT4-fs (loop2): unmounting filesystem.
[  352.125378][ T6641] loop6: detected capacity change from 0 to 22
[  352.184268][ T6641] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  352.235660][ T6641] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  352.742089][ T6650] xt_limit: Overflow, try lower: 687865856/40
[  353.285390][ T6614] loop1: detected capacity change from 0 to 32768
[  353.345450][ T6614] gfs2: fsid=__Š°"_½z'²˱1Ä	¢ “I¡3ØÆÆåwÕøx9: Trying to join cluster "lock_nolock", "__Š°"_½z'²˱1Ä	¢ “I¡3ØÆÆåwÕøx9"
[  353.399223][ T6614] gfs2: fsid=__Š°"_½z'²˱1Ä	¢ “I¡3ØÆÆåwÕøx9: Now mounting FS (format 1801)...
[  353.476924][ T6614] gfs2: fsid=__Š°"_½z'²˱1Ä	¢ “I¡3ØÆÆåwÕøx9.s: journal 0 mapped with 16 extents in 0ms
[  353.678904][ T6663] loop0: detected capacity change from 0 to 2048
[  353.757047][ T6663] NILFS (loop0): invalid segment: Magic number mismatch
[  353.778669][ T6663] NILFS (loop0): trying rollback from an earlier position
[  353.836037][ T6663] NILFS (loop0): recovery complete
[  353.853909][ T6614] gfs2: fsid=__Š°"_½z'²˱1Ä	¢ “I¡3ØÆÆåwÕøx9.s: first mount done, others may mount
[  353.886819][ T6668] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  354.171240][ T6645] loop5: detected capacity change from 0 to 32768
[  354.312955][ T6645] ERROR: (device loop5): xtSearch: XT_GETPAGE: xtree page corrupt
[  354.312955][ T6645] 
[  354.390669][ T6645] ERROR: (device loop5): remounting filesystem as read-only
[  354.413285][ T6655] loop6: detected capacity change from 0 to 40427
[  354.423375][ T6645] xtLookup: xtSearch returned -5
[  354.488939][ T6655] F2FS-fs (loop6): invalid crc value
[  354.557917][ T6655] F2FS-fs (loop6): Found nat_bits in checkpoint
[  354.614590][ T6645] syz.5.495 (6645) used greatest stack depth: 19984 bytes left
[  354.918063][ T6655] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  355.011453][ T6655] F2FS-fs (loop6): Inconsistent error blkaddr:5633, sit bitmap:0
[  355.051426][ T6655] CPU: 0 PID: 6655 Comm: syz.6.497 Not tainted syzkaller #0
[  355.058793][ T6655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  355.068896][ T6655] Call Trace:
[  355.072207][ T6655]  <TASK>
[  355.075176][ T6655]  dump_stack_lvl+0x168/0x22e
[  355.079911][ T6655]  ? show_regs_print_info+0x12/0x12
[  355.085164][ T6655]  ? f2fs_get_next_page_offset+0x6a0/0x6a0
[  355.091044][ T6655]  f2fs_is_valid_blkaddr+0xc3b/0x1250
[  355.096465][ T6655]  f2fs_get_read_data_page+0x3ed/0x610
[  355.101974][ T6655]  ? f2fs_get_block+0x130/0x130
[  355.106893][ T6655]  f2fs_find_data_page+0x9b/0x3a0
[  355.111964][ T6655]  f2fs_readdir+0x47b/0x990
[  355.116507][ T6655]  ? f2fs_fill_dentries+0xcb0/0xcb0
[  355.121752][ T6655]  ? lockdep_hardirqs_on+0x94/0x140
[  355.127038][ T6655]  ? __fdget_pos+0x2ae/0x360
[  355.131656][ T6655]  ? end_current_label_crit_section+0x14b/0x170
[  355.137947][ T6655]  ? preempt_count_add+0x8d/0x190
[  355.142989][ T6655]  ? down_read_killable+0x1cc/0x340
[  355.148209][ T6655]  ? fsnotify_perm+0x248/0x550
[  355.152994][ T6655]  iterate_dir+0x218/0x560
[  355.157436][ T6655]  ? f2fs_fill_dentries+0xcb0/0xcb0
[  355.162660][ T6655]  __se_sys_getdents64+0xe5/0x260
[  355.167708][ T6655]  ? __x64_sys_getdents64+0x80/0x80
[  355.172928][ T6655]  ? filldir+0x700/0x700
[  355.177197][ T6655]  ? lockdep_hardirqs_on+0x94/0x140
[  355.182422][ T6655]  do_syscall_64+0x4c/0xa0
[  355.186890][ T6655]  ? clear_bhb_loop+0x60/0xb0
[  355.191586][ T6655]  ? clear_bhb_loop+0x60/0xb0
[  355.196313][ T6655]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  355.202257][ T6655] RIP: 0033:0x7ff3f0f8eec9
[  355.206695][ T6655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.226331][ T6655] RSP: 002b:00007ff3f1d66038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  355.234858][ T6655] RAX: ffffffffffffffda RBX: 00007ff3f11e5fa0 RCX: 00007ff3f0f8eec9
[  355.242872][ T6655] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  355.250888][ T6655] RBP: 00007ff3f1011f91 R08: 0000000000000000 R09: 0000000000000000
[  355.258872][ T6655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  355.266861][ T6655] R13: 00007ff3f11e6038 R14: 00007ff3f11e5fa0 R15: 00007ffdc48d9cf8
[  355.274891][ T6655]  </TASK>
[  355.278045][    C0] vkms_vblank_simulate: vblank timer overrun
[  356.108976][ T6705] loop5: detected capacity change from 0 to 2048
[  356.206493][ T6705] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  356.251710][ T6705] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  356.288442][ T6705] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  356.310351][ T6705] UDF-fs: Scanning with blocksize 512 failed
[  356.356711][ T6705] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  356.743796][ T4343] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  356.867785][ T6690] loop1: detected capacity change from 0 to 32768
[  356.938258][ T4343] usb 1-1: Using ep0 maxpacket: 8
[  356.946484][ T4343] usb 1-1: unable to get BOS descriptor or descriptor too short
[  356.966709][ T4343] usb 1-1: config 4 interface 0 has no altsetting 0
[  356.983490][ T6690] XFS (loop1): Mounting V5 Filesystem
[  356.997192][ T4343] usb 1-1: string descriptor 0 read error: -22
[  357.042394][ T6730] loop2: detected capacity change from 0 to 64
[  357.055292][ T4343] usb 1-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  357.113797][ T4343] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.244468][ T6690] XFS (loop1): Ending clean mount
[  357.252859][ T4343] usb 1-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  357.345998][ T4343] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  357.368407][ T6690] XFS (loop1): Quotacheck needed: Please wait.
[  357.394721][ T4343] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  357.427907][ T4343] usb 1-1: media controller created
[  357.527363][ T4343] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  357.681755][ T6690] XFS (loop1): Quotacheck: Done.
[  357.792967][ T6740] loop2: detected capacity change from 0 to 8192
[  357.851453][ T6740] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  357.922215][ T6740] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  358.041274][ T6740] REISERFS (device loop2): using ordered data mode
[  358.043527][ T6753] netlink: 12 bytes leftover after parsing attributes in process `syz.6.522'.
[  358.047934][ T6740] reiserfs: using flush barriers
[  358.072202][ T4274] XFS (loop1): Unmounting Filesystem
[  358.161641][ T6740] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  358.261644][ T6740] REISERFS (device loop2): checking transaction log (loop2)
[  358.347155][ T6740] REISERFS (device loop2): Using r5 hash to sort names
[  358.348399][ T6758] do_dccp_getsockopt: sockopt(PACKET_SIZE) is deprecated: fix your app
[  358.434138][ T6740] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  358.458677][ T6760] loop5: detected capacity change from 0 to 1024
[  358.480415][ T4343] zl10353_read_register: readreg error (reg=127, ret==0)
[  358.689989][ T4343] usb 1-1: USB disconnect, device number 3
[  358.767615][ T6763] loop6: detected capacity change from 0 to 2048
[  358.780891][ T6765] sock: sock_timestamping_bind_phc: sock not bind to device
[  358.881261][ T6763] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  358.961630][ T6763] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  359.049046][ T6763] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  359.056886][ T6763] UDF-fs: Scanning with blocksize 512 failed
[  359.147545][ T6763] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  359.875891][ T6776] loop2: detected capacity change from 0 to 512
[  360.024868][ T6776] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  360.054731][ T6776] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c119, mo2=0002]
[  360.105241][ T6776] System zones: 1-12
[  360.137021][ T6776] EXT4-fs (loop2): 1 truncate cleaned up
[  360.147414][ T6776] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  360.227966][ T4276] EXT4-fs (loop2): unmounting filesystem.
[  360.845457][ T6810] loop2: detected capacity change from 0 to 128
[  360.874152][ T6810] qnx6: superblock #1 checksum error
[  361.623870][ T6815] loop2: detected capacity change from 0 to 64
[  361.624055][ T4571] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  361.663725][ T6819] loop0: detected capacity change from 0 to 512
[  361.809505][ T6819] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  361.904084][ T6819] EXT4-fs (loop0): 1 truncate cleaned up
[  361.944104][ T6819] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  362.057178][ T6837] EXT4-fs error (device loop0): ext4_generic_delete_entry:2729: inode #2: block 13: comm syz.0.541: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  362.127407][ T6837] EXT4-fs (loop0): Remounting filesystem read-only
[  362.141446][ T6837] EXT4-fs error (device loop0) in ext4_delete_entry:2800: Corrupt filesystem
[  362.161601][ T6837] EXT4-fs (loop0): Remounting filesystem read-only
[  362.213255][ T6843] loop5: detected capacity change from 0 to 2048
[  362.332303][ T4281] EXT4-fs (loop0): unmounting filesystem.
[  362.416422][ T6848] loop1: detected capacity change from 0 to 2048
[  362.498545][ T6848] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  362.537487][ T6848] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  362.578311][ T6848] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  362.578333][ T6848] UDF-fs: Scanning with blocksize 512 failed
[  362.596403][ T6848] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  363.796551][ T6871] loop5: detected capacity change from 0 to 128
[  363.816139][ T6871] qnx6: superblock #1 checksum error
[  364.482524][ T6876] loop2: detected capacity change from 0 to 128
[  364.502045][ T6847] loop6: detected capacity change from 0 to 32768
[  364.518508][ T4378] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  365.401387][ T6861] loop0: detected capacity change from 0 to 32768
[  365.518106][ T4343] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  365.632712][ T6861] XFS (loop0): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent.
[  365.728388][ T4343] usb 3-1: Using ep0 maxpacket: 8
[  365.746391][ T4343] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  365.976652][ T6861] XFS (loop0): Quotacheck needed: Please wait.
[  365.998800][ T4343] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  366.191544][ T4343] usb 3-1: New USB device found, idVendor=2179, idProduct=0053, bcdDevice= 0.00
[  366.405356][ T4343] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.479965][ T6908] loop6: detected capacity change from 0 to 2048
[  366.601122][ T4343] usb 3-1: config 0 descriptor??
[  366.617127][ T6908] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  366.635204][ T6861] XFS (loop0): Quotacheck: Done.
[  366.687222][ T6908] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  366.734305][ T6908] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  366.750643][ T4281] XFS (loop0): Unmounting Filesystem
[  366.761444][ T6908] UDF-fs: Scanning with blocksize 512 failed
[  366.836639][ T6908] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  367.074647][ T6922] loop1: detected capacity change from 0 to 64
[  367.094507][ T4343] uclogic 0003:2179:0053.0001: interface is invalid, ignoring
[  367.718348][ T4343] usb 3-1: USB disconnect, device number 5
[  368.393772][ T6951] loop6: detected capacity change from 0 to 4096
[  368.563228][ T6951] ntfs3: loop6: ino=21, "file1" fallocate(0x10) is not supported
[  368.654303][ T6965] netlink: 'syz.0.582': attribute type 5 has an invalid length.
[  369.173730][ T6952] loop1: detected capacity change from 0 to 32768
[  369.173781][ T4901] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  369.204648][ T6952] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.576 (6952)
[  369.250034][ T6952] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  369.261578][   T27] audit: type=1326 audit(1759780126.836:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.0.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66f3d8eec9 code=0x7ffc0000
[  369.278158][ T6952] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  369.306726][ T6952] BTRFS info (device loop1): enabling disk space caching
[  369.331845][   T27] audit: type=1326 audit(1759780126.836:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.0.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7f66f3d8eec9 code=0x7ffc0000
[  369.354096][    C1] vkms_vblank_simulate: vblank timer overrun
[  369.362510][ T6952] BTRFS info (device loop1): use no compression
[  369.378739][ T6952] BTRFS info (device loop1): force clearing of disk cache
[  369.388388][ T4901] usb 7-1: Using ep0 maxpacket: 8
[  369.394197][ T6952] BTRFS info (device loop1): turning on sync discard
[  369.399883][ T4901] usb 7-1: unable to get BOS descriptor or descriptor too short
[  369.409111][ T6952] BTRFS info (device loop1): disabling disk space caching
[  369.444444][   T27] audit: type=1326 audit(1759780126.836:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.0.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66f3d8eec9 code=0x7ffc0000
[  369.457227][ T4901] usb 7-1: config 4 has an invalid interface number: 30 but max is 0
[  369.522352][ T4901] usb 7-1: config 4 has no interface number 0
[  369.529808][ T4901] usb 7-1: config 4 interface 30 has no altsetting 0
[  369.545741][ T4901] usb 7-1: string descriptor 0 read error: -22
[  369.569529][   T27] audit: type=1326 audit(1759780126.836:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6982 comm="syz.0.588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f66f3d8eec9 code=0x7ffc0000
[  369.591819][    C1] vkms_vblank_simulate: vblank timer overrun
[  369.618236][ T4901] usb 7-1: New USB device found, idVendor=9022, idProduct=d484, bcdDevice=ff.88
[  369.646081][ T4901] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.704328][ T4901] dw2102: su3000_identify_state
[  369.718318][ T4901] dvb-usb: found a 'TeVii S482 (tuner 2)' in warm state.
[  369.728164][ T4901] dw2102: su3000_power_ctrl: 1, initialized 0
[  369.728585][ T6952] BTRFS info (device loop1): enabling ssd optimizations
[  369.735098][ T4901] dvb-usb: bulk message failed: -22 (2/0)
[  369.778654][ T6952] BTRFS info (device loop1): rebuilding free space tree
[  369.824291][ T4901] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  369.834293][ T6967] loop5: detected capacity change from 0 to 32768
[  369.869833][ T4901] dvbdev: DVB: registering new adapter (TeVii S482 (tuner 2))
[  369.906600][ T6978] dw2102: i2c wr: len=66 is too big!
[  369.906600][ T6978] 
[  369.911760][ T7016] loop2: detected capacity change from 0 to 256
[  369.931450][ T4901] usb 7-1: media controller created
[  369.952573][ T4901] dvb-usb: bulk message failed: -22 (6/0)
[  369.996943][ T4901] dw2102: i2c transfer failed.
[  370.033459][ T4901] dvb-usb: bulk message failed: -22 (6/0)
[  370.045774][ T7016] FAT-fs (loop2): Directory bread(block 64) failed
[  370.054677][ T4901] dw2102: i2c transfer failed.
[  370.069626][ T6952] BTRFS info (device loop1): disabling free space tree
[  370.087819][ T4901] dvb-usb: bulk message failed: -22 (6/0)
[  370.094758][ T7016] FAT-fs (loop2): Directory bread(block 65) failed
[  370.100484][ T6952] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  370.113170][ T4901] dw2102: i2c transfer failed.
[  370.123496][ T4901] dvb-usb: bulk message failed: -22 (6/0)
[  370.141616][ T4901] dw2102: i2c transfer failed.
[  370.144692][ T7016] FAT-fs (loop2): Directory bread(block 66) failed
[  370.146442][ T4901] dvb-usb: bulk message failed: -22 (6/0)
[  370.176791][ T6952] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  370.197173][ T4901] dw2102: i2c transfer failed.
[  370.198159][ T7016] FAT-fs (loop2): Directory bread(block 67) failed
[  370.229255][ T4901] dvb-usb: bulk message failed: -22 (6/0)
[  370.235060][ T4901] dw2102: i2c transfer failed.
[  370.248312][ T7016] FAT-fs (loop2): Directory bread(block 68) failed
[  370.254919][ T7016] FAT-fs (loop2): Directory bread(block 69) failed
[  370.267072][ T4901] dvb-usb: MAC address: 02:02:02:02:02:02
[  370.308437][ T7016] FAT-fs (loop2): Directory bread(block 70) failed
[  370.334367][ T4901] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  370.354118][ T7016] FAT-fs (loop2): Directory bread(block 71) failed
[  370.368725][ T7016] FAT-fs (loop2): Directory bread(block 72) failed
[  370.395903][ T7016] FAT-fs (loop2): Directory bread(block 73) failed
[  370.424549][ T4901] dvb-usb: bulk message failed: -22 (3/0)
[  370.430443][ T4901] dw2102: command 0x0e transfer failed.
[  370.514991][ T4901] dvb-usb: bulk message failed: -22 (3/0)
[  370.543365][ T4901] dw2102: command 0x0e transfer failed.
[  370.631081][   T27] audit: type=1800 audit(1759780128.206:127): pid=6952 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.576" name="file1" dev="loop1" ino=260 res=0 errno=0
[  370.787132][ T6952] BTRFS info (device loop1): balance: start -sconvert=raid0,soft
[  370.892440][ T6952] BTRFS info (device loop1): relocating block group 1048576 flags system
[  370.907858][ T4901] dvb-usb: bulk message failed: -22 (3/0)
[  370.916106][ T4901] dw2102: command 0x0e transfer failed.
[  370.925205][ T4901] dvb-usb: bulk message failed: -22 (3/0)
[  370.970035][ T4901] dw2102: command 0x0e transfer failed.
[  370.975675][ T4901] dvb-usb: bulk message failed: -22 (1/0)
[  371.006203][ T4901] dw2102: command 0x51 transfer failed.
[  371.011939][ T4901] dvb-usb: bulk message failed: -22 (5/0)
[  371.017712][ T4901] dw2102: i2c probe for address 0x68 failed.
[  371.062702][ T4901] dvb-usb: bulk message failed: -22 (5/0)
[  371.074162][ T4901] dw2102: i2c probe for address 0x69 failed.
[  371.080371][ T4901] dvb-usb: bulk message failed: -22 (5/0)
[  371.086901][ T4901] dw2102: i2c probe for address 0x6a failed.
[  371.100513][ T4901] dw2102: probing for demodulator failed. Is the external power switched on?
[  371.125031][ T4901] dvb-usb: no frontend was attached by 'TeVii S482 (tuner 2)'
[  371.136894][ T6952] BTRFS info (device loop1): balance: ended with status: 0
[  371.225848][ T4274] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  371.268771][ T7024] loop0: detected capacity change from 0 to 32768
[  371.283451][ T7024] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by syz.0.595 (7024)
[  371.301296][ T4901] rc_core: IR keymap rc-tt-1500 not found
[  371.307116][ T4901] Registered IR keymap rc-empty
[  371.342320][ T4901] rc rc0: TeVii S482 (tuner 2) as /devices/platform/dummy_hcd.6/usb7/7-1/rc/rc0
[  371.383566][ T4901] input: TeVii S482 (tuner 2) as /devices/platform/dummy_hcd.6/usb7/7-1/rc/rc0/input11
[  371.422656][ T4901] dvb-usb: schedule remote query interval to 250 msecs.
[  371.445423][ T4901] dw2102: su3000_power_ctrl: 0, initialized 1
[  371.481294][ T4901] dvb-usb: TeVii S482 (tuner 2) successfully initialized and connected.
[  371.523644][ T4901] usb 7-1: USB disconnect, device number 2
[  371.597888][ T4571] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by udevd (4571)
[  371.914084][ T4901] dvb-usb: TeVii S482 (tuner 2) successfully deinitialized and disconnected.
[  372.334328][ T4901] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  372.528289][ T4901] usb 7-1: Using ep0 maxpacket: 8
[  372.544276][ T4901] usb 7-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[  372.566836][ T4901] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.601964][ T4901] usb 7-1: config 0 descriptor??
[  373.062454][ T7084] loop1: detected capacity change from 0 to 2048
[  373.129415][ T7084] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  373.227180][ T4901] logitech 0003:046D:C294.0002: unknown main item tag 0xe
[  373.229301][ T7071] loop5: detected capacity change from 0 to 32768
[  373.261287][ T4901] logitech 0003:046D:C294.0002: item fetching failed at offset 3/5
[  373.303511][ T4901] logitech 0003:046D:C294.0002: parse failed
[  373.311540][ T4901] logitech: probe of 0003:046D:C294.0002 failed with error -22
[  373.321966][ T7071] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  373.458391][ T4321] usb 7-1: USB disconnect, device number 3
[  373.509515][ T7071] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  373.710858][ T4759] ocfs2: Unmounting device (7,5) on (node local)
[  373.842718][ T4343] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  373.911541][ T7083] loop0: detected capacity change from 0 to 32768
[  373.993437][ T7083] XFS (loop0): Mounting V5 Filesystem
[  374.038210][ T4343] usb 2-1: Using ep0 maxpacket: 16
[  374.047758][ T4343] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  374.076708][ T4343] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  374.086984][ T4343] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  374.101067][ T4343] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  374.110591][ T4321] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  374.118538][ T4343] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.130161][ T4343] usb 2-1: config 0 descriptor??
[  374.190301][ T7083] XFS (loop0): Ending clean mount
[  374.253217][ T7113] loop2: detected capacity change from 0 to 2048
[  374.346858][ T7113] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  374.417135][ T4281] XFS (loop0): Unmounting Filesystem
[  374.474022][ T7113] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  374.550855][ T7117] loop6: detected capacity change from 0 to 128
[  374.595907][ T7117] qnx6: superblock #1 checksum error
[  374.750054][ T7113] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  374.886844][ T7113] UDF-fs: Scanning with blocksize 512 failed
[  375.094764][ T7113] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  375.210173][ T4321] usb 6-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  375.225512][ T4343] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0003/input/input12
[  375.237974][ T4321] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.263055][ T4321] usb 6-1: Product: syz
[  375.280316][ T4321] usb 6-1: Manufacturer: syz
[  375.303512][ T4321] usb 6-1: SerialNumber: syz
[  375.355454][ T4321] usb 6-1: config 0 descriptor??
[  375.425876][ T4321] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  375.443533][ T4343] microsoft 0003:045E:07DA.0003: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  375.464795][ T4321] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  375.492498][ T4343] usb 2-1: USB disconnect, device number 3
[  375.506033][ T4321] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0))
[  375.516690][ T4321] usb 6-1: media controller created
[  375.573920][ T4321] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  375.622334][ T7099] digitv: more than 2 i2c messages at a time is not handled yet. TODO.
[  375.682752][ T4400] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  375.951600][ T4321] DVB: Unable to find symbol mt352_attach()
[  376.035902][ T7122] fido_id[7122]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  376.103989][ T4321] DVB: Unable to find symbol nxt6000_attach()
[  376.114824][ T4321] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)'
[  376.172383][ T4321] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input13
[  376.269105][ T4321] dvb-usb: schedule remote query interval to 1000 msecs.
[  376.303689][ T4321] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[  376.358969][ T4321] dvb-usb: bulk message failed: -22 (7/0)
[  376.365430][ T4321] dvb-usb: bulk message failed: -22 (7/0)
[  376.427783][ T4321] usb 6-1: USB disconnect, device number 6
[  376.628783][ T4321] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected.
[  377.143234][ T7155] loop0: detected capacity change from 0 to 512
[  377.172724][ T7155] EXT4-fs (loop0): filesystem is read-only
[  377.216051][ T7155] EXT4-fs (loop0): filesystem is read-only
[  377.283557][ T7155] EXT4-fs (loop0): orphan cleanup on readonly fs
[  377.302782][ T7158] netlink: 'syz.6.627': attribute type 12 has an invalid length.
[  377.310875][ T7158] netlink: 132 bytes leftover after parsing attributes in process `syz.6.627'.
[  377.347689][ T7155] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.626: bad orphan inode 16
[  377.410682][ T7155] ext4_test_bit(bit=15, block=3) = 0
[  377.416155][ T7155] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  377.424140][ T7134] loop1: detected capacity change from 0 to 32768
[  377.615485][ T7134] XFS (loop1): Mounting V5 Filesystem
[  377.779310][ T4281] EXT4-fs (loop0): unmounting filesystem.
[  377.803531][ T7134] XFS (loop1): Ending clean mount
[  377.882754][ T7134] XFS (loop1): Quotacheck needed: Please wait.
[  377.994775][ T7134] XFS (loop1): Quotacheck: Done.
[  378.274126][ T4274] XFS (loop1): Unmounting Filesystem
[  378.484868][ T7187] IPVS: Scheduler module ip_vs_sip not found
[  378.551651][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  378.558113][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  378.801542][ T7200] loop2: detected capacity change from 0 to 256
[  378.870823][ T7200] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  379.061286][ T7208] loop0: detected capacity change from 0 to 512
[  379.113679][ T7184] loop5: detected capacity change from 0 to 32768
[  379.172893][ T7208] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  379.224486][ T7208] EXT4-fs (loop0): orphan cleanup on readonly fs
[  379.236333][ T7184] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  379.294522][ T7208] Quota error (device loop0): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  379.357974][ T7208] EXT4-fs warning (device loop0): ext4_enable_quotas:7068: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  379.406059][ T7208] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  379.433649][ T7221] loop6: detected capacity change from 0 to 1024
[  379.462735][ T7221] EXT4-fs: Ignoring removed nobh option
[  379.483392][ T7208] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.639: bg 0: block 40: padding at end of block bitmap is not set
[  379.547444][ T7221] EXT4-fs error (device loop6): ext4_ext_check_inode:520: inode #11: comm syz.6.641: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  379.598463][ T7208] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6165: Corrupt filesystem
[  379.627608][ T7223] loop1: detected capacity change from 0 to 4096
[  379.648660][ T7208] EXT4-fs (loop0): 1 truncate cleaned up
[  379.664783][ T7208] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  379.721563][ T7221] EXT4-fs error (device loop6): ext4_orphan_get:1405: comm syz.6.641: couldn't read orphan inode 11 (err -117)
[  379.743882][ T4759] (syz-executor,4759,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72
[  379.766728][ T7221] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: writeback.
[  379.769361][ T7223] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512)
[  379.832641][ T4759] ocfs2: Unmounting device (7,5) on (node local)
[  379.845715][ T4281] EXT4-fs (loop0): unmounting filesystem.
[  379.874638][ T7221] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:477: comm syz.6.641: Invalid block bitmap block 0 in block_group 0
[  379.984924][ T7221] Quota error (device loop6): write_blk: dquota write failed
[  380.037946][ T7221] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  380.087517][ T7221] EXT4-fs error (device loop6): ext4_acquire_dquot:6816: comm syz.6.641: Failed to acquire dquot type 0
[  380.321951][ T5568] EXT4-fs (loop6): unmounting filesystem.
[  380.364856][ T4457] Quota error (device loop6): do_check_range: Getting block 0 out of range 1-8
[  380.382859][ T4457] EXT4-fs error (device loop6): ext4_release_dquot:6852: comm kworker/u4:11: Failed to release dquot type 0
[  380.487747][ T7218] loop2: detected capacity change from 0 to 32768
[  380.586756][ T7218] XFS (loop2): Mounting V5 Filesystem
[  380.767846][ T7218] XFS (loop2): Ending clean mount
[  380.817370][ T7218] XFS (loop2): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair.
[  381.006837][ T7218] syz.2.640 (7218) used greatest stack depth: 19520 bytes left
[  381.202985][ T4276] XFS (loop2): Unmounting Filesystem
[  381.623768][ T7240] loop1: detected capacity change from 0 to 32768
[  381.789369][ T7240] XFS (loop1): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent.
[  381.893547][ T7240] XFS (loop1): Quotacheck needed: Please wait.
[  382.081289][ T7240] XFS (loop1): Quotacheck: Done.
[  382.265930][ T4274] XFS (loop1): Unmounting Filesystem
[  382.716201][ T7299] loop5: detected capacity change from 0 to 256
[  382.848942][ T7299] FAT-fs (loop5): Directory bread(block 64) failed
[  382.870757][ T7299] FAT-fs (loop5): Directory bread(block 65) failed
[  382.880301][ T7303] program syz.2.661 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  382.906023][ T7299] FAT-fs (loop5): Directory bread(block 66) failed
[  382.930094][ T7299] FAT-fs (loop5): Directory bread(block 67) failed
[  382.976109][ T7299] FAT-fs (loop5): Directory bread(block 68) failed
[  383.015151][ T7299] FAT-fs (loop5): Directory bread(block 69) failed
[  383.055815][ T7299] FAT-fs (loop5): Directory bread(block 70) failed
[  383.082377][ T7299] FAT-fs (loop5): Directory bread(block 71) failed
[  383.104625][ T7306] loop0: detected capacity change from 0 to 512
[  383.133026][ T7299] FAT-fs (loop5): Directory bread(block 72) failed
[  383.175088][ T7299] FAT-fs (loop5): Directory bread(block 73) failed
[  383.222723][ T7306] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  383.271644][ T7306] EXT4-fs (loop0): 1 truncate cleaned up
[  383.277370][ T7306] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  383.395304][ T7306] EXT4-fs error (device loop0): ext4_add_entry:2486: inode #2: comm syz.0.662: Directory hole found for htree leaf block 0
[  383.587016][ T4281] EXT4-fs (loop0): unmounting filesystem.
[  383.876303][ T7326] loop1: detected capacity change from 0 to 128
[  383.901715][ T7326] qnx6: superblock #1 checksum error
[  384.177960][ T4378] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  384.934391][ T7347] loop1: detected capacity change from 0 to 128
[  384.990114][ T7347] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  385.041332][ T7347] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  385.916163][ T7376] loop5: detected capacity change from 0 to 2048
[  385.985686][ T7379] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  386.012214][ T7346] loop2: detected capacity change from 0 to 40427
[  386.100868][   T27] audit: type=1800 audit(1759780143.676:128): pid=7376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.682" name="file2" dev="loop5" ino=16 res=0 errno=0
[  386.159126][ T7346] F2FS-fs (loop2): invalid crc value
[  386.217322][ T7346] F2FS-fs (loop2): Found nat_bits in checkpoint
[  386.259640][ T7385] NILFS (loop5): error -2 truncating bmap (ino=16)
[  386.456827][ T7346] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  386.535705][ T7384] f2fs_ckpt-7:2: attempt to access beyond end of device
[  386.535705][ T7384] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  386.716098][ T7407] loop6: detected capacity change from 0 to 128
[  386.721261][ T7406] loop5: detected capacity change from 0 to 512
[  386.763810][ T7406] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  386.778358][ T7407] EXT4-fs: Ignoring removed nobh option
[  386.889635][ T7407] EXT4-fs (loop6): mounted filesystem without journal. Quota mode: none.
[  386.911221][ T7412] loop1: detected capacity change from 0 to 256
[  386.955844][ T7407] ext4 filesystem being mounted at /75/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  387.113002][   T27] audit: type=1804 audit(1759780144.686:129): pid=7407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.690" name="/newroot/75/mnt/bus" dev="loop6" ino=12 res=1 errno=0
[  387.321567][ T5568] EXT4-fs (loop6): unmounting filesystem.
[  387.767125][ T7440] syzkaller0: tun_chr_ioctl cmd 1074025677
[  387.786554][ T7440] syzkaller0: linktype set to 1
[  387.918255][ T4320] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  388.108230][ T4320] usb 2-1: Using ep0 maxpacket: 8
[  388.120122][ T4320] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  388.148669][ T4320] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  388.188140][ T4320] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  388.218198][ T4320] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  388.248868][ T4320] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  388.282711][ T4320] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  388.313840][ T4320] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.313987][ T7426] loop2: detected capacity change from 0 to 32768
[  388.466202][ T7426] XFS (loop2): Mounting V5 Filesystem
[  388.488175][ T4900] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  388.505363][ T7459] loop6: detected capacity change from 0 to 1024
[  388.547891][ T4320] usb 2-1: GET_CAPABILITIES returned 0
[  388.557934][ T4320] usbtmc 2-1:16.0: can't read capabilities
[  388.647096][ T7426] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  388.695143][ T7433] loop5: detected capacity change from 0 to 32768
[  388.710560][ T4900] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  388.737340][ T4900] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.759370][ T7426] XFS (loop2): Starting recovery (logdev: internal)
[  388.821897][ T4320] usb 2-1: USB disconnect, device number 4
[  388.832669][ T4900] usb 1-1: config 0 descriptor??
[  388.870999][ T4900] cp210x 1-1:0.0: cp210x converter detected
[  388.891120][ T7433] XFS (loop5): Mounting V5 Filesystem
[  389.112840][ T7433] XFS (loop5): Ending clean mount
[  389.174481][ T7426] XFS (loop2): Ending recovery (logdev: internal)
[  389.216896][ T7433] XFS (loop5): Quotacheck needed: Please wait.
[  389.243589][ T4900] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  389.283199][ T4900] usb 1-1: cp210x converter now attached to ttyUSB0
[  389.425245][ T7433] XFS (loop5): Quotacheck: Done.
[  389.459137][ T4320] usb 1-1: USB disconnect, device number 4
[  389.525978][ T4320] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  389.611451][ T4320] cp210x 1-1:0.0: device disconnected
[  389.675178][ T7485] sg_write: data in/out 8156/120 bytes for SCSI command 0x0-- guessing data in;
[  389.675178][ T7485]    program syz.1.706 not setting count and/or reply_len properly
[  389.785649][ T4276] XFS (loop2): Unmounting Filesystem
[  389.901560][ T4759] XFS (loop5): Unmounting Filesystem
[  391.529836][ T7519] netlink: 56 bytes leftover after parsing attributes in process `syz.5.716'.
[  392.361722][ T7545] loop1: detected capacity change from 0 to 128
[  392.405259][ T7545] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  392.440809][ T7545] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  393.033140][ T7562] loop6: detected capacity change from 0 to 2048
[  393.076162][ T7562] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  393.116659][ T7562] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  393.193826][ T7562] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  393.235585][ T7558] could not allocate digest TFM handle _!5Á’›ã(ìÛiÀ£ïÕHP,ƒomñ«xúÄ™í©*Ô71U"~Âß‘�2.Ë>£~e’…ñŠ>/yµ™
[  393.237237][ T7562] UDF-fs: Scanning with blocksize 512 failed
[  393.325676][ T7562] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  394.094056][ T7580] loop2: detected capacity change from 0 to 4096
[  394.440783][   T27] audit: type=1804 audit(1759780152.016:130): pid=7589 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.742" name="/newroot/156/bus/file1" dev="loop2" ino=33 res=1 errno=0
[  394.694963][ T4276] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22.
[  394.756017][ T4276] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  395.060407][ T7578] loop1: detected capacity change from 0 to 32768
[  395.122026][ T7578] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  395.183493][ T7578] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  395.231077][ T7578] BTRFS info (device loop1): enabling auto defrag
[  395.288321][ T7578] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  395.326377][ T7578] BTRFS info (device loop1): trying to use backup root at mount time
[  395.400783][ T7578] BTRFS info (device loop1): max_inline at 9
[  395.420175][ T7578] BTRFS info (device loop1): force clearing of disk cache
[  395.457442][ T7578] BTRFS info (device loop1): turning on sync discard
[  395.495225][ T7578] BTRFS info (device loop1): disabling free space tree
[  395.818461][ T7578] BTRFS info (device loop1): enabling ssd optimizations
[  395.875099][ T7578] BTRFS info (device loop1): rebuilding free space tree
[  395.960097][ T7578] BTRFS info (device loop1): disabling free space tree
[  395.967088][ T7578] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  396.006649][ T7578] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  396.194203][ T7644] vivid-000: =================  START STATUS  =================
[  396.226668][ T7644] vivid-000: Test Pattern: 75% Colorbar
[  396.248235][ T7644] vivid-000: Fill Percentage of Frame: 100
[  396.265944][ T7644] vivid-000: Horizontal Movement: No Movement
[  396.302864][ T7644] vivid-000: Vertical Movement: No Movement
[  396.331519][ T7644] vivid-000: OSD Text Mode: All
[  396.357490][ T7644] vivid-000: Show Border: false
[  396.385045][ T7644] vivid-000: Show Square: false
[  396.415564][ T7644] vivid-000: Sensor Flipped Horizontally: false
[  396.446681][ T7644] vivid-000: Sensor Flipped Vertically: false
[  396.481273][ T7644] vivid-000: Insert SAV Code in Image: false
[  396.513690][ T7644] vivid-000: Insert EAV Code in Image: false
[  396.554070][ T7644] vivid-000: Insert Video Guard Band: false
[  396.592438][ T7644] vivid-000: Reduced Framerate: false
[  396.617697][ T7644] vivid-000: Enable Capture Cropping: true
[  396.656525][ T7644] vivid-000: Enable Capture Composing: true
[  396.694238][ T7644] vivid-000: Enable Capture Scaler: true
[  396.729734][ T7644] vivid-000: Timestamp Source: End of Frame
[  396.771038][ T7644] vivid-000: Colorspace: sRGB
[  396.806195][ T7644] vivid-000: Transfer Function: Default
[  396.835977][ T7644] vivid-000: Y'CbCr Encoding: Default
[  396.848727][ T7644] vivid-000: HSV Encoding: Hue 0-179
[  396.870728][ T7644] vivid-000: Quantization: Default
[  396.884802][ T7644] vivid-000: Apply Alpha To Red Only: false
[  396.900708][ T7644] vivid-000: Standard Aspect Ratio: 4x3
[  396.911711][ T7644] vivid-000: DV Timings Signal Mode: Current DV Timings inactive
[  396.919847][ T7644] vivid-000: DV Timings: 640x480p59 inactive
[  396.925993][ T7644] vivid-000: DV Timings Aspect Ratio: Source Width x Height
[  396.933705][ T7644] vivid-000: Maximum EDID Blocks: 2
[  396.939830][ T7644] vivid-000: Limited RGB Range (16-235): false
[  396.946377][ T7644] vivid-000: Rx RGB Quantization Range: Automatic
[  396.953364][ T7644] vivid-000: Power Present: 0x00000001
[  396.960231][ T7644] tpg source WxH: 320x180 (R'G'B)
[  396.965509][ T7644] tpg field: 1
[  396.969160][ T7644] tpg crop: 320x180@0x0
[  396.976298][ T7644] tpg compose: 320x180@0x0
[  397.041614][ T7644] tpg colorspace: 8
[  397.068167][ T7644] tpg transfer function: 0/0
[  397.072833][ T7644] tpg quantization: 0/0
[  397.077025][ T7644] tpg RGB range: 0/2
[  397.108972][ T4274] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  397.205163][ T7644] vivid-000: ==================  END STATUS  ==================
[  397.281002][ T7661] netlink: 60 bytes leftover after parsing attributes in process `syz.6.762'.
[  397.308277][ T7661] netlink: 60 bytes leftover after parsing attributes in process `syz.6.762'.
[  397.382432][ T7661] netlink: 60 bytes leftover after parsing attributes in process `syz.6.762'.
[  397.441692][ T7665] netlink: 60 bytes leftover after parsing attributes in process `syz.6.762'.
[  397.530832][ T7667] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add()
[  397.855977][ T7672] loop6: detected capacity change from 0 to 1024
[  397.926772][ T7674] netlink: 12 bytes leftover after parsing attributes in process `syz.2.765'.
[  398.199484][ T4936] hfsplus: b-tree write err: -5, ino 4
[  398.222187][ T7679] bridge0: port 3(team0) entered disabled state
[  398.228713][ T7679] bridge0: port 2(bridge_slave_1) entered disabled state
[  398.236890][ T7679] bridge0: port 1(bridge_slave_0) entered disabled state
[  398.666878][ T7699] netlink: 'syz.2.772': attribute type 15 has an invalid length.
[  398.954669][ T7712] xt_TCPMSS: Only works on TCP SYN packets
[  399.321524][ T7724] loop6: detected capacity change from 0 to 1024
[  399.366170][ T7724] EXT4-fs warning (device loop6): read_mmp_block:115: Error -117 while reading MMP block 72
[  399.786114][ T7739] syz.5.787[7739] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  399.786296][ T7739] syz.5.787[7739] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  400.184004][ T4321] kernel write not supported for file /sg0 (pid: 4321 comm: kworker/1:4)
[  400.514109][ T7760] program syz.0.792 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  400.540915][ T7762] bond0: (slave batadv0): Error: Slave device does not support XDP
[  400.836637][    C1] IPv4: Oversized IP packet from 127.0.0.1
[  401.288138][    T7] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  401.488196][    T7] usb 2-1: Using ep0 maxpacket: 8
[  401.498800][    T7] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  401.528062][    T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  401.584807][    T7] pvrusb2: Hardware description: Terratec Grabster AV400
[  401.608076][    T7] pvrusb2: **********
[  401.612135][    T7] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  401.668198][    T7] pvrusb2: Important functionality might not be entirely working.
[  401.699718][    T7] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  401.719631][    T7] pvrusb2: **********
[  401.795083][ T2309] pvrusb2: Invalid write control endpoint
[  402.038483][    T7] usb 2-1: USB disconnect, device number 5
[  402.190539][ T2309] pvrusb2: Invalid write control endpoint
[  402.205693][ T2309] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  402.247202][ T2309] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  402.273372][ T2309] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  402.314417][ T2309] pvrusb2: Device being rendered inoperable
[  402.358208][ T2309] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  402.386367][ T2309] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  402.435910][ T2309] pvrusb2: Attached sub-driver cx25840
[  402.573756][ T2309] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  402.621145][ T2309] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  402.751750][ T7829] device syzkaller1 entered promiscuous mode
[  402.784776][ T7831] loop2: detected capacity change from 0 to 128
[  404.248520][   T22] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  404.441514][   T22] usb 7-1: Using ep0 maxpacket: 8
[  404.457492][   T22] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  404.495138][   T22] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  404.519735][   T22] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  404.543750][   T22] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  404.564841][   T22] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  404.607255][   T22] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  404.625550][   T22] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.641800][   T27] audit: type=1326 audit(1759780162.216:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7892 comm="syz.0.832" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f66f3d8eec9 code=0x0
[  404.875767][   T22] usb 7-1: GET_CAPABILITIES returned 0
[  404.894198][   T22] usbtmc 7-1:16.0: can't read capabilities
[  404.922754][ T7907] loop1: detected capacity change from 0 to 512
[  405.004438][ T7907] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  405.017204][ T7907] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  405.080326][ T4901] usb 7-1: USB disconnect, device number 4
[  405.094695][ T7907] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  405.129741][ T7907] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 65793 with max blocks 1 with error 28
[  405.146234][ T7907] EXT4-fs (loop1): This should not happen!! Data will be lost
[  405.146234][ T7907] 
[  405.156375][ T7907] EXT4-fs (loop1): Total free blocks count 0
[  405.164375][ T7907] EXT4-fs (loop1): Free/Dirty block details
[  405.175337][ T7907] EXT4-fs (loop1): free_blocks=65280
[  405.180895][ T7907] EXT4-fs (loop1): dirty_blocks=1
[  405.187088][ T7907] EXT4-fs (loop1): Block reservation details
[  405.193285][ T7907] EXT4-fs (loop1): i_reserved_data_blocks=1
[  405.262464][ T4274] EXT4-fs (loop1): unmounting filesystem.
[  406.047853][ T7929] loop6: detected capacity change from 0 to 256
[  406.140519][ T7929] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  406.235546][ T7922] loop5: detected capacity change from 0 to 32768
[  406.273094][ T7920] loop1: detected capacity change from 0 to 32768
[  406.276353][ T7922] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.841 (7922)
[  406.345217][ T7922] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  406.362727][ T7920] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.840 (7920)
[  406.392033][ T7934] netlink: 104 bytes leftover after parsing attributes in process `syz.0.846'.
[  406.405448][ T7922] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  406.430224][ T7920] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  406.438195][ T7922] BTRFS info (device loop5): enabling auto defrag
[  406.488163][ T7920] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  406.497681][ T7922] BTRFS warning (device loop5): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  406.542977][ T7920] BTRFS info (device loop1): setting nodatasum
[  406.549594][ T7922] BTRFS info (device loop5): trying to use backup root at mount time
[  406.588481][ T7920] BTRFS info (device loop1): force zlib compression, level 3
[  406.589204][ T7922] BTRFS info (device loop5): max_inline at 9
[  406.595930][ T7920] BTRFS info (device loop1): enabling ssd optimizations
[  406.673612][ T7922] BTRFS info (device loop5): force clearing of disk cache
[  406.692966][ T7920] BTRFS info (device loop1): allowing degraded mounts
[  406.710869][ T7922] BTRFS info (device loop5): turning on sync discard
[  406.731199][ T7920] BTRFS info (device loop1): using free space tree
[  406.747066][ T7941] Illegal XDP return value 514472832 on prog  (id 108) dev syz_tun, expect packet loss!
[  406.757130][ T7922] BTRFS info (device loop5): disabling free space tree
[  406.955002][ T7922] BTRFS info (device loop5): enabling ssd optimizations
[  406.984124][ T7922] BTRFS info (device loop5): rebuilding free space tree
[  407.038387][ T7922] BTRFS info (device loop5): disabling free space tree
[  407.056702][ T7922] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  407.098341][ T7922] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  407.181444][ T4274] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  407.867044][ T4759] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  408.683336][ T8016] device syzkaller1 entered promiscuous mode
[  409.116720][ T8030] loop5: detected capacity change from 0 to 2048
[  409.145170][ T8030] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  409.213141][ T8032] loop1: detected capacity change from 0 to 2048
[  409.226347][ T8030] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  409.261756][ T8030] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  409.310804][ T8030] UDF-fs: Scanning with blocksize 512 failed
[  409.324428][ T8032] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  409.351691][ T8032] ext4 filesystem being mounted at /159/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  409.376822][ T8030] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  409.564740][ T8032] fs-verity: sha512 using implementation "sha512-avx2"
[  409.969832][ T4274] EXT4-fs (loop1): unmounting filesystem.
[  410.174273][ T8019] loop2: detected capacity change from 0 to 40427
[  410.233965][ T8019] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x3ffff
[  410.275045][ T8019] F2FS-fs (loop2): invalid crc value
[  410.316227][ T8019] F2FS-fs (loop2): Found nat_bits in checkpoint
[  410.492888][ T8019] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  410.738221][ T4335] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  410.757775][ T8072] loop1: detected capacity change from 0 to 512
[  410.807283][ T4276] syz-executor: attempt to access beyond end of device
[  410.807283][ T4276] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  410.895489][ T8072] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  410.939834][ T4335] usb 7-1: Using ep0 maxpacket: 8
[  410.952288][ T4335] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  410.967312][ T4335] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  410.977242][ T4335] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  410.992879][ T4335] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  411.006791][ T4335] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  411.016047][ T4335] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.241977][ T4335] usb 7-1: GET_CAPABILITIES returned 0
[  411.247616][ T4335] usbtmc 7-1:16.0: can't read capabilities
[  411.459844][ T4274] EXT4-fs (loop1): unmounting filesystem.
[  411.511144][ T8065] usb 7-1: usbtmc_ioctl_clear_in_halt returned -32
[  411.536693][ T4335] usb 7-1: USB disconnect, device number 5
[  412.782419][ T8129] netlink: 104 bytes leftover after parsing attributes in process `syz.0.889'.
[  412.814725][ T8110] loop6: detected capacity change from 0 to 32768
[  412.834582][ T8110] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop6 scanned by syz.6.882 (8110)
[  412.902816][ T8110] BTRFS info (device loop6): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  412.941808][ T8110] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  412.980466][ T8110] BTRFS info (device loop6): using free space tree
[  412.994753][ T8132] loop5: detected capacity change from 0 to 2048
[  413.046662][ T8132] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  413.132319][ T8132] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  413.147417][ T8132] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  413.161549][ T8132] UDF-fs: Scanning with blocksize 512 failed
[  413.236609][ T8132] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  413.521205][ T8110] BTRFS info (device loop6): enabling ssd optimizations
[  416.511481][ T5568] BTRFS info (device loop6): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  416.815854][ T8192] loop5: detected capacity change from 0 to 128
[  416.825363][ T8193] loop2: detected capacity change from 0 to 64
[  417.053628][ T8196] loop1: detected capacity change from 0 to 128
[  417.120184][ T8196] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  417.262429][ T8196] ext4 filesystem being mounted at /171/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  417.584564][ T8208] loop2: detected capacity change from 0 to 2048
[  417.616795][ T4274] EXT4-fs (loop1): unmounting filesystem.
[  417.633828][ T8208] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  417.688374][ T8208] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  417.735800][ T8208] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  417.787863][ T8208] UDF-fs: Scanning with blocksize 512 failed
[  417.845147][ T8208] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  420.217580][ T8279] loop6: detected capacity change from 0 to 1024
[  420.335374][ T8267] loop2: detected capacity change from 0 to 32768
[  420.364069][ T8267] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.926 (8267)
[  420.415635][ T8267] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  420.447640][ T8267] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  420.485793][ T8267] BTRFS info (device loop2): using free space tree
[  420.688167][ T8267] BTRFS info (device loop2): enabling ssd optimizations
[  420.848061][   T27] audit: type=1800 audit(1759780178.416:132): pid=8305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.926" name="file1" dev="loop2" ino=260 res=0 errno=0
[  421.260706][ T4543] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared)
[  421.368247][ T4276] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  421.580176][ T8311] loop5: detected capacity change from 0 to 4096
[  421.624113][ T8311] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512)
[  422.155124][ T8318] Disabled LAPIC found during irq injection
[  422.541265][ T8333] netlink: 12 bytes leftover after parsing attributes in process `syz.6.940'.
[  423.203614][ T8329] loop5: detected capacity change from 0 to 32768
[  423.229987][ T8329] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 scanned by syz.5.943 (8329)
[  423.284763][ T8329] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  423.297801][ T8329] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  423.338352][ T8329] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  423.365780][ T8329] BTRFS info (device loop5): use zstd compression, level 3
[  423.389241][ T8329] BTRFS info (device loop5): using free space tree
[  423.636378][ T8329] BTRFS info (device loop5): enabling ssd optimizations
[  423.825203][   T27] audit: type=1800 audit(1759780181.386:133): pid=8329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.943" name="file2" dev="loop5" ino=263 res=0 errno=0
[  424.117951][ T4759] BTRFS info (device loop5): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  424.140698][ T8371] loop2: detected capacity change from 0 to 4096
[  424.251314][ T8371] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  424.383502][ T8384] loop6: detected capacity change from 0 to 256
[  424.527682][ T8371] EXT4-fs error (device loop2): ext4_do_update_inode:5254: inode #15: comm syz.2.950: corrupted inode contents
[  424.602509][ T8384] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3ec, utbl_chksum : 0xe619d30d)
[  424.722808][ T8386] EXT4-fs (loop2): shut down requested (2)
[  424.912622][ T4276] EXT4-fs (loop2): unmounting filesystem.
[  424.927167][   T33] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  424.963659][   T33] Quota error (device loop2): write_blk: dquota write failed
[  424.988410][   T33] Quota error (device loop2): free_dqentry: Can't write quota data block 5
[  425.158104][ T8006] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  425.353034][ T8006] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  425.375941][ T8006] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  425.406608][ T8006] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  425.431615][ T8403] loop5: detected capacity change from 0 to 1024
[  425.442592][ T8006] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  425.459944][ T8403] EXT4-fs: Ignoring removed orlov option
[  425.476419][ T8006] usb 2-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  425.497044][ T8006] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  425.510704][ T8006] usb 2-1: Product: syz
[  425.516543][ T8006] usb 2-1: Manufacturer: syz
[  425.521837][ T8403] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  425.532397][ T8006] usb 2-1: SerialNumber: syz
[  425.539923][ T8006] usb 2-1: config 0 descriptor??
[  425.581825][ T8403] EXT4-fs: Ignoring sb option on remount
[  425.598269][ T8403] EXT4-fs: Ignoring removed orlov option
[  425.604341][ T8403] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  425.630127][ T8403] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  425.666779][ T8403] EXT4-fs (loop5): re-mounted. Quota mode: writeback.
[  425.799280][ T8006] adutux 2-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  426.002393][ T8006] usb 2-1: USB disconnect, device number 6
[  426.142056][ T4759] EXT4-fs (loop5): unmounting filesystem.
[  426.562727][ T8424] loop2: detected capacity change from 0 to 16
[  426.617524][ T8424] erofs: (device loop2): mounted with root inode @ nid 36.
[  427.527812][ T8437] loop6: detected capacity change from 0 to 4096
[  427.598884][ T8430] loop1: detected capacity change from 0 to 32768
[  427.627220][ T8430] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 scanned by syz.1.973 (8430)
[  427.694745][ T8430] BTRFS info (device loop1): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  427.748810][ T8430] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  427.778160][ T8430] BTRFS info (device loop1): using free space tree
[  427.826544][ T8443] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  428.013138][   T27] audit: type=1804 audit(1759780185.586:134): pid=8455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.975" name="/newroot/127/file0/file1" dev="loop6" ino=15 res=1 errno=0
[  428.218287][ T8430] BTRFS info (device loop1): enabling ssd optimizations
[  428.270735][ T8466] mmap: syz.2.977 (8466) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  428.469732][ T4274] BTRFS info (device loop1): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  430.545332][ T8479] loop5: detected capacity change from 0 to 32768
[  430.650756][ T8479] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[  430.700597][ T8479] XFS (loop5): Mounting V5 Filesystem
[  430.919347][ T8479] XFS (loop5): Ending clean mount
[  430.958355][ T8479] XFS (loop5): Quotacheck needed: Please wait.
[  431.082177][ T8479] XFS (loop5): Quotacheck: Done.
[  431.477314][ T4759] XFS (loop5): Unmounting Filesystem
[  431.745428][ T8503] loop1: detected capacity change from 0 to 32768
[  431.809914][ T8503] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.990 (8503)
[  431.868941][ T8503] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  431.923118][ T8503] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  431.938392][ T8503] BTRFS info (device loop1): enabling disk space caching
[  431.945904][ T8503] BTRFS info (device loop1): turning on flush-on-commit
[  431.962430][ T8503] BTRFS info (device loop1): disabling tree log
[  431.972545][ T8503] BTRFS info (device loop1): use no compression
[  431.981604][ T8503] BTRFS info (device loop1): force clearing of disk cache
[  431.993750][ T8503] BTRFS info (device loop1): doing ref verification
[  432.003947][ T8503] BTRFS info (device loop1): disabling disk space caching
[  432.372854][ T8503] BTRFS info (device loop1): enabling ssd optimizations
[  432.408281][ T8503] BTRFS info (device loop1): rebuilding free space tree
[  432.436582][ T8547] loop5: detected capacity change from 0 to 128
[  432.471940][ T8503] BTRFS info (device loop1): disabling free space tree
[  432.500393][ T8503] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  432.536529][ T8503] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  432.702201][ T8523] loop6: detected capacity change from 0 to 32768
[  432.744587][ T8523] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 scanned by syz.6.994 (8523)
[  432.795894][ T8523] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  432.843812][ T8523] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[  432.864853][ T8523] BTRFS info (device loop6): metadata ratio 2
[  432.894601][ T8523] BTRFS info (device loop6): allowing degraded mounts
[  432.922173][ T8523] BTRFS info (device loop6): force zlib compression, level 3
[  432.944368][ T8523] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  432.987664][ T8523] BTRFS info (device loop6): use zstd compression, level 3
[  433.010951][ T4274] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  433.036194][ T8523] BTRFS info (device loop6): force clearing of disk cache
[  433.054183][ T8523] BTRFS info (device loop6): use zlib compression, level 3
[  433.067340][ T8523] BTRFS warning (device loop6): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  433.084172][ T8523] BTRFS info (device loop6): trying to use backup root at mount time
[  433.104476][ T8523] BTRFS info (device loop6): using free space tree
[  433.450518][ T4936] BTRFS warning (device loop6): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x32f839c6 level 0
[  433.580930][ T8523] BTRFS warning (device loop6): couldn't read tree root
[  433.620494][ T8523] BTRFS warning (device loop6): try to load backup roots slot 1
[  433.639673][ T4385] BTRFS warning (device loop6): checksum verify failed on logical 5316608 mirror 1 wanted 0x5387c9d6 found 0xc5289bf1 level 0
[  433.707188][ T8523] BTRFS error (device loop6): failed to load root extent
[  433.715631][ T8523] BTRFS warning (device loop6): try to load backup roots slot 2
[  433.759473][ T8523] BTRFS error (device loop6): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7
[  433.798207][ T8523] BTRFS warning (device loop6): couldn't read tree root
[  433.805251][ T8523] BTRFS warning (device loop6): try to load backup roots slot 3
[  433.906366][ T8523] BTRFS info (device loop6): enabling ssd optimizations
[  433.925471][ T8523] BTRFS info (device loop6): rebuilding free space tree
[  433.975356][ T8523] BTRFS info (device loop6): checking UUID tree
[  434.124551][   T27] audit: type=1800 audit(1759780191.696:135): pid=8523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.994" name="file1" dev="loop6" ino=257 res=0 errno=0
[  434.165902][ T8523] capability: warning: `syz.6.994' uses 32-bit capabilities (legacy support in use)
[  434.217382][ T8598] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1009'.
[  434.315490][ T8600] netlink: 116 bytes leftover after parsing attributes in process `syz.1.1009'.
[  434.350929][ T5568] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  434.428189][ T5104] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  434.664641][ T5104] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  434.690062][ T5104] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  434.708073][ T5104] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  434.728325][ T8583] loop2: detected capacity change from 0 to 32768
[  434.737918][ T5104] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  434.750969][ T5104] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.811701][ T5104] usb 1-1: config 0 descriptor??
[  434.838349][ T8583] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  434.925997][ T8583] OCFS2: ERROR (device loop2): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature 
[  434.978159][ T4320] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  435.048583][ T8583] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  435.110255][ T8583] OCFS2: File system is now read-only.
[  435.115888][ T8583] (syz.2.1006,8583,1):ocfs2_find_entry_dx:1029 ERROR: status = -30
[  435.174482][ T4320] usb 2-1: config 0 has no interfaces?
[  435.184790][ T8583] OCFS2: ERROR (device loop2): int ocfs2_validate_dx_root(struct super_block *, struct buffer_head *): Dir Index Root # 28549323745621536 has bad signature 
[  435.204900][ T4320] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  435.238401][ T8583] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  435.244132][ T4320] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.251854][ T5104] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  435.266655][ T4320] usb 2-1: Product: syz
[  435.271138][ T8583] (syz.2.1006,8583,0):ocfs2_find_entry_dx:1029 ERROR: status = -30
[  435.278545][ T5104] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  435.286559][ T5104] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  435.288300][ T8583] (syz.2.1006,8583,0):ocfs2_mknod:502 ERROR: status = -30
[  435.302506][ T4320] usb 2-1: Manufacturer: syz
[  435.307167][ T4320] usb 2-1: SerialNumber: syz
[  435.318304][ T5104] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  435.328446][ T5104] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  435.329018][ T8583] (syz.2.1006,8583,0):ocfs2_create:676 ERROR: status = -30
[  435.336090][ T5104] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  435.344464][ T4320] usb 2-1: config 0 descriptor??
[  435.361647][ T5104] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  435.371565][ T5104] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  435.390356][ T5104] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  435.406959][ T5104] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  435.416773][ T5104] plantronics 0003:047F:FFFF.0004: unknown main item tag 0x0
[  435.434545][ T5104] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving
[  435.461269][ T5104] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  435.561970][ T4276] ocfs2: Unmounting device (7,2) on (node local)
[  435.667702][ T4894] usb 1-1: USB disconnect, device number 5
[  435.887546][ T8607] fido_id[8607]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  435.952842][ T8603] device veth0_macvtap left promiscuous mode
[  436.017176][ T4894] usb 2-1: USB disconnect, device number 7
[  436.433706][ T8620] loop6: detected capacity change from 0 to 2048
[  436.496352][ T8620] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  436.536215][ T8620] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  436.608672][ T8620] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  436.644457][ T8620] UDF-fs: Scanning with blocksize 512 failed
[  436.683630][ T8620] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  436.752743][ T8626] loop1: detected capacity change from 0 to 16
[  436.816982][ T8626] erofs: (device loop1): mounted with root inode @ nid 36.
[  437.289002][ T8639] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  437.758315][ T8391] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  437.958279][ T8391] usb 6-1: Using ep0 maxpacket: 8
[  437.966224][ T8391] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  438.004276][ T8391] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  438.030161][ T8391] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  438.049014][ T8391] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  438.073215][ T8391] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  438.099907][ T8391] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  438.118116][ T8391] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.360785][ T8391] usb 6-1: usb_control_msg returned -32
[  438.368385][ T8391] usbtmc 6-1:16.0: can't read capabilities
[  438.736762][ T8678] loop1: detected capacity change from 0 to 128
[  438.841428][ T8677] usbtmc 6-1:16.0: usb_control_msg returned -32
[  438.869176][ T8678] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  438.898183][ T8678] ext4 filesystem being mounted at /195/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  439.044348][ T8391] usb 6-1: USB disconnect, device number 7
[  439.211806][ T4274] EXT4-fs (loop1): unmounting filesystem.
[  439.426567][ T4368] Bluetooth: hci0: Frame reassembly failed (-84)
[  439.460188][ T8699] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  439.553504][ T8701] kvm [8700]: vcpu0, guest rIP: 0x9132 Unhandled WRMSR(0xc1) = 0x200000000
[  439.562594][ T8701] kvm [8700]: vcpu0, guest rIP: 0x9132 Unhandled WRMSR(0xc2) = 0x200000000
[  439.575108][ T8701] kvm [8700]: vcpu0, guest rIP: 0x9132 Unhandled WRMSR(0x11e) = 0x2be702111
[  439.587813][ T8701] kvm [8700]: vcpu0, guest rIP: 0x9132 Unhandled WRMSR(0x186) = 0x200000000
[  439.615583][ T8701] kvm [8700]: vcpu0, guest rIP: 0x9132 Unhandled WRMSR(0x187) = 0x200000000
[  440.009020][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  440.026643][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  440.795817][ T8716] loop2: detected capacity change from 0 to 512
[  440.900465][ T8716] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  440.922255][ T8716] ext4 filesystem being mounted at /228/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  441.176889][ T4276] EXT4-fs (loop2): unmounting filesystem.
[  441.431094][ T4277] Bluetooth: hci0: command 0x1003 tx timeout
[  441.438267][ T4283] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  441.903384][ T8736] loop1: detected capacity change from 0 to 256
[  442.322694][ T8754] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  443.889367][ T8784] netlink: 67 bytes leftover after parsing attributes in process `syz.0.1070'.
[  444.134680][ T8796] netlink: 'syz.6.1073': attribute type 1 has an invalid length.
[  444.635143][ T8806] loop5: detected capacity change from 0 to 2048
[  444.674536][ T8812] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  445.379145][ T8806] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  445.528468][ T8806] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  445.754837][ T4759] EXT4-fs (loop5): unmounting filesystem.
[  445.838231][ T8000] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  446.028332][ T8000] usb 7-1: Using ep0 maxpacket: 8
[  446.050425][ T8000] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  446.060237][ T8000] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  446.078175][ T8000] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  446.088971][ T8000] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  446.099615][ T8000] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  446.115518][ T8000] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  446.224655][ T8000] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.522827][ T8000] usb 7-1: usb_control_msg returned -32
[  446.529029][ T8000] usbtmc 7-1:16.0: can't read capabilities
[  446.831461][ T8850] netlink: 240 bytes leftover after parsing attributes in process `syz.1.1090'.
[  447.270247][ T8851] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=568208745 (2272834980 ns) > initial count (932309172 ns). Using initial count to start timer.
[  447.736042][ T8855] usbtmc 7-1:16.0: usb_control_msg returned -32
[  447.862570][ T8871] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1098'.
[  447.939262][ T8000] usb 7-1: USB disconnect, device number 6
[  449.296187][ T8896] kvm: emulating exchange as write
[  450.677060][ T8899] loop5: detected capacity change from 0 to 40427
[  450.714549][ T8899] F2FS-fs (loop5): Small segment_count (9 < 1 * 24)
[  450.743804][ T8899] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  450.805284][ T8899] F2FS-fs (loop5): Found nat_bits in checkpoint
[  450.980221][ T8899] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  450.987346][ T8899] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  451.034018][ T8942] block device autoloading is deprecated and will be removed.
[  451.246213][ T4759] syz-executor: attempt to access beyond end of device
[  451.246213][ T4759] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  452.283728][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880578e2800: rx timeout, send abort
[  452.296567][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880578e2800: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  452.815671][ T8965] kvm [8964]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x187) = 0xe1fa
[  452.835303][ T8965] kvm [8964]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x186) = 0x359e
[  453.183819][ T8972] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1134'.
[  453.662417][ T8993] loop2: detected capacity change from 0 to 32768
[  453.698209][   T27] audit: type=1800 audit(1759780211.276:136): pid=8993 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1141" name="file1" dev="loop2" ino=7 res=0 errno=0
[  454.628569][  T106] ==================================================================
[  454.636708][  T106] BUG: KASAN: use-after-free in jfs_lazycommit+0x74f/0xa50
[  454.643951][  T106] Read of size 4 at addr ffff88807d497c94 by task jfsCommit/106
[  454.651671][  T106] 
[  454.654024][  T106] CPU: 0 PID: 106 Comm: jfsCommit Not tainted syzkaller #0
[  454.661247][  T106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  454.671421][  T106] Call Trace:
[  454.674729][  T106]  <TASK>
[  454.677692][  T106]  dump_stack_lvl+0x168/0x22e
[  454.682411][  T106]  ? __lock_acquire+0x7c50/0x7c50
[  454.687507][  T106]  ? show_regs_print_info+0x12/0x12
[  454.692750][  T106]  ? load_image+0x3b0/0x3b0
[  454.697290][  T106]  ? _raw_spin_lock_irqsave+0xb0/0xf0
[  454.702709][  T106]  ? __virt_addr_valid+0x188/0x540
[  454.707864][  T106]  ? __virt_addr_valid+0x465/0x540
[  454.713016][  T106]  ? jfs_lazycommit+0x74f/0xa50
[  454.717902][  T106]  print_report+0xa8/0x210
[  454.722358][  T106]  kasan_report+0x10b/0x140
[  454.726902][  T106]  ? jfs_lazycommit+0x74f/0xa50
[  454.731963][  T106]  jfs_lazycommit+0x74f/0xa50
[  454.736681][  T106]  ? txFreelock+0x5a0/0x5a0
[  454.741218][  T106]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  454.747158][  T106]  ? do_task_dead+0xd0/0xd0
[  454.751699][  T106]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  454.757645][  T106]  ? __kthread_parkme+0x162/0x1c0
[  454.762715][  T106]  kthread+0x29d/0x330
[  454.766839][  T106]  ? txFreelock+0x5a0/0x5a0
[  454.771368][  T106]  ? kthread_blkcg+0xd0/0xd0
[  454.775984][  T106]  ret_from_fork+0x1f/0x30
[  454.780450][  T106]  </TASK>
[  454.783499][  T106] 
[  454.785842][  T106] Allocated by task 8993:
[  454.790184][  T106]  kasan_set_track+0x4b/0x70
[  454.794805][  T106]  __kasan_kmalloc+0x8e/0xa0
[  454.799435][  T106]  jfs_fill_super+0xd2/0xac0
[  454.804062][  T106]  mount_bdev+0x287/0x3c0
[  454.808427][  T106]  legacy_get_tree+0xe6/0x180
[  454.813140][  T106]  vfs_get_tree+0x88/0x270
[  454.817588][  T106]  do_new_mount+0x24a/0xa40
[  454.822123][  T106]  __se_sys_mount+0x2d6/0x3c0
[  454.826841][  T106]  do_syscall_64+0x4c/0xa0
[  454.831285][  T106]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  454.837205][  T106] 
[  454.839549][  T106] Freed by task 4276:
[  454.843683][  T106]  kasan_set_track+0x4b/0x70
[  454.848396][  T106]  kasan_save_free_info+0x2d/0x50
[  454.853459][  T106]  ____kasan_slab_free+0x126/0x1e0
[  454.858602][  T106]  slab_free_freelist_hook+0x131/0x1a0
[  454.864096][  T106]  __kmem_cache_free+0xb6/0x1f0
[  454.868982][  T106]  generic_shutdown_super+0x130/0x340
[  454.874387][  T106]  kill_block_super+0x7c/0xe0
[  454.879097][  T106]  deactivate_locked_super+0x93/0xf0
[  454.884416][  T106]  cleanup_mnt+0x463/0x4f0
[  454.888875][  T106]  task_work_run+0x1ca/0x250
[  454.893498][  T106]  exit_to_user_mode_loop+0xe6/0x110
[  454.898826][  T106]  exit_to_user_mode_prepare+0xee/0x180
[  454.904408][  T106]  syscall_exit_to_user_mode+0x16/0x40
[  454.909906][  T106]  do_syscall_64+0x58/0xa0
[  454.914359][  T106]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  454.920282][  T106] 
[  454.922634][  T106] Last potentially related work creation:
[  454.928367][  T106]  kasan_save_stack+0x3a/0x60
[  454.933081][  T106]  __kasan_record_aux_stack+0xb2/0xc0
[  454.938501][  T106]  call_rcu+0x154/0x980
[  454.942693][  T106]  fib_release_info+0x684/0x740
[  454.947586][  T106]  fib_table_flush+0x9a3/0x11b0
[  454.952563][  T106]  fib_disable_ip+0xfd/0x170
[  454.957182][  T106]  fib_netdev_event+0x2f7/0x470
[  454.962057][  T106]  raw_notifier_call_chain+0xcb/0x160
[  454.967721][  T106]  dev_close_many+0x28d/0x400
[  454.972442][  T106]  unregister_netdevice_many+0x471/0x1840
[  454.978283][  T106]  default_device_exit_batch+0x9c3/0xa50
[  454.983960][  T106]  cleanup_net+0x77b/0xb80
[  454.988415][  T106]  process_one_work+0x898/0x1160
[  454.993383][  T106]  worker_thread+0xaa2/0x1250
[  454.998086][  T106]  kthread+0x29d/0x330
[  455.002194][  T106]  ret_from_fork+0x1f/0x30
[  455.006649][  T106] 
[  455.008992][  T106] The buggy address belongs to the object at ffff88807d497c00
[  455.008992][  T106]  which belongs to the cache kmalloc-256 of size 256
[  455.023166][  T106] The buggy address is located 148 bytes inside of
[  455.023166][  T106]  256-byte region [ffff88807d497c00, ffff88807d497d00)
[  455.036476][  T106] 
[  455.038825][  T106] The buggy address belongs to the physical page:
[  455.045266][  T106] page:ffffea0001f52580 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7d496
[  455.055446][  T106] head:ffffea0001f52580 order:1 compound_mapcount:0 compound_pincount:0
[  455.063799][  T106] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  455.071833][  T106] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888017441b40
[  455.080463][  T106] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  455.089071][  T106] page dumped because: kasan: bad access detected
[  455.095592][  T106] page_owner tracks the page as allocated
[  455.101335][  T106] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4276, tgid 4276 (syz-executor), ts 75792811103, free_ts 75710393991
[  455.122734][  T106]  post_alloc_hook+0x173/0x1a0
[  455.127639][  T106]  get_page_from_freelist+0x1a26/0x1ac0
[  455.133237][  T106]  __alloc_pages+0x1df/0x4e0
[  455.137872][  T106]  alloc_slab_page+0x5d/0x160
[  455.142587][  T106]  new_slab+0x87/0x2c0
[  455.146692][  T106]  ___slab_alloc+0xbc6/0x1230
[  455.151403][  T106]  __kmem_cache_alloc_node+0x1a0/0x260
[  455.156896][  T106]  __kmalloc+0xa0/0x240
[  455.161095][  T106]  __register_sysctl_table+0x96c/0xe70
[  455.166613][  T106]  neigh_sysctl_register+0x993/0xa70
[  455.171910][  T106]  addrconf_sysctl_register+0xac/0x1b0
[  455.177382][  T106]  ipv6_add_dev+0xbe0/0x1120
[  455.181990][  T106]  ipv6_find_idev+0xbd/0x1d0
[  455.186626][  T106]  inet6_rtm_newaddr+0x42a/0x870
[  455.191582][  T106]  rtnetlink_rcv_msg+0x79b/0xed0
[  455.196550][  T106]  netlink_rcv_skb+0x1de/0x420
[  455.201337][  T106] page last free stack trace:
[  455.206005][  T106]  free_unref_page_prepare+0x8b4/0x9a0
[  455.211559][  T106]  free_unref_page+0x2e/0x3f0
[  455.216326][  T106]  qlist_free_all+0x76/0xe0
[  455.220829][  T106]  kasan_quarantine_reduce+0x144/0x160
[  455.226302][  T106]  __kasan_slab_alloc+0x1e/0x80
[  455.231162][  T106]  slab_post_alloc_hook+0x4b/0x480
[  455.236286][  T106]  __kmem_cache_alloc_node+0x140/0x260
[  455.241746][  T106]  kmalloc_trace+0x26/0xe0
[  455.246185][  T106]  netdevice_event+0x325/0x900
[  455.250950][  T106]  raw_notifier_call_chain+0xcb/0x160
[  455.256410][  T106]  __dev_notify_flags+0x178/0x2d0
[  455.261452][  T106]  dev_change_flags+0xe3/0x1a0
[  455.266237][  T106]  do_setlink+0xc31/0x3c40
[  455.270694][  T106]  rtnl_newlink+0x17d6/0x1ff0
[  455.275376][  T106]  rtnetlink_rcv_msg+0x79b/0xed0
[  455.280313][  T106]  netlink_rcv_skb+0x1de/0x420
[  455.285110][  T106] 
[  455.287483][  T106] Memory state around the buggy address:
[  455.293134][  T106]  ffff88807d497b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  455.301192][  T106]  ffff88807d497c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  455.309249][  T106] >ffff88807d497c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  455.317300][  T106]                          ^
[  455.321896][  T106]  ffff88807d497d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  455.329986][  T106]  ffff88807d497d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  455.338049][  T106] ==================================================================
[  455.346155][  T106] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  455.353344][  T106] CPU: 0 PID: 106 Comm: jfsCommit Not tainted syzkaller #0
[  455.360556][  T106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  455.370626][  T106] Call Trace:
[  455.373907][  T106]  <TASK>
[  455.376847][  T106]  dump_stack_lvl+0x168/0x22e
[  455.381560][  T106]  ? memcpy+0x3c/0x60
[  455.385549][  T106]  ? show_regs_print_info+0x12/0x12
[  455.390746][  T106]  ? load_image+0x3b0/0x3b0
[  455.395268][  T106]  panic+0x2c9/0x710
[  455.399166][  T106]  ? __lock_acquire+0x7c50/0x7c50
[  455.404201][  T106]  ? bpf_jit_dump+0xd0/0xd0
[  455.408714][  T106]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  455.414644][  T106]  ? _raw_spin_unlock+0x40/0x40
[  455.419503][  T106]  check_panic_on_warn+0x80/0xa0
[  455.424462][  T106]  ? jfs_lazycommit+0x74f/0xa50
[  455.429329][  T106]  end_report+0x66/0x110
[  455.433619][  T106]  kasan_report+0x118/0x140
[  455.438148][  T106]  ? jfs_lazycommit+0x74f/0xa50
[  455.443025][  T106]  jfs_lazycommit+0x74f/0xa50
[  455.447708][  T106]  ? txFreelock+0x5a0/0x5a0
[  455.452210][  T106]  ? _raw_spin_unlock_irqrestore+0x82/0x100
[  455.458117][  T106]  ? do_task_dead+0xd0/0xd0
[  455.462633][  T106]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  455.468573][  T106]  ? __kthread_parkme+0x162/0x1c0
[  455.473623][  T106]  kthread+0x29d/0x330
[  455.477698][  T106]  ? txFreelock+0x5a0/0x5a0
[  455.482199][  T106]  ? kthread_blkcg+0xd0/0xd0
[  455.486803][  T106]  ret_from_fork+0x1f/0x30
[  455.491268][  T106]  </TASK>
[  455.494603][  T106] Kernel Offset: disabled
[  455.498933][  T106] Rebooting in 86400 seconds..