last executing test programs:

2m17.232991563s ago: executing program 2 (id=121):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x2, &(0x7f0000000040)=0xce, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
sendmsg$inet(r0, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0x100120}], 0x1}, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000380)={@in={{0x2, 0x4e21, @broadcast}}, 0x0, 0x0, 0x6, 0x0, "d264e51f7683e32614c313fb4d5090b11a34d09df5e21fce2d220ad89849feab28702a083a9cb625f454a5ccc32fe45d52f1dc0ecafe9d353fb2627365e0f6347ea8125703519add3d1025600ec7a8c8"}, 0xd8)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x0)

2m15.098608225s ago: executing program 2 (id=123):
r0 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r0, &(0x7f0000000140)={0x18, 0x2, {0xffff, @dev={0xac, 0x14, 0x14, 0x1c}}}, 0x1e)
connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x24, @loopback}}, 0x1e)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, 0x0, &(0x7f0000000180))
ioctl$PPPIOCATTCHAN(0xffffffffffffffff, 0x40047438, &(0x7f0000000200)=0x1)
ioctl$PPPIOCBRIDGECHAN(0xffffffffffffffff, 0x40047435, &(0x7f0000000040)=0x3)

2m14.736652914s ago: executing program 2 (id=126):
recvmsg$qrtr(0xffffffffffffffff, 0x0, 0x0, 0x100)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
ioctl$USBDEVFS_CLEAR_HALT(r0, 0x80045515, &(0x7f0000000180)={0x1, 0x1})

2m14.351077525s ago: executing program 2 (id=128):
socket(0x10, 0x803, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
accept4(r0, 0x0, 0x0, 0x800)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008000, &(0x7f0000000300)=ANY=[@ANYBLOB="000075b8b62e943fefae1913e055b8852885f3200b41a4a7e940141a3e9a708cfa000f58442c767bb8bac7e75a49ac5762e52f7f3bf6909e28d3468821124bce8d75bf8584dedd275c45e85bfa22d157b6d5ac4e569df05173d6ff9d8ed3bdf95c41f60f6a1b456842fecd0f09b6ab9136de2336b349cfe9cd308933da9b574e4f040f"], 0x1, 0x602, &(0x7f0000000680)="$eJzs3cFvHFcdB/Dvbhxn10jpxk3agIqwilQhLJJdWyKAkIBSkIUqVIkDZ4s4iZVNWtlb5PYAAXEonPonlIP/AcSxSDnQHuHUs1GPSJzxzWhmZ+x1vHGdOMna5PORZue9eTNvfu83M7sza1kb4Lm1NJ+p+2lkaf7NjaK+tbnY39pcvFOXk5xL0kxaSRrF4r8m+Ty5l+GUL9cNI/MDPvu4dfPTDz/5YFhrVVO5fuOw7Q5qj1m2G0tnGGs5P4Z9/S0cu7/9I5xNMne8+ODJ2Kn9a2zzI1yXAMBp00jOjFveSWaqm/XiOWB4Vzy8xz7V7k06AAAAAHgGXtjOdjZyftJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGlS/f5/o5qadXkujfr3/6erZanKp9r9SQcAAAAAAAAAAEczc1jj17aznY2cr+s7jfJv/q+WlYvl65fybtazkrVcyUaWM8gga+kl6Yx0NL2xPBis9Y6w5cLYLRd261NPaNwAAAAAAAAA8Dz5fZb2/v4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnQSM5M5yV08W63ElzKkkryXSx3r3kn3X5NLs/6QAAAADgGXhhO9vZyPm6vtMon/lfKp/7W3k3dzPIagbpZyXXy+8Chk/9za3Nxf7W5uKdYjrY74/+M35/Xx2/uOwxw+8exu/5crlGOzeyWi65kl/l7fRzPc1yy8LlOp7xcf2uiKnxg8oRE3S9mhcj/1k1Pxk6ZUbO7makW8VWZOPC4Zl42NE54p56ae5+83PxKeR8ppoX43mjznnzkUJ+Sh7MxMLI2ffS4ZlIZn/5p2u3+ndv37qxPn9yTqPH9GAmFkcy8fJzlYlumYlLdXX3K9G5vJW1rObXWc4gK5nLG2VpubpOi9fO4Zn64b7aW18UyXR1XIbvoiMxZSk/zS8yf0hMr5bbns9qfp63c708ot1cy7Us5Nv5brr7jvClsXH/dqdqLq/65qNd9V//RlU4m+Qn1fxkKPJ6YSSvo++5nbJtdMlelmaf/Hvj1FeqQnH2vH7iPo8uPPApUWfixWL0f5waVg5m4s/libPev3t77dbyO0fc32vVvMjAjw9kYufM8UZzHMX5MlscrLK2/+wo2l4c29Yr2y7utjUPtF3abfuiK3W6uoc72NNC2fby2LbhdpeHbe2iddz9FgAn3sw3Z6bb/27/o/1R+w/tW+03W6+f+865V6Zz9u9nvzfVPfNa85XGX/JRfrP3/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy+9ffev73c76+snYRCOw9r+u/O0KQjVFB4TgqTfmcCnrargzvvXF1/7/1vrd5Zvll/yvZ6vWvdqzdW+yvV66SjBACepL2b/klHAgAAAAAAAAAAAAAAPMyz+HfiSY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/7Y0n6n7aaTXvdIt6lubi/1iqst7a7aSNIrC35J8ntzLcEpnpLvGw/bz2cetm59++MkHe3216vUbh213NN+fGYml+UBMj2Hf2BaO09+57BvhXJLZag4T978AAAD//yCXCmI=")
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x40020000000002)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0x3, r1}, 0x38)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_open_dev$ndb(0x0, 0x0, 0x46200)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2057)
write$FUSE_INIT(r3, &(0x7f0000004200)={0x50, 0x0, r4, {0x7, 0x29, 0x0, 0xffffffff85010014, 0x4, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5}}, 0x50)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x4b)
syz_fuse_handle_req(r3, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20, 0x0, 0xcb, {0x0, 0x8}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getdents(r5, &(0x7f0000001900)=""/76, 0x4c)

2m12.786914987s ago: executing program 2 (id=133):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket(0x2, 0x80805, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x1000000000002)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r0, 0xc2604110, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f00000007c0)={0x1, 0x2, 0x1, 0x0, 0x8})
r1 = syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./file0\x00', 0x2004000, &(0x7f0000000240)={[{@clear_cache}, {@user_subvol_rm}, {@nodiscard}, {@user_subvol_rm}, {@autodefrag}, {@autodefrag}, {@max_inline={'max_inline', 0x3d, [0x7, 0x32, 0x35, 0x39, 0x32, 0x38, 0x67, 0x2d, 0x2d, 0x37]}}, {@ssd_spread}]}, 0x0, 0x559e, &(0x7f00000103c0)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
chdir(&(0x7f0000000080)='./file0\x00')
ioctl$BTRFS_IOC_QUOTA_CTL(r1, 0xc0109428, &(0x7f0000000580)={0x1})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file3\x00', 0x1a08862, &(0x7f0000000300)=ANY=[], 0x1, 0x6bb, &(0x7f0000001600)="$eJzs3d1rXGkdB/DvmUzSTIVu9qXdVRYMW1jFYps0dDUibFWQXiyyVHARvAltug2ddpc0K9lFNL7ferF/wHqRC8EbBe8LK3ilXgiLd8ELWRC8WW+CXkTOmTOTSdPJzrRpptXPpzxznnOe1/Obc57JzFAmwP+tS2fSvJMil868sl7ub20utLc2F47Vxe0kZb6RNDubFLeS4v3kYjopnywP1vWLQeO8u7J4+YOPtj7s7DXrVNVvHNRuOBtVaiWzSSbS2Sb/2dlbbbJOQ/ZX93Ol199wvlxvl3pHit4ZlgE73Q0cjNvOPhujNH/A+xZ4FBSd1819ZpLjSabrvwNSrw6No53d4RtplQMAAIDH1BPb2c56Tox7HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA4KdKaqDZlmt49PJui+/v/U3V56vzlxthm++DujHsCAAAAAAAAAHAIPr2d7aznRJK/lPs7nW/2X6gen6keP5G3cjvLWc3ZrGcpa1nLauaTzPR1NLW+tLa2Oj9Ey/P3bHn+/ub/m/trBgAAAAAAAAD/a36US9X3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MgokonOpkrPdPMzaTSTTCeZKuttJH/u5h8Txb0O3jn6eQAAAMADmb6PNk9sZzvrOdHd3ymq9/ynqvfL03krt/69s7OTtbSznKv1e+jyXX9ja3OhvbW5cHNrc6Ea+Ds7HZ1+vvLPg0Y9dveBqsd0PnvojZy1rPRGfq6q0cq1rFRHzuZKNZmraVQtS8/V8+mlvYP8sJxT6+XakAG6Wm/LwX4x6FOEw9AYtcFM1WiyF5G5em5lR08eHImDn50kzQNHmk+j98nPMwNG+lpf+2LEmB/vtkvys7ti/vLff/XtIbt5CHqRaKSKxPm+q+/U1ubCRAbGPPnM73792vX2rRvXr90+89Auo6PSiUR5v3auiYW+SDx78NX3iEeiOWL9uSoSJ3v7l/L1fDNnMptXs5qVfDdLRbKcemXMUn09l48zfVFK9kXq4p69Vz9uJlP189JZRT9mTlnLcmZzrMot5YWq7YmspMgbuZrlvFT9O5/5fCEXciGLfc/wyYHPcHVu1UrbGO2uP/3Z7N7qPy9X6uHaJX8YtuLoOi+pZVyf7Itr/5o7U5X1H9mN0lNDvB6NuDY2P1VnyjF+PHyMjsDdkZjvi8TTB0fil9W9cbt968bq9aU3B/S/cdf+i5O7+Z8+zFfmkZXXy1OZrleSvVdHWfZ0b5XZG6+p+huXTlljX9nJqqwounfqN+5xp5YRX6xqn7pnT+ersmf3l03UM//r3/rK9vy9lTf+OJ54AjCi4587PtX6R+tPrfdaP2ldb70y/dVjXzz2/FQmfz/5pebcxIuN54vf5r18f/f9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcP9uv/3OjaV2e3n13pnG4KLDzRT1D/kMqtNMK0cwjaPMFMlGe2ficHvu/jzfo3CCgzPdWT5oP69dfCRO5zAyB138D5CZSXJwnYndq+UH/ZXrp6jzS2jf+tdYVifgYTq3dvPNc7fffufzKzeXXl9+ffnW5IULi3OLF15aOHdtpb0813kc9yyBh2H374FxzwQAAAAAAAAAAAAY1lH894a+4WbHeKoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAY+rSmTQnU2R+7uxcub+1udAuUze/W7OZpNFIiu8lxfvJxXRSZvq6KwaN8+7K4uUPPtr6cLevZrd+46B2w9moU2aTTNTbfabur78rg/obWtE7wzJgp7uBg3H7bwAAAP//AWkGTQ==")
creat(&(0x7f0000000380)='./file1\x00', 0x8a)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r1, 0x8030942b, &(0x7f0000000340)={0x0, {0x50979c6b8b4af6fa, 0x0, 0x56, 0x2, 0xffffffffffffff60}})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x111, 0x5}}, 0x20)
getrlimit(0x4, &(0x7f0000000000))
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)

2m11.062266778s ago: executing program 2 (id=141):
socket(0x10, 0x803, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
accept4(r0, 0x0, 0x0, 0x800)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008000, &(0x7f0000000300)=ANY=[@ANYBLOB="000075b8b62e943fefae1913e055b8852885f3200b41a4a7e940141a3e9a708cfa000f58442c767bb8bac7e75a49ac5762e52f7f3bf6909e28d3468821124bce8d75bf8584dedd275c45e85bfa22d157b6d5ac4e569df05173d6ff9d8ed3bdf95c41f60f6a1b456842fecd0f09b6ab9136de2336b349cfe9cd308933da9b574e4f040f"], 0x1, 0x602, &(0x7f0000000680)="$eJzs3cFvHFcdB/Dvbhxn10jpxk3agIqwilQhLJJdWyKAkIBSkIUqVIkDZ4s4iZVNWtlb5PYAAXEonPonlIP/AcSxSDnQHuHUs1GPSJzxzWhmZ+x1vHGdOMna5PORZue9eTNvfu83M7sza1kb4Lm1NJ+p+2lkaf7NjaK+tbnY39pcvFOXk5xL0kxaSRrF4r8m+Ty5l+GUL9cNI/MDPvu4dfPTDz/5YFhrVVO5fuOw7Q5qj1m2G0tnGGs5P4Z9/S0cu7/9I5xNMne8+ODJ2Kn9a2zzI1yXAMBp00jOjFveSWaqm/XiOWB4Vzy8xz7V7k06AAAAAHgGXtjOdjZyftJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGlS/f5/o5qadXkujfr3/6erZanKp9r9SQcAAAAAAAAAAEczc1jj17aznY2cr+s7jfJv/q+WlYvl65fybtazkrVcyUaWM8gga+kl6Yx0NL2xPBis9Y6w5cLYLRd261NPaNwAAAAAAAAA8Dz5fZb2/v4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnQSM5M5yV08W63ElzKkkryXSx3r3kn3X5NLs/6QAAAADgGXhhO9vZyPm6vtMon/lfKp/7W3k3dzPIagbpZyXXy+8Chk/9za3Nxf7W5uKdYjrY74/+M35/Xx2/uOwxw+8exu/5crlGOzeyWi65kl/l7fRzPc1yy8LlOp7xcf2uiKnxg8oRE3S9mhcj/1k1Pxk6ZUbO7makW8VWZOPC4Zl42NE54p56ae5+83PxKeR8ppoX43mjznnzkUJ+Sh7MxMLI2ffS4ZlIZn/5p2u3+ndv37qxPn9yTqPH9GAmFkcy8fJzlYlumYlLdXX3K9G5vJW1rObXWc4gK5nLG2VpubpOi9fO4Zn64b7aW18UyXR1XIbvoiMxZSk/zS8yf0hMr5bbns9qfp63c708ot1cy7Us5Nv5brr7jvClsXH/dqdqLq/65qNd9V//RlU4m+Qn1fxkKPJ6YSSvo++5nbJtdMlelmaf/Hvj1FeqQnH2vH7iPo8uPPApUWfixWL0f5waVg5m4s/libPev3t77dbyO0fc32vVvMjAjw9kYufM8UZzHMX5MlscrLK2/+wo2l4c29Yr2y7utjUPtF3abfuiK3W6uoc72NNC2fby2LbhdpeHbe2iddz9FgAn3sw3Z6bb/27/o/1R+w/tW+03W6+f+865V6Zz9u9nvzfVPfNa85XGX/JRfrP3/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy+9ffev73c76+snYRCOw9r+u/O0KQjVFB4TgqTfmcCnrargzvvXF1/7/1vrd5Zvll/yvZ6vWvdqzdW+yvV66SjBACepL2b/klHAgAAAAAAAAAAAAAAPMyz+HfiSY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/7Y0n6n7aaTXvdIt6lubi/1iqst7a7aSNIrC35J8ntzLcEpnpLvGw/bz2cetm59++MkHe3216vUbh213NN+fGYml+UBMj2Hf2BaO09+57BvhXJLZag4T978AAAD//yCXCmI=")
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x40020000000002)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0x3, r1}, 0x38)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_open_dev$ndb(0x0, 0x0, 0x46200)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2057)
write$FUSE_INIT(r3, &(0x7f0000004200)={0x50, 0x0, r4, {0x7, 0x29, 0x0, 0xffffffff85010014, 0x4, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5}}, 0x50)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x4b)
syz_fuse_handle_req(r3, &(0x7f00000067c0), 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="780000000000000002000000000000040000000000000000000000000000000004"], 0x0, 0x0, 0x0, 0x0})
getdents(r5, &(0x7f0000001900)=""/76, 0x4c)

2m10.617507742s ago: executing program 32 (id=141):
socket(0x10, 0x803, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
accept4(r0, 0x0, 0x0, 0x800)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000640)='./file1\x00', 0x1008000, &(0x7f0000000300)=ANY=[@ANYBLOB="000075b8b62e943fefae1913e055b8852885f3200b41a4a7e940141a3e9a708cfa000f58442c767bb8bac7e75a49ac5762e52f7f3bf6909e28d3468821124bce8d75bf8584dedd275c45e85bfa22d157b6d5ac4e569df05173d6ff9d8ed3bdf95c41f60f6a1b456842fecd0f09b6ab9136de2336b349cfe9cd308933da9b574e4f040f"], 0x1, 0x602, &(0x7f0000000680)="$eJzs3cFvHFcdB/Dvbhxn10jpxk3agIqwilQhLJJdWyKAkIBSkIUqVIkDZ4s4iZVNWtlb5PYAAXEonPonlIP/AcSxSDnQHuHUs1GPSJzxzWhmZ+x1vHGdOMna5PORZue9eTNvfu83M7sza1kb4Lm1NJ+p+2lkaf7NjaK+tbnY39pcvFOXk5xL0kxaSRrF4r8m+Ty5l+GUL9cNI/MDPvu4dfPTDz/5YFhrVVO5fuOw7Q5qj1m2G0tnGGs5P4Z9/S0cu7/9I5xNMne8+ODJ2Kn9a2zzI1yXAMBp00jOjFveSWaqm/XiOWB4Vzy8xz7V7k06AAAAAHgGXtjOdjZyftJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGlS/f5/o5qadXkujfr3/6erZanKp9r9SQcAAAAAAAAAAEczc1jj17aznY2cr+s7jfJv/q+WlYvl65fybtazkrVcyUaWM8gga+kl6Yx0NL2xPBis9Y6w5cLYLRd261NPaNwAAAAAAAAA8Dz5fZb2/v4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnQSM5M5yV08W63ElzKkkryXSx3r3kn3X5NLs/6QAAAADgGXhhO9vZyPm6vtMon/lfKp/7W3k3dzPIagbpZyXXy+8Chk/9za3Nxf7W5uKdYjrY74/+M35/Xx2/uOwxw+8exu/5crlGOzeyWi65kl/l7fRzPc1yy8LlOp7xcf2uiKnxg8oRE3S9mhcj/1k1Pxk6ZUbO7makW8VWZOPC4Zl42NE54p56ae5+83PxKeR8ppoX43mjznnzkUJ+Sh7MxMLI2ffS4ZlIZn/5p2u3+ndv37qxPn9yTqPH9GAmFkcy8fJzlYlumYlLdXX3K9G5vJW1rObXWc4gK5nLG2VpubpOi9fO4Zn64b7aW18UyXR1XIbvoiMxZSk/zS8yf0hMr5bbns9qfp63c708ot1cy7Us5Nv5brr7jvClsXH/dqdqLq/65qNd9V//RlU4m+Qn1fxkKPJ6YSSvo++5nbJtdMlelmaf/Hvj1FeqQnH2vH7iPo8uPPApUWfixWL0f5waVg5m4s/libPev3t77dbyO0fc32vVvMjAjw9kYufM8UZzHMX5MlscrLK2/+wo2l4c29Yr2y7utjUPtF3abfuiK3W6uoc72NNC2fby2LbhdpeHbe2iddz9FgAn3sw3Z6bb/27/o/1R+w/tW+03W6+f+865V6Zz9u9nvzfVPfNa85XGX/JRfrP3/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADy+9ffev73c76+snYRCOw9r+u/O0KQjVFB4TgqTfmcCnrargzvvXF1/7/1vrd5Zvll/yvZ6vWvdqzdW+yvV66SjBACepL2b/klHAgAAAAAAAAAAAAAAPMyz+HfiSY8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/7Y0n6n7aaTXvdIt6lubi/1iqst7a7aSNIrC35J8ntzLcEpnpLvGw/bz2cetm59++MkHe3216vUbh213NN+fGYml+UBMj2Hf2BaO09+57BvhXJLZag4T978AAAD//yCXCmI=")
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x40020000000002)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000180), 0x3, r1}, 0x38)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_open_dev$ndb(0x0, 0x0, 0x46200)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2057)
write$FUSE_INIT(r3, &(0x7f0000004200)={0x50, 0x0, r4, {0x7, 0x29, 0x0, 0xffffffff85010014, 0x4, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5}}, 0x50)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x4b)
syz_fuse_handle_req(r3, &(0x7f00000067c0), 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="780000000000000002000000000000040000000000000000000000000000000004"], 0x0, 0x0, 0x0, 0x0})
getdents(r5, &(0x7f0000001900)=""/76, 0x4c)

11.276735016s ago: executing program 4 (id=483):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000023c0)={0x2c, &(0x7f0000002240)={0x40, 0xc}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000840)={0x84, &(0x7f0000002100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)

10.744516244s ago: executing program 1 (id=489):
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12040000000000000109022400", @ANYRESDEC], 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, 0x0)
ioctl$EVIOCGSND(0xffffffffffffffff, 0x8040451a, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000040)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x80, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x64, 0x20d0}}}}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xfff3}}}, 0x24}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c)

9.732443167s ago: executing program 0 (id=493):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x13, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x130}, 0x94)
r0 = socket(0x400000000010, 0x3, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf68803f1c1acb7", 0x85}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f29cb62d05805063967de38327e", 0x9e}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29de8d9d", 0xd1}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83a", 0x5a}, {&(0x7f0000000800)}, {&(0x7f0000000900)}, {&(0x7f00000000c0)}], 0x7}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000bc0)="61275006ed747229311198ab94c7e6699587b0d033c2f17d1ccbd45cba520b6888fbad95d4d6ae3cc7172b392f90693e992e52408ba7f1874d1767303d6acb170f216f71908f53a3be1833a25eb1fb2ba3913dcc1d", 0x55}, {&(0x7f0000000580)="8f966bd94d169820f6b844307d32", 0xe}], 0x3, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}], 0x60}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e23, @local}, 0x2, 0x3, 0x1, 0x3}}, 0x80, 0x0}}, {{0x0, 0x0, &(0x7f0000003a40)=[{&(0x7f0000000640)="f3f4c60f4caeee", 0x7}], 0x1}}], 0x4, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

9.48859335s ago: executing program 0 (id=495):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
r3 = syz_open_dev$sndctrl(&(0x7f0000000280), 0x20000, 0x2)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r3, 0xc0045540, &(0x7f0000000100)=0xfdfdffff)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x69)
close(0xffffffffffffffff)

9.211619015s ago: executing program 3 (id=497):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x40002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
set_mempolicy(0x2002, 0x0, 0x400000000000004)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
readv(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f00000000c0)={0xfffd, 0xc, 0x4}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000240)={0x0, 0x10, &(0x7f0000000200)=[@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x22}}]}, &(0x7f0000000140)=0x10)

8.376387169s ago: executing program 1 (id=498):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x40002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
set_mempolicy(0x2002, 0x0, 0x400000000000004)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
readv(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f00000000c0)={0xfffd, 0xc, 0x4}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000240)={0x0, 0x10, &(0x7f0000000200)=[@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x22}}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, 0x0, &(0x7f00000010c0))

7.95949062s ago: executing program 3 (id=499):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a00)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0xce05562}]}]}, @NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x8}}], {0x14}}, 0x98}}, 0x0)

7.3987243s ago: executing program 4 (id=500):
r0 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x2c020400)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1, 0x0, 0x10000000, 0xffffffff, 0x4}}, @TCA_ACT_BPF_FD={0x8}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)

7.284590456s ago: executing program 1 (id=501):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(0xffffffffffffffff, 0x2275, 0x0)
read$msr(r0, &(0x7f0000005580)=""/102392, 0x18ff8)
getsockopt$MRT6(0xffffffffffffffff, 0x29, 0xce, 0x0, 0x0)
syz_emit_ethernet(0x56, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$sock_inet_SIOCSIFBRDADDR(0xffffffffffffffff, 0x891a, &(0x7f0000000000)={'veth1\x00', {0x2, 0x4e23, @broadcast}})

7.235323859s ago: executing program 4 (id=502):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x22, &(0x7f0000000040)=0x2, 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = socket$kcm(0x29, 0x5, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0xc854)
sendfile(0xffffffffffffffff, r1, 0x0, 0xffffffff000)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r1, 0x0, 0x40000)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, 0x0, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
ioctl$AUTOFS_IOC_CATATONIC(0xffffffffffffffff, 0x9362, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000009b80)=@newchain={0x24, 0x64, 0x300, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x7, 0xfff2}, {0xf}, {0xa, 0x1ffe4}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000000c0), 0x0)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, 0x0, 0x800)
creat(0x0, 0x20)

7.2054863s ago: executing program 3 (id=503):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0)
ioctl$FUSE_DEV_IOC_BACKING_CLOSE(r1, 0xe503, 0x0)
openat$comedi(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@delneigh={0x1c, 0x1a, 0xc01, 0xfffffffe, 0x25dfdbfe, {0xa, 0x0, 0x0, 0x0, 0xd4, 0x0, 0x6}}, 0x1c}, 0x1, 0x0, 0x0, 0x4040000}, 0x80)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x2)
write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000180)={0x20, 0x0, 0x0, {0x800, 0x0, 0x3, 0xd6}}, 0x20)
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x413, &(0x7f00000003c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x8000}})
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
read$FUSE(r1, &(0x7f0000002cc0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_STATFS(r3, &(0x7f0000004d00)={0x60, 0x0, r4, {{0x9, 0x1, 0x1, 0x216, 0x10001, 0x81, 0x0, 0x8}}}, 0x60)
sendto$inet6(r0, 0x0, 0x0, 0x8800, 0x0, 0x0)

6.935847024s ago: executing program 0 (id=504):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000000)={@private=0xa010101, @local}, 0x8)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0xfff, 0x4000000007}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000004c0)={r2, 0x3, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x44)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, 0x0, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020a0004020000002cbd7000fddbc42a"], 0x10}}, 0x10)

6.123966017s ago: executing program 3 (id=505):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x200a})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@flat=@weak_binder={0x77622a85, 0xb, 0x3}, @fd={0x66642a85, 0x0, r1}, @flat=@weak_handle={0x77682a85, 0x1115}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000880)="4a8e464b3d4657499ea54e5c7d563ff8776074ae642a55558dbfd1df9462b1259816b613ea02f9c5a2a4cc3bf701b7f4fa887e4ce6d2045a432a7b060f115097ae0e0e07f3f3704a688c03fccef3e273"})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000680)={0x4c, 0x0, &(0x7f00000006c0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x48, 0x18, &(0x7f00000005c0)={@flat=@binder={0x73622a85, 0x1, 0x1}, @flat=@binder={0x73622a85, 0x190b, 0x3}, @fd}, &(0x7f0000000140)={0x0, 0x18, 0x30}}, 0x40}], 0x0, 0x1000000000000, 0x0})

6.07239771s ago: executing program 1 (id=506):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x13, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="18"], &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x130}, 0x94)
r0 = socket(0x400000000010, 0x3, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{&(0x7f0000000240)=@generic={0x21, "1aee2c4f6843c6782466293e62d4f664c2efa8906f0d97822ac0d88ecdd9d47e182b3b523c6243022c1be9fd662325c023ac48a28ae996c41561bb7e9903c408613b4d29da0b9d5af499caa7759c17c667af8acea6dc52148f1233494efd8f08aaab6382d5e33471a107ec47df5b5312764e134c68842fd1a2078151812e"}, 0x80, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf68803f1c1acb74fef", 0x87}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f29cb62d05805063967de38327e", 0x9e}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29de8d9d", 0xd1}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d53c5ac29f83aed3ae9968fe8", 0x60}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e", 0x62}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2c2c04af73a6cb75b5d05d6037f91e8f4f08e90d5313fb91fbdc5acd212f7d8c800a837a0236309d25e82d5767d8df7512b2beb324c2a2fd6f4ed3a3eb7396f02d515396a3be574d721df257dbf0bc39c617c69458d721eb85d0e5372751cd23cc88571", 0x9c}, {&(0x7f00000000c0)}], 0x7}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000ac0)="3eb85e3024a2953147f5444738e1388e15fef01893884c2eeb5c559f4a030ee6b08fca1e38ee56dac9cbbea3d6d43e34d9daf81d45289d2bc841e2c4c7072582b15ce7ff3e22b0f19d8a2643280daeb9791b2d0f9b216a0fda4f30804b739da3cce1691d6d88ff52d3e43b26d935d69e99673e98e92fe2fd18e63d4d5699814d9843367774e155678592d0eec07073e851f50827bde418748aa0741684fe603e34dcc960678c7b3e71e48befa166d4a5247325fa881fc7857a8caadde6a2ac9cdcc4ead01267dbb4c639d6d8a80f9637e0c2a3f9623478134b943d5fba4f7e0ceed66c93cc8b", 0xe6}, {&(0x7f0000000bc0)="61275006ed747229311198ab94c7e6699587b0d033c2f17d1ccbd45cba520b6888fbad95d4d6ae3cc7172b392f90693e992e52408ba7f1874d1767303d6acb170f216f71908f53a3be1833a25eb1fb2ba3913dcc1de30c5c7e914b13514dea44fb2b964aaa280d5a85512fede48830ca6e", 0x71}, {&(0x7f0000000580)="8f966bd94d169820f6b844307d323b8c13deaeff91566b7f1725f39f", 0x1c}], 0x4, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}, @txtime={{0x18, 0x1, 0x3d, 0x9d}}], 0x78}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e23, @local}, 0x2, 0x3, 0x1, 0x3}}, 0x80, &(0x7f0000000f00)=[{&(0x7f0000000e00)="abc662f2a7dc713d226b612e712df36db5547daf508fb74a679224eba0fe5f05c53081ff6ebac83c264c6deeec6d4546fe7d00337f488ecee46577d71b39e24cdef94f16295eb7", 0x47}, {&(0x7f0000000ec0)}], 0x2, &(0x7f0000000f40)=[@timestamping={{0x14, 0x1, 0x25, 0x5}}], 0x18}}, {{&(0x7f0000000f80)=@can, 0x80, &(0x7f00000010c0)=[{&(0x7f0000001000)="3d9162a847e3afc18db28d0be9d1c220b7844d9e236c35781da53eb30cd67912e5b4138fab89f32de1cd2edde4efa562", 0x30}], 0x1, &(0x7f0000001180)=[@timestamping={{0x14, 0x1, 0x25, 0x92}}, @timestamping={{0x14, 0x1, 0x25, 0x4}}, @txtime={{0x18, 0x1, 0x3d, 0x10000}}], 0x48}}], 0x4, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

5.981689105s ago: executing program 4 (id=507):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f00000001c0)='./file1\x00', 0x300000a, &(0x7f0000000540)={[{@nodatacow}, {@thread_pool={'thread_pool', 0x3d, 0x1}}, {@nodiscard}, {@clear_cache}, {@rescan_uuid_tree}, {@clear_cache}, {@nobarrier}, {@compress_algo={'compress', 0x3d, 'no'}}, {@nospace_cache}, {@enospc_debug}, {@ssd_spread}, {@nossd}]}, 0x3, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000280)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$dri(0x0, 0x0, 0x0)
r4 = openat(r0, &(0x7f0000000100)='./file1\x00', 0x543442, 0xd1)
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00ea2eb34e7ea51c9446c55a2d1e0be39af9faf44ad59cb6ad1c94490d970e811439edddc71c9b18946b559ce53bee0a1abe562fc3f3898e5826eda1962cf6e3c4c0ade52151923a70b46eacfc1aaaebcf156e549e884bcabc1333f344f31cd30cd93cb2814e0dbc24a7a107e295e86e09283c825fe177c89c6385f68f2c843cffffffff15539bab6142ceed9265ba989d1a283fc4ffc83f3a7a6c746823e656ad78f3b5a336cdbd83dad59e0debb36b4ea5e658e253f01637cc03f704a08019f95b92fffffffff8dd21552d6967ab1b01e5d52a5793eb179deee4572770a5197127b090287bca2a4eaa1705b42c16968d0201d3ba3cc8000000657ea095f152b1b6a1e6ad8d24ad17f649ccc23d4ecbcdb5620cc48f95f563c2230f859d196e6c4f00b8e3a7b01fcb1d79dcc09b7a854ec8c31dd27ff9b4a2864e1dcaf719d20b56769d51228ecc1915fb8c8b598c11b3c296b05f9c5355fc6f19a7b28f5ae9a0d0804ccc5716cfac0246ddffa2f12077a02a959aa1b74373c38b2bcc90743b80666eae25dea73e127263b8fdbc64fe862b994ca8473d0000000000000000eb072b9ff13f9c24543a1529929bea41be75fedf30f7e325d0b9fee01e3c3a12f30201fad033ff278a6ebe256984af4d307d4a51e80ed5ac2103553ea2031a40"], 0x1, 0x192, &(0x7f0000009480)="$eJzsmL9OKkEUxr/Z5U+4uQm3vbe5JpKAhcvuoEYKC2oLTTQaO4msBF3EwBZA51NY+wTWxIb30EKtLMTOymLN7A7ugH+wQMV4fsWZb2YOw5mzybfJgiCIH8v11f3laTqVEPo3UojL9Rs9zNGU/E7yYea8snJ2bN5ddLrL+eHzGADPe///RwB0CzpcOfe8wV+n5LgOra+j6v4mGAypt6FhQ2obDFtS7ym6JvINY7fi2MZOzSkJYYpgicBFyA3X1ztiKCn1MWW/0WrvFx3Hrn+gGNW/XkHDklKf+rz6vTHD/sGCBkvqHBjWpF5EvN+boCXK/f9FwvP1T77/9xZ/kyNyopiUUkmMQTAIcZsAJqOerxKhP3knDGnFnyKKf2Td6mG20WrPVqrFsl22DzjPLZhzpjnPs74RBfEN/0v4/vRLOT/6Sm6MxdAsum7dCuLTnDfjcOv8JceN+f6nITMdVM3kmor/PvjDpsSQ0eWcIAiCIAiCIAiCIAiCIAhi7PwH87+CDpB/tsRX/ezHAAAA//8Wh3En")
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r6 = syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
read$FUSE(r5, &(0x7f0000000100)={0x2020, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000002140)={0x50, 0x0, r7, {0x7, 0x27, 0x0, 0x14a4014, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}}, 0x50)
read$FUSE(r5, &(0x7f000000b040)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r5, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r8}, 0x10)
ioctl(r6, 0x78ee2a6a, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(0xffffffffffffffff, 0x0, &(0x7f0000000040)='silent\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r4, 0x40309410, &(0x7f0000000000)={0x1, 0xffffffffff7ffe01, 0x6, 0x53d9, 0x3, [0xe, 0x2500, 0x1000000, 0x7fffffff]})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000002e00090026bd70000000a10004000000050011802e000000"], 0x1c}, 0x1, 0x0, 0x0, 0x42804}, 0x4000000)
r9 = fcntl$getown(0xffffffffffffffff, 0x9)
capget(&(0x7f0000000040)={0x20080522, r9}, &(0x7f00000001c0)={0x7f, 0x3, 0x2eb5, 0x7, 0x5, 0x6})

5.12049886s ago: executing program 3 (id=508):
syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$lan78xx(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r4, 0xc05064a7, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5})

4.520757722s ago: executing program 4 (id=509):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x40002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
set_mempolicy(0x2002, 0x0, 0x400000000000004)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
readv(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f00000000c0)={0xfffd, 0xc, 0x4}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000240)={0x0, 0x10, &(0x7f0000000200)=[@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x22}}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, 0x0, &(0x7f00000010c0))

4.332665042s ago: executing program 1 (id=510):
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x1010006, &(0x7f0000000140)={[{@quota}, {@iocharset={'iocharset', 0x3d, 'none'}}, {@discard_size={'discard', 0x3d, 0xaff9}}, {@discard_size={'discard', 0x3d, 0x6}}, {@discard}, {}, {@quota}, {@iocharset={'iocharset', 0x3d, 'default'}}, {@uid={'uid', 0x3d, 0xee01}}]}, 0x24, 0x61b6, &(0x7f00000075c0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6z/Drcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8ehfGf22Oed8FOf+Xao/nKv+vNJar51/+fpHz7+3J/8yt939x5uYHH7527f2r7228t/GzC+fOnb1w8eKlS5fOvHvt+sbZnX9b7PHRyvnnsa+dB9otOf+cufy7Jef/pVTLv1ty/l9Otfy7Jeef3+/Jv1ty/vmzj/y7Jef/Sqrl3y05/6+lWv7dkvN/NdXy75ac/9dTLf9uyfm/lmr5d0vO/3Sq5d8tOf8zqT5g/itH3S9mI+efj3DZ/7sl55/PbJB/t+T8z6da/t2S87+Qavl3S87/9VTLv1ty/t9Itfy7Jed/MdXy75ac/zdTLf9uyflfSrX8uyXn/61Uy79bcv7fTrX8uyXn/0aq5d8tOf/vpFr+3ZLz/26q5d8tOf/vpVr+3ZLzfzPV8u+Wh9//b8aMGTN5pu1nJgAAAAAAAAAAAACgaRanE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl989qBxEDI38nfwMYxISSb7NpO/EKbYsJrw1sJhEJfsF3v2iz4Da9dAo1k00CJhFFRRdtw0RYQanNTkQsuaAUoF6gVUiVoL+gNokLlIqoCCkiVaAXZas55nmdnZmdndu3x+sw5n4+U/LIzZ+acOXPm7H53850BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNWtr5//dCPLsuY/+b+2ZtkLmv+9eWprftlrrvUWAgAAAFfqV/m/n7shXXBwDTdqWeafX/7dry0tLS1l7xv98/HPLy2lK6aybHxTluXXRU/96P2N1mWCx7LJxkjL1yN9Vj/a5/qxPteP97l+os/1m/pcP9nn+hU7YIXNxe9j8jvbmf/n1mKXZjdm4/l1O7vc6rHGppGR+LucXCO/zdL4sWwhO5HNZ7NtyxfLNvLlv3Frc11vyeK6RlrWtb15hPzs0aNxGxphH+9sW9fyfUY/eV029fOfPXr0b889e3O32Xc3tN1fsZ137Ghu5yfDJcW2NrJNaZ/E7Rxp2c7tXZ6T0bbtbOS3a/5353Y+t8btHF3ezA3V+ZxPZiP5f38v309jrb/WS/tpe7jsF7dlWXZxebM7l1mxrmwk29J2ycjy8zNZHJHN+2geSi/OxtZ1nN66huO0Oed2th+nna+J+PzfGm43tso2tD5NP/nERMvz/sulyzlOo+ajXu210nkMDvq1UpZjMB4X38sf9ONdj8Gd4fE/evvqx2DXY6fLMZged8sxuKPfMTgyMZpvc3oSGvltlo/BXW3Lj+ZrauTzmdt7H4Mz506emVn82MfvXjh55Pj88flTe3btmt2zd+/+/ftnji2cmJ8t/n2Ze7v8tmQj6TWwI+y7+Bp4VceyrYfq0pcmVpx/L/d1ONnjdbi1Y9lBvw7HOh9cY2NekCuP6eK18Z7mTp+8NJKt8hrLn587r/x1mB53y+twrOV12PV7SpfX4dgaXofNZc7cubafWcZa/um2Dat/L7iyY3BryzHY+fNI5zE46J9HynIMTobj4gd3rv69YHvY3sen1/vzyOiKYzA93HDuaV6Sft6f3J+PbsflLc0rrpvIzi/On73nkSPnzp3dlYWxIV7Scqx0Hq9bWh5TtuJ4HVn38Xpw4eWP39Ll8q1hX03e3fzX5KrPVXOZe+/p/Vzl392678+2S3dnYQzYRu/Pbt/Nm/tzIsu+8O1PPPTNR7/w+lX3ZzNvfnLmyn8WT7m05fw7vsr5N+b+54v1pbt6bHR8rHj9jqa9M952Pm5/qsbyc1cjX/dzM2s7H4+Hfzb6fHxjj/Pxto5lB30+Hu98cPF83Oj3244r0/l8Tobj5MRs7/Nxc5ltu9d7TI71PB/fFmYj7P9Xh6SQclHLsbPacZvWNTY2Hh7XWFxD+3G6p2358ZDNmut6cnf4oTBt5dqO0ztuK5YfbbldtFHH6VTHsoM+TtPvvlY7Thv9fvt2eTqfz8lwXNy4p/dx2lzm6Xuv/Ny5Of5ny7lzot8xOD460dzm8XQQ5uf7bGlzPAbvyY5mp7MT2Vx+7UR+PDXydU3ft7Zz5UT4Z6PPldt6HIN3dCw76GMwfR9b7dhrjK188APQ+XxOhuPiift6H4PNZd6wb7A/u94RLknLtPzs2vn7tdV+53VLx266WsfKWNjOb+/r/bvZ5jIn9q83Z/beT3eFS67rsp86X7+rvabmso3ZT9vCdj67f/X91Nye5jKfP7DG4+lglmUXPvJA/vve8PeVC+e//7W2v7t0+5vOhY888NMXHvun9Ww/AMPv+WJsKb7Xtfxlai1//wcAAACGQsz9I2Em8j8AAABURsz98f8KT+R/AAAAqIyY+8fCTKqQ//+4/yLb3vDswvMXstTMXwri9Wk3PFgsFzuus+HrqaVlzcsf+Mr8f//jhbVt3kiWZb988I+6Lr/twbhdhamwnU+9sf3yFb5295rWffjhC2m9rf31L4b7j49nrYdBtwrubJZl37jhs/l6pt5/KZ9PP3g4nw9dfPyx5jLPHSi+jrd/5iXF8n8Vyr8Hjx1pu/0zYT/8OMzZt3bfH/F2X7306u373ru8vni7xo7r84f9xAeK+43vk/O5x4rl435ebfu/+Zknv9pc/pFXdt/+CyPdt//JcL9fCfN/XlYs3/ocNL+Ot/tU2P64vni7e778ra7b/9Sni+XPvKlY7nCYcf13hK93vunZhdb99UjjSNvjyt5cLBfXP/v9P82vj/cX779z+ycPXWrbH53Hx9P/VtzPTMfy8fK4nugfOtbfvJ/W4zOu/8k/Ody2n/ut/6mHnnlZ8347139Xx3JnPnJnvv7l+2t/x6a//tRnu64vbs/Bvz/T9ngOviu8jsP6n/hAOB7D9f/7VHF/ne+ucPhd7eefuPwXt15oezzRW35erP+p1x7P56bJzVuue8ELr7/4iua+y7LvbSrur9/6j//N6bbt/9JNxf6I18eOfuf6VxPXf/aj06dOL55fmEt79dEb8vfOeVuxPXF7bwjn1s6vD50+98H5s1OzU7NZNlXdt9C7bF8O86fFuNh76aUVZ9A7Hw7P5y1/+Y0tt//rZ+Ll//6e4vJLby2+b70qLPe5cPnW8Pytb/0rPXHrTfnru/F02MKlle8XfCW27/yv/WtaMDz+zp8L4vF+5qUfzPdD87r8+0Z8XV/h9v9wrrifr4f9uhTemXnHTcvra10+vjfCpXcXr/cr3n/hNBef178Lz/fbf1zcf9yu+Hh/GH6O+da29vNdPD6+fmGk8/7zd/G4GM4n2cXi+rhU3N+Xnrup6+bF9yHJLt6cf/1n6X5uXtfDXM3ixxZnTiycOv/IzLn5xXMzix/7+KGTp8+fOncofy/PQx/qd/vl89OW/Pw0N7/33iw/W50uxlV2rbf/zMNH5/bN3j43f+zI+WPnHj4zf/b40cXFo/Nzi7cfOXZs/qP9br8wd/+u3Qf27Ns9fXxh7v79Bw7sOTC9cOp0czOKjepj7+yHp0+dPZTfZPH+ew/suu++e2enT56em79/3+zs9Pl+t8+/N003b/2H02fnTxw5t3Byfnpx4ePz9+86sHfv7r7vBnjyzLHFqZmz50/NnF+cPztTPJapc/nFze99/W5PNS3+R/HzbKdG8UZ82Tvv2pven7XpK59Y9a6KRTreQPTZ8F4033nRmf1r+Trm/vEwkyrkfwAAACAXc/9EmIn8DwAAAJURc/+mMBP5HwAAACoj5v7JMNP/ElCT/F+5/v+2C2tav/6//n/r/tL/r1n//91l6/8X5wv9/8G40v69/n+g/6//r/+v/6//zwCUrf8fc//mLPP3fwAAAKiomPu3hJnI/wAAAFAZMfdfF2Yi/wMAAEBlxNz/gjCTmuR//X/9f/1//X/9/+7r1/8fTvr/ven/96H/P5PVq/9/cZDbfw36/5tbv9D/p4zK1v+Puf+FYSY1yf8AAABQBzH3Xx9mIv8DAABAZcTcf0OYifwPAAAAlRFz/9Ywk5rkf/3/K+r/p86V/n/79uv/t9P/D8eD/r/+/wbQ/+9N/78P/X+f/z9c/f82+v+UUdn6/zH3vyjMpCb5HwAAAOog5v4Xh5nI/wAAAFA+Y5d3s5j7XxJmsiL/X+YKAAAAgGsu5v4bs44ieE3+/q//7/P/9f/1//X/u69/7f3/0Uz/vzz0/3vT/+9D/1//X/9f/5+BKlv/P8/92WT20jCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7v9/YSbyPwAAAFRGzP3bwkxqkv/1/yvT//9F61On/6//32v9+v8+/7/K9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu6/JcxE/gcAAIDKiLn//4eZyP8AAABQGTH3bw8zqUn+1/8vef8/Nkd9/r/+v/5/Kfv/k/r/paP/35v+fx/6//r/+v/6/wxU2fr/Mfe/LMykJvkfAAAA6iDm/peHmcj/AAAAUBkx978izET+BwAAgMqIuX8qzKQm+X89/f/GRf3/1Vzlz/+fWMPn/7fR/9f/77V+/X+f/19l+v+96f/3of+v/6//r//PQJWt/x9z/61hJjXJ/wAAAFAHMffvCDOR/wEAAKAyYu6/LcxE/gcAAIDKiLl/Z5hJTfK/z/8fiv5/pv+v/6//r/+v/782+v+96f/3of+v/6//r//PQJWt/x9z/yvDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/VWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dfv/7/cNL/703/vw/9f/1//X/9fwaqbP3/mPtfHWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx90+HmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j77w4zqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6ZMBP5HwAAACoj5v7ZMJOa5H/9f/1//X/9/3X1/1+xfL/6/wX9/3LR/+9N/78P/X/9/2ve/x/X/6dSytb/j7l/V5hJTfI/AAAA1EHM/bvDTOR/AAAAqIyY+/eEmcj/AAAAUBkx998bZlKT/K//r/+v/6//7/P/u69f/3846f/3Nvj+f3yI+v/6//r/Pv9f/5+Vytb/j7n/vjCTmuR/AAAAqIOY+/eGmcj/AAAAUBkx9+8LM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r//fff36/8NJ/783n//fh/6//v8Q9/+bx5b+P2VTtv5/zP0Hwkxqkv8BAACgDmLuf02YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9/96mElN8r/+v/6//r/+f9n7/xP6//r/66D/35v+fx/6//r/Q9z/9/n/lFHZ+v8x998fZlKT/A8AAAB1EHP/b4SZyP8AAABQGTH3vzbMRP4HAACAyoi5/2CYSU3yv/7/BvX/44X6//r/+v8+/1///6rS/+9N/78P/X/9f/1//X8Gqmz9/5j7XxdmUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP2vDzOR/wEAAKAyYu5/Q5hJTfK//r/P/7/2/f/xtm3X/1++nf5/Qf9f/3899P970//vQ/9f/1//X/+fgSpb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMpCb5X/9f///a9/99/r/+f0H/X/9/EPT/e9P/70P/X/9f/1//n4EqW/8/5v7fDDOpSf4HAACAOoi5/8EwE/kfAAAAKiPm/reGmcj/AAAAUBkx978tzKQm+V//X/9f/1//X/+/+/r1/4eT/n9vQ9b//9X14XL9/4L+f7m3f739/7GOr69K//9Hq/X/lzZ13l7/n6uhbP3/mPvfHmZSk/wPAAAAdRBz/zvCTOR/AAAAqIyY+98ZZiL/AwAAQGXE3P9bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7wkxqkv8BAACgDmLufyjMRP4HAACAyoi5/91hJvI/AAAAVEbM/e8JM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/8NhJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/t8NM5H8AAACojJj73xdmUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x978/zGTt+X9yzUsCAAAA10TM/b8TZlKTv/8DAABAHcTc/7thJvI/AAAAVEbM/b8XZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/36YSU3yPwAAANRBzP0fCDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/seNffvDddxzepf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfMA/AAAADLeY+/8gzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/793uSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZFmm/6//zzVUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAACojJj7PxhmUpP8r/+v/6//r//v8/+7r7+0/X+f/9+T/n9v5en/d+fz//X/h3n79f/1/1mpbP3/mPsXwkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/4fDTOR/AAAAqIyY+0+EmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j7T4aZ1CT/AwAAQB3E3H8qzOT/2LuPJsvq847jt3FTzBQb77zwwt77JbAwa/sFeMHGC7vK5YWxjXNicI4454BtJRRQAAmhhHICJSSUhSSUc0AZSTUqmOd5Znr69LndM7e7z/0/n89CDzSMzkU1BfrRfDn2PwAAAAwjd//NcYv9DwAAAMPI3f/LcUuT/a//1/8P2///pP7/oOfr//X/I9P/z9P/r6H/1//r//X/bNTS+v/c/b8StzTZ/wAAANBB7v5fjVvsfwAAABhG7v5b4hb7HwAAAIaRu//X4pYm+/+y/n9n1bP/z4xX/z9S/+/9/wc+X/+v/x/Zyfb/tz3xZz79v/5f/x/0//p//T+XW1r/n7v/1+OWJvsfAAAAOsjd/xtxi/0PAAAAw8jd/5txi/0PAAAAw8jd/1txS5P97/3/3v+v/9f/6/+nn6//307e/z+vU/9/y8PX/9Jj9/7ofUd5vv5f/6//1/+zWUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+383brH/AQAAYAudnfxq7v7fi1ua7H/9v/5f/x/9/xn9v/5f/z8C/f+8Tv3/lTxf/6//1//r/9mspfX/uft/P25psv8BAACgg9z9fxC32P8AAACwXFP/IPaM3P23xi32PwAAAAwjd/+5uKXJ/tf/H3///339/3b0/97/r//X/w9B/z9P/7+G/l//r//X/7NRS+v/c/ffFrc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/3/+v/9f/6/+nn6/+3k/5/nv5/Df3/1fbz1+r/9f/6fy51xP7/8Zk/bW+k/8/d/ydxS5P9DwAAAB3k7v/TuMX+BwAAgGHk7v+zuMX+BwAAgGHk7v/zuKXJ/tf/6//1//r/K+7/9//Ue5L+f5r+/2To/+ctpv/f2Z38sv5/6/t/7//X/+v/2WNp7//P3f8XcUuT/Q8AAAAd5O7/y7hlZv8f+W/mAwAAAKcqd/9fxS2+/w8AAABbL6uz3P1/Hbc02f/6f/2//l//7/3/08+f6//vu+Tz6f+XRf8/bzH9/wH0//r/bf78+n/9P/strf/P3f83cUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv+n+/+Lv13/fzj6/72fX/8//fNjU/1//jfq/2f7/xu9/78n/f88/f8a+n/9v/7/oP7/7Lofr/9nytL6/9z9fx+3NNn/AAAA0EHu/n+IW+x/AAAAGEbu/n+MW+x/AAAAGEbu/n+KW5rsf+//1//r/7ev//f+/wtO8/3/qxPv/3f1/4ek/5+n/19D/6//1//Pv/9/5t8CoP9nytL6/9z9/xy3NNn/AAAA0EHu/n+JW+x/AAAA2A6X/rMDl/8DpSF3/7/GLfY/AAAADCN3/7/FLePs/9l3der/9f/6f/2//n/6+cvq/73//7D0//P0/2vo/4+jn98drP+/46Afv4T+/9bj7v9n6P+Zsqf/v//i10+r/8/d/+9xyzj7HwAAANrL3f8fcYv9DwAAAMPI3f+fcYv9DwAAAMPI3f9fcUuT/X/s/f/Mv31A/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9LnFb/n7v/v+OWJvsfAAAAOsjd/z9xi/0PAAAAw8jdf0fcYv8DAADAMHL3/2/c0mT/e/+//l//r//X/08/X/+/na6qv79G/1/0//p//b/+X//PBiyt/8/d/39xS5P9DwAAAB3k7v//uMX+BwAAgGHk7n9K3GL/AwAAwDBy9z81bmmy//X/x9v/59f1//r/lf5f/6//PxFt3/+/M/VXov0O6P8f/IVzP733K/p//b/+X/+v/+eQfnjmty2i/z9/8f9d5u5/WtzSZP8DAABAB7n7nx632P8AAAAwjNz9z4hb7H8AAAAYRu7+O+OWI+7/ueZhyfT/3v+v/9f/6/+nn6//305t+/9D8v7/NfT/+n/9v/6fjVpE/3/Jr+fuf2bc4vv/AAAAMIzc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3Pilib7X/+v/9f/6//1/9PP1/9vJ/3/PP3/GtvU/995Ff3/7vSXT7ufv1qn/fn1//p/9lta/5+7/664pcn+BwAAgA5y9z83brH/AQAAYBi5+58Xt9j/AAAAMIzc/c+PW5rsf/2//l//r//X/08/X/+/nfT/8/T/q9Xq7pkPMNX/n79umf2/9/8v7vPr//X/7Le0/j93/wvilib7HwAAADrI3X933GL/AwAAwDBy998Tt9j/AAAAMIzc/S+MW5rsf/2//l//r//X/08/X/+/nfT/8/T/a2zT+//1/4v7/Pp//T/7La3/z93/orilyf4HAACADnL33xu32P8AAAAwjNz9L45b7H8AAAAYRu7+++KWJvtf/6//1//r//X/08/X/2+n4+v/V/p//b/+fw39v/5f/8/lltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/p5+v/99O3v8/T/+/hv5f/6//1/+zUdP9/62n1v/n7n9F3NJk/wMAAEAHufvvj1vsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//r//f2/+vVvp//b/+/4IT6P/PrPT/G6f/n6f/X0P/P2b/f81qoP7/7IE/Xv/PEi3t/f+5+18dtzTZ/wAAANBB7v7XxC32PwAAAAwjd/9r4xb7HwAAAIaRu/91cUuT/a//1/97/7/+X/8//Xzv/99O+v95+v819P9j9v/e/6//59Qsrf/P3f/6uKXJ/gcAAIAOcve/IW6x/wEAAGAYufvfGLfY/wAAADCM3P1vilua7H/9v/5f/6//1/9PP1//v530//P0/2vo//X/+n/9Pxu1tP4/d/+b45Ym+x8AAAA6yN3/QNxi/wMAAMAwcvc/GLfY/wAAADCM3P1viVua7H/9v/5f/7+d/f8Z/b/+X/8/aSn9/w03/NRD+n/9v/5f/6//1/93t7T+P3f/W+OWJvsfAAAAOsjd/7a4xf4HAACAYeTuf3vcYv8DAADAMHL3vyNuabL/9/f/164uFKoXTPX/0ajp/y+h/9/7+fX/0z8/vP9f/6//P35L6f+9///KPr/+X/+/zZ//SP3/j+//8fp/RrS0/j93/0NxS5P9DwAAAB3k7n9n3GL/AwAAwDBy978rbrH/AQAAYBi5+x+OW5rsf+//1//r//X/+v/p5+v/t5P+f57+fw39v/7f+/9v/rkf0v+zOUvr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6//1/9PP1/9vJ/3/PP1/ufwP7YI+/f+ZqS+edj9/tU778w/T/3v/Pxu0tP4/d//745Ym+x8AAAA6yN3/gbjF/gcAAIBh5O7/YNxi/wMAAMAwcvd/KG5psv/1//r/8fv/n9X/X/Z8/b/+f2T6//wr+jT9/xp9+v9Jp93Pb/vn1//r/9lvaf1/7v5H4pYm+x8AAAA6yN3/4bjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1/736/51Vx/7f+//1//r/TvT/8/T/a+j/9f/6f/0/G7W0/j93/6M7uy33PwAAAGyrn/mJX3zksL/vo0/+55nVx+KWG1fnD/ltbAAAAGDhntj9O7ur1cef/DXf/wcAAIAR5e7/RNzSZP/r/3v1/z3f/6//1//r/zvR/8/T/6+h/9f/6//1/2zU0vr/3P2fjFsuGX67R/6jBAAAAJYkd/+n4pYm3/8HAACADnL3fzpu2bf//esAAQAAYFvl7v9M3NLk+//6/4X3/6tj6v/j99P/X6D/1/9PPV//v530//Ousv8/v6P/1//P0P/r//X/XG5p/X/u/s/GLU32PwAAAAxqz99RyN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwcvd/IW5psv/1/yfe/2eqfozv/z9bv+T9/837/9vPTD5f/6//H5n+f573/6+h/x+l/79O/6//ZxmW1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCM3P1fjlvsfwAAABhG7v6vxC1N9r/+f+Hv/7+i/v8Q7//X//fo/w94/jj9/49cf+6Bm37+nrv0/1x0kv1//lzQ/+v/9f8XLKj/9/5//T8Lsfn+f3fPF4/a/+fu/2rc0mT/AwAAQAe5+x+LW+x/AAAAGEbu/q/FLfY/AAAADCN3/9fjlib7X/+v/19K/5//W59C/3/uivv/s6vV6lT6/2yKu/f/3v+v/9/P+//n6f/X0P/r//X/+n82avP9/94vHrX/z93/jbilyf4HAACADnL3fzNuyf2/c+S/dQ8AAAAsTO7+b8Utvv8PAAAAw8jd/+24pcn+1//r/5fS/yfv/7/448Z6//9NFaf27P9/rH5J/3+89P/z9P9r6P/1//p//T8btbT+P3f/d+KWJvsfAAAAOsjd/3jcYv8DAADAMHL3fzdusf8BAABgGLn7vxe3NNn/+v9R+/8s4vX/+v+l9P/e/+/9/ydD/z9P/7+G/l//r//X/7NRS+v/c/f/IAAA//9GqnSo")
syz_mount_image$exfat(0x0, &(0x7f0000000300)='./bus\x00', 0x448c, 0x0, 0x0, 0x0, &(0x7f0000000240))
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000a00)='./bus/file0\x00')
unshare(0x2c020400)
r0 = socket(0x2a, 0x2, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f00000002c0)=ANY=[])
write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f0000000080)={0x1, 0x10}, 0x18)
sendto$isdn(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

2.47532498s ago: executing program 3 (id=511):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r0)
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000a80)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x6, 0xf27, &(0x7f0000002400)="$eJzs3U1sHFcdAPA3668kduNNW2ja0iS0lLQBnODkUG6pCCBVVdUL91Zp0ka4JSLl0CpRUk5B4lCoeiniUNTekMIBiVZIVYWExEcPnDlVcAGhIEXqhUiJkZ331rsvGXY9Xs9+/X7S329n3uz8/2M7zszszJsATKzG+tdjx/YWIbz94VsnvnPx5m/X5u1vLXFg/WsRp5ohhJm26SJb36dxxo1r50+utTeztgjL619Tf3jmauu98yGES+FA+Dg0w/5Dzc8uTz19+v13Pjl44exTL23T5gMAwES58ueVvz3+zz99dc/1K/uOh7nW/LR/3ozT83G//0jcv0/7/Y3QOV20RbvZbLmpGI1sualsueksz3RJvplsPTMly812yTfVNu9O2wkAAACjKB3XNkPRWOqYbjSWlm4d96/5dHG2WHrlzMrpcwMqFAAAAKjss4vrF90KIYYvdrb+oQ6+FiGEEEIIIcSIx+riQE8/AAAAABMojTvQGh8sdykfWWBrWmtr9pb/6pONO78f+qDu33/5Ryv/e2/4iwMAQHXjujeZtivtR6dxDPJxBKey9212/7+RrWd6k3WWjSs4KuMNltWZf1+HVVn9m/05DkpZ/fl4mMOqrP58nM5hVVb/XM11VFVW/46a66iqrP6dNddRVVn9u2quo6qy+udrrqOqsvoXaq6jqrL676q5jqrK6t9dcx1VldU/KpfVltXfrLmOqsrq31NzHVWV1X93zXVUVVb/PTXXUVVZ/ffWXMegPBTb9H3Yl/W3Hz93HNONyg4WAAAAEP5r/D+xLXF5CGrob6x/pjsEdQghhBBC9D3WmkHXIITY9rg44PMPAAAAwOCl+wLSXe+rUeqf6tI/3aV/pkv/bJf+uS79AAAAQAi/u3z6/jeLjfv8tzoeXho3Kg0PsNlxjPLxCDebf6vjnm01/6iMWwYAAMBkKb798c1DJ959dc/1K/uOtx393ozHu2kc0Ol4buCDOJ2uC1jIpot0DH28M0+jZLn8/MBdZet7dosbCgAAABNsIV6h3wxFY6ntuLsZGo2lpY3j8b1hpjh9ZuXUkTidns/yx8WZubX5X6+9cgAAAKBXG8f7dz7+T8/x3Rtmi6VXzqycPndreqE1f6bRfl5gcWN+0X5eoJnNXy6ZfzROp+d3vrS4c33+0snvr7zQ740HAACACXHutde/9/zKyqkfeOGFF160Xgz6LxMAANBv7//jrb/88OjCR7fu/98Y/y7d/38gTjfj2H5/jQuk6wTSfQC33a//XGeexbLlznYu18yWm4oxl9W9o209oW28wfS+W9cPfOv2fM3O9cyW5JvP8i1k+fJxCqaz5VO+3dn8fHzCtNxiNj8fh3F6PT7qeF97/ocDAAAAlDv86stnD5977fWvnXn5+RdPvXjqlaNHlr+x/MTy8rHlw+vX9R9uv7ofAAAAGEUbF/0OuhIAAAAAAAAAAAAAAAAAAACYXHU8TmzQ2wgAAACT7j8XQwiXhBCDiPXnOA5BHUKIOqPtCbMDr6ViHB+CGsY0do3y74UQ/Yjz04OvQYgxjtXV/EnzAAAAANvrxrXzJ9vb21wq+pqvtbbmreZmzJvaPzz6i0fXIi129dQ3O96/q6/VMOnq/v2Xf7Tyv/dGf/PvSC96/fv3ZKNzBcer5f3yT//1WHv+B6Z7zJ9v/7PV8h/M8h8MveVffTfL/1y1/I9l+Xf1mP+27T9bLf/jMf/eVM8jvebv/PnPxTZtx84e8x/Ktv+F0Gv+bPubPSbMfCXmB4BJ1Bh0Adsk7SWk/eh0tWXa3ri7GfKrHza7/9/I1jO95co715v2g+6L02l/aSHLm2y2/vlsfXdVrDM3KleVlNXfr5/jdiurf6bmOqoqq3+25jqqKqt/ruY6qiqrf0fNdVRVVn+vx6GDVlb/qJxXLqt/vuY6qiqrf6HmOqoqq3+z/48PSln9u2uuo6qy+hdrrqOqsvornlarXVn9e2quo6qy+u+uuY6qyuq/p+Y6qiqr/96a6xiUB2Nbdjycjj8XY1+abmbTc3f4Xo7ruQUAAAAYNf9uG/9v/TPDIRiTQAgxjBE/VR14HWJc42dDUMPAY24IahBiKGLa/zlCjHukD54HXUe32DEENfQxVlcHdeaBYbC9dzMDMKz8/Z9sxcjc6cN28O9/svn58/+ka/iLbDqZ6tI/3aV/pkv/bNaf/77Odem/J1vvapT67+3S/7ku/bu79N93x/6Nu1P3dnn//V36H+jS/2CXfgAAACbD52Pr+BAAAADG14VfffCT3xx87tqe61f2HQ+zt407fyROz8XP1i/H6Xzc+2Qmfub/ozj9y9j+PrZ/z5Z3/QkAAABsv/ScGJ//AwAAwPhKzyl1/A8AAADja09sHf8DAADA+Lo7to7/AQAAYIwVd37+a/48vodj2+u4fgDA8PtCbB+K7b7Y7o/tF2Ob9gMeie2XaqoPAOifn3/3x0+8WWyM9380678R56f2NpdunSkoGp0j+acn3O+K7aM91pM/D6DX/MnuHvNsV/7FLeYHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZHY/3rsWN7ixDe/vCtE4sXTry4Nm9/a4kD61+LONUMIcy03pd6N6Z/HRe8ce38ybX2ZmxXY1uE5VCEotUfnrnayjQfQrgUDoSPQzPsP9T87PLU06fff+eTgxfOPvXSNn4LAAAAYOz9LwAA//8hzCO5")

1.547650169s ago: executing program 4 (id=512):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
r3 = syz_open_dev$sndctrl(&(0x7f0000000280), 0x20000, 0x2)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r3, 0xc0045540, &(0x7f0000000100)=0xfdfdffff)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x69)
close(0xffffffffffffffff)

1.125043671s ago: executing program 0 (id=513):
socket$pppoe(0x18, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newtaction={0xe68, 0x30, 0x25, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {}, {0x0, 0x5, 0x0, 0x0, 0x0, 0xffffffff}, {0x0, 0x4, 0x0, 0x0, 0x1d}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {0x0, 0x800}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0xf}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, {0xfffffffd}, {}, {}, {}, {0x0, 0x0, 0x6}, {}, {0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x8}, {0x10}, {0x0, 0x3}, {0x0, 0x40}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {0x0, 0x4}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {}, {}, {}, {0x0, 0x0, 0x20000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x80}, {0x0, 0xfffffffd}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xb5}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, {0x5, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x0, 0x0, 0xffff}, {0x8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x8, 0x0, 0xfffffffc}], [{0x0, 0x1}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {0x2}, {}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)

898.005463ms ago: executing program 0 (id=514):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0)
ioctl$FUSE_DEV_IOC_BACKING_CLOSE(r1, 0xe503, 0x0)
openat$comedi(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@delneigh={0x1c, 0x1a, 0xc01, 0xfffffffe, 0x25dfdbfe, {0xa, 0x0, 0x0, 0x0, 0xd4, 0x0, 0x6}}, 0x1c}, 0x1, 0x0, 0x0, 0x4040000}, 0x80)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x2)
write$FUSE_IOCTL(0xffffffffffffffff, &(0x7f0000000180)={0x20, 0x0, 0x0, {0x800, 0x0, 0x3, 0xd6}}, 0x20)
r3 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x413, &(0x7f00000003c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x8000}})
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
read$FUSE(r1, &(0x7f0000002cc0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_STATFS(r3, &(0x7f0000004d00)={0x60, 0x0, r4, {{0x9, 0x1, 0x1, 0x216, 0x10001, 0x81, 0x0, 0x8}}}, 0x60)
sendto$inet6(r0, 0x0, 0x0, 0x8800, 0x0, 0x0)

608.894038ms ago: executing program 0 (id=515):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x22, &(0x7f0000000040)=0x2, 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
bpf$ITER_CREATE(0xb, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r2 = socket$kcm(0x29, 0x5, 0x0)
sendmsg$kcm(r2, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0xc854)
sendfile(0xffffffffffffffff, r1, 0x0, 0xffffffff000)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r1, 0x0, 0x40000)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, 0x0, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
ioctl$AUTOFS_IOC_CATATONIC(0xffffffffffffffff, 0x9362, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f0000009b80)=@newchain={0x24, 0x64, 0x300, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x7, 0xfff2}, {0xf}, {0xa, 0x1ffe4}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000000c0), 0x0)
sendmsg$AUDIT_MAKE_EQUIV(0xffffffffffffffff, 0x0, 0x800)
creat(0x0, 0x20)

0s ago: executing program 1 (id=516):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x200a})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@flat=@weak_binder={0x77622a85, 0xb, 0x3}, @fd={0x66642a85, 0x0, r1}, @flat=@weak_handle={0x77682a85, 0x1115}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000880)="4a8e464b3d4657499ea54e5c7d563ff8776074ae642a55558dbfd1df9462b1259816b613ea02f9c5a2a4cc3bf701b7f4fa887e4ce6d2045a432a7b060f115097ae0e0e07f3f3704a688c03fccef3e273"})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000680)={0x4c, 0x0, &(0x7f00000006c0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x31, 0x0, 0x0, 0x48, 0x18, &(0x7f00000005c0)={@flat=@binder={0x73622a85, 0x1, 0x1}, @flat=@binder={0x73622a85, 0x190b, 0x3}, @fd}, &(0x7f0000000140)={0x0, 0x18, 0x30}}, 0x40}], 0x0, 0x1000000000000, 0x0})

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.108' (ED25519) to the list of known hosts.
[   80.238901][ T5755] cgroup: Unknown subsys name 'net'
[   80.350457][ T5755] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   82.040360][ T5755] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   83.704562][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   83.718952][ T5776] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   83.727182][ T5776] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   83.735222][ T5776] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   83.752778][ T5776] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   83.794873][ T5777] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   83.802910][ T5780] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   83.804206][ T5777] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   83.814135][ T5780] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   83.825577][ T5780] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   83.827612][ T5777] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   83.835903][ T5780] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   83.844113][ T5777] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   83.848925][ T5780] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   83.861457][ T5777] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   83.862552][ T5780] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   83.872486][ T5777] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   83.882894][ T5777] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   83.889478][   T51] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   83.892635][ T5777] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   83.904405][   T51] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   83.921676][   T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   83.929458][ T5080] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   83.942668][ T5777] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   84.350863][ T5767] chnl_net:caif_netlink_parms(): no params data found
[   84.534661][ T5767] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.543271][ T5767] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.550752][ T5767] bridge_slave_0: entered allmulticast mode
[   84.560067][ T5767] bridge_slave_0: entered promiscuous mode
[   84.579093][ T5767] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.586694][ T5767] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.595545][ T5767] bridge_slave_1: entered allmulticast mode
[   84.603580][ T5767] bridge_slave_1: entered promiscuous mode
[   84.618500][ T5771] chnl_net:caif_netlink_parms(): no params data found
[   84.660224][ T5772] chnl_net:caif_netlink_parms(): no params data found
[   84.708295][ T5766] chnl_net:caif_netlink_parms(): no params data found
[   84.731142][ T5767] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   84.744362][ T5767] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   84.856029][ T5767] team0: Port device team_slave_0 added
[   84.889318][ T5767] team0: Port device team_slave_1 added
[   84.928914][ T5771] bridge0: port 1(bridge_slave_0) entered blocking state
[   84.936202][ T5771] bridge0: port 1(bridge_slave_0) entered disabled state
[   84.943746][ T5771] bridge_slave_0: entered allmulticast mode
[   84.950725][ T5771] bridge_slave_0: entered promiscuous mode
[   84.969926][ T5771] bridge0: port 2(bridge_slave_1) entered blocking state
[   84.977273][ T5771] bridge0: port 2(bridge_slave_1) entered disabled state
[   84.984802][ T5771] bridge_slave_1: entered allmulticast mode
[   84.992720][ T5771] bridge_slave_1: entered promiscuous mode
[   85.038965][ T5772] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.046498][ T5772] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.054326][ T5772] bridge_slave_0: entered allmulticast mode
[   85.061539][ T5772] bridge_slave_0: entered promiscuous mode
[   85.081897][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.089116][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.118809][ T5767] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.142168][ T5772] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.149429][ T5772] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.157460][ T5772] bridge_slave_1: entered allmulticast mode
[   85.165307][ T5772] bridge_slave_1: entered promiscuous mode
[   85.195989][ T5766] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.203247][ T5766] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.210686][ T5766] bridge_slave_0: entered allmulticast mode
[   85.218653][ T5766] bridge_slave_0: entered promiscuous mode
[   85.226946][ T5767] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.234232][ T5767] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.264464][ T5767] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.284941][ T5771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.298392][ T5771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.328016][ T5766] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.335495][ T5766] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.343087][ T5766] bridge_slave_1: entered allmulticast mode
[   85.350308][ T5766] bridge_slave_1: entered promiscuous mode
[   85.383384][ T5766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.407213][ T5771] team0: Port device team_slave_0 added
[   85.416950][ T5772] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.438050][ T5766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.452639][ T5771] team0: Port device team_slave_1 added
[   85.460702][ T5772] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   85.551406][ T5772] team0: Port device team_slave_0 added
[   85.570843][ T5772] team0: Port device team_slave_1 added
[   85.581706][ T5766] team0: Port device team_slave_0 added
[   85.594587][ T5767] hsr_slave_0: entered promiscuous mode
[   85.601560][ T5767] hsr_slave_1: entered promiscuous mode
[   85.609186][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.620324][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.646866][ T5771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.671292][ T5766] team0: Port device team_slave_1 added
[   85.680149][ T5771] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.687456][ T5771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.713840][ T5771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.744645][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.751663][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.777897][ T5772] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.801211][ T5772] batman_adv: batadv0: Adding interface: batadv_slave_1
[   85.810637][ T5772] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.837097][ T5772] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   85.911739][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_0
[   85.919883][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   85.946206][ T5766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   85.973145][ T5777] Bluetooth: hci3: command tx timeout
[   85.979617][ T5771] hsr_slave_0: entered promiscuous mode
[   85.985507][ T5777] Bluetooth: hci2: command tx timeout
[   85.986005][ T5777] Bluetooth: hci0: command tx timeout
[   85.991119][ T5080] Bluetooth: hci1: command tx timeout
[   86.003562][ T5771] hsr_slave_1: entered promiscuous mode
[   86.011772][ T5771] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   86.019801][ T5771] Cannot create hsr debugfs directory
[   86.040018][ T5766] batman_adv: batadv0: Adding interface: batadv_slave_1
[   86.047261][ T5766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.074098][ T5766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   86.166538][ T5772] hsr_slave_0: entered promiscuous mode
[   86.173611][ T5772] hsr_slave_1: entered promiscuous mode
[   86.180230][ T5772] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   86.188679][ T5772] Cannot create hsr debugfs directory
[   86.247229][ T5766] hsr_slave_0: entered promiscuous mode
[   86.256905][ T5766] hsr_slave_1: entered promiscuous mode
[   86.263540][ T5766] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   86.271130][ T5766] Cannot create hsr debugfs directory
[   86.615587][ T5767] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   86.641149][ T5767] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   86.652665][ T5767] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   86.668917][ T5767] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   86.753275][ T5771] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   86.781758][ T5771] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   86.803809][ T5771] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   86.837202][ T5771] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   86.895971][ T5772] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   86.914993][ T5772] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   86.926614][ T5772] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   86.952279][ T5772] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   87.021063][ T5767] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.040485][ T5766] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   87.061405][ T5766] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   87.086309][ T5766] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   87.098829][ T5766] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   87.153600][ T5767] 8021q: adding VLAN 0 to HW filter on device team0
[   87.221777][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.229581][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.283712][ T5771] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.323697][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.330920][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.458291][ T5771] 8021q: adding VLAN 0 to HW filter on device team0
[   87.494490][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.501682][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.519493][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.526742][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.623258][ T5766] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.654126][ T5772] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.699925][ T5766] 8021q: adding VLAN 0 to HW filter on device team0
[   87.770801][ T5772] 8021q: adding VLAN 0 to HW filter on device team0
[   87.783588][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.790834][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.827691][ T1327] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.834905][ T1327] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.880287][ T1327] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.887572][ T1327] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.914167][ T1327] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.921575][ T1327] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.060580][ T5777] Bluetooth: hci1: command tx timeout
[   88.060633][ T5080] Bluetooth: hci2: command tx timeout
[   88.068339][ T5777] Bluetooth: hci3: command tx timeout
[   88.074589][ T5774] Bluetooth: hci0: command tx timeout
[   88.097649][ T5767] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.335283][ T5767] veth0_vlan: entered promiscuous mode
[   88.359995][ T5767] veth1_vlan: entered promiscuous mode
[   88.435652][ T5767] veth0_macvtap: entered promiscuous mode
[   88.457189][ T5767] veth1_macvtap: entered promiscuous mode
[   88.520671][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.578811][ T5767] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.641152][ T5771] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.660346][ T5767] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.671064][ T5767] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.683115][ T5767] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.691888][ T5767] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.801256][ T5772] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.890691][ T5766] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.919304][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.930644][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.933853][ T5771] veth0_vlan: entered promiscuous mode
[   89.007542][ T5772] veth0_vlan: entered promiscuous mode
[   89.020864][ T5771] veth1_vlan: entered promiscuous mode
[   89.059115][ T1327] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   89.067138][ T1327] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   89.114639][ T5772] veth1_vlan: entered promiscuous mode
[   89.123689][ T5766] veth0_vlan: entered promiscuous mode
[   89.168145][ T5766] veth1_vlan: entered promiscuous mode
[   89.207551][ T5771] veth0_macvtap: entered promiscuous mode
[   89.245948][ T5771] veth1_macvtap: entered promiscuous mode
[   89.286685][ T5772] veth0_macvtap: entered promiscuous mode
[   89.332351][ T5772] veth1_macvtap: entered promiscuous mode
[   89.361288][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   89.375340][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.390409][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_0
[   89.436649][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   89.453078][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   89.629329][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1
[   89.970107][ T5771] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   89.981300][ T5771] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   89.990224][ T5771] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   89.999628][ T5771] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.044301][ T5766] veth0_macvtap: entered promiscuous mode
[   90.058882][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.070697][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.101336][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.119267][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.134296][ T5774] Bluetooth: hci3: command tx timeout
[   90.139822][ T5774] Bluetooth: hci0: command tx timeout
[   90.146056][ T5774] Bluetooth: hci2: command tx timeout
[   90.150939][ T5777] Bluetooth: hci1: command tx timeout
[   90.165983][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.177321][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.188230][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.198273][ T5772] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.208831][ T5772] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.226161][ T5772] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.254198][ T5766] veth1_macvtap: entered promiscuous mode
[   90.277130][ T5772] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.286417][ T5772] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.296654][ T5772] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.305703][ T5772] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.358115][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.369686][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.380497][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.383210][   T23] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[   90.393868][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.413697][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.425097][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.437113][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.482524][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.497344][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.509796][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.520642][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.530552][ T5766] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.541259][ T5766] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.554683][ T5766] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.566301][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.603001][ T5766] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.609764][   T23] usb 2-1: config 0 has an invalid descriptor of length 41, skipping remainder of the config
[   90.619911][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.632068][   T23] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   90.641240][ T5766] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.650542][ T5766] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.659744][ T5766] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.670820][   T23] usb 2-1: New USB device found, idVendor=0d46, idProduct=0081, bcdDevice=19.82
[   90.689240][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.697999][   T23] usb 2-1: Product: syz
[   90.711745][   T23] usb 2-1: Manufacturer: syz
[   90.720901][   T23] usb 2-1: SerialNumber: syz
[   90.733604][   T23] usb 2-1: config 0 descriptor??
[   90.797507][ T2983] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.820065][ T2983] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.876761][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.911554][ T1327] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.926564][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.936241][ T1327] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.077652][   T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.107375][   T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.134690][ T1327] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.184896][ T1327] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.204085][   T23] usb 2-1: USB disconnect, device number 2
[   91.447194][ T5847] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4'.
[   91.467415][ T5847] bridge0: port 3(vlan2) entered blocking state
[   91.474864][ T5847] bridge0: port 3(vlan2) entered disabled state
[   91.481489][ T5847] vlan2: entered allmulticast mode
[   91.487898][ T5847] bridge0: entered allmulticast mode
[   91.498433][ T5849] syz.0.1[5849]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   91.787942][ T5847] vlan2: left allmulticast mode
[   91.812899][ T5847] bridge0: left allmulticast mode
[   92.212160][ T5777] Bluetooth: hci1: command tx timeout
[   92.217833][ T5777] Bluetooth: hci2: command tx timeout
[   92.223726][ T5777] Bluetooth: hci3: command tx timeout
[   92.229363][ T5777] Bluetooth: hci0: command tx timeout
[   92.468932][   T27] cfg80211: failed to load regulatory.db
[   92.835069][ T5858] Zero length message leads to an empty skb
[   93.273655][   T27] usb 3-1: new low-speed USB device number 2 using dummy_hcd
[   93.503234][   T27] usb 3-1: unable to get BOS descriptor or descriptor too short
[   93.522579][   T27] usb 3-1: config 8 has an invalid interface number: 109 but max is 0
[   93.530931][   T27] usb 3-1: config 8 has no interface number 0
[   93.590612][   T27] usb 3-1: string descriptor 0 read error: -22
[   93.598737][   T27] usb 3-1: New USB device found, idVendor=0c2e, idProduct=0720, bcdDevice=d4.29
[   93.609411][   T27] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.651556][   T27] metro_usb 3-1:8.109: required endpoints missing
[   94.571436][ T5871] loop3: detected capacity change from 0 to 40427
[   94.601720][ T5871] F2FS-fs (loop3): invalid crc value
[   94.624477][ T5871] F2FS-fs (loop3): Found nat_bits in checkpoint
[   94.691086][ T5871] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   94.765576][ T5812] usb 3-1: USB disconnect, device number 2
[   96.958329][ T5766] syz-executor: attempt to access beyond end of device
[   96.958329][ T5766] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   97.004875][ T5881] loop2: detected capacity change from 0 to 4096
[   97.030113][ T5766] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[   97.043219][ T5766] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[   97.184569][ T5881] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[   97.326390][ T5881] ntfs3: loop2: Failed to load $Extend (-22).
[   97.341344][ T5881] ntfs3: loop2: Failed to initialize $Extend.
[   97.780242][ T5890] afs: Unknown parameter 'dy'
[  100.928492][ T5897] lo speed is unknown, defaulting to 1000
[  100.936265][ T5897] lo speed is unknown, defaulting to 1000
[  100.963406][ T5897] lo speed is unknown, defaulting to 1000
[  100.989838][ T5897] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  101.031102][ T5897] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  101.123941][ T5897] lo speed is unknown, defaulting to 1000
[  101.137673][ T5897] lo speed is unknown, defaulting to 1000
[  101.150101][ T5897] lo speed is unknown, defaulting to 1000
[  101.162773][ T5897] lo speed is unknown, defaulting to 1000
[  101.849906][ T5908] loop2: detected capacity change from 0 to 2048
[  101.965901][ T5908] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  102.017963][ T5910] loop1: detected capacity change from 0 to 2048
[  102.089629][ T5910] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  103.465677][ T5913] sched: RT throttling activated
[  103.862168][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  106.318413][ T5917] loop2: detected capacity change from 0 to 131072
[  106.361675][ T5917] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[  106.370007][ T5917] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  106.393517][ T5917] F2FS-fs (loop2): invalid crc value
[  106.404095][ T5917] F2FS-fs (loop2): Found nat_bits in checkpoint
[  106.468674][ T5917] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  106.475856][ T5917] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  108.426205][ T5937] ptrace attach of ""[5938] was attempted by "./syz-executor exec"[5937]
[  110.065706][ T5939] futex_wake_op: syz.2.27 tries to shift op by -1; fix this program
[  113.913535][ T5974] loop2: detected capacity change from 0 to 1024
[  114.625697][ T5963] loop3: detected capacity change from 0 to 32768
[  114.757545][ T5974] hfsplus: request for non-existent node 33423360 in B*Tree
[  114.766196][ T5974] hfsplus: request for non-existent node 33423360 in B*Tree
[  114.852553][ T5963] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  115.268570][ T5963] XFS (loop3): Ending clean mount
[  115.431840][ T5963] XFS (loop3): Quotacheck needed: Please wait.
[  116.108401][ T5963] XFS (loop3): Quotacheck: Done.
[  116.671556][ T5766] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  117.098021][ T6017] loop1: detected capacity change from 0 to 4096
[  117.157604][ T6017] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  117.282319][ T6017] ntfs3: loop1: Failed to load $Extend (-22).
[  117.288622][ T6017] ntfs3: loop1: Failed to initialize $Extend.
[  117.874665][ T6028] loop3: detected capacity change from 0 to 32768
[  117.913457][ T6028] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.48 (6028)
[  117.966843][ T6028] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  117.977516][ T6028] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  117.986391][ T6028] BTRFS info (device loop3): setting nodatacow, compression disabled
[  117.995352][ T6028] BTRFS info (device loop3): force clearing of disk cache
[  118.002616][ T6028] BTRFS info (device loop3): turning off barriers
[  118.009095][ T6028] BTRFS info (device loop3): use no compression
[  118.016112][ T6028] BTRFS info (device loop3): disabling free space tree
[  118.023108][ T6028] BTRFS info (device loop3): enabling ssd optimizations
[  118.030601][ T6028] BTRFS info (device loop3): using spread ssd allocation scheme
[  118.038515][ T6028] BTRFS info (device loop3): not using ssd optimizations
[  118.045831][ T6028] BTRFS info (device loop3): not using spread ssd allocation scheme
[  118.200742][ T6044] siw: device registration error -23
[  118.431100][ T6028] BTRFS info (device loop3): rebuilding free space tree
[  118.570343][ T6028] BTRFS info (device loop3): disabling free space tree
[  118.577412][ T6028] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  118.588709][ T6028] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  118.643567][ T6028] BTRFS info (device loop3): checking UUID tree
[  118.881206][ T6020] loop2: detected capacity change from 0 to 32768
[  119.094284][ T6020] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  121.224744][ T6020] XFS (loop2): Ending clean mount
[  121.309753][ T6020] XFS (loop2): Quotacheck needed: Please wait.
[  122.005680][ T6020] XFS (loop2): Quotacheck: Done.
[  122.700731][ T5766] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  122.880650][ T5771] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  123.175889][ T5770] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 13 /dev/loop3 scanned by udevd (5770)
[  123.872141][  T787] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  124.065244][  T787] usb 1-1: Using ep0 maxpacket: 16
[  124.079979][  T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.091278][  T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  124.105352][  T787] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  124.121614][  T787] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  124.167590][  T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.223364][  T787] usb 1-1: config 0 descriptor??
[  124.314609][ T6114] loop1: detected capacity change from 0 to 32768
[  124.330533][ T6114] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.62 (6114)
[  124.357106][ T6114] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  124.367632][ T6114] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  124.376404][ T6114] BTRFS info (device loop1): force clearing of disk cache
[  124.384146][ T6114] BTRFS info (device loop1): enabling auto defrag
[  124.390679][ T6114] BTRFS info (device loop1): max_inline at 0
[  124.396896][ T6114] BTRFS info (device loop1): enabling ssd optimizations
[  124.404011][ T6114] BTRFS info (device loop1): using spread ssd allocation scheme
[  124.411708][ T6114] BTRFS info (device loop1): using free space tree
[  124.665541][ T6114] BTRFS info (device loop1): rebuilding free space tree
[  124.728498][  T787] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  124.807197][  T787] microsoft 0003:045E:07DA.0001: No inputs registered, leaving
[  124.910359][  T787] microsoft 0003:045E:07DA.0001: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  124.947460][ T6144] mmap: syz.1.62 (6144) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  124.981327][  T787] microsoft 0003:045E:07DA.0001: no inputs found
[  125.012099][  T787] microsoft 0003:045E:07DA.0001: could not initialize ff, continuing anyway
[  125.023910][ T4341] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared)
[  125.082260][  T787] usb 1-1: USB disconnect, device number 2
[  125.261309][ T6145] fido_id[6145]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  125.306319][ T5767] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  127.203165][ T6167] loop1: detected capacity change from 0 to 32768
[  127.206910][ T6167] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.71 (6167)
[  127.215730][ T6167] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  127.215834][ T6167] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  127.215872][ T6167] BTRFS info (device loop1): force clearing of disk cache
[  127.215895][ T6167] BTRFS info (device loop1): enabling auto defrag
[  127.215934][ T6167] BTRFS info (device loop1): max_inline at 0
[  127.215949][ T6167] BTRFS info (device loop1): enabling ssd optimizations
[  127.215959][ T6167] BTRFS info (device loop1): using spread ssd allocation scheme
[  127.215970][ T6167] BTRFS info (device loop1): using free space tree
[  127.358514][ T6167] BTRFS info (device loop1): rebuilding free space tree
[  127.646637][ T1327] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared)
[  128.323342][ T6178] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  128.852466][ T5767] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  129.281500][ T5770] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 13 /dev/loop1 scanned by udevd (5770)
[  130.887449][ T6227] loop1: detected capacity change from 0 to 64
[  131.578753][ T6232] loop3: detected capacity change from 0 to 256
[  131.670819][ T6232] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  131.801491][ T6236] usb usb8: usbfs: process 6236 (syz.2.89) did not claim interface 0 before use
[  133.270494][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  133.277677][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  133.869353][ T6253] loop3: detected capacity change from 0 to 32768
[  135.035661][ T6268] loop2: detected capacity change from 0 to 128
[  135.043223][ T6268] =======================================================
[  135.043223][ T6268] WARNING: The mand mount option has been deprecated and
[  135.043223][ T6268]          and is ignored by this kernel. Remove the mand
[  135.043223][ T6268]          option from the mount to silence this warning.
[  135.043223][ T6268] =======================================================
[  135.185176][ T6268] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  135.199106][ T6268] hpfs: filesystem error: improperly stopped
[  135.205358][ T6268] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  135.213276][ T6268] hpfs: You really don't want any checks? You are crazy...
[  135.221341][ T6268] hpfs: hpfs_map_sector(): read error
[  135.226832][ T6268] hpfs: code page support is disabled
[  135.235211][ T6268] hpfs: hpfs_map_4sectors(): unaligned read
[  135.242438][ T6268] hpfs: hpfs_map_4sectors(): unaligned read
[  135.248534][ T6268] hpfs: filesystem error: unable to find root dir
[  136.357573][ T6274] warning: `syz.2.102' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  138.342352][ T6287] loop1: detected capacity change from 0 to 2048
[  138.394233][ T6287] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  138.418717][ T5095] kernel write not supported for file bpf-prog (pid: 5095 comm: kworker/1:2)
[  141.426827][ T6308] loop2: detected capacity change from 0 to 32789
[  141.453099][ T6308] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  141.461736][ T6308] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  141.490644][ T6308] gfs2: fsid=syz:syz.0: fatal: invalid metadata block
[  141.490644][ T6308]   bh = 2072 (magic number)
[  141.490644][ T6308]   function = gfs2_meta_buffer, file = fs/gfs2/meta_io.c, line = 503
[  141.510395][ T6308] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  141.518196][ T6308] gfs2: fsid=syz:syz.0: File system withdrawn
[  141.524398][ T6308] CPU: 1 PID: 6308 Comm: syz.2.116 Not tainted syzkaller #0
[  141.531718][ T6308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  141.542007][ T6308] Call Trace:
[  141.545343][ T6308]  <TASK>
[  141.548339][ T6308]  dump_stack_lvl+0x18c/0x250
[  141.553084][ T6308]  ? kobject_uevent_env+0x363/0x8b0
[  141.558321][ T6308]  ? show_regs_print_info+0x20/0x20
[  141.563672][ T6308]  ? load_image+0x420/0x420
[  141.568199][ T6308]  ? kobject_uevent_env+0x363/0x8b0
[  141.573431][ T6308]  gfs2_withdraw+0xb24/0x13d0
[  141.578168][ T6308]  ? gfs2_lm+0x218/0x240
[  141.582468][ T6308]  ? gfs2_lm+0x240/0x240
[  141.586864][ T6308]  ? gfs2_freeze_unlock+0x60/0x60
[  141.592027][ T6308]  ? gfs2_meta_read+0x84c/0x990
[  141.596920][ T6308]  ? gfs2_meta_new+0x160/0x160
[  141.601708][ T6308]  ? queue_delayed_work_on+0x114/0x200
[  141.607191][ T6308]  gfs2_meta_check_ii+0x72/0x90
[  141.612169][ T6308]  gfs2_meta_buffer+0x236/0x310
[  141.617143][ T6308]  gfs2_inode_refresh+0xc7/0x1160
[  141.622416][ T6308]  ? gfs2_inode_metasync+0xf0/0xf0
[  141.627682][ T6308]  ? gfs2_glock_nq+0xd4f/0x1420
[  141.632704][ T6308]  ? do_raw_spin_lock+0x11f/0x2c0
[  141.637807][ T6308]  gfs2_instantiate+0x162/0x220
[  141.642762][ T6308]  gfs2_glock_wait+0x1d4/0x2a0
[  141.647607][ T6308]  gfs2_lookupi+0x3de/0x640
[  141.652224][ T6308]  ? gfs2_lookup_meta+0x180/0x180
[  141.657302][ T6308]  ? gfs2_lookup_meta+0xb0/0x180
[  141.662288][ T6308]  ? crc32_le_base+0x759/0xcf0
[  141.667206][ T6308]  gfs2_lookup_meta+0xb0/0x180
[  141.672098][ T6308]  ? gfs2_lookup_by_inum+0xf0/0xf0
[  141.677258][ T6308]  init_journal+0x1c2/0x2330
[  141.681890][ T6308]  ? pointer+0x1160/0x1160
[  141.686455][ T6308]  ? _compound_head+0x120/0x120
[  141.691353][ T6308]  ? vsnprintf+0x1ac7/0x1ba0
[  141.695980][ T6308]  ? snprintf+0xe9/0x140
[  141.700284][ T6308]  ? vscnprintf+0x80/0x80
[  141.704646][ T6308]  ? gfs2_glock_nq_num+0x183/0x1c0
[  141.709788][ T6308]  init_inodes+0xdb/0x320
[  141.714142][ T6308]  gfs2_fill_super+0x17bc/0x1f30
[  141.719117][ T6308]  ? __might_sleep+0xe0/0xe0
[  141.723740][ T6308]  ? gfs2_reconfigure+0xb10/0xb10
[  141.728811][ T6308]  ? init_locking+0xb8/0x200
[  141.733443][ T6308]  ? setup_bdev_super+0x559/0x660
[  141.738495][ T6308]  ? setup_bdev_super+0x56b/0x660
[  141.743627][ T6308]  get_tree_bdev+0x3f3/0x520
[  141.748238][ T6308]  ? end_current_label_crit_section+0x170/0x170
[  141.754519][ T6308]  ? gfs2_reconfigure+0xb10/0xb10
[  141.759583][ T6308]  ? setup_bdev_super+0x660/0x660
[  141.764655][ T6308]  gfs2_get_tree+0x51/0x1e0
[  141.769192][ T6308]  vfs_get_tree+0x8c/0x280
[  141.773630][ T6308]  do_new_mount+0x24b/0xa40
[  141.778334][ T6308]  __se_sys_mount+0x2e7/0x3d0
[  141.783105][ T6308]  ? __x64_sys_mount+0xc0/0xc0
[  141.788015][ T6308]  ? lockdep_hardirqs_on+0x98/0x150
[  141.793340][ T6308]  ? __x64_sys_mount+0x20/0xc0
[  141.798172][ T6308]  do_syscall_64+0x55/0xa0
[  141.802652][ T6308]  ? clear_bhb_loop+0x40/0x90
[  141.807376][ T6308]  ? clear_bhb_loop+0x40/0x90
[  141.812088][ T6308]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  141.818003][ T6308] RIP: 0033:0x7fdce6b9da8a
[  141.822471][ T6308] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  141.842103][ T6308] RSP: 002b:00007fdce79f6e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  141.850560][ T6308] RAX: ffffffffffffffda RBX: 00007fdce79f6ee0 RCX: 00007fdce6b9da8a
[  141.858589][ T6308] RDX: 00002000000124c0 RSI: 0000200000012500 RDI: 00007fdce79f6ea0
[  141.866614][ T6308] RBP: 00002000000124c0 R08: 00007fdce79f6ee0 R09: 0000000000000000
[  141.874641][ T6308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000012500
[  141.882652][ T6308] R13: 00007fdce79f6ea0 R14: 00000000000125c7 R15: 0000200000000180
[  141.890654][ T6308]  </TASK>
[  141.895157][ T6308] gfs2: fsid=syz:syz.0: can't lookup journal index: 0
[  142.867987][ T6319] loop1: detected capacity change from 0 to 32768
[  144.581706][ T6333] usb usb8: usbfs: process 6333 (syz.2.126) did not claim interface 0 before use
[  145.586829][ T6342] loop2: detected capacity change from 0 to 1024
[  146.649693][ T6348] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  146.699256][ T6359] usb usb8: usbfs: process 6359 (syz.0.136) did not claim interface 0 before use
[  148.355218][   T49] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.514441][   T49] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.608333][   T49] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.772463][   T49] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.233686][ T6386] usb usb8: usbfs: process 6386 (syz.1.146) did not claim interface 0 before use
[  149.703699][ T5777] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  149.717359][ T5777] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  149.725943][ T5777] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  149.735997][ T5777] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  149.744474][ T5777] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  149.752247][ T5777] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  149.807090][ T6383] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  150.169385][ T6400] loop1: detected capacity change from 0 to 32768
[  150.187412][ T6400] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  150.197849][ T6400] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  150.206609][ T6400] BTRFS info (device loop1): force clearing of disk cache
[  150.213916][ T6400] BTRFS info (device loop1): enabling auto defrag
[  150.220489][ T6400] BTRFS info (device loop1): max_inline at 0
[  150.226626][ T6400] BTRFS info (device loop1): enabling ssd optimizations
[  150.233644][ T6400] BTRFS info (device loop1): using spread ssd allocation scheme
[  150.241291][ T6400] BTRFS info (device loop1): using free space tree
[  150.408058][ T6400] BTRFS info (device loop1): rebuilding free space tree
[  150.624017][ T5774] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  150.633167][ T5774] Bluetooth: hci3: Injecting HCI hardware error event
[  150.643446][ T5777] Bluetooth: hci3: hardware error 0x00
[  151.731362][   T12] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared)
[  151.786914][ T6393] lo speed is unknown, defaulting to 1000
[  151.833381][ T5774] Bluetooth: hci2: command tx timeout
[  151.985053][ T5767] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  152.330371][ T5770] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 13 /dev/loop1 scanned by udevd (5770)
[  152.937190][ T6446] usb usb8: usbfs: process 6446 (syz.3.155) did not claim interface 0 before use
[  153.305708][ T6452] process 'syz.1.158' launched './file2' with NULL argv: empty string added
[  153.812140][ T5777] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  153.880432][ T6393] chnl_net:caif_netlink_parms(): no params data found
[  153.902481][ T5777] Bluetooth: hci2: command tx timeout
[  154.042182][ T5095] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[  154.258543][ T5095] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  154.349398][   T49] hsr_slave_0: left promiscuous mode
[  154.359623][   T49] hsr_slave_1: left promiscuous mode
[  154.369240][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  154.388103][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  154.468805][ T5095] usb 2-1: config 0 has no interfaces?
[  154.480244][ T5095] usb 2-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  154.489450][ T5095] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.497590][ T5095] usb 2-1: Product: syz
[  154.502140][ T5095] usb 2-1: Manufacturer: syz
[  154.506881][ T5095] usb 2-1: SerialNumber: syz
[  155.118427][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  155.135194][ T5095] usb 2-1: config 0 descriptor??
[  155.142104][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  155.174627][   T49] bridge_slave_1: left allmulticast mode
[  155.180376][   T49] bridge_slave_1: left promiscuous mode
[  155.202050][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.227762][   T49] bridge_slave_0: left allmulticast mode
[  155.242258][   T49] bridge_slave_0: left promiscuous mode
[  155.248259][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.311307][   T49] veth1_macvtap: left promiscuous mode
[  155.318496][   T49] veth0_macvtap: left promiscuous mode
[  155.325224][   T49] veth1_vlan: left promiscuous mode
[  155.340966][   T49] veth0_vlan: left promiscuous mode
[  155.418907][ T5095] usb 2-1: USB disconnect, device number 3
[  155.979555][ T5777] Bluetooth: hci2: command tx timeout
[  156.675866][ T6487] loop3: detected capacity change from 0 to 128
[  156.808850][   T49] team0 (unregistering): Port device team_slave_1 removed
[  156.878797][   T49] team0 (unregistering): Port device team_slave_0 removed
[  156.968165][ T6489] loop3: detected capacity change from 0 to 256
[  157.020444][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  157.190880][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  157.226820][ T6493] usb usb8: usbfs: process 6493 (syz.3.166) did not claim interface 0 before use
[  157.565931][ T6502] binder: BINDER_SET_CONTEXT_MGR already set
[  157.579312][ T6502] binder: 6500:6502 ioctl 4018620d 2000000002c0 returned -16
[  158.019742][   T49] bond0 (unregistering): Released all slaves
[  158.053345][ T5777] Bluetooth: hci2: command tx timeout
[  158.372083][ T6393] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.379386][ T6393] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.390207][ T6393] bridge_slave_0: entered allmulticast mode
[  158.402747][ T6393] bridge_slave_0: entered promiscuous mode
[  158.494318][ T6393] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.505278][ T6393] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.513480][ T6393] bridge_slave_1: entered allmulticast mode
[  158.521356][ T6393] bridge_slave_1: entered promiscuous mode
[  158.646408][ T6393] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  158.692804][ T6393] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  158.834515][ T6393] team0: Port device team_slave_0 added
[  158.862774][ T6393] team0: Port device team_slave_1 added
[  158.963167][ T6393] batman_adv: batadv0: Adding interface: batadv_slave_0
[  158.970385][ T6393] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.091977][ T6393] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  159.133635][ T6393] batman_adv: batadv0: Adding interface: batadv_slave_1
[  159.140692][ T6393] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.209499][ T6518] usb usb8: usbfs: process 6518 (syz.0.177) did not claim interface 0 before use
[  159.218497][ T6393] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  159.449977][ T6393] hsr_slave_0: entered promiscuous mode
[  159.461144][ T6393] hsr_slave_1: entered promiscuous mode
[  159.473748][ T6393] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  159.491622][ T6393] Cannot create hsr debugfs directory
[  159.788227][ T6534] loop3: detected capacity change from 0 to 2048
[  159.866989][ T6534] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  160.909527][ T6393] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  160.965592][ T6393] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  161.026023][ T6393] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  161.079592][ T6554] usb usb8: usbfs: process 6554 (syz.0.185) did not claim interface 0 before use
[  161.106123][ T6393] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  162.032164][ T6393] 8021q: adding VLAN 0 to HW filter on device bond0
[  162.138389][ T6393] 8021q: adding VLAN 0 to HW filter on device team0
[  162.195740][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.202986][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  162.279469][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.286717][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  162.992011][ T5811] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  163.177278][ T6393] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.212041][ T5811] usb 4-1: Using ep0 maxpacket: 16
[  163.224550][ T5811] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.247863][ T5811] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.261094][ T5811] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  163.282134][ T5811] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  163.291511][ T5811] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.308542][ T5811] usb 4-1: config 0 descriptor??
[  163.611281][ T6601] usb usb8: usbfs: process 6601 (syz.1.196) did not claim interface 0 before use
[  163.754088][ T5811] usbhid 4-1:0.0: can't add hid device: -71
[  163.770818][ T5811] usbhid: probe of 4-1:0.0 failed with error -71
[  163.798793][ T5811] usb 4-1: USB disconnect, device number 2
[  164.074465][ T6393] veth0_vlan: entered promiscuous mode
[  164.141734][ T6393] veth1_vlan: entered promiscuous mode
[  164.261089][ T6393] veth0_macvtap: entered promiscuous mode
[  164.294621][ T6393] veth1_macvtap: entered promiscuous mode
[  164.367759][ T6393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.406676][ T6393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.442355][ T6393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.462047][ T6393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.496326][ T6393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  164.518223][ T6393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.551872][ T6393] batman_adv: batadv0: Interface activated: batadv_slave_0
[  164.598798][ T6393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.627401][ T6393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.638369][ T6393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.655945][ T6393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.667564][ T6393] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  164.704192][ T6393] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  164.737161][ T6393] batman_adv: batadv0: Interface activated: batadv_slave_1
[  164.798933][ T6393] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  164.834002][ T6393] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  164.863160][ T6393] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  164.874911][ T6393] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  165.166043][ T5900] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.190987][ T5900] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  165.292895][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  165.332580][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  165.779389][ T6657] loop3: detected capacity change from 0 to 256
[  166.158993][ T6639] loop1: detected capacity change from 0 to 32768
[  166.193189][ T6639] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  166.208953][ T6639] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  166.345867][ T6639] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  166.373406][ T5095] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  166.429276][ T5750] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  166.461943][ T5750] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  167.353181][ T5750] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 891ms
[  167.363019][ T5095] usb 5-1: Using ep0 maxpacket: 16
[  167.393510][ T5750] gfs2: fsid=syz:syz.0: jid=0: Done
[  167.400579][ T6639] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  167.408430][ T5095] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.429628][ T5095] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.445320][ T5095] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  167.474755][ T5095] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  167.493278][ T5095] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.522518][ T5095] usb 5-1: config 0 descriptor??
[  168.041507][ T5095] usbhid 5-1:0.0: can't add hid device: -71
[  168.050270][ T5095] usbhid: probe of 5-1:0.0 failed with error -71
[  168.156037][ T5095] usb 5-1: USB disconnect, device number 2
[  168.493268][ T6639] gfs2: fsid=syz:syz.0: found 1 quota changes
[  168.661948][ T5767] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  168.661948][ T5767]   inode = 11 2339
[  168.661948][ T5767]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 421
[  168.687999][ T5767] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[  168.707730][ T5767] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:5767 [syz-executor] gfs2_quota_sync+0x411/0x5a0
[  168.719389][ T5767] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  168.733831][ T5767] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  168.798112][ T5767] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  168.815738][ T5767] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  168.829744][ T5767] gfs2: fsid=syz:syz.0: File system withdrawn
[  168.846720][ T5767] CPU: 1 PID: 5767 Comm: syz-executor Not tainted syzkaller #0
[  168.854366][ T5767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  168.864569][ T5767] Call Trace:
[  168.867902][ T5767]  <TASK>
[  168.870892][ T5767]  dump_stack_lvl+0x18c/0x250
[  168.875638][ T5767]  ? kobject_uevent_env+0x363/0x8b0
[  168.880944][ T5767]  ? show_regs_print_info+0x20/0x20
[  168.886220][ T5767]  ? load_image+0x420/0x420
[  168.890789][ T5767]  ? kobject_uevent_env+0x363/0x8b0
[  168.896067][ T5767]  gfs2_withdraw+0xb24/0x13d0
[  168.900880][ T5767]  ? gfs2_lm+0x240/0x240
[  168.905206][ T5767]  ? gfs2_consist_inode_i+0xf5/0x110
[  168.910569][ T5767]  gfs2_inode_refresh+0xc50/0x1160
[  168.915758][ T5767]  ? gfs2_inode_metasync+0xf0/0xf0
[  168.920930][ T5767]  ? gfs2_glock_nq+0xd4f/0x1420
[  168.925860][ T5767]  gfs2_instantiate+0x162/0x220
[  168.930788][ T5767]  gfs2_glock_wait+0x1d4/0x2a0
[  168.935629][ T5767]  do_sync+0x4c6/0xe50
[  168.939786][ T5767]  ? gfs2_quota_sync+0x411/0x5a0
[  168.944796][ T5767]  ? bh_get+0x760/0x760
[  168.949009][ T5767]  ? __lock_acquire+0x7d40/0x7d40
[  168.954171][ T5767]  ? do_raw_spin_lock+0x11f/0x2c0
[  168.959263][ T5767]  ? gfs2_quota_sync+0x411/0x5a0
[  168.964260][ T5767]  ? do_raw_spin_unlock+0x121/0x230
[  168.969525][ T5767]  gfs2_quota_sync+0x411/0x5a0
[  168.974450][ T5767]  gfs2_sync_fs+0x4c/0xb0
[  168.978851][ T5767]  sync_filesystem+0xea/0x220
[  168.983848][ T5767]  generic_shutdown_super+0x6f/0x2b0
[  168.989200][ T5767]  kill_block_super+0x44/0x90
[  168.993954][ T5767]  deactivate_locked_super+0x97/0x100
[  168.999395][ T5767]  cleanup_mnt+0x43b/0x4d0
[  169.003888][ T5767]  task_work_run+0x1d4/0x260
[  169.008546][ T5767]  ? task_work_cancel+0x220/0x220
[  169.013629][ T5767]  ? exit_to_user_mode_loop+0x3b/0x110
[  169.019138][ T5767]  exit_to_user_mode_loop+0xe6/0x110
[  169.024675][ T5767]  exit_to_user_mode_prepare+0xee/0x180
[  169.030555][ T5767]  syscall_exit_to_user_mode+0x1a/0x50
[  169.036075][ T5767]  do_syscall_64+0x61/0xa0
[  169.040533][ T5767]  ? clear_bhb_loop+0x40/0x90
[  169.045347][ T5767]  ? clear_bhb_loop+0x40/0x90
[  169.050072][ T5767]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  169.056014][ T5767] RIP: 0033:0x7f7b5fb9da57
[  169.060465][ T5767] Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  169.080116][ T5767] RSP: 002b:00007ffc6d677678 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  169.088568][ T5767] RAX: 0000000000000000 RBX: 00007f7b5fc32048 RCX: 00007f7b5fb9da57
[  169.096665][ T5767] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc6d677730
[  169.104684][ T5767] RBP: 00007ffc6d677730 R08: 00007ffc6d678730 R09: 00000000ffffffff
[  169.112699][ T5767] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc6d6787c0
[  169.120722][ T5767] R13: 00007f7b5fc32048 R14: 00000000000283b9 R15: 00007ffc6d678800
[  169.128867][ T5767]  </TASK>
[  169.132024][    C1] vkms_vblank_simulate: vblank timer overrun
[  170.379647][ T6708] loop4: detected capacity change from 0 to 32768
[  171.080325][ T6727] siw: device registration error -23
[  172.131999][ T5810] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  172.322140][ T5810] usb 1-1: Using ep0 maxpacket: 16
[  172.366794][ T5810] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.392211][ T5810] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  172.422868][ T5810] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  172.475198][ T5810] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  172.501973][ T5810] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.541358][ T5810] usb 1-1: config 0 descriptor??
[  173.069794][ T5810] usbhid 1-1:0.0: can't add hid device: -71
[  173.231289][ T5810] usbhid: probe of 1-1:0.0 failed with error -71
[  173.329586][ T5810] usb 1-1: USB disconnect, device number 3
[  173.378120][ T6730] loop1: detected capacity change from 0 to 32768
[  173.394075][ T6730] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  173.423761][ T6730] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  173.482864][ T6730] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  173.524880][ T5839] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  173.531735][ T5839] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  173.794419][ T5839] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 262ms
[  173.817311][ T5839] gfs2: fsid=syz:syz.0: jid=0: Done
[  173.846767][ T6730] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  175.426045][ T6730] gfs2: fsid=syz:syz.0: found 1 quota changes
[  175.627639][ T5767] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  175.627639][ T5767]   inode = 11 2339
[  175.627639][ T5767]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 421
[  175.704718][ T5767] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[  175.757676][ T6779] loop3: detected capacity change from 0 to 32768
[  175.786681][ T6779] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  175.796956][ T6779] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  175.797878][ T5767] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:5767 [syz-executor] gfs2_quota_sync+0x411/0x5a0
[  175.805893][ T6779] BTRFS info (device loop3): setting nodatacow, compression disabled
[  175.805926][ T6779] BTRFS info (device loop3): force clearing of disk cache
[  175.805948][ T6779] BTRFS info (device loop3): turning off barriers
[  175.838419][ T6779] BTRFS info (device loop3): use no compression
[  175.845435][ T6779] BTRFS info (device loop3): disabling free space tree
[  175.853446][ T6779] BTRFS info (device loop3): enabling ssd optimizations
[  175.860466][ T6779] BTRFS info (device loop3): using spread ssd allocation scheme
[  175.868273][ T6779] BTRFS info (device loop3): not using ssd optimizations
[  175.875530][ T6779] BTRFS info (device loop3): not using spread ssd allocation scheme
[  175.885399][ T5767] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  175.894127][ T5767] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  175.909341][ T5767] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  175.918672][ T5767] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  175.926906][ T5767] gfs2: fsid=syz:syz.0: File system withdrawn
[  175.933492][ T5767] CPU: 1 PID: 5767 Comm: syz-executor Not tainted syzkaller #0
[  175.941206][ T5767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  175.951324][ T5767] Call Trace:
[  175.954648][ T5767]  <TASK>
[  175.957631][ T5767]  dump_stack_lvl+0x18c/0x250
[  175.962376][ T5767]  ? kobject_uevent_env+0x363/0x8b0
[  175.967635][ T5767]  ? show_regs_print_info+0x20/0x20
[  175.972896][ T5767]  ? load_image+0x420/0x420
[  175.977459][ T5767]  ? kobject_uevent_env+0x363/0x8b0
[  175.982726][ T5767]  gfs2_withdraw+0xb24/0x13d0
[  175.987572][ T5767]  ? gfs2_lm+0x240/0x240
[  175.991890][ T5767]  ? gfs2_consist_inode_i+0xf5/0x110
[  175.997261][ T5767]  gfs2_inode_refresh+0xc50/0x1160
[  176.002449][ T5767]  ? gfs2_inode_metasync+0xf0/0xf0
[  176.007618][ T5767]  ? gfs2_glock_nq+0xd4f/0x1420
[  176.012520][ T5767]  gfs2_instantiate+0x162/0x220
[  176.017418][ T5767]  gfs2_glock_wait+0x1d4/0x2a0
[  176.022266][ T5767]  do_sync+0x4c6/0xe50
[  176.026372][ T5767]  ? gfs2_quota_sync+0x411/0x5a0
[  176.031343][ T5767]  ? bh_get+0x760/0x760
[  176.035546][ T5767]  ? __lock_acquire+0x7d40/0x7d40
[  176.040611][ T5767]  ? do_raw_spin_lock+0x11f/0x2c0
[  176.045761][ T5767]  ? gfs2_quota_sync+0x411/0x5a0
[  176.050732][ T5767]  ? do_raw_spin_unlock+0x121/0x230
[  176.055971][ T5767]  gfs2_quota_sync+0x411/0x5a0
[  176.060787][ T5767]  gfs2_sync_fs+0x4c/0xb0
[  176.065165][ T5767]  sync_filesystem+0xea/0x220
[  176.069875][ T5767]  generic_shutdown_super+0x6f/0x2b0
[  176.075291][ T5767]  kill_block_super+0x44/0x90
[  176.080015][ T5767]  deactivate_locked_super+0x97/0x100
[  176.085418][ T5767]  cleanup_mnt+0x43b/0x4d0
[  176.089965][ T5767]  task_work_run+0x1d4/0x260
[  176.094729][ T5767]  ? task_work_cancel+0x220/0x220
[  176.099802][ T5767]  ? exit_to_user_mode_loop+0x3b/0x110
[  176.105310][ T5767]  exit_to_user_mode_loop+0xe6/0x110
[  176.110641][ T5767]  exit_to_user_mode_prepare+0xee/0x180
[  176.116226][ T5767]  syscall_exit_to_user_mode+0x1a/0x50
[  176.121729][ T5767]  do_syscall_64+0x61/0xa0
[  176.126180][ T5767]  ? clear_bhb_loop+0x40/0x90
[  176.130890][ T5767]  ? clear_bhb_loop+0x40/0x90
[  176.135608][ T5767]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  176.141534][ T5767] RIP: 0033:0x7f7b5fb9da57
[  176.145992][ T5767] Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  176.165636][ T5767] RSP: 002b:00007ffc6d677678 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  176.174164][ T5767] RAX: 0000000000000000 RBX: 00007f7b5fc32048 RCX: 00007f7b5fb9da57
[  176.182175][ T5767] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc6d677730
[  176.190173][ T5767] RBP: 00007ffc6d677730 R08: 00007ffc6d678730 R09: 00000000ffffffff
[  176.198215][ T5767] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc6d6787c0
[  176.206229][ T5767] R13: 00007f7b5fc32048 R14: 0000000000029dbc R15: 00007ffc6d678800
[  176.214265][ T5767]  </TASK>
[  176.217332][    C1] vkms_vblank_simulate: vblank timer overrun
[  176.415107][ T6779] BTRFS info (device loop3): rebuilding free space tree
[  176.443274][ T6779] BTRFS info (device loop3): disabling free space tree
[  176.450313][ T6779] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  176.460107][ T6779] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  176.483249][ T6779] BTRFS info (device loop3): checking UUID tree
[  178.504948][ T5766] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  178.896018][   T28] audit: type=1326 audit(1776835123.359:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56af99c819 code=0x7ffc0000
[  178.975180][   T28] audit: type=1326 audit(1776835123.369:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=260 compat=0 ip=0x7f56af99c819 code=0x7ffc0000
[  179.081228][   T28] audit: type=1326 audit(1776835123.369:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56af99c819 code=0x7ffc0000
[  179.197037][   T28] audit: type=1326 audit(1776835123.369:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6824 comm="syz.0.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56af99c819 code=0x7ffc0000
[  179.516070][ T6835] loop3: detected capacity change from 0 to 32768
[  179.573341][ T6835] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  179.581648][ T6835] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  179.632537][ T6835] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  179.644307][ T5812] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  179.655475][ T5812] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  179.723819][ T5812] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 68ms
[  179.778745][ T5812] gfs2: fsid=syz:syz.0: jid=0: Done
[  179.814186][ T6835] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  179.990603][ T6835] gfs2: fsid=syz:syz.0: found 1 quota changes
[  180.100304][ T5766] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  180.100304][ T5766]   inode = 11 2339
[  180.100304][ T5766]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 421
[  180.183765][ T5766] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[  180.221726][ T5766] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:5766 [syz-executor] gfs2_quota_sync+0x411/0x5a0
[  180.259547][ T5766] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  180.275720][ T5766] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  180.297430][ T5766] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  180.307976][ T5766] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  180.317204][ T5766] gfs2: fsid=syz:syz.0: File system withdrawn
[  180.324437][ T5766] CPU: 0 PID: 5766 Comm: syz-executor Not tainted syzkaller #0
[  180.332052][ T5766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  180.342148][ T5766] Call Trace:
[  180.345452][ T5766]  <TASK>
[  180.348415][ T5766]  dump_stack_lvl+0x18c/0x250
[  180.353121][ T5766]  ? kobject_uevent_env+0x363/0x8b0
[  180.358369][ T5766]  ? show_regs_print_info+0x20/0x20
[  180.363598][ T5766]  ? load_image+0x420/0x420
[  180.368151][ T5766]  ? kobject_uevent_env+0x363/0x8b0
[  180.373385][ T5766]  gfs2_withdraw+0xb24/0x13d0
[  180.378113][ T5766]  ? gfs2_lm+0x240/0x240
[  180.382417][ T5766]  ? gfs2_consist_inode_i+0xf5/0x110
[  180.387761][ T5766]  gfs2_inode_refresh+0xc50/0x1160
[  180.392908][ T5766]  ? gfs2_inode_metasync+0xf0/0xf0
[  180.398048][ T5766]  ? gfs2_glock_nq+0xd4f/0x1420
[  180.402928][ T5766]  gfs2_instantiate+0x162/0x220
[  180.407873][ T5766]  gfs2_glock_wait+0x1d4/0x2a0
[  180.412697][ T5766]  do_sync+0x4c6/0xe50
[  180.416788][ T5766]  ? gfs2_quota_sync+0x411/0x5a0
[  180.421748][ T5766]  ? bh_get+0x760/0x760
[  180.425923][ T5766]  ? __lock_acquire+0x7d40/0x7d40
[  180.431011][ T5766]  ? do_raw_spin_lock+0x11f/0x2c0
[  180.436066][ T5766]  ? gfs2_quota_sync+0x411/0x5a0
[  180.441161][ T5766]  ? do_raw_spin_unlock+0x121/0x230
[  180.446397][ T5766]  gfs2_quota_sync+0x411/0x5a0
[  180.451198][ T5766]  gfs2_sync_fs+0x4c/0xb0
[  180.455555][ T5766]  sync_filesystem+0xea/0x220
[  180.460272][ T5766]  generic_shutdown_super+0x6f/0x2b0
[  180.465613][ T5766]  kill_block_super+0x44/0x90
[  180.470450][ T5766]  deactivate_locked_super+0x97/0x100
[  180.475874][ T5766]  cleanup_mnt+0x43b/0x4d0
[  180.480314][ T5766]  task_work_run+0x1d4/0x260
[  180.484938][ T5766]  ? task_work_cancel+0x220/0x220
[  180.490022][ T5766]  ? exit_to_user_mode_loop+0x3b/0x110
[  180.495512][ T5766]  exit_to_user_mode_loop+0xe6/0x110
[  180.500847][ T5766]  exit_to_user_mode_prepare+0xee/0x180
[  180.506442][ T5766]  syscall_exit_to_user_mode+0x1a/0x50
[  180.511951][ T5766]  do_syscall_64+0x61/0xa0
[  180.516443][ T5766]  ? clear_bhb_loop+0x40/0x90
[  180.521226][ T5766]  ? clear_bhb_loop+0x40/0x90
[  180.525927][ T5766]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  180.531845][ T5766] RIP: 0033:0x7f4150f9da57
[  180.536320][ T5766] Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  180.556468][ T5766] RSP: 002b:00007fff421fa748 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  180.564905][ T5766] RAX: 0000000000000000 RBX: 00007f4151032048 RCX: 00007f4150f9da57
[  180.572892][ T5766] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff421fa800
[  180.580897][ T5766] RBP: 00007fff421fa800 R08: 00007fff421fb800 R09: 00000000ffffffff
[  180.589171][ T5766] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff421fb890
[  180.597251][ T5766] R13: 00007f4151032048 R14: 000000000002bf02 R15: 00007fff421fb8d0
[  180.605277][ T5766]  </TASK>
[  181.347364][ T6832] loop4: detected capacity change from 0 to 32768
[  181.923866][ T6832] read_mapping_page failed!
[  181.928801][ T6832] jfs_mount: Failed to read AGGREGATE_I
[  181.976200][ T6832] Mount JFS Failure: -5
[  181.999482][ T6832] jfs_mount failed w/return code = -5
[  182.872085][   T28] audit: type=1326 audit(1776835127.339:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4150f9c819 code=0x7ffc0000
[  182.976100][   T28] audit: type=1326 audit(1776835127.339:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4150f9c819 code=0x7ffc0000
[  183.148977][   T28] audit: type=1326 audit(1776835127.349:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f4150f9c819 code=0x7ffc0000
[  183.274788][   T28] audit: type=1326 audit(1776835127.349:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4150f9c819 code=0x7ffc0000
[  183.387249][   T28] audit: type=1326 audit(1776835127.349:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4150f9c819 code=0x7ffc0000
[  183.501748][   T28] audit: type=1326 audit(1776835127.379:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6873 comm="syz.3.259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=316 compat=0 ip=0x7f4150f9c819 code=0x7ffc0000
[  183.610886][ T6887] loop3: detected capacity change from 0 to 512
[  183.735989][ T6893] netlink: 40 bytes leftover after parsing attributes in process `syz.1.263'.
[  184.546922][ T6887] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.799318][ T6902] loop4: detected capacity change from 0 to 32768
[  185.188854][ T6887] ext4 filesystem being mounted at /66/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  186.565370][ T6921] loop1: detected capacity change from 0 to 16
[  186.612908][ T6921] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  186.781119][ T6925] random: crng reseeded on system resumption
[  186.787874][ T5810] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  187.551570][ T5810] usb 1-1: Using ep0 maxpacket: 8
[  188.471254][ T5810] usb 1-1: config index 0 descriptor too short (expected 30, got 18)
[  188.557216][ T5810] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  188.599714][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.644013][ T5810] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.666028][ T5810] usb 1-1: Product: syz
[  188.670328][ T5810] usb 1-1: Manufacturer: syz
[  188.675343][ T5810] usb 1-1: SerialNumber: syz
[  188.743897][ T5810] usb 1-1: config 0 descriptor??
[  188.777480][ T5810] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  188.804779][ T5810] usb 1-1: setting power ON
[  188.810200][ T5810] dvb-usb: bulk message failed: -22 (2/0)
[  188.903621][ T5810] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  188.945841][ T5810] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  188.989267][ T5810] usb 1-1: media controller created
[  189.071233][ T5810] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  189.381278][ T6940] loop1: detected capacity change from 0 to 32768
[  189.408155][ T6940] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  189.416516][ T6940] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  189.449419][ T6940] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  189.466206][ T5750] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  189.482077][ T5750] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  189.521592][ T5750] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 39ms
[  189.533360][ T5750] gfs2: fsid=syz:syz.0: jid=0: Done
[  189.538641][ T6940] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  189.697057][ T5810] usb 1-1: selecting invalid altsetting 6
[  189.757108][ T5810] usb 1-1: digital interface selection failed (-22)
[  189.775311][ T6940] gfs2: fsid=syz:syz.0: found 1 quota changes
[  189.842046][ T5810] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  190.147935][ T6956] loop3: detected capacity change from 0 to 32768
[  190.166728][ T5810] usb 1-1: setting power OFF
[  190.195819][ T5767] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  190.195819][ T5767]   inode = 11 2339
[  190.195819][ T5767]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 421
[  190.611351][ T5810] dvb-usb: bulk message failed: -22 (2/0)
[  190.623294][ T5810] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  190.660818][ T5767] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[  190.663530][ T5810] (NULL device *): no alternate interface
[  190.738951][ T5767] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:5767 [syz-executor] gfs2_quota_sync+0x411/0x5a0
[  190.791636][ T5767] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  190.811466][ T5767] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  190.994993][ T5767] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  191.251057][ T5767] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  191.272531][ T5767] gfs2: fsid=syz:syz.0: File system withdrawn
[  191.279786][ T5767] CPU: 1 PID: 5767 Comm: syz-executor Not tainted syzkaller #0
[  191.287408][ T5767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  191.297510][ T5767] Call Trace:
[  191.300810][ T5767]  <TASK>
[  191.303765][ T5767]  dump_stack_lvl+0x18c/0x250
[  191.308477][ T5767]  ? kobject_uevent_env+0x363/0x8b0
[  191.313716][ T5767]  ? show_regs_print_info+0x20/0x20
[  191.318974][ T5767]  ? load_image+0x420/0x420
[  191.323507][ T5767]  ? kobject_uevent_env+0x363/0x8b0
[  191.328730][ T5767]  gfs2_withdraw+0xb24/0x13d0
[  191.333453][ T5767]  ? gfs2_lm+0x240/0x240
[  191.337716][ T5767]  ? queue_delayed_work_on+0x114/0x200
[  191.343222][ T5767]  ? gfs2_consist_inode_i+0xf5/0x110
[  191.348533][ T5767]  gfs2_inode_refresh+0xc50/0x1160
[  191.353694][ T5767]  ? gfs2_inode_metasync+0xf0/0xf0
[  191.358825][ T5767]  ? gfs2_glock_nq+0xd4f/0x1420
[  191.363704][ T5767]  gfs2_instantiate+0x162/0x220
[  191.368575][ T5767]  gfs2_glock_wait+0x1d4/0x2a0
[  191.373362][ T5767]  do_sync+0x4c6/0xe50
[  191.377451][ T5767]  ? gfs2_quota_sync+0x411/0x5a0
[  191.382404][ T5767]  ? bh_get+0x760/0x760
[  191.386670][ T5767]  ? __lock_acquire+0x7d40/0x7d40
[  191.391711][ T5767]  ? do_raw_spin_lock+0x11f/0x2c0
[  191.396758][ T5767]  ? gfs2_quota_sync+0x411/0x5a0
[  191.401713][ T5767]  ? do_raw_spin_unlock+0x121/0x230
[  191.406935][ T5767]  gfs2_quota_sync+0x411/0x5a0
[  191.411721][ T5767]  gfs2_sync_fs+0x4c/0xb0
[  191.416085][ T5767]  sync_filesystem+0xea/0x220
[  191.420810][ T5767]  generic_shutdown_super+0x6f/0x2b0
[  191.426116][ T5767]  kill_block_super+0x44/0x90
[  191.430839][ T5767]  deactivate_locked_super+0x97/0x100
[  191.436240][ T5767]  cleanup_mnt+0x43b/0x4d0
[  191.440684][ T5767]  task_work_run+0x1d4/0x260
[  191.445382][ T5767]  ? task_work_cancel+0x220/0x220
[  191.450469][ T5767]  ? exit_to_user_mode_loop+0x3b/0x110
[  191.455955][ T5767]  exit_to_user_mode_loop+0xe6/0x110
[  191.461261][ T5767]  exit_to_user_mode_prepare+0xee/0x180
[  191.466937][ T5767]  syscall_exit_to_user_mode+0x1a/0x50
[  191.472474][ T5767]  do_syscall_64+0x61/0xa0
[  191.476916][ T5767]  ? clear_bhb_loop+0x40/0x90
[  191.481613][ T5767]  ? clear_bhb_loop+0x40/0x90
[  191.486314][ T5767]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  191.492239][ T5767] RIP: 0033:0x7f7b5fb9da57
[  191.496698][ T5767] Code: a2 c7 05 9c fc 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  191.516449][ T5767] RSP: 002b:00007ffc6d677678 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  191.525020][ T5767] RAX: 0000000000000000 RBX: 00007f7b5fc32048 RCX: 00007f7b5fb9da57
[  191.533182][ T5767] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc6d677730
[  191.541196][ T5767] RBP: 00007ffc6d677730 R08: 00007ffc6d678730 R09: 00000000ffffffff
[  191.549180][ T5767] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc6d6787c0
[  191.557170][ T5767] R13: 00007f7b5fc32048 R14: 000000000002e27d R15: 00007ffc6d678800
[  191.565172][ T5767]  </TASK>
[  191.746426][ T5810] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  191.846625][ T5810] usb 1-1: USB disconnect, device number 4
[  192.236931][ T6970] loop4: detected capacity change from 0 to 2048
[  192.303888][ T6970] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  194.739566][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  194.751198][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  196.003424][ T7019] netlink: 68 bytes leftover after parsing attributes in process `syz.3.293'.
[  196.593362][ T7012] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  197.846951][ T7047] loop1: detected capacity change from 0 to 32768
[  197.854888][ T5810] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  198.311161][ T5810] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  198.441062][ T5810] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.584452][ T5810] usb 5-1: Product: syz
[  198.588720][ T5810] usb 5-1: Manufacturer: syz
[  198.612952][ T5810] usb 5-1: SerialNumber: syz
[  198.630587][ T5810] usb 5-1: config 0 descriptor??
[  199.068841][ T7058] futex_wake_op: syz.3.306 tries to shift op by -1; fix this program
[  199.316507][ T5810] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  199.472516][ T7063] netlink: 68 bytes leftover after parsing attributes in process `syz.0.307'.
[  200.223677][ T7078] loop3: detected capacity change from 0 to 2048
[  200.287537][ T7078] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  200.631963][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  200.901926][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  200.921918][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  201.111922][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  201.142540][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[  201.201921][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  201.401929][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  201.491924][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  201.511922][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  201.625726][ T5810] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -110
[  202.175327][ T5810] usb 5-1: USB disconnect, device number 3
[  202.362211][ T5750] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  202.589494][ T5750] usb 1-1: unable to get BOS descriptor or descriptor too short
[  202.649480][ T7101] futex_wake_op: syz.1.317 tries to shift op by -1; fix this program
[  203.067778][ T5750] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  203.078659][ T5750] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  203.122230][ T5750] usb 1-1: New USB device found, idVendor=1235, idProduct=8210, bcdDevice= 0.40
[  203.132276][ T5750] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  203.140481][ T5750] usb 1-1: Product: syz
[  203.144898][ T5750] usb 1-1: Manufacturer: syz
[  203.149706][ T5750] usb 1-1: SerialNumber: syz
[  203.467680][ T5750] usb 1-1: 0:1 : does not exist
[  203.479930][ T5750] usb 1-1: BAAD HEADSET c_chmask mismatch
[  203.675336][ T5750] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  203.952154][ T7118] ptrace attach of ""[7119] was attempted by "./syz-executor exec"[7118]
[  205.388336][ T5750] usb 1-1: USB disconnect, device number 5
[  205.724586][ T7127] loop1: detected capacity change from 0 to 32768
[  205.741294][ T5770] udevd[5770]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  207.412140][ T5774] Bluetooth: hci1: command 0x0406 tx timeout
[  208.028869][ T5810] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  208.232160][ T7161] ptrace attach of ""[7162] was attempted by "./syz-executor exec"[7161]
[  208.632838][ T5810] usb 2-1: device descriptor read/64, error -71
[  209.152238][   T27] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  209.167498][ T5810] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  209.342591][   T27] usb 1-1: Using ep0 maxpacket: 16
[  209.362432][   T27] usb 1-1: config index 0 descriptor too short (expected 51443, got 18)
[  209.394081][   T27] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  209.403423][   T27] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.405504][ T5810] usb 2-1: device descriptor read/64, error -71
[  209.411629][   T27] usb 1-1: Product: syz
[  209.422409][   T27] usb 1-1: Manufacturer: syz
[  209.427624][   T27] usb 1-1: SerialNumber: syz
[  209.461651][   T27] r8152-cfgselector 1-1: config 0 descriptor??
[  209.693955][ T5810] usb usb2-port1: attempt power cycle
[  210.075815][   T27] r8152-cfgselector 1-1: Unknown version 0x0000
[  210.124958][   T27] r8152-cfgselector 1-1: USB disconnect, device number 6
[  210.442023][ T5810] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  210.507480][ T5810] usb 2-1: device descriptor read/8, error -71
[  210.901310][ T7185] loop4: detected capacity change from 0 to 32768
[  210.954644][ T7163] loop3: detected capacity change from 0 to 32768
[  210.982510][ T5810] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  211.473292][ T5810] usb 2-1: device not accepting address 7, error -71
[  211.613020][ T5810] usb usb2-port1: unable to enumerate USB device
[  211.950073][ T7191] loop1: detected capacity change from 0 to 32768
[  212.012662][ T7191] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  212.029691][ T5783] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 13
[  212.333029][ T7191] XFS (loop1): Ending clean mount
[  212.347331][ T7191] XFS (loop1): Quotacheck needed: Please wait.
[  212.527432][ T7191] XFS (loop1): Quotacheck: Done.
[  214.546694][ T7210] netlink: 20 bytes leftover after parsing attributes in process `syz.0.344'.
[  214.818279][ T5767] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  215.262004][ T7234] loop3: detected capacity change from 0 to 32768
[  216.429256][ T7243] loop3: detected capacity change from 0 to 32768
[  216.437062][ T5812] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  216.456703][ T7243] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 13
[  216.578913][ T5810] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  216.630395][ T7243] loop3: detected capacity change from 0 to 1024
[  216.694813][ T5812] usb 1-1: Using ep0 maxpacket: 8
[  216.797054][ T5810] usb 2-1: device descriptor read/64, error -71
[  216.976992][ T5812] usb 1-1: unable to get BOS descriptor or descriptor too short
[  217.089993][ T5812] usb 1-1: config 117 has an invalid interface number: 163 but max is 0
[  217.204216][ T5812] usb 1-1: config 117 has no interface number 0
[  217.287282][ T7231] loop4: detected capacity change from 0 to 32768
[  217.302483][ T5812] usb 1-1: config 117 interface 163 has no altsetting 0
[  217.310023][ T7231] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 13
[  217.350593][ T5812] usb 1-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=5d.24
[  217.372173][ T5810] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  217.406487][ T5812] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.438826][ T5812] usb 1-1: Product: syz
[  217.462620][ T5812] usb 1-1: Manufacturer: syz
[  217.476151][ T5812] usb 1-1: SerialNumber: syz
[  217.562116][ T5810] usb 2-1: device descriptor read/64, error -71
[  217.585333][ T5783] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 13
[  217.682313][ T5810] usb usb2-port1: attempt power cycle
[  218.112176][ T5810] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  218.273105][ T5812] f81534a_ctrl: probe of 1-1:117.163 failed with error -32
[  218.353818][ T5810] usb 2-1: device descriptor read/8, error -71
[  218.520356][ T5812] usb 1-1: USB disconnect, device number 7
[  218.832114][ T5810] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  218.872843][ T5810] usb 2-1: device descriptor read/8, error -71
[  219.002849][ T5810] usb usb2-port1: unable to enumerate USB device
[  220.140743][ T7278] loop3: detected capacity change from 0 to 32768
[  220.909811][ T7285] loop4: detected capacity change from 0 to 32768
[  220.949595][ T7285] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 13
[  221.931058][ T5781] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 13
[  223.631095][ T7306] 9pnet_fd: Insufficient options for proto=fd
[  223.691475][ T7306] fuse: Unknown parameter 'ÿÿÿÿÿÿÿÿ0x0000000000000006'
[  224.362096][ T5750] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  224.532513][ T5750] usb 1-1: device descriptor read/64, error -71
[  224.577522][ T7291] loop1: detected capacity change from 0 to 32768
[  224.613171][ T7291] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  224.623674][ T7291] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  224.633067][ T7291] BTRFS info (device loop1): turning on async discard
[  224.640092][ T7291] BTRFS info (device loop1): metadata ratio 0
[  224.648443][ T7291] BTRFS info (device loop1): setting nodatasum
[  224.654816][ T7291] BTRFS info (device loop1): using free space tree
[  224.842102][ T5750] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  225.043204][ T5750] usb 1-1: device descriptor read/64, error -71
[  225.081322][ T7291] BTRFS error (device loop1): open_ctree failed: -4
[  225.203327][ T5750] usb usb1-port1: attempt power cycle
[  225.620907][ T7348] loop1: detected capacity change from 0 to 32768
[  225.634418][ T7348] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.373 (7348)
[  225.692089][ T5750] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  225.719036][ T7348] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  225.729440][ T7348] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  225.738577][ T7348] BTRFS info (device loop1): force clearing of disk cache
[  225.745923][ T7348] BTRFS info (device loop1): enabling auto defrag
[  225.752436][ T7348] BTRFS info (device loop1): max_inline at 0
[  225.758556][ T7348] BTRFS info (device loop1): enabling ssd optimizations
[  225.765580][ T7348] BTRFS info (device loop1): using spread ssd allocation scheme
[  225.773262][ T7348] BTRFS info (device loop1): using free space tree
[  225.783099][ T5750] usb 1-1: device descriptor read/8, error -71
[  225.877640][ T7348] BTRFS info (device loop1): rebuilding free space tree
[  226.053828][ T5750] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  226.086355][   T59] BTRFS info (device loop1): qgroup scan completed (inconsistency flag cleared)
[  226.198486][ T5750] usb 1-1: device descriptor read/8, error -71
[  226.354504][ T5750] usb usb1-port1: unable to enumerate USB device
[  226.727010][ T5767] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  226.991630][ T5770] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 13 /dev/loop1 scanned by udevd (5770)
[  228.702290][ T7379] netlink: 68 bytes leftover after parsing attributes in process `syz.1.377'.
[  228.861992][ T5812] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  228.889597][   T28] kauditd_printk_skb: 5 callbacks suppressed
[  228.889612][   T28] audit: type=1326 audit(1776835173.359:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7382 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56af99c819 code=0x7ffc0000
[  228.961567][   T28] audit: type=1326 audit(1776835173.359:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7382 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56af99c819 code=0x7ffc0000
[  229.005791][   T28] audit: type=1326 audit(1776835173.359:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7382 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=316 compat=0 ip=0x7f56af99c819 code=0x7ffc0000
[  229.028032][    C1] vkms_vblank_simulate: vblank timer overrun
[  229.047967][   T28] audit: type=1326 audit(1776835173.359:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7382 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56af99c819 code=0x7ffc0000
[  229.070949][   T28] audit: type=1326 audit(1776835173.359:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7382 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56af99c819 code=0x7ffc0000
[  229.072561][ T5812] usb 5-1: Using ep0 maxpacket: 32
[  229.093114][    C1] vkms_vblank_simulate: vblank timer overrun
[  229.138153][ T7388] loop3: detected capacity change from 0 to 1024
[  229.224154][ T5812] usb 5-1: config 0 has an invalid interface number: 51 but max is 0
[  229.241695][ T5812] usb 5-1: config 0 has no interface number 0
[  229.544001][ T5812] usb 5-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  229.808648][ T5812] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.835610][ T7385] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  229.838720][ T5812] usb 5-1: Product: syz
[  229.863483][ T5812] usb 5-1: Manufacturer: syz
[  229.868257][ T5812] usb 5-1: SerialNumber: syz
[  229.940589][ T5812] usb 5-1: config 0 descriptor??
[  229.965944][ T5812] quatech2 5-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  230.153962][ T5777] Bluetooth: hci2: link tx timeout
[  230.159976][ T5777] Bluetooth: hci2: killing stalled connection 10:aa:aa:aa:aa:aa
[  230.173158][ T5777] Bluetooth: hci2: link tx timeout
[  230.178424][ T5777] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  230.289455][ T5812] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  230.351429][ T5812] usb 5-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  230.826506][ T7400] loop1: detected capacity change from 0 to 32768
[  230.834899][ T5843] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  230.869669][    C0] quatech-serial ttyUSB0: qt2_process_read_urb - unsupported command 101
[  231.022142][ T5843] usb 4-1: device descriptor read/64, error -71
[  231.292163][ T5843] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  231.468653][    C0] usb 5-1: qt2_read_bulk_callback - non-zero urb status: -71
[  231.476956][ T5812] usb 5-1: USB disconnect, device number 4
[  231.482322][ T5843] usb 4-1: device descriptor read/64, error -71
[  231.503885][ T5812] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  231.522354][ T5812] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  231.535250][ T5812] quatech2 5-1:0.51: device disconnected
[  231.659693][ T5843] usb usb4-port1: attempt power cycle
[  232.213456][ T5777] Bluetooth: hci2: command 0x0406 tx timeout
[  232.682011][ T5843] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  232.719661][ T5843] usb 4-1: device descriptor read/8, error -71
[  233.137902][ T5843] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  233.171398][ T7408] netlink: 68 bytes leftover after parsing attributes in process `syz.4.387'.
[  233.222838][ T5843] usb 4-1: device descriptor read/8, error -71
[  233.300886][ T7411] netlink: 1688 bytes leftover after parsing attributes in process `syz.4.389'.
[  233.350825][ T5843] usb usb4-port1: unable to enumerate USB device
[  234.284445][ T7416] loop3: detected capacity change from 0 to 32791
[  234.325239][ T5774] Bluetooth: hci2: command 0x0406 tx timeout
[  234.740750][ T7414] loop4: detected capacity change from 0 to 131072
[  234.778925][ T7416] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  234.787255][ T7416] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  234.831132][ T7416] gfs2: fsid=syz:syz.0: fatal: invalid metadata block
[  234.831132][ T7416]   bh = 2072 (magic number)
[  234.831132][ T7416]   function = gfs2_meta_buffer, file = fs/gfs2/meta_io.c, line = 503
[  234.851530][ T7416] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  234.859539][ T7416] gfs2: fsid=syz:syz.0: File system withdrawn
[  234.865861][ T7416] CPU: 0 PID: 7416 Comm: syz.3.391 Not tainted syzkaller #0
[  234.873170][ T7416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  234.883251][ T7416] Call Trace:
[  234.886557][ T7416]  <TASK>
[  234.889505][ T7416]  dump_stack_lvl+0x18c/0x250
[  234.894216][ T7416]  ? kobject_uevent_env+0x363/0x8b0
[  234.899460][ T7416]  ? show_regs_print_info+0x20/0x20
[  234.904712][ T7416]  ? load_image+0x420/0x420
[  234.909250][ T7416]  ? kobject_uevent_env+0x363/0x8b0
[  234.914475][ T7416]  gfs2_withdraw+0xb24/0x13d0
[  234.919184][ T7416]  ? gfs2_lm+0x218/0x240
[  234.923472][ T7416]  ? gfs2_lm+0x240/0x240
[  234.927770][ T7416]  ? gfs2_freeze_unlock+0x60/0x60
[  234.932837][ T7416]  ? gfs2_meta_read+0x84c/0x990
[  234.937869][ T7416]  ? gfs2_meta_new+0x160/0x160
[  234.942781][ T7416]  ? queue_delayed_work_on+0x114/0x200
[  234.948264][ T7416]  gfs2_meta_check_ii+0x72/0x90
[  234.953216][ T7416]  gfs2_meta_buffer+0x236/0x310
[  234.958119][ T7416]  gfs2_inode_refresh+0xc7/0x1160
[  234.963173][ T7416]  ? gfs2_inode_metasync+0xf0/0xf0
[  234.968304][ T7416]  ? gfs2_glock_nq+0xd4f/0x1420
[  234.973179][ T7416]  ? do_raw_spin_lock+0x11f/0x2c0
[  234.978508][ T7416]  gfs2_instantiate+0x162/0x220
[  234.983398][ T7416]  gfs2_glock_wait+0x1d4/0x2a0
[  234.988198][ T7416]  gfs2_lookupi+0x3de/0x640
[  234.992728][ T7416]  ? gfs2_lookup_meta+0x180/0x180
[  234.997788][ T7416]  ? gfs2_lookup_meta+0xb0/0x180
[  235.002750][ T7416]  ? crc32_le_base+0x759/0xcf0
[  235.007566][ T7416]  gfs2_lookup_meta+0xb0/0x180
[  235.012381][ T7416]  ? gfs2_lookup_by_inum+0xf0/0xf0
[  235.017539][ T7416]  init_journal+0x1c2/0x2330
[  235.022177][ T7416]  ? pointer+0x1160/0x1160
[  235.026653][ T7416]  ? _compound_head+0x120/0x120
[  235.031586][ T7416]  ? vsnprintf+0x1ac7/0x1ba0
[  235.036311][ T7416]  ? snprintf+0xe9/0x140
[  235.040612][ T7416]  ? vscnprintf+0x80/0x80
[  235.045142][ T7416]  ? gfs2_glock_nq_num+0x183/0x1c0
[  235.050282][ T7416]  init_inodes+0xdb/0x320
[  235.054699][ T7416]  gfs2_fill_super+0x17bc/0x1f30
[  235.059711][ T7416]  ? __might_sleep+0xe0/0xe0
[  235.064344][ T7416]  ? gfs2_reconfigure+0xb10/0xb10
[  235.069484][ T7416]  ? init_locking+0xb8/0x200
[  235.074150][ T7416]  ? setup_bdev_super+0x559/0x660
[  235.079300][ T7416]  ? setup_bdev_super+0x56b/0x660
[  235.084357][ T7416]  get_tree_bdev+0x3f3/0x520
[  235.088975][ T7416]  ? end_current_label_crit_section+0x170/0x170
[  235.095352][ T7416]  ? gfs2_reconfigure+0xb10/0xb10
[  235.100405][ T7416]  ? setup_bdev_super+0x660/0x660
[  235.105471][ T7416]  gfs2_get_tree+0x51/0x1e0
[  235.110005][ T7416]  vfs_get_tree+0x8c/0x280
[  235.114439][ T7416]  do_new_mount+0x24b/0xa40
[  235.118965][ T7416]  __se_sys_mount+0x2e7/0x3d0
[  235.123677][ T7416]  ? __x64_sys_mount+0xc0/0xc0
[  235.128475][ T7416]  ? lockdep_hardirqs_on+0x98/0x150
[  235.133703][ T7416]  ? __x64_sys_mount+0x20/0xc0
[  235.138509][ T7416]  do_syscall_64+0x55/0xa0
[  235.143075][ T7416]  ? clear_bhb_loop+0x40/0x90
[  235.147773][ T7416]  ? clear_bhb_loop+0x40/0x90
[  235.152473][ T7416]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  235.158411][ T7416] RIP: 0033:0x7f4150f9da8a
[  235.162863][ T7416] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  235.182491][ T7416] RSP: 002b:00007f4151f22e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  235.190927][ T7416] RAX: ffffffffffffffda RBX: 00007f4151f22ee0 RCX: 00007f4150f9da8a
[  235.198916][ T7416] RDX: 00002000000124c0 RSI: 0000200000012500 RDI: 00007f4151f22ea0
[  235.206904][ T7416] RBP: 00002000000124c0 R08: 00007f4151f22ee0 R09: 0000000000000000
[  235.214892][ T7416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000012500
[  235.222879][ T7416] R13: 00007f4151f22ea0 R14: 00000000000125c7 R15: 0000200000000180
[  235.230876][ T7416]  </TASK>
[  235.235700][ T7416] gfs2: fsid=syz:syz.0: can't lookup journal index: 0
[  235.736941][ T7414] F2FS-fs (loop4): Test dummy encryption mode enabled
[  235.797017][ T7414] F2FS-fs (loop4): Found nat_bits in checkpoint
[  235.853622][ T7414] F2FS-fs (loop4): Mounted with checkpoint version = 753bd00b
[  237.652018][ T5774] Bluetooth: hci2: command 0x0406 tx timeout
[  237.730113][ T7439] netlink: 1688 bytes leftover after parsing attributes in process `syz.0.398'.
[  238.090534][ T7434] loop3: detected capacity change from 0 to 32768
[  238.115877][ T7434] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 13
[  238.156694][ T5812] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  238.337440][ T5770] BTRFS error: device /dev/loop3 already registered with a higher generation, found 8 expect 13
[  238.352396][ T5812] usb 1-1: Using ep0 maxpacket: 8
[  238.369184][ T7437] loop1: detected capacity change from 0 to 40427
[  238.389214][ T5812] usb 1-1: unable to get BOS descriptor or descriptor too short
[  238.398702][ T5812] usb 1-1: config 117 has an invalid interface number: 163 but max is 0
[  238.409520][ T5812] usb 1-1: config 117 has no interface number 0
[  238.427599][ T7437] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  238.439668][ T5812] usb 1-1: config 117 interface 163 has no altsetting 0
[  238.465116][ T7441] loop4: detected capacity change from 0 to 32768
[  238.485987][ T7437] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  238.516086][ T7441] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 scanned by syz.4.394 (7441)
[  238.540702][ T7437] F2FS-fs (loop1): invalid crc value
[  238.556761][ T5812] usb 1-1: New USB device found, idVendor=2c42, idProduct=16f8, bcdDevice=5d.24
[  238.570935][ T5812] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  238.589932][ T7441] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  238.614948][ T7437] F2FS-fs (loop1): Found nat_bits in checkpoint
[  238.629808][ T5812] usb 1-1: Product: syz
[  238.638858][ T7441] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  238.649390][ T5812] usb 1-1: Manufacturer: syz
[  238.697908][ T5812] usb 1-1: SerialNumber: syz
[  238.702344][ T7441] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8)
[  238.733817][ T7441] BTRFS info (device loop4): use lzo compression, level 0
[  238.759352][ T7441] BTRFS info (device loop4): using free space tree
[  239.049970][ T7437] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  239.082295][ T7437] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  239.117650][ T7441] BTRFS info (device loop4): enabling ssd optimizations
[  239.124933][ T7441] BTRFS info (device loop4): auto enabling async discard
[  239.422867][ T5812] f81534a_ctrl: probe of 1-1:117.163 failed with error -121
[  239.509702][   T28] audit: type=1800 audit(1776835183.969:22): pid=7441 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.394" name="file1" dev="loop4" ino=260 res=0 errno=0
[  239.976869][ T5812] usb 1-1: USB disconnect, device number 12
[  240.188295][   T62] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  240.229689][   T62] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  240.494638][ T6393] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  244.173661][ T7490] netlink: 'syz.0.407': attribute type 72 has an invalid length.
[  246.093785][ T7509] loop4: detected capacity change from 0 to 32768
[  246.380075][ T7509] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 13
[  246.405060][ T5774] Bluetooth: hci2: command 0x0406 tx timeout
[  248.201335][ T5770] I/O error, dev loop4, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  248.400409][ T7509] loop4: detected capacity change from 0 to 1024
[  248.452207][ T5777] Bluetooth: hci2: command 0x0406 tx timeout
[  249.172362][ T7518] netlink: 'syz.4.417': attribute type 72 has an invalid length.
[  251.600726][ T7540] loop4: detected capacity change from 0 to 32768
[  251.675944][ T7540] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.424 (7540)
[  251.760348][ T7540] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  251.770915][ T7540] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  251.780010][ T7540] BTRFS info (device loop4): setting nodatacow, compression disabled
[  251.788231][ T7540] BTRFS info (device loop4): force clearing of disk cache
[  251.795518][ T7540] BTRFS info (device loop4): turning off barriers
[  251.802339][ T7540] BTRFS info (device loop4): use no compression
[  251.808644][ T7540] BTRFS info (device loop4): disabling free space tree
[  251.815610][ T7540] BTRFS info (device loop4): enabling ssd optimizations
[  251.822664][ T7540] BTRFS info (device loop4): using spread ssd allocation scheme
[  251.831583][ T7540] BTRFS info (device loop4): not using ssd optimizations
[  251.838854][ T7540] BTRFS info (device loop4): not using spread ssd allocation scheme
[  251.947157][ T7540] BTRFS info (device loop4): rebuilding free space tree
[  251.964675][ T7540] BTRFS info (device loop4): disabling free space tree
[  251.971684][ T7540] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  251.981539][ T7540] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  251.999496][ T7540] BTRFS info (device loop4): checking UUID tree
[  252.052062][ T5774] Bluetooth: hci2: command 0x0406 tx timeout
[  254.743264][ T6393] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  255.536070][ T7579] netlink: 'syz.4.428': attribute type 72 has an invalid length.
[  256.002206][ T5812] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  256.249246][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  256.263687][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  256.475277][ T5812] usb 2-1: Using ep0 maxpacket: 16
[  256.495542][ T5812] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  256.512108][ T5812] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  256.521253][ T5812] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  256.543758][ T5812] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.571075][ T5812] usb 2-1: config 0 descriptor??
[  258.653732][ T7596] loop4: detected capacity change from 0 to 32768
[  258.670211][ T5812] usb 2-1: USB disconnect, device number 12
[  258.758262][ T7596] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  258.841596][ T7619] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.441'.
[  259.023813][ T7596] XFS (loop4): Ending clean mount
[  259.057467][ T7596] XFS (loop4): Quotacheck needed: Please wait.
[  259.236633][ T7596] XFS (loop4): Quotacheck: Done.
[  259.405578][ T5750] IPVS: starting estimator thread 0...
[  259.572217][ T7627] IPVS: using max 16 ests per chain, 38400 per kthread
[  260.209920][ T6393] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  260.452164][ T5777] Bluetooth: hci2: command 0x0406 tx timeout
[  261.186167][ T7644] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.450'.
[  261.672271][   T27] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  261.872110][   T27] usb 4-1: Using ep0 maxpacket: 16
[  261.928031][   T27] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  261.938814][   T27] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  261.948238][   T27] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  261.957771][   T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.018552][   T27] usb 4-1: config 0 descriptor??
[  262.314690][ T7662] loop4: detected capacity change from 0 to 16
[  262.395635][ T7662] erofs: (device loop4): mounted with root inode @ nid 36.
[  263.567038][ T7676] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.460'.
[  264.873291][ T5810] usb 4-1: USB disconnect, device number 7
[  268.247460][ T7737] binder: 7736:7737 ioctl 4018620d 0 returned -22
[  268.368808][ T5750] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  268.547088][ T7748] loop3: detected capacity change from 0 to 16
[  268.567873][ T5750] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  268.586389][ T5750] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.595655][ T7748] erofs: (device loop3): mounted with root inode @ nid 36.
[  268.603164][ T5750] usb 5-1: Product: syz
[  268.611943][ T5750] usb 5-1: Manufacturer: syz
[  268.616656][ T5750] usb 5-1: SerialNumber: syz
[  268.637700][ T5750] usb 5-1: config 0 descriptor??
[  268.802310][   T27] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  268.992017][   T27] usb 2-1: Using ep0 maxpacket: 8
[  269.007018][   T27] usb 2-1: config 56 has too many interfaces: 49, using maximum allowed: 32
[  269.016404][   T27] usb 2-1: config 56 has an invalid descriptor of length 55, skipping remainder of the config
[  269.029548][   T27] usb 2-1: config 56 has 0 interfaces, different from the descriptor's value: 49
[  269.040593][   T27] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  269.050651][   T27] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.112815][ T5750] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  269.455969][ T7746] syz_tun: entered allmulticast mode
[  269.488587][ T7746] netlink: 4 bytes leftover after parsing attributes in process `syz.1.489'.
[  269.609288][ T7746] syz_tun (unregistering): left allmulticast mode
[  269.699949][   T27] usb 2-1: string descriptor 0 read error: -71
[  269.719180][   T27] usb 2-1: USB disconnect, device number 13
[  269.960458][ T7763] binder: 7762:7763 ioctl 4018620d 0 returned -22
[  270.347538][ T5750] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71
[  270.380873][ T5750] usb 5-1: USB disconnect, device number 5
[  273.284412][ T7789] binder: 7788:7789 ioctl 4018620d 0 returned -22
[  273.545190][ T7795] loop4: detected capacity change from 0 to 32768
[  273.562067][ T7795] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.507 (7795)
[  273.644837][ T7795] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  273.655457][ T7795] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  273.664313][ T7795] BTRFS info (device loop4): setting nodatacow, compression disabled
[  273.672820][ T7795] BTRFS info (device loop4): force clearing of disk cache
[  273.679953][ T7795] BTRFS info (device loop4): turning off barriers
[  273.686440][ T7795] BTRFS info (device loop4): use no compression
[  273.692780][ T7795] BTRFS info (device loop4): disabling free space tree
[  273.699668][ T7795] BTRFS info (device loop4): enabling ssd optimizations
[  273.706876][ T7795] BTRFS info (device loop4): using spread ssd allocation scheme
[  273.714579][ T7795] BTRFS info (device loop4): not using ssd optimizations
[  273.721787][ T7795] BTRFS info (device loop4): not using spread ssd allocation scheme
[  273.809182][ T7795] BTRFS info (device loop4): rebuilding free space tree
[  273.824782][ T7795] BTRFS info (device loop4): disabling free space tree
[  273.831790][ T7795] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  273.841680][ T7795] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  273.857078][ T7795] BTRFS info (device loop4): checking UUID tree
[  276.504740][ T6393] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  278.552057][ T7822] loop1: detected capacity change from 0 to 32768
[  278.700128][ T7822] read_mapping_page failed!
[  278.731341][ T7822] ERROR: (device loop1): txCommit: 
[  278.731341][ T7822] 
[  278.782183][ T7822] ERROR: (device loop1): remounting filesystem as read-only
[  279.240871][  T113] BUG at fs/jfs/jfs_txnmgr.c:932 assert(mp->nohomeok > 0)
[  279.373349][  T113] ------------[ cut here ]------------
[  279.381170][  T113] kernel BUG at fs/jfs/jfs_txnmgr.c:932!
[  279.412525][  T113] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  279.418672][  T113] CPU: 1 PID: 113 Comm: jfsCommit Not tainted syzkaller #0
[  279.425913][  T113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  279.436037][  T113] RIP: 0010:txUnlock+0xc87/0xcb0
[  279.441036][  T113] Code: 0f 36 73 07 0f 0b e8 68 9b 7f fe 48 c7 c7 40 21 04 8b 48 c7 c6 39 1d 04 8b ba a4 03 00 00 48 c7 c1 20 2e 04 8b e8 e9 35 73 07 <0f> 0b e8 42 9b 7f fe 48 c7 c7 40 21 04 8b 48 c7 c6 39 1d 04 8b ba
[  279.460688][  T113] RSP: 0000:ffffc90002cd7d08 EFLAGS: 00010246
[  279.466810][  T113] RAX: 0000000000000037 RBX: 0000000000001000 RCX: b745c3f0e5aabb00
[  279.474842][  T113] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  279.482855][  T113] RBP: ffffc9000284a0d8 R08: ffffc90002cd7a07 R09: 1ffff9200059af40
[  279.490874][  T113] R10: dffffc0000000000 R11: fffff5200059af41 R12: ffff88803081eaa8
[  279.498898][  T113] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888023f7e894
[  279.506963][  T113] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  279.515908][  T113] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  279.522516][  T113] CR2: 000020000001a000 CR3: 0000000030531000 CR4: 00000000003506e0
[  279.530613][  T113] Call Trace:
[  279.533930][  T113]  <TASK>
[  279.536888][  T113]  ? preempt_schedule_thunk+0x1a/0x30
[  279.542284][  T113]  jfs_lazycommit+0x56e/0xa70
[  279.546980][  T113]  ? txFreelock+0x5a0/0x5a0
[  279.551500][  T113]  ? do_task_dead+0xd0/0xd0
[  279.556033][  T113]  ? __kthread_parkme+0x7a/0x1c0
[  279.560989][  T113]  kthread+0x2fa/0x390
[  279.565171][  T113]  ? txFreelock+0x5a0/0x5a0
[  279.569704][  T113]  ? kthread_blkcg+0xd0/0xd0
[  279.574341][  T113]  ret_from_fork+0x48/0x80
[  279.578826][  T113]  ? kthread_blkcg+0xd0/0xd0
[  279.583446][  T113]  ret_from_fork_asm+0x11/0x20
[  279.588262][  T113]  </TASK>
[  279.591290][  T113] Modules linked in:
[  279.634721][  T113] ---[ end trace 0000000000000000 ]---
[  279.640358][  T113] RIP: 0010:txUnlock+0xc87/0xcb0
[  279.681703][  T113] Code: 0f 36 73 07 0f 0b e8 68 9b 7f fe 48 c7 c7 40 21 04 8b 48 c7 c6 39 1d 04 8b ba a4 03 00 00 48 c7 c1 20 2e 04 8b e8 e9 35 73 07 <0f> 0b e8 42 9b 7f fe 48 c7 c7 40 21 04 8b 48 c7 c6 39 1d 04 8b ba
[  279.735911][  T113] RSP: 0000:ffffc90002cd7d08 EFLAGS: 00010246
[  279.742811][  T113] RAX: 0000000000000037 RBX: 0000000000001000 RCX: b745c3f0e5aabb00
[  279.750838][  T113] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  279.770096][ T7841] loop3: detected capacity change from 0 to 4096
[  279.776875][  T113] RBP: ffffc9000284a0d8 R08: ffffc90002cd7a07 R09: 1ffff9200059af40
[  279.788972][  T113] R10: dffffc0000000000 R11: fffff5200059af41 R12: ffff88803081eaa8
[  279.804824][  T113] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888023f7e894
[  279.826160][  T113] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  279.835735][ T7842] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  279.846672][ T7841] NILFS (loop3): corrupt root inode
[  279.852075][  T113] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  279.858743][  T113] CR2: 00007f4150f85980 CR3: 0000000025256000 CR4: 00000000003506f0
[  279.881963][  T113] Kernel panic - not syncing: Fatal exception
[  279.888768][  T113] Kernel Offset: disabled
[  279.893112][  T113] Rebooting in 86400 seconds..