last executing test programs:

22m30.150304842s ago: executing program 32 (id=568):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe8000000000000000000000000000aa14000400ff0100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe8000000000000000000000000000aa14000400fe8800000000000000000000000000010c0002800500010000000000080007"], 0x98}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)={0x50, 0x2, 0x1, 0x3, 0x0, 0x0, {0xa, 0x0, 0x4}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x1}]}, @CTA_TUPLE_REPLY={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x8041}, 0x4000052)

18m35.350520385s ago: executing program 33 (id=2364):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000480)={0x0, 0x0, 0x1a}, 0x28)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)=@newqdisc={0x70, 0x24, 0xf0b, 0x70bd2c, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0x2}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xc9, 0xa, 0x502, 0x3, 0x1, 0x3, 0x8}}, {0x4}}]}, @qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x1c9e, 0x9, 0x7, 0x1, 0x2}}}}]}, 0x70}}, 0x4000010)

18m24.159139955s ago: executing program 34 (id=2413):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x21881e, &(0x7f00000000c0)={[{@mb_optimize_scan}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@noacl}]}, 0xff, 0x50f, &(0x7f0000000140)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOUCQqgSokeQtiHxRlHsOIqd0oQ9pGeuSFTiBEf+AG5IPSFx5ILgxqUckPgRgRokDoNmPMk6WbuJNokdxZ+PNJr35s36+32bnffWL4lfACPrdkTsR8RERLwbEbP59UJ+xFudI73vk4NHK4cHj1YKkSTv/LOQtafXouvPpG7lr1mOiO9/O+JHhSfjtnb3Npbr9dp2Xp9vN7bmW7t799Yby2u1tdpmtbq0uLTwxv3Xq5fW15caE3npix//Yf9rP0nTmsmvdPfjMnW6XjqOkxqPiO9eRbAhGMv7MzHsRHgqxYh4PiJezp7/2RjLvpoAwE2WJLORzHbXAYCbrpitgRWKlXwtYCaKxUqls4b3QkwX681W++7D5s7mametbC5KxYfr9dpCvlY4F6VCWl/Myo/r1VP1+xHxXET8bHIqq1dWmvXVYf7HBwBG2K1T8/9/JjvzPwBww5WHnQAAMHDmfwAYPeZ/ABg95n8AGD2d+X9q2GkAAAPk/T8AjB7zPwCMlO+9/XZ6JIf551+vvre7s9F8795qrbVRaeysVFaa21uVtWZzLfvMnsZZr1dvNrcWX4ud9+e+vtVqz7d29x40mjub7QfZ53o/qJWyu/YH0DMAoJ/nXvroz4V0Rn5zKjuiay+H0lAzA65acdgJAEMzNuwEgKGx2xeMrgu8x7c8ADdEjy16j/3+W0lS7vULQkmSJFebFnCF7nzO+j+Mqq71fz8FDCPG+j+MLuv/MLqSpHDePf/jvDcCANebNX6gz/f/n8/Pv86/OfDD1dN3fHiVWQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD1drT/byXfC3wmisVKJeKZiJiLUuHher22EBHPRsSfJkuTaX1xyDkDABdV/Fsh3//rzuyrMyeaXrx1XJyIiB//4p2fv7/cbm//MWKi8K/Jo+vtD/Pr1cFnDwCc7Wiezs5db+Q/OXi0cnQMMp+/fzMiyp34hwcTcXgcfzzGs3M5ShEx/e9CXu8odK1dXMT+BxHx2V79L8RMtgbS2fn0dPw09jMDjV88Eb+YtXXO6d/FZy4hFxg1H6Xjz1u9nr9i3M7OvZ//cjZCXVw+/qUvtXKYjYGP4x+Nf2N9xr/b543x2u++0ylNPdn2QcTnxyOOYh92jT9H8Qt94r96+sX6DIh/+cKLL/fLLfllxJ3oHb871ny7sTXf2t27t95YXqut1Tar1aXFpYU37r9enc/WqOf7zwb/ePPus/3a0v5P94lfPqP/X+4b8aRf/e/dH3zpU+J/9ZVe8YvxwqfET+fEr5wz/vL0b8r92tL4q336f9bX/+4543/8170ntg0HAIantbu3sVyv17b7Fn47ffY9CgoDKaT/ZK9BGj0L3xhUrIno3fTTVzrP9KmmJHmqWCfHicfvHC9j1Q24Do4f+oj477CTAQAAAAAAAAAAAAAAehrEbywNu48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcXP8PAAD//9140jY=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9, 0x84, 0x144}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000d40), 0x21800, r0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000800)={0x0, &(0x7f0000000840)=""/121, &(0x7f0000000680), &(0x7f0000000540), 0x6c, r0}, 0x38)

16m15.738927073s ago: executing program 35 (id=2972):
syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x1954, 0x300, 0x4}, 0x0, 0x0, &(0x7f0000000000))
eventfd(0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
socket$inet6(0xa, 0x80803, 0x87)
syz_emit_ethernet(0x5e, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00282b00fe800000000000000000000000000000fe8000000000000000000000000000aa87"], 0x0)

15m7.588040639s ago: executing program 36 (id=3227):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000240), 0x20000, 0x0)
ioctl$EVIOCGLED(r1, 0x80284504, &(0x7f0000000000)=""/52)

13m58.15840275s ago: executing program 37 (id=3417):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000580)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f00000004c0)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000500)='batadv0\x00', 0x10)
sendto$inet6(r0, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd)

12m33.61006758s ago: executing program 38 (id=3629):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYBLOB="0300"], 0x9)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000900)=[@in6={0xa, 0x4e23, 0x3f, @loopback, 0x5}], 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000580)={0x0, 0x3}, 0x8)

12m9.516160846s ago: executing program 39 (id=3746):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x10000, &(0x7f00000002c0)={[{@usrjquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x3}}, {}, {@quota}, {@bsdgroups}, {@dioread_nolock}]}, 0x1, 0x50a, &(0x7f0000000e80)="$eJzs3M9vVNUeAPDvnXZoC49HH49HQh/vvQLP2JjYQkFh4QYTExeaGHEhy6YdSGUAQ7sQ0siQGFyTuDcujTtN3OrSuPIPwIULE0NClA1gYjLmztw7nc6PzrTW1rafTzJwzp17z7nfuefMnHtP7w1g1xpP/0ki/hYR9yPiQD27coXx+n9PHi3NPn20NBuVavXCz0ltvcdpPpNvty/LTBQiCh8kLQXWLdy8dWWmXC7diEotP7V49d2phZu3np+/OnO5dLl0bfrcuTOnT519cfqFFWVHxHDPoDrUl8b1eOz960ePvHrx3uuzg62FNcfRVb7VL5Weq0b+2XbxTHN5O8D+pnTSHtftTd0Z+jacNcNi2v+XyscvbvUOAZumWq1Wh7q/Xam2utO2BNi2ktjqPQC2Rv5Dn57/5q/6kuJmDD+23MPz9ROgx4+WqrdjcPZJI/7BKGTrFFvOb1OrjJnWZDwi3q78+nH6itWuQ/ywQRUCALve1+ezYWASLeO/QhxuWu/v2RzKaET8IyIORsQ/I+JQRPwrYsW6KyQR1VXqP9S6oFH/F9ksQuHBemPrRzr+eymb28pfWb35KqMDWW5/RD5gLp3MPpOJKA5dmi+XTnUpf0+P+pvHf+krrT8fC2b78WCwZbA5N7M4s75o2z28EzE22Bp/MpgeuHwaJ4mIIxExtoZyR5vS8899erSRaTmt6B1/TbXDlN6GzJ9VP4l4tn78K9GIf2TFJGLSPD9ZaJufnBqOcunkVNoKTnbcyW+/u/tGt/p7xv/lj62bvHL2qwt/PPBMevz3NrX/yOdvl+MfTSKSxnztQkR1YG113P3+w1q54yfa31tv+9+TvFVL5/3rvZnFxRunIvYkr7Uvn17eNs/n66fxT5zo3P8PZtukn8S/IyJtxP+JiP9GDOT7fiwijkdEh9Aavnn5/+90e6/P9v+nSeOf6/j9l2TtoHb8l+fr+0zk5adLBq4cu/90rPPEfRb/gdWP/5laaiJb0vn7L1nxFdHvnm7ARwgAAAB/eYWo/e1/YbKRLhQmJ+vXgA7F3kL5+sLi/yLi2lz9HoHRKBYuzZdL+QW50Sgm+fXP0ab8dEv+dHbd+KOBkVp+cvZ6eW6rg4ddbl+tzydt/T/10xqv8wLb0A66Dw1Yo179//C9TdoRYNP5/Yfdq6n/d3uyRcVfysDO5Pcfdq9O/f92fLbqvQu+M2D7q+rLsKut3v97P28T2L4G481Gunbbc8e7bYGdqPvvvzMD2MF63yQ/tOZ7/5cT1aHObw1HhycGDK+rip6JkQ51bUkiHVltYIHFiOhv5ZH1VJEPAbs/4aGwtgKHov2tgVhtq6TzcxwiotJ1q/RT6bk/lw/32/hLN5Kn9Qdl9ggwfybKRjebz5f7abHPw90l8Vu/zc/5PgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsKP8HgAA//87jdA6")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpuset.effective_mems\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
getitimer(0x2, &(0x7f0000000080))

8m31.055979646s ago: executing program 40 (id=4687):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x9)
r1 = accept4(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r1)

6m6.748189614s ago: executing program 41 (id=5187):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000d0"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0xb, 0xb9, 0x10001, 0x9, 0x1}, 0x50)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10002, 0x9, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000040), &(0x7f0000000440)=""/183}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000340)={r0, &(0x7f0000000040)}, 0x20)

4m38.064855844s ago: executing program 0 (id=5545):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000001a0001ff"], 0x38}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2000001, 0x12, r0, 0x0)
r1 = socket(0x15, 0x5, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
recvmsg(r1, &(0x7f0000001500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x407006}, 0x104)

4m37.468430005s ago: executing program 0 (id=5547):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000001435010026bd0c333c84df250a4022fe", @ANYRES32, @ANYBLOB="140006000000000005"], 0x40}, 0x1, 0x0, 0x0, 0x811}, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000c80)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000000)=@ipv4_newaddr={0x40, 0x14, 0x509, 0x70bd27, 0x25dfdbfc, {0x2, 0x1f, 0x0, 0xff, r2}, [@IFA_BROADCAST={0x8, 0x4, @rand_addr=0x64010104}, @IFA_FLAGS={0x8, 0x8, 0x100}, @IFA_LOCAL={0x8, 0x2, @rand_addr=0x64010100}, @IFA_ADDRESS={0x8, 0x1, @local}, @IFA_RT_PRIORITY={0x8, 0x9, 0x3}]}, 0x40}, 0x1, 0x0, 0x0, 0x4040014}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="1800"], 0x18}}, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

4m34.695960475s ago: executing program 0 (id=5551):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000e07b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000380)}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x28}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000600)="c9f7b98600"/14, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4m33.681230634s ago: executing program 0 (id=5554):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='.\x00', 0x0, 0x8b7848, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000100)='./file0\x00', 0x0, 0xa9f842, 0x0)
mount$bpf(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x84000, 0x0)

4m33.396288899s ago: executing program 0 (id=5557):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x88040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r2, 0x6)
openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x2080c2, 0x84)
close_range(r0, 0xffffffffffffffff, 0x0)

4m30.727961209s ago: executing program 0 (id=5575):
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="01"], 0x1, 0x234, &(0x7f0000000300)="$eJzs3c9q1FAUB+BjO22HbuxaXAREcDWobxCkghgQRrLQlYHqphUh3URX8xg+g4/kYxSE7iJOhvnnqAsdr2O+D4Z74DeBcze5WdybvLr99vzs3eWb9vPHGA6zGERM4jriJPZiPzo3ZuPetD6MZZMAAHbNeFzlqXtgu+o6rw4i4ui7pPyUpCEAAAAAAAAAAAB+m/3/ANA/9v///+o6r45nz2+r7P8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0rlu25vtT36p+wMA/jzrPwD0j/UfAPrH+g8A/fP8xcuneVGcjrNsGHE1acqm7MYuf/ykOL2fTZ0srrpqmnJ/nj/o8mw1P4jjWf5wY34Y9+50+bfs0bNiLT+Ks+1PHwAAAAAAAAAAAAAAAAAAAP4Jo2xu4/n+0ehHeVctvR9g7fz+IG4N/to0AAAAAAAAAAAAAAAAAAAAYKddvv9wXl1cvK4VCkVPii93I371n9R3JgAAAAAAAAAAAAAAAAAA6J/Fod/UnQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAOovv/2+vSD1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoB++BgAA///ihJM0")
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x82)
fchdir(r1)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

4m30.115830249s ago: executing program 42 (id=5575):
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x4, &(0x7f00000001c0)=ANY=[@ANYBLOB="01"], 0x1, 0x234, &(0x7f0000000300)="$eJzs3c9q1FAUB+BjO22HbuxaXAREcDWobxCkghgQRrLQlYHqphUh3URX8xg+g4/kYxSE7iJOhvnnqAsdr2O+D4Z74DeBcze5WdybvLr99vzs3eWb9vPHGA6zGERM4jriJPZiPzo3ZuPetD6MZZMAAHbNeFzlqXtgu+o6rw4i4ui7pPyUpCEAAAAAAAAAAAB+m/3/ANA/9v///+o6r45nz2+r7P8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0rlu25vtT36p+wMA/jzrPwD0j/UfAPrH+g8A/fP8xcuneVGcjrNsGHE1acqm7MYuf/ykOL2fTZ0srrpqmnJ/nj/o8mw1P4jjWf5wY34Y9+50+bfs0bNiLT+Ks+1PHwAAAAAAAAAAAAAAAAAAAP4Jo2xu4/n+0ehHeVctvR9g7fz+IG4N/to0AAAAAAAAAAAAAAAAAAAAYKddvv9wXl1cvK4VCkVPii93I371n9R3JgAAAAAAAAAAAAAAAAAA6J/Fod/UnQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAOovv/2+vSD1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoB++BgAA///ihJM0")
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x82)
fchdir(r1)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

4m23.076272887s ago: executing program 1 (id=5604):
memfd_create(&(0x7f0000000180)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2>\xa1\x9c\x86x\x1c\x9f\x97\x87\xd9c\xecR\xd6\xe8\xf3Y\x121p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xb0\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\b`\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fX\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb8\x85\x90\xb7\x1b0\xce\xd7!\x06D\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \xe2\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\x98\v\x00\x00\x00\x00\x00\x00>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2t\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xaf\tC\x1cq\xaa\x92,Li\r\x95Z\x89\"\xaf]\x95\xb9b_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa58\xf5\x18x\xc9\xb9\x03\t\x06\x96gf5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0;\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b\x8f\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca`<_}\'\xce\x81\xb3O\xae\xa1\xbfwcN,\xf2#\x16\xc4\xad\a&\xb1U\x83w\xd0K\xaa\xdf\x84\xe5\xe4\xdb\xa3G(\x7fv\x93\xb8m\x96\xd89Kb\xa9\x852\xb9\xcaG\x8b\x11\x16\x16\xeeI\x14\xcb\xe4\x9a\x1e\xb6^\xa3\xaa^N\x8c\xd6r\x8bC\xdc\xcfo\xfb\xd6<\xa2\xc6\xbdj\xc4\xb1B\xf3S}\xfeI\xe2e\xec}o\xcfB\xa6\x877\'\x80\x82\t\xec\xc1&\xb8\xa9\x82&\xb8XQ8M@\xaa\x1f\vj\x9aW\xec\x92\x19\xdb^\x9d\x94\x87-&\x00/z\xa2\xd7\x01\\\t\xae~\xed\no\x1a\x9cKG^+\xc9\xe0v\xc0\x00\x00\x00\x00\xdd\xdf\xf9\x01\x91\xe5\to[\x97\xbe\x110\x93\x14\xf8\x8a\x8d\xeb\t\xe7?/C\xaa\xd9\xc4\xc9\xbe\x12\xed\xb3*f\xd1J\x14\x80Iy', 0x0)
io_uring_setup(0x3e1, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000480)={{{@in6=@mcast2, @in=@private=0xa010100, 0x0, 0x0, 0x4e21, 0x0, 0x2}, {0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9c0, 0x3}, {0xffffbffffffffffc, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in=@empty, 0x4d3, 0x3c}, 0xa, @in=@multicast2, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x4000000, 0x1}}, 0xe8)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)

4m22.409062145s ago: executing program 1 (id=5607):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f0000000200)='m', 0x1)
r1 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x801)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0)
close(r0)

4m22.292417085s ago: executing program 1 (id=5608):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x100000b3, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x1}]}, 0x10)
bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e20, 0x1, @empty, 0x8}, 0x1c)

4m22.167985092s ago: executing program 1 (id=5610):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x103011, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2000c12, &(0x7f00000007c0)=ANY=[@ANYBLOB='hide,dmode=0x0000000000000009,session=0x0000000000000023,utf8,map=acorn,check=strict,mode=0x00000000000000c9,cruft,map=off,check=strict,overriderockperm,block=0x0000000000000200,cruft,nocompress,cruft,session=0x000000000000002e,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c7362736563746f723d3078303030303030303030303030303004332c0091386ba63f775915b6b981669f99a6758fc6130e2e181f4e5ed46c0b97ee8c6ce2d08017924dd527144bf683e31335a3b7f24e5a1a93da15e92a08550215ecc4070da2db21d6ac07dadb5cb173d0b41818198ff783f10620b9875eeda06e2edde06600000000"], 0x1, 0xa2f, &(0x7f00000018c0)="$eJzs3c1vXFdfB/DvHduJH/chydOGUqK2nqQkdVvj2A5NiLooiT1JXPyCbEdqxKIpjYOiGAotSG2F1FRCrFqBBGIBu4oVq0rdUBaoGwQ7umKBhPovVKzCyujOjO2xPeNxjGO76edjzcx9+d1zfnfuy/HM3JkTflxWjm8YW1mp33Y5fvMf9yFjDrGrk99/+dUX5e2zBzmSnrxe/FPSn6Sa9CZ5LumbmJyfm+lS0P3kdpJvkyLJ0TQed+R2ir/Mz9fHv03x92W9HR3Zacl0s8JP2kHvfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcBgVE5Ojo2PFkUzN3ny72pBUt5iYnJ8rsrKydc7qMg3f1Hv9Lr7pWm9SlLf096929f3cyfXZzyapnsnzjbHn6x2Spz+fPPXsiTee6a2sLt8pm/+Xozsv9sOPP7n/7vLy0gdt5xbFHmZ1yDT2keu12amFuamZK9dr1amFuerlixdHz9+4tlC9NjVdW7i1sFibqU7M164szs1XhyZeqY5dvnyhWhu5NXdz9vrkyHRtdeKlXx8fHb1YfWvkd2pX5hfmZs+/NbIwcWNqenpq9no9ppxdxlwqd8TfnlqsLtauzFSrd+8tL13YlFlPNu2/ZdBYt/Upg8a7BY2Pjo+PjY2Pj33W7D17bcLF1y+/fml0tHd0k2yJeEw7LYfLzzpv5r0/icMuVRrtfzKdqczmZt5Ote3fRCYzn7nMdJjftNr+nz1f27batLT/zVa+t2X+qfLuTF5sjvZ3aP875LJ/fx/m43yS+3k3y1nOUj448Iz29+96apnNVBYyl6nM5Ep9SrU5pZrLuZiLGc07uZHBLKQ31zKV6dSykFtZyGJq9T1qIvOp5UoWM5f5VDOUibySasZyOZdzIdXUMpJbmcvNzOZ6JnOlXsrd3Ks/7xe2yXEtaGwnQePbBG1pzB+5/a9t/ueEJ1Bl2638GM7isDsrzfb/SPfQoYn9SAgAAADYc7/67zl28ul/+++kyAv1z+WvTU3XRg86LQAAAGAP1S/Xe7586CuHXkjh9T8AAAA8aYr6d+yKJAMZbAytfhPKmwAAAADwhKh//v9iisH1CV7/AwAAwBOm+2/sd40ohld//rd6p/F4pxnRGCsGrk1N10Ym5qbfGMu5+q8M1L9psKW0nqToq3/94NWcbkSdHmg8DqyXWNbZX0aNjbwxlldzprkiQy+VDy8NtYkcb0S+3Ih8uTWyJxsiL5SRAPCkO7NNe7zT9v/VDDcihk/Vm/zeUxva4J56yzqqZQWAw2Ktj53/bXZp1qb9b0a82Kn9/41tXv+XEU/n7mDjkoKRvJf3s5w7GU7zioPBdqWu9kbQuAxhuMu7AQPNSxa+u1TJ8Jb3A/rX1rU1dinjGW77jkBLucVqDhcacT2PZxsAwH47s207vNb+927X/g9v//q/pc11SSEAHAZrPdg/6sDgzoMPeh0BgI200gAAAAAAAAAAAAAAAAAAAAAAAAAAALD3dvQD/v9xLlleXkp221lAm4Hv/vWff6ljzOdPJf2PkuH2A5XsTc6Hf6AnyUHV/mYeealyGx+Wp87AxoEDPjEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwL4qkp930SnI0yWiS8/uf1ePz4KAT2CvV3S1WPMzDfJRje50OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBPXfP3/ytpPD7VmJTeSnI2ye0kv3vQOT6K/i7zH+5THofPH9TvW37/v5L0ZaVIb2Ozp+ibmJyfmyl3heJoOf/7L7/6orx1LPLT1YGtvSqUBZQ1bOhcollDy5S+jUv9or7UwOTSh/f/5P0/qk5ere+YVxevTU/OXJ//rfXAZ4uvG10gtHaDsJrvn539l79qmXykWfnX5Zq2t7nea/V6J7fW+yvtlu5Q7w7cW14aL2tarL29+Kd/WGmd9XROJy8NJUMba/r98tahptObn8+Nih+KvyiO5W9zu779y2ejWCnKTXS8vv4/u3tveWnkvfeX76zl9Om9j1oKOJHBJHc2HmVdchqsn0/aqu91lb6y1tF6UHl3skt522opcWz9ed2wDr+o7zIDj7QO1c7rUNfleW9mdGFzRivlQfLXf/xMzm27pY+2KfFclxrbKn4o/qu4kf/Mn7f0/1Ept//ZtD062xRRj2zZU1rnbTi8KmfX13y8dcY7m8vseFTyGHye38tvrm3/Ssv5v7mtOhw3a+ejN1smdjhuVg+tbY6Llhq3HBdN3Y6LrUfqPxzf0qKsqx9GJze1SM2zT6dlmnmebER1yPOX81rSe+qRziivdTmjdFt+t8f/3xVD+Z880P8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+BVJT7vpleRskhNJjpfj1WRlc8yDXdRXGSh2k+ae2U3OPz5FxxUtHuZhPsqx/c4IAAAAAAAAgMfj6uT3X371RXmrfx7fk1+rNOdUk94kJ4q/6ZuYnJ+b6VJQX3J79SP9/vYhHSbndnn38/Xxb8ux57rUd7CXDwDAj9r/BQAA//+CGm1g")

4m21.737509288s ago: executing program 1 (id=5611):
mkdir(&(0x7f0000000040)='./bus\x00', 0x49)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file1\x00', 0x42, 0x1ff)
linkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file1\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x1000)
unlinkat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file1\x00', 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file2\x00', 0x0)

4m20.077547281s ago: executing program 1 (id=5612):
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000340)='./file1\x00', 0x0, &(0x7f0000000040)={[{@space_cache_v1}, {@fragment_all}, {@noinode_cache}]}, 0xff, 0x50d4, &(0x7f00000051c0)="$eJzs3U+IVWUfB/Dnzjg6KDjXnbp48QW3wiQKRURDaFaYc82CosVMLYIQYVAwFy3EgpIWDgha4cJgWmR/nFVFC3GVBEEQBcEgzEKQdkIxGC6Ke8957pz7HO+5dyZ1TD+fmDnnOb/zPOeZy1nc783n3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhJNz585V1bdemTm7Y2DP1Us3T+w8NTE6H0KtdbyW1yeeeuaFNw5MPD8cO0zuz7b1erchs67zWWN1x8Fmv86f10IIQ8kAg/l292Bp1OLu4fKAlfZfXNh25NbeXTPHxg9dOLp5qvyn0zS80hNYKfl9dW3xXhpr/R5Izmi3C7dereMWzfqnN9w9+SMAgCUZbbQ27bej+Vvcdvt4Wk/aY0l7OmnHdwjTxcZyZOOu7jbPLWl9heY5lkWFNd3mWU/q+evfbjeSekjbnVFjCfPsPDWPNMPd5jmV1FdqngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3k6c/+eJ6VX3rlZmzOwb2XL1088TOUxOj8yHUW8drWbn2xMLcwqa3dj/63e4vP/6zPn5yMO8Xt6sKJ4ff4s5jIyG8Xqhci8P+vj6ERmeh1QwflQtvtnaejQUAAAAeJJtavwfa7SwODnW0a600WWv9F2Vhcf/FhW1Hbu3dNXNs/NCFo5unlj9eo8t4Y7cdr92uL/7UCsE4xt90vMV6PPVwaZxq6Yhpnn959MPtVf1L+b9enf/jKyf/AwAA8G/I/+k41Xrl//nPX91X1b+U/7d0XLKU/+OMY/4fCMvL/wAAAHA/u9v5f6w0TrVe+f/r9/edrupfyv+j/eX/VcVpx4M/xgkfHAlhtNfUAQAAgC7i/3df/Ggh5vXsk4M0r7+49fpQ1Xil/D/WX/6vHBQAAAC4p34488jfVfVS/m/0l//X3NVZAwAAAEvxv/cmD1TVS/l/sr/8vzbf5isfsk7fx3+FcHokhOHmzlRWuBKmn2wXAAAAgDsk5vSXvt18tOq8Uv6fqn7+f3zSQVz/3/H8v9L6/0Ihe+rf4x4MAAAAwMOovJ4/Ph4/++aCbt+/3+/6/09//nVD1fVL+f94f/l/sLi9k9//BwAAAMvwX/v+v1dK41Tr9fz/t9/dsLT8P91f/o/bdcU/73J8fd4ZCWFjcyd/muBn8XIHk8LsUKHQ0kh6HIg98sLsmkKhZSrpsX0khP83d44nhQ2xMJ0UbqzPC+eTwk+xkN8P7cJXSeFyvNPOrM+nmxa+iYV8gcVsXEGxrr0kIunxR7cezcJte8y1Lw4AAPBQieE5z7JDnc2QRtnZWq8T1vY6YaDXCYO9TliVnJCe2O14mOwsxON//TL+XKhQyv/n+8v/8aVYnW26rf8Pcf1//r2G7fX/k7FQTwqzsdBInxjQiNfIwu4H8Rr1Rt7jxsZ2AQAAAB5o8XOBwRWeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAPe/ceY8dVHw787PN61+vdDUHKQxYxL0N+ktdrOw7WLyCcVBEIpGQtov6DQtbYm9TxBhs/Co4s1RhUlCKEC66IQh+2RFSnEsgqbXmEEosqQVUtGoU2fziPpgWEKkGjFNclSiRX986c2bln9j78WNsbPh/Je8+933POzDn33vGcmblnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgt8PV373hy+3i7/jR1796U+8HXvjBbw6u/9I9ky+FMNV4vScL97zvzHNnrvvU7Ru+d/s3Hjk9fudDg3m5PB6W1v/05k8+F2v92bIQvt0TQn8aWDWSBQby5yOxvuUjIVwV5gJFiZnhrES64PDkUAhHwlygqOq7QyGMlAJ3PfPDJ75YTxweCuGdIYRauowXatkyhtLAysEsMJwGdvRngf89mykC3+nNAnDB4peh+NAfn2rOMD5/uRafv4GLtmKXV9q8vpgYb53vV7cu8EqVDKYvTF3Q21apjgVR+Xqc8G1bBN+2Sj8f8raVd6TyPZSzc6Fa6N06c+/mvbN74iu9YWKir1VNC/Q+n3pl/5ZzSS+az2FcgfGL8jm8//DNzw5+7I4XH3n98f2na19bfqGr2ap7F1ot5J+5RfM+RhttTxbB16+yl7TCTlcI4fSJk/vbxSvj//H24//4cY6PvU25Y62vjWZj8/jKSEy8PJqNzQEAAGDRWAxHTQdX/OtP29VXGf+v6O78fzzlnw/ms9aeCGFjI/HZsRCubbyeBR6Li/v4WAhvbaSmmgO3JoETIVzXSNxYVJWUWBJLrEgCvxjNAxuTwFMxMJUEHo2BQ0ngczFwPAlsiYETSeC2GAjbmtvx/0bzdnQdGIqB6awTj8erEH49GpeW9NVzRVUAAAAXST46HGh+WrrW4UIzxOHl8aFOGeIV2C0z1JIa0hFsMaxqWUN/pxp6O9VQtPtA++ZXau7pVHPlMoye5gz/c+qaHaGNyvh/sv34vzbPivRUzv+HyU2Nh5i7N4/MFhmmp5oyAAAAABfg9948vbldvDL+39jd9f/xmEhfKXM4GQ9DbB8LYbI5kFV7SzWQnfVemgcAAABgMSjOxxfnwrflj9kl2ul4upp/6hzzxxP/G+fNv+PH//J4u/WtjP+nurv+f7j5MVuJp+JafGUshCWlwI/iWtYDDSti4KX3Nwfy9j8VO+ALsar8woSiqi/EEtMxMJkEjrQq8XRR4trmQP5mFQv/bNGObXmJUgAAAAAuuXg4IJ6Xj9f/r/nbP3yyXbnK+H/63K7/b4yDK5f3zy4NYXV/CH3pDwNODmcTA8bASE+e+PvhrK6+tKqDwyHcUm9YWtV/5PP/96dzDP5kKKsqBq5927FXVtYTXx8KYXU58OxHj66vJ/YmgWLhvzsUwg311qYL/7sl2cIH0oU/vCSEt5QCRVVbloRQX9hgWtU/1PL7GKRVHa+FcHUpUFT1nloI+wIAi1X8v3Rr+cXd+x7cvnl2dmbXAibiQfyhcO+22ZmJLTtmt9ZarNPWZJ2b5jH6TLVN3d765vk4R9Hdx8a6SRc/FJwsLys/kF+5cjB/HneGBhrtXDvQ9HRd2uR3v726iFDalWrV5N4FbvJwuZK5N7FSf8w/GJaGJXt3z+ya+PTmPXt2rcn+dpt9bfY3nmfK+mpN2lfD861bFx+PltNlJc63r1aWK1m954Gdq3fve3DVtgc23zdz38wnNkyuW7vh5sn171ldb9Rk9rdDS1fOV3PS0rNHu2zWRWzp9f2lSi7FRkNCQmKxJQYH7jzVbvNTGf/vbD/+j1uduOHP52dodf5/PJ7mz16fO80/HQNHuj3/P97qbH5xYcCKJHAgBg44zQ8AAMAbQzwcGY9mxoPSB971wvvalauM/w909/v/izT/fzF1/YdaTfN/Yywx2Wr+/3Sa/2L+/wOt5v9Pp/kv5v8/chnm/99bBJIu+bX5/wEAgDeCSzf/f8fp/dMbBFQydJzeP71BQCVDx2n8u71BwDnP//83v1yzPrRRGf8f6m78b+J+AAAAuHJcc9sNP24Xr4z/j3Q3/r/08/+FVtf/r2gVmGo1MaD5/wAAAFikWs3/98xHdr6/XbnK+P94d+P/eNlFb1PuWOtro9mcdiGd0+7l0eInAwAAALA49IaJiYEu8zZNjHrr+S/zVJwKtE267NDnj53b7/9PdDf+b/pdxv2Hb3528GN3vPjaI68/vv907WvL587/AwAAAAun2+MSAAAAAAAAAAAAAADA5ffo1d+ad16AqPL7/7Cp8Xqr3//H+/413TTxTD4Z4IE4s/6XxkzzBwAAAAvroVtffTj+u+/Lf/Rf7fJWxv/j3Y3/4/0F8vvgZbfeOxHv//fZsRAat9YbzwKPxcV9fCyEtzZSU7FEdkO9D8USk1ngsThh4o2xxPRUc1VLYuB4EvjFaB44kQSeioH8KMWxeGPAPx4NYX0jtam5xM5YYjwJ3BkDK5LARAxMJoFlMbAxCfxyWR6YSgL/FAP5zQeLvvrWsryvAAAAzkU+zhpofhrScd7x/k4Zejpl6LiI4U4ZejtlqLXIEJ//dVyHgfJ8/HmG+NJAWutQUkslQ7wZ3vk3vZiu7+nmnGnByqL7YsHx5pwxw85/vukroY3K+H9Fd+P/y3j///Ru/htjYEUS2BkDG5PA9KY8cOSa5oD7/wMAAHBla3X//9G3/NWhduUq4//J7sb/8UDEm5tyx1o73/8/f37Xh7+5r7HKJ0dDeHs5sP3g9qvqiUdHQ3hXOfDE3Tc2Ru0H0xLff/G2n9cT96SBD65605l64r1JYDp20nVpIB5VObMsCcTu/UkaiP1xPA0M5oGHlmXt6En76j9Hsr7qSfvq1Eh2eUVP2lffHsmW0ZM28HASKBr4yTQQG3hHHuhN1+qbS7O1ioGRWPQvlhYXfQAAcGWKe4ED4d5tszOT6U94r+9vfoyabln+mWq1PV0u/vl4a/K7j411k+5L90VrRVUDoVZvwprK7mo5S0+jlRenlg5d9+YWTe50t/feFuVS59p1g61bNJS1aGLLjtmtAx0bvq5zlrX9HbOsqQx2yll6G13aRS1drEsXLeqyb7pY5fi8N0xM9CW5/n8MjocmnT4R3d6vr3yf/1afgnKeo5//91fb1VcZ/2/sbvwf27M0lD7On4u1/mxZCN/umTsaUQRWjWSB2NyRODxePhLCVaV+KErMDGclBpMFhyeHshHqYFrVd4eyYwzx+V3P/PCJL9YTh4dCeGfpvSqW8UItW8ZQGlg5mAWG08CO/iwQr/woAt/pzQJwwYqNQvxA5T91KYzPX67F5++Nck/QtHmVa6DmyTffNneh1NIX8muqCuf2tlWqY0FUvh4nfNsW47ct+LaVd6TyPZSzc6Fa6N06c+/mvbN74ivlPdmKBXqfy3up3aQvwufwwPmvbWe1dAUmk83H5Pzl5v8c9sTq7j9887ODH7vjxUdef3z/6drXlne9Gi3EgcKT//2mq8rdu9BqIf/MLbrtyZTtyWL8b2Dc2xZCOPTnQ59sF6+M/6e6G//3J48Nr8bO3D0WwrtLnXsydv/vjGXbwVIg20peXQ1kl9z/dLTllhMAAAAutuJwR3G8YFv+mP0gPB0nV/NPnWP+eLxi47z5u13v/U/+/mPt4pXx/3T78f+SZDWd/3f+nwXi/P+8rvRD0UvSFw5c0KHoSnUsCOf/53Wlf9uc/5+X8//O/8/H+f8OnP+f15X+tlX2knba6QohnL1+4OF28cr4f2d34//fsvn/09n8i/n/00n7i/n/p1vN/7+z1fz/B8z/DwAALKgWE82n47zK5PyVDOnk/JUMPUmGc7/FQMdp9M3/n87/f/DPbtkT2qiM/w90N/6PH4eR8tIXy/z/45talNi4qXl1i8ChGNjpjgEAAABcRvEAQbzovdsZJgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhYd7x6ZnO7+Dt+9PWv3tT7gRd+8JuD6790z+RLIWxrvN6ThXved+a5M9d96vYN37v9G4+cHr/zoVpebiB/XN6UO9b62mgIR0qvjMTEy6P1J3OBuz78zX399cTJ0RDeXg5sP7j9qnri0dEQ3lUOPHH3jdfUEwfTEt9/8baf1xP3pIEPrnrTmXrivXmgJ13dP12WrW5PurpfXBbCWClQrO79y5qrKpbxgTzQmy7jL0eyZcTASCz68Ei2jBiYjSW2LQlhdX8IfWlV/1jLqupLq/peLauqL63qD2oh3BJC6E+r+rfBrKr+tOVPD2ZVxcC1bzv2ysp64uhgCKvLgWc/enR9PbErCRQL/8hgCDfUPzLpwr81kC18IF34nwyE8JZSoKhqeiCE+sIG06pO9GdVDaZVfaM/hKtLgaKqm/pD2Be4XOKGZGv5xd37Hty+eXZ2ZtcCJgbzZQ2Fe7fNzkxs2TG7tZasUys9pfTZz5x/259/Zf+WRuLuY2PdpIv1miyvy9NTlRfLz/vzpwONdq4daHq6brE0ebhcydybWKk/5h8MS8OSvbtndk18evOePbvWZH+7zb42+9uXR7O+WrNY+mpluZLVex7YuXr3vgdXbXtg830z9818YsPkurUbbp5c/57V9UZNZn8vRkuPXvqWXt9fquRSbDQkJCQWW6K3aes2eaVvxys7+nMrOhBqjQ10ZVhRztLTaOXFaPSt59Ha3Lk2ujIkqbRoTWXgUMmytnOWdZUxw1yWoSxLY1+wMjgs19Tb6NL4vDdMTPS16ofx5qfl7v3VBXTvqdh1XaYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4P3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRs8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAoAAP//Qczu7Q==")
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0xfc40)
r0 = io_uring_setup(0x1b7f, &(0x7f0000000040)={0x0, 0x970, 0x1f480, 0x0, 0x39a})
syz_emit_ethernet(0x22, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa"], 0x0)
io_uring_enter(r0, 0x12a, 0xffffffdc, 0x17, 0x0, 0x0)

4m19.796838156s ago: executing program 43 (id=5612):
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000340)='./file1\x00', 0x0, &(0x7f0000000040)={[{@space_cache_v1}, {@fragment_all}, {@noinode_cache}]}, 0xff, 0x50d4, &(0x7f00000051c0)="$eJzs3U+IVWUfB/Dnzjg6KDjXnbp48QW3wiQKRURDaFaYc82CosVMLYIQYVAwFy3EgpIWDgha4cJgWmR/nFVFC3GVBEEQBcEgzEKQdkIxGC6Ke8957pz7HO+5dyZ1TD+fmDnnOb/zPOeZy1nc783n3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAhhJNz585V1bdemTm7Y2DP1Us3T+w8NTE6H0KtdbyW1yeeeuaFNw5MPD8cO0zuz7b1erchs67zWWN1x8Fmv86f10IIQ8kAg/l292Bp1OLu4fKAlfZfXNh25NbeXTPHxg9dOLp5qvyn0zS80hNYKfl9dW3xXhpr/R5Izmi3C7dereMWzfqnN9w9+SMAgCUZbbQ27bej+Vvcdvt4Wk/aY0l7OmnHdwjTxcZyZOOu7jbPLWl9heY5lkWFNd3mWU/q+evfbjeSekjbnVFjCfPsPDWPNMPd5jmV1FdqngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3k6c/+eJ6VX3rlZmzOwb2XL1088TOUxOj8yHUW8drWbn2xMLcwqa3dj/63e4vP/6zPn5yMO8Xt6sKJ4ff4s5jIyG8Xqhci8P+vj6ERmeh1QwflQtvtnaejQUAAAAeJJtavwfa7SwODnW0a600WWv9F2Vhcf/FhW1Hbu3dNXNs/NCFo5unlj9eo8t4Y7cdr92uL/7UCsE4xt90vMV6PPVwaZxq6Yhpnn959MPtVf1L+b9enf/jKyf/AwAA8G/I/+k41Xrl//nPX91X1b+U/7d0XLKU/+OMY/4fCMvL/wAAAHA/u9v5f6w0TrVe+f/r9/edrupfyv+j/eX/VcVpx4M/xgkfHAlhtNfUAQAAgC7i/3df/Ggh5vXsk4M0r7+49fpQ1Xil/D/WX/6vHBQAAAC4p34488jfVfVS/m/0l//X3NVZAwAAAEvxv/cmD1TVS/l/sr/8vzbf5isfsk7fx3+FcHokhOHmzlRWuBKmn2wXAAAAgDsk5vSXvt18tOq8Uv6fqn7+f3zSQVz/3/H8v9L6/0Ihe+rf4x4MAAAAwMOovJ4/Ph4/++aCbt+/3+/6/09//nVD1fVL+f94f/l/sLi9k9//BwAAAMvwX/v+v1dK41Tr9fz/t9/dsLT8P91f/o/bdcU/73J8fd4ZCWFjcyd/muBn8XIHk8LsUKHQ0kh6HIg98sLsmkKhZSrpsX0khP83d44nhQ2xMJ0UbqzPC+eTwk+xkN8P7cJXSeFyvNPOrM+nmxa+iYV8gcVsXEGxrr0kIunxR7cezcJte8y1Lw4AAPBQieE5z7JDnc2QRtnZWq8T1vY6YaDXCYO9TliVnJCe2O14mOwsxON//TL+XKhQyv/n+8v/8aVYnW26rf8Pcf1//r2G7fX/k7FQTwqzsdBInxjQiNfIwu4H8Rr1Rt7jxsZ2AQAAAB5o8XOBwRWeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAPe/ceY8dVHw787PN61+vdDUHKQxYxL0N+ktdrOw7WLyCcVBEIpGQtov6DQtbYm9TxBhs/Co4s1RhUlCKEC66IQh+2RFSnEsgqbXmEEosqQVUtGoU2fziPpgWEKkGjFNclSiRX986c2bln9j78WNsbPh/Je8+933POzDn33vGcmblnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgt8PV373hy+3i7/jR1796U+8HXvjBbw6u/9I9ky+FMNV4vScL97zvzHNnrvvU7Ru+d/s3Hjk9fudDg3m5PB6W1v/05k8+F2v92bIQvt0TQn8aWDWSBQby5yOxvuUjIVwV5gJFiZnhrES64PDkUAhHwlygqOq7QyGMlAJ3PfPDJ75YTxweCuGdIYRauowXatkyhtLAysEsMJwGdvRngf89mykC3+nNAnDB4peh+NAfn2rOMD5/uRafv4GLtmKXV9q8vpgYb53vV7cu8EqVDKYvTF3Q21apjgVR+Xqc8G1bBN+2Sj8f8raVd6TyPZSzc6Fa6N06c+/mvbN74iu9YWKir1VNC/Q+n3pl/5ZzSS+az2FcgfGL8jm8//DNzw5+7I4XH3n98f2na19bfqGr2ap7F1ot5J+5RfM+RhttTxbB16+yl7TCTlcI4fSJk/vbxSvj//H24//4cY6PvU25Y62vjWZj8/jKSEy8PJqNzQEAAGDRWAxHTQdX/OtP29VXGf+v6O78fzzlnw/ms9aeCGFjI/HZsRCubbyeBR6Li/v4WAhvbaSmmgO3JoETIVzXSNxYVJWUWBJLrEgCvxjNAxuTwFMxMJUEHo2BQ0ngczFwPAlsiYETSeC2GAjbmtvx/0bzdnQdGIqB6awTj8erEH49GpeW9NVzRVUAAAAXST46HGh+WrrW4UIzxOHl8aFOGeIV2C0z1JIa0hFsMaxqWUN/pxp6O9VQtPtA++ZXau7pVHPlMoye5gz/c+qaHaGNyvh/sv34vzbPivRUzv+HyU2Nh5i7N4/MFhmmp5oyAAAAABfg9948vbldvDL+39jd9f/xmEhfKXM4GQ9DbB8LYbI5kFV7SzWQnfVemgcAAABgMSjOxxfnwrflj9kl2ul4upp/6hzzxxP/G+fNv+PH//J4u/WtjP+nurv+f7j5MVuJp+JafGUshCWlwI/iWtYDDSti4KX3Nwfy9j8VO+ALsar8woSiqi/EEtMxMJkEjrQq8XRR4trmQP5mFQv/bNGObXmJUgAAAAAuuXg4IJ6Xj9f/r/nbP3yyXbnK+H/63K7/b4yDK5f3zy4NYXV/CH3pDwNODmcTA8bASE+e+PvhrK6+tKqDwyHcUm9YWtV/5PP/96dzDP5kKKsqBq5927FXVtYTXx8KYXU58OxHj66vJ/YmgWLhvzsUwg311qYL/7sl2cIH0oU/vCSEt5QCRVVbloRQX9hgWtU/1PL7GKRVHa+FcHUpUFT1nloI+wIAi1X8v3Rr+cXd+x7cvnl2dmbXAibiQfyhcO+22ZmJLTtmt9ZarNPWZJ2b5jH6TLVN3d765vk4R9Hdx8a6SRc/FJwsLys/kF+5cjB/HneGBhrtXDvQ9HRd2uR3v726iFDalWrV5N4FbvJwuZK5N7FSf8w/GJaGJXt3z+ya+PTmPXt2rcn+dpt9bfY3nmfK+mpN2lfD861bFx+PltNlJc63r1aWK1m954Gdq3fve3DVtgc23zdz38wnNkyuW7vh5sn171ldb9Rk9rdDS1fOV3PS0rNHu2zWRWzp9f2lSi7FRkNCQmKxJQYH7jzVbvNTGf/vbD/+j1uduOHP52dodf5/PJ7mz16fO80/HQNHuj3/P97qbH5xYcCKJHAgBg44zQ8AAMAbQzwcGY9mxoPSB971wvvalauM/w909/v/izT/fzF1/YdaTfN/Yywx2Wr+/3Sa/2L+/wOt5v9Pp/kv5v8/chnm/99bBJIu+bX5/wEAgDeCSzf/f8fp/dMbBFQydJzeP71BQCVDx2n8u71BwDnP//83v1yzPrRRGf8f6m78b+J+AAAAuHJcc9sNP24Xr4z/j3Q3/r/08/+FVtf/r2gVmGo1MaD5/wAAAFikWs3/98xHdr6/XbnK+P94d+P/eNlFb1PuWOtro9mcdiGd0+7l0eInAwAAALA49IaJiYEu8zZNjHrr+S/zVJwKtE267NDnj53b7/9PdDf+b/pdxv2Hb3528GN3vPjaI68/vv907WvL587/AwAAAAun2+MSAAAAAAAAAAAAAADA5ffo1d+ad16AqPL7/7Cp8Xqr3//H+/413TTxTD4Z4IE4s/6XxkzzBwAAAAvroVtffTj+u+/Lf/Rf7fJWxv/j3Y3/4/0F8vvgZbfeOxHv//fZsRAat9YbzwKPxcV9fCyEtzZSU7FEdkO9D8USk1ngsThh4o2xxPRUc1VLYuB4EvjFaB44kQSeioH8KMWxeGPAPx4NYX0jtam5xM5YYjwJ3BkDK5LARAxMJoFlMbAxCfxyWR6YSgL/FAP5zQeLvvrWsryvAAAAzkU+zhpofhrScd7x/k4Zejpl6LiI4U4ZejtlqLXIEJ//dVyHgfJ8/HmG+NJAWutQUkslQ7wZ3vk3vZiu7+nmnGnByqL7YsHx5pwxw85/vukroY3K+H9Fd+P/y3j///Ru/htjYEUS2BkDG5PA9KY8cOSa5oD7/wMAAHBla3X//9G3/NWhduUq4//J7sb/8UDEm5tyx1o73/8/f37Xh7+5r7HKJ0dDeHs5sP3g9qvqiUdHQ3hXOfDE3Tc2Ru0H0xLff/G2n9cT96SBD65605l64r1JYDp20nVpIB5VObMsCcTu/UkaiP1xPA0M5oGHlmXt6En76j9Hsr7qSfvq1Eh2eUVP2lffHsmW0ZM28HASKBr4yTQQG3hHHuhN1+qbS7O1ioGRWPQvlhYXfQAAcGWKe4ED4d5tszOT6U94r+9vfoyabln+mWq1PV0u/vl4a/K7j411k+5L90VrRVUDoVZvwprK7mo5S0+jlRenlg5d9+YWTe50t/feFuVS59p1g61bNJS1aGLLjtmtAx0bvq5zlrX9HbOsqQx2yll6G13aRS1drEsXLeqyb7pY5fi8N0xM9CW5/n8MjocmnT4R3d6vr3yf/1afgnKeo5//91fb1VcZ/2/sbvwf27M0lD7On4u1/mxZCN/umTsaUQRWjWSB2NyRODxePhLCVaV+KErMDGclBpMFhyeHshHqYFrVd4eyYwzx+V3P/PCJL9YTh4dCeGfpvSqW8UItW8ZQGlg5mAWG08CO/iwQr/woAt/pzQJwwYqNQvxA5T91KYzPX67F5++Nck/QtHmVa6DmyTffNneh1NIX8muqCuf2tlWqY0FUvh4nfNsW47ct+LaVd6TyPZSzc6Fa6N06c+/mvbN74ivlPdmKBXqfy3up3aQvwufwwPmvbWe1dAUmk83H5Pzl5v8c9sTq7j9887ODH7vjxUdef3z/6drXlne9Gi3EgcKT//2mq8rdu9BqIf/MLbrtyZTtyWL8b2Dc2xZCOPTnQ59sF6+M/6e6G//3J48Nr8bO3D0WwrtLnXsydv/vjGXbwVIg20peXQ1kl9z/dLTllhMAAAAutuJwR3G8YFv+mP0gPB0nV/NPnWP+eLxi47z5u13v/U/+/mPt4pXx/3T78f+SZDWd/3f+nwXi/P+8rvRD0UvSFw5c0KHoSnUsCOf/53Wlf9uc/5+X8//O/8/H+f8OnP+f15X+tlX2knba6QohnL1+4OF28cr4f2d34//fsvn/09n8i/n/00n7i/n/p1vN/7+z1fz/B8z/DwAALKgWE82n47zK5PyVDOnk/JUMPUmGc7/FQMdp9M3/n87/f/DPbtkT2qiM/w90N/6PH4eR8tIXy/z/45talNi4qXl1i8ChGNjpjgEAAABcRvEAQbzovdsZJgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhYd7x6ZnO7+Dt+9PWv3tT7gRd+8JuD6790z+RLIWxrvN6ThXved+a5M9d96vYN37v9G4+cHr/zoVpebiB/XN6UO9b62mgIR0qvjMTEy6P1J3OBuz78zX399cTJ0RDeXg5sP7j9qnri0dEQ3lUOPHH3jdfUEwfTEt9/8baf1xP3pIEPrnrTmXrivXmgJ13dP12WrW5PurpfXBbCWClQrO79y5qrKpbxgTzQmy7jL0eyZcTASCz68Ei2jBiYjSW2LQlhdX8IfWlV/1jLqupLq/peLauqL63qD2oh3BJC6E+r+rfBrKr+tOVPD2ZVxcC1bzv2ysp64uhgCKvLgWc/enR9PbErCRQL/8hgCDfUPzLpwr81kC18IF34nwyE8JZSoKhqeiCE+sIG06pO9GdVDaZVfaM/hKtLgaKqm/pD2Be4XOKGZGv5xd37Hty+eXZ2ZtcCJgbzZQ2Fe7fNzkxs2TG7tZasUys9pfTZz5x/259/Zf+WRuLuY2PdpIv1miyvy9NTlRfLz/vzpwONdq4daHq6brE0ebhcydybWKk/5h8MS8OSvbtndk18evOePbvWZH+7zb42+9uXR7O+WrNY+mpluZLVex7YuXr3vgdXbXtg830z9818YsPkurUbbp5c/57V9UZNZn8vRkuPXvqWXt9fquRSbDQkJCQWW6K3aes2eaVvxys7+nMrOhBqjQ10ZVhRztLTaOXFaPSt59Ha3Lk2ujIkqbRoTWXgUMmytnOWdZUxw1yWoSxLY1+wMjgs19Tb6NL4vDdMTPS16ofx5qfl7v3VBXTvqdh1XaYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4P3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRs8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXAoAAP//Qczu7Q==")
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0xfc40)
r0 = io_uring_setup(0x1b7f, &(0x7f0000000040)={0x0, 0x970, 0x1f480, 0x0, 0x39a})
syz_emit_ethernet(0x22, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa"], 0x0)
io_uring_enter(r0, 0x12a, 0xffffffdc, 0x17, 0x0, 0x0)

4m10.394682338s ago: executing program 2 (id=5638):
capset(&(0x7f0000000180)={0x20071026}, &(0x7f0000000040)={0x0, 0x7})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x200, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0)
r2 = dup2(r1, r0)
readv(r2, &(0x7f0000001400)=[{&(0x7f0000000040)=""/81, 0x51}], 0x1)

4m9.956436278s ago: executing program 2 (id=5639):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmmsg$unix(r1, &(0x7f0000003900)=[{{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000c80)=""/166, 0xa6}], 0x1}}, {{0x0, 0x0, &(0x7f0000003480)=[{&(0x7f0000000300)=""/47, 0x2f}, {&(0x7f0000002f40)=""/115, 0x73}, {&(0x7f0000002fc0)=""/241, 0xf1}, {&(0x7f00000030c0)=""/94, 0x5e}, {&(0x7f0000003140)=""/207, 0xcf}, {&(0x7f0000003240)=""/247, 0xf7}, {&(0x7f0000003340)=""/181, 0xb5}], 0x7}}], 0x2, 0x40000041, 0x0)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

4m9.889896459s ago: executing program 2 (id=5640):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000380)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf670000000000001507"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x94)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000100)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0xf0f, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1313b, 0xffffffffffffffff, 0x0, 0x0, &(0x7f00000003c0), 0x10, 0x8}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110c230000)
ioctl$TUNGETVNETLE(r0, 0x4010744d, &(0x7f0000000180))

4m9.285422965s ago: executing program 2 (id=5641):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)

4m9.215616863s ago: executing program 2 (id=5642):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c000000010401010000000000000000090002000500014001"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000010401010000000000000000000004000500010001"], 0x1c}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000040)={<r3=>0xffffffffffffffff, 0x0, 0x0, 0x8d5})
close_range(r3, 0xffffffffffffffff, 0x0)

4m8.419984469s ago: executing program 2 (id=5643):
r0 = fsopen(&(0x7f0000000200)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = landlock_create_ruleset(&(0x7f0000000040)={0x4905, 0x3}, 0x18, 0x0)
landlock_restrict_self(r2, 0x0)
open(&(0x7f0000000440)='./file1\x00', 0x84242, 0x1df2a23c5997faff)

4m8.216102856s ago: executing program 44 (id=5643):
r0 = fsopen(&(0x7f0000000200)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = landlock_create_ruleset(&(0x7f0000000040)={0x4905, 0x3}, 0x18, 0x0)
landlock_restrict_self(r2, 0x0)
open(&(0x7f0000000440)='./file1\x00', 0x84242, 0x1df2a23c5997faff)

2m41.044700991s ago: executing program 9 (id=5812):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
r1 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000d40)={0x14, 0x0, 0x400, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x400c000}, 0x1)
ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000200))

2m40.687022677s ago: executing program 9 (id=5816):
r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x81)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x16)
lseek(r2, 0x102, 0x0)
getdents(r2, 0x0, 0x416d)

2m39.907839685s ago: executing program 9 (id=5817):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442a, &(0x7f0000004480)="$eJzs3c9vVNUeAPBzb/seLQ94LY8FLzFxEkk0apqWlVoSSymUFioGhRg3w7QdoDrtkHZqXLCoOxJXJi6MC6KJu65IF27xT3DjEtckunBjQkKsmZk7be/tTDrWTivk80nonXt+z3znnjl3cTlxonJ7bik3t5QrLOTKMzeXTuc+KZeW54sh3icH3T/t6UScxP7gXDl34b3rp0P4Yfanx+vr6+uhqjs0NbTl9e+/3Z3ZemyIM3Wq7TZvba98GEI4sW1cVV0hhA++DyEKIZxN0kaTY28I4Vio512/+/mN3B6N5sGj4pn806l7a8OnJlfvr7V+71EIX5f+//qt+V9e6hr++dU96h4AAAAAAAAAAAAAAAAAgGfc+NUr194dHAoPo9C9Gm1/Xnc8ObZ6PnZ9z7zY1nifJKX/7vsGAAAAAAAAAAAAAAAAAACAf5LN5/9z0fEmz/+PJceRFvXX3+78GOmciXeujJ0fHEr2f4+25b+RJP16tiv0N9n3Pbv/+9lM/eb7v2/vZ7ca42v02xeieCB1HscDAyF8m2z8fjI6HJfKS5XXbpaXF2b3bBjPrHT867v3p6KTbOjfbvxHM+13fv///237NlXPb+zdV+y5lo5/V8ty330WtRX/c5l6+xF/di8d/+5aWu/WAiP1CaAa/y+6d47/WKb9TsX/WAghF1XHmkvNANU1TDW91XqFtHT8/1VLS02dyQfZ6vp/kon/+Uz7BzX/r2R/iGgqHf9/19J6UiU2r//+eOfr/0Km/YOIf3X8K37/25KO/6F6YneqSO2TbHf+H8+036n4X4uTcR6LUt+A1aie3ur/qyMtHf+ebfmb939xW+u/i5n6+3X/1+i3cf/XmP5fier3fzSXjn9vy3LtXv8TmXqdnv9Haus/disd/8O1tPTaua/2t934T2ba71T8a6uSnkb8N+eTPw7V07+x/mtLOv7/qSfGW0us1P7W1n/Rzuv/S5n2D2L9Vx3/StzZXp8X6fgfaVmuGv8f2/j9v5yp1/n4hzBorb9r6fgfbVmudv337Bz/qUy9Tsf/5U42DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAMGE2OfSGKB1LncTwwEMK55PxkOBxNF2bz06XyzMdLIYwl6blwPLpVKk8XSvm5hfJsMV8olcozIZxP8k+EnmipVK7k5wt3Lmy01RvdLhYWK9PFQiWEMJ6kvxCONtqanqvMF+6EEC5u5P03Li/euV1YyM/OLb41ODg4GCY2xtAfFT+tFBcq9d7ruSFMbtTti7YMrpZ9aWMsR6KPysuLC4VSLf3yljql8kyhtKXOVJL3ZeiPKovLCzOFSjFfKt9q9HeQRpLj2MTV969eHtqWfyOqH0f3d1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/EUPh9/8KoTQXT+LQwi5KHkRJf9SHjwqnsk/nbq3NnxqcvX+2uNmZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzSP0oDQRQH4DdjoaXHsFp2O9sVRbRwRfAEegwPo0fxEt7BIkXaFCGQzELYP7BNUn1f82B+zLwH8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACWe3zr3l/rJiLF1fYy4vfz7/84fy71+276/sUZZuR0nl66+4e6Kf+eRvltOVq1eZ9u1l8fMVF7P4M9Ge7TwbjP0Ny+zc3X972OlKuIaEt+k3KuqmVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCwAAAAAI87eOom8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0OnJ0Q=")
openat(r0, &(0x7f0000000040)='./file0\x00', 0x4b38c1, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
close(r1)

2m38.348267498s ago: executing program 9 (id=5822):
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x8)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
r0 = openat$userfaultfd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$USERFAULTFD_IOC_NEW(r0, 0xaa00)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000240))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001080)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x3})
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xf)

2m35.987741671s ago: executing program 9 (id=5831):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000140)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x10}, 0x1, 0x0, 0x0, 0x56f2be14c64fc14d}, 0x400c000)

2m34.652605412s ago: executing program 9 (id=5835):
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x20044a, &(0x7f0000000240)={[{@noblock_validity}, {@debug}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@inlinecrypt}, {@jqfmt_vfsv1}]}, 0x9, 0x454, &(0x7f0000000400)="$eJzs3M9vFFUcAPDvTH8gArYi/uCHWkVj44+WAioHD2o08YCJiR702LSFIIUaWhMhRMAYPBlj4t149F/wpBdjPJl41bshIYYL4GnM7M7Q3WV3oWWX0e7nkwy8N/OG97775u2+mbdLAANrIv8jidgaEX9ExFg921xgov7XtStn565fOTuXRJa9+3dSK3f1ytm5smh53pYiM5lGpJ8nsbtNvcunzxyfXVxcOFXkp1dOfDS9fPrMC8dOzB5dOLpwcv+hQwcPzLz80v4XexJn3qaruz5d2rPzrQ++fvvwl03xt8TRIxPdDj6dZT2urlrbGtLJcIUNYU2GIiLvrpHa+B+LoVjtvLF487NKGwf0VZZl2ZbOh89nwAaWRHPekIdBUX7Q5/e/5dY6CXi1f9OPyl1+rX4DlMd9rdhqB7IsO1eUGWm5v+2liYh4//w/3+Zb9Oc5BABAkx/z+c/z7eZ/aTzUUO6+Ym1oPCLuj4jtEfFAROyIiAcjamUfjohH1lh/6yLJzfOf9NK6ArtN+fzvlWJtq2n+F2lZZHyoyG2rxT+SHDm2uLCveE0mY2RTnp/pUsdPb/z+VadjjfO/fMvrL+eCRTsuDW9qPmd+dmX2TmJudPlCxK7hdvEnN1YCkojYGRG71lnHsWe/39Pp2K3j76IH60zZdxHP1Pv/fLTEX0q6r09O3xOLC/umy6viZr/+dvGdTvXfUfw9kPf/vW2v/xvxjyeN67XLa6/j4p9fdLynWe/1P5q8V0uPFvs+mV1ZOTUTMZocrje6cf/+1XPLfFk+j39yb/vxvz1WX4ndEZFfxI9GxGMR8XjR9ici4smI2Nsl/l9ef+rD9cffX3n882vq/9XEaLTuaZ8YOv7zD02Vjt8U//Xu/X+wlpos9tzO+9/ttGt9VzMAAAD8/6QRsTWSdOpGOk2npurfl98RkS4uLa88d2Tp45Pz9d8IjMdIWj7pGmt4HjpT3NbX8xciov7VgvL4geK58TdDm2v5qbmlxfmqg4cBt6XD+M/9NVR164C+G47YVHUbgGr4vSYMLuMfBpfxD4OrzfjfXEU7gLuv3ef/uQraAdx9LePfsh8MEPf/MLg6jv+N/D//ADU+/2EgLW+OW/9Ivmui/JfWefqGTcTIf6IZd57IkradG2nVDZPoZ6La9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBe+TcAAP//yinjzA==")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x1)
unlink(0x0)
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r0, &(0x7f0000000200)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

2m19.456820642s ago: executing program 45 (id=5835):
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x20044a, &(0x7f0000000240)={[{@noblock_validity}, {@debug}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@inlinecrypt}, {@jqfmt_vfsv1}]}, 0x9, 0x454, &(0x7f0000000400)="$eJzs3M9vFFUcAPDvTH8gArYi/uCHWkVj44+WAioHD2o08YCJiR702LSFIIUaWhMhRMAYPBlj4t149F/wpBdjPJl41bshIYYL4GnM7M7Q3WV3oWWX0e7nkwy8N/OG97775u2+mbdLAANrIv8jidgaEX9ExFg921xgov7XtStn565fOTuXRJa9+3dSK3f1ytm5smh53pYiM5lGpJ8nsbtNvcunzxyfXVxcOFXkp1dOfDS9fPrMC8dOzB5dOLpwcv+hQwcPzLz80v4XexJn3qaruz5d2rPzrQ++fvvwl03xt8TRIxPdDj6dZT2urlrbGtLJcIUNYU2GIiLvrpHa+B+LoVjtvLF487NKGwf0VZZl2ZbOh89nwAaWRHPekIdBUX7Q5/e/5dY6CXi1f9OPyl1+rX4DlMd9rdhqB7IsO1eUGWm5v+2liYh4//w/3+Zb9Oc5BABAkx/z+c/z7eZ/aTzUUO6+Ym1oPCLuj4jtEfFAROyIiAcjamUfjohH1lh/6yLJzfOf9NK6ArtN+fzvlWJtq2n+F2lZZHyoyG2rxT+SHDm2uLCveE0mY2RTnp/pUsdPb/z+VadjjfO/fMvrL+eCRTsuDW9qPmd+dmX2TmJudPlCxK7hdvEnN1YCkojYGRG71lnHsWe/39Pp2K3j76IH60zZdxHP1Pv/fLTEX0q6r09O3xOLC/umy6viZr/+dvGdTvXfUfw9kPf/vW2v/xvxjyeN67XLa6/j4p9fdLynWe/1P5q8V0uPFvs+mV1ZOTUTMZocrje6cf/+1XPLfFk+j39yb/vxvz1WX4ndEZFfxI9GxGMR8XjR9ici4smI2Nsl/l9ef+rD9cffX3n882vq/9XEaLTuaZ8YOv7zD02Vjt8U//Xu/X+wlpos9tzO+9/ttGt9VzMAAAD8/6QRsTWSdOpGOk2npurfl98RkS4uLa88d2Tp45Pz9d8IjMdIWj7pGmt4HjpT3NbX8xciov7VgvL4geK58TdDm2v5qbmlxfmqg4cBt6XD+M/9NVR164C+G47YVHUbgGr4vSYMLuMfBpfxD4OrzfjfXEU7gLuv3ef/uQraAdx9LePfsh8MEPf/MLg6jv+N/D//ADU+/2EgLW+OW/9Ivmui/JfWefqGTcTIf6IZd57IkradG2nVDZPoZ6La9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBe+TcAAP//yinjzA==")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x1)
unlink(0x0)
r0 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r0, &(0x7f0000000200)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

1m41.286366124s ago: executing program 4 (id=6010):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newlink={0x58, 0x10, 0x1, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, 0x14318}, [@IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}, @IFLA_AF_SPEC={0x24, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @dev={0xfe, 0x80, '\x00', 0x2c}}, @IFLA_INET6_ADDR_GEN_MODE={0x5, 0x8, 0x2}]}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000884}, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000500)='./file0\x00', 0x2200810, &(0x7f0000000080)=ANY=[@ANYRES64=0x0, @ANYRESHEX, @ANYRES8, @ANYRESHEX, @ANYRESDEC, @ANYRES64], 0x5, 0x25d, &(0x7f0000000f40)="$eJzs2s9rnEUcB+Dvm6a0pqQbf9uCOOhBvbw0OXtokBTEBUEboQrSt+aNLnndDXmXwIrYnBQ89ezJs3j0IAjSo5dc/As86CmXHHsQX0k2adMY0WKzG/R5Ljsw82HmnZkd5jBbr9z6aGV5MpaLfkxkWUxcjo24k8VMTMS+jXj5xWs/PvvWtXden2+3F95M6cr81dm5lNL5535495Nvnr/dP/f2t+e/PxObM+9tbc/9svnU5oWt369+2KlTp07dXj8V6Uav1y9uVGVa6tQreUq3qrKoy9Tp1uXaffXLVW91dZCK7tL01OpaWdep6A7SSjlI/V7qrw1S8UHR6aY8z9P0VPBvLH59p2liuzl9PZqmeeSrOHc7pn+OVmSPpuzxy9mT17OnN7IL203TGvdQORbW///twKF+NqL6fH1xfXH4O6yfX45OVFHGpWjFb7GzTfYMy1deay9cSrtm4rPq5l7+5vriqd38F/v52WjFzNH52WE+3Z8/E1MH+5/77rF44s/5X0+1F+aOzJ+Nl144kM+jFT+9H72oYil2svf6/3Q2pVffaB/KX9xtBwDwX5Onu468v+X5X9UP8w9wPzx0v5qMi5Pj/XYi6sHHK0VVlWsjKezsqX/QuDeC8WR7E/D3jZ+ZGNn8jKfw5ckYxjEVhudY3F3vh9zFQ/0Tnd7bkPsH4zinbgyHESN3b9HHPRIAAAAAAAAAAAAexKFHf63jeHI47m8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABOtj8CAAD//13bww4=")
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81800)
openat(0xffffffffffffff9c, &(0x7f0000000c80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40, 0x104)
syz_mount_image$msdos(&(0x7f0000000240), &(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1b1a469, &(0x7f0000000000)=ANY=[@ANYRESOCT, @ANYRES32, @ANYBLOB="41319d36b19da0f92c34d4161aedb4d9c117bb97d9a14da38deb4d799f7396c16e53eea9b38952392679dc9965aff692fc7a1de3490b4e22f3468c98ec62faff6c802527cda5cb48c5bc97b57252bea2f306513526e3e61d4e206934c90150ba2c325365d34a4866416a647a2022e5485163e3fad30730c80a46b63900f5dfdd845440d244a1e889fb14a29c06fcc85f976afbb0ce220bde0da45028db74413dd6a37b7b63c2b7a26169fc2a44d210bd17af7173aa72d2ad45542299334fe9576104e3e3e7d25997fe6c8bb5fa15b761725a39fedaf8d5533570ba136ac826592163351666324320c93c98c4", @ANYRES8], 0xb, 0x0, &(0x7f0000000b40))
renameat2(r1, &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r1, &(0x7f00000013c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1)

1m33.251999099s ago: executing program 4 (id=6036):
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/tcp\x00')
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000940)=[{0x6, 0xf8, 0x0, 0x3}]}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x39}}, 0x10)
sendto$inet(r1, &(0x7f0000000240)="6bb4", 0x2, 0xc0400c0, 0x0, 0x0)
pread64(r0, &(0x7f0000000000)=""/16, 0x9600, 0x3ff)

1m31.870198642s ago: executing program 4 (id=6027):
syz_open_dev$evdev(&(0x7f0000000200), 0x1, 0x80842)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff5000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

1m30.691472363s ago: executing program 4 (id=6030):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000200)='./file0/../file0/../file0/../file0\x00', &(0x7f00000001c0)='./file0\x00')

1m30.343942025s ago: executing program 4 (id=6032):
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21}, &(0x7f0000000300)=<r0=>0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
readv(r1, &(0x7f0000000000)=[{&(0x7f0000000400)=""/152, 0x98}], 0x1)

1m27.489050218s ago: executing program 4 (id=6044):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000180)=0x8, 0x4)
recvmmsg(r0, &(0x7f00000045c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/23, 0x17}, 0x5}], 0x1, 0x45833af92e4b39ff, 0x0)

1m26.638629715s ago: executing program 46 (id=6044):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000180)=0x8, 0x4)
recvmmsg(r0, &(0x7f00000045c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=""/23, 0x17}, 0x5}], 0x1, 0x45833af92e4b39ff, 0x0)

5.780065865s ago: executing program 7 (id=6329):
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@nbd={'/dev/nbd', 0x0}, 0xffffffffffffffff, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
unlink(&(0x7f0000000180)='./bus\x00')

5.421521208s ago: executing program 7 (id=6332):
sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="280320000a0014000000fbf719143baa111f43c851ffab286e16195ecf3d77", 0x1f, 0x840, 0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000280)={0x0, 0xb005}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'macvtap0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b031407e0ff640f020047540f68a13bb1000e00080008004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

4.892020677s ago: executing program 6 (id=6335):
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x2)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}]}})
read$FUSE(r0, &(0x7f0000004280)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000180)={0x50, 0x0, r1, {0x7, 0x2b, 0xfffffffd, 0x3008c00c, 0x0, 0xfffe, 0x6, 0xfffffffe, 0x0, 0x0, 0x1, 0x100}}, 0x50)
close(r0)
chown(&(0x7f0000000100)='./file0\x00', 0x0, r2)

4.725039471s ago: executing program 7 (id=6336):
mmap(&(0x7f0000826000/0x1000)=nil, 0x1000, 0x3000008, 0x8031, 0xffffffffffffffff, 0x12935000)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000540)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f00000060c0)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f0000000140)='@', 0x1}, {&(0x7f00000007c0)='y', 0x1}, {&(0x7f0000000340)="b9", 0x1}, {&(0x7f0000000940)="99", 0x1}, {&(0x7f00000008c0)='z', 0x1}, {&(0x7f00000009c0)='~', 0x1}, {&(0x7f0000000a00)='x', 0x1}, {&(0x7f0000000440)="06", 0x1}, {&(0x7f0000000580)='k', 0xffffffc6}, {&(0x7f00000006c0)="1d", 0x1}, {&(0x7f0000000800)='a', 0x1}, {&(0x7f0000000280)='$', 0x1}], 0xc}}, {{0x0, 0x0, &(0x7f00000035c0)=[{&(0x7f0000001040)="fc"}, {&(0x7f0000001080)="c9", 0x1}, {&(0x7f0000002180)='-', 0x1}, {&(0x7f0000002240)='R', 0x1}, {&(0x7f00000033c0)="c4", 0x1}], 0x5}}], 0x2, 0x4000000)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000000)=0x7fffffff, 0x4)

4.248463705s ago: executing program 3 (id=6337):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
r1 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r2, 0x2000009)
sendfile(r1, r2, 0x0, 0x20000000000006)

4.125670638s ago: executing program 6 (id=6338):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x108})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
syz_io_uring_setup(0x867, &(0x7f0000000140)={0x0, 0x9164, 0x1000, 0x1, 0x359}, &(0x7f00000002c0), &(0x7f0000ff4000), 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x14)
close_range(r0, r0, 0x0)

4.063566097s ago: executing program 5 (id=6339):
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000140)={'ip6_vti0\x00', &(0x7f00000001c0)={'syztnl1\x00', 0x0, 0x2f, 0x44, 0x4, 0x2, 0xa, @private1, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x11}}, 0x700, 0x700, 0x9f, 0x4}})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff1000/0x2000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@bloom_filter={0x1e, 0x0, 0x353, 0x6, 0x88c, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x3, 0xe}, 0x50)
r0 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'wlan1\x00', 0x0})
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

3.907517885s ago: executing program 7 (id=6340):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, 0x0, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
close(0x4)

3.776391139s ago: executing program 3 (id=6341):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000ac0)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000048c0)={r2, &(0x7f00000047c0), &(0x7f0000004880)=@udp=r0}, 0x20)
recvfrom$inet6(r0, 0x0, 0x0, 0x40010102, 0x0, 0x0)

3.649807339s ago: executing program 6 (id=6342):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0xffffffe1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1bc2, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0xa, 0x20002f9})
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
sendmsg(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)=';', 0x1}], 0x1, 0x0, 0x0, 0x2c}, 0x4000845)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

3.592575446s ago: executing program 8 (id=6343):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x480a8, 0x0, 0x21, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000300), &(0x7f0000000280)='./bus\x00', 0x3c9c9b, 0x0, 0x0, 0x0, &(0x7f0000000140))
mount$overlay(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x43, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0/file1\x00', 0x0, 0x81)
lsetxattr$security_ima(&(0x7f0000000080)='./file0/file1\x00', &(0x7f0000000200), &(0x7f0000000340)=ANY=[], 0x8, 0x2)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)

3.572771404s ago: executing program 5 (id=6344):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000000100)={0x1, 0x0, @ioapic={0x8082801, 0x5fa, 0x8, 0x1ff, 0x0, [{0x3, 0x9, 0x8, '\x00', 0xe}, {0x5, 0xb, 0x72, '\x00', 0x6}, {0xfe, 0x5, 0x9, '\x00', 0x5}, {0x81, 0x3, 0x8, '\x00', 0x5}, {0xb, 0x50, 0x7f, '\x00', 0x60}, {0x0, 0x0, 0x2}, {0x1, 0x9, 0x9, '\x00', 0xa}, {0xd, 0x7, 0xb, '\x00', 0x45}, {0x8, 0x5, 0x0, '\x00', 0xff}, {0x6, 0x3, 0x0, '\x00', 0x6}, {0x40, 0x4, 0x2, '\x00', 0xa3}, {0x8, 0x4, 0x19, '\x00', 0xff}, {0x3, 0x86, 0xa, '\x00', 0xf9}, {0x5, 0x4f, 0x2}, {0x64, 0x87, 0x96, '\x00', 0x7}, {0x6, 0x0, 0x23, '\x00', 0x7b}, {0x3, 0x7, 0xd1}, {0x68, 0x3, 0x2, '\x00', 0x3}, {0x8, 0x9e, 0xc0, '\x00', 0x2}, {0x3e, 0x48, 0x10, '\x00', 0x2}, {0x7, 0x1, 0x2, '\x00', 0x1}, {0x3, 0x7, 0x6, '\x00', 0x4}, {0x93, 0x9, 0x4, '\x00', 0xe6}, {0x3, 0xff, 0xe0, '\x00', 0x47}]}})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000100)={0x2, 0x0, @pic={0x0, 0x7, 0x5, 0x4, 0x0, 0x0, 0x4, 0xbb, 0x2, 0xc0, 0x6d, 0x26, 0x61, 0x7, 0x95, 0xd}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.460035104s ago: executing program 7 (id=6345):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc, 0x4000}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvfrom(r0, &(0x7f0000000140)=""/104, 0x68, 0x12020, 0x0, 0x0)
setsockopt$TIPC_MCAST_REPLICAST(r1, 0x10f, 0x86)

3.447972662s ago: executing program 3 (id=6346):
syz_mount_image$bfs(&(0x7f0000000040), &(0x7f0000000000)='./bus\x00', 0x98, &(0x7f00000004c0)=ANY=[], 0xff, 0xa4, &(0x7f00000000c0)="$eJzs0b+pAkEQB+C5e/C4A9EC7OFq0CKswBKMBEEsyFYswdTIwNTkZHFFuGDBQFH4Ptg/P4ZdBuZw3U9jHNFvI/q/eOiT1XoXJf/FKr+gzmeThj655/M8YhYRVaqn7bJZHvMaPF80xd9Hb+sbAAB4XTXIdXTdM53afGk/2RMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAN7kFAAD//z7jFwY=")
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
creat(&(0x7f0000000200)='./bus\x00', 0x84)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

3.210217308s ago: executing program 6 (id=6347):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0xd, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000fcffffff000000008000000085000000a800000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
keyctl$KEYCTL_WATCH_KEY(0x20, 0x0, 0xffffffffffffffff, 0x5b)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x3f00000000000000)

3.114021818s ago: executing program 8 (id=6348):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22}, 0x48)
r1 = socket(0x2c, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r2, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r1}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f0000000140), &(0x7f0000000080)=@udp=r1}, 0x20)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

2.809175897s ago: executing program 6 (id=6349):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
mremap(&(0x7f0000097000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f000013c000/0x3000)=nil)
mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil)
mremap(&(0x7f00003ef000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)

2.403200084s ago: executing program 7 (id=6350):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000002a00)={0x84, 0x0, 0x0, 0x0, &(0x7f0000002700)={0x20, 0x0, 0x4, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000940)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="200004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2.394150534s ago: executing program 8 (id=6351):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(r1, 0x0, 0x2, 0x0)
syz_open_procfs(r1, &(0x7f00000002c0)='fdinfo/3\x00')
syz_open_procfs(r1, &(0x7f0000000580)='net/snmp6\x00')

1.960014672s ago: executing program 3 (id=6352):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
write$fb(r0, &(0x7f0000000100)="732f64bd01d8958d", 0x8)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x40000, 0x19b)
write$binfmt_elf64(r0, &(0x7f0000000800)={{0x7f, 0x45, 0x4c, 0x46, 0x99, 0x7, 0x1, 0x3, 0x7, 0x2, 0x3, 0xf9, 0x360, 0x40, 0xd7, 0x4, 0x0, 0x38, 0x1, 0x5, 0xffff, 0x3}, [{0x1, 0x6, 0x71c6, 0xaf, 0x800, 0x3, 0x101, 0x7}]}, 0x78)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

1.959748116s ago: executing program 5 (id=6353):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$media(&(0x7f0000000040), 0x5, 0x16200)
socket$unix(0x1, 0x1, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448ca, 0x0)
bind$bt_hci(r1, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
close_range(r0, 0xffffffffffffffff, 0x0)

1.670049293s ago: executing program 8 (id=6354):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
r2 = epoll_create1(0x80000)
sendmmsg$unix(r1, &(0x7f0000006180)=[{{0x0, 0x0, &(0x7f0000000cc0)=[{&(0x7f00000006c0)='>', 0x1}], 0x1, 0x0, 0x0, 0x4008840}}], 0x1, 0x400c810)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000002c0)={0x10000018})

1.42675356s ago: executing program 8 (id=6355):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000080)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0x1, 0x4428, &(0x7f0000008940)="$eJzs3T9sG2UfAOD3Lvm+Jv3afknpUCQkLFEJBChKOgGpRJqmTZM2FBVaIRbXSdw24MRV4iCGDmGrxITEgBgqkNgyVRlYy8jIwlgmhkowsCAhVQTZPie5i62YKk5oeR6pOd/73/75Xr83XN84Ubk5t5SbW8oVFnLlmetLJ3MflUvL88UQ75H97p/2dCJOYr9/Lp05987VkyF8N/vjw/X19fVQ1R2aGtry+vffbs9sPTbEmTrVdpu3tlveDyEc2zauqq4QwnvfhhCFEE4naaPJsTeEcCTU867e/vRabpdGc+9B8VT+0dSdteETk6t311q/9yiEL0vPvnpj/pcXuoZ/enmXugcAAAAAAAAAAAAAAAAA4Ak3fvnSlbcHh8L9KHSvRtuf1x1Pjq2ej13fNc93/s0CAAAAAAAAAAAAAAAAAADAP9Tm8/+56GiT5//HkuNIi/rrb3Z+jHTOxFuXxs4ODiX7v0fb8l9Lkn493RX6m+z7nt3//XSmfvP937f387ga42v02xeieCB1HscDAyF8nWz8fjw6GJfKS5VXrpeXF2Z3bRhPrHT867v3p6KTbOi/U/x//r5ebjTTfuf3/39m27epen5t975iT7V0/Ltalvvmk6it6/9Mpt5exJ/Hl45/dy2td2uBkfoEUI3/Z907x38s036n4n8khJCLqmPNpWaA6hqmmt5qvUJaOv7/qaWlps7kg2x1/f+Rif/ZTPv7Nf+vZH+IaCod///W0npSJTav//545+v/XKb9/Yh/dfwrfv/bko7/gXpid6pI7ZNsd/4fz7TfqfhfiZNxHolS34DVqJ7e6v+rIy0d/55t+Zv3f3Fb67/zmfp7df/X6Ldx/9eY/l+K6vd/NJeOf2/Lcu1e/xOZep2e/0dq6z8eVzr+B2tp6bVzX+1vu/GfzLTfqfjXViU9jfhvzid/Hqinf2X915Z0/P9XT4y3llip/a2t/6Kd1/8XMu3vx/qvOv6VuLO9Pi3S8T/Uslw1/j+08ft/MVOv8/HfzdXEv086/odblqtd/z07x38qU6/T8X+xk40DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAFGk2NfiOKB1HkcDwyEcCY5Px4ORtOF2fx0qTzz4VIIY0l6LhyNbpTK04VSfm6hPFvMF0ql8kwIZ5P8Y6EnWiqVK/n5wq1zG231RjeLhcXKdLFQCSGMJ+nPhcONtqbnKvOFWyGE8xt5/4/Li7duFhbys3OLbwwODg6GiY0x9EfFjyvFhUq993puCJMbdfuiLYOrZV/YGMuh6IPy8uJCoVRLv7ilTqk8UyhtqTOV5H0e+qPK4vLCTKFSzJfKNxr97aeR5Dg2cfndyxeHtuVfi+rH0b0dFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/0/3h178IIXTXz+IQQi5KXkTJv5R7D4qn8o+m7qwNn5hcvbv2sFkZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgL/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwi79ozQQRHEAfjMWWnoMq2W3s11RRAtXBE+gx/AwehQv4R0sUqRNEQLJLIT9A9sk1fc1D+bHzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOUe37r317qJSHG1vYz4/fz7P86fS/2+m75/cYYZOZ2nl+7+oW7Kv6dRfluOVm3ep5v110dM1N7PYE+G+3Qw7jM0t29z8/V9ryPlKiLakt+knKtq2VsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI4dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCxAAAAAIAwf+so+jYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4FQAA//8KEyDQ")
openat(0xffffffffffffff9c, 0x0, 0x88040, 0x1a)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
setxattr$incfs_id(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0, 0x0)
removexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000200)=@known='user.incfs.id\x00')

954.2349ms ago: executing program 3 (id=6356):
socket(0x10, 0x803, 0x0)
epoll_create(0x2cd)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1d000000040000000900000022bf000000000004", @ANYRES32, @ANYBLOB="02"], 0x50)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

895.196929ms ago: executing program 5 (id=6357):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x18, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x9, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000001000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000680)={r1}, 0xc)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r2}, 0x8)

762.777534ms ago: executing program 5 (id=6358):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

202.215871ms ago: executing program 3 (id=6359):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000009c0)="ad56b6c5820fae9d6dcd3292ea54c7be8bbdadbb1632ea5704cae881ef915d374c90c200", 0x24)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000c00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@assoc={0x18, 0x117, 0x4, 0x10}, @op={0x18, 0x117, 0x3, 0x1}], 0x30, 0x40040}], 0x1, 0x8040)
sendmsg$RDMA_NLDEV_CMD_GET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x10, 0x1401, 0x400, 0x70bd25, 0x25dfdbff}, 0x10}}, 0x0)
recvmsg(r1, &(0x7f0000001600)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000480)=""/59, 0x3b}], 0x1}, 0x10002)

109.121508ms ago: executing program 8 (id=6360):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0xa, 0x1, 0x106)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c00000015000103000000000000e7ff0b00000008000100", @ANYRES32=r2], 0x1c}, 0x1, 0x0, 0x0, 0xc001}, 0x40800d0)

94.414674ms ago: executing program 6 (id=6361):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22}, 0x48)
r1 = socket(0x2c, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r2, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r1}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f0000000140), &(0x7f0000000080)=@udp=r1}, 0x20)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

0s ago: executing program 5 (id=6362):
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$cgroup_devices(r0, &(0x7f0000000000)=ANY=[], 0x9)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)
getdents(r1, &(0x7f00000005c0)=""/156, 0x9c)

kernel console output (not intermixed with test programs):

3910][ T5861] gspca_vc032x: I2c Bus Busy Wait 00
[ 1355.293921][ T5861] gspca_vc032x: I2c Bus Busy Wait 00
[ 1355.293931][ T5861] gspca_vc032x: I2c Bus Busy Wait 00
[ 1355.293942][ T5861] gspca_vc032x: I2c Bus Busy Wait 00
[ 1355.293952][ T5861] gspca_vc032x: I2c Bus Busy Wait 00
[ 1355.293962][ T5861] gspca_vc032x: I2c Bus Busy Wait 00
[ 1355.293972][ T5861] gspca_vc032x: I2c Bus Busy Wait 00
[ 1355.293982][ T5861] gspca_vc032x: I2c Bus Busy Wait 00
[ 1355.293992][ T5861] gspca_vc032x: I2c Bus Busy Wait 00
[ 1355.294003][ T5861] gspca_vc032x: I2c Bus Busy Wait 00
[ 1355.294014][ T5861] gspca_vc032x: I2c Bus Busy Wait 00
[ 1355.294024][ T5861] gspca_vc032x: Unknown sensor...
[ 1355.294111][ T5861] vc032x 7-1:0.0: probe with driver vc032x failed with error -22
[ 1355.518877][ T5861] usb 7-1: USB disconnect, device number 3
[ 1357.212872][T24926] loop6: detected capacity change from 0 to 256
[ 1357.434570][T24926] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1357.961762][   T37] kernel write not supported for file bpf-prog (pid: 37 comm: kworker/1:1)
[ 1358.877055][ T5749] usb 5-1: new full-speed USB device number 25 using dummy_hcd
[ 1359.043448][ T5749] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1359.043482][ T5749] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1359.043505][ T5749] usb 5-1: Product: syz
[ 1359.043521][ T5749] usb 5-1: Manufacturer: syz
[ 1359.043542][ T5749] usb 5-1: SerialNumber: syz
[ 1359.102530][ T5749] usb 5-1: config 0 descriptor??
[ 1359.317300][ T5749] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1359.669046][T24969] loop9: detected capacity change from 0 to 1024
[ 1359.915275][T24969] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1359.915437][T24969] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1360.010903][T24969] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5683: bg 0: block 112: padding at end of block bitmap is not set
[ 1360.241438][ T5749] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[ 1360.286584][   T38] audit: type=1800 audit(2000000152.030:418): pid=24969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.5683" name="file1" dev="loop9" ino=15 res=0 errno=0
[ 1360.322910][T24969] EXT4-fs error (device loop9): ext4_map_blocks:833: inode #15: block 3: comm syz.9.5683: lblock 3 mapped to illegal pblock 3 (length 1)
[ 1360.358754][ T5749] usb 5-1: USB disconnect, device number 25
[ 1360.454438][T24969] EXT4-fs error (device loop9): ext4_ext_remove_space:2969: inode #15: comm syz.9.5683: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1360.512512][T24982] netlink: 'syz.6.5711': attribute type 1 has an invalid length.
[ 1360.512536][T24982] netlink: 'syz.6.5711': attribute type 4 has an invalid length.
[ 1360.512552][T24982] netlink: 9462 bytes leftover after parsing attributes in process `syz.6.5711'.
[ 1361.085749][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.478876][T24269] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[ 1361.948763][ T5749] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[ 1362.179750][ T5749] usb 5-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1362.179781][ T5749] usb 5-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1362.179804][ T5749] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1362.179855][ T5749] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1362.179882][ T5749] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1362.179912][ T5749] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1362.179955][ T5749] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1362.179979][ T5749] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1362.548313][ T5749] usb 5-1: config 0 descriptor??
[ 1362.549518][T25006] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1362.871006][ T5749] usblp 5-1:0.0: usblp0: USB Bidirectional printer dev 26 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1363.127055][    C0] usblp0: nonzero read bulk status received: -71
[ 1363.184307][ T5861] usb 5-1: USB disconnect, device number 26
[ 1364.662102][T25005] usblp0: removed
[ 1364.891795][T25071] loop4: detected capacity change from 0 to 64
[ 1364.982392][ T5861] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1365.153911][ T5861] usb 9-1: config 0 has an invalid interface number: 64 but max is 0
[ 1365.153939][ T5861] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1365.153960][ T5861] usb 9-1: config 0 has no interface number 0
[ 1365.160257][ T5861] usb 9-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[ 1365.160288][ T5861] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1365.160310][ T5861] usb 9-1: Product: syz
[ 1365.160325][ T5861] usb 9-1: Manufacturer: syz
[ 1365.160342][ T5861] usb 9-1: SerialNumber: syz
[ 1365.272218][ T5861] usb 9-1: config 0 descriptor??
[ 1365.309118][ T5861] uvcvideo 9-1:0.64: probe with driver uvcvideo failed with error -22
[ 1365.615561][T25085] netlink: 60 bytes leftover after parsing attributes in process `syz.8.5733'.
[ 1365.615592][T25085] netlink: 60 bytes leftover after parsing attributes in process `syz.8.5733'.
[ 1366.798277][T25106] loop9: detected capacity change from 0 to 32768
[ 1366.799525][T25106] btrfs: Deprecated parameter 'usebackuproot'
[ 1366.799549][T25106] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[ 1366.801779][T25106] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.5744 (25106)
[ 1366.878974][T25105] loop4: detected capacity change from 0 to 512
[ 1366.929807][T25105] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1366.945818][T25106] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1366.945853][T25106] BTRFS info (device loop9): using crc32c checksum algorithm
[ 1367.290548][T25108] loop6: detected capacity change from 0 to 32768
[ 1367.291755][T25108] btrfs: Deprecated parameter 'usebackuproot'
[ 1367.291777][T25108] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[ 1367.293673][T25108] BTRFS info: device /dev/loop6 (7:6) using temp-fsid 636af726-f713-4423-90b3-70c0cec95d93
[ 1367.293738][T25108] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.5745 (25108)
[ 1367.373923][T25108] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1367.373959][T25108] BTRFS info (device loop6): using crc32c checksum algorithm
[ 1367.707475][T15103] usb 9-1: USB disconnect, device number 2
[ 1367.879615][T17418] BTRFS warning (device loop6): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[ 1367.879761][T25108] BTRFS error (device loop6): failed to load root extent
[ 1367.879803][T25108] BTRFS warning (device loop6): try to load backup roots slot 1
[ 1367.887654][T22392] BTRFS warning (device loop6): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[ 1367.887814][T25108] BTRFS warning (device loop6): couldn't read tree root
[ 1367.887837][T25108] BTRFS warning (device loop6): try to load backup roots slot 2
[ 1367.968082][ T9633] BTRFS error (device loop6): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[ 1367.968194][T25108] BTRFS warning (device loop6): couldn't read tree root
[ 1367.968217][T25108] BTRFS warning (device loop6): try to load backup roots slot 3
[ 1368.027679][T25108] BTRFS info (device loop6): rebuilding free space tree
[ 1368.232491][ T1407] BTRFS warning (device loop9): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[ 1368.232605][T25106] BTRFS error (device loop9): failed to load root extent
[ 1368.232643][T25106] BTRFS warning (device loop9): try to load backup roots slot 1
[ 1368.243316][ T3182] BTRFS warning (device loop9): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[ 1368.253703][T25106] BTRFS warning (device loop9): couldn't read tree root
[ 1368.253731][T25106] BTRFS warning (device loop9): try to load backup roots slot 2
[ 1368.269086][T22392] BTRFS error (device loop9): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[ 1368.269284][T25106] BTRFS warning (device loop9): couldn't read tree root
[ 1368.269307][T25106] BTRFS warning (device loop9): try to load backup roots slot 3
[ 1368.401482][T25105] EXT4-fs (loop4): 1 truncate cleaned up
[ 1368.404835][T25105] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1368.440852][T25108] BTRFS info (device loop6): checking UUID tree
[ 1368.441813][T25108] BTRFS info (device loop6): enabling ssd optimizations
[ 1368.441837][T25108] BTRFS info (device loop6): using spread ssd allocation scheme
[ 1368.441855][T25108] BTRFS info (device loop6): turning on async discard
[ 1368.441874][T25108] BTRFS info (device loop6): enabling free space tree
[ 1368.441892][T25108] BTRFS info (device loop6): force clearing of disk cache
[ 1368.441911][T25108] BTRFS info (device loop6): enabling auto defrag
[ 1368.441927][T25108] BTRFS info (device loop6): trying to use backup root at mount time
[ 1368.441948][T25108] BTRFS info (device loop6): force zlib compression, level 3
[ 1368.568313][T25144] loop8: detected capacity change from 0 to 512
[ 1368.626479][T25106] BTRFS info (device loop9): rebuilding free space tree
[ 1368.816510][T25144] FAT-fs (loop8): Directory bread(block 199916) failed
[ 1368.816548][T25144] FAT-fs (loop8): Directory bread(block 199917) failed
[ 1368.816575][T25144] FAT-fs (loop8): Directory bread(block 199918) failed
[ 1368.816600][T25144] FAT-fs (loop8): Directory bread(block 199919) failed
[ 1368.816625][T25144] FAT-fs (loop8): Directory bread(block 199920) failed
[ 1368.853890][T25144] FAT-fs (loop8): Directory bread(block 199921) failed
[ 1368.853927][T25144] FAT-fs (loop8): Directory bread(block 199922) failed
[ 1368.853953][T25144] FAT-fs (loop8): Directory bread(block 199923) failed
[ 1369.222605][T24150] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1369.342188][T25106] BTRFS info (device loop9): checking UUID tree
[ 1369.345653][T25106] BTRFS info (device loop9): enabling ssd optimizations
[ 1369.345688][T25106] BTRFS info (device loop9): turning on async discard
[ 1369.345705][T25106] BTRFS info (device loop9): enabling free space tree
[ 1369.345723][T25106] BTRFS info (device loop9): force clearing of disk cache
[ 1369.345742][T25106] BTRFS info (device loop9): enabling auto defrag
[ 1369.345760][T25106] BTRFS info (device loop9): trying to use backup root at mount time
[ 1369.345779][T25106] BTRFS info (device loop9): use zstd compression, level 3
[ 1370.353189][T24269] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1370.816078][T25174] netlink: 28 bytes leftover after parsing attributes in process `syz.8.5756'.
[ 1370.861582][T24429] BTRFS info (device loop6): last unmount of filesystem 636af726-f713-4423-90b3-70c0cec95d93
[ 1371.594114][T25192] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5759'.
[ 1371.709193][T25192] netlink: 4 bytes leftover after parsing attributes in process `syz.8.5759'.
[ 1371.767083][T22392] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1371.810097][T22392] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1371.810149][T22392] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1371.810191][T22392] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1375.488160][T25255] netlink: 'syz.5.5776': attribute type 2 has an invalid length.
[ 1375.596797][ T5349] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[ 1375.777395][ T5349] usb 10-1: Using ep0 maxpacket: 8
[ 1375.817020][ T5349] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[ 1375.817080][ T5349] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1375.817106][ T5349] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1375.817133][ T5349] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1375.817159][ T5349] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1375.817202][ T5349] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1375.817226][ T5349] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1376.081516][ T5349] usb 10-1: usb_control_msg returned -32
[ 1376.081561][ T5349] usbtmc 10-1:16.0: can't read capabilities
[ 1376.833760][T25271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1376.834421][T25271] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1378.295647][ T1253] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[ 1378.469644][ T1253] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1378.469697][ T1253] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1024
[ 1378.469724][ T1253] usb 5-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1378.473344][ T1253] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1378.473376][ T1253] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1378.473399][ T1253] usb 5-1: Product: syz
[ 1378.473414][ T1253] usb 5-1: Manufacturer: syz
[ 1378.473429][ T1253] usb 5-1: SerialNumber: syz
[ 1378.727028][T25290] tmpfs: Unsupported parameter 'huge'
[ 1378.830993][T25282] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 1379.477309][T25282] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 1379.676441][T25303] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5788'.
[ 1379.693418][ T1253] cdc_ncm 5-1:1.0: bind() failure
[ 1379.730468][ T1253] cdc_ncm 5-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1379.737453][ T1253] cdc_mbim 5-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1379.749523][ T1253] usbtest 5-1:1.1: probe with driver usbtest failed with error -71
[ 1379.807101][ T1253] usb 5-1: USB disconnect, device number 27
[ 1381.696863][   T10] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1381.847554][   T10] usb 6-1: Using ep0 maxpacket: 8
[ 1381.850084][   T10] usb 6-1: config 0 has no interfaces?
[ 1381.853640][   T10] usb 6-1: New USB device found, idVendor=0b48, idProduct=1006, bcdDevice=c0.0a
[ 1381.853671][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1381.853694][   T10] usb 6-1: Product: syz
[ 1381.853711][   T10] usb 6-1: Manufacturer: syz
[ 1381.853728][   T10] usb 6-1: SerialNumber: syz
[ 1381.930333][   T10] usb 6-1: config 0 descriptor??
[ 1381.962049][T25271] usbtmc 10-1:16.0: usb_control_msg returned -110
[ 1382.080152][ T1253] usb 10-1: USB disconnect, device number 4
[ 1382.245581][T15103] usb 6-1: USB disconnect, device number 6
[ 1383.765549][ T1253] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1383.921322][ T1253] usb 9-1: Using ep0 maxpacket: 16
[ 1383.929065][ T1253] usb 9-1: config 0 has no interfaces?
[ 1383.962702][ T1253] usb 9-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1383.962734][ T1253] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1383.962756][ T1253] usb 9-1: Product: syz
[ 1383.962773][ T1253] usb 9-1: Manufacturer: syz
[ 1383.962789][ T1253] usb 9-1: SerialNumber: syz
[ 1384.043181][ T1253] usb 9-1: config 0 descriptor??
[ 1384.301776][ T5861] usb 9-1: USB disconnect, device number 3
[ 1384.438718][T25395] loop6: detected capacity change from 0 to 32768
[ 1384.440944][T25395] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.5815 (25395)
[ 1384.617757][T25395] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1384.617794][T25395] BTRFS info (device loop6): using sha256 checksum algorithm
[ 1385.098373][T25395] BTRFS info (device loop6): setting nodatasum
[ 1385.098403][T25395] BTRFS info (device loop6): enabling ssd optimizations
[ 1385.098424][T25395] BTRFS info (device loop6): turning on async discard
[ 1385.098442][T25395] BTRFS info (device loop6): enabling free space tree
[ 1385.338806][T25422] loop9: detected capacity change from 0 to 32768
[ 1385.474767][T25422] JBD2: Ignoring recovery information on journal
[ 1385.610768][T25422] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[ 1385.682911][   T38] audit: type=1800 audit(2000000177.420:419): pid=25395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.5815" name="file1" dev="loop6" ino=260 res=0 errno=0
[ 1386.196945][T25437] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5819'.
[ 1387.051783][T24269] ocfs2: Unmounting device (7,9) on (node local)
[ 1387.303873][T16556] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[ 1387.513877][T16556] usb 6-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 1387.513905][T16556] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1387.513924][T16556] usb 6-1: Product: syz
[ 1387.513937][T16556] usb 6-1: Manufacturer: syz
[ 1387.513949][T16556] usb 6-1: SerialNumber: syz
[ 1387.577433][T16556] usb 6-1: config 0 descriptor??
[ 1387.604499][T16556] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 1388.118330][T25467] FAULT_FLAG_ALLOW_RETRY missing 801
[ 1388.118359][T25467] CPU: 1 UID: 0 PID: 25467 Comm: syz.9.5822 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1388.118391][T25467] Tainted: [L]=SOFTLOCKUP
[ 1388.118399][T25467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1388.118413][T25467] Call Trace:
[ 1388.118422][T25467]  <TASK>
[ 1388.118433][T25467]  dump_stack_lvl+0xe8/0x150
[ 1388.118472][T25467]  handle_userfault+0x1517/0x17d0
[ 1388.118515][T25467]  ? __pfx___folio_put+0x10/0x10
[ 1388.118551][T25467]  ? __pfx_handle_userfault+0x10/0x10
[ 1388.118587][T25467]  ? do_pte_missing+0x26eb/0x2940
[ 1388.118639][T25467]  handle_mm_fault+0xdb5/0x14c0
[ 1388.118679][T25467]  ? handle_mm_fault+0xed/0x14c0
[ 1388.118712][T25467]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1388.118742][T25467]  ? follow_page_pte+0xbc8/0xe40
[ 1388.118782][T25467]  ? __pfx_follow_page_pte+0x10/0x10
[ 1388.118823][T25467]  __get_user_pages+0x168f/0x2570
[ 1388.118882][T25467]  populate_vma_page_range+0x2be/0x3c0
[ 1388.118912][T25467]  ? __pfx_populate_vma_page_range+0x10/0x10
[ 1388.118936][T25467]  ? vma_wants_writenotify+0xba/0x2d0
[ 1388.118965][T25467]  ? vma_set_page_prot+0xc3/0x100
[ 1388.118996][T25467]  mprotect_fixup+0x9e5/0xb60
[ 1388.119035][T25467]  ? __pfx_mprotect_fixup+0x10/0x10
[ 1388.119099][T25467]  ? apparmor_file_mprotect+0x1d0/0x400
[ 1388.119128][T25467]  ? security_file_mprotect+0x1a/0x290
[ 1388.119162][T25467]  do_mprotect_pkey+0x8d5/0xd20
[ 1388.119213][T25467]  ? __pfx_do_mprotect_pkey+0x10/0x10
[ 1388.119280][T25467]  ? rcu_is_watching+0x15/0xb0
[ 1388.119312][T25467]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1388.119338][T25467]  __x64_sys_mprotect+0x80/0x90
[ 1388.119375][T25467]  do_syscall_64+0x15f/0xf80
[ 1388.119407][T25467]  ? trace_irq_disable+0x3b/0x140
[ 1388.119440][T25467]  ? clear_bhb_loop+0x40/0x90
[ 1388.119469][T25467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1388.119492][T25467] RIP: 0033:0x7fd0d06dcdd9
[ 1388.119514][T25467] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1388.119534][T25467] RSP: 002b:00007fd0ce936028 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
[ 1388.119558][T25467] RAX: ffffffffffffffda RBX: 00007fd0d0955fa0 RCX: 00007fd0d06dcdd9
[ 1388.119577][T25467] RDX: 000000000000000f RSI: 0000000000004000 RDI: 0000200000ffc000
[ 1388.119592][T25467] RBP: 00007fd0d0772d69 R08: 0000000000000000 R09: 0000000000000000
[ 1388.119606][T25467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1388.119620][T25467] R13: 00007fd0d0956038 R14: 00007fd0d0955fa0 R15: 00007ffc2a8674f8
[ 1388.119656][T25467]  </TASK>
[ 1389.121521][T16556] gspca_stk1135: reg_w 0xf err -71
[ 1389.122602][T16556] gspca_stk1135: serial bus timeout: status=0x00
[ 1389.122617][T16556] gspca_stk1135: Sensor write failed
[ 1389.122651][T16556] gspca_stk1135: serial bus timeout: status=0x00
[ 1389.122662][T16556] gspca_stk1135: Sensor write failed
[ 1389.122695][T16556] gspca_stk1135: serial bus timeout: status=0x00
[ 1389.122705][T16556] gspca_stk1135: Sensor read failed
[ 1389.122736][T16556] gspca_stk1135: serial bus timeout: status=0x00
[ 1389.122746][T16556] gspca_stk1135: Sensor read failed
[ 1389.122753][T16556] gspca_stk1135: Detected sensor type unknown (0x0)
[ 1389.122794][T16556] gspca_stk1135: serial bus timeout: status=0x00
[ 1389.122805][T16556] gspca_stk1135: Sensor read failed
[ 1389.122837][T16556] gspca_stk1135: serial bus timeout: status=0x00
[ 1389.122847][T16556] gspca_stk1135: Sensor read failed
[ 1389.122879][T16556] gspca_stk1135: serial bus timeout: status=0x00
[ 1389.122889][T16556] gspca_stk1135: Sensor write failed
[ 1389.122923][T16556] gspca_stk1135: serial bus timeout: status=0x00
[ 1389.122933][T16556] gspca_stk1135: Sensor write failed
[ 1389.123035][T16556] stk1135 6-1:0.0: probe with driver stk1135 failed with error -71
[ 1389.293350][T16556] usb 6-1: USB disconnect, device number 7
[ 1389.713985][T24429] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1390.249121][T25488] loop9: detected capacity change from 0 to 512
[ 1390.252835][T25488] EXT4-fs: inline encryption not supported
[ 1390.296506][T25488] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1390.510038][T25488] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c018, mo2=0002]
[ 1390.687799][T25488] EXT4-fs (loop9): 1 truncate cleaned up
[ 1390.735428][T25488] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1391.417458][T25486] loop8: detected capacity change from 0 to 131072
[ 1391.477178][T25486] F2FS-fs (loop8): Test dummy encryption mode enabled
[ 1391.503095][T25486] F2FS-fs (loop8): invalid crc value
[ 1391.795026][T25486] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1391.852944][T25486] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[ 1392.703102][T25515] loop4: detected capacity change from 0 to 32768
[ 1392.893356][ T5749] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1392.941478][T25515] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1392.983357][T25515] XFS (loop4): Ending clean mount
[ 1393.100123][ T5749] usb 6-1: Using ep0 maxpacket: 32
[ 1393.116023][ T5749] usb 6-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[ 1393.116056][ T5749] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1393.116078][ T5749] usb 6-1: Product: syz
[ 1393.116094][ T5749] usb 6-1: Manufacturer: syz
[ 1393.116109][ T5749] usb 6-1: SerialNumber: syz
[ 1393.170411][ T5749] usb 6-1: config 0 descriptor??
[ 1393.744990][ T5749] RobotFuzz Open Source InterFace, OSIF 6-1:0.0: version d4.15 found at bus 006 address 008
[ 1393.926579][T24150] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1394.624903][ T5349] usb 6-1: USB disconnect, device number 8
[ 1395.674462][   T38] audit: type=1326 audit(2000000187.420:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25543 comm="syz.5.5845" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8346e5cdd9 code=0x0
[ 1396.317372][T25500] syz.9.5835 (25500): drop_caches: 2
[ 1396.839436][T25568] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5850'.
[ 1396.839460][T25568] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5850'.
[ 1398.224271][T25574] loop6: detected capacity change from 0 to 131072
[ 1398.236773][T25574] F2FS-fs (loop6): Test dummy encryption mode enabled
[ 1398.239410][T25574] F2FS-fs (loop6): invalid crc value
[ 1398.413515][T25574] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1398.506291][T25574] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[ 1399.009814][ T4930] Bluetooth: hci0: command 0x0406 tx timeout
[ 1400.696771][ T5861] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[ 1400.989229][ T5861] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1400.989266][ T5861] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1400.989307][ T5861] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[ 1400.989332][ T5861] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1401.105068][ T5861] usb 5-1: config 0 descriptor??
[ 1401.273518][T25626] netlink: 12 bytes leftover after parsing attributes in process `syz.8.5840'.
[ 1401.501532][T25628] bond1: (slave geneve2): Enslaving as an active interface with an up link
[ 1401.509133][ T9593] netdevsim netdevsim8 netdevsim0: set [1, 1] type 2 family 0 port 20004 - 0
[ 1401.509201][ T9593] netdevsim netdevsim8 netdevsim1: set [1, 1] type 2 family 0 port 20004 - 0
[ 1401.509290][ T9593] netdevsim netdevsim8 netdevsim2: set [1, 1] type 2 family 0 port 20004 - 0
[ 1401.509354][ T9593] netdevsim netdevsim8 netdevsim3: set [1, 1] type 2 family 0 port 20004 - 0
[ 1401.568736][ T5861] hid_parser_main: 4005 callbacks suppressed
[ 1401.568762][ T5861] cp2112 0003:10C4:EA90.0014: unknown main item tag 0x0
[ 1401.568793][ T5861] cp2112 0003:10C4:EA90.0014: unknown main item tag 0x0
[ 1401.568820][ T5861] cp2112 0003:10C4:EA90.0014: unknown main item tag 0x0
[ 1401.568865][ T5861] cp2112 0003:10C4:EA90.0014: unknown main item tag 0x0
[ 1401.568893][ T5861] cp2112 0003:10C4:EA90.0014: unknown main item tag 0x0
[ 1401.568950][ T5861] cp2112 0003:10C4:EA90.0014: unknown main item tag 0x0
[ 1401.568977][ T5861] cp2112 0003:10C4:EA90.0014: unknown main item tag 0x0
[ 1401.651762][ T5861] cp2112 0003:10C4:EA90.0014: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0
[ 1401.764235][ T5861] cp2112 0003:10C4:EA90.0014: Part Number: 0x00 Device Version: 0x00
[ 1403.202116][ T5861] cp2112 0003:10C4:EA90.0014: error reading lock byte: -71
[ 1403.230902][ T5861] usb 5-1: USB disconnect, device number 28
[ 1404.256831][ T4930] Bluetooth: hci1: command 0x0406 tx timeout
[ 1405.801694][T25684] netlink: 14 bytes leftover after parsing attributes in process `syz.8.5871'.
[ 1406.382582][ T4930] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1406.491980][ T4930] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1406.508628][ T4930] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1406.578943][ T4930] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1406.579789][ T4930] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1406.641119][ T5861] usb 5-1: new full-speed USB device number 29 using dummy_hcd
[ 1406.661916][T25704] netlink: 548 bytes leftover after parsing attributes in process `syz.5.5876'.
[ 1406.851252][ T5861] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1406.851309][ T5861] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[ 1406.851337][ T5861] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[ 1406.851365][ T5861] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 1406.851389][ T5861] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1406.933365][ T5861] usb 5-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[ 1406.933399][ T5861] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[ 1406.933423][ T5861] usb 5-1: Product: syz
[ 1406.933439][ T5861] usb 5-1: Manufacturer: syz
[ 1406.933456][ T5861] usb 5-1: SerialNumber: syz
[ 1406.994563][ T5861] usb 5-1: config 0 descriptor??
[ 1407.116553][T25701] netlink: 'syz.5.5876': attribute type 29 has an invalid length.
[ 1407.126476][T25703] netlink: 'syz.5.5876': attribute type 29 has an invalid length.
[ 1407.296229][ T5861] radio-si470x 5-1:0.0: DeviceID=0x0000 ChipID=0x0000
[ 1407.296257][ T5861] radio-si470x 5-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[ 1407.500656][ T5861] radio-si470x 5-1:0.0: software version 0, hardware version 0
[ 1407.500684][ T5861] radio-si470x 5-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[ 1407.500706][ T5861] radio-si470x 5-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[ 1407.702726][ T5861] radio-si470x 5-1:0.0: submitting int urb failed (-90)
[ 1408.517719][ T5861] radio-si470x 5-1:0.0: si470x_get_report: usb_control_msg returned -71
[ 1408.518067][ T5861] radio-si470x 5-1:0.0: probe with driver radio-si470x failed with error -22
[ 1408.686741][ T5861] usb 5-1: USB disconnect, device number 29
[ 1408.897269][ T5622] Bluetooth: hci5: command tx timeout
[ 1409.296903][ T5622] Bluetooth: hci2: command 0x0406 tx timeout
[ 1410.574373][T25799] netlink: 'syz.6.5896': attribute type 1 has an invalid length.
[ 1410.661409][T25799] bond1: entered promiscuous mode
[ 1410.663105][T25799] bond1: entered allmulticast mode
[ 1410.675318][T25799] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1410.823502][T25801] erspan1: entered allmulticast mode
[ 1410.944914][T25801] bond1: (slave erspan1): making interface the new active one
[ 1410.944940][T25801] erspan1: entered promiscuous mode
[ 1410.989337][ T4930] Bluetooth: hci5: command tx timeout
[ 1411.067041][T25807] netlink: 'syz.8.5898': attribute type 4 has an invalid length.
[ 1411.067066][T25807] netlink: 'syz.8.5898': attribute type 8 has an invalid length.
[ 1411.067079][T25807] netlink: 'syz.8.5898': attribute type 1 has an invalid length.
[ 1411.067093][T25807] netlink: 180 bytes leftover after parsing attributes in process `syz.8.5898'.
[ 1411.067133][T25807] NCSI netlink: No device for ifindex 7388460
[ 1411.354315][T25801] bond1: (slave erspan1): Enslaving as an active interface with an up link
[ 1411.877853][T25692] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1411.878219][T25692] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1411.878508][T25692] bridge_slave_0: entered allmulticast mode
[ 1411.882058][T25692] bridge_slave_0: entered promiscuous mode
[ 1411.913019][T25692] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1411.913449][T25692] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1411.913789][T25692] bridge_slave_1: entered allmulticast mode
[ 1411.956015][T25692] bridge_slave_1: entered promiscuous mode
[ 1412.251592][T25692] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1412.291615][T25692] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1412.407669][T25692] team0: Port device team_slave_0 added
[ 1412.438292][T25692] team0: Port device team_slave_1 added
[ 1412.577402][ T5861] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[ 1412.732496][ T5861] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1412.732541][ T5861] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[ 1412.800386][T25692] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1412.800402][T25692] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1412.800425][T25692] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1412.854736][T25692] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1412.854753][T25692] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1412.854786][T25692] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1412.872457][ T5861] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1412.872547][ T5861] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1412.872603][ T5861] usb 5-1: Product: syz
[ 1412.872661][ T5861] usb 5-1: Manufacturer: syz
[ 1412.872764][ T5861] usb 5-1: SerialNumber: syz
[ 1413.060031][ T5622] Bluetooth: hci5: command tx timeout
[ 1413.251318][T25840] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1413.252838][T25840] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1413.331016][ T5861] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[ 1413.445066][ T5861] usb 5-1: USB disconnect, device number 30
[ 1413.566144][T25862] netlink: 164 bytes leftover after parsing attributes in process `syz.5.5911'.
[ 1414.178178][ T5861] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[ 1414.350489][ T5861] usb 5-1: Using ep0 maxpacket: 8
[ 1414.351678][T25692] hsr_slave_0: entered promiscuous mode
[ 1414.354851][ T5861] usb 5-1: config index 0 descriptor too short (expected 301, got 72)
[ 1414.354878][ T5861] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 1414.354930][ T5861] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1414.354955][ T5861] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1414.354981][ T5861] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1414.355008][ T5861] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1414.355036][ T5861] usb 5-1: config 16 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[ 1414.355094][ T5861] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1414.355121][ T5861] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1414.408449][T25692] hsr_slave_1: entered promiscuous mode
[ 1414.467720][T25692] debugfs: 'hsr0' already exists in 'hsr'
[ 1414.467749][T25692] Cannot create hsr debugfs directory
[ 1414.899233][ T5861] usb 5-1: usb_control_msg returned -32
[ 1414.899284][ T5861] usbtmc 5-1:16.0: can't read capabilities
[ 1414.899601][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.899849][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.900167][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.900403][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.904575][    C1] usbtmc 5-1:16.0: invalid notification: 11
[ 1414.904824][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.905433][    C1] usbtmc 5-1:16.0: invalid notification: 2
[ 1414.905858][    C1] usbtmc 5-1:16.0: invalid notification: 5
[ 1414.906270][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.906692][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.915761][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.916148][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.916537][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.916862][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.917188][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.917553][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.917901][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.918243][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.918630][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.919089][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.919478][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.919885][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.920369][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.920756][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.921157][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.921563][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.922057][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.922464][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.922879][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.923314][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.923709][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.924112][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.924518][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.924947][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.925359][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.925796][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.926197][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.926587][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.927003][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.927427][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.927834][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.928234][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.928638][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.928973][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.929412][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.929820][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.930252][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.930742][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.931118][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.931507][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.931945][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.932334][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.932719][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.933125][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.933543][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.933924][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.934405][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.934764][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.935195][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.935588][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.935974][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.936335][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.936702][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.937073][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.937405][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.937822][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.938198][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.938597][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.938993][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.939416][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.952791][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.953241][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.954123][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.954580][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.954995][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.955466][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.955854][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.956342][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.956799][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.957262][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.957688][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.958142][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.958555][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.958902][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.959293][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.959683][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.960237][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.960669][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.961037][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.961430][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.961851][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.962220][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.962632][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.963063][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.963449][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.963859][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.964264][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.964688][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.965134][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.965523][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.965928][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.966276][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.966687][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.967049][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.967496][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.967898][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.968347][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.968786][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.969244][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.969653][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.970062][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.970424][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.970901][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.971323][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.971731][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.972168][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.972578][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.972985][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.973370][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.973782][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.974176][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.974573][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.974975][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.975355][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.975747][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.976142][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.976488][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.977285][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.977687][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.978091][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.978498][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.978953][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.979373][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.979786][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.980232][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.980664][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.981062][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.981495][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.981909][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.982388][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.982810][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.983211][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.983546][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.983961][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.984307][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.984718][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.985100][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.985498][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.985923][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.986359][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.986869][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.988054][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.988326][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.988850][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.989241][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.989668][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.990082][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.991376][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.991840][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.992291][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.992729][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.993177][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.993578][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.993969][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.994356][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.994731][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.995124][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.995517][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.995911][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.996317][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.996726][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.997071][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.997493][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.997882][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.998268][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.998676][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.999132][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.999552][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1414.999968][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.000372][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.000792][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.001197][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.001583][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.002036][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.002431][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.002805][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.003231][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.003695][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.004087][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.004532][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.004935][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.005339][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.005740][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.006084][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.006580][    C1] usbtmc 5-1:16.0: invalid notification: 0
[ 1415.194518][ T5622] Bluetooth: hci5: command tx timeout
[ 1415.728529][   T10] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 1416.240710][ T5861] usb 5-1: USB disconnect, device number 31
[ 1416.506821][   T10] usb 6-1: Using ep0 maxpacket: 16
[ 1416.514542][   T10] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1416.582568][   T10] usb 6-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=d4.05
[ 1416.582603][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1416.582626][   T10] usb 6-1: Product: syz
[ 1416.582642][   T10] usb 6-1: Manufacturer: syz
[ 1416.582666][   T10] usb 6-1: SerialNumber: syz
[ 1416.888733][   T10] gspca_main: vc032x-2.14.0 probing 0ac8:c301
[ 1416.903944][T25895] loop6: detected capacity change from 0 to 512
[ 1417.003963][ T5275] 8021q: adding VLAN 0 to HW filter on device eth25
[ 1417.236572][T25895] EXT4-fs error (device loop6): ext4_do_update_inode:5690: inode #15: comm syz.6.5922: corrupted inode contents
[ 1417.236611][T25895] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1417.260688][    C0] EXT4-fs (loop6): error count since last fsck: 1
[ 1417.260714][    C0] EXT4-fs (loop6): initial error at time 2000000208: ext4_do_update_inode:5690: inode 15
[ 1417.260746][    C0] EXT4-fs (loop6): last error at time 2000000208: ext4_do_update_inode:5690: inode 15
[ 1417.664847][   T10] gspca_vc032x: reg_r err -71
[ 1417.664870][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.664882][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.664893][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.664903][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.664914][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.664924][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.664935][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.664945][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.664954][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.664964][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.664973][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.664982][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.664992][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.665002][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.665013][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.665023][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.665033][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.665042][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.665052][   T10] gspca_vc032x: I2c Bus Busy Wait 00
[ 1417.665063][   T10] gspca_vc032x: Unknown sensor...
[ 1417.665150][   T10] vc032x 6-1:12.0: probe with driver vc032x failed with error -22
[ 1417.873862][   T10] usb 6-1: USB disconnect, device number 9
[ 1417.887045][T25895] EXT4-fs error (device loop6) in ext4_orphan_del:303: Corrupt filesystem
[ 1417.887072][T25895] loop6: lost filesystem error report for type 5 error -117
[ 1417.896297][T25895] EXT4-fs error (device loop6): ext4_do_update_inode:5690: inode #15: comm syz.6.5922: corrupted inode contents
[ 1417.896331][T25895] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1417.917634][T25895] EXT4-fs error (device loop6): ext4_evict_inode:315: inode #15: comm syz.6.5922: mark_inode_dirty error
[ 1417.917669][T25895] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1417.918310][T25895] EXT4-fs (loop6): 1 orphan inode deleted
[ 1418.153109][T25895] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1418.279124][T25895] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1419.355452][T25935] netlink: 8 bytes leftover after parsing attributes in process `syz.8.5930'.
[ 1419.407503][T25928] bond1: option ad_select: invalid value (253)
[ 1419.412602][T25936] netlink: 7 bytes leftover after parsing attributes in process `syz.8.5930'.
[ 1419.454060][T25928] bond1 (unregistering): Released all slaves
[ 1419.456853][ T5622] Bluetooth: hci3: command 0x0406 tx timeout
[ 1420.092641][T25951] netlink: 204 bytes leftover after parsing attributes in process `syz.6.5935'.
[ 1420.096517][T25951] netlink: 84 bytes leftover after parsing attributes in process `syz.6.5935'.
[ 1422.508111][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[ 1422.671994][T25992] netlink: 'syz.4.5947': attribute type 1 has an invalid length.
[ 1422.672017][T25992] netlink: 'syz.4.5947': attribute type 4 has an invalid length.
[ 1422.672033][T25992] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.5947'.
[ 1424.586233][T26026] loop8: detected capacity change from 0 to 40427
[ 1424.595513][ T4930] Bluetooth: hci4: command 0x0406 tx timeout
[ 1424.686667][T26026] F2FS-fs (loop8): invalid crc value
[ 1424.900000][T26026] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1424.933410][T26026] F2FS-fs (loop8): Start checkpoint disabled!
[ 1425.088238][T26026] F2FS-fs (loop8): f2fs_disable_checkpoint() finish, err:0
[ 1425.089067][T26026] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[ 1425.864020][T26048] loop6: detected capacity change from 0 to 128
[ 1425.865408][T26048] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1425.866176][T26048] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[ 1425.866758][T25890] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[ 1425.933791][ T9627] kworker/u8:24: attempt to access beyond end of device
[ 1425.933791][ T9627] loop8: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 1425.933860][ T9627] CPU: 0 UID: 0 PID: 9627 Comm: kworker/u8:24 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1425.933889][ T9627] Tainted: [L]=SOFTLOCKUP
[ 1425.933898][ T9627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1425.933913][ T9627] Workqueue: writeback wb_workfn (flush-7:8)
[ 1425.933954][ T9627] Call Trace:
[ 1425.933964][ T9627]  <TASK>
[ 1425.933974][ T9627]  dump_stack_lvl+0xe8/0x150
[ 1425.934008][ T9627]  f2fs_stop_checkpoint+0x383/0x540
[ 1425.934040][ T9627]  f2fs_write_end_io+0x1274/0x1740
[ 1425.934104][ T9627]  __submit_merged_bio+0x256/0x6a0
[ 1425.934140][ T9627]  f2fs_submit_merged_write+0x284/0x390
[ 1425.934174][ T9627]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[ 1425.934218][ T9627]  f2fs_sync_node_pages+0x11fe/0x13c0
[ 1425.934268][ T9627]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 1425.934292][ T9627]  ? __percpu_counter_sum+0x1c2/0x1e0
[ 1425.934372][ T9627]  ? blk_start_plug+0x51/0x1b0
[ 1425.934411][ T9627]  f2fs_write_node_pages+0x312/0x700
[ 1425.934443][ T9627]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[ 1425.934485][ T9627]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[ 1425.934512][ T9627]  do_writepages+0x32e/0x550
[ 1425.934541][ T9627]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 1425.934569][ T9627]  ? reacquire_held_locks+0x104/0x190
[ 1425.934593][ T9627]  ? rt_spin_lock+0x1e0/0x400
[ 1425.934632][ T9627]  __writeback_single_inode+0x133/0x10e0
[ 1425.934662][ T9627]  ? rt_spin_unlock+0x160/0x200
[ 1425.934697][ T9627]  writeback_sb_inodes+0x97f/0x1980
[ 1425.934744][ T9627]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1425.934788][ T9627]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1425.934865][ T9627]  ? rcu_is_watching+0x15/0xb0
[ 1425.934902][ T9627]  wb_writeback+0x445/0xb00
[ 1425.934932][ T9627]  ? queue_io+0x211/0x440
[ 1425.934965][ T9627]  ? __pfx_wb_writeback+0x10/0x10
[ 1425.935011][ T9627]  wb_workfn+0x3fd/0xf20
[ 1425.935042][ T9627]  ? look_up_lock_class+0x57/0x110
[ 1425.935118][ T9627]  ? __pfx_wb_workfn+0x10/0x10
[ 1425.935156][ T9627]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1425.935191][ T9627]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1425.935224][ T9627]  ? process_one_work+0x8b7/0x1710
[ 1425.935254][ T9627]  ? process_one_work+0x8b7/0x1710
[ 1425.935305][ T9627]  ? process_one_work+0x8b7/0x1710
[ 1425.935331][ T9627]  process_one_work+0x9a3/0x1710
[ 1425.935390][ T9627]  ? __pfx_process_one_work+0x10/0x10
[ 1425.935415][ T9627]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1425.935468][ T9627]  worker_thread+0xba8/0x11e0
[ 1425.935533][ T9627]  kthread+0x388/0x470
[ 1425.935568][ T9627]  ? __pfx_worker_thread+0x10/0x10
[ 1425.935593][ T9627]  ? __pfx_kthread+0x10/0x10
[ 1425.935630][ T9627]  ret_from_fork+0x514/0xb70
[ 1425.935664][ T9627]  ? __pfx_ret_from_fork+0x10/0x10
[ 1425.935694][ T9627]  ? __switch_to+0xc79/0x1410
[ 1425.935721][ T9627]  ? __pfx_kthread+0x10/0x10
[ 1425.935758][ T9627]  ret_from_fork_asm+0x1a/0x30
[ 1425.935810][ T9627]  </TASK>
[ 1426.073728][T25890] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1426.073849][T25890] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1426.073983][T25890] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1426.169656][T25890] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1426.169786][T25890] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1426.169887][T25890] usb 5-1: Product: syz
[ 1426.169930][T25890] usb 5-1: Manufacturer: syz
[ 1426.169967][T25890] usb 5-1: SerialNumber: syz
[ 1426.209794][ T9627] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[ 1426.210017][ T9627] CPU: 1 UID: 0 PID: 9627 Comm: kworker/u8:24 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1426.210115][ T9627] Tainted: [L]=SOFTLOCKUP
[ 1426.210137][ T9627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1426.210185][ T9627] Workqueue: writeback wb_workfn (flush-7:8)
[ 1426.210294][ T9627] Call Trace:
[ 1426.210324][ T9627]  <TASK>
[ 1426.210347][ T9627]  dump_stack_lvl+0xe8/0x150
[ 1426.210440][ T9627]  f2fs_stop_checkpoint+0x383/0x540
[ 1426.210520][ T9627]  f2fs_write_end_io+0x1274/0x1740
[ 1426.210664][ T9627]  __submit_merged_bio+0x256/0x6a0
[ 1426.210753][ T9627]  f2fs_submit_merged_write+0x284/0x390
[ 1426.210843][ T9627]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[ 1426.210954][ T9627]  f2fs_sync_node_pages+0x11fe/0x13c0
[ 1426.211091][ T9627]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 1426.211126][ T9627]  ? __percpu_counter_sum+0x1c2/0x1e0
[ 1426.211296][ T9627]  ? blk_start_plug+0x51/0x1b0
[ 1426.211422][ T9627]  f2fs_write_node_pages+0x312/0x700
[ 1426.211502][ T9627]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[ 1426.211610][ T9627]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[ 1426.211679][ T9627]  do_writepages+0x32e/0x550
[ 1426.211758][ T9627]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 1426.211839][ T9627]  ? reacquire_held_locks+0x104/0x190
[ 1426.211903][ T9627]  ? rt_spin_lock+0x1e0/0x400
[ 1426.212002][ T9627]  __writeback_single_inode+0x133/0x10e0
[ 1426.212077][ T9627]  ? rt_spin_unlock+0x160/0x200
[ 1426.212162][ T9627]  writeback_sb_inodes+0x97f/0x1980
[ 1426.212286][ T9627]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1426.212390][ T9627]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1426.212568][ T9627]  ? rcu_is_watching+0x15/0xb0
[ 1426.212600][ T9627]  wb_writeback+0x445/0xb00
[ 1426.212670][ T9627]  ? queue_io+0x211/0x440
[ 1426.212778][ T9627]  ? __pfx_wb_writeback+0x10/0x10
[ 1426.212883][ T9627]  wb_workfn+0x3fd/0xf20
[ 1426.212959][ T9627]  ? look_up_lock_class+0x57/0x110
[ 1426.213097][ T9627]  ? __pfx_wb_workfn+0x10/0x10
[ 1426.213186][ T9627]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1426.213281][ T9627]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1426.213361][ T9627]  ? process_one_work+0x8b7/0x1710
[ 1426.213445][ T9627]  ? process_one_work+0x8b7/0x1710
[ 1426.213546][ T9627]  ? process_one_work+0x8b7/0x1710
[ 1426.213621][ T9627]  process_one_work+0x9a3/0x1710
[ 1426.213755][ T9627]  ? __pfx_process_one_work+0x10/0x10
[ 1426.213821][ T9627]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1426.213965][ T9627]  worker_thread+0xba8/0x11e0
[ 1426.214100][ T9627]  kthread+0x388/0x470
[ 1426.214211][ T9627]  ? __pfx_worker_thread+0x10/0x10
[ 1426.214278][ T9627]  ? __pfx_kthread+0x10/0x10
[ 1426.214373][ T9627]  ret_from_fork+0x514/0xb70
[ 1426.214453][ T9627]  ? __pfx_ret_from_fork+0x10/0x10
[ 1426.214529][ T9627]  ? __switch_to+0xc79/0x1410
[ 1426.214603][ T9627]  ? __pfx_kthread+0x10/0x10
[ 1426.214691][ T9627]  ret_from_fork_asm+0x1a/0x30
[ 1426.214822][ T9627]  </TASK>
[ 1426.357702][ T9627] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[ 1427.126186][    C1] raw-gadget.0 gadget.4: ignoring, device is not running
[ 1427.172336][T25890] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[ 1427.172387][T25890] cdc_ncm 5-1:1.0: bind() failure
[ 1427.354401][T25890] usb 5-1: USB disconnect, device number 32
[ 1427.957137][T26063] loop6: detected capacity change from 0 to 512
[ 1427.986840][T26063] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1428.267144][T26063] EXT4-fs (loop6): 1 truncate cleaned up
[ 1428.288093][T26063] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1429.030409][T24429] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1430.514001][T26119] loop8: detected capacity change from 0 to 32768
[ 1430.527437][T26119] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.5975 (26119)
[ 1430.591020][T26119] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1430.591057][T26119] BTRFS info (device loop8): using sha256 checksum algorithm
[ 1431.128590][T26119] BTRFS info (device loop8): setting nodatasum
[ 1431.128619][T26119] BTRFS info (device loop8): enabling ssd optimizations
[ 1431.128638][T26119] BTRFS info (device loop8): turning on async discard
[ 1431.128656][T26119] BTRFS info (device loop8): enabling free space tree
[ 1431.263035][   T38] audit: type=1800 audit(2000000223.010:421): pid=26119 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.5975" name="file1" dev="loop8" ino=260 res=0 errno=0
[ 1432.637671][T26149] loop6: detected capacity change from 0 to 131072
[ 1432.639955][T26149] F2FS-fs (loop6): Wrong CP boundary, start(512) end(1536) blocks(0)
[ 1432.639985][T26149] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[ 1432.674440][T26149] F2FS-fs (loop6): invalid crc value
[ 1432.847082][T26149] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1433.028733][T26149] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[ 1433.028768][T26149] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[ 1435.522878][T26193] loop4: detected capacity change from 0 to 512
[ 1435.532190][T24452] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1435.552105][T26193] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1435.612850][T26193] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.5990: invalid indirect mapped block 9 (level 0)
[ 1435.612888][T26193] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[ 1435.617664][    C1] EXT4-fs (loop4): error count since last fsck: 1
[ 1435.617685][    C1] EXT4-fs (loop4): initial error at time 2000000227: ext4_free_branches:1023: inode 11
[ 1435.617714][    C1] EXT4-fs (loop4): last error at time 2000000227: ext4_free_branches:1023: inode 11
[ 1435.699785][T26193] EXT4-fs (loop4): 1 truncate cleaned up
[ 1435.702462][T26193] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1436.433602][T24150] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1436.612866][T26204] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5993'.
[ 1437.781409][T26226] netlink: 7 bytes leftover after parsing attributes in process `syz.8.5996'.
[ 1439.168268][T26236] loop6: detected capacity change from 0 to 40427
[ 1439.186436][T26236] F2FS-fs (loop6): invalid crc value
[ 1439.301295][T26236] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1439.323217][T26236] F2FS-fs (loop6): Start checkpoint disabled!
[ 1439.408676][T26236] F2FS-fs (loop6): f2fs_disable_checkpoint() finish, err:0
[ 1439.426111][T26236] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[ 1439.785712][T25692] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1439.897908][T25692] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1439.899757][T25692] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1439.963608][T25692] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1439.965572][T25692] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1440.228791][T25692] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1440.231703][T25692] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1440.292224][  T158] kworker/u8:6: attempt to access beyond end of device
[ 1440.292224][  T158] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1440.292301][  T158] CPU: 1 UID: 0 PID: 158 Comm: kworker/u8:6 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1440.292327][  T158] Tainted: [L]=SOFTLOCKUP
[ 1440.292333][  T158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1440.292345][  T158] Workqueue: writeback wb_workfn (flush-7:6)
[ 1440.292475][  T158] Call Trace:
[ 1440.292509][  T158]  <TASK>
[ 1440.292565][  T158]  dump_stack_lvl+0xe8/0x150
[ 1440.292656][  T158]  f2fs_stop_checkpoint+0x383/0x540
[ 1440.292729][  T158]  f2fs_write_end_io+0x1274/0x1740
[ 1440.292808][  T158]  __submit_merged_bio+0x256/0x6a0
[ 1440.292835][  T158]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1440.292862][  T158]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1440.292935][  T158]  f2fs_write_data_pages+0x287e/0x34f0
[ 1440.292995][  T158]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1440.293072][  T158]  ? __lock_acquire+0x6b5/0x2d10
[ 1440.293194][  T158]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1440.293220][  T158]  do_writepages+0x32e/0x550
[ 1440.293290][  T158]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 1440.293334][  T158]  ? reacquire_held_locks+0x104/0x190
[ 1440.293355][  T158]  ? rt_spin_lock+0x1e0/0x400
[ 1440.293388][  T158]  __writeback_single_inode+0x133/0x10e0
[ 1440.293412][  T158]  ? rt_spin_unlock+0x160/0x200
[ 1440.293438][  T158]  writeback_sb_inodes+0x97f/0x1980
[ 1440.293488][  T158]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1440.293557][  T158]  ? rcu_is_watching+0x15/0xb0
[ 1440.293620][  T158]  wb_writeback+0x445/0xb00
[ 1440.293653][  T158]  ? queue_io+0x211/0x440
[ 1440.293679][  T158]  ? __pfx_wb_writeback+0x10/0x10
[ 1440.293712][  T158]  wb_workfn+0x3fd/0xf20
[ 1440.293734][  T158]  ? look_up_lock_class+0x57/0x110
[ 1440.293801][  T158]  ? __pfx_wb_workfn+0x10/0x10
[ 1440.293829][  T158]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1440.293855][  T158]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1440.293881][  T158]  ? process_one_work+0x8b7/0x1710
[ 1440.293929][  T158]  ? process_one_work+0x8b7/0x1710
[ 1440.293964][  T158]  ? process_one_work+0x8b7/0x1710
[ 1440.293986][  T158]  process_one_work+0x9a3/0x1710
[ 1440.294033][  T158]  ? __pfx_process_one_work+0x10/0x10
[ 1440.294054][  T158]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1440.294096][  T158]  worker_thread+0xba8/0x11e0
[ 1440.294150][  T158]  kthread+0x388/0x470
[ 1440.294186][  T158]  ? __pfx_worker_thread+0x10/0x10
[ 1440.294211][  T158]  ? __pfx_kthread+0x10/0x10
[ 1440.294247][  T158]  ret_from_fork+0x514/0xb70
[ 1440.294296][  T158]  ? __pfx_ret_from_fork+0x10/0x10
[ 1440.294326][  T158]  ? __switch_to+0xc79/0x1410
[ 1440.294354][  T158]  ? __pfx_kthread+0x10/0x10
[ 1440.294392][  T158]  ret_from_fork_asm+0x1a/0x30
[ 1440.294446][  T158]  </TASK>
[ 1440.586556][  T158] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[ 1440.677030][T25692] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1440.860943][T26266] loop8: detected capacity change from 0 to 2048
[ 1441.404363][T26266]  loop8: p3 < > p4 < >
[ 1441.404397][T26266] loop8: partition table partially beyond EOD, truncated
[ 1441.404682][T26266] loop8: p3 start 4284289 is beyond EOD, truncated
[ 1442.713486][T26279] loop4: detected capacity change from 0 to 131072
[ 1442.763506][ T4980]  loop8: p3 < > p4 < >
[ 1442.763544][ T4980] loop8: partition table partially beyond EOD, truncated
[ 1442.821643][ T4980] loop8: p3 start 4284289 is beyond EOD, truncated
[ 1442.926056][T26279] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1442.945700][T26279] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1443.044466][T26279] F2FS-fs (loop4): recover xattr in inode (7), error(0)
[ 1443.044609][T26279] F2FS-fs (loop4): set inode (7) has corrupted xattr
[ 1443.066049][T26279] F2FS-fs (loop4): lookup inode (7) has corrupted xattr
[ 1443.135340][T25692] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1443.498474][T23944] udevd[23944]: inotify_add_watch(7, /dev/loop8p4, 10) failed: No such file or directory
[ 1444.057144][T25692] 8021q: adding VLAN 0 to HW filter on device team0
[ 1444.195817][ T9622] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1444.196134][ T9622] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1444.408352][ T9627] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1444.408586][ T9627] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1444.598780][T21380] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1444.798254][T21380] usb 7-1: Using ep0 maxpacket: 16
[ 1444.853019][T21380] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1444.853070][T21380] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1444.853171][T21380] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1444.853210][T21380] usb 7-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[ 1444.853235][T21380] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1444.931829][T21380] usb 7-1: config 0 descriptor??
[ 1445.627313][T21380] usbhid 7-1:0.0: can't add hid device: -71
[ 1445.627448][T21380] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1445.642526][T21380] usb 7-1: USB disconnect, device number 4
[ 1446.677764][ T5275] 8021q: adding VLAN 0 to HW filter on device eth22
[ 1447.268473][T26353] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1447.410240][T26356] loop6: detected capacity change from 0 to 8
[ 1447.744607][T25692] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1448.342220][T25692] veth0_vlan: entered promiscuous mode
[ 1448.381465][T25692] veth1_vlan: entered promiscuous mode
[ 1448.614843][T25692] veth0_macvtap: entered promiscuous mode
[ 1448.688759][T25692] veth1_macvtap: entered promiscuous mode
[ 1448.821828][T25692] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1448.903221][T25692] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1448.928924][T26369] xfrm0: entered promiscuous mode
[ 1448.928951][T26369] xfrm0: entered allmulticast mode
[ 1448.987267][T26369] loop4: detected capacity change from 0 to 128
[ 1449.019649][ T9633] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1449.021265][   T57] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1449.037527][T22392] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1449.049214][T22392] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1449.591287][ T5275] 8021q: adding VLAN 0 to HW filter on device eth23
[ 1450.661276][ T3182] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1450.661297][ T3182] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1451.129440][ T9622] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1451.129457][ T9622] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1451.836857][ T5744] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1451.987343][ T5744] usb 7-1: Using ep0 maxpacket: 32
[ 1451.991271][ T5744] usb 7-1: config 2 has an invalid interface number: 88 but max is 0
[ 1451.991300][ T5744] usb 7-1: config 2 has no interface number 0
[ 1451.991355][ T5744] usb 7-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256
[ 1451.991384][ T5744] usb 7-1: config 2 interface 88 has no altsetting 0
[ 1451.996216][ T5744] usb 7-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[ 1451.996248][ T5744] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1451.996270][ T5744] usb 7-1: Product: syz
[ 1451.996286][ T5744] usb 7-1: Manufacturer: syz
[ 1451.996302][ T5744] usb 7-1: SerialNumber: syz
[ 1452.216471][T26400] loop3: detected capacity change from 0 to 40427
[ 1452.246904][T26400] F2FS-fs (loop3): invalid crc value
[ 1452.281786][T26394] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1452.392439][T26400] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1452.429180][T26400] F2FS-fs (loop3): Start checkpoint disabled!
[ 1452.633156][T26400] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[ 1452.636561][T26400] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[ 1452.668119][T26394] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1454.031526][ T5744] asix 7-1:2.88 (unnamed net_device) (uninitialized): invalid hw address, using random
[ 1454.240889][ T5744] asix 7-1:2.88 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 1454.241024][ T5744] asix 7-1:2.88 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[ 1454.241448][ T5744] asix 7-1:2.88: probe with driver asix failed with error -71
[ 1454.329028][ T5744] usb 7-1: USB disconnect, device number 5
[ 1454.423858][T22392] kworker/u8:12: attempt to access beyond end of device
[ 1454.423858][T22392] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[ 1454.423922][T22392] CPU: 1 UID: 0 PID: 22392 Comm: kworker/u8:12 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1454.423957][T22392] Tainted: [L]=SOFTLOCKUP
[ 1454.423967][T22392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1454.423983][T22392] Workqueue: writeback wb_workfn (flush-7:3)
[ 1454.424022][T22392] Call Trace:
[ 1454.424029][T22392]  <TASK>
[ 1454.424037][T22392]  dump_stack_lvl+0xe8/0x150
[ 1454.424065][T22392]  f2fs_stop_checkpoint+0x383/0x540
[ 1454.424090][T22392]  f2fs_write_end_io+0x1274/0x1740
[ 1454.424132][T22392]  __submit_merged_bio+0x256/0x6a0
[ 1454.424159][T22392]  f2fs_submit_merged_write+0x284/0x390
[ 1454.424183][T22392]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[ 1454.424217][T22392]  f2fs_sync_node_pages+0x11fe/0x13c0
[ 1454.424253][T22392]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 1454.424273][T22392]  ? __percpu_counter_sum+0x1c2/0x1e0
[ 1454.424465][T22392]  ? blk_start_plug+0x51/0x1b0
[ 1454.424522][T22392]  f2fs_write_node_pages+0x312/0x700
[ 1454.424547][T22392]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[ 1454.424575][T22392]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[ 1454.424594][T22392]  do_writepages+0x32e/0x550
[ 1454.424616][T22392]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 1454.424637][T22392]  ? reacquire_held_locks+0x104/0x190
[ 1454.424656][T22392]  ? rt_spin_lock+0x1e0/0x400
[ 1454.424683][T22392]  __writeback_single_inode+0x133/0x10e0
[ 1454.424707][T22392]  ? rt_spin_unlock+0x160/0x200
[ 1454.424730][T22392]  writeback_sb_inodes+0x97f/0x1980
[ 1454.424762][T22392]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1454.424793][T22392]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1454.424843][T22392]  ? rcu_is_watching+0x15/0xb0
[ 1454.424868][T22392]  wb_writeback+0x445/0xb00
[ 1454.424888][T22392]  ? queue_io+0x211/0x440
[ 1454.424911][T22392]  ? __pfx_wb_writeback+0x10/0x10
[ 1454.424941][T22392]  wb_workfn+0x3fd/0xf20
[ 1454.424965][T22392]  ? look_up_lock_class+0x57/0x110
[ 1454.425005][T22392]  ? __pfx_wb_workfn+0x10/0x10
[ 1454.425034][T22392]  ? do_raw_spin_unlock+0xf5/0x210
[ 1454.425062][T22392]  ? process_one_work+0x8b7/0x1710
[ 1454.425086][T22392]  ? process_one_work+0x8b7/0x1710
[ 1454.425118][T22392]  ? process_one_work+0x8b7/0x1710
[ 1454.425138][T22392]  process_one_work+0x9a3/0x1710
[ 1454.425180][T22392]  ? __pfx_process_one_work+0x10/0x10
[ 1454.425201][T22392]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1454.425240][T22392]  worker_thread+0xba8/0x11e0
[ 1454.425292][T22392]  kthread+0x388/0x470
[ 1454.425324][T22392]  ? __pfx_worker_thread+0x10/0x10
[ 1454.425347][T22392]  ? __pfx_kthread+0x10/0x10
[ 1454.425378][T22392]  ret_from_fork+0x514/0xb70
[ 1454.425405][T22392]  ? __pfx_ret_from_fork+0x10/0x10
[ 1454.425428][T22392]  ? __switch_to+0xc79/0x1410
[ 1454.425461][T22392]  ? __pfx_kthread+0x10/0x10
[ 1454.425490][T22392]  ret_from_fork_asm+0x1a/0x30
[ 1454.425533][T22392]  </TASK>
[ 1454.472780][T22392] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1454.893869][T22392] CPU: 1 UID: 0 PID: 22392 Comm: kworker/u8:12 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1454.893910][T22392] Tainted: [L]=SOFTLOCKUP
[ 1454.893919][T22392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1454.893935][T22392] Workqueue: writeback wb_workfn (flush-7:3)
[ 1454.893979][T22392] Call Trace:
[ 1454.893989][T22392]  <TASK>
[ 1454.894000][T22392]  dump_stack_lvl+0xe8/0x150
[ 1454.894034][T22392]  f2fs_stop_checkpoint+0x383/0x540
[ 1454.894065][T22392]  f2fs_write_end_io+0x1274/0x1740
[ 1454.894119][T22392]  __submit_merged_bio+0x256/0x6a0
[ 1454.894154][T22392]  f2fs_submit_merged_write+0x284/0x390
[ 1454.894187][T22392]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[ 1454.894235][T22392]  f2fs_sync_node_pages+0x11fe/0x13c0
[ 1454.894286][T22392]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[ 1454.894312][T22392]  ? __percpu_counter_sum+0x1c2/0x1e0
[ 1454.894396][T22392]  ? blk_start_plug+0x51/0x1b0
[ 1454.894435][T22392]  f2fs_write_node_pages+0x312/0x700
[ 1454.894479][T22392]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[ 1454.894523][T22392]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[ 1454.894549][T22392]  do_writepages+0x32e/0x550
[ 1454.894580][T22392]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 1454.894607][T22392]  ? reacquire_held_locks+0x104/0x190
[ 1454.894632][T22392]  ? rt_spin_lock+0x1e0/0x400
[ 1454.894673][T22392]  __writeback_single_inode+0x133/0x10e0
[ 1454.894702][T22392]  ? rt_spin_unlock+0x160/0x200
[ 1454.894735][T22392]  writeback_sb_inodes+0x97f/0x1980
[ 1454.894785][T22392]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1454.894829][T22392]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1454.894906][T22392]  ? rcu_is_watching+0x15/0xb0
[ 1454.894944][T22392]  wb_writeback+0x445/0xb00
[ 1454.894972][T22392]  ? queue_io+0x211/0x440
[ 1454.895005][T22392]  ? __pfx_wb_writeback+0x10/0x10
[ 1454.895051][T22392]  wb_workfn+0x3fd/0xf20
[ 1454.895082][T22392]  ? look_up_lock_class+0x57/0x110
[ 1454.895143][T22392]  ? __pfx_wb_workfn+0x10/0x10
[ 1454.895184][T22392]  ? do_raw_spin_unlock+0xf5/0x210
[ 1454.895222][T22392]  ? process_one_work+0x8b7/0x1710
[ 1454.895253][T22392]  ? process_one_work+0x8b7/0x1710
[ 1454.895298][T22392]  ? process_one_work+0x8b7/0x1710
[ 1454.895325][T22392]  process_one_work+0x9a3/0x1710
[ 1454.895380][T22392]  ? __pfx_process_one_work+0x10/0x10
[ 1454.895404][T22392]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1454.895460][T22392]  worker_thread+0xba8/0x11e0
[ 1454.895522][T22392]  kthread+0x388/0x470
[ 1454.895557][T22392]  ? __pfx_worker_thread+0x10/0x10
[ 1454.895583][T22392]  ? __pfx_kthread+0x10/0x10
[ 1454.895619][T22392]  ret_from_fork+0x514/0xb70
[ 1454.895651][T22392]  ? __pfx_ret_from_fork+0x10/0x10
[ 1454.895680][T22392]  ? __switch_to+0xc79/0x1410
[ 1454.895708][T22392]  ? __pfx_kthread+0x10/0x10
[ 1454.895745][T22392]  ret_from_fork_asm+0x1a/0x30
[ 1454.895801][T22392]  </TASK>
[ 1454.895860][T22392] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[ 1457.021079][ T5275] 8021q: adding VLAN 0 to HW filter on device eth21
[ 1458.182326][T26465] loop6: detected capacity change from 0 to 1024
[ 1458.324805][T26465] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[ 1458.324843][T26465] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[ 1458.324957][T26465] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 1458.388030][T26465] EXT4-fs error (device loop6): ext4_get_journal_inode:5896: inode #5: comm syz.6.6047: unexpected bad inode w/o EXT4_IGET_BAD
[ 1458.388165][T26465] loop6: lost file I/O error report for ino 5 type 5 pos 0x0 len 0x0 error -117
[ 1458.390225][T26465] EXT4-fs (loop6): no journal found
[ 1458.390247][T26465] EXT4-fs (loop6): can't get journal size
[ 1458.396711][    C0] EXT4-fs (loop6): error count since last fsck: 1
[ 1458.396729][    C0] EXT4-fs (loop6): initial error at time 2000000250: ext4_get_journal_inode:5896: inode 5
[ 1458.396753][    C0] EXT4-fs (loop6): last error at time 2000000250: ext4_get_journal_inode:5896: inode 5
[ 1458.661959][T26465] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1458.883000][ T4930] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1458.956732][T15103] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[ 1459.022978][ T4930] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1459.062563][ T4930] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1459.083171][T24429] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1459.209579][ T4930] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1459.257878][ T4930] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1459.676236][T15103] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1459.676271][T15103] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1459.676297][T15103] usb 4-1: Product: syz
[ 1459.676312][T15103] usb 4-1: Manufacturer: syz
[ 1459.676336][T15103] usb 4-1: SerialNumber: syz
[ 1459.843035][T15103] usb 4-1: config 0 descriptor??
[ 1460.097530][T15103] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1461.353630][T15103] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1461.369341][T15103] usb 4-1: USB disconnect, device number 3
[ 1461.525216][  T158] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1461.863284][ T5622] Bluetooth: hci0: command tx timeout
[ 1462.906889][   T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 1463.063134][   T10] usb 4-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1463.063173][   T10] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1463.091097][   T10] usb 4-1: string descriptor 0 read error: -22
[ 1463.091248][   T10] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.40
[ 1463.091276][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1463.634190][   T10] lenovo 0003:17EF:6047.0015: unknown main item tag 0x0
[ 1463.634232][   T10] lenovo 0003:17EF:6047.0015: unknown main item tag 0x0
[ 1463.634261][   T10] lenovo 0003:17EF:6047.0015: unknown main item tag 0x0
[ 1463.634291][   T10] lenovo 0003:17EF:6047.0015: unknown main item tag 0x0
[ 1463.634320][   T10] lenovo 0003:17EF:6047.0015: unknown main item tag 0x0
[ 1463.634349][   T10] lenovo 0003:17EF:6047.0015: unknown main item tag 0x0
[ 1463.634379][   T10] lenovo 0003:17EF:6047.0015: unknown main item tag 0x0
[ 1463.634408][   T10] lenovo 0003:17EF:6047.0015: unknown main item tag 0x0
[ 1463.634438][   T10] lenovo 0003:17EF:6047.0015: unknown main item tag 0x0
[ 1463.634468][   T10] lenovo 0003:17EF:6047.0015: unknown main item tag 0x0
[ 1463.915940][   T10] lenovo 0003:17EF:6047.0015: hidraw0: USB HID v0.01 Device [HID 17ef:6047] on usb-dummy_hcd.3-1/input0
[ 1463.916589][   T10] lenovo 0003:17EF:6047.0015: Failed to switch F7/9/11 mode: -71
[ 1463.917557][   T10] lenovo 0003:17EF:6047.0015: Failed to switch middle button: -71
[ 1463.918098][   T10] lenovo 0003:17EF:6047.0015: Fn-lock setting failed: -71
[ 1463.918630][   T10] lenovo 0003:17EF:6047.0015: Sensitivity setting failed: -71
[ 1463.941219][ T5622] Bluetooth: hci0: command tx timeout
[ 1463.977156][   T10] usb 4-1: USB disconnect, device number 4
[ 1464.089976][T26568] fido_id[26568]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1464.380562][  T158] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1464.857394][T25888] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 1465.042846][T25888] usb 4-1: Using ep0 maxpacket: 32
[ 1465.049071][T25888] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[ 1465.049158][T25888] usb 4-1: config 0 has no interface number 0
[ 1465.105627][T25888] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1465.105661][T25888] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1465.105684][T25888] usb 4-1: Product: syz
[ 1465.105700][T25888] usb 4-1: Manufacturer: syz
[ 1465.105716][T25888] usb 4-1: SerialNumber: syz
[ 1465.170185][T25888] usb 4-1: config 0 descriptor??
[ 1465.890160][T26599] binder: 26598:26599 ioctl c0306201 200000000640 returned -22
[ 1465.964344][T25888] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[ 1465.964378][T25888] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1466.058358][ T5622] Bluetooth: hci0: command tx timeout
[ 1467.366372][  T158] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1467.407950][T26607] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6087'.
[ 1467.407977][T26607] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6087'.
[ 1467.408651][T26607] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6087'.
[ 1467.408674][T26607] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6087'.
[ 1467.597011][T25888] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1467.597360][T25888] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71
[ 1467.642163][T25888] usb 4-1: USB disconnect, device number 5
[ 1468.097194][ T5622] Bluetooth: hci0: command tx timeout
[ 1468.690556][T26625] loop6: detected capacity change from 0 to 32768
[ 1468.691792][T26625] btrfs: Deprecated parameter 'usebackuproot'
[ 1468.691816][T26625] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[ 1468.693444][T26625] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.6092 (26625)
[ 1468.784513][T26625] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1468.784549][T26625] BTRFS info (device loop6): using crc32c checksum algorithm
[ 1468.992361][  T183] BTRFS warning (device loop6): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[ 1468.994345][T26625] BTRFS error (device loop6): failed to load root extent
[ 1468.994394][T26625] BTRFS warning (device loop6): try to load backup roots slot 1
[ 1468.999300][  T183] BTRFS warning (device loop6): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[ 1469.005807][T26625] BTRFS warning (device loop6): couldn't read tree root
[ 1469.005835][T26625] BTRFS warning (device loop6): try to load backup roots slot 2
[ 1469.008628][   T57] BTRFS error (device loop6): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[ 1469.008734][T26625] BTRFS warning (device loop6): couldn't read tree root
[ 1469.008757][T26625] BTRFS warning (device loop6): try to load backup roots slot 3
[ 1469.125069][T26625] BTRFS info (device loop6): rebuilding free space tree
[ 1469.499329][  T158] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1469.791379][T26625] BTRFS info (device loop6): checking UUID tree
[ 1469.807004][T26625] BTRFS info (device loop6): enabling ssd optimizations
[ 1469.807032][T26625] BTRFS info (device loop6): using spread ssd allocation scheme
[ 1469.807052][T26625] BTRFS info (device loop6): turning on async discard
[ 1469.807071][T26625] BTRFS info (device loop6): enabling free space tree
[ 1469.807088][T26625] BTRFS info (device loop6): force clearing of disk cache
[ 1469.807104][T26625] BTRFS info (device loop6): enabling auto defrag
[ 1469.807130][T26625] BTRFS info (device loop6): trying to use backup root at mount time
[ 1469.807148][T26625] BTRFS info (device loop6): force zlib compression, level 3
[ 1470.659360][T24429] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1472.453035][   T38] audit: type=1326 audit(2000000264.200:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26696 comm="syz.5.6106" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8346e5cdd9 code=0x0
[ 1475.186812][T15103] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1475.396738][T15103] usb 7-1: Using ep0 maxpacket: 8
[ 1475.412808][T15103] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1475.440983][T15103] usb 7-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1475.441014][T15103] usb 7-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1475.441038][T15103] usb 7-1: Product: syz
[ 1475.441054][T15103] usb 7-1: Manufacturer: syz
[ 1475.441069][T15103] usb 7-1: SerialNumber: syz
[ 1475.691266][T15103] usb 7-1: Handspring Visor / Palm OS: No valid connect info available
[ 1475.691291][T15103] usb 7-1: Handspring Visor / Palm OS: port 0, is for Generic use
[ 1475.691311][T15103] usb 7-1: Handspring Visor / Palm OS: port 0, is for Generic use
[ 1475.691330][T15103] usb 7-1: Handspring Visor / Palm OS: Number of ports: 2
[ 1475.866543][T26480] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1475.878766][T26480] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1475.879349][T26480] bridge_slave_0: entered allmulticast mode
[ 1475.883166][T26480] bridge_slave_0: entered promiscuous mode
[ 1475.898376][T15103] visor 7-1:1.0: Handspring Visor / Palm OS converter detected
[ 1475.914726][T26480] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1475.916218][T26480] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1475.933392][T26480] bridge_slave_1: entered allmulticast mode
[ 1475.943480][T26480] bridge_slave_1: entered promiscuous mode
[ 1476.019215][T26480] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1476.062027][T26480] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1476.208914][T26480] team0: Port device team_slave_0 added
[ 1476.238220][T15103] usb 7-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[ 1476.277905][T15103] usb 7-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[ 1476.495477][T15103] usb 7-1: USB disconnect, device number 6
[ 1476.552752][T15103] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[ 1476.580861][T15103] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[ 1476.635983][T15103] visor 7-1:1.0: device disconnected
[ 1477.210104][  T158] bridge_slave_1: left allmulticast mode
[ 1477.210142][  T158] bridge_slave_1: left promiscuous mode
[ 1477.210434][  T158] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1477.329157][ T5349] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1477.381387][  T158] bridge_slave_0: left allmulticast mode
[ 1477.381429][  T158] bridge_slave_0: left promiscuous mode
[ 1477.381720][  T158] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1477.476741][ T5349] usb 9-1: Using ep0 maxpacket: 8
[ 1477.493401][ T5349] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1477.493464][ T5349] usb 9-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[ 1477.493497][ T5349] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1477.600608][ T5349] usb 9-1: config 0 descriptor??
[ 1477.618659][ T5349] gspca_main: vc032x-2.14.0 probing 046d:0892
[ 1479.173590][ T5349] usb 9-1: USB disconnect, device number 4
[ 1480.146758][ T5349] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 1480.339458][ T5349] usb 6-1: Using ep0 maxpacket: 8
[ 1480.343369][ T5349] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[ 1480.343427][ T5349] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1480.343452][ T5349] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1480.343479][ T5349] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1480.343505][ T5349] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1480.343662][ T5349] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1480.343687][ T5349] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1480.944799][T26785] usbtmc 6-1:16.0: send_request_dev_dep_msg_in returned -90
[ 1480.948926][T25890] usb 6-1: USB disconnect, device number 10
[ 1481.078363][ T5861] libceph: connect (1)[c::]:6789 error -101
[ 1481.078578][ T5861] libceph: mon0 (1)[c::]:6789 connect error
[ 1481.079924][ T5861] libceph: connect (1)[c::]:6789 error -101
[ 1481.080127][ T5861] libceph: mon0 (1)[c::]:6789 connect error
[ 1481.080221][T26799] ceph: No mds server is up or the cluster is laggy
[ 1481.277711][  T158] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1481.376864][  T158] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1481.522288][  T158] bond0 (unregistering): Released all slaves
[ 1481.625298][T26480] team0: Port device team_slave_1 added
[ 1481.945304][T26747] dvmrp0: entered allmulticast mode
[ 1483.723608][T26480] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1483.723628][T26480] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1483.723660][T26480] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1483.772019][T26480] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1483.772037][T26480] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1483.772068][T26480] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1483.953901][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.915918][   T38] audit: type=1800 audit(2000000276.660:423): pid=26865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.6150" name="nullb0" dev="devtmpfs" ino=3668 res=0 errno=0
[ 1485.162892][T26480] hsr_slave_0: entered promiscuous mode
[ 1485.175119][T26480] hsr_slave_1: entered promiscuous mode
[ 1485.190637][T26480] debugfs: 'hsr0' already exists in 'hsr'
[ 1485.190667][T26480] Cannot create hsr debugfs directory
[ 1485.776906][ T5861] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1485.946877][ T5861] usb 6-1: Using ep0 maxpacket: 32
[ 1485.949850][ T5861] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1485.949885][ T5861] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1485.956325][ T5861] usb 6-1: config 0 descriptor??
[ 1486.193633][ T5861] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 1486.223767][ T5861] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1486.224851][ T5861] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 1486.224930][ T5861] usb 6-1: media controller created
[ 1486.250776][  T158] hsr_slave_0: left promiscuous mode
[ 1486.271923][ T5861] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1486.286830][  T158] hsr_slave_1: left promiscuous mode
[ 1486.288099][  T158] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1486.288127][  T158] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1486.338352][  T158] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1486.338379][  T158] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1486.421048][  T158] veth1_macvtap: left promiscuous mode
[ 1486.421165][  T158] veth0_macvtap: left promiscuous mode
[ 1486.421475][  T158] veth1_vlan: left promiscuous mode
[ 1486.421674][  T158] veth0_vlan: left promiscuous mode
[ 1487.346831][ T5861] stb0899_attach: Driver disabled by Kconfig
[ 1487.346877][ T5861] az6027: no front-end attached
[ 1487.346877][ T5861] 
[ 1487.348045][ T5861] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 1487.350511][ T5861] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input23
[ 1487.355275][ T5861] dvb-usb: schedule remote query interval to 400 msecs.
[ 1487.355298][ T5861] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 1487.557532][T25890] usb 6-1: USB disconnect, device number 11
[ 1487.591727][  T158] team0 (unregistering): Port device team_slave_1 removed
[ 1487.644625][  T158] team0 (unregistering): Port device team_slave_0 removed
[ 1487.867670][T25890] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 1489.274895][ T5275] 8021q: adding VLAN 0 to HW filter on device eth1
[ 1490.273551][ T5275] 8021q: adding VLAN 0 to HW filter on device eth2
[ 1491.541342][ T5275] 8021q: adding VLAN 0 to HW filter on device eth3
[ 1492.260476][T26480] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1492.321517][T26480] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[ 1492.322753][T26480] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1492.376059][T26480] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[ 1492.394289][T26480] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1492.441388][T26480] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[ 1492.443960][ T5275] 8021q: adding VLAN 0 to HW filter on device eth4
[ 1492.444705][T26480] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1492.501377][T26480] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[ 1492.808757][T26480] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1492.851359][T26480] 8021q: adding VLAN 0 to HW filter on device team0
[ 1492.878192][ T9622] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1492.878470][ T9622] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1492.956375][ T9633] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1492.956494][ T9633] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1493.511279][ T5275] 8021q: adding VLAN 0 to HW filter on device eth5
[ 1493.869834][T26480] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1494.445589][T26480] veth0_vlan: entered promiscuous mode
[ 1494.492068][T26480] veth1_vlan: entered promiscuous mode
[ 1494.593079][T26480] veth0_macvtap: entered promiscuous mode
[ 1494.642898][ T5275] 8021q: adding VLAN 0 to HW filter on device eth6
[ 1494.669735][T26480] veth1_macvtap: entered promiscuous mode
[ 1494.713339][T26480] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1494.768461][T26480] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1494.801557][  T158] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1494.805175][  T158] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1494.824330][  T158] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1494.826206][  T183] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1496.257367][ T9622] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1496.257408][ T9622] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1496.798868][ T3182] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1496.798892][ T3182] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1496.955993][ T5275] 8021q: adding VLAN 0 to HW filter on device eth7
[ 1497.049121][T27011] loop6: detected capacity change from 0 to 256
[ 1497.342089][T27011] FAT-fs (loop6): Directory bread(block 64) failed
[ 1497.342122][T27011] FAT-fs (loop6): Directory bread(block 65) failed
[ 1497.342228][T27011] FAT-fs (loop6): Directory bread(block 66) failed
[ 1497.342254][T27011] FAT-fs (loop6): Directory bread(block 67) failed
[ 1497.342363][T27011] FAT-fs (loop6): Directory bread(block 68) failed
[ 1497.342404][T27011] FAT-fs (loop6): Directory bread(block 69) failed
[ 1497.342518][T27011] FAT-fs (loop6): Directory bread(block 70) failed
[ 1497.342543][T27011] FAT-fs (loop6): Directory bread(block 71) failed
[ 1497.342647][T27011] FAT-fs (loop6): Directory bread(block 72) failed
[ 1497.342671][T27011] FAT-fs (loop6): Directory bread(block 73) failed
[ 1498.008235][ T5744] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[ 1498.025390][ T5349] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1498.156816][ T5744] usb 8-1: Using ep0 maxpacket: 16
[ 1498.168940][ T5744] usb 8-1: config 1 has an invalid interface number: 105 but max is 0
[ 1498.169752][ T5744] usb 8-1: config 1 has no interface number 0
[ 1498.169804][ T5744] usb 8-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 1498.169834][ T5744] usb 8-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 1498.170141][ T5744] usb 8-1: config 1 interface 105 has no altsetting 0
[ 1498.170370][ T5349] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1498.170401][ T5349] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1498.173355][ T5349] usb 7-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1498.173384][ T5349] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1498.173466][ T5349] usb 7-1: Manufacturer: syz
[ 1498.254493][ T5744] usb 8-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[ 1498.254525][ T5744] usb 8-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[ 1498.254547][ T5744] usb 8-1: Product: syz
[ 1498.254563][ T5744] usb 8-1: Manufacturer: syz
[ 1498.254580][ T5744] usb 8-1: SerialNumber: syz
[ 1498.316985][ T5349] usb 7-1: config 0 descriptor??
[ 1498.367214][T27027] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1498.367359][T27027] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1498.790756][T27027] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1498.790972][T27027] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1499.140362][ T5349] uclogic 0003:256C:006D.0016: interface is invalid, ignoring
[ 1499.200619][ T5744] aqc111 8-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[ 1499.202730][ T5744] aqc111 8-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[ 1499.288384][ T5744] aqc111 8-1:1.105 eth9: register 'aqc111' at usb-dummy_hcd.7-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 62:43:48:6d:e6:0e
[ 1499.362521][   T37] usb 7-1: USB disconnect, device number 7
[ 1499.423922][T25890] usb 8-1: USB disconnect, device number 14
[ 1499.444350][T25890] aqc111 8-1:1.105 eth9: unregister 'aqc111' usb-dummy_hcd.7-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[ 1499.719527][T25890] aqc111 8-1:1.105 eth9 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 1499.719672][T25890] aqc111 8-1:1.105 eth9 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 1499.719807][T25890] aqc111 8-1:1.105 eth9 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[ 1500.630941][T27071] loop7: detected capacity change from 0 to 40427
[ 1500.665009][T27071] F2FS-fs (loop7): invalid crc value
[ 1501.004565][T27071] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1501.111857][T27071] F2FS-fs (loop7): Start checkpoint disabled!
[ 1501.258997][T27071] F2FS-fs (loop7): f2fs_disable_checkpoint() finish, err:0
[ 1501.280851][T25890] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[ 1501.282751][T27071] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[ 1501.458669][T25890] usb 6-1: Using ep0 maxpacket: 16
[ 1501.461482][T25890] usb 6-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1501.461512][T25890] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1501.835194][T25890] usb 6-1: config 0 descriptor??
[ 1501.868363][T25890] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1502.398954][  T158] kworker/u8:6: attempt to access beyond end of device
[ 1502.398954][  T158] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1502.399031][  T158] CPU: 1 UID: 0 PID: 158 Comm: kworker/u8:6 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1502.399065][  T158] Tainted: [L]=SOFTLOCKUP
[ 1502.399075][  T158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1502.399090][  T158] Workqueue: writeback wb_workfn (flush-7:7)
[ 1502.399134][  T158] Call Trace:
[ 1502.399144][  T158]  <TASK>
[ 1502.399155][  T158]  dump_stack_lvl+0xe8/0x150
[ 1502.399190][  T158]  f2fs_stop_checkpoint+0x383/0x540
[ 1502.399223][  T158]  f2fs_write_end_io+0x1274/0x1740
[ 1502.399284][  T158]  __submit_merged_bio+0x256/0x6a0
[ 1502.399320][  T158]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1502.399358][  T158]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1502.399417][  T158]  f2fs_write_data_pages+0x287e/0x34f0
[ 1502.399503][  T158]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1502.399551][  T158]  ? __lock_acquire+0x6b5/0x2d10
[ 1502.399637][  T158]  ? __lock_acquire+0x6b5/0x2d10
[ 1502.399725][  T158]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1502.399757][  T158]  do_writepages+0x32e/0x550
[ 1502.399787][  T158]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 1502.399816][  T158]  ? reacquire_held_locks+0x104/0x190
[ 1502.399841][  T158]  ? rt_spin_lock+0x1e0/0x400
[ 1502.399882][  T158]  __writeback_single_inode+0x133/0x10e0
[ 1502.399912][  T158]  ? rt_spin_unlock+0x160/0x200
[ 1502.399944][  T158]  writeback_sb_inodes+0x97f/0x1980
[ 1502.400006][  T158]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1502.400083][  T158]  ? __pfx_rt_spin_lock+0x10/0x10
[ 1502.400106][  T158]  ? rt_spin_unlock+0x14f/0x200
[ 1502.400148][  T158]  wb_writeback+0x445/0xb00
[ 1502.400177][  T158]  ? queue_io+0x211/0x440
[ 1502.400211][  T158]  ? __pfx_wb_writeback+0x10/0x10
[ 1502.400257][  T158]  wb_workfn+0x3fd/0xf20
[ 1502.400286][  T158]  ? look_up_lock_class+0x57/0x110
[ 1502.400343][  T158]  ? __pfx_wb_workfn+0x10/0x10
[ 1502.400380][  T158]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1502.400414][  T158]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1502.400454][  T158]  ? process_one_work+0x8b7/0x1710
[ 1502.400484][  T158]  ? process_one_work+0x8b7/0x1710
[ 1502.400529][  T158]  ? process_one_work+0x8b7/0x1710
[ 1502.400556][  T158]  process_one_work+0x9a3/0x1710
[ 1502.400615][  T158]  ? __pfx_process_one_work+0x10/0x10
[ 1502.400641][  T158]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1502.400696][  T158]  worker_thread+0xba8/0x11e0
[ 1502.400762][  T158]  kthread+0x388/0x470
[ 1502.400799][  T158]  ? __pfx_worker_thread+0x10/0x10
[ 1502.400824][  T158]  ? __pfx_kthread+0x10/0x10
[ 1502.400861][  T158]  ret_from_fork+0x514/0xb70
[ 1502.400897][  T158]  ? __pfx_ret_from_fork+0x10/0x10
[ 1502.400927][  T158]  ? __switch_to+0xc79/0x1410
[ 1502.400956][  T158]  ? __pfx_kthread+0x10/0x10
[ 1502.400993][  T158]  ret_from_fork_asm+0x1a/0x30
[ 1502.401047][  T158]  </TASK>
[ 1502.724988][  T158] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[ 1503.453429][T25890] gspca_sonixj: i2c_w8 err -71
[ 1503.466868][T25890] sonixj 6-1:0.0: probe with driver sonixj failed with error -71
[ 1503.502368][T25890] usb 6-1: USB disconnect, device number 12
[ 1504.092421][T27132] loop2: detected capacity change from 0 to 7
[ 1504.317225][T27132] Dev loop2: unable to read RDB block 7
[ 1504.317285][T27132]  loop2: unable to read partition table
[ 1504.317517][T27132] loop2: partition table beyond EOD, truncated
[ 1504.317554][T27132] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1504.463036][ T5275] 8021q: adding VLAN 0 to HW filter on device eth8
[ 1504.762330][   T38] audit: type=1326 audit(2000000296.510:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27145 comm="syz.7.6174" exe="/root/ci-upstream-linux-next-kasan-gce-root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fec6d6dcdd9 code=0x0
[ 1504.851525][T25890] af_packet: tpacket_rcv: packet too big, clamped from 80 to 4294967272. macoff=96
[ 1505.576841][   T10] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1505.756807][   T10] usb 9-1: Using ep0 maxpacket: 32
[ 1505.759884][   T10] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1505.768005][   T10] usb 9-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice= 0.40
[ 1505.768082][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1505.768140][   T10] usb 9-1: Product: syz
[ 1505.768183][   T10] usb 9-1: Manufacturer: syz
[ 1505.768206][   T10] usb 9-1: SerialNumber: syz
[ 1506.482642][   T10] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[ 1506.681726][T27193] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6198'.
[ 1506.681923][T27193] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1506.899390][T27193] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1507.083833][T27201] loop6: detected capacity change from 0 to 128
[ 1507.397269][   T10] snd-usb-audio 9-1:1.0: probe with driver snd-usb-audio failed with error -71
[ 1507.667244][   T10] usb 9-1: USB disconnect, device number 5
[ 1508.747684][   T37] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 1509.211450][   T37] usb 4-1: Using ep0 maxpacket: 32
[ 1509.222763][   T37] usb 4-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1509.222811][   T37] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1509.222829][   T37] usb 4-1: Product: syz
[ 1509.222849][   T37] usb 4-1: Manufacturer: syz
[ 1509.222863][   T37] usb 4-1: SerialNumber: syz
[ 1509.270327][   T37] usb 4-1: config 0 descriptor??
[ 1509.285380][   T37] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1510.485703][T27276] loop8: detected capacity change from 0 to 512
[ 1510.682688][T27279] netlink: 'syz.6.6217': attribute type 1 has an invalid length.
[ 1510.725340][T27276] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1510.725488][T27276] ext4 filesystem being mounted at /133/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1510.875900][   T37] gspca_ov534_9: reg_r err -71
[ 1511.179263][   T37] gspca_ov534_9: Unknown sensor 0000
[ 1511.179370][   T37] ov534_9 4-1:0.0: probe with driver ov534_9 failed with error -22
[ 1511.209801][   T37] usb 4-1: USB disconnect, device number 6
[ 1511.757668][ T5744] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1511.959668][ T5744] usb 7-1: config 0 has too many interfaces: 253, using maximum allowed: 32
[ 1511.959701][ T5744] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 253
[ 1511.963935][ T5744] usb 7-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac
[ 1511.963966][ T5744] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1511.963989][ T5744] usb 7-1: Product: syz
[ 1511.964005][ T5744] usb 7-1: Manufacturer: syz
[ 1511.964021][ T5744] usb 7-1: SerialNumber: syz
[ 1512.036983][ T5744] usb 7-1: config 0 descriptor??
[ 1512.075476][   T38] audit: type=1800 audit(2000000303.820:425): pid=27289 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.6216" name="file1" dev="loop8" ino=15 res=0 errno=0
[ 1512.087390][ T5744] gspca_main: sunplus-2.14.0 probing 055f:c630
[ 1512.143969][T27314] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6224'.
[ 1512.143993][T27314] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6224'.
[ 1512.660293][T24452] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1513.472254][ T5744] gspca_sunplus: reg_r err -71
[ 1513.472356][ T5744] sunplus 7-1:0.0: probe with driver sunplus failed with error -71
[ 1513.610502][ T5744] usb 7-1: USB disconnect, device number 8
[ 1513.674449][   T37] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[ 1513.896867][   T37] usb 4-1: Using ep0 maxpacket: 32
[ 1513.949565][   T37] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[ 1513.949595][   T37] usb 4-1: config 0 has no interface number 0
[ 1513.968483][   T37] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1513.968569][   T37] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1513.968623][   T37] usb 4-1: Product: syz
[ 1513.968675][   T37] usb 4-1: Manufacturer: syz
[ 1513.968718][   T37] usb 4-1: SerialNumber: syz
[ 1514.051713][   T37] usb 4-1: config 0 descriptor??
[ 1514.172566][   T37] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1514.414219][   T37] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1514.874509][   T37] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1515.408419][    C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1515.412720][ T5349] usb 4-1: USB disconnect, device number 7
[ 1515.678913][ T5349] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1515.947443][T27383] loop7: detected capacity change from 0 to 512
[ 1516.166264][T27383] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1516.166382][T27383] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1516.193133][ T5349] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1516.380817][ T5349] quatech2 4-1:0.51: device disconnected
[ 1516.856830][ T5349] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1517.046744][ T5349] usb 4-1: Using ep0 maxpacket: 8
[ 1517.078536][ T5349] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[ 1517.078564][ T5349] usb 4-1: config 0 has no interface number 0
[ 1517.078603][ T5349] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1517.078626][ T5349] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1517.078650][ T5349] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1517.078675][ T5349] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1517.078714][ T5349] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1517.078737][ T5349] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1517.196257][ T5349] usb 4-1: config 0 descriptor??
[ 1517.346484][ T5349] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1517.378621][T27418] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6252'.
[ 1517.389962][T27418] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6252'.
[ 1517.631813][ T5349] usb 4-1: USB disconnect, device number 8
[ 1517.704135][ T5349] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[ 1517.896110][T26480] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1518.877608][T27454] loop6: detected capacity change from 0 to 128
[ 1519.030741][T21380] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 1519.085057][T15101] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[ 1519.102159][T27454] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1519.132367][T27454] ext4 filesystem being mounted at /124/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1519.205353][T21380] usb 9-1: Using ep0 maxpacket: 16
[ 1519.221095][T21380] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1519.221152][T21380] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1519.221180][T21380] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1519.221220][T21380] usb 9-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[ 1519.221251][T21380] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1519.275918][T21380] usb 9-1: config 0 descriptor??
[ 1519.317012][T15101] usb 8-1: Using ep0 maxpacket: 32
[ 1519.385507][ T5744] libceph: connect (1)[c::]:6789 error -101
[ 1519.385808][ T5744] libceph: mon0 (1)[c::]:6789 connect error
[ 1519.430067][ T5744] libceph: connect (1)[c::]:6789 error -101
[ 1519.430354][ T5744] libceph: mon0 (1)[c::]:6789 connect error
[ 1519.535795][T15101] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1519.610793][T15101] usb 8-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice= 0.40
[ 1519.610829][T15101] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1519.610852][T15101] usb 8-1: Product: syz
[ 1519.610868][T15101] usb 8-1: Manufacturer: syz
[ 1519.610884][T15101] usb 8-1: SerialNumber: syz
[ 1519.661793][T27454] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[ 1519.696425][T27444] ceph: No mds server is up or the cluster is laggy
[ 1519.781254][ T5349] libceph: connect (1)[c::]:6789 error -101
[ 1519.781945][ T5349] libceph: mon0 (1)[c::]:6789 connect error
[ 1520.263046][T21380] hid_parser_main: 4007 callbacks suppressed
[ 1520.263148][T21380] hid-picolcd 0003:04D8:F002.0017: unknown main item tag 0x0
[ 1520.263183][T21380] hid-picolcd 0003:04D8:F002.0017: unknown main item tag 0x1
[ 1520.263213][T21380] hid-picolcd 0003:04D8:F002.0017: item fetching failed at offset 4/5
[ 1520.264936][T21380] hid-picolcd 0003:04D8:F002.0017: device report parse failed
[ 1520.265054][T21380] hid-picolcd 0003:04D8:F002.0017: probe with driver hid-picolcd failed with error -22
[ 1520.367925][ T5349] libceph: connect (1)[c::]:6789 error -101
[ 1520.368130][ T5349] libceph: mon0 (1)[c::]:6789 connect error
[ 1520.524749][T15101] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[ 1520.892303][T15101] snd-usb-audio 8-1:1.0: probe with driver snd-usb-audio failed with error -71
[ 1520.953544][T21380] usb 9-1: USB disconnect, device number 6
[ 1521.009086][T15101] usb 8-1: USB disconnect, device number 15
[ 1521.327149][T24429] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1522.236787][T14655] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1522.450552][T14655] usb 7-1: Using ep0 maxpacket: 8
[ 1522.452914][T14655] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1522.452978][T14655] usb 7-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[ 1522.453003][T14655] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1522.588022][T14655] usb 7-1: config 0 descriptor??
[ 1522.657182][T14655] gspca_main: vc032x-2.14.0 probing 046d:0892
[ 1522.770378][T27498] binder: 27496:27498 ioctl c0306201 200000001a80 returned -14
[ 1522.792030][   T37] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1522.891233][T27518] netlink: 14 bytes leftover after parsing attributes in process `syz.5.6278'.
[ 1523.014233][   T37] usb 9-1: Using ep0 maxpacket: 16
[ 1523.034219][   T37] usb 9-1: config 0 has an invalid interface number: 34 but max is 0
[ 1523.034248][   T37] usb 9-1: config 0 has no interface number 0
[ 1523.034298][   T37] usb 9-1: config 0 interface 34 altsetting 0 bulk endpoint 0xA has invalid maxpacket 1023
[ 1523.034326][   T37] usb 9-1: config 0 interface 34 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 80
[ 1523.077832][   T37] usb 9-1: New USB device found, idVendor=0b95, idProduct=772a, bcdDevice=82.73
[ 1523.077864][   T37] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1523.077888][   T37] usb 9-1: Product: syz
[ 1523.077905][   T37] usb 9-1: Manufacturer: syz
[ 1523.077923][   T37] usb 9-1: SerialNumber: syz
[ 1523.133018][   T37] usb 9-1: config 0 descriptor??
[ 1523.153509][T27510] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1523.153709][T27510] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1523.394393][T27510] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1523.394917][T27510] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1523.899142][T14655] gspca_vc032x: reg_w err -71
[ 1523.899240][T14655] vc032x 7-1:0.0: probe with driver vc032x failed with error -71
[ 1523.902457][T14655] usb 7-1: USB disconnect, device number 9
[ 1524.610719][   T37] asix 9-1:0.34 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1524.610753][   T37] asix 9-1:0.34 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1524.611148][   T37] asix 9-1:0.34: probe with driver asix failed with error -71
[ 1524.687357][   T37] usb 9-1: USB disconnect, device number 7
[ 1525.937270][T14655] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[ 1526.092545][T14655] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1526.092583][T14655] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1526.092614][T14655] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1526.092650][T14655] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1526.092675][T14655] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1526.346289][T14655] usb 4-1: config 0 descriptor??
[ 1526.802748][T14655] hid (null): unknown global tag 0xc
[ 1527.020898][T14655] usb 4-1: USB disconnect, device number 9
[ 1527.794551][T27597] loop6: detected capacity change from 0 to 32768
[ 1527.795787][T27597] btrfs: Deprecated parameter 'usebackuproot'
[ 1527.795809][T27597] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[ 1527.800986][T27597] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.6298 (27597)
[ 1527.961488][T27597] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1527.961525][T27597] BTRFS info (device loop6): using crc32c checksum algorithm
[ 1528.268289][T17420] BTRFS warning (device loop6): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[ 1528.271582][T27597] BTRFS error (device loop6): failed to load root extent
[ 1528.271632][T27597] BTRFS warning (device loop6): try to load backup roots slot 1
[ 1528.324239][T17420] BTRFS warning (device loop6): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[ 1528.324357][T27597] BTRFS warning (device loop6): couldn't read tree root
[ 1528.324380][T27597] BTRFS warning (device loop6): try to load backup roots slot 2
[ 1528.363360][ T9627] BTRFS error (device loop6): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[ 1528.367822][T27597] BTRFS warning (device loop6): couldn't read tree root
[ 1528.367848][T27597] BTRFS warning (device loop6): try to load backup roots slot 3
[ 1528.471304][T27597] BTRFS info (device loop6): rebuilding free space tree
[ 1528.570825][T27597] BTRFS info (device loop6): checking UUID tree
[ 1528.571403][T27597] BTRFS info (device loop6): enabling ssd optimizations
[ 1528.571428][T27597] BTRFS info (device loop6): turning on async discard
[ 1528.571444][T27597] BTRFS info (device loop6): enabling free space tree
[ 1528.571463][T27597] BTRFS info (device loop6): force clearing of disk cache
[ 1528.571482][T27597] BTRFS info (device loop6): enabling auto defrag
[ 1528.571499][T27597] BTRFS info (device loop6): trying to use backup root at mount time
[ 1528.571540][T27597] BTRFS info (device loop6): use zstd compression, level 3
[ 1529.764961][T27643] loop7: detected capacity change from 0 to 512
[ 1529.836756][T24429] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1530.216364][T27643] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1530.252312][T27643] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1530.602076][T27643] EXT4-fs error (device loop7): ext4_do_update_inode:5690: inode #2: comm syz.7.6311: corrupted inode contents
[ 1530.613648][T27643] EXT4-fs error (device loop7): ext4_dirty_inode:6587: inode #2: comm syz.7.6311: mark_inode_dirty error
[ 1530.685576][T27643] EXT4-fs error (device loop7): ext4_do_update_inode:5690: inode #2: comm syz.7.6311: corrupted inode contents
[ 1530.755608][T27643] EXT4-fs error (device loop7): __ext4_ext_dirty:207: inode #2: comm syz.7.6311: mark_inode_dirty error
[ 1532.138631][ T5622] Bluetooth: hci5: command 0x0406 tx timeout
[ 1533.795106][T27670] loop3: detected capacity change from 0 to 32768
[ 1535.585257][T26480] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1535.802085][T27676] loop8: detected capacity change from 0 to 512
[ 1536.219122][T27670] JBD2: Ignoring recovery information on journal
[ 1536.391072][T27670] JBD2: journal reset failed
[ 1536.391088][T27670] (syz.3.6317,27670,1):ocfs2_journal_load:1162 ERROR: Failed to load journal!
[ 1536.391192][T27670] (syz.3.6317,27670,1):ocfs2_check_volume:2376 ERROR: ocfs2 journal load failed! -4
[ 1536.531882][T27676] EXT4-fs (loop8): 1 truncate cleaned up
[ 1536.756832][T27676] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1536.991237][   T38] audit: type=1800 audit(2000000584.719:426): pid=27676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.6319" name="file1" dev="loop8" ino=15 res=0 errno=0
[ 1538.347667][T24452] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1538.631903][T27706] Bluetooth: MGMT ver 1.23
[ 1538.712566][T27708] Bluetooth: hci0: Opcode 0x0401 failed: -4
[ 1540.816922][ T4930] Bluetooth: hci0: command 0x0401 tx timeout
[ 1541.400312][T27775] loop3: detected capacity change from 0 to 64
[ 1541.425989][T27775] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing
[ 1542.706805][T25888] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[ 1542.953720][T25888] usb 8-1: Using ep0 maxpacket: 32
[ 1542.956289][T25888] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1542.956324][T25888] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1542.956365][T25888] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1542.956391][T25888] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1543.049533][T25888] usb 8-1: config 0 descriptor??
[ 1543.101833][T25888] hub 8-1:0.0: USB hub found
[ 1543.352254][T25888] hub 8-1:0.0: 1 port detected
[ 1543.599992][T27819] loop8: detected capacity change from 0 to 32768
[ 1543.730872][T27819] JBD2: Ignoring recovery information on journal
[ 1544.036908][   T37] hub 8-1:0.0: activate --> -90
[ 1544.107416][T27819] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[ 1544.607102][T14655] usb 8-1: USB disconnect, device number 16
[ 1544.736998][   T39] INFO: task syz.9.5835:25488 blocked for more than 143 seconds.
[ 1544.737026][   T39]       Tainted: G             L      syzkaller #0
[ 1544.737046][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1544.737057][   T39] task:syz.9.5835      state:D stack:24440 pid:25488 tgid:25487 ppid:24269  task_flags:0x400140 flags:0x00080002
[ 1544.737119][   T39] Call Trace:
[ 1544.737127][   T39]  <TASK>
[ 1544.737142][   T39]  __schedule+0x169e/0x54f0
[ 1544.737230][   T39]  ? __pfx___schedule+0x10/0x10
[ 1544.737274][   T39]  ? schedule+0x90/0x360
[ 1544.737308][   T39]  schedule+0x164/0x360
[ 1544.737341][   T39]  __wait_on_freeing_inode+0x166/0x3b0
[ 1544.737448][   T39]  ? __pfx___wait_on_freeing_inode+0x10/0x10
[ 1544.737476][   T39]  ? rt_spin_lock+0x2ce/0x400
[ 1544.737506][   T39]  ? __pfx_var_wake_function+0x10/0x10
[ 1544.737599][   T39]  find_inode_fast+0x30c/0x550
[ 1544.737625][   T39]  ? find_inode_fast+0xd2/0x550
[ 1544.737657][   T39]  iget_locked+0xd0/0x6a0
[ 1544.737690][   T39]  __ext4_iget+0x245/0x45c0
[ 1544.737794][   T39]  ? rcu_is_watching+0x15/0xb0
[ 1544.737820][   T39]  ? trace_kmalloc+0x2a/0xf0
[ 1544.737887][   T39]  ? __pfx___ext4_iget+0x10/0x10
[ 1544.737920][   T39]  ? __kvmalloc_node_noprof+0x3df/0x8e0
[ 1544.737952][   T39]  ? ext4_xattr_inode_lookup_create+0x3b7/0x1ce0
[ 1544.738045][   T39]  ext4_xattr_inode_lookup_create+0x435/0x1ce0
[ 1544.738102][   T39]  ? __pfx_ext4_xattr_inode_lookup_create+0x10/0x10
[ 1544.738136][   T39]  ? rt_spin_unlock+0x160/0x200
[ 1544.738167][   T39]  ? iput+0xb25/0xe80
[ 1544.738197][   T39]  ? ext4_xattr_block_set+0xd3/0x2ad0
[ 1544.738239][   T39]  ext4_xattr_block_set+0x229/0x2ad0
[ 1544.738298][   T39]  ? __pfx_ext4_fc_track_inode+0x10/0x10
[ 1544.741893][   T39]  ? __ext4_journal_get_write_access+0x27f/0x590
[ 1544.742017][   T39]  ? __pfx___ext4_journal_get_write_access+0x10/0x10
[ 1544.742074][   T39]  ? __pfx_ext4_xattr_block_set+0x10/0x10
[ 1544.742109][   T39]  ? ext4_xattr_ibody_set+0x212/0x6a0
[ 1544.742154][   T39]  ext4_xattr_set_handle+0xe34/0x14c0
[ 1544.742188][   T39]  ? rt_spin_unlock+0x14f/0x200
[ 1544.742239][   T39]  ? __pfx_ext4_xattr_set_handle+0x10/0x10
[ 1544.742273][   T39]  ? ext4_journal_check_start+0x1c/0x2b0
[ 1544.742320][   T39]  ? __ext4_journal_start_sb+0x259/0x5d0
[ 1544.742361][   T39]  ext4_xattr_set+0x255/0x340
[ 1544.742396][   T39]  ? __pfx_ext4_xattr_set+0x10/0x10
[ 1544.742423][   T39]  ? __pfx_evm_protect_xattr+0x10/0x10
[ 1544.742500][   T39]  ? __pfx_ext4_xattr_trusted_set+0x10/0x10
[ 1544.742527][   T39]  __vfs_setxattr+0x43c/0x480
[ 1544.742603][   T39]  __vfs_setxattr_noperm+0x12d/0x660
[ 1544.742638][   T39]  vfs_setxattr+0x163/0x370
[ 1544.742669][   T39]  ? __pfx_vfs_setxattr+0x10/0x10
[ 1544.742705][   T39]  filename_setxattr+0x296/0x630
[ 1544.742741][   T39]  ? __pfx_filename_setxattr+0x10/0x10
[ 1544.742771][   T39]  ? do_getname+0x151/0x250
[ 1544.742831][   T39]  path_setxattrat+0x3eb/0x440
[ 1544.742894][   T39]  ? __pfx_path_setxattrat+0x10/0x10
[ 1544.742923][   T39]  ? do_futex+0x333/0x420
[ 1544.743013][   T39]  ? rcu_is_watching+0x15/0xb0
[ 1544.743052][   T39]  __x64_sys_setxattr+0xbc/0xe0
[ 1544.743079][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1544.743105][   T39]  do_syscall_64+0x15f/0xf80
[ 1544.743139][   T39]  ? trace_irq_disable+0x3b/0x140
[ 1544.743209][   T39]  ? clear_bhb_loop+0x40/0x90
[ 1544.743239][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1544.743264][   T39] RIP: 0033:0x7fd0d06dcdd9
[ 1544.743284][   T39] RSP: 002b:00007fd0ce936028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1544.743336][   T39] RAX: ffffffffffffffda RBX: 00007fd0d0955fa0 RCX: 00007fd0d06dcdd9
[ 1544.743353][   T39] RDX: 0000200000001400 RSI: 00002000000001c0 RDI: 0000200000000380
[ 1544.743369][   T39] RBP: 00007fd0d0772d69 R08: 0000000000000000 R09: 0000000000000000
[ 1544.743383][   T39] R10: 0000000000000835 R11: 0000000000000246 R12: 0000000000000000
[ 1544.963507][   T39] R13: 00007fd0d0956038 R14: 00007fd0d0955fa0 R15: 00007ffc2a8674f8
[ 1544.963626][   T39]  </TASK>
[ 1544.963668][   T39] INFO: task syz.9.5835:25499 blocked for more than 143 seconds.
[ 1544.963722][   T39]       Tainted: G             L      syzkaller #0
[ 1544.963755][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1544.963779][   T39] task:syz.9.5835      state:D stack:23696 pid:25499 tgid:25487 ppid:24269  task_flags:0x400140 flags:0x00080002
[ 1544.963944][   T39] Call Trace:
[ 1544.963967][   T39]  <TASK>
[ 1544.964017][   T39]  __schedule+0x169e/0x54f0
[ 1544.964158][   T39]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1544.964357][   T39]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1544.964455][   T39]  ? rt_spin_lock+0x1e0/0x400
[ 1544.964614][   T39]  ? __pfx___schedule+0x10/0x10
[ 1544.964667][   T39]  ? schedule+0x90/0x360
[ 1544.964730][   T39]  schedule+0x164/0x360
[ 1544.964887][   T39]  mb_cache_entry_wait_unused+0x17d/0x280
[ 1545.004179][   T39]  ? __pfx_mb_cache_entry_wait_unused+0x10/0x10
[ 1545.004291][   T39]  ? __pfx_var_wake_function+0x10/0x10
[ 1545.004392][   T39]  ? mb_cache_entry_delete_or_get+0x157/0x1e0
[ 1545.004469][   T39]  ext4_evict_ea_inode+0x14d/0x2f0
[ 1545.004616][   T39]  ext4_evict_inode+0x169/0x10e0
[ 1545.004719][   T39]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1545.004813][   T39]  ? reacquire_held_locks+0x104/0x190
[ 1545.004878][   T39]  ? rt_spin_lock+0x1e0/0x400
[ 1545.004965][   T39]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1545.005051][   T39]  ? __pfx_ext4_evict_inode+0x10/0x10
[ 1545.005123][   T39]  ? rt_spin_unlock+0x14f/0x200
[ 1545.005240][   T39]  ? rt_spin_unlock+0x160/0x200
[ 1545.005305][   T39]  ? __pfx_ext4_evict_inode+0x10/0x10
[ 1545.005382][   T39]  evict+0x61e/0xb10
[ 1545.005568][   T39]  ? rt_spin_unlock+0x14f/0x200
[ 1545.005642][   T39]  ? __pfx_evict+0x10/0x10
[ 1545.005672][   T39]  ? rt_spin_unlock+0x160/0x200
[ 1545.026856][   T39]  ? iput+0xb25/0xe80
[ 1545.027012][   T39]  ext4_xattr_ibody_set+0x510/0x6a0
[ 1545.027142][   T39]  ext4_xattr_set_handle+0xcc8/0x14c0
[ 1545.027237][   T39]  ? rt_spin_unlock+0x14f/0x200
[ 1545.027316][   T39]  ? __pfx_ext4_xattr_set_handle+0x10/0x10
[ 1545.027350][   T39]  ? ext4_journal_check_start+0x1c/0x2b0
[ 1545.027397][   T39]  ? __ext4_journal_start_sb+0x259/0x5d0
[ 1545.027529][   T39]  ext4_xattr_set+0x255/0x340
[ 1545.027600][   T39]  ? __pfx_ext4_xattr_set+0x10/0x10
[ 1545.027674][   T39]  ? __pfx_evm_protect_xattr+0x10/0x10
[ 1545.027749][   T39]  ? __pfx_ext4_xattr_trusted_set+0x10/0x10
[ 1545.027771][   T39]  __vfs_setxattr+0x43c/0x480
[ 1545.027874][   T39]  __vfs_setxattr_noperm+0x12d/0x660
[ 1545.027963][   T39]  vfs_setxattr+0x163/0x370
[ 1545.028057][   T39]  ? __pfx_vfs_setxattr+0x10/0x10
[ 1545.028139][   T39]  filename_setxattr+0x296/0x630
[ 1545.028242][   T39]  ? __pfx_filename_setxattr+0x10/0x10
[ 1545.028319][   T39]  ? do_getname+0x151/0x250
[ 1545.077462][   T39]  path_setxattrat+0x3eb/0x440
[ 1545.077611][   T39]  ? __pfx_path_setxattrat+0x10/0x10
[ 1545.077780][   T39]  ? kfree+0x4d/0x6c0
[ 1545.077870][   T39]  ? __pfx_kcov_ioctl+0x10/0x10
[ 1545.078031][   T39]  __x64_sys_setxattr+0xbc/0xe0
[ 1545.078108][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1545.078174][   T39]  do_syscall_64+0x15f/0xf80
[ 1545.078261][   T39]  ? trace_irq_disable+0x3b/0x140
[ 1545.078345][   T39]  ? clear_bhb_loop+0x40/0x90
[ 1545.078422][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1545.078479][   T39] RIP: 0033:0x7fd0d06dcdd9
[ 1545.078541][   T39] RSP: 002b:00007fd0ce915028 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1545.078606][   T39] RAX: ffffffffffffffda RBX: 00007fd0d0956090 RCX: 00007fd0d06dcdd9
[ 1545.078658][   T39] RDX: 0000200000001400 RSI: 00002000000001c0 RDI: 0000200000000200
[ 1545.078701][   T39] RBP: 00007fd0d0772d69 R08: 0000000000000001 R09: 0000000000000000
[ 1545.078736][   T39] R10: 0000000000000835 R11: 0000000000000246 R12: 0000000000000000
[ 1545.078785][   T39] R13: 00007fd0d0956128 R14: 00007fd0d0956090 R15: 00007ffc2a8674f8
[ 1545.078921][   T39]  </TASK>
[ 1545.113189][   T39] 
[ 1545.113189][   T39] Showing all locks held in the system:
[ 1545.113302][   T39] 2 locks held by kworker/u8:1/13:
[ 1545.113369][   T39]  #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.113603][   T39]  #1: ffffc90000127c40 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.113763][   T39] 4 locks held by pr/legacy/17:
[ 1545.113803][   T39]  #0: ffffffff8dfba420 (console_lock){+.+.}-{0:0}, at: legacy_kthread_func+0x1a3/0x250
[ 1545.114001][   T39]  #1: ffffffff8dea1d18 (console_srcu){....}-{0:0}, at: console_flush_one_record+0xfa/0xb90
[ 1545.114241][   T39]  #2: ffffffff99b66878 (&port_lock_key){+.+.}-{3:3}, at: serial8250_console_write+0x179/0x1b90
[ 1545.123770][   T39]  #3: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.123971][   T39] 11 locks held by kworker/1:1/37:
[ 1545.123999][   T39]  #0: ffff88813fe42538 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.124160][   T39]  #1: ffffc90000ac7c40 ((work_completion)(&(&tbl->gc_work)->work)){+.+.}-{0:0}, at: proces[ 1545.124160][   T39]  #1: ffffc90000ac7c40 ((work_completion)(&(&tbl->gc_work)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.124312][   T39]  #2: ffffffff8de5f300 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[ 1545.124505][   T39]  #3: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[ 1545.124844][   T39]  #4: ffffffff8f49c0b8 (&tbl->lock){+...}-{3:3}, at: neigh_periodic_work+0xc64/0xe90
[ 1545.125288][   T39]  #5: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.125469][   T39]  #6: ffffffff8de5f300 (local_bh){.+.+}-{1:3}, at: kvfree_call_rcu+0xd4/0x3c0
[ 1545.134689][   T39]  #7: ffff8880b8728558 (hrtimer_bases.lock){-...}-{2:2}, at: __hrtimer_rearm_deferred+0x99/0x460
[ 1545.134889][   T39]  #8: ffffffff997ef588 (&____s->seqcount#2){--..}-{0:0}, at: ktime_get+0x45/0x220
[ 1545.135076][   T39]  #9: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.135213][   T39]  #10: ffffffff8f3dd618 (nl_table_wait.lock.lock.wait_lock){....}-{2:2}, at: rt_mutex_slowunlock+0xbf/0x8b0
[ 1545.135670][   T39] 1 lock held by khungtaskd/39:
[ 1545.135853][   T39]  #0: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1545.136046][   T39] 2 locks held by kworker/u8:3/57:
[ 1545.136080][   T39]  #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.156802][   T39]  #1: ffffc9000123fc40 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.156989][   T39] 6 locks held by kworker/u8:6/158:
[ 1545.157016][   T39]  #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.157165][   T39]  #1: ffffc90003937c40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.157324][   T39]  #2: ffff888060a96310 (&devlink->lock_key#39){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbd0
[ 1545.157481][   T39]  #3: ffff88803a7b9d20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbd0
[ 1545.157952][   T39]  #4: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.158107][   T39]  #5: ffff88813fffbb98 (&zone->lock){+.+.}-{3:3}, at: get_page_from_freelist+0xcab/0x2850
[ 1545.172127][   T39] 6 locks held by kworker/u8:9/183:
[ 1545.172181][   T39]  #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.172355][   T39]  #1: ffffc90003a47c40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.172533][   T39]  #2: ffff8880646ca310 (&devlink->lock_key#41){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbd0
[ 1545.172706][   T39]  #3: ffff88805e8ab920 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbd0
[ 1545.172868][   T39]  #4: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.173007][   T39]  #5: ffff8880b8742d98 (&pcp->lock){+.+.}-{3:3}, at: get_page_from_freelist+0x8ad/0x2850
[ 1545.173497][   T39] 6 locks held by kworker/u8:13/1407:
[ 1545.173532][   T39]  #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.180887][   T39]  #1: ffffc90006a9fc40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.181276][   T39]  #2: ffff88803739e310 (&devlink->lock_key#44){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbd0
[ 1545.181481][   T39]  #3: ffff888060f54120 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbd0
[ 1545.181655][   T39]  #4: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.181823][   T39]  #5: ffff88813fffbb98 (&zone->lock){+.+.}-{3:3}, at: get_page_from_freelist+0xcab/0x2850
[ 1545.182074][   T39] 6 locks held by kworker/u8:14/3182:
[ 1545.182114][   T39]  #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.182267][   T39]  #1: ffffc9000faa7c40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.195412][   T39]  #2: ffff888033c9c310 (&devlink->lock_key#43){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbd0
[ 1545.195610][   T39]  #3: ffff88805fe5e120 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbd0
[ 1545.195792][   T39]  #4: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.195943][   T39]  #5: ffff88813fffbb98 (&zone->lock){+.+.}-{3:3}, at: get_page_from_freelist+0xcab/0x2850
[ 1545.197046][   T39] 1 lock held by klogd/4969:
[ 1545.197088][   T39]  #0: ffff88813fe33158 (&n->list_lock){+.+.}-{3:3}, at: __slab_free+0xf1/0x2a0
[ 1545.197271][   T39] 2 locks held by getty/5368:
[ 1545.197304][   T39]  #0: ffff888036f030a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1545.232295][   T39]  #1: ffffc90003cbe2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13a0
[ 1545.232603][   T39] 6 locks held by kworker/u8:21/9622:
[ 1545.232645][   T39]  #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.232803][   T39]  #1: ffffc90005bdfc40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.232896][   T39]  #2: ffff88802b63c310 (&devlink->lock_key#45){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbd0
[ 1545.233113][   T39]  #3: ffff8880611e6d20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbd0
[ 1545.239130][   T39]  #4: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.239311][   T39]  #5: ffff88813fffbb98 (&zone->lock){+.+.}-{3:3}, at: get_page_from_freelist+0xcab/0x2850
[ 1545.334552][   T39] 6 locks held by kworker/u8:24/9627:
[ 1545.334606][   T39]  #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.334795][   T39]  #1: ffffc90005c7fc40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.334948][   T39]  #2: ffff8880253fa310 (&devlink->lock_key#42){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbd0
[ 1545.335149][   T39]  #3: ffff8880258bb520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbd0
[ 1545.335348][   T39]  #4: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.335505][   T39]  #5: ffff88813fffbb98 (&zone->lock){+.+.}-{3:3}, at: get_page_from_freelist+0xcab/0x2850
[ 1545.335868][   T39] 5 locks held by kworker/u8:26/9633:
[ 1545.335901][   T39]  #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.358111][   T39]  #1: ffffc90005a87c40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.358260][   T39]  #2: ffff888038a9c310 (&devlink->lock_key#32){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbd0
[ 1545.358474][   T39]  #3: ffff888033caa920 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbd0
[ 1545.358646][   T39]  #4: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.358807][   T39] 5 locks held by kworker/0:7/14655:
[ 1545.358841][   T39]  #0: ffff888022af6138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.358994][   T39]  #1: ffffc90003e97c40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.359183][   T39]  #2: ffff88802ae66210 (&dev->mutex){....}-{4:4}, at: hub_event+0x17c/0x4f60
[ 1545.359422][   T39]  #3: ffff88801bed3348 (&root->kernfs_supers_rwsem){++++}-{4:4}, at: kernfs_remove_by_name_ns+0x3f/0x140
[ 1545.359592][   T39]  #4: ffff88801bed3238 (&root->kernfs_rwsem
[ 1545.391146][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[ 1545.406817][   T39] ){++++}-{4:4}, at: usb_hcd_submit_urb+0x10bc/0x1b50
[ 1545.406978][   T39] 5 locks held by kworker/u8:0/16380:
[ 1545.407006][   T39]  #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.407178][   T39]  #1: ffffc900038a7c40 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.407331][   T39]  #2: ffff888056b80310 (&devlink->lock_key#20){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbd0
[ 1545.407515][   T39]  #3: ffff88802c2d0520 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbd0
[ 1545.407676][   T39]  #4: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.407826][   T39] 4 locks held by kworker/u8:5/17417:
[ 1545.407840][   T39]  #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.407995][   T39]  #1: ffffc90004287c40 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.408193][   T39]  #2: ffff888059e908b8 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xb4/0x460
[ 1545.408360][   T39]  #3: ffff888059e90828 (&rdev->wiphy_work_lock){+.+.}-{3:3}, at: cfg80211_wiphy_work+0xf0/0x460
[ 1545.408531][   T39] 5 locks held by kworker/u8:12/22392:
[ 1545.438265][   T39]  #0: ffff88813fe7c138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.438486][   T39]  #1: ffffc90007edfc40 ((work_completion)(&(&kfence_timer)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.438641][   T39]  #2: ffffffff8de57c90 (cpu_hotplug_lock){++++}-{0:0}, at: static_key_enable+0x12/0x20
[ 1545.438881][   T39]  #3: ffffffff8e09ba98 (jump_label_mutex){+.+.}-{4:4}, at: static_key_enable_cpuslocked+0xcb/0x240
[ 1545.439035][   T39]  #4: ffffffff8de6e318 (text_mutex){+.+.}-{4:4}, at: arch_jump_label_transform_apply+0x17/0x30
[ 1545.439199][   T39] 2 locks held by syz-executor/24452:
[ 1545.439234][   T39]  #0: ffff888038e640d0 (&type->s_umount_key#87){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0
[ 1545.439399][   T39]  #1: ffff88801bed3348 (&root->kernfs_supers_rwsem){++++}-{4:4}, at: kernfs_remove_by_name_ns+0x3f/0x140
[ 1545.439586][   T39] 3 locks held by syz.9.5835/25488:
[ 1545.439621][   T39]  #0: ffff8880262ae480 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[ 1545.456341][   T39]  #1: ffff88806faa0ff0 (&sb->s_type->i_mutex_key#11){++++}-{4:4}, at: vfs_setxattr+0x13e/0x370
[ 1545.456539][   T39]  #2: ffff88806faa0c88 (&ei->xattr_sem){++++}-{4:4}, at: ext4_xattr_set_handle+0x19c/0x14c0
[ 1545.456700][   T39] 3 locks held by syz.9.5835/25499:
[ 1545.456715][   T39]  #0: ffff8880262ae480 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[ 1545.457243][   T39]  #1: ffff88806faa0420 (&sb->s_type->i_mutex_key#11){++++}-{4:4}, at: vfs_setxattr+0x13e/0x370
[ 1545.457420][   T39]  #2: ffff88806faa00b8 (&ei->xattr_sem){++++}-{4:4}, at: ext4_xattr_set_handle+0x19c/0x14c0
[ 1545.457617][   T39] 3 locks held by udevd/27053:
[ 1545.457651][   T39]  #0: ffff888040a010b0 (&mm->mmap_lock){++++}-{4:4}, at: do_mprotect_pkey+0x25b/0xd20
[ 1545.457903][   T39]  #1: ffffffff8e10ce10 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60
[ 1545.488445][   T39]  #2: ffff8880b87246c8 (psi_seq){-...}-{0:0}, at: psi_task_switch+0x53/0x880
[ 1545.488654][   T39] 4 locks held by udevd/27408:
[ 1545.488695][   T39]  #0: ffff888037324480 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[ 1545.488879][   T39]  #1: ffff888032f8d5b0 (&type->i_mutex_dir_key#5){++++}-{4:4}, at: path_openat+0xb5e/0x38a0
[ 1545.489029][   T39]  #2: ffffffff8e6e9678 (tomoyo_ss){.+.+}-{0:0}, at: tomoyo_path_number_perm+0x219/0x630
[ 1545.489289][   T39]  #3: ffffffff8e10ce10 (remove_cache_srcu){.+.+}-{0:0}, at: srcu_read_lock+0x27/0x60
[ 1545.489614][   T39] 5 locks held by kworker/u8:16/27665:
[ 1545.489656][   T39]  #0: ffff888033a4a138 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_one_work+0x890/0x1710
[ 1545.489819][   T39]  #1: ffffc90005977c40 ((work_completion)(&(&bat_priv->tt.work)->work)){+.+.}-{0:0}, at: process_one_work+0x8b7/0x1710
[ 1545.489974][   T39]  #2: ffffffff8de5f300 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[ 1545.542807][   T39]  #3: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[ 1545.542966][   T39]  #4: ffff888055cb78d8 (key#18){+...}-{3:3}, at: batadv_tt_purge+0x138/0xa10
[ 1545.543232][   T39] 4 locks held by syz.7.6350/27797:
[ 1545.543276][   T39]  #0: ffff888036ed10b0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x194/0x9e0
[ 1545.543431][   T39]  #1: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: __pte_offset_map+0x29/0x200
[ 1545.543575][   T39]  #2: ffff8880324c3b98 (ptlock_ptr(ptdesc)#2){+.+.}-{3:3}, at: pte_offset_map_lock+0x13d/0x210
[ 1545.543947][   T39]  #3: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.544143][   T39] 2 locks held by sed/27837:
[ 1545.563414][   T39]  #0: ffff888034dd9db0 (&mm->mmap_lock){++++}-{4:4}, at: __se_sys_brk+0x164/0xba0
[ 1545.563603][   T39]  #1: ffff8880b873b9a0 (&rq->__lock){-...}-{2:2}, at: raw_spin_rq_lock_nested+0x31/0x150
[ 1545.563832][   T39] 5 locks held by syz.6.6361/27840:
[ 1545.563875][   T39]  #0: ffff88806286c4b0 (&mm->mmap_lock){++++}-{4:4}, at: exit_mmap+0x194/0x9e0
[ 1545.564020][   T39]  #1: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: __pte_offset_map+0x29/0x200
[ 1545.564171][   T39]  #2: ffff8880414104d8 (ptlock_ptr(ptdesc)#2){+.+.}-{3:3}, at: pte_offset_map_lock+0x13d/0x210
[ 1545.564508][   T39]  #3: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1e0/0x400
[ 1545.564660][   T39]  #4: ffffffff8dfc8180 (rcu_read_lock){....}-{1:3}, at: page_table_check_clear+0x124/0x4f0
[ 1545.564877][   T39] 4 locks held by syz.5.6362/27842:
[ 1545.564911][   T39]  #0: ffff888037e09f28 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x252/0x320
[ 1545.583593][   T39]  #1: ffff8880405f2990 (&sb->s_type->i_mutex_key#12){++++}-{4:4}, at: iterate_dir+0x29e/0x580
[ 1545.583799][   T39]  #2: ffff888062869db0 (&mm->mmap_lock){++++}-{4:4}, at: lock_mm_and_find_vma+0x36/0x340
[ 1545.584025][   T39]  #3: ffff88802c606568 (&anon_vma->rwsem){++++}-{4:4}, at: __anon_vma_prepare+0x21c/0x4a0
[ 1545.584385][   T39] 
[ 1545.584406][   T39] =============================================
[ 1545.584406][   T39] 
[ 1545.584446][   T39] NMI backtrace for cpu 1
[ 1545.584510][   T39] CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1545.584601][   T39] Tainted: [L]=SOFTLOCKUP
[ 1545.584630][   T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1545.584685][   T39] Call Trace:
[ 1545.584707][   T39]  <TASK>
[ 1545.584733][   T39]  dump_stack_lvl+0xe8/0x150
[ 1545.584840][   T39]  nmi_cpu_backtrace+0x274/0x2d0
[ 1545.584914][   T39]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1545.585018][   T39]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1545.585096][   T39]  sys_info+0x135/0x170
[ 1545.585176][   T39]  watchdog+0xfd3/0x1030
[ 1545.585274][   T39]  ? watchdog+0x1c9/0x1030
[ 1545.585369][   T39]  kthread+0x388/0x470
[ 1545.585460][   T39]  ? __pfx_watchdog+0x10/0x10
[ 1545.585527][   T39]  ? __pfx_kthread+0x10/0x10
[ 1545.585621][   T39]  ret_from_fork+0x514/0xb70
[ 1545.585705][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[ 1545.585786][   T39]  ? __switch_to+0xc79/0x1410
[ 1545.585814][   T39]  ? __pfx_kthread+0x10/0x10
[ 1545.585900][   T39]  ret_from_fork_asm+0x1a/0x30
[ 1545.586035][   T39]  </TASK>
[ 1545.586119][   T39] Sending NMI from CPU 1 to CPUs 0:
[ 1545.586187][    C0] NMI backtrace for cpu 0
[ 1545.586205][    C0] CPU: 0 UID: 0 PID: 17 Comm: pr/legacy Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1545.586231][    C0] Tainted: [L]=SOFTLOCKUP
[ 1545.586238][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1545.586250][    C0] RIP: 0010:io_serial_in+0x77/0xc0
[ 1545.586280][    C0] Code: e8 7e dc 86 fc 44 89 f9 d3 e3 49 83 ee 80 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 2f 66 f0 fc 41 03 1e 89 da ec <0f> b6 c0 5b 41 5c 41 5e 41 5f e9 9a 3f ed 05 cc 44 89 f9 80 e1 07
[ 1545.586335][    C0] RSP: 0018:ffffc900001679d0 EFLAGS: 00000202
[ 1545.586352][    C0] RAX: 1ffffffff336cd00 RBX: 00000000000003fd RCX: 0000000000000000
[ 1545.586365][    C0] RDX: 00000000000003fd RSI: 0000000000000000 RDI: 0000000000000000
[ 1545.586377][    C0] RBP: ffffffff99b66b30 R08: 0000000000000000 R09: 0000000000000000
[ 1545.586390][    C0] R10: dffffc0000000000 R11: ffffffff853dba80 R12: dffffc0000000000
[ 1545.586404][    C0] R13: 0000000000000000 R14: ffffffff99b668a0 R15: 0000000000000000
[ 1545.586417][    C0] FS:  0000000000000000(0000) GS:ffff888125f2a000(0000) knlGS:0000000000000000
[ 1545.586433][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1545.586446][    C0] CR2: 0000001b33523ffc CR3: 000000003b0da000 CR4: 00000000003526f0
[ 1545.586462][    C0] Call Trace:
[ 1545.586470][    C0]  <TASK>
[ 1545.586479][    C0]  wait_for_lsr+0x1aa/0x2f0
[ 1545.586510][    C0]  serial8250_console_write+0x120d/0x1b90
[ 1545.586545][    C0]  ? __pfx_serial8250_console_write+0x10/0x10
[ 1545.586572][    C0]  ? console_flush_one_record+0xfa/0xb90
[ 1545.586609][    C0]  ? console_flush_one_record+0x48f/0xb90
[ 1545.586641][    C0]  console_flush_one_record+0x68b/0xb90
[ 1545.586671][    C0]  ? console_flush_one_record+0xfa/0xb90
[ 1545.586701][    C0]  ? __pfx_console_flush_one_record+0x10/0x10
[ 1545.586728][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1545.586761][    C0]  legacy_kthread_func+0x1b6/0x250
[ 1545.586789][    C0]  ? __pfx_legacy_kthread_func+0x10/0x10
[ 1545.586815][    C0]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1545.586843][    C0]  ? __kthread_parkme+0x7a/0x1f0
[ 1545.586873][    C0]  kthread+0x388/0x470
[ 1545.586900][    C0]  ? __pfx_legacy_kthread_func+0x10/0x10
[ 1545.586925][    C0]  ? __pfx_kthread+0x10/0x10
[ 1545.586953][    C0]  ret_from_fork+0x514/0xb70
[ 1545.586978][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1545.587007][    C0]  ? __switch_to+0xc79/0x1410
[ 1545.587027][    C0]  ? __pfx_kthread+0x10/0x10
[ 1545.587055][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1545.587090][    C0]  </TASK>
[ 1545.654178][   T39] Kernel panic - not syncing: hung_task: blocked tasks
[ 1545.654262][   T39] CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1545.654355][   T39] Tainted: [L]=SOFTLOCKUP
[ 1545.654378][   T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1545.654412][   T39] Call Trace:
[ 1545.654443][   T39]  <TASK>
[ 1545.654467][   T39]  vpanic+0x56c/0xa60
[ 1545.654565][   T39]  ? __pfx___schedule+0x10/0x10
[ 1545.654666][   T39]  ? __pfx_vpanic+0x10/0x10
[ 1545.654811][   T39]  panic+0xc5/0xd0
[ 1545.654896][   T39]  ? __pfx_panic+0x10/0x10
[ 1545.654984][   T39]  ? preempt_schedule_thunk+0x16/0x30
[ 1545.655061][   T39]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1545.655156][   T39]  watchdog+0x102c/0x1030
[ 1545.655264][   T39]  ? watchdog+0x1c9/0x1030
[ 1545.655353][   T39]  kthread+0x388/0x470
[ 1545.655461][   T39]  ? __pfx_watchdog+0x10/0x10
[ 1545.655528][   T39]  ? __pfx_kthread+0x10/0x10
[ 1545.655622][   T39]  ret_from_fork+0x514/0xb70
[ 1545.655733][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[ 1545.655808][   T39]  ? __switch_to+0xc79/0x1410
[ 1545.655882][   T39]  ? __pfx_kthread+0x10/0x10
[ 1545.655964][   T39]  ret_from_fork_asm+0x1a/0x30
[ 1545.656123][   T39]  </TASK>
[ 1545.656740][   T39] Kernel Offset: disabled