last executing test programs:

2m37.920551087s ago: executing program 2 (id=423):
r0 = fsopen(&(0x7f00000000c0)='jffs2\x00', 0x0)
fgetxattr(r0, &(0x7f0000000040)=ANY=[@ANYRESOCT], 0x0, 0x0)

2m37.665134172s ago: executing program 2 (id=424):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001880)={0x1e, 0x0, [{0x4000, 0x62, &(0x7f0000003040)=""/98}, {0x3000, 0x11, &(0x7f00000004c0)=""/17}]})

2m36.268985835s ago: executing program 2 (id=428):
r0 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
syz_mount_image$squashfs(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="00f14b033cf178b83cad2fbc7b3d3219638693ba046d223863ca830350e29ed0ede95a83eb4437c13c4ab31d7581239c8c9a13f73340b4b0c51883830aa6c75037c6a1d307fc02ad014879701cf1f62cc23f47e450cb2d20e83ec3d5ad1385f6826de4ee17358d23a560ed2e7a8253df4c8eff0cd5e9fb357723f470860a0a633fffcb34c448b8f363bef776a15fe79d45da9baa8ba1cafa94f9037ea8375cccecbde864e40387409caa"], 0x1, 0x22a, &(0x7f00000003c0)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExUwlkmniKIqMAA4/I11MPGJIZ+GMZLOd5r7kUlDnlqtDbpftB6r1CKzcxMKqn8C+as2GC00xesLGMkVEIc+6ZMR+QmcUBMoiBgWHyn4h7D1gkGUSQzBLl+Cd2qmX5KrPO+wwzOqalMTAazOJgYGDQO6I7086At5sJamZxZVV2Yk5OalHxGQZU8ycz7mdSZASpO/P3avADRjuG7lgGRga5Df5qi7/9karcuKk+cnpVRM3U7qabS9fHMWzT/3vFROr9xIyw/w8OCWpZ5OV/mCej9H1zw5wPNXVPTBw7G5Xn8rde/vvufUxtcYIa02PxrkI2/gQ3rZpPzk5ulo/nple3bylWXJCV5jLx2NSLfxOOr2VgmHzhia1+zZlD8YoxnFJulXNj7rrFC3ItUz9f94aB4WDU54kMjMsZQYE2M2znHri/OCJZGOCAmYGBQYWBgYGJgYUhLTMn1cCDgZGBGcoxhCmERh0DEwMHWEIvOT8npZ2BEZwEwNqWM7DAzTB8zMAK5xiBOLC0YWzRALO4HUqrQGkPKL0cSj+G0vJoyYYFbEI/lKfRwMDAxlCRWFJSZMjGwABlwcWM2BgYoSwBuM1MUFvnMqF67jgTwygYBaNgFIyCUTAKRsEoGAWjYBSMZAAIAAD//77kti4=")
socket$inet6_udp(0xa, 0x2, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7})
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
munmap(&(0x7f0000c75000/0x4000)=nil, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
read(r2, &(0x7f00000002c0)=""/153, 0x99)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r3 = syz_open_procfs(0x0, &(0x7f0000000380)='map_files\x00')
getdents64(r3, &(0x7f0000000fc0)=""/224, 0xe0)
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000000)=0x1)
socket$inet6(0xa, 0x80002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r4, 0x10e, 0x4, &(0x7f0000000140)=0x7, 0x4)
socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000700)={0x0, 0x1e5, &(0x7f00000006c0)={&(0x7f0000000440)=@deltaction={0x28, 0x31, 0x101, 0x0, 0x0, {}, [@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}]}]}, 0x28}}, 0x0)

2m30.512421423s ago: executing program 2 (id=446):
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
r1 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040)=0x7)
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040301, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x1000000000000, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(0xffffffffffffffff, 0x40184150, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r4, 0x2000002, 0xe, 0x0, &(0x7f00000001c0)="63ec7fea0cfbe066c00000100000", 0x0, 0x8004, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m27.942832707s ago: executing program 2 (id=453):
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x44811}, 0x20000051)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{0x0}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2m27.584356454s ago: executing program 2 (id=457):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="140000000000000001000000", @ANYRES32=r3, @ANYBLOB='\x00\x00]\x00'], 0x18, 0x20048044}}], 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x771, &(0x7f0000001280)="$eJzs3M9rHGUfAPDvTLJJm+Z9Ny+84I+DCC1YKN0kzaU9NV68FQoFrzUkmxAyyYbspnZjwdazUJuLgiDi2aMXD0Kpf4A3KSh4F0RrBMXLymx+1Ka7m02TZrX9fGCy32eemfk+393Jww7sTADPrVfzP0nEcERcjoji1vo0Igaa0bGIm5vbbTy4MZ0vSTQaV35O8t1io1HcOVay9XoimrvEixFxrxBx5r3H81brawtTWVZe2WqP1haXR6v1taH5xam58lx5aXziwtj5iYnzYxN71vBCl7WeevPC8TvfvLG+/u0Xtduv9J9NYrJZd2zV1uVh9mXzPSnE5K71S08jWQ8lvR4AAABdyb/n90VEf/NbajH6mlFrX/5+pEMDAAAADkljsAEAAAA885Lo0HmsUycAAADw77D9O4Dte3s73wc7cOi/P/jp9YgYaZW/v3kPccSxKETE0EbyyJ0JyeZucCA3b0XE3cnd599n+Rl284DHHtvVfvQe6cP/X2L/7ubzz2Sr+SfdmX+ixfzTv/3shANqP/89zN/XZv673GWOrz55qdA2/62Il/tb5U928idt8r/VZf7b6+/f2WubVvn/nmv7+RBnH38+xOTsfNbx8QP3/jx9v11fXv9Qu/zNo7b+/POu5T0r3/TOxq8L7eaSPP/pk50//1bvf35OfLA1jjQi7my95u31XTlOLn73daf6ZyIaT/L5f9pl/T98Pni9y00BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgKY2I4UjS0k6cpqVSxImI+H8MpVmlWjszW1ldmsn7IkaikM7OZ+WxiChutpO8Pd6MH7bP7WpPRMT/vj++mXQ+K5emK9lMr4sHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgx4mIGI4kLUVEGhG/FdO0VIro72LfwSMYHwAAAHBIRno9AAAAAOCpc/0PAAAAz74W1/+FbvZLnsJYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGfW5UuX8qWx8eDGdN6euVZfXahcOztTri6UFlenS9OVleXSXKUyl5VL05XFvY6XVSrL4xdi9fporVytjVbra1cXK6tLtavzi1Nz5avlwpFUBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH4NN5ckLUVE2ozTtFSK+E9EjEQhmZ3PymMR8d+IuF8sDObt8V4PGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgENXra8tTGVZeUUgEBxZ8G5E/AOG0SHo9cwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAvVOtrC1NZVl6p9nokAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fb6YxIR+fJa8dTwrs6+geSPYh4MRMTbH1/58PpUrbYyHjGQ/LKzvvbR1vpzPSkAAAAAngcX97Px9nX69nU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAt6r1tYWpLCuvHCy4GPW1RtJmm17XCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJm/AgAA///ossUV")
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x28, 0x1, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f00000005c0)=[{0x8, 0x0, [0x7a, 0x5, 0x9, 0x7, 0x7, 0x9, 0x100, 0x1, 0x0, 0x4, 0x5, 0x9, 0x6, 0xc7, 0x561c4da6, 0x25]}, {0x1c, 0x0, [0x80, 0xfffffffc, 0x6, 0x7, 0x6, 0x90, 0x3, 0x7, 0x14000, 0xf7, 0x7, 0x1, 0x4, 0x91ed, 0x847, 0x4d4]}, {0x1a, 0x0, [0x6, 0xbdb, 0x9, 0xb5a, 0x4, 0x0, 0x1bab, 0x7, 0x6, 0x400, 0x7, 0x3, 0x85, 0xddf4, 0xfffffffe, 0x8]}], 0xffffffffffffffff, 0x1, 0x1, 0xd8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f00000004c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0x5, @local, 0x7}, {0xa, 0x4e23, 0x1, @private1, 0x8339}, 0xffffffffffffffff, 0x1}}, 0x48)
sendmsg$nl_route_sched(r4, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000002440)=@delchain={0x34, 0x2e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xe, 0x3}, {0xfff2, 0xffff}, {0xc, 0xd}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000085}, 0x0)

2m12.029580538s ago: executing program 32 (id=457):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="140000000000000001000000", @ANYRES32=r3, @ANYBLOB='\x00\x00]\x00'], 0x18, 0x20048044}}], 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x771, &(0x7f0000001280)="$eJzs3M9rHGUfAPDvTLJJm+Z9Ny+84I+DCC1YKN0kzaU9NV68FQoFrzUkmxAyyYbspnZjwdazUJuLgiDi2aMXD0Kpf4A3KSh4F0RrBMXLymx+1Ka7m02TZrX9fGCy32eemfk+393Jww7sTADPrVfzP0nEcERcjoji1vo0Igaa0bGIm5vbbTy4MZ0vSTQaV35O8t1io1HcOVay9XoimrvEixFxrxBx5r3H81brawtTWVZe2WqP1haXR6v1taH5xam58lx5aXziwtj5iYnzYxN71vBCl7WeevPC8TvfvLG+/u0Xtduv9J9NYrJZd2zV1uVh9mXzPSnE5K71S08jWQ8lvR4AAABdyb/n90VEf/NbajH6mlFrX/5+pEMDAAAADkljsAEAAAA885Lo0HmsUycAAADw77D9O4Dte3s73wc7cOi/P/jp9YgYaZW/v3kPccSxKETE0EbyyJ0JyeZucCA3b0XE3cnd599n+Rl284DHHtvVfvQe6cP/X2L/7ubzz2Sr+SfdmX+ixfzTv/3shANqP/89zN/XZv673GWOrz55qdA2/62Il/tb5U928idt8r/VZf7b6+/f2WubVvn/nmv7+RBnH38+xOTsfNbx8QP3/jx9v11fXv9Qu/zNo7b+/POu5T0r3/TOxq8L7eaSPP/pk50//1bvf35OfLA1jjQi7my95u31XTlOLn73daf6ZyIaT/L5f9pl/T98Pni9y00BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgKY2I4UjS0k6cpqVSxImI+H8MpVmlWjszW1ldmsn7IkaikM7OZ+WxiChutpO8Pd6MH7bP7WpPRMT/vj++mXQ+K5emK9lMr4sHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgx4mIGI4kLUVEGhG/FdO0VIro72LfwSMYHwAAAHBIRno9AAAAAOCpc/0PAAAAz74W1/+FbvZLnsJYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGfW5UuX8qWx8eDGdN6euVZfXahcOztTri6UFlenS9OVleXSXKUyl5VL05XFvY6XVSrL4xdi9fporVytjVbra1cXK6tLtavzi1Nz5avlwpFUBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH4NN5ckLUVE2ozTtFSK+E9EjEQhmZ3PymMR8d+IuF8sDObt8V4PGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgENXra8tTGVZeUUgEBxZ8G5E/AOG0SHo9cwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAvVOtrC1NZVl6p9nokAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fb6YxIR+fJa8dTwrs6+geSPYh4MRMTbH1/58PpUrbYyHjGQ/LKzvvbR1vpzPSkAAAAAngcX97Px9nX69nU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAt6r1tYWpLCuvHCy4GPW1RtJmm17XCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJm/AgAA///ossUV")
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x28, 0x1, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f00000005c0)=[{0x8, 0x0, [0x7a, 0x5, 0x9, 0x7, 0x7, 0x9, 0x100, 0x1, 0x0, 0x4, 0x5, 0x9, 0x6, 0xc7, 0x561c4da6, 0x25]}, {0x1c, 0x0, [0x80, 0xfffffffc, 0x6, 0x7, 0x6, 0x90, 0x3, 0x7, 0x14000, 0xf7, 0x7, 0x1, 0x4, 0x91ed, 0x847, 0x4d4]}, {0x1a, 0x0, [0x6, 0xbdb, 0x9, 0xb5a, 0x4, 0x0, 0x1bab, 0x7, 0x6, 0x400, 0x7, 0x3, 0x85, 0xddf4, 0xfffffffe, 0x8]}], 0xffffffffffffffff, 0x1, 0x1, 0xd8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f00000004c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0x5, @local, 0x7}, {0xa, 0x4e23, 0x1, @private1, 0x8339}, 0xffffffffffffffff, 0x1}}, 0x48)
sendmsg$nl_route_sched(r4, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000002440)=@delchain={0x34, 0x2e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xe, 0x3}, {0xfff2, 0xffff}, {0xc, 0xd}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000085}, 0x0)

2m0.700950445s ago: executing program 0 (id=522):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0xa, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000300)={&(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000c00000/0x400000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, 0x0}, 0x68)
userfaultfd(0x80801)
userfaultfd(0x1)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480))
r1 = socket$unix(0x1, 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{r1, 0x4236}], 0x1, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0xfffb, 0x5, @empty, 0xa098}, {0xa, 0x4e21, 0x9, @mcast1, 0x9}, 0xffffffffffffffff, 0x8001}}, 0x48)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

1m59.415740912s ago: executing program 0 (id=525):
bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000480)="b19ccccf84f531d9ec214627c11430c1", 0x20)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000004c80)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000940)="1beb41ea4ea9ca354f167d9eaee7dc35eca218b865688d79fe31cbe00d190c853bfe6a22bd7dec0023aa0e038d07000040e37e00f7dd3afafdbc70e1b5928033df5e82fd76f31e8b29a0f05c2cef56f56cd0330dc984004f220b7dcb23a05d530df65691cf6a3cceb7a97c673856f552ded9530b52fe6d1e662090d2802233ec1adca9eaab9dd6f04b2717ed1552cf46dc28cd3fbf1ec1eaedd80d1da838a00a1e229ce16d2c1a411be06f715e8b6a", 0xaf}, {&(0x7f0000000b00)="2112f3980a4c0902dcb1918da23fb18a9d89c4f0793b7c45b722417a6401d606e033776833d550074c2b667b4e127ea79880d00aeee8d16ca6f011603c22355681cd2e9d0d8a2fea2e9b525389d2e7b95aa129fef95245bffd1ccc58bb9ca56a50cd0b4da05e78cc4aef1e9157a66caefb0ba968710bfbc7baabaa3b06bf6e5fe4fe8ebcbc81a4dbda4b1b65ea2d852cda4881d7ceda7dcbef58471a951ca1851b50dd9276e0ab06fa0e23d023766294c911bff4e6d33acdd316322f4d5a1a4eb5ae51e511f2923f3318d83b9b438b20e0560a4834edb911911c7b557e37e94f6f0a2f1d291ae3", 0xe7}], 0x2, 0x0, 0x0, 0x4004090}, {0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000540)="d21e61c0af08368aedabcf6e445f1ca30a2f37d1f6d14042afeb21e49b0da7fd9f0940cf59647c14b7e6f19ac068f3a0920aed0a27cdd22c711855b5fb9f81ba75787a21c891067a458e010b16fa7d60083bef", 0x53}, {&(0x7f0000000c00)}], 0x2, 0x0, 0x0, 0x1}, {0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000fc0)}], 0x1, 0x0, 0x0, 0x84090}], 0x3, 0x4004000)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-aes-aesni\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB, @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

1m59.053518759s ago: executing program 0 (id=527):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x40, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1m55.752696415s ago: executing program 0 (id=531):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001880)={0x2, 0x0, [{0x4000, 0x62, &(0x7f0000003040)=""/98}, {0x3000, 0x0, 0x0}]})

1m53.48689328s ago: executing program 0 (id=539):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
r1 = gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
ptrace$getregs(0xc, r1, 0x4, &(0x7f0000000180)=""/81)
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x88e, &(0x7f0000000080)={[{@errors_remount}, {@mblk_io_submit}, {@inlinecrypt}, {@test_dummy_encryption_v1}, {@barrier}, {@mblk_io_submit}, {@nogrpid}]}, 0x3, 0x445, &(0x7f0000000800)="$eJzs3M9rHFUcAPDv7CZt06YmlvqjadVoFYM/kiattQcvioIHBUEP9RiTtMRuG2ki2BI0itSjFLyLR8G/wJNeRD0JXvUuhSK5tIqHldmdSXY3u2k2blzNfj4wyXszb3nvuzNv9715mQTQs0bTH0nEYET8EhFD1Wx9gdHqr9uryzN/rC7PJFEuv/57Uil3a3V5Ji+av+5AnumLKHycxNEm9S5euXphulSau5zlJ5YuvjOxeOXq0/MXp8/PnZ+7NHXmzKmTk8+ennqmI3Gmcd0aeX/h2JGX37z+6szZ62/98FWSx98QR4eMbnbwsXK5w9V118GadNLXxYbQlmK1m0Z/pf8PRTHWT95QvPRRVxsH7KhyuVy+t/XhlTKwiyXR7RYA3ZF/0afz33zbfMDQ0eFH1918vjoBSuO+nW3VI31RyMr0N8xvO2k0Is6u/Pl5usXO3IcAAKjzTTr+earZ+K8QtfeF7srWUIYj4u6IOBQRpyPicETcE1Epe19E3N9m/Y2LJBvHP4Ub2wpsi9Lx33PZ2lb9+C8f/cVwMcsdrMTfn5ybL82dyN6Tsejfm+YnN6nj2xd//rTVsdrxX7ql9edjwawdN/r21r9mdnpp+p/EXOvmhxEjfc3iT9ZWApKIOBIRI9usY/6JL4+1Onbn+JurvCUdWGcqfxHxePX8r0RD/Llk8/XJiX1RmjsxkV8VG/3407XXWtW/3fg7JT3/+5te/2vxDye167WL7ddx7ddPWs5ptnv970neqNv33vTS0uXJiD3JK9VG1+6faig3tV4+jX/sePP+fyjW34mjEZFexA9ExIMR8VDW9ocj4pGIOL5J/N+/8OjbdTvGBtuIf2el8c+2df7XE3uicU/zRPHCd1/XVTocbcSfnv9TldRYtmcrn39badf2rmYAAAD4/ylExGAkhfG1dKEwPl79G/7Dsb9QWlhcevLcwruXZqvPCAxHfyG/0zVUcz90MpvW5/mphvzJ7L7xZ8WBSn58ZqE02+3goccdaNH/U78Vu906YMd5Xgt6l/4PvUv/h96l/0PvatL/Bzbu+qvhkUFgN2j2/f9BF9oB/Psa+r9lP+gh5v/Qu/R/6F36P/SkxYG480PyEhIbElH4TzRj5xP7tvhvLnZZotufTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ3xdwAAAP//FX7vJg==")
socket$packet(0x11, 0x2, 0x300)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000000)=@filter={'filter\x00', 0xe, 0x2, 0x90, [0x0, 0x20000080, 0x200000b0, 0x200000e0], 0x0, 0x0, &(0x7f0000000080)=[{0x0, '\x00', 0x2000000, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.stat\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000200)={'#! ', '', [{0x20, 'memory.stat\x00'}, {0x20, 'barrier'}, {}, {0x20, '/-\\@}-%.,+\'@\'{[$(!/:'}, {0x20, '*[#$,:{{('}, {0x20, 'inlinecrypt'}, {0x20, 'barrier'}]}, 0x4d)

1m48.469160249s ago: executing program 0 (id=543):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$kcm(0x11, 0x3, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$kcm(r4, &(0x7f0000000080)={&(0x7f00000002c0)=@xdp={0x2c, 0x0, r6, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x5)

1m33.331689808s ago: executing program 33 (id=543):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$kcm(0x11, 0x3, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$kcm(r4, &(0x7f0000000080)={&(0x7f00000002c0)=@xdp={0x2c, 0x0, r6, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x5)

13.918386596s ago: executing program 5 (id=710):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0xffffffffffffffff, &(0x7f0000000000)=0x5e)
r0 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
bind$bt_rfcomm(r3, &(0x7f0000000000)={0x1f, @any, 0xa}, 0xa)

11.214893223s ago: executing program 6 (id=718):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
r6 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000840)=@xdp={0x2c, 0x7, 0x0, 0x3e}, 0x80, &(0x7f0000000480)=[{&(0x7f00000002c0)='\x00', 0x1}], 0x1}, 0x4)

10.983716212s ago: executing program 5 (id=720):
openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
dup(r0)
syz_open_dev$dvb_frontend(&(0x7f0000000000), 0x0, 0x40400)
socket$tipc(0x1e, 0x5, 0x0)
syz_io_uring_setup(0x897, 0x0, 0x0, 0x0)
epoll_create1(0x0)
pselect6(0x40, &(0x7f00000001c0)={0x1, 0x0, 0x3, 0xfffffffffffffffd, 0x4, 0x0, 0x1, 0x4}, 0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x10, 0x7}, 0x0, 0x0)

10.843235058s ago: executing program 3 (id=721):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'erspan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5000000010000100"/20, @ANYRES32=r2, @ANYBLOB="0000000000000000300012800b00010065727370616e0000200002800400120005001600020000000600180040000000050017"], 0x50}}, 0x4080)

10.628812888s ago: executing program 5 (id=722):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x25, 0xffffffffffffffff, 0x8)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB="340000001400b59500000000000000000a400000", @ANYRES32=r4, @ANYBLOB="1400020000000000000000000000ffff000000"], 0x34}}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001400b59500000000000000000a000000", @ANYRES32=r4, @ANYBLOB="1400020000000000000000000000ffff00000000080008007002"], 0x34}}, 0x0)

9.573994637s ago: executing program 6 (id=724):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x1008002, &(0x7f0000000180)={[{@grpquota}, {@sysvgroups}, {@nomblk_io_submit}, {}, {@dioread_nolock}, {@jqfmt_vfsv0}, {@nomblk_io_submit}, {@errors_continue}]}, 0x0, 0x5e0, &(0x7f0000000bc0)="$eJzs3c1vVFUbAPDnTj9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFkQKNLRGiyaUBDcmxo0xJq5ciP+FEtmy0pULN64MCVHD0sQxd3pv6bR3+kU7t3J/v2TouefM5Zzb6dNz5vScOwFU1mD6Ty1if0RMJxH9yfxiWWdkhYMLz3vw50dn00cS9fprvyeRZHn585Psa192ck9E/PhDEvs6VtY7M3ft4vjU1OTV7Hh49tL08MzctcMXLo2fnzw/eXn0hdETx48dPzFyZFPXdb0g7/TNd9/v/2TszW+++isZ+faXsSROxsvZE5dex1YZjMHG9yRZWdR3YqsrK0lH9nOy9CVOOoue2dW+RrFu+euXvjpPRH90xMMXrz8+fqXUxgHbqp5E1IGKSsQ/VFQ+Dsjf2y9/H1wrZVQCtMP9UwsTACvjv3NhbjB6GnMDux8ksXRaJ4mIzc3MNdsTEXfvjN08d2fsZmzTPBxQbP5GRDxZFP9JI/4HoicGGvFfa4r/dFxwJvua5r+6yfqXTxWLf2ifhfjvWTX+o0X8v7Uk/t/eZP2DD5Pv9DbFf+9mLwkAAAAAAAAq6/apiHi+6O//tcX1P1Gw/qcvIk5uQf2Dy45X/v2/dm8LqgEK3D8V8VLh+t9avvp3oCNL/aexHqArOXdhavJIRPw3Ig5F1670eGSVOg5/uu/LVmWD2fq//JHWfzdbC5i1417nruZzJsZnxx/1uoGI+zcinipc/5ss9v9JQf+f/j6YXmcd+569daZV2drxD2yX+tcRBwv7/4d3rUhWvz/HcGM8MJyPClZ6+sPPvmtV/2bjv/AWE8CGpP3/7tXjfyBZer+emY3XcXSus96qbLPj/+7k9cYtZ7qzvA/GZ2evjkR0J6c70tym/NGNtxkeR3k85PGSxv+hZ1af/ysa//dGxPyy/zv5o3lPce7/f/f92qo9xv9QnjT+JzbU/288MXpr4PtW9a+v/z/W6OsPZTnm/2DBF3mYdjfnF4RjZ1FRu9sLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+DWkTsiaQ2tJiu1YaGIvoi4n+xuzZ1ZWb2uXNX3rs8kZY1Pv+/ln/Sb//CcZJ//v/AkuPRZcdHI2JvRHze0ds4Hjp7ZWqi7IsHAAAAAAAAAAAAAAAAAACAHaKvxf7/1G8dZbcO2HadZTcAKE1B/P9URjuA9tP/Q3WJf6gu8Q/VJf6husQ/VJf4h+oS/1Bd4h8AAAAAAB4rew/c/jmJiPkXexuPVHdW1lVqy4DtViu7AUBp3OIHqsvSH6gu7/GBZI3ynpYnrXXmaqbPPsLJAAAAAAAAAAAAAFA5B/fb/w9VZf8/VJf9/1Bd+f7/AyW3A2g/7/GBWGMnf+H+/zXPAgAAAAAAAAAAAAC20szctYvjU1OTVyXe2BnNaGeiXq9fT38Kdkp7/uWJfCn8TmnPskS+1299Z5X3OwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGj2TwAAAP//+Ekkyg==")
quotactl_fd$Q_SETINFO(r0, 0xffffffff80000601, 0x0, &(0x7f0000000000)={0x8, 0x9, 0x0, 0x5})
r1 = shmget$private(0x0, 0x13000, 0x1, &(0x7f0000feb000/0x13000)=nil)
shmat(r1, &(0x7f0000ff1000/0x3000)=nil, 0x400c)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f00000000c0)=0xa, 0x9, 0x0)
get_mempolicy(0x0, 0x0, 0xf2, &(0x7f0000fff000/0x1000)=nil, 0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)

9.524805977s ago: executing program 3 (id=725):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x2, &(0x7f00000003c0)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1bb9ec930dabfc165907d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31c0971007f269f873e14e5fe3c46c0ac2b22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b98ade053b2f9b7918"], 0x1, 0x625c, &(0x7f0000000500)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEQEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRCMhFjwECIklIJaseIAs2LLjAbBkIwFZpVDNnDOuabrdvmS6eub8ftKk6qtTNX0q/67pbldVnwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4nvf/cGZKiIu/TwtOBbxmehH9CJWmnotIlbWjuX1BxHxXGw3x7MRMVyKqHLj0xGvRcRHRyPu3ru13iw6+5D9+M6f/v67Hx75/t/+MDz1nz/f6L8+bb2bN3/977/cfvz9BQAAgBLVdV1X6WP+8fT5vtd1pwCAuciv/3WSl6sXrt5csP6o1Wq1+gDWbfVkt9tFRGy2t2neMzgdDwAHzGZ83HUX6JD8izaIiCNddwJYaFXXHWBf3L13a71K+Vbt14O1nfZ8Lcie/Der3fs7pk1nGb/GZF7Pr63oxzNT+rMypz4skpx/bzz/Szvto7Tefuc/L9PyH+3c+lScnH9/PP8xhyf/3sT8S5XzHzxS/n35AwAAAADAAsv//n+s4/O/S0++Kw/lQed/1+bUBwAAAAAAAAD4tD3p+H+7KuP/AQAAwKJqPqs3fnP0/rJp38XWLL9YRTw1tj5QmHSzzGrX/QAAAAAAAAAAAACAkgx2ruG9WEUMI+Kp1dW6rpuftvH6UT3p9gdd6fsPJev6jzwAAOz46OjYvfxVxHJEXEzf9TdcXV2t6+WV1Xq1XlnK72dHS8v1SutzbZ42y5ZGs98Pr8Sobn7Zcmu7tlmfl2e1j/++5rFGdX92x+akw8ABICJ2Xo3uekU6ZOr66ej6XQ4Hg+P/8HH88zC6fp4CAAAA+6+u67pKX+d9PJ3z73XdKQBgLvLr//h5AbVarVar1Yevbqsnu90uImKzvU3znsFw/ABwwGzGxxOX/9IAv0WYlj9FGETEc113AlhoVdcdYF/cvXdrvUr5Vu3XgzS+e74WZE/+m9X2dnn7SdNZxq8xmdfzayv68cyU/jw7pz4skpx/bzz/Szvto7Tefuc/L9Pyb/bzWAf96VrOvz+e/5jDk39vYv6lyvkPHin/vvwBAAAAAGCB5X//P7ZQ539Hj7s7Mz3o/O/avj0qAAAAAAAAAOyvu/duref7XvP5/89NWM/9n4dTzr+Sf5Fy/un+/90Lb14aW6/fmr/z1v38/3Xv1vrvb/zzs3n6sPkv5ZkqPbOq9Iyo0iNVgzR9zB2bYmvYHzWPNKx6/UG65qcevhNX4mpsxOk96/bS8XC//cye9qanw+32ur/TfnZP+2C3PW9/bk/7MF3pVK/k9pOxHj+Jq/H2dnvTtjRj/5dntNcz2nP+fcd/kXL+g9ZPk/9qaq/Gpo07H/b+77hvTyc9zptXPv+r0/u/OzNtRX9339qa/Xuhg/5s/z85MoqfXd+4dvLm5Rs3rp2JNNmz9Gykyacs5z9MPzn/l17cac9/99vH650PR4+c/6LYisHU/F9szTf7+/Kc+9aFnP8o/eT8307tk4//g5z/9OP/lQ76AwAAAAAAAAAAAAAAAA9S1/X2LaJvRsT5dP9PV/dmAgDzlV//6yQvn1fdf9zt/7h3P7rqv1o957pasP7Mtf6kXqz+qBey/u+C9Wfh6rZ6sjfaRUT8tb1N857hF5N+GQCwyD6JiH903Qk6I/+C5e/7a6Ynuu4MMFfX3//gR5evXt24dr3rngAAAAAAAAAAjyuP/7nWGv/5RF3Xt8fW2zP+61ux9qTjfw7yzO4Ao1MGqu4/+j49yFZv1O+1hht/PqaN/z3cnXvQ+N+DGY83nNE+mtG+NKN9eUb7xBs9WnL+z7fGOz8REcfHhl8vYfzX8THvS5Dzf6H1fG7y/9LYeu38698e5Px7e/I/deO9n566/v4Hr1557/K7G+9u/PjcmTOnz50/f+HChVPvXLm6cXrnvx32eH/l/PPY164DLUvOP2cu/7Lk/L+QavmXJef/xVTLvyw5//x+T/5lyfnnzz7yL0vO/+VUy78sOf8vp1r+Zcn5v5Jq+Zcl5/+VVMu/LDn/V1Mt/7Lk/E+mWv5lyfmfSvVD5r+y3/1iPnL++QyX478sOf98ZYP8y5LzP5tq+Zcl538u1fIvS87/tVTLvyw5/6+mWv5lyfmfT7X8y5Lz/1qq5V+WnP+FVMu/LDn/r6da/mXJ+X8j1fIvS87/9VTLvyw5/2+mWv5lyfl/K9XyL0vO/9upln9Zcv5vpFr+Zbn//f9mzJgxk2e6/ssEAAAAAAAAAAAAAIybx+XEXe8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyPHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5Drr+4Gf2TdvHEgMhPyd/E3YOCaEZJNd24lfaFNMeG14Kwmh0Bds17s2C37Da5dAo9pRoETCqKiibbhoCwi1uamIWi5oBSgXqFXVStBe0BtEhcpFVAUUkFBpBWw15zzPszOzZ2d2vWNn5pzPR0p+2Zkzc86ceWZ2v3a+OwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ6ubXzX+ikWVZo9EoLtiSZS9ozqumtuSXvPr5PT4AAABg436e//u5a9MFB9Zwo5Zt/vGmb355aWlpKXvP6B+Pf2ZpKV0xlWXjm7Isvy566nvvbbRuEzyWTTZGWr4e6bH70R7Xj/W4frzH9RM9rt/U4/rJHtevOAErXJU10p3tyP9zS3FKs+uy8fy6HSW3eqyxaaR57tJts0Z+m6Xxo9lCdjybz2bbti+2beTbf/Xm5r7enMV9jbTsa1tzhfzokSPxGBrhHO9o29fyfUY/eG029eMfPXLkL88+e0PZ7Hka2u6vOM7btjeP82PhkuJYG9mmdE7icY60HOe2kudktO04G/ntmv/deZzPrfE4R5cP84rqfM4ns5H8v7+Vn6exRlZynraFy356S5ZlF5YPu3ObFfvKRrLNbZeMLD8/k8WKbN5Hcym9OBtb1zq9eQ3rtDnndrSv087XRHz+bw63G1vlGFqfph88OtHyvP9s6VLWadR81Ku9VjrXYL9fK4OyBuO6+Fb+oB8vXYM7wuN/5NbV12Dp2ilZg+lxt6zB7b3W4MjEaH7M6Ulo5LdZXoM727YfzffUyOczt3ZfgzNnT5yeWfzIR+9cOHH42Pyx+ZO7d+6c3b1nz759+2aOLhyfny3+fYlne/BtzkbSa2B7OHfxNfDKjm1bl+rS5ydWvP9e6utwssvrcEvHtv1+HY51PrjGlXlBrlzTxWvjXc2TPnlxJFvlNZY/P7dv/HWYHnfL63Cs5XVY+j2l5HU4tobXYXOb07ev7WeWsZZ/yo5h9e8FG1uDW1rWYOfPI51rsN8/jwzKGpwM6+I7t6/+vWBbON7Hp9f788joijWYHm5472lekn7en9yXj7J1eWPziqsnsnOL82fuevjw2bNndmZhXBEvaVkrnet1c8tjylas15F1r9cDCzc9fmPJ5VvCuZq8s/mvyVWfq+Y2d9/V/bnKv7uVn8+2S3dlYfTZlT6fZd/Nm+dzIss++41HH/jaI5993arns5k3Pzaz8Z/FUy5tef8dX+X9N+b+XxT7S3f12Oj4WPH6HU1nZ7zt/bj9qRrL37sa+b6fm1nb+/F4+OdKvx9f1+X9eGvHtv1+Px7vfHDx/bjR6087Nqbz+ZwM6+T4bPf34+Y2W3etd02OdX0/viXMRjj/rwpJIeWilrWz2rpN+xobGw+PayzuoX2d7m7bfjxks+a+ntx1aev0tluK+xpNj27ZlVqnUx3b9nudpj/7Wm2dNnr96dul6Xw+J8O6uG5393Xa3Obpuzf+3nlV/M+W986JXmtwfHSieczjaRHm7/fZ0lVxDd6VHclOZcezufzaiXw9NfJ9Td+ztjU4Ef650u+VW7uswds6tu33Gkzfx1Zbe42xlQ++Dzqfz8mwLp64p/sabG7z+r39/dn1tnBJ2qblZ9fOP19b7c+8buw4TZdrrYyF4/zG3u5/Ntvc5vi+9ebM7ufpjnDJ1SXnqfP1u9prai67MudpazjOZ/etfp6ax9Pc5jP717ieDmRZdv5D9+V/3hv+fuVvzn37y21/71L2dzrnP3TfD1949B/Wc/wADL9fFGNz8b2u5W+m1vL3/wAAAMBQiLl/JMxE/gcAAIDKiLk//l/hifwPAAAAlRFz/1iYSU3y/9bXP7vwi/NZauYvBfH6dBruL7aLHdfZ8PXU0rLm5fd9cf4nf39+bfseybLsZ/f/Xun2W++Px1WYCsf51BvaL1/hy3euad+HHjqf9tvaX/9cuP/4eNa6DMoquLNZln312k/l+5l678V8Pn3/oXw+cOHxx5rbPLe/+Dre/pmXFNv/WSj/Hjh6uO32z4Tz8P0wZ99Sfj7i7b508VXb9r57eX/xdo3t1+QP+4n3Ffcbf0/Opx8rto/nebXj/9onn/xSc/uHX1F+/OdHyo//yXC/Xwzzf15WbN/6HDS/jrf7eDj+uL94u7u+8PXS43/qE8X2p99YbHcozLj/28LXO9747ELr+Xq4cbjtcWVvKraL+5/99h/m18f7i/ffefyTBy+2nY/O9fH0vxX3M9Oxfbw87if6u479N++ndX3G/T/5B4faznOv/T/1wDMva95v5/7v6Nju9Iduz/e/fH/tv7Hpzz/+qdL9xeM58Nen2x7PgXeG13HY/xPvC+sxXP+/TxX31/nbFQ69s/39J27/uS3n2x5P9OYfF/t/6jXH8rlp8qrNV7/ghddceHnz3GXZtzYV99dr/8f+4lTb8X/++uJ8xOtjR79z/6uJ+z/z4emTpxbPLcyls/rItfnvznlrcTzxeK8N762dXx88dfb982emZqdms2yqur9C75J9IcwfFuNC962XVryD3v5QeD5v/NOvbr71Xz8ZL//3dxWXX3xL8X3rlWG7T4fLt4Tnb337X+mJm6/PX9+Np8MRLq38fcEbsW3Hf+1b04bh8Xf+XBDX++mXvj8/D83r8u8b8XW9weP/7lxxP18J53Up/Gbm7dcv7691+/i7ES4+WLzeN3z+wttcfF7/Kjzfb/t+cf/xuOLj/W74OebrW9vf7+L6+Mr5kc77z3+Lx4XwfpJdKK6PW8XzffG560sPL/4ekuzCDfnXf5Tu54Z1PczVLH5kceb4wslzD8+cnV88O7P4kY8ePHHq3MmzB/Pf5XnwA71uv/z+tDl/f5qb33N3lr9bnSrGZfZ8H//ph47M7Z29dW7+6OFzR88+dHr+zLEji4tH5ucWbz189Oj8h3vdfmHu3p279u/eu2v62MLcvfv279+9f3rh5KnmYRQH1cOe2Q9OnzxzML/J4r137995zz13z06fODU3f+/e2dnpc71un39vmm7e+nenz8wfP3x24cT89OLCR+fv3bl/z55dLb8N8Celtz9x+uji1MyZcydnzi3On5kpHsvU2fzi5ve+Xvunmhb/o/h5tlOj+EV82Tvu2JN+P2vTFx9d9a6KTTp+geiz4XfR/NOLTu9by9cx94+HmdQk/wMAAEAdxNw/EWYi/wMAAEBlxNy/KcxE/gcAAIDKiLl/MsykJvm/cv3/refXtH/9f/3/1vOl/1+z/v+Dg9b/L94v9P/7Y6P9e/3/QP9f/1//X/9/1f5/Of1/ygxa/z/m/quyrJb5HwAAAOog5v7NYSbyPwAAAFRGzP1Xh5nI/wAAAFAZMfe/IMykJvlf/1//X/9f/1//v3z/+v/DSf+/O/3/HvT/Z7J69f8v9PP49f/1/1lp0Pr/Mfe/MMykJvkfAAAA6iDm/mvCTOR/AAAAqIyY+68NM5H/AQAAoDJi7t8SZlKT/K//r/+v/6//r/9fvn/9/+Gk/9+d/n8P+v8+/1//X/+fvhq0/n/M/S8KM6lJ/gcAAIA6iLn/xWEm8j8AAAAMnrFLu1nM/S8JM1mR/y9xBwAAAMDzLub+67KOInhN/v5f/1//f/D7/5vSdfr/+v/ZQPb/RzP9/8Gh/9+d/n8P+v/6//r/+v/01aD1//Pcn01mLw0zqUn+BwAAgDqIuf/6MBP5HwAAACoj5v7/F2Yi/wMAAEBlxNy/NcykJvlf/1//f/D7/z7/X/9/0Pv/Pv9/kOj/d6f/34P+v/6//r/+P301aP3/mPtvCDOpSf4HAACAOoi5/8YwE/kfAAAAKiPm/v8fZiL/AwAAQGXE3L8tzKQm+V//f8D7/7E5qv+v/6//r/+v/78m+v/d6f/3oP+v/6//r/9PXw1a/z/m/peFmdQk/wMAAEAdxNx/U5iJ/A8AAACVEXP/y8NM5H8AAACojJj7p8JMapL/9f8HvP9f9OAnfP6//r/+v/6//v/a6P93p//fg/6//n9f+v9L5/X/9f8pDFr/P+b+m8NMapL/AQAAoA5i7t8eZiL/AwAAQGXE3H9LmIn8DwAAAJURc/+OMJOa5H/9/6Ho/2f6//r/+v/6//r/a6P/353+fw/6//r/Pv9f/5++GrT+f8z9rwgzqUn+BwAAgDqIuf/WMBP5HwAAACoj5v5XhpnI/wAAAFAZMfffFmZSk/yv/6//r/+v/6//X75//f/hpP/fnf5/D/r/+v/6//r/9NWg9f9j7n9VmElN8j8AAADUQcz9t4eZyP8AAABQGTH33xFmIv8DAABAZcTcPx1mUpP8r/+v/6//r/+v/7/8HOr/Dz/9/+70/3vQ/9f/1//X/6evBq3/H3P/nWEmNcn/AAAAUAcx998VZiL/AwAAQGXE3D8TZiL/AwAAQGXE3D8bZlKT/K//r/+v/6//v67+/8uX77dK/f+y/ev/Dyf9/+70/3vQ/9f/f977/+P6/1TKoPX/Y+7fGWZSk/wPAAAAdRBz/64wE/kfAAAAKiPm/t1hJvI/AAAAVEbM/XeHmdQk/+v/6//r/+v/+/z/8v3r/w8n/f/u+t//jw9R/1//X//f5//r/7PSoPX/Y+6/J8ykJvkfAAAA6iDm/j1hJvI/AAAAVEbM/XvDTOR/AAAAqIyY+/eFmdQk/+v/6//r/+v/6/+X71//fzjp/3fn8/970P/X/9f/1/9ngx78/davLq3/P1F2x33p/8fcvz/MpCb5HwAAAOog5v5Xh5nI/wAAAFAZMff/Uj7/efkK+R8AAAAqo8j9k9kvh5nUJP/r/7d1z5sPV/9f/1//X/8/p/8/nPT/u9P/70H/X/9f/1//n75atf8fond5/79UX/r/MfffG2ZSk/wPAAAAdRBz/6+Emcj/AAAAUBkx978mzET+BwAAgMqIuf9AmElN8r/+v8//1//X/9f/L9//le7/x0+61f/fGP3/7vT/e9D/1//X/9f/p68u7fP/S/Wl/x9z/2vDTGqS/wEAAKAOYu6/L8xE/gcAAIDKiLn/dWEm8j8AAABURsz9rw8zqUn+1//X/9f/1//X/y/fv8//H076/93p//eg/6//r/+v/09fDVr/P+b+N4SZ1CT/AwAAQB3E3P/GMBP5HwAAACoj5v43hZnI/wAAAFAZMfe/OcykJvlf/1//X/9f/1//v3z/+v/DSf+/O/3/HvT/9f/1//X/6atB6//H3P+rYSY1yf8AAAAwlCbXt3nM/fd33lj+BwAAgMqIuf8tYSbyPwAAAFRGzP1vDTOpSf7X/9f/1//X/9f/L9+//v9w0v/vbsj6/z+/Jlyu/1/Q/x/s419v/3+s4+vL0v//3mr9/6VNnbfX/+dyGLT+f8z9bwszqUn+BwAAgDqIuf/tYSbyPwAAAFRGzP3vCDOR/wEAAKAyYu7/tTCTmuR//f/mcSy3l/X/q9r/H9H/H7z+/99+J8v0//X/+07/v7sh6//7/P8O+v+Dffw+/1//n5UGrf8fc/87w0xqkv8BAACgDmLufyDMRP4HAACAyoi5/8EwE/kfAAAAKiPm/neFmdQk/+v/+/z/evT/ff5/Nnj9f5//33JW9f/7R/+/O/3/HvT/9f8Hrf//n/r/DLdB6//H3P9QmElN8j8AAADUQcz97w4zkf8BAACgMmLu//UwE/kfAAAAKiPm/veEmdQk/+v/D0v/f2pI+/+P6v9fxv7/TdcU2+n/6/+zTP+/O/3/HvT/9f8Hrf/v8/8ZcoPW/4+5/71hJmvP/5Nr3hIAAAB4XsTc/xthJjX5+38AAACog5j7fzPMRP4HAACAyoi5/7fCTGqS//X/h6X/7/P/M/1/n//f8Xj0//X/y1y5/n9859H/1//X/4/0//X/9f/pNGj9/5j7fzvMpCb5HwAAAOog5v73hZnI/wAAADAUyv6f7E4x9x8MM5H/AQAAoDJi7j8UZlKT/K//v4b+/6be96f/3378+v/l62Nd/f8/2f4v3/nm2w/t1P/X/9f/X5cr+vn/zRe/z//X/9f/T/T/9f/1/+k0aP3/mPsPh5nUJP8DAABAHcTc/zthJvI/AAAAVEbM/UfCTOR/AAAAqIyY++fCTGqS//X/ff6//v+A9v+H+PP/4/nQ/2/Xt/5/fNPV/y9V9O/TKrq8/f93L/fE9f/X2/+fKL1U/1//f5iPX/9f/5+VBq3/H3P/fJhJTfI/AAAA1EHI/SNHi7l8hfwPAAAAlRFz/7EwE/kfAAAAKiPm/veHmdQk/+v/6//r/+v/+/z/8v136/83xnz+/6BK/fuf5i8U/f8Og9P/L6f/r/8/zMev/6//z0qD1v+PuX8hzKQm+R8AAADqIOb+D4SZyP8AAABQGTH3fzDMRP4HAACAyoi5/3iYSU3yv/7/8PX/47b6//r/+v81/fx//f+uNtq/1/8P9P/r3f//b/1//X/9f/pj0Pr/MfefCDP5P/bu5MnWur7j+Onkktu3yCKLVGWRTaqyzDJLFsk6+QOyyCabVFkucEDFmYvziKLirAjOAw4giKjgPIATijOoOM8DDiBKXYvu7/fb09Pn9HC6+3l+v9drwRcbmnOgbjV8bt+3Tyf7HwAAAHqQu//CuMX+BwAAgGbk7n9Y3GL/AwAAQDNy9z88bulk/+v/D9P/b1TKnv+/9f2Pov//D/3/bq+v/9f/t0z/P5/+fwH9v+f/6//1/yzV2Pr/3P2PiFs62f8AAADQg9z9j4xb7H8AAABoRu7+i+IW+x8AAACakbv/UXFLJ/t/W/+/Muuz/8+MdxLP/9f/e/6//n+d/l//P+R4+/9LH/zKp//X/+v/g/5/T/3/6d0+X/9Pi8bW/+fuf3Tc0sn+BwAAgB7k7n9M3GL/AwAAQDNy918ct9j/AAAA0Izc/Y+NWzrZ/8t7/v+ZtY9PtP8v+n/9/9oH9P/6f/3/ZHn+/3w99f8X3XH+hffc8M837uf19f/6f8//1/+zXGPr/3P3Py5u6WT/AwAAQA9y9z8+brH/AQAAoBm5+58Qt9j/AAAA0Izc/U+MWzrZ/8vr/yf9/P+i/9f/r31A/6//1/9Plv5/vp76/4O8vv5f/6//1/+zXGPr/3P3Pylu6WT/AwAAQA9y9z85brH/AQAAoBm5+y+JW+x/AAAAaEbu/rNxSyf7X/9/9P3/A/p//X9c/b/+X/9/9PT/8+n/F9D/6//1//p/lmps/X/u/kvjlk72PwAAAPQgd/9T4hb7HwAAAJqRu/+pcYv9DwAAAM3I3f+0uKWT/a//9/x//b/+X/8//Pr6/2nS/8+n/19A/3/Yfv48/b/+X//PZvvs/++f82V7Kf1/7v6nxy2d7H8AAADoQe7+Z8Qt9j8AAAA0I3f/M+MW+x8AAACakbv/WXFLJ/tf/6//1//r/w/c/+/8obdG/z9M/3889P/zjab/Xzk1+GH9/+T7f8//1//r/9libM//z93/7Lilk/0PAAAAPcjd/5y4Zc7+3/dP5gMAAAAnKnf/c+MW3/8HAACAycvqLHf/8+KWTva//l//r//X/3v+//Drz+v/b9z0/vT/46L/n280/f8u9P/6/ym/f/2//p+dxtb/5+5/ftzSyf4HAACAHuTuvyxusf8BAACgGbn7XxC32P8AAADQjNz9L4xbOtn/w/3/xh/X/++N/n/r+9f/D//4WFb/n39F/f/c/v8/Pf+/T/r/+Y6//z+t/9/61z9g/7/+FUf/P+7333j/f2bR5+v/GTK2/j93/+VxSyf7HwAAAHqQu/9FcYv9DwAAAM3I3f/iuMX+BwAAgEn793/caMFy978kbulk/3v+v/5f/z+9/t/z/9ed5PP/Z8fe/5/S/++R/n8+z/9fYLT9/zr9/7jff+P9v+f/cyBj6/9z918Rt3Sy/wEAAKAHV9w3W9v9L53N7H8AAACYos2/dmD7LygNuftfFrfY/wAAANCM3P0vj1s62f/6f/2//l//r/8ffv1x9f+e/79Xk+7/T238rv5f/z9kov3/qcb6/yt3+/wx9P+X6P8ZmS39/80bHz+p/j93/yvilk72PwAAAPQgd/8r4xb7HwAAAJqRu/9VcYv9DwAAAM3I3f/quKWT/X/k/f+Z3V9b/6//1//r//X/+v9lm3T/7/n/+v82+3/P//f8f/1/xzb6/61fD0+q/8/d/5q4pZP9DwAAAD3I3f/auMX+BwAAgGbk7r8ybrH/AQAAoBm5+18Xt3Sy/z3/X/+v/9f/6/+HX1//P036//n0/wvo//X/+n/9P0u15fn/m5xU/5+7/6q4pZP9DwAAAD3I3X913GL/AwAAQDNy978+brH/AQAAoBm5+98Qt3Sy//X/R9v/58f1//r/mf5f/6//Pxbd9v8rQ/8m2mmX/v+2h5z9760f0f/r//X/+n/9P0swiv7/3MZ/Xebuf2Pc0sn+BwAAgB7k7n9T3GL/AwAAQDNy9785brH/AQAAoBm5+98St+xz///DUt/V8dH/e/6//l//r/8ffn39/zR12//vkef/L6D/1//r//X/LNWR9P/3bnxx3+/z/3P3vzVu8f1/AAAAaEbu/rfFLfY/AAAANCN3/9vjFvsfAAAAmpG7/x1xSyf7X/+v/9f/6//1/8Ovf9D+f3U2TP9/PPT/8+n/F9D/6//1//p/lupI+v9N9tv/5+6/Jm7pZP8DAABAD3L3vzNusf8BAACgGbn73xW32P8AAADQjNz9745bOtn/+n/9v/5f/6//H359z/+fJv3/fPr/2Wx27Zw3MNT/nzut/9f/6//1/xzQ2Pr/3P3viVs62f8AAADQg9z918Yt9j8AAAA0I3f/dXGL/Q8AAADNyN3/3rilk/2v/9f/6//1//r/4dfX/0+T/n8+/f8Cnv9/2H7+nP5f/6//Z7Ox9f+5+6+PWzrZ/wAAANCD3P03xC32PwAAADQjd//74hb7HwAAAJqRu//GuKWT/a//1//r//X/R9L/n9X/b6f/Px5H1//P9P/6f/3/Ap7/r//X/7PdcfX/98fX+0X9f+7+98ctnex/AAAA6EHu/pviFvsfAAAAmpG7/wNxi/0PAAAAzcjd/8G4pZP9r//X/+v/9f+e/z/8+vr/afL8//n0/wvo//X/+n/9P0t1XP3/br3/9v+du/9DcUsn+x8AAAB6kLv/5rjF/gcAAIBm5O6/JW6x/wEAAKAZufs/HLd0sv/1//r/rf3/bKb/1//r/9cdQ/+/OtP/L53+fz79/wL6/zb7/7+ZNdT/n9n18/X/jNHY+v/c/R+JWzrZ/wAAANCD3P0fjVvsfwAAAGhG7v6PxS32PwAAADQjd//H45aW9v8Du6dv0+//T2/7RP3/bDa782LP/9f/z3l9/f9o+v/6p6r/Xx79/3z6/wX0/232/57/r//nxIyt/8/d/4m4paX9DwAAAJ3L3f/JuMX+BwAAgGbk7v9U3GL/AwAAQDNy9386bulk/2/p/+/dCM/yj4+//9/+ifr/2aGe/6//X/uA/l//r/+frMP291etxr/T9P/6f/3/YD+/sst/98z0//p//T8Dxtb/5+7/TNzSyf4HAACAHuTuvzVusf8BAACgGbn7b4tb7H8AAABoRu7+z8Ytnez/6T//f/sn6v9n+v8u+v9V/b/+X/8/aCzP/7/ggv+6Xf+v/2+x/59H/6//1/+z3dj6/9z9n4tbOtn/AAAA0IPc/Z+PW+x/AAAAaEbu/i/ELfY/AAAANCN3/xfjlk72/87+/7zZeqG6bqj/j0ZN/7+J/n/r+9f/D//48Px//b/+/+iNpf/3/P+DvX/9v/5/yu9/X/3/v+z8fP0/LRpb/5+7//a4pZP9DwAAAD3I3f+luMX+BwAAgGbk7v9y3GL/AwAAQDNy998Rt3Sy/z3/X/+v/9f/6/+HX1//P036//n0/wvo/w/fz+dXVf3/dJ///7f6f5ZnbP1/7v6vxC1rw+9f//6Af5sAAADAiOTu/2rc0sn3/wEAAKAHufu/FrfY/wAAANCM3P1fj1s62f/6f/2//l//r/8ffn39/zTp/+fT/y/QT/+/OvTBk+7nD+uk338z/b/n/7NEY+v/c/d/I27pZP8DAABA2+5b+23u/m/GLfY/AAAANCN3/7fiFvsfAAAAmpG7/864pZP9r//X/7ff//+f/n/b6+v/9f8t0//nv9GH6f8X6Kf/H3TS/fzU33/1/+dO6//1/4Sx9f+5+++KWzrZ/wAAANCD3P3fjlvsfwAAAGhG7v7vxC32PwAAADQjd/9345ZO9r/+v6/+f2XWY//v+f+t9P+r2/5+9P/6/yHT6f+vPjX0Uc//1//r/6f7/j3/X//PTmPr/3P3371yqsv9DwAAAFP1P//20Lv2+ufevfbb1dn34hb7HwAAAJqRu//7cYv9DwAAAM3I3f+DuKWT/a//76v/7/P5//r/Vvp/z//X/+/FdPr/Yfp//b/+f7rvX/+v/2ensfX/uft/GLdsGn6D/wc9AAAAwMn5u/396bn7fxS3dPL9fwAAAOhB7v4fxy079v+5Pf6qdgAAAGBscvf/JG7p5Pv/+v+R9/+zI+r/48/T/6/T/+v/h15f/z9N+v/5Dtn/n1vR/+v/59D/6//1/2w3tv4/d/9N18+63P8AAADQqC0/o/DTtd+uzn4Wt9j/AAAA0Izc/T+PW+x/AAAAaEbu/l/ELZ3sf/3/yPv/Az3//0z9nuf/d97/X7Y6+Pr6f/1/y/T/83n+/wL6f/2//l//z1Lto/9fG6RH3f/n7v9l3NLJ/gcAAIAe5O7/Vdxi/wMAAEAzcvf/Om6x/wEAAKAZuft/E7d0sv/1/yfQ/19+ejY70v5/D8//1//30f/v8vrt9P//dP7ZW//3/6+7Rv/PhuPs//PHgv5f/6//X6f/1//r/9lubM//z93/27ilk/0PAAAAPcjdf0/cYv8DAABAM3L3/y5ueXD/33JS7woAAABYptz9v49bOvn+v/6/xef/T7P/z3/WJ9D/n51e/59Nce/9v+f/6/938vz/+fT/C+j/9f/6f/0/SzW2/j93/x/ilk72PwAAAPQgd/8f45bc/yv7/ql7AAAAYGRy998bt/j+PwAAADQjd/99cUsn+1//r/8fS/+fPP9/4/M8/3+d/l//vx/6//n0/wvo//X/+n/9P0s1tv4/d/+f4pZO9j8AAAD0IHf//XGL/Q8AAADNyN3/57jF/gcAAIBm5O7/S9zSyf7X/+v/9f/6f/3/8Ovr/6dJ/z+f/n8B/b/+X/+v/2epxtb/5+7/awAAAP//Tx5w3g==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x8e408, 0x0, 0x0, 0x0, &(0x7f0000000140))

8.863332123s ago: executing program 5 (id=727):
fsopen(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/devices.allow\x00', 0x21002, 0x48)
write$cgroup_devices(r3, &(0x7f0000000280)=ANY=[@ANYBLOB='a'], 0x4e)

8.187251829s ago: executing program 1 (id=728):
bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58)
write$tun(0xffffffffffffffff, &(0x7f00000006c0)=ANY=[@ANYBLOB="010086ddde00120000000000000063b9e7a900000001fc020000000000000000000000000001ff"], 0x36)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000004c80)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000940)="1beb41ea4ea9ca354f167d9eaee7dc35eca218b865688d79fe31cbe00d190c853bfe6a22bd7dec0023aa0e038d07000040e37e00f7dd3afafdbc70e1b5928033df5e82fd76f31e8b29a0f05c2cef56f56cd0330dc984004f220b7dcb23a05d530df65691cf6a3cceb7a97c673856f552ded9530b52fe6d1e662090d2802233ec1adca9eaab9dd6f04b2717ed1552cf46dc28cd3fbf1ec1eaedd80d1da838a00a1e229ce16d2c1a411be06f715e8b6aa7552800d5282e4e0bf3eaf55a60da25", 0xbf}, {&(0x7f0000000b00)="2112f3980a4c0902dcb1918da23fb18a9d89c4f0793b7c45b722417a6401d606e033776833d550074c2b667b4e127ea79880d00aeee8d16ca6f011603c22355681cd2e9d0d8a2fea2e9b525389d2e7b95aa129fef95245bffd1ccc58bb9ca56a50cd0b4da05e78cc4aef1e9157a66caefb0ba968710bfbc7baabaa3b06bf6e5fe4fe8ebcbc81a4dbda4b1b65ea2d852cda4881d7ceda7dcbef58471a951ca1851b50dd9276e0ab06fa0e23d023766294c911bff4e6d33acdd316322f4d5a1a4eb5ae51e511f2923f3318d83b9b438b20e0560a4834edb911911c7b557e37e94f6f0a2f1d291ae3049df23212a4b50eeb9c9a0901e880", 0xf6}], 0x2, 0x0, 0x0, 0x4004090}, {0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000540)="d21e61c0af08368aedabcf6e445f1ca30a2f37d1f6d14042afeb21e49b0da7fd9f0940cf59647c14b7e6f19ac068f3a0920aed0a27cdd22c711855b5fb9f81ba75787a21c891067a458e010b16fa7d60083bef", 0x53}, {&(0x7f0000000c00)="11bc0436f24447912dce9afd07fe935ecc6bd5eda7c7802f23cc14c83af658aba7129a55512896099992c8d02253e12016902434d12855df0a9b30e55e8f6259b106445aab46f952998eb7f8da0bad476b3c282f94edbd9aec43c836f227ecbc81a2e8dffb14b537cab2cd95a1351f3cdc2b6343f3521eb5638b256c10f93d4465c51329e7aed07efa4bdabe7b511b77df3e3cba7eac72df9b66860cf3b41a664167c6975937e78a75aa6ca347638a9eb3", 0xb1}, {&(0x7f0000000cc0)}], 0x3, 0x0, 0x0, 0x1}, {0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000e40)="c4ae7c0462b7d5d0f701a4979574ff8a5d74bf45c9e878972a42062f9b70e92f76ed2c49e2e8a043016efc", 0x2b}, {&(0x7f0000000fc0)}], 0x2, 0x0, 0x0, 0x84090}], 0x3, 0x4004000)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-aes-aesni\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

7.942285385s ago: executing program 1 (id=729):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, 0x0, 0x0)
setsockopt$inet_int(r3, 0x0, 0x7, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000002640)={@local, @random="fad1e0480100", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x1, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
prlimit64(r0, 0xf, &(0x7f00000000c0)={0x1}, &(0x7f0000000180))
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x141842, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r5, &(0x7f0000000340)=ANY=[], 0x21)
sendfile(r5, r4, 0x0, 0x40001)

7.676377891s ago: executing program 6 (id=730):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e25}, 0xffffffffffffff71)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r3, 0x100000000)
syz_clone(0x4000, 0x0, 0x0, 0x0, 0x0, 0x0)

7.55994241s ago: executing program 4 (id=731):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x80001, 0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000100)={0x1, "5660359c3245d1c42317afad7d48ed51000000000000000100", <r2=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000000)={0x5, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r2, 0xc0303e03, &(0x7f0000000180)={"2486910284ed923431d4c5d5fbf514fd00", r3})
ioctl$SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000000a40)=0xfff)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0xb, 0x6, 0xff}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x10007f, 0x20000006, 0x4d, 0x6, 0x3, 0x9, 0x2, 0xffff2d34, 0xffffff01, 0x6, 0x3, 0xfffffffc, 0x5, 0x4, 0x2, 0x7, 0x3c5b, 0x80000001, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x0, 0x3, 0xe, 0x8, 0x8000806e, 0x7, 0x17, 0x1, 0x7, 0x200, 0x3e, 0x8c, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x400, 0x80, 0x1, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x7, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x1, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8020, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x43, 0x103], [0x7, 0xa, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xf, 0x4, 0x6, 0x5, 0x0, 0x6, 0x5, 0x1, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x2, 0x6d03, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xc2, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x1000000a, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x80000000, 0xb, 0x5, 0x93a, 0x6, 0x1000006, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x4, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0x10000, 0x7f, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x96, 0xffffffff, 0x80000000, 0x0, 0x4, 0xc8, 0x1, 0xfffff000, 0x10080, 0x3, 0x7e, 0x100, 0x1000, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x1, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
ioctl$SW_SYNC_IOC_INC(r1, 0x40045701, 0x0)

6.507509097s ago: executing program 1 (id=732):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)

6.332821114s ago: executing program 4 (id=733):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x2)

5.92814724s ago: executing program 6 (id=734):
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r1 = syz_open_procfs(r0, &(0x7f000001b200)='net/netstat\x00')
read$FUSE(r1, &(0x7f0000019080)={0x2020}, 0x2020)

5.882620009s ago: executing program 1 (id=735):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
bind$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0xf5, 0x0, 0x1, 0x10, 0x6, @remote}, 0x14)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[], 0xfdef)

5.471854371s ago: executing program 6 (id=736):
syz_mount_image$jfs(&(0x7f0000005d00), &(0x7f0000005d40)='./file0\x00', 0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB="696f636861727365743d6d6163677265656b2c00bae34d43738b26ec95448ad92364ada3c12670ef1165ccf09bebac5b13cfd5562f222ef566e08ecd949162ca7391740d936d14a99c44164b512a0e1dea900294a7ae195bc6ff7f511423af34"], 0x1, 0x5ce8, &(0x7f0000005dc0)="$eJzs3U1vHVcZB/Dnvvj6pbSNKlSFiEWaQmkpzXsC5a0pCxawAAllTSLXrQIpoMQgWlnElReIFV8BNt2w6FfgA/QzID4AkWxWXVAGjX1OMh5f5zokvnPt8/tJzswz547vmfw9nns9M/cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/+uHPLvQi4sbv0oITEV+IQUQ/YrGuT0c9cy0/fhgRJ2O7OV6MiMF8RL3+9j/PR1yOiE+fi9jcWluuF188YD+unF+98/mPf/CPP/554+Qv3vn5x+32n37x0id/uhdx4idvfvL5vaez7QAAAFCKqqqqXnqbfyq9v+933SkAYCry8b9K8nK1Wq1Wq9XHr26qxrvXLCJivblO/ZrB6XgAOGLW47Ouu0CH5F+0YUQ803UngJnW67oDHIrNrbXlXsq31zwenN5pz9eC7Mp/vffg/o79ppO0rzGZ1s/XRgzihX36szilPsySnH+/nf+NnfZRetxh5z8t++U/2rn1qTg5/0E7/5bjk39/bP6lyvkPHyv/gfwBAAAAAGCG5b//n+j4/O/8k2/KgTzq/O/pKfUBAAAAAAAAAJ62Jx3/7wHj/wEAAMDMqt+r1/7y3MNl+30WW738ei/i2dbjgcKkm2WWuu4HAAAAAAAAAAAAAJRkuHMN7/VexFxEPLu0VFVV/dXUrh/Xk65/1JW+/VCyrn/JAwDAjk+fa93L34tYiIjr6bP+5paWlqpqYXGpWqoW5/Pr2dH8QrXYeF+bp/Wy+dEBXhAPR1X9zRYa6zVNer88qb39/ernGlWDA3RsOjoMHAAiYudotOmIdMxU1fPR9ascjgb7//Fj/+cguv45BQAAAA5fVVVVL32c96l0zr/fdacAgKnIx//2eQG1Wq1Wq9XHr26qxrvXLCJivblO/ZrBcPwAcMSsx2ddd4EOyb9ow4g42XUngJnW67oDHIrNrbXlXsq31zwepPHd87Ugu/Jf722vl9cfN52kfY3JtH6+NmIQL+zTnxen1IdZkvPvt/O/sdM+So877PynZb/86+080UF/upbzH7Tzbzk++ffH5l+qnP/wsfIfyB8AAAAAAGZY/vv/Ced/8yYDAAAAAAAAwJGzubW2nO97zef/vzzmce7/PJ5y/j35Fynn32/n37ogZ9CYv//2w/z/vbW2/PHqv76UpzOf/9xgVD/3XK8/GKZrfqq5d+NW3I6VOL/n8cNd7Rf2tM/tar84of3SnvZR3b6Y28/Gcvw6bsc7D9rnJ1wYtTChvZrQnvMf2P+LlPMfNr7q/JdSe681rd3/qL9nv29Oxz3Ptb/955W9e9f0bcTgwbY11dt3poP+bP+fPDOK395duXP29zdXV+9ciDTZtfRipMlTlvOfS185/1df3mnPv/eb++v9j0aPnf+s2Ijhvvm/3Jivt/e1KfetCzn/UfrK+ecj0Pj9/yjnv//+/3oH/QEAAAAAAAAAAAAAAIBHqapq+xbRaxFxNd3/09W9mQDAdOXjf5Xk5Wq1Wq1Wq49f3VSN91aziIi/N9epXzP8Ydw3AwBm2X8j4p9dd4LOyL9g+fP+6ulXuu4MMFV3P/jwlzdv3165c7frngAAAAAAAAAA/688/ufpxvjP29cBtcaN3jX+69tx+siO/9kfDbbHOk8b9FI8evzvM/Ho8b+HE55vbkL7aEL7/IT2hQntY2/0aMj5v5QyzvmfShtW0vivr3bQn67l/M+ksZ5z/l9rPa6Zf/XXo5x/f1f+51bf/825ux98+Mat92++t/Leyq8unL96+dKVy5euXDn37q3bK+d3/u2wx4cr55/HvnYdaFly/jlz+Zcl5//VVMu/LDn/V1It/7Lk/PPrPfmXJeef3/vIvyw5/9dSLf+y5Py/nmr5lyXn/3qq5V+WnP83Ui3/suT830i1/MuS8z+bavmXJed/LtXyL0vOP5/hkn9Zcv75ygb5lyXnfzHV8i9Lzv9SquVflpz/5VTLvyw5/yupln9Zcv5XUy3/suT8v5lq+Zcl5/+tVMu/LDn/N1Mt/7Lk/L+davmXJef/nVTLvyw5/++mWv5lyfl/L9XyL0vO//upln9Zcv5vpVr+ZXn4+f9mzJgxk2e6/s0EAAAAAAAAAAAAALRN43LirrcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO/cWI2d53w/83ZO9NgT8D2figG1OBhZ21ydwiMEkIX9KeqAkpE1Lahx7bZz4VO8up6KyKbQlClKR2gt60TSJ0ihSW4GqSE0lGiE1UnvXXDXiJmqlXPgCKgcllVIFtnpnnufxzOx63jVmYOZ9Pp8I/+ydd2aeeeeZ2f1u9B0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAVhs/PvOnQ0VRlP81/lhXFOeXf19T7C7/ubDj/V4hAAAAcK7eavz5dxemL+xewZVajvnXq/79u4uLi4vFF948+fafLy6mCzYUxcjqomhcFv3bL36+2HpM8EwxPjTc8u/hirsfqbh8tOLysYrLV1Vcvrri8vGKy5ecgCXWNH8f07ixaxt/Xdc8pcXFxVjjsmuXudYzQ6uHh+PvchqGGtdZHDtQHCoOFzPF1JLrDDX+VxSvbCzv694i3tdwy32tL4ri1E+f2hfXMBTO8bVF2501tD53b9xdbHjzp0/t+/bc61csNytPw5KVFsXmTeU6ny2K07+uKoaK1emcxHUOt6xz/TLrHGlb51DjeuXfO9d5aoXrjI97PKzzh13WuT587fFriqJYKM54TKdniuFibce9pvM93twR5W2UT+UHi9Gz2icbV7BPyuv85Jr2fdK5J+P53xjOyegZ1tD6dLzx5VVLzvs73Sflo+6HvVre9v3lnY6Pt/5qtW2vlsc8dd2Z98Cyz90yeyDt5ZY9sKlqDwyvGmnsgeHTa97Utgeml1xnuBhq3NfJ67rvgcm5I8cnZ5948pZDR/YenDk4c3R6ase2rdu3bd2+ffLAocMzU80/z+6UDpC1xXDag5vCe03cgzd0HNu6JRe/8e69Dsb75HVQPvbPXF8u6Pzh4gx7vDzm2c3n/jpI3/dbXgejLa+DZd9Tl3kdjK7gdVAec2rzyr5njrb8t9waevVeuK5lD7yf3w/L+3zoxjO/F64P63ruprP9fjiyZA/EhzUUXnvlV9LPe+O3h/OydF9cWV5w3qpifnbmxK2P752bOzFdhPGeuKjluercL2tbHlOxZL8Mn/V+2f23v7z+ymW+vi6cq/Gbuz9X5THbJro/V4139+XPZ9tXtxRhvMve6/O53Hez8nymLNHlfJbHPHvLuf8smHJJy/vfWNX738jYaPP9bySdjbG297+lT81IY2VFceqWlb3/jYX/3uv3v4v75P2vPFcP3dp9D5THPDd5tntgtOv73zVhDoX13BgSw3hL7n+7cflCc5u2PJeV+2Z0dCzsm9F4j+37ZuuS65S3Vt735ql3tm82X9P+XLX93FLDfVOeq7+Y6r5vymNenT7394418a8t7x2rqvbA2Miqcr1jaRM03+8W18Q9cGuxrzhWHC72p+uUz3J5XxNbVrYHVoX/3uv3jsv7ZA+U5+rFLd33QHnMD7a+uz87bQ5fSce0/OzU+fuFM2X+K0dP317naXu3M3+5zk9s6/67ofKY17edbc7ofp5uDl85b5nz1Pn6OdOe3l+8N+fp8rDOw9u7/26qPObiHSvcT7uLonht+rXG77vC73f/Yf4/vtv2e9/lfqf82vRr900+8KOzWT8AAO/c240/F1Y1f9Zs+X+sV/L//wMAAAADIeb+4TAT+R8AAABqI+b+kTAT+R8AAABqI+b+0TCTTPL/I7fvfOmtp4v0aYCLQbw8nob772weFzveC+HfGxZPK7/+sW+NvfSVp1d238NFUfzyvg8te/wjd8Z1NR2P6/xI+9eXuPzqFd3/ww+ePq718xNO7Wzefnw8K90Gsav8yuSWxu1ueGK6MV+9r2jMBxaee6Z5+81/x+NPbm0e/1fhQ0t2Hxhqu/7msJ5rw9wQPlPm/t2nz0M54/VeWn/Vv1z02dP3F683tOmCxsN88Q+btxs/I+qFi5rHx8d9pvX/81e/81J5/OPXLb/+p4eXX//JcLs/CfMXu5rHt57zr7Ss/4/D+uP9xevd+s3vL7v+ly9rHv9y2BdfD7Nz/Xf/2YffWu75ivez+47m9eL9T/3Ptsb14u3F2+9c//jT023no/P2X32zeTu7Hv3ZSOvx8evxfqKH72jf30Ph+W3rkRdF8Z0/KdrOc/HR5vX+qWP98faO37H8+m/uWOfxoasb1z/9eNa1Pa6v/c2WZR9vXM/uv1/X9nheuCecvzcnf1De7skHwn4Ml//vD5u31/lZpi/f0/5+E4//+rrm6zbe3mTH+l/oWP/C1eW5q17/vW821//yXavb1r/7k2E/3ducVes/+NcXtl3/G99uPh8nHps4emx2/tD+lrPa+jpePb5m7Xnnf+CCC8N7aee/9xybe2TmxIapDVNFsWEAPzKw1+v/Zpj/3RwL7/49NP3oZ8199/ynmt+3bvh5898vhK8/HJ7P+P3xa3851rZfO5/3hbua81zXf1NYx0pd9tX/unpFB578/Cvz//hHr3f+XBAfz/FLxhuP78WNlzYuG3q1eXnn+1WV/7yk/XX949GpxvxeOK+L4ZOZN13avL/O24+fTfL8p5uv3/iTXLx+0fF5IutG2h/Hua7/x+HnmO9f3v7+F/fH957u+DTndcVQuYSF8P5QLDQvj0fF8/38qUuXvb/4OTzFwhVns8wzmn1idvLwoaPzj0/OzczOTc4+8eSeI8fmj87taXx26Z4vVl3/9Ot7beP1vX9mx7ai8Wo/1hw99n6v//iD+/bfNnX9/pkDe+cPzD14fObEwX2zs/tm9s9ev/fAgZnHqq5/aP+u6S07t962ZeLgof27bt+5c+vOiUNHj5XLaC6qwo6pL00cPbGncZXZXdt2Tm/fvm1q4six/TO7bpuampivun7je9NEee1HJ07MHN47d+jIzMTsoSdndk3v3LFjS+WnPx45fmB2w+SJ+aOT87MzJyabj2XDXOPL5fe+quuTh9lj4f2uw1D46fxzN+9In49b+taXz3hTzUPafzwt3gifBRW/v1X9O+b+sTCTTPI/AAAA5CDm/vDB/6cvkP8BAACgNmLuXx1mIv8DAABAbcTcPx5mkkn+1//X/9f/1//X/9f/7yX9f/3/bvT/9f8Hef36//r/VOu3/n/M/WuKIsv8DwAAADmIuX9tmIn8DwAAALURc/95YSbyPwAAANRGzP3nh5lkkv/1//X/9f/1//X/9f97Sf9f/78b/X/9/0Fev/6//j/V+q3/H3P/B8JMMsn/AAAAkIOY+y8IM5H/AQAAoDZi7r8wzET+BwAAgNqIuX9dmEkm+V//X/9f/1//X/9f/7+X9P/1/7vR/9f/H+T16//r/1Ot3/r/Mff/vzCTTPI/AAAA5CDm/g+Gmcj/AAAAUBsx918UZiL/AwAAQG3E3H9xmEkm+V//X/9f/1//X/9f/7+X9P/1/7vR/9f/H+T16//r/1Ot3/r/MfdfEmaSSf4HAACAHMTcf2mYifwPAAAAtRFz/2VhJvI/AAAA1EbM/ZeHmWSS//X/9f/1//X/9f/1/3tJ/1//vxv9f/3/QV6//r/+P9X6rf8fc/8VYSaZ5H8AAADIQcz9V4aZyP8AAABQGzH3fyjMRP4HAACA2oi5f32YSSb5X/9f/1//X/9f/1//v5f0//X/u9H/1/8f5PXr/+v/U63f+v8x9384zCST/A8AAAA5iLn/qjAT+R8AAABqI+b+q8NM5H8AAACojZj7N4SZZJL/9f/1//X/9f/1//X/e0n/X/+/G/1//f9BXr/+v/4/1fqt/x9z/8Ywk0zyPwAAAOQg5v5NYSbyPwAAANRGzP3XhJnI/wAAAFAbMfdfG2aSSf7X/9f/1//X/9f/1//vJf1//f9u9P/1/wd5/fr/+v9U67f+f8z914WZZJL/AQAAIAcx918fZiL/AwAAQG3E3H9DmIn8DwAAALURc//mMJNM8r/+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dav/X/Y+6/Mcwkk/wPAAAAOYi5/6YwE/kfAAAAaiPm/pvDTOR/AAAAqI2Y+yfCTDLJ//r/+v/6//r/+v/6/72k/6//343+v/7/IK9f/1//n2r91v+Puf+WMJNM8j8AAADkIOb+W8NM5H8AAACojZj7J8NM5H8AAACojZj7p8JMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5fzrMJJP8DwAAADmIuX9LmIn8DwAAALURc//WMBP5HwAAAGoj5v5tYSaZ5H/9f/1//X/9f/1//f9e0v/X/+9G/1//f5DXr/+v/0+1fuv/x9y/Pcwkk/wPAAAAOYi5f0eYifwPAAAAtRFz/21hJvI/AAAA1EbM/beHmWSS//X/9f/1//X/9f/1/3tJ/1//vxv9f/3/QV6//r/+P9X6rf8fc//OMJNM8j8AAADkIOb+j4SZyP8AAABQGzH33xFmIv8DAABAbcTc/9Ewk0zyv/6//r/+v/6//r/+fy/p/+v/d6P/r/8/yOvX/9f/p1q/9f9j7t8VZpJJ/gcAAIAcxNx/Z5iJ/A8AAAC1EXP/XWEm8j8AAADURsz9u8NMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/+4wk0zyPwAAAOQg5v6PhZnI/wAAAFAbMfd/PMxE/gcAAIDaiLn/E2EmmeR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PtX7r/8fcf0+YSSb5HwAAAHIQc/8nw0zkfwAAAKiNmPv/f5iJ/A8AAAC1EXP/vWEmmeR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PtX7r/8fc/ythJpnkfwAAAMhBzP33hZnI/wAAAFAbMfd/KsxE/gcAAIDaiLn/V8NMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5/9fCTDLJ/wAAAJCDmPt/PcxE/gcAAIDaiLn/N8JM5H8AAACojZj77w8zyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/t8MM8kk/wMAAEAOYu5/IMxE/gcAAIDaiLn/02Em8j8AAADURsz9nwkzyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/gfDTDLJ/wAAAJCDmPs/G2Yi/wMAAEBtxNz/W2Em8j8AAADURsz9vx1mkkn+1//X/9f/1//X/9f/7yX9f/3/bvT/9f8Hef36//r/VOu3/n/M/Z8LM8kk/wMAAEAOYu7/nTAT+R8AAABqI+b+3w0zkf8BAACgNmLufyjMJJP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/qdZv/f+Y+z8fZpJJ/gcAAIAcxNz/e2Em8j8AAADURsz9e8JM5H8AAACojZj7Hw4zyST/6//r/+v/6//r/+v/95L+v/5/N/r/+v+DvH79f/1/qvVb/z/m/r1hJpnkfwAAAMhBzP1fCDOR/wEAAKA2Yu7fF2Yi/wMAAEBtxNy/P8wkk/yv/6//r/+v/6//r//fS/r/+v/d6P/r/w/y+vX/9f+p1m/9/5j7Z8JMMsn/AAAAkIOY+w+Emcj/AAAAUBsx9x8MM5H/AQAAoDZi7n8kzCST/K//r/+v/6//r/+v/99L+v/6/93o/+v/D/L69f/1/6nWb/3/mPsPhZlkkv8BAAAgBzH3fzHMRP4HAACA2oi5/0thJvI/AAAA1EbM/YfDTDLJ//r/+v/6//r/+v/6/72k/6//343+v/7/IK9f/1//n2r91v+Puf9ImEkm+R8AAAByEHP/0TAT+R8AAABqI+b+Y2Em8j8AAADURsz9x8NMMsn/+v/6//r/+v/6//r/vaT/r//fjf6//v8gr1//X/+fav3W/4+5//fDTDLJ/wAAAJCDmPtPhJnI/wAAAFAbMffPhpnI/wAAAFAbMffPhZlkkv/1//X/9f/1//X/9f97Sf9f/78b/X/9/0Fev/6//j/V+q3/H3P/fJhJJvkfAAAAchBz/6NhJvI/AAAA1EbM/Y+Fmcj/AAAAUBsx9z8eZpJJ/tf/1//X/9f/1//X/+8l/X/9/270//X/B3n9+v/6/1Trt/5/zP1PhJlkkv8BAAAgBzH3PxlmIv8DAABAbcTc/wdh/h/79qwF4NKDYfTGf9u2bdu2bRzbVnGaJOU31aw1M9m7SZv2LZ5i/wMAAMAxcvc/J25psv/1//p//b/+X/+v/59J/6//v6L/1//v/L/+X//P2Gr9f+7+58YtTfY/AAAAdJC7/3lxi/0PAAAAx8jd//y4xf4HAACAY+Tuf0Hc0mT/6//1//p//b/+X/8/k/5f/39F/6//3/l//b/+n7HV+v/c/S+MW5rsfwAAAOggd/+L4hb7HwAAAI6Ru//FcYv9DwAAAMfI3f+SuKXJ/tf/6//1//p//b/+fyb9v/7/iv5f/7/z//p//T9jq/X/uftfGrc02f8AAADQQe7+l8Ut9j8AAAAcI3f/y+MW+x8AAACOkbv/FXFLk/2v/9f/6//1//p//f9M+n/9/xX9v/5/5//1//p/xlbr/3P3vzJuabL/AQAAoIPc/a+KW+x/AAAAOEbu/lfHLfY/AAAAHCN3/2vilib7X/+v/9f/6//1//r/mfT/+v8r+n/9/87/6//1/4yt1v/n7n9t3NJk/wMAAEAHuftfF7fY/wAAAHCM3P2vj1vsfwAAADhG7v43xC1N9r/+X/+v/9f/6//1/zPp//X/V/T/+v+d/9f/6/8ZW63/z93/xrilyf4HAACADnL3vylusf8BAADgGLn73xy32P8AAABwjNz9b4lbmux//b/+X/+v/9f/6/9n0v/r/6/o//X/O/+v/9f/M7Za/5+7/61xS5P9DwAAAB3k7n9b3GL/AwAAwDFy9789brH/AQAA4Bi5+98RtzTZ//p//b/+X/+v/9f/z6T/1/9f0f/r/3f+X/+v/2dstf4/d/8745Ym+x8AAAA6yN3/rrjF/gcAAIBj5O5/d9xi/wMAAMAxcve/J25psv/1//p//b/+X/+v/59J/6//v6L/1//v/L/+X//P2Gr9f+7+98YtTfY/AAAAdJC7/31xi/0PAAAAx8jd//64xf4HAACAY+Tu/0Dc0mT/6//1//p//b/+X/8/k/5f/39F/6//3/l//b/+n7HV+v/c/R+MW5rsfwAAAOggd/+H4hb7HwAAAI6Ru//DcYv9DwAAAMfI3f+RuKXJ/tf/6//1//p//b/+fyb9v/7/iv5f/7/z//p//T9jq/X/ufs/Grc02f8AAADQQe7+j8Ut9j8AAAAcI3f/x+MW+x8AAACOkbv/E3FLk/2v/9f/6//1//p//f9M+n/9/xX9v/5/5//1//p/xlbr/3P3fzJuabL/AQAAoIPc/Z+KW+x/AAAAOEbu/k/HLfY/AAAAHCN3/2filib7X/+v/9f/6//1//r/mfT/+v8r+n/9/87/6//1/4yt1v/n7v9s3NJk/wMAAEAHufs/F7fY/wAAAHCM3P2fj1vsfwAAADhG7v4vxC1N9r/+X/+v/9f/6//1/zPp//X/V/T/+v+d/9f/6/8ZW63/z93/xbilyf4HAACADnL3fylusf8BAADgGLn7vxy32P8AAABwjNz9X4lbmux//b/+X/+v/9f/6/9n0v/r/6/o//X/O/+v/9f/M7Za/5+7/6txS5P9DwAAAB3k7v9a3GL/AwAAwDFy9389brH/AQAA4Bi5+78RtzTZ//p//b/+X/+v/9f/z6T/1/9f0f/r/3f+X/+v/2dstf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBj5O7/dtxi/wMAAMAxcvd/J25psv/1//p//b/+X/+v/59J/6//v6L/1//v/L/+X//P2Gr9f+7+78YtTfY/AAAAdJC7/3txi/0PAAAAx8jd//24xf4HAACAY+Tu/0Hc0mT/6//1//p//b/+X/8/k/5f/39F/6//3/l//b/+n7HV+v/c/T+MW5rsfwAAAOggd/+P4hb7HwAAAI6Ru//HcYv9DwAAAMfI3f+TuKXJ/tf/6//1//p//b/+fyb9v/7/iv5f/7/z//p//T9jq/X/uft/Grc02f8AAADQQe7+n8Ut9j8AAAAcI3f/z+MW+x8AAACOkbv/F3FLk/2v/9f/6//1//p//f9M+n/9/xX9v/5/5//1//p/xlbr/3P3/zJuabL/AQAAoIPc/b+KW+x/AAAAOEbu/l/HLfY/AAAAHCN3/2/ilib7X/+v/9f/6//1//r/mfT/+v8r+n/9/87/6//1/4yt1v/n7v9t3NJk/wMAAEAHuft/F7fY/wAAAHCM3P2/j1vsfwAAADhG7v4/xC1N9r/+X/+v/9f/6//1/zPp//X/V/T/+v+d/9f/6/8ZW63/z93/x7ilyf4HAACADnL3/ylusf8BAADgGLn7/xy32P8AAABwjNz9f4lbmux//b/+X/+v/9f/6/9n0v/r/6/o//X/O/+v/9f/M7Za/5+7/69xS5P9DwAAAB3k7v9b3GL/AwAAwDFy9/89brH/AQAA4Bi5+/8RtzTZ//p//b/+X/+v/9f/z6T/1/9f0f/r/3f+X/+v/2dstf4/d/8/45Ym+x8AAAA6yN3/r7jF/gcAAIBj5O7/d9xi/wMAAMAxcvf/J25psv/1//p//b/+X/+v/59J/6//v6L/1//v/L/+X//P2Gr9f+7+/8YtTfY/AAAAdJC7/39xi/0PAAAAx8jd//+4xf4HAACAY+TuvyFuabL/9f/6f/2//l//r/+fSf+v/7+i/9f/7/y//l//z9hq/X/u/hvjlib7HwAAADrI3X9T3GL/AwAAwDFy998ct9j/AAAAcIzc/bfELU32v/5f/6//1//r//X/M+n/9f9X9P/6/53/1//r/xlbrf/P3X9r3NJk/wMAAEAHuftvi1vsfwAAADhG7v7b4xb7HwAAAI6Ru/+OuKXJ/tf/6//1//p//b/+fyb9v/7/iv5f/7/z//p//T9jq/X/ufvvjFua7H8AAADoIHf/XXGL/Q8AAADHyN1/d9xi/wMAAMAxcvffE7c02f/6f/2//l//r//X/8+k/9f/X9H/6/93/l//r/9nbLX+P3f/vXFLk/0PAAAAHeTuvy9usf8BAADgGLn7749b7H8AAAA4Ru7+B+KWJvtf/6//1//r//X/+v+Z9P/6/yv6f/3/zv/r//X/jK3W/+fufzBuabL/AQAAoIPc/Q/FLfY/AAAAHCN3/8Nxi/0PAAAAx8jd/0jc0mT/6//1//p//b/+X/8/k/5f/39F/6//3/l//b/+n7HV+v/c/Y/GLU32PwAAAHSQu/+xuMX+BwAAgGPk7n88brH/AQAA4Bi5+5+IW5rsf/2//l//r//X/+v/Z9L/6/+v6P/1/zv/r//X/zO2Wv+fu//JuKXJ/gcAAIAOcvc/FbfY/wAAAHCM3P1Pxy32PwAAABwjd/8zcUuT/a//1//r//X/+n/9/0z6f/3/Ff2//n/n//X/+n/GVuv/c/c/GwAA//9/h0Q1")
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xfc, {"a2e3ad21ed0d1bf91b29550987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f3b096c060890e0878f0e1ac6e7049b096e959b449a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b075d0d36cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130f91850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f4077fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a81aa1020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b21052010689af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153fae46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c343f7f140f319539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474b0679dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691951264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d984836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a70500be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x8f5}}, 0x1006)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)

5.471473749s ago: executing program 3 (id=737):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x8, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)

5.432914119s ago: executing program 4 (id=738):
socket$inet6(0xa, 0x2, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000380)='maps\x00')
pread64(r3, &(0x7f0000000600)=""/4091, 0xffb, 0x12c)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
close(r0)
socket$tipc(0x1e, 0x2, 0x0)

5.356937558s ago: executing program 1 (id=739):
bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58)
write$tun(0xffffffffffffffff, &(0x7f00000006c0)=ANY=[@ANYBLOB="010086ddde00120000000000000063b9e7a900000001fc020000000000000000000000000001ff"], 0x36)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000004c80)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000940)="1beb41ea4ea9ca354f167d9eaee7dc35eca218b865688d79fe31cbe00d190c853bfe6a22bd7dec0023aa0e038d07000040e37e00f7dd3afafdbc70e1b5928033df5e82fd76f31e8b29a0f05c2cef56f56cd0330dc984004f220b7dcb23a05d530df65691cf6a3cceb7a97c673856f552ded9530b52fe6d1e662090d2802233ec1adca9eaab9dd6f04b2717ed1552cf46dc28cd3fbf1ec1eaedd80d1da838a00a1e229ce16d2c1a411be06f715e8b6aa7552800d5282e4e0bf3eaf55a60da25", 0xbf}, {&(0x7f0000000b00)="2112f3980a4c0902dcb1918da23fb18a9d89c4f0793b7c45b722417a6401d606e033776833d550074c2b667b4e127ea79880d00aeee8d16ca6f011603c22355681cd2e9d0d8a2fea2e9b525389d2e7b95aa129fef95245bffd1ccc58bb9ca56a50cd0b4da05e78cc4aef1e9157a66caefb0ba968710bfbc7baabaa3b06bf6e5fe4fe8ebcbc81a4dbda4b1b65ea2d852cda4881d7ceda7dcbef58471a951ca1851b50dd9276e0ab06fa0e23d023766294c911bff4e6d33acdd316322f4d5a1a4eb5ae51e511f2923f3318d83b9b438b20e0560a4834edb911911c7b557e37e94f6f0a2f1d291ae3049df23212a4b50eeb9c9a0901e880", 0xf6}], 0x2, 0x0, 0x0, 0x4004090}, {0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000540)="d21e61c0af08368aedabcf6e445f1ca30a2f37d1f6d14042afeb21e49b0da7fd9f0940cf59647c14b7e6f19ac068f3a0920aed0a27cdd22c711855b5fb9f81ba75787a21c891067a458e010b16fa7d60083bef", 0x53}, {&(0x7f0000000c00)="11bc0436f24447912dce9afd07fe935ecc6bd5eda7c7802f23cc14c83af658aba7129a55512896099992c8d02253e12016902434d12855df0a9b30e55e8f6259b106445aab46f952998eb7f8da0bad476b3c282f94edbd9aec43c836f227ecbc81a2e8dffb14b537cab2cd95a1351f3cdc2b6343f3521eb5638b256c10f93d4465c51329e7aed07efa4bdabe7b511b77df3e3cba7eac72df9b66860cf3b41a664167c6975937e78a75aa6ca347638a9eb3", 0xb1}, {&(0x7f0000000cc0)}], 0x3, 0x0, 0x0, 0x1}, {0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000e40)="c4ae7c0462b7d5d0f701a4979574ff8a5d74bf45c9e878972a42062f9b70e92f76ed2c49e2e8a043016efc", 0x2b}, {&(0x7f0000000fc0)}], 0x2, 0x0, 0x0, 0x84090}], 0x3, 0x4004000)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-aes-aesni\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

5.166538472s ago: executing program 3 (id=740):
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x12, &(0x7f0000001240)=ANY=[@ANYBLOB="636f6465706167653d69736f383835392d352c756d61736b3d30303030303030303030303030303030303030303737372c696f636861727365743d63703836392c00593e6b66dbda701c6930c62a968870c671f6477cb145c6d89cc4842eb0720eecdf2ebd09f8dbf643b0adace8211effc59b60800919356a988fc72124c74383345cffd7c56ca293570c91cd0a246a89578c98a5d7adce29637c1181f1683d5b3c231fc700f5a4d5ade92e536e6d48a33c8fe7196d3c21f85102d71c4a757c811f270651dd6cfe2890f2650fbaa112ebd9f2a722f5811fbfc1b06807a0e87b42b6cc7bbb2fd495cdcb77aaef069c174193a8350150f86d32b86d93bb71ff0af70dd240bdf600dca52899a1f64a3cf2350dd993a702353ce0d906412f6301a961fec3049536174a7cadd6be69704ff9c8e45bc92f4ccdfc7626ebd4ad65aa3778bb6797cb9e25f80325f1fa5903d4e6cde04bb0bef07c4fc5a02fa21e6a0a2a"], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000e, 0x20c44fb6edc09a38, 0xffffffffffffffff, 0x0)
getdents64(r0, 0x0, 0x0)

4.888528833s ago: executing program 1 (id=741):
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r3=>r2, {0x8}}, './file0\x00'})
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000200)='\x00', &(0x7f0000000240)='#!.\\.^:{\x15\x00', 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000180)=0x3)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x804, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000caefb8)={0x12, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="85000000ae000000540022c230"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback=0x20}, 0x94)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
mmap$binder(&(0x7f000023d000/0x2000)=nil, 0x2000, 0x1, 0x11, 0xffffffffffffffff, 0x6)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
sendto$inet(r4, &(0x7f00000013c0)="bd31", 0x2, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$KVM_TDX_CAPABILITIES(r3, 0xc008aeba, &(0x7f0000000280)={0x0, 0x0, 0x0})
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f00000000c0)={'fl512\x00', [0x4fa7, 0x105, 0x2, 0x10000421, 0x2000001, 0xcc7, 0x7ffffffe, 0x5c952398, 0x5, 0x3ff, 0x2, 0x300, 0x1, 0x1, 0x9, 0x0, 0x40400, 0x8, 0x48f3, 0x1ff, 0x80000089, 0xa, 0x1400000, 0x20001e54, 0xffffeadb, 0x3, 0x3d, 0x8, 0x4, 0x7ffffff, 0x485b]})
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000007, 0x12, r5, 0xbc7ae000)

4.366305818s ago: executing program 4 (id=742):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, 0x0, 0x0)
setsockopt$inet_int(r3, 0x0, 0x7, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
prlimit64(r0, 0xf, &(0x7f00000000c0)={0x1}, &(0x7f0000000180))
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x141842, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r5, &(0x7f0000000340)=ANY=[], 0x21)
sendfile(r5, r4, 0x0, 0x40001)

4.066589984s ago: executing program 3 (id=743):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="140000000000000001000000", @ANYRES32=r3, @ANYBLOB='\x00\x00]\x00'], 0x18, 0x20048044}}], 0x1, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x771, &(0x7f0000001280)="$eJzs3M9rHGUfAPDvTLJJm+Z9Ny+84I+DCC1YKN0kzaU9NV68FQoFrzUkmxAyyYbspnZjwdazUJuLgiDi2aMXD0Kpf4A3KSh4F0RrBMXLymx+1Ka7m02TZrX9fGCy32eemfk+393Jww7sTADPrVfzP0nEcERcjoji1vo0Igaa0bGIm5vbbTy4MZ0vSTQaV35O8t1io1HcOVay9XoimrvEixFxrxBx5r3H81brawtTWVZe2WqP1haXR6v1taH5xam58lx5aXziwtj5iYnzYxN71vBCl7WeevPC8TvfvLG+/u0Xtduv9J9NYrJZd2zV1uVh9mXzPSnE5K71S08jWQ8lvR4AAABdyb/n90VEf/NbajH6mlFrX/5+pEMDAAAADkljsAEAAAA885Lo0HmsUycAAADw77D9O4Dte3s73wc7cOi/P/jp9YgYaZW/v3kPccSxKETE0EbyyJ0JyeZucCA3b0XE3cnd599n+Rl284DHHtvVfvQe6cP/X2L/7ubzz2Sr+SfdmX+ixfzTv/3shANqP/89zN/XZv673GWOrz55qdA2/62Il/tb5U928idt8r/VZf7b6+/f2WubVvn/nmv7+RBnH38+xOTsfNbx8QP3/jx9v11fXv9Qu/zNo7b+/POu5T0r3/TOxq8L7eaSPP/pk50//1bvf35OfLA1jjQi7my95u31XTlOLn73daf6ZyIaT/L5f9pl/T98Pni9y00BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgKY2I4UjS0k6cpqVSxImI+H8MpVmlWjszW1ldmsn7IkaikM7OZ+WxiChutpO8Pd6MH7bP7WpPRMT/vj++mXQ+K5emK9lMr4sHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgx4mIGI4kLUVEGhG/FdO0VIro72LfwSMYHwAAAHBIRno9AAAAAOCpc/0PAAAAz74W1/+FbvZLnsJYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGfW5UuX8qWx8eDGdN6euVZfXahcOztTri6UFlenS9OVleXSXKUyl5VL05XFvY6XVSrL4xdi9fporVytjVbra1cXK6tLtavzi1Nz5avlwpFUBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH4NN5ckLUVE2ozTtFSK+E9EjEQhmZ3PymMR8d+IuF8sDObt8V4PGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgENXra8tTGVZeUUgEBxZ8G5E/AOG0SHo9cwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAvVOtrC1NZVl6p9nokAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fb6YxIR+fJa8dTwrs6+geSPYh4MRMTbH1/58PpUrbYyHjGQ/LKzvvbR1vpzPSkAAAAAngcX97Px9nX69nU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAt6r1tYWpLCuvHCy4GPW1RtJmm17XCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJm/AgAA///ossUV")
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x28, 0x1, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f00000005c0)=[{0x8, 0x0, [0x7a, 0x5, 0x9, 0x7, 0x7, 0x9, 0x100, 0x1, 0x0, 0x4, 0x5, 0x9, 0x6, 0xc7, 0x561c4da6, 0x25]}, {0x1c, 0x0, [0x80, 0xfffffffc, 0x6, 0x7, 0x6, 0x90, 0x3, 0x7, 0x14000, 0xf7, 0x7, 0x1, 0x4, 0x91ed, 0x847, 0x4d4]}, {0x1a, 0x0, [0x6, 0xbdb, 0x9, 0xb5a, 0x4, 0x0, 0x1bab, 0x7, 0x6, 0x400, 0x7, 0x3, 0x85, 0xddf4, 0xfffffffe, 0x8]}], 0xffffffffffffffff, 0x1, 0x1, 0xd8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f00000004c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e24, 0x5, @local, 0x7}, {0xa, 0x4e23, 0x1, @private1, 0x8339}, 0xffffffffffffffff, 0x1}}, 0x48)
getsockname$packet(r6, &(0x7f0000000240)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000002440)=@delchain={0x34, 0x2e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0xe, 0x3}, {0xfff2, 0xffff}, {0xc, 0xd}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000085}, 0x0)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x4090)
bind$inet6(r8, &(0x7f00000002c0)={0xa, 0x4e23, 0x9, @loopback}, 0x1c)
listen(r8, 0x4)
capset(&(0x7f0000000180)={0x20080522, r0}, &(0x7f00000003c0)={0x7, 0x6, 0x4, 0x7, 0x1, 0x5e8e})
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r4, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
sendmmsg$inet6(r4, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f0000000580)=[{&(0x7f0000001680)="89", 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r4, 0x84, 0x79, &(0x7f00000001c0)={0x0, 0x7, 0x200}, 0x8)

3.126948466s ago: executing program 5 (id=744):
openat(0xffffffffffffff9c, 0x0, 0x400, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, &(0x7f00000000c0), &(0x7f0000000000)=""/10, 0x2}, 0x20)

3.111990053s ago: executing program 4 (id=745):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1000023, &(0x7f0000000540), 0x1, 0x490, &(0x7f0000000580)="$eJzs3UFrXNUeAPD/nSR9aZu+pO+9RV/BWmwlLdqZpLFtcFEriK4Kat3HmExCyCQTMpO2CUVS/ACCiAquXLkR/ACC9COIUNC9iCiirS5cqCMzudPWOJMETHNx5veD03vOPTPzP6eTOXPPPZe5AXSt4xFxKSJ6IuJ0RAym+3NpivWNVH/c3Ts3puopiVrtyg9JJOm+5msl6fZg+rT+iHj5hYjXkr/GrayuzU+WSsXltFyoLiwVKqtrZ+YWJmeLs8XFsbHR8+MXxs+Nj+xaXy8+9807b374/MVPn7z21cR3p16vN2sgrXuwH7tpo+t9jf+Lpt6IWH4YwTLQk/anL+uGAACwI/Vj/P9ExGON4//B6GkczQEAAACdpPbMQPyaRNQAAACAjpVrXAOb5PLptQADkcvl8xvX8P4vDuRK5Ur1iZnyyuL0xrWyQ9GXm5krFUfSa4WHoi+pl0cb+fvls5vKYxFxOCLeHtzfKOenyqXprE9+AAAAQJc4uGn+//PgxvwfAAAA6DBDWTcAAAAAeOjM/wEAAKDzmf8DAABAR3vx8uV6qjXvfz19dXVlvnz1zHSxMp9fWJnKT5WXl/Kz5fJs4zf7FrZ7vVK5vPRULK5cL1SLlWqhsro2sVBeWaxONO7rPVF0n2gAAADYe4cfvfVlEhHrT+9vpLp9aZ25OnS2XNYNADLTk3UDgMz0Zt0AIDPm+ECyTX1/u4rPdr8tAADAwzH8f+v/0K2s/0P3sv4P3cv6P3Qvc3zA+j8AAHS+gUZKcvl0LXAgcrl8PuJQ47YAfcnMXKk4EhH/jogvBvv+VS+PZt1oAAAAAAAAAAAAAAAAAAAAAAAAAPiHqdWSqAEAAAAdLSL3bZLe/2t48OTA5vMD+5JfBhvbiLj2/pV3r09Wq8uj9f0/3ttffS/dfzaLMxgAAADAZs15enMeDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC76e6dG1PNtJdxv382IoZaxe+N/sa2P/oi4sBPSfQ+8LwkInp2If76zYg40ip+Um9WDKWt2Bw/FxH7M45/cBfiQze7VR9/LrX6/OXieGPb+vPXm6a/q/34l7s3/vW0Gf8O7TDG0dsfF9rGvxlxtLf1+NOMn7SJf2KH8V99ZW2tXV3tg4jhlt8/yZ9iFaoLS4XK6tqZuYXJ2eJscXFsbPT8+IXxc+MjhZm5UjH9t2WMtx755Pet+n+gTfyhbfp/cof9/+329Tv/3SL+qROt3/8jW8Sv/008nn4P1OuHm/n1jfyDjn30+bGt+j/dpv/bvf+ndtj/0y+98fUOHwoA7IHK6tr8ZKlUXJaRkZG5l8l6ZAIAAHbb/YP+rFsCAAAAAAAAAAAAAAAAAAAA3Wsvfk4s6z4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzEHwEAAP//0wfUAw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[], 0x60}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c000000090601080000000000000000070000000900020073797a31000000000500010007000000340007801800018014000240fe8000000000000000000000000000bb060004400e1f00cd050007008400000006000540"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
sched_setscheduler(r0, 0x1, &(0x7f0000000180)=0x3)
syz_open_dev$midi(&(0x7f00000001c0), 0x2, 0x40c01)
mmap(&(0x7f0000030000/0x3000)=nil, 0x3000, 0x5, 0x6b35e9d94325c671, 0xffffffffffffffff, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='numa_maps\x00')
pread64(r5, &(0x7f0000002c00)=""/4082, 0xff2, 0x7)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(0xffffffffffffffff, 0xc0305710, &(0x7f0000000180)={0x0, 0xe7, 0x8, 0x1, 0x9})
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000a40)='./file0\x00')
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
syz_open_dev$tty20(0xc, 0x4, 0x1)

2.015715814s ago: executing program 5 (id=746):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x25, 0xffffffffffffffff, 0x8)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYBLOB="340000001400b59500000000000000000a400000", @ANYRES32=r4, @ANYBLOB="1400020000000000000000000000ffff000000"], 0x34}}, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, 0x0, 0x0)
socket(0x10, 0x803, 0x0)

487.64578ms ago: executing program 3 (id=747):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r5)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
r6 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r6, &(0x7f00000000c0)={&(0x7f0000000840)=@xdp={0x2c, 0x7, 0x0, 0x3e}, 0x80, &(0x7f0000000480)=[{&(0x7f00000002c0)='\x00', 0x1}], 0x1}, 0x4)

26.195124ms ago: executing program 6 (id=748):
bind$alg(0xffffffffffffffff, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(serpent))\x00'}, 0x58)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000480)="b19ccccf84f531d9ec214627c11430c1", 0x20)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000004c80)=[{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000940)="1beb41ea4ea9ca354f167d9eaee7dc35eca218b865688d79fe31cbe00d190c853bfe6a22bd7dec0023aa0e038d07000040e37e00f7dd3afafdbc70e1b5928033df5e82fd76f31e8b29a0f05c2cef56f56cd0330dc984004f220b7dcb23a05d530df65691cf6a3cceb7a97c673856f552ded9530b52fe6d1e662090d2802233ec1adca9eaab9dd6f04b2717ed1552cf46dc28cd3fbf1ec1eaedd80d1da838a00a1e229ce16d2c1a411be06f715e8b6a", 0xaf}, {&(0x7f0000000b00)="2112f3980a4c0902dcb1918da23fb18a9d89c4f0793b7c45b722417a6401d606e033776833d550074c2b667b4e127ea79880d00aeee8d16ca6f011603c22355681cd2e9d0d8a2fea2e9b525389d2e7b95aa129fef95245bffd1ccc58bb9ca56a50cd0b4da05e78cc4aef1e9157a66caefb0ba968710bfbc7baabaa3b06bf6e5fe4fe8ebcbc81a4dbda4b1b65ea2d852cda4881d7ceda7dcbef58471a951ca1851b50dd9276e0ab06fa0e23d023766294c911bff4e6d33acdd316322f4d5a1a4eb5ae51e511f2923f3318d83b9b438b20e0560a4834edb911911c7b557e37e94f6f0a2f1d291ae3", 0xe7}], 0x2, 0x0, 0x0, 0x4004090}, {0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000540)="d21e61c0af08368aedabcf6e445f1ca30a2f37d1f6d14042afeb21e49b0da7fd9f0940cf59647c14b7e6f19ac068f3a0920aed0a27cdd22c711855b5fb9f81ba75787a21c891067a458e010b16fa7d60083bef", 0x53}, {&(0x7f0000000c00)}], 0x2, 0x0, 0x0, 0x1}, {0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000fc0)}], 0x1, 0x0, 0x0, 0x84090}], 0x3, 0x4004000)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-aes-aesni\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f406", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

0s ago: executing program 4 (id=749):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x10, 0x103)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x8e408, 0x0, 0x0, 0x0, &(0x7f0000000140))

kernel console output (not intermixed with test programs):

 'hsr'
[   90.830993][ T5818] Cannot create hsr debugfs directory
[   91.057443][ T5830] hsr_slave_0: entered promiscuous mode
[   91.064571][ T5830] hsr_slave_1: entered promiscuous mode
[   91.071748][ T5830] debugfs: 'hsr0' already exists in 'hsr'
[   91.077850][ T5830] Cannot create hsr debugfs directory
[   91.573824][ T5819] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   91.613288][ T5819] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   91.643479][ T5819] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   91.654559][ T5819] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   91.688103][ T5831] Bluetooth: hci0: command tx timeout
[   91.726983][ T5818] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   91.739827][ T5818] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   91.758705][ T5818] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   91.766542][ T5831] Bluetooth: hci1: command tx timeout
[   91.776015][ T5818] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   91.783059][ T5831] Bluetooth: hci2: command tx timeout
[   91.846981][ T5831] Bluetooth: hci4: command tx timeout
[   91.846998][   T51] Bluetooth: hci3: command tx timeout
[   91.899565][ T5838] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   91.923507][ T5838] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   91.938652][ T5838] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   91.951538][ T5838] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   92.073783][ T5821] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   92.085885][ T5821] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   92.099075][ T5821] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   92.112916][ T5821] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   92.228579][ T5819] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.287720][ T5819] 8021q: adding VLAN 0 to HW filter on device team0
[   92.302057][ T5830] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   92.316180][ T5830] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   92.342421][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.349756][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.365925][ T5830] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   92.378939][ T5830] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   92.428262][ T5818] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.439871][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.447180][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.559283][ T5818] 8021q: adding VLAN 0 to HW filter on device team0
[   92.621937][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.633978][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.641179][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.678538][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.685670][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.771211][ T5821] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.841273][ T5838] 8021q: adding VLAN 0 to HW filter on device team0
[   92.905559][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.912787][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[   92.941003][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0
[   92.956387][  T991] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.963705][  T991] bridge0: port 2(bridge_slave_1) entered forwarding state
[   92.999436][ T5821] 8021q: adding VLAN 0 to HW filter on device team0
[   93.088926][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.096070][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.126766][ T5830] 8021q: adding VLAN 0 to HW filter on device team0
[   93.160630][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.167861][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.180880][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.188119][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.235014][ T5819] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.268595][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.275743][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.522332][ T5830] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   93.555987][ T5818] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.768145][ T5831] Bluetooth: hci0: command tx timeout
[   93.782181][ T5819] veth0_vlan: entered promiscuous mode
[   93.842790][ T5818] veth0_vlan: entered promiscuous mode
[   93.847552][ T5831] Bluetooth: hci2: command tx timeout
[   93.851655][   T51] Bluetooth: hci1: command tx timeout
[   93.905150][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.929537][   T51] Bluetooth: hci3: command tx timeout
[   93.935099][   T51] Bluetooth: hci4: command tx timeout
[   93.971471][ T5819] veth1_vlan: entered promiscuous mode
[   93.990106][ T5818] veth1_vlan: entered promiscuous mode
[   94.135607][ T5821] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.155718][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.209802][ T5819] veth0_macvtap: entered promiscuous mode
[   94.258685][ T5819] veth1_macvtap: entered promiscuous mode
[   94.274399][ T5818] veth0_macvtap: entered promiscuous mode
[   94.331873][ T5818] veth1_macvtap: entered promiscuous mode
[   94.352929][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.385193][ T5819] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.431463][   T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.441469][   T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.472957][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.481116][   T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.491230][   T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.565093][ T5821] veth0_vlan: entered promiscuous mode
[   94.579776][ T5830] veth0_vlan: entered promiscuous mode
[   94.600061][ T5818] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.625888][   T49] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.639233][ T5821] veth1_vlan: entered promiscuous mode
[   94.665312][   T49] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.674745][   T49] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.704742][ T5838] veth0_vlan: entered promiscuous mode
[   94.723849][   T49] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.760042][ T5830] veth1_vlan: entered promiscuous mode
[   94.783487][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.794810][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.833607][ T5838] veth1_vlan: entered promiscuous mode
[   94.902604][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.911190][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.919624][ T5821] veth0_macvtap: entered promiscuous mode
[   94.970918][ T5821] veth1_macvtap: entered promiscuous mode
[   94.985176][ T5830] veth0_macvtap: entered promiscuous mode
[   95.024879][ T5830] veth1_macvtap: entered promiscuous mode
[   95.047101][ T5819] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   95.106983][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.114862][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.129912][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.187145][ T5838] veth0_macvtap: entered promiscuous mode
[   95.209926][ T5821] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.225105][ T5838] veth1_macvtap: entered promiscuous mode
[   95.272875][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.323780][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.383331][ T1147] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.395377][ T1147] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.415618][ T1147] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.458598][ T1147] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.469438][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.485829][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.494953][ T1147] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.550041][ T1147] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.563601][ T1147] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.654004][ T1147] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.856814][   T51] Bluetooth: hci0: command tx timeout
[   95.927620][ T5831] Bluetooth: hci2: command tx timeout
[   95.933104][   T51] Bluetooth: hci1: command tx timeout
[   96.009091][   T51] Bluetooth: hci3: command tx timeout
[   96.016799][   T51] Bluetooth: hci4: command tx timeout
[   96.063143][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.124395][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.143701][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.151841][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.263837][ T5934] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.290838][ T5934] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.342292][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.362005][ T5934] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.393235][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.409994][ T5934] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.115614][ T5945] syz.0.1 (5945): drop_caches: 2
[   97.146159][    T9] cfg80211: failed to load regulatory.db
[   97.169425][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.186935][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.206474][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.257303][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.303159][ T5974] netlink: 4 bytes leftover after parsing attributes in process `syz.2.9'.
[   99.313327][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.343018][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.535767][ T5934] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.564957][ T5934] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  100.040216][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  100.245061][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  100.416910][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  100.449821][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  100.458603][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  100.552282][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  100.561226][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  101.159977][ T5995] loop0: detected capacity change from 0 to 164
[  101.835667][ T5991] syzkaller0: entered promiscuous mode
[  101.855100][ T5991] syzkaller0: entered allmulticast mode
[  102.796698][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  102.805900][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  102.807624][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[  106.219501][ T6030] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21'.
[  107.777976][ T6042] nbd0: detected capacity change from 0 to 127
[  107.966547][ T6042] netlink: 'syz.2.22': attribute type 21 has an invalid length.
[  107.990286][ T6042] netlink: 128 bytes leftover after parsing attributes in process `syz.2.22'.
[  108.134819][ T6042] netlink: 3 bytes leftover after parsing attributes in process `syz.2.22'.
[  108.725746][   T51] block nbd0: Receive control failed (result -104)
[  108.828435][ T5947] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  109.016967][ T5947] usb 1-1: Using ep0 maxpacket: 16
[  109.047025][ T5947] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  109.087700][ T5947] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.105142][ T5947] usb 1-1: Product: syz
[  109.116834][ T5947] usb 1-1: Manufacturer: syz
[  109.133093][ T5947] usb 1-1: SerialNumber: syz
[  110.521275][ T5947] usb 1-1: config 0 descriptor??
[  110.743406][ T5947] usb 1-1: USB disconnect, device number 2
[  110.754787][ T6071] netlink: 4 bytes leftover after parsing attributes in process `syz.1.33'.
[  111.479911][ T6083] loop2: detected capacity change from 0 to 164
[  111.986761][ T6074] syzkaller0: entered promiscuous mode
[  111.992907][ T6074] syzkaller0: entered allmulticast mode
[  113.257367][ T6089] nbd1: detected capacity change from 0 to 127
[  113.312902][ T6089] netlink: 'syz.3.40': attribute type 21 has an invalid length.
[  113.354862][ T6089] netlink: 128 bytes leftover after parsing attributes in process `syz.3.40'.
[  113.407515][ T6093] netlink: 'syz.3.40': attribute type 21 has an invalid length.
[  113.415263][ T6093] netlink: 128 bytes leftover after parsing attributes in process `syz.3.40'.
[  113.773516][   T51] block nbd1: Receive control failed (result -104)
[  115.730910][ T6059] syz.4.29 (6059): drop_caches: 2
[  116.546417][   T24] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  116.807555][   T24] usb 3-1: Using ep0 maxpacket: 16
[  116.820605][   T24] usb 3-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  116.842524][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.851760][   T24] usb 3-1: Product: syz
[  116.856046][   T24] usb 3-1: Manufacturer: syz
[  116.873584][   T24] usb 3-1: SerialNumber: syz
[  116.907418][   T24] usb 3-1: config 0 descriptor??
[  117.183640][ T6089] netlink: 3 bytes leftover after parsing attributes in process `syz.3.40'.
[  117.193334][ T6093] netlink: 3 bytes leftover after parsing attributes in process `syz.3.40'.
[  117.642639][ T6127] loop4: detected capacity change from 0 to 164
[  118.636585][   T24] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  120.219276][ T5940] usb 3-1: USB disconnect, device number 2
[  120.376392][   T24] usb 4-1: Using ep0 maxpacket: 16
[  120.479459][   T24] usb 4-1: unable to get BOS descriptor or descriptor too short
[  120.583766][   T24] usb 4-1: config 13 has an invalid interface number: 50 but max is 0
[  120.652336][   T24] usb 4-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config
[  120.767900][   T24] usb 4-1: config 13 has no interface number 0
[  120.835831][   T24] usb 4-1: config 13 interface 50 altsetting 167 bulk endpoint 0x88 has invalid maxpacket 16
[  120.936752][   T24] usb 4-1: config 13 interface 50 altsetting 167 has an invalid descriptor for endpoint zero, skipping
[  121.215967][   T24] usb 4-1: config 13 interface 50 has no altsetting 0
[  122.135830][   T24] usb 4-1: string descriptor 0 read error: -71
[  122.173698][   T24] usb 4-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[  122.193451][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.253166][   T24] usb 4-1: can't set config #13, error -71
[  122.277828][ T6159] syzkaller0: entered promiscuous mode
[  122.308942][   T24] usb 4-1: USB disconnect, device number 2
[  122.316359][ T6159] syzkaller0: entered allmulticast mode
[  122.362525][ T6169] loop3: detected capacity change from 0 to 1024
[  122.420921][ T6171] netlink: 'syz.0.60': attribute type 21 has an invalid length.
[  122.439521][ T6165] nbd2: detected capacity change from 0 to 127
[  122.469435][ T6171] netlink: 128 bytes leftover after parsing attributes in process `syz.0.60'.
[  122.577876][ T6165] netlink: 'syz.0.60': attribute type 21 has an invalid length.
[  122.585585][ T6165] netlink: 128 bytes leftover after parsing attributes in process `syz.0.60'.
[  122.608300][   T58] hfsplus: b-tree write err: -5, ino 4
[  122.699594][ T6177] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  122.863388][ T6153] syz.2.56 (6153): drop_caches: 2
[  122.988792][   T51] block nbd2: Receive control failed (result -104)
[  125.104900][ T6171] netlink: 3 bytes leftover after parsing attributes in process `syz.0.60'.
[  125.175885][ T6165] netlink: 3 bytes leftover after parsing attributes in process `syz.0.60'.
[  125.899177][ T5911] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  126.441969][ T6213] loop1: detected capacity change from 0 to 1024
[  126.496723][ T5911] usb 5-1: Using ep0 maxpacket: 16
[  126.552297][ T5911] usb 5-1: unable to get BOS descriptor or descriptor too short
[  126.569566][ T5911] usb 5-1: config 13 has an invalid interface number: 50 but max is 0
[  126.586524][ T5911] usb 5-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config
[  126.617022][ T5911] usb 5-1: config 13 has no interface number 0
[  126.636806][ T5911] usb 5-1: config 13 interface 50 altsetting 167 bulk endpoint 0x88 has invalid maxpacket 16
[  126.659232][ T5911] usb 5-1: config 13 interface 50 altsetting 167 has an invalid descriptor for endpoint zero, skipping
[  126.705676][ T5911] usb 5-1: config 13 interface 50 has no altsetting 0
[  126.735888][   T49] hfsplus: b-tree write err: -5, ino 4
[  126.740179][ T5911] usb 5-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[  126.772427][ T5911] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.787662][ T5911] usb 5-1: Product: syz
[  126.807067][ T5911] usb 5-1: Manufacturer: syz
[  126.811741][ T5911] usb 5-1: SerialNumber: syz
[  126.934249][ T6208] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  127.475011][ T6227] loop1: detected capacity change from 0 to 256
[  129.147125][ T6227] exFAT-fs (loop1): failed to test first cluster bit of root dir(5)
[  131.363320][ T6228] exFAT-fs (loop1): start_clu is invalid cluster(0x400)
[  131.692199][ T5911] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  131.721675][ T5911] usb 5-1: MIDIStreaming interface descriptor not found
[  132.821447][ T6218] syz.3.74 (6218): drop_caches: 2
[  132.909041][ T5911] usb 5-1: USB disconnect, device number 2
[  133.191930][ T6238] syzkaller0: entered promiscuous mode
[  133.228225][ T6238] syzkaller0: entered allmulticast mode
[  133.269523][ T6254] udevd[6254]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:13.50/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  133.919403][ T6262] netlink: 'syz.2.83': attribute type 21 has an invalid length.
[  133.927217][ T6262] netlink: 128 bytes leftover after parsing attributes in process `syz.2.83'.
[  133.970598][ T6263] netlink: 'syz.2.83': attribute type 21 has an invalid length.
[  133.978469][ T6263] netlink: 128 bytes leftover after parsing attributes in process `syz.2.83'.
[  136.633670][ T6262] netlink: 3 bytes leftover after parsing attributes in process `syz.2.83'.
[  136.642643][ T6263] netlink: 3 bytes leftover after parsing attributes in process `syz.2.83'.
[  136.750430][ T6283] loop2: detected capacity change from 0 to 512
[  136.828463][ T6283] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.89: inode has both inline data and extents flags
[  136.864947][ T6283] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  136.866541][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  136.882471][    C0] EXT4-fs (loop2): initial error at time 1770397490: ext4_orphan_get:1391: inode 15
[  136.891948][    C0] EXT4-fs (loop2): last error at time 1770397490: ext4_orphan_get:1391: inode 15
[  137.172219][ T6283] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.89: couldn't read orphan inode 15 (err -117)
[  137.191929][ T6283] loop2: lost filesystem error report for type 5 error -117
[  137.194224][ T6283] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.933045][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  137.950520][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  138.679134][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.428118][ T1695] block nbd0: Possible stuck request ffff888027248000: control (read@0,1024B). Runtime 30 seconds
[  139.440149][ T1695] block nbd0: Possible stuck request ffff888027248200: control (read@1024,1024B). Runtime 30 seconds
[  139.451362][ T1695] block nbd0: Possible stuck request ffff888027248400: control (read@2048,1024B). Runtime 30 seconds
[  139.462316][ T1695] block nbd0: Possible stuck request ffff888027248600: control (read@3072,1024B). Runtime 30 seconds
[  140.783955][ T6301] syz.3.92 (6301): drop_caches: 2
[  142.573998][ T6327] syzkaller0: entered promiscuous mode
[  142.591933][ T6327] syzkaller0: entered allmulticast mode
[  143.700218][ T1695] block nbd1: Possible stuck request ffff8880272e8000: control (read@0,1024B). Runtime 30 seconds
[  143.712905][ T1695] block nbd1: Possible stuck request ffff8880272e8200: control (read@1024,1024B). Runtime 30 seconds
[  143.726594][ T1695] block nbd1: Possible stuck request ffff8880272e8400: control (read@2048,1024B). Runtime 30 seconds
[  143.742327][ T1695] block nbd1: Possible stuck request ffff8880272e8600: control (read@3072,1024B). Runtime 30 seconds
[  147.649949][ T6373] syz.0.111 (6373): drop_caches: 2
[  148.899755][    T9] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  149.056927][    T9] usb 3-1: Using ep0 maxpacket: 16
[  149.067646][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  149.096410][    T9] usb 3-1: config 0 interface 0 altsetting 16 has 0 endpoint descriptors, different from the interface descriptor's value: 28
[  149.146360][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  149.153045][    T9] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  149.186345][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.219533][    T9] usb 3-1: config 0 descriptor??
[  149.278013][    T9] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  149.442241][ T6394] syzkaller0: entered promiscuous mode
[  149.448790][ T6394] syzkaller0: entered allmulticast mode
[  149.482482][ T6386] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  149.525915][ T6386] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  149.585921][ T6386] loop2: detected capacity change from 0 to 512
[  150.260482][ T6386] EXT4-fs (loop2): blocks per group (255) and clusters per group (8192) inconsistent
[  150.676228][ T6408] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  151.507495][ T6410] loop2: detected capacity change from 0 to 40427
[  151.548702][ T6410] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  151.555324][ T6410] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  151.590432][ T6410] F2FS-fs (loop2): invalid crc value
[  151.721239][ T6410] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  152.647773][ T1695] block nbd2: Possible stuck request ffff888027308000: control (read@0,1024B). Runtime 30 seconds
[  152.658684][ T1695] block nbd2: Possible stuck request ffff888027308200: control (read@1024,1024B). Runtime 30 seconds
[  152.669793][ T1695] block nbd2: Possible stuck request ffff888027308400: control (read@2048,1024B). Runtime 30 seconds
[  152.681885][ T1695] block nbd2: Possible stuck request ffff888027308600: control (read@3072,1024B). Runtime 30 seconds
[  153.756065][ T6435] syz.3.127 (6435): drop_caches: 2
[  154.783208][ T5884] usb 3-1: USB disconnect, device number 3
[  160.098515][ T6471] loop4: detected capacity change from 0 to 32768
[  160.136995][ T6471] (syz.4.138,6471,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  160.188930][ T6471] (syz.4.138,6471,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  160.243335][ T6471] JBD2: Ignoring recovery information on journal
[  160.286490][    T9] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  160.404587][ T6471] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  160.479136][    T9] usb 4-1: Using ep0 maxpacket: 16
[  160.488677][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  160.518087][    T9] usb 4-1: config 0 interface 0 altsetting 16 has 0 endpoint descriptors, different from the interface descriptor's value: 28
[  160.576364][    T9] usb 4-1: config 0 interface 0 has no altsetting 0
[  160.592095][    T9] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  160.614695][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.649253][    T9] usb 4-1: config 0 descriptor??
[  160.680979][    T9] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  160.690025][ T5838] ocfs2: Unmounting device (7,4) on (node local)
[  160.908680][ T6490] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  160.937612][ T6490] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  160.975618][ T6490] loop3: detected capacity change from 0 to 512
[  161.082350][ T6490] EXT4-fs (loop3): blocks per group (255) and clusters per group (8192) inconsistent
[  161.441029][ T6508] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  162.429271][ T6514] loop3: detected capacity change from 0 to 40427
[  162.441892][ T6514] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  162.448345][ T6514] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  162.474273][ T6514] F2FS-fs (loop3): invalid crc value
[  162.668273][ T6514] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  162.914315][ T6514] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  162.922186][ T6514] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  162.938823][  T794] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  162.982248][ T6510] syz.4.142 (6510): drop_caches: 2
[  163.129103][  T794] usb 2-1: Using ep0 maxpacket: 16
[  163.195628][  T794] usb 2-1: unable to get BOS descriptor or descriptor too short
[  163.232306][  T794] usb 2-1: config 13 has an invalid interface number: 50 but max is 0
[  163.245939][ T6527] loop0: detected capacity change from 0 to 256
[  163.253300][  T794] usb 2-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config
[  163.279092][ T6527] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  163.291220][  T794] usb 2-1: config 13 has no interface number 0
[  163.305085][  T794] usb 2-1: config 13 interface 50 altsetting 167 bulk endpoint 0x88 has invalid maxpacket 16
[  163.334653][  T794] usb 2-1: config 13 interface 50 altsetting 167 endpoint 0x7 has invalid wMaxPacketSize 0
[  163.383255][  T794] usb 2-1: config 13 interface 50 has no altsetting 0
[  163.408485][  T794] usb 2-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[  163.445680][  T794] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.480243][  T794] usb 2-1: Product: syz
[  163.493276][  T794] usb 2-1: Manufacturer: syz
[  163.502071][  T794] usb 2-1: SerialNumber: syz
[  163.711200][ T6517] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  164.077214][ T5884] usb 4-1: USB disconnect, device number 3
[  164.093203][ T5818] syz-executor: attempt to access beyond end of device
[  164.093203][ T5818] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  164.111635][  T794] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  164.118899][  T794] usb 2-1: MIDIStreaming interface descriptor not found
[  164.158044][ T5818] CPU: 0 UID: 0 PID: 5818 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  164.158076][ T5818] Tainted: [L]=SOFTLOCKUP
[  164.158083][ T5818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  164.158104][ T5818] Call Trace:
[  164.158117][ T5818]  <TASK>
[  164.158126][ T5818]  dump_stack_lvl+0xe8/0x150
[  164.158163][ T5818]  f2fs_handle_critical_error+0x37c/0x540
[  164.158200][ T5818]  f2fs_write_end_io+0xcdb/0xff0
[  164.158254][ T5818]  __submit_merged_bio+0x256/0x700
[  164.158290][ T5818]  __submit_merged_write_cond+0x3c3/0x4e0
[  164.158329][ T5818]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  164.158382][ T5818]  f2fs_write_data_pages+0x2975/0x35e0
[  164.158457][ T5818]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  164.158506][ T5818]  ? css_rstat_updated+0x23a/0x530
[  164.158562][ T5818]  ? rcu_is_watching+0x15/0xb0
[  164.158590][ T5818]  ? arch_stack_walk+0xe3/0x150
[  164.158622][ T5818]  ? unwind_next_frame+0xa5/0x23c0
[  164.158654][ T5818]  ? rcu_is_watching+0x15/0xb0
[  164.158681][ T5818]  ? __bfs+0x153/0x290
[  164.158706][ T5818]  ? __pfx_hlock_conflict+0x10/0x10
[  164.158759][ T5818]  ? lockdep_unlock+0x5d/0xd0
[  164.158825][ T5818]  ? __lock_acquire+0x146e/0x2cf0
[  164.158857][ T5818]  ? is_bpf_text_address+0x292/0x2b0
[  164.158900][ T5818]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  164.158933][ T5818]  do_writepages+0x32e/0x550
[  164.158977][ T5818]  ? do_raw_spin_unlock+0xf5/0x210
[  164.159006][ T5818]  filemap_fdatawrite+0x1e9/0x2f0
[  164.159041][ T5818]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  164.159128][ T5818]  ? do_raw_spin_unlock+0xf5/0x210
[  164.159156][ T5818]  f2fs_sync_dirty_inodes+0x30e/0x860
[  164.159207][ T5818]  f2fs_write_checkpoint+0x9cf/0x2680
[  164.159281][ T5818]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  164.159381][ T5818]  kill_f2fs_super+0x314/0x720
[  164.159420][ T5818]  ? __pfx_kill_f2fs_super+0x10/0x10
[  164.159469][ T5818]  ? lockdep_hardirqs_on+0x7a/0x110
[  164.159517][ T5818]  deactivate_locked_super+0xbc/0x130
[  164.159554][ T5818]  cleanup_mnt+0x437/0x4d0
[  164.159575][ T5818]  ? _raw_spin_unlock_irq+0x23/0x50
[  164.159604][ T5818]  task_work_run+0x1d9/0x270
[  164.159631][ T5818]  ? __pfx_task_work_run+0x10/0x10
[  164.159664][ T5818]  exit_to_user_mode_loop+0xed/0x480
[  164.159687][ T5818]  ? rcu_is_watching+0x15/0xb0
[  164.159720][ T5818]  do_syscall_64+0x32d/0xf80
[  164.159745][ T5818]  ? trace_irq_disable+0x3b/0x150
[  164.159782][ T5818]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.159804][ T5818]  ? clear_bhb_loop+0x40/0x90
[  164.159831][ T5818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.159851][ T5818] RIP: 0033:0x7fb8ecd9c117
[  164.159878][ T5818] Code: a2 c7 05 7c c4 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  164.159893][ T5818] RSP: 002b:00007ffcef3e1da8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  164.159913][ T5818] RAX: 0000000000000000 RBX: 00007fb8ece0471f RCX: 00007fb8ecd9c117
[  164.159926][ T5818] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcef3e1e60
[  164.159937][ T5818] RBP: 00007ffcef3e1e60 R08: 00007ffcef3e2e60 R09: 00000000ffffffff
[  164.159949][ T5818] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcef3e2ef0
[  164.159960][ T5818] R13: 00007fb8ece0471f R14: 0000000000027c69 R15: 00007ffcef3e2f30
[  164.159995][ T5818]  </TASK>
[  164.160002][ T5818] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  164.725567][  T794] usb 2-1: USB disconnect, device number 2
[  167.043143][ T6552] kvm: vcpu 0: requested 3328 ns lapic timer period limited to 200000 ns
[  168.766364][ T5824] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  169.139052][ T5824] usb 4-1: unable to get BOS descriptor or descriptor too short
[  169.148652][ T5824] usb 4-1: not running at top speed; connect to a high speed hub
[  169.157811][ T5824] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  169.170204][ T5824] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  169.855520][ T5824] usb 4-1: string descriptor 0 read error: -22
[  169.862408][ T5824] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  169.871585][ T5824] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.908561][ T5824] usb 4-1: 0:2 : does not exist
[  169.928472][ T1695] block nbd0: Possible stuck request ffff888027248000: control (read@0,1024B). Runtime 60 seconds
[  169.939372][ T1695] block nbd0: Possible stuck request ffff888027248200: control (read@1024,1024B). Runtime 60 seconds
[  169.950761][ T1695] block nbd0: Possible stuck request ffff888027248400: control (read@2048,1024B). Runtime 60 seconds
[  169.961811][ T1695] block nbd0: Possible stuck request ffff888027248600: control (read@3072,1024B). Runtime 60 seconds
[  170.242123][ T6584] loop2: detected capacity change from 0 to 512
[  170.296688][ T6584] EXT4-fs error (device loop2): ext4_orphan_get:1391: inode #15: comm syz.2.162: inode has both inline data and extents flags
[  170.351770][  T794] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  170.497895][ T6584] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  170.501756][ T6584] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.162: couldn't read orphan inode 15 (err -117)
[  170.511061][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  170.511093][    C0] EXT4-fs (loop2): initial error at time 1770397524: ext4_orphan_get:1391: inode 15
[  170.511128][    C0] EXT4-fs (loop2): last error at time 1770397524: ext4_orphan_get:1391: inode 15
[  170.652666][  T794] usb 5-1: Using ep0 maxpacket: 16
[  170.757758][  T794] usb 5-1: unable to get BOS descriptor or descriptor too short
[  170.876647][ T6584] loop2: lost filesystem error report for type 5 error -117
[  170.879607][ T5824] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[  170.908289][ T5824] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5)
[  170.918687][ T6584] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.943020][ T5824] usb 4-1: 5:0: failed to get current value for ch 1 (-22)
[  171.018818][  T794] usb 5-1: config 13 has an invalid interface number: 50 but max is 0
[  171.027468][  T794] usb 5-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config
[  171.046010][  T794] usb 5-1: config 13 has no interface number 0
[  171.052408][  T794] usb 5-1: config 13 interface 50 altsetting 167 bulk endpoint 0x88 has invalid maxpacket 16
[  171.076353][  T794] usb 5-1: config 13 interface 50 altsetting 167 endpoint 0x7 has invalid wMaxPacketSize 0
[  171.094465][  T794] usb 5-1: config 13 interface 50 has no altsetting 0
[  171.136048][  T794] usb 5-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[  171.145723][  T794] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.161531][ T5824] usb 4-1: 5:0: cannot get min/max values for control 3 (id 5)
[  171.171701][  T794] usb 5-1: Product: syz
[  171.183657][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.212166][  T794] usb 5-1: Manufacturer: syz
[  171.217422][  T794] usb 5-1: SerialNumber: syz
[  171.228627][ T6582] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  171.578336][ T6594] syz.1.163 (6594): drop_caches: 2
[  171.657403][ T5824] usb 4-1: 5:0: cannot get min/max values for control 2 (id 5)
[  171.857517][  T794] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  171.869439][ T5824] usb 4-1: USB disconnect, device number 4
[  171.885785][  T794] usb 5-1: MIDIStreaming interface descriptor not found
[  172.461573][  T794] usb 5-1: USB disconnect, device number 3
[  173.518756][ T6615] loop3: detected capacity change from 0 to 2048
[  173.559975][ T6615] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  173.595706][ T6166] udevd[6166]: incorrect nilfs2 checksum on /dev/loop3
[  173.675525][ T6618] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  173.734814][ T6166] udevd[6166]: incorrect nilfs2 checksum on /dev/loop3
[  173.767385][ T1695] block nbd1: Possible stuck request ffff8880272e8000: control (read@0,1024B). Runtime 60 seconds
[  173.778931][ T1695] block nbd1: Possible stuck request ffff8880272e8200: control (read@1024,1024B). Runtime 60 seconds
[  173.790628][ T1695] block nbd1: Possible stuck request ffff8880272e8400: control (read@2048,1024B). Runtime 60 seconds
[  173.801656][ T1695] block nbd1: Possible stuck request ffff8880272e8600: control (read@3072,1024B). Runtime 60 seconds
[  174.996848][ T6626] bridge0: port 2(bridge_slave_1) entered disabled state
[  175.005226][ T6626] bridge0: port 1(bridge_slave_0) entered disabled state
[  175.658752][ T5824] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  175.866443][  T794] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  176.036404][  T794] usb 3-1: Using ep0 maxpacket: 16
[  176.061501][  T794] usb 3-1: unable to get BOS descriptor or descriptor too short
[  176.091916][  T794] usb 3-1: config 13 has an invalid interface number: 50 but max is 0
[  176.136426][  T794] usb 3-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config
[  176.181051][ T5824] usb 5-1: unable to get BOS descriptor or descriptor too short
[  176.190099][  T794] usb 3-1: config 13 has no interface number 0
[  176.190365][ T5824] usb 5-1: not running at top speed; connect to a high speed hub
[  176.213058][ T5824] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  176.218349][  T794] usb 3-1: config 13 interface 50 altsetting 167 bulk endpoint 0x88 has invalid maxpacket 16
[  176.237048][ T5824] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  176.254741][  T794] usb 3-1: config 13 interface 50 altsetting 167 endpoint 0x7 has invalid wMaxPacketSize 0
[  176.278823][  T794] usb 3-1: config 13 interface 50 has no altsetting 0
[  176.280186][ T5824] usb 5-1: string descriptor 0 read error: -22
[  176.319193][ T5824] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  176.405057][ T5824] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.253653][  T794] usb 3-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[  177.264984][ T5824] usb 5-1: 0:2 : does not exist
[  177.276020][  T794] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.297038][  T794] usb 3-1: Product: syz
[  177.301265][  T794] usb 3-1: Manufacturer: syz
[  177.305889][  T794] usb 3-1: SerialNumber: syz
[  177.508224][ T6638] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  177.614827][ T6658] loop2: detected capacity change from 0 to 7
[  177.630947][ T6658] Dev loop2: unable to read RDB block 7
[  177.666878][ T6658]  loop2: unable to read partition table
[  177.674268][ T6658] loop2: partition table beyond EOD, truncated
[  177.688117][ T6658] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  177.721218][ T5824] usb 5-1: 5:0: cannot get min/max values for control 2 (id 5)
[  177.887126][ T6662] Bluetooth: MGMT ver 1.23
[  177.953742][ T5824] usb 5-1: 5:0: cannot get min/max values for control 3 (id 5)
[  177.977416][ T5824] usb 5-1: 5:0: failed to get current value for ch 1 (-22)
[  178.600388][ T6666] loop1: detected capacity change from 0 to 2048
[  178.748471][ T6666] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  178.756883][ T5824] usb 5-1: 5:0: cannot get min/max values for control 3 (id 5)
[  178.846444][ T5824] usb 5-1: 5:0: cannot get min/max values for control 2 (id 5)
[  178.871577][ T6166] udevd[6166]: incorrect nilfs2 checksum on /dev/loop1
[  178.895216][ T6675] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  179.003599][  T794] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  179.021495][  T794] usb 3-1: MIDIStreaming interface descriptor not found
[  179.029638][ T5824] usb 5-1: USB disconnect, device number 4
[  179.403399][  T794] usb 3-1: USB disconnect, device number 4
[  179.510334][ T6689] netlink: 20 bytes leftover after parsing attributes in process `syz.1.193'.
[  179.713102][ T6254] udevd[6254]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:13.50/sound/card4/controlC4/../uevent} for writing: No such file or directory
[  179.761875][ T6692] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.195'.
[  182.666419][  T794] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  182.772508][ T1695] block nbd2: Possible stuck request ffff888027308000: control (read@0,1024B). Runtime 60 seconds
[  182.784501][ T1695] block nbd2: Possible stuck request ffff888027308200: control (read@1024,1024B). Runtime 60 seconds
[  182.795867][ T1695] block nbd2: Possible stuck request ffff888027308400: control (read@2048,1024B). Runtime 60 seconds
[  182.808320][ T1695] block nbd2: Possible stuck request ffff888027308600: control (read@3072,1024B). Runtime 60 seconds
[  182.826371][  T794] usb 5-1: Using ep0 maxpacket: 16
[  183.431765][  T794] usb 5-1: unable to get BOS descriptor or descriptor too short
[  183.505172][  T794] usb 5-1: config 13 has an invalid interface number: 50 but max is 0
[  183.525899][  T794] usb 5-1: config 13 has an invalid descriptor of length 0, skipping remainder of the config
[  183.556452][  T794] usb 5-1: config 13 has no interface number 0
[  183.562698][  T794] usb 5-1: config 13 interface 50 altsetting 167 bulk endpoint 0x88 has invalid maxpacket 16
[  183.606366][  T794] usb 5-1: config 13 interface 50 altsetting 167 endpoint 0x7 has invalid wMaxPacketSize 0
[  183.642547][  T794] usb 5-1: config 13 interface 50 has no altsetting 0
[  183.807556][  T794] usb 5-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[  183.816950][  T794] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.824972][  T794] usb 5-1: Product: syz
[  183.829454][  T794] usb 5-1: Manufacturer: syz
[  183.834087][  T794] usb 5-1: SerialNumber: syz
[  183.868949][ T6715] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  184.612617][  T794] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  184.640337][  T794] usb 5-1: MIDIStreaming interface descriptor not found
[  184.783839][  T794] usb 5-1: USB disconnect, device number 5
[  185.605926][ T6254] udevd[6254]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:13.50/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  186.887101][ T6770] Bluetooth: hci0: invalid length 0, exp 2 for type 13
[  191.796908][ T6815] Bluetooth: hci0: invalid length 0, exp 2 for type 13
[  191.965037][ T6817] loop0: detected capacity change from 0 to 164
[  195.011033][ T6838] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.238'.
[  195.333186][ T6852] syz.3.241 (6852): drop_caches: 2
[  195.586376][ T5824] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  196.358691][ T6856] netlink: 4 bytes leftover after parsing attributes in process `syz.4.244'.
[  196.371499][ T5824] usb 3-1: Using ep0 maxpacket: 16
[  196.458573][ T5824] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  196.503043][ T5824] usb 3-1: config 0 interface 0 altsetting 16 has 0 endpoint descriptors, different from the interface descriptor's value: 28
[  196.556064][ T5824] usb 3-1: config 0 interface 0 has no altsetting 0
[  196.725010][ T5824] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  196.769329][ T5824] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.813250][ T5824] usb 3-1: config 0 descriptor??
[  196.834047][ T5824] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  197.031968][ T6850] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  197.060091][ T6850] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  197.114925][ T6850] loop2: detected capacity change from 0 to 512
[  197.163253][ T6850] EXT4-fs (loop2): blocks per group (255) and clusters per group (8192) inconsistent
[  198.368230][ T6872] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  199.510207][ T6876] loop2: detected capacity change from 0 to 40427
[  199.527731][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  199.534474][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  199.544668][ T6876] F2FS-fs (loop2): Unable to read 1th superblock
[  199.551271][ T6876] F2FS-fs (loop2): Unable to read 2th superblock
[  199.711880][ T5919] usb 3-1: USB disconnect, device number 5
[  200.761800][ T1695] block nbd0: Possible stuck request ffff888027248000: control (read@0,1024B). Runtime 90 seconds
[  200.772500][ T1695] block nbd0: Possible stuck request ffff888027248200: control (read@1024,1024B). Runtime 90 seconds
[  200.796453][ T1695] block nbd0: Possible stuck request ffff888027248400: control (read@2048,1024B). Runtime 90 seconds
[  200.808443][ T1695] block nbd0: Possible stuck request ffff888027248600: control (read@3072,1024B). Runtime 90 seconds
[  203.682186][ T6898] Bluetooth: hci0: invalid length 0, exp 2 for type 13
[  203.851465][ T1695] block nbd1: Possible stuck request ffff8880272e8000: control (read@0,1024B). Runtime 90 seconds
[  203.862435][ T1695] block nbd1: Possible stuck request ffff8880272e8200: control (read@1024,1024B). Runtime 90 seconds
[  203.875986][ T1695] block nbd1: Possible stuck request ffff8880272e8400: control (read@2048,1024B). Runtime 90 seconds
[  203.887095][ T1695] block nbd1: Possible stuck request ffff8880272e8600: control (read@3072,1024B). Runtime 90 seconds
[  205.600591][ T6912] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.252'.
[  206.825574][ T6925] syz.1.261 (6925): drop_caches: 2
[  206.902164][ T5947] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  207.571675][ T5947] usb 1-1: Using ep0 maxpacket: 16
[  207.578770][ T5947] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  207.589639][ T5947] usb 1-1: config 0 interface 0 altsetting 16 has 0 endpoint descriptors, different from the interface descriptor's value: 28
[  207.749094][ T5947] usb 1-1: config 0 interface 0 has no altsetting 0
[  207.755751][ T5947] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  207.812029][ T5947] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.861304][ T5947] usb 1-1: config 0 descriptor??
[  207.899811][ T5947] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  208.927411][ T6919] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  209.008585][ T6919] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  209.031335][ T6919] loop0: detected capacity change from 0 to 512
[  209.113036][ T6919] EXT4-fs (loop0): blocks per group (255) and clusters per group (8192) inconsistent
[  209.464005][ T6933] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  210.197371][ T6934] loop0: detected capacity change from 0 to 40427
[  210.254327][ T6934] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  210.261197][ T6934] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  210.274094][ T6934] F2FS-fs (loop0): invalid crc value
[  210.371359][ T6934] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  210.554202][ T6934] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  210.561384][ T6934] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  210.670657][ T5884] usb 1-1: USB disconnect, device number 3
[  210.752826][ T6942] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  211.992044][ T5138] Bluetooth: hci1: command 0x0406 tx timeout
[  211.992086][ T5823] Bluetooth: hci0: command 0x0406 tx timeout
[  211.998138][ T5834] Bluetooth: hci3: command 0x0406 tx timeout
[  211.998197][ T5834] Bluetooth: hci2: command 0x0406 tx timeout
[  212.004204][ T5823] Bluetooth: hci4: command 0x0406 tx timeout
[  212.236567][ T6942] CIFS: Unable to determine destination address
[  212.806930][ T1695] block nbd2: Possible stuck request ffff888027308000: control (read@0,1024B). Runtime 90 seconds
[  212.822816][ T1695] block nbd2: Possible stuck request ffff888027308200: control (read@1024,1024B). Runtime 90 seconds
[  212.835836][ T1695] block nbd2: Possible stuck request ffff888027308400: control (read@2048,1024B). Runtime 90 seconds
[  212.859818][ T1695] block nbd2: Possible stuck request ffff888027308600: control (read@3072,1024B). Runtime 90 seconds
[  214.544800][ T6962] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.271'.
[  215.668955][ T6970] netlink: 24 bytes leftover after parsing attributes in process `syz.1.274'.
[  215.680177][   T51] Bluetooth: hci2: unexpected Set CIG Parameters response data
[  215.689015][   T51] Bluetooth: hci2: unexpected event for opcode 0x2062
[  218.116586][  T794] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  218.286329][  T794] usb 3-1: Using ep0 maxpacket: 16
[  218.789899][  T794] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  218.825957][  T794] usb 3-1: config 0 interface 0 altsetting 16 has 0 endpoint descriptors, different from the interface descriptor's value: 28
[  218.876710][  T794] usb 3-1: config 0 interface 0 has no altsetting 0
[  218.883401][  T794] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  218.946329][  T794] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.979739][  T794] usb 3-1: config 0 descriptor??
[  219.016246][  T794] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  219.768783][   T51] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  219.779077][   T51] Bluetooth: hci2: Injecting HCI hardware error event
[  219.789080][ T5832] Bluetooth: hci2: hardware error 0x00
[  219.917587][ T6981] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  220.027150][ T6981] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  220.077438][ T6997] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.283'.
[  220.122500][ T6981] loop2: detected capacity change from 0 to 512
[  220.147247][ T6981] EXT4-fs (loop2): blocks per group (255) and clusters per group (8192) inconsistent
[  221.047629][ T7008] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  221.969077][ T7010] loop2: detected capacity change from 0 to 40427
[  222.000480][ T7010] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  222.006915][ T7010] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  222.006915][ T5832] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  222.019904][ T7010] F2FS-fs (loop2): invalid crc value
[  222.071802][ T7010] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  222.083193][ T7010] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  222.090484][ T7010] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  222.671386][ T7024] CIFS: Unable to determine destination address
[  222.843584][ T5884] usb 3-1: USB disconnect, device number 6
[  222.882474][ T5830] syz-executor: attempt to access beyond end of device
[  222.882474][ T5830] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  222.916575][ T5830] CPU: 0 UID: 0 PID: 5830 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  222.916609][ T5830] Tainted: [L]=SOFTLOCKUP
[  222.916616][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  222.916628][ T5830] Call Trace:
[  222.916636][ T5830]  <TASK>
[  222.916645][ T5830]  dump_stack_lvl+0xe8/0x150
[  222.916681][ T5830]  f2fs_handle_critical_error+0x37c/0x540
[  222.916716][ T5830]  f2fs_write_end_io+0xcdb/0xff0
[  222.916767][ T5830]  __submit_merged_bio+0x256/0x700
[  222.916802][ T5830]  __submit_merged_write_cond+0x3c3/0x4e0
[  222.916838][ T5830]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  222.916888][ T5830]  f2fs_write_data_pages+0x2975/0x35e0
[  222.916975][ T5830]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  222.917025][ T5830]  ? css_rstat_updated+0x23a/0x530
[  222.917076][ T5830]  ? rcu_is_watching+0x15/0xb0
[  222.917107][ T5830]  ? mod_memcg_lruvec_state+0x1a7/0x360
[  222.917140][ T5830]  ? lru_gen_update_size+0x7c9/0xd10
[  222.917184][ T5830]  ? __lock_acquire+0x6b5/0x2cf0
[  222.917232][ T5830]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  222.917264][ T5830]  do_writepages+0x32e/0x550
[  222.917304][ T5830]  ? do_raw_spin_unlock+0xf5/0x210
[  222.917331][ T5830]  filemap_fdatawrite+0x1e9/0x2f0
[  222.917365][ T5830]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  222.917442][ T5830]  ? do_raw_spin_unlock+0xf5/0x210
[  222.917469][ T5830]  f2fs_sync_dirty_inodes+0x30e/0x860
[  222.917517][ T5830]  f2fs_write_checkpoint+0x9cf/0x2680
[  222.917584][ T5830]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  222.917672][ T5830]  kill_f2fs_super+0x314/0x720
[  222.917710][ T5830]  ? __pfx_kill_f2fs_super+0x10/0x10
[  222.917754][ T5830]  ? lockdep_hardirqs_on+0x7a/0x110
[  222.917794][ T5830]  deactivate_locked_super+0xbc/0x130
[  222.917829][ T5830]  cleanup_mnt+0x437/0x4d0
[  222.917850][ T5830]  ? _raw_spin_unlock_irq+0x23/0x50
[  222.917877][ T5830]  task_work_run+0x1d9/0x270
[  222.917911][ T5830]  ? __pfx_task_work_run+0x10/0x10
[  222.917945][ T5830]  exit_to_user_mode_loop+0xed/0x480
[  222.917969][ T5830]  ? rcu_is_watching+0x15/0xb0
[  222.918002][ T5830]  do_syscall_64+0x32d/0xf80
[  222.918026][ T5830]  ? trace_irq_disable+0x3b/0x150
[  222.918062][ T5830]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.918084][ T5830]  ? clear_bhb_loop+0x40/0x90
[  222.918110][ T5830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.918131][ T5830] RIP: 0033:0x7f4177f9c117
[  222.918158][ T5830] Code: a2 c7 05 7c c4 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  222.918175][ T5830] RSP: 002b:00007ffc8e84ba28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  222.918196][ T5830] RAX: 0000000000000000 RBX: 00007f417800471f RCX: 00007f4177f9c117
[  222.918210][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc8e84bae0
[  222.918222][ T5830] RBP: 00007ffc8e84bae0 R08: 00007ffc8e84cae0 R09: 00000000ffffffff
[  222.918235][ T5830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc8e84cb70
[  222.918247][ T5830] R13: 00007f417800471f R14: 000000000003637a R15: 00007ffc8e84cbb0
[  222.918279][ T5830]  </TASK>
[  222.918288][ T5830] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  226.624421][ T7032] loop0: detected capacity change from 0 to 32768
[  226.775423][ T7032] Zero length message leads to an empty skb
[  226.812792][ T5911] IPVS: starting estimator thread 0...
[  227.336496][ T7033] IPVS: using max 28 ests per chain, 67200 per kthread
[  228.523914][ T7039] loop1: detected capacity change from 0 to 1024
[  229.697693][ T7052] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.297'.
[  231.747485][ T1695] block nbd0: Possible stuck request ffff888027248000: control (read@0,1024B). Runtime 120 seconds
[  231.765247][ T1695] block nbd0: Possible stuck request ffff888027248200: control (read@1024,1024B). Runtime 120 seconds
[  231.776653][ T1695] block nbd0: Possible stuck request ffff888027248400: control (read@2048,1024B). Runtime 120 seconds
[  231.787784][ T1695] block nbd0: Possible stuck request ffff888027248600: control (read@3072,1024B). Runtime 120 seconds
[  232.827497][ T7071] netlink: 4 bytes leftover after parsing attributes in process `syz.4.301'.
[  232.867840][   T58] hfsplus: b-tree write err: -5, ino 4
[  233.358966][ T7078] loop4: detected capacity change from 0 to 2048
[  233.498391][ T7078] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.800484][ T7084] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  233.886838][ T7084] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 38 with error 28
[  233.926926][ T1695] block nbd1: Possible stuck request ffff8880272e8000: control (read@0,1024B). Runtime 120 seconds
[  233.938049][ T1695] block nbd1: Possible stuck request ffff8880272e8200: control (read@1024,1024B). Runtime 120 seconds
[  233.995946][ T7084] EXT4-fs (loop4): This should not happen!! Data will be lost
[  233.995946][ T7084] 
[  234.035881][ T7084] EXT4-fs (loop4): Total free blocks count 0
[  234.052495][ T7084] EXT4-fs (loop4): Free/Dirty block details
[  234.074518][ T1695] block nbd1: Possible stuck request ffff8880272e8400: control (read@2048,1024B). Runtime 120 seconds
[  234.086319][ T1695] block nbd1: Possible stuck request ffff8880272e8600: control (read@3072,1024B). Runtime 120 seconds
[  234.117793][ T7084] EXT4-fs (loop4): free_blocks=2415919504
[  234.197983][ T7084] EXT4-fs (loop4): dirty_blocks=48
[  234.203218][ T7084] EXT4-fs (loop4): Block reservation details
[  234.249942][ T7084] EXT4-fs (loop4): i_reserved_data_blocks=3
[  234.394648][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.473221][ T7077] loop1: detected capacity change from 0 to 32768
[  235.493906][ T7077] xfs: Deprecated parameter 'attr2'
[  236.107014][ T7077] XFS: attr2 mount option is deprecated.
[  236.234683][ T7077] workqueue: Failed to create a rescuer kthread for wq "xfs-reclaim/loop1": -EINTR
[  236.472586][ T7117] netlink: 4 bytes leftover after parsing attributes in process `syz.4.313'.
[  237.831848][ T7137] CIFS: Unable to determine destination address
[  238.104180][ T7141] loop2: detected capacity change from 0 to 2048
[  238.146114][ T7141] /dev/loop2: Can't open blockdev
[  238.176407][ T7139] loop4: detected capacity change from 0 to 4096
[  238.214706][ T7139] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  238.437139][ T7139] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  238.497857][ T7126] loop0: detected capacity change from 0 to 40427
[  238.504397][ T7139] ntfs3(loop4): ino=1a, mi_enum_attr
[  238.520411][ T7139] ntfs3(loop4): Failed to initialize $Extend/$ObjId.
[  238.569825][ T7126] F2FS-fs (loop0): invalid crc value
[  238.916019][ T7126] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  238.965832][ T7126] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  239.259122][ T5819] syz-executor: attempt to access beyond end of device
[  239.259122][ T5819] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  239.318349][ T5819] CPU: 0 UID: 0 PID: 5819 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  239.318384][ T5819] Tainted: [L]=SOFTLOCKUP
[  239.318391][ T5819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  239.318403][ T5819] Call Trace:
[  239.318411][ T5819]  <TASK>
[  239.318435][ T5819]  dump_stack_lvl+0xe8/0x150
[  239.318469][ T5819]  f2fs_handle_critical_error+0x37c/0x540
[  239.318505][ T5819]  f2fs_write_end_io+0xcdb/0xff0
[  239.318555][ T5819]  __submit_merged_bio+0x256/0x700
[  239.318589][ T5819]  __submit_merged_write_cond+0x3c3/0x4e0
[  239.318624][ T5819]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  239.318675][ T5819]  f2fs_write_data_pages+0x2975/0x35e0
[  239.318743][ T5819]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  239.318787][ T5819]  ? css_rstat_updated+0x23a/0x530
[  239.318837][ T5819]  ? rcu_is_watching+0x15/0xb0
[  239.318866][ T5819]  ? mod_memcg_lruvec_state+0x1a7/0x360
[  239.318898][ T5819]  ? __lock_acquire+0x6b5/0x2cf0
[  239.318941][ T5819]  ? __lock_acquire+0x6b5/0x2cf0
[  239.318972][ T5819]  ? do_raw_spin_lock+0x12b/0x2f0
[  239.319006][ T5819]  ? do_raw_spin_unlock+0xf5/0x210
[  239.319028][ T5819]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  239.319060][ T5819]  do_writepages+0x32e/0x550
[  239.319116][ T5819]  ? do_raw_spin_unlock+0xf5/0x210
[  239.319142][ T5819]  filemap_fdatawrite+0x1e9/0x2f0
[  239.319176][ T5819]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  239.319252][ T5819]  ? do_raw_spin_unlock+0xf5/0x210
[  239.319278][ T5819]  f2fs_sync_dirty_inodes+0x30e/0x860
[  239.319326][ T5819]  f2fs_write_checkpoint+0x9cf/0x2680
[  239.319391][ T5819]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  239.319485][ T5819]  kill_f2fs_super+0x314/0x720
[  239.319522][ T5819]  ? __pfx_kill_f2fs_super+0x10/0x10
[  239.319567][ T5819]  ? lockdep_hardirqs_on+0x7a/0x110
[  239.319605][ T5819]  deactivate_locked_super+0xbc/0x130
[  239.319639][ T5819]  cleanup_mnt+0x437/0x4d0
[  239.319659][ T5819]  ? _raw_spin_unlock_irq+0x23/0x50
[  239.319686][ T5819]  task_work_run+0x1d9/0x270
[  239.319712][ T5819]  ? __pfx_task_work_run+0x10/0x10
[  239.319745][ T5819]  exit_to_user_mode_loop+0xed/0x480
[  239.319770][ T5819]  ? rcu_is_watching+0x15/0xb0
[  239.319802][ T5819]  do_syscall_64+0x32d/0xf80
[  239.319826][ T5819]  ? trace_irq_disable+0x3b/0x150
[  239.319856][ T5819]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.319877][ T5819]  ? clear_bhb_loop+0x40/0x90
[  239.319902][ T5819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  239.319923][ T5819] RIP: 0033:0x7f2e6f39c117
[  239.319943][ T5819] Code: a2 c7 05 7c c4 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  239.319959][ T5819] RSP: 002b:00007ffd517f5cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  239.319980][ T5819] RAX: 0000000000000000 RBX: 00007f2e6f40471f RCX: 00007f2e6f39c117
[  239.319994][ T5819] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd517f5db0
[  239.320006][ T5819] RBP: 00007ffd517f5db0 R08: 00007ffd517f6db0 R09: 00000000ffffffff
[  239.320019][ T5819] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd517f6e40
[  239.320031][ T5819] R13: 00007f2e6f40471f R14: 000000000003a5a2 R15: 00007ffd517f6e80
[  239.320065][ T5819]  </TASK>
[  239.320102][ T5819] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  240.516633][ T7158] loop4: detected capacity change from 0 to 128
[  240.937852][ T7143] loop2: detected capacity change from 0 to 32768
[  240.987338][ T7143] =======================================================
[  240.987338][ T7143] WARNING: The mand mount option has been deprecated and
[  240.987338][ T7143]          and is ignored by this kernel. Remove the mand
[  240.987338][ T7143]          option from the mount to silence this warning.
[  240.987338][ T7143] =======================================================
[  241.029898][ T7158] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  241.060130][ T7158] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  241.263233][ T7143] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  241.503621][ T7176] loop3: detected capacity change from 0 to 1024
[  241.525003][ T7143] XFS (loop2): Ending clean mount
[  241.561997][ T7178] loop4: detected capacity change from 0 to 2048
[  241.594159][ T7178] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  241.608215][ T7176] hfsplus: bad catalog entry type
[  241.668136][ T7179] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  241.743931][ T5830] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  241.838196][   T13] hfsplus: b-tree write err: -5, ino 4
[  242.017250][ T7185] syz_tun: entered allmulticast mode
[  242.083641][ T7183] syz_tun: left allmulticast mode
[  243.350404][ T1695] block nbd2: Possible stuck request ffff888027308000: control (read@0,1024B). Runtime 120 seconds
[  243.361257][ T1695] block nbd2: Possible stuck request ffff888027308200: control (read@1024,1024B). Runtime 120 seconds
[  243.372473][ T1695] block nbd2: Possible stuck request ffff888027308400: control (read@2048,1024B). Runtime 120 seconds
[  243.383557][ T1695] block nbd2: Possible stuck request ffff888027308600: control (read@3072,1024B). Runtime 120 seconds
[  243.719227][ T7201] CIFS: Unable to determine destination address
[  247.586890][ T7221] loop4: detected capacity change from 0 to 40427
[  247.597704][ T7221] F2FS-fs: heap/no_heap options were deprecated
[  248.229617][ T7221] F2FS-fs (loop4): build fault injection rate: 19
[  248.236192][ T7221] F2FS-fs (loop4): build fault injection type: 0x77e8c
[  248.275689][ T7221] F2FS-fs (loop4): invalid crc value
[  248.305658][ T7221] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x21c/0xd60
[  249.173500][ T7221] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x18f/0xaa0
[  249.185856][    C1] F2FS-fs (loop4): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  249.257068][ T7221] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  249.625395][ T7232] loop4: detected capacity change from 0 to 2048
[  249.689131][ T7232] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  249.810385][ T7233] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  250.289130][ T7241] syz_tun: entered allmulticast mode
[  250.300735][ T7240] syz_tun: left allmulticast mode
[  252.284109][ T7264] loop2: detected capacity change from 0 to 1024
[  253.147768][   T58] hfsplus: b-tree write err: -5, ino 4
[  253.456994][ T7277] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  253.684139][ T7260] loop4: detected capacity change from 0 to 32768
[  253.786369][ T7260] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  254.099222][ T7299] netlink: 8 bytes leftover after parsing attributes in process `syz.2.360'.
[  254.789159][ T7260] XFS (loop4): Ending clean mount
[  254.871301][ T7260] XFS (loop4): Quotacheck needed: Please wait.
[  254.984849][ T7260] XFS (loop4): Quotacheck: Done.
[  255.190655][ T5838] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  255.599515][ T7311] loop3: detected capacity change from 0 to 1024
[  256.196544][ T6893] hfsplus: b-tree write err: -5, ino 4
[  257.019897][ T7325] loop1: detected capacity change from 0 to 256
[  257.276489][ T7325] exFAT-fs (loop1): failed to test first cluster bit of root dir(5)
[  260.234521][ T7345] loop4: detected capacity change from 0 to 2048
[  260.320720][ T7345] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.333451][ T7345] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  260.819187][ T7354] loop1: detected capacity change from 0 to 512
[  260.827759][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  260.835817][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  260.887722][ T7354] EXT4-fs: Ignoring removed oldalloc option
[  260.909677][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.994107][ T7354] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.376: Parent and EA inode have the same ino 15
[  261.007125][ T7354] loop1: lost filesystem error report for type 5 error -117
[  261.016334][    C0] EXT4-fs (loop1): error count since last fsck: 1
[  261.030227][    C0] EXT4-fs (loop1): initial error at time 1770397614: ext4_xattr_inode_iget:437
[  261.039204][    C0] EXT4-fs (loop1): last error at time 1770397614: ext4_xattr_inode_iget:437
[  261.447127][ T7354] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  261.479658][ T7354] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: comm syz.1.376: Parent and EA inode have the same ino 15
[  261.500475][ T7354] loop1: lost filesystem error report for type 5 error -117
[  261.502714][ T7354] EXT4-fs (loop1): 1 orphan inode deleted
[  261.518761][ T7354] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.096626][ T1695] block nbd0: Possible stuck request ffff888027248000: control (read@0,1024B). Runtime 150 seconds
[  262.107536][ T1695] block nbd0: Possible stuck request ffff888027248200: control (read@1024,1024B). Runtime 150 seconds
[  262.119002][ T1695] block nbd0: Possible stuck request ffff888027248400: control (read@2048,1024B). Runtime 150 seconds
[  262.354289][ T5821] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.544651][ T7346] loop2: detected capacity change from 0 to 32768
[  262.620205][ T7346] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.375 (7346)
[  263.077546][ T1695] block nbd0: Possible stuck request ffff888027248600: control (read@3072,1024B). Runtime 150 seconds
[  263.199011][ T7382] loop1: detected capacity change from 0 to 256
[  263.849885][ T7346] BTRFS error (device loop2): open_ctree failed: -4
[  263.876657][ T7382] exFAT-fs (loop1): failed to test first cluster bit of root dir(5)
[  264.867840][ T1695] block nbd1: Possible stuck request ffff8880272e8000: control (read@0,1024B). Runtime 150 seconds
[  264.878759][ T1695] block nbd1: Possible stuck request ffff8880272e8200: control (read@1024,1024B). Runtime 150 seconds
[  264.889945][ T1695] block nbd1: Possible stuck request ffff8880272e8400: control (read@2048,1024B). Runtime 150 seconds
[  264.901190][ T1695] block nbd1: Possible stuck request ffff8880272e8600: control (read@3072,1024B). Runtime 150 seconds
[  265.863809][ T7384] loop3: detected capacity change from 0 to 512
[  266.004540][ T7384] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  266.103062][ T7384] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.196447][ T7384] ext4 filesystem being mounted at /83/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  267.403465][ T7399] loop4: detected capacity change from 0 to 2048
[  270.120444][ T7399] EXT4-fs warning (device loop4): ext4_multi_mount_protect:394: Unable to create kmmpd thread for loop4.
[  270.627511][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.753001][ T7425] syz_tun: entered allmulticast mode
[  272.791047][ T7422] syz_tun: left allmulticast mode
[  272.887348][ T7429] loop0: detected capacity change from 0 to 1024
[  272.918373][ T7429] EXT4-fs: Ignoring removed orlov option
[  272.962538][ T7429] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  273.615379][ T7438] loop3: detected capacity change from 0 to 256
[  273.686756][ T1695] block nbd2: Possible stuck request ffff888027308000: control (read@0,1024B). Runtime 150 seconds
[  273.697683][ T1695] block nbd2: Possible stuck request ffff888027308200: control (read@1024,1024B). Runtime 150 seconds
[  273.709287][ T1695] block nbd2: Possible stuck request ffff888027308400: control (read@2048,1024B). Runtime 150 seconds
[  273.721145][ T1695] block nbd2: Possible stuck request ffff888027308600: control (read@3072,1024B). Runtime 150 seconds
[  273.856937][ T7438] exFAT-fs (loop3): failed to test first cluster bit of root dir(5)
[  273.976767][ T7429] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  274.172239][ T7441] loop1: detected capacity change from 0 to 64
[  274.380231][ T7443] loop4: detected capacity change from 0 to 128
[  274.521092][ T7443] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  274.558627][ T5819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.619392][ T7443] hpfs: filesystem error: improperly stopped
[  274.625454][ T7443] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  274.752171][ T7443] hpfs: You really don't want any checks? You are crazy...
[  274.802036][ T7443] hpfs: hpfs_map_sector(): read error
[  274.869268][ T7443] hpfs: code page support is disabled
[  274.913094][ T7443] hpfs: hpfs_map_4sectors(): unaligned read
[  274.986950][ T7443] hpfs: hpfs_map_4sectors(): unaligned read
[  274.993103][ T7443] hpfs: filesystem error: unable to find root dir
[  276.331151][ T7454] loop0: detected capacity change from 0 to 2048
[  277.466153][ T7454] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.479943][ T7454] ext4 filesystem being mounted at /82/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  278.387578][ T5819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.676128][ T5821] syz-executor: attempt to access beyond end of device
[  278.676128][ T5821] loop1: rw=8388608, sector=268435468, nr_sectors = 2 limit=64
[  278.696727][ T7470] syz_tun: entered allmulticast mode
[  278.719161][ T5821] Buffer I/O error on dev loop1, logical block 134217734, async page read
[  278.728549][ T7469] syz_tun: left allmulticast mode
[  278.757756][ T5821] syz-executor: attempt to access beyond end of device
[  278.757756][ T5821] loop1: rw=8388608, sector=268435468, nr_sectors = 2 limit=64
[  278.792442][ T5821] Buffer I/O error on dev loop1, logical block 134217734, async page read
[  278.808121][ T7474] loop2: detected capacity change from 0 to 512
[  278.823570][ T5821] Trying to free block not in datazone
[  278.890594][ T7474] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  278.916201][ T7474] ext4 filesystem being mounted at /83/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  279.193588][ T7484] loop1: detected capacity change from 0 to 2048
[  279.320968][ T7484] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  279.369511][ T7484] UDF-fs: Scanning with blocksize 512 failed
[  279.696116][ T7490] loop3: detected capacity change from 0 to 2048
[  280.394390][ T7484] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  282.648298][ T7490] EXT4-fs warning (device loop3): ext4_multi_mount_protect:394: Unable to create kmmpd thread for loop3.
[  282.940855][ T5830] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.973648][ T7497] loop3: detected capacity change from 0 to 512
[  285.341978][ T7526] loop0: detected capacity change from 0 to 64
[  286.262718][ T7529] loop2: detected capacity change from 0 to 8
[  287.262002][ T7529] SQUASHFS error: xz decompression failed, data probably corrupt
[  287.326680][ T7529] SQUASHFS error: Failed to read block 0x108: -5
[  287.377291][ T7529] SQUASHFS error: Unable to read metadata cache entry [106]
[  287.420815][ T7529] SQUASHFS error: Unable to read inode 0x11f
[  291.340364][ T7581] loop1: detected capacity change from 0 to 128
[  291.590876][ T7581] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  291.671103][ T7581] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  292.664050][ T1695] block nbd0: Possible stuck request ffff888027248000: control (read@0,1024B). Runtime 180 seconds
[  292.675067][ T1695] block nbd0: Possible stuck request ffff888027248200: control (read@1024,1024B). Runtime 180 seconds
[  292.686428][ T1695] block nbd0: Possible stuck request ffff888027248400: control (read@2048,1024B). Runtime 180 seconds
[  293.099059][ T1695] block nbd0: Possible stuck request ffff888027248600: control (read@3072,1024B). Runtime 180 seconds
[  295.490524][ T1695] block nbd1: Possible stuck request ffff8880272e8000: control (read@0,1024B). Runtime 180 seconds
[  295.502368][ T1695] block nbd1: Possible stuck request ffff8880272e8200: control (read@1024,1024B). Runtime 180 seconds
[  295.514195][ T1695] block nbd1: Possible stuck request ffff8880272e8400: control (read@2048,1024B). Runtime 180 seconds
[  295.818227][ T1695] block nbd1: Possible stuck request ffff8880272e8600: control (read@3072,1024B). Runtime 180 seconds
[  295.968004][ T7629] loop2: detected capacity change from 0 to 2048
[  296.007675][ T7629] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.020589][ T7629] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  298.666671][ T7633] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 5 vs 4156096517 free clusters
[  301.947773][ T7687] netlink: 'syz.4.477': attribute type 1 has an invalid length.
[  302.494682][ T7687] 8021q: adding VLAN 0 to HW filter on device bond1
[  302.757262][ T7706] netlink: 8 bytes leftover after parsing attributes in process `syz.3.480'.
[  303.581713][ T7692] macvlan2: entered promiscuous mode
[  303.600195][ T7692] macvlan2: entered allmulticast mode
[  303.659697][ T7692] bond1: entered promiscuous mode
[  303.691584][ T7692] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  303.725898][ T7692] bond1: left promiscuous mode
[  303.892704][ T7687] macvlan2: entered promiscuous mode
[  303.898699][ T7687] macvlan2: entered allmulticast mode
[  303.906141][ T7687] bond1: entered promiscuous mode
[  303.933177][ T7687] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  304.038575][ T7687] bond1: left promiscuous mode
[  304.995863][ T1695] block nbd2: Possible stuck request ffff888027308000: control (read@0,1024B). Runtime 180 seconds
[  305.010298][ T1695] block nbd2: Possible stuck request ffff888027308200: control (read@1024,1024B). Runtime 180 seconds
[  305.025233][ T1695] block nbd2: Possible stuck request ffff888027308400: control (read@2048,1024B). Runtime 180 seconds
[  305.039947][ T1695] block nbd2: Possible stuck request ffff888027308600: control (read@3072,1024B). Runtime 180 seconds
[  311.241400][ T7627] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.297306][ T7765] loop3: detected capacity change from 0 to 1024
[  311.305655][ T7765] EXT4-fs: Ignoring removed nobh option
[  311.323395][   T51] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  311.340228][   T51] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  311.352970][   T51] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  311.370365][   T51] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  311.396661][   T51] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  311.479559][ T7765] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  311.603096][ T7778] loop1: detected capacity change from 0 to 128
[  311.657205][ T7778] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  311.718881][ T7765] EXT4-fs error (device loop3): mb_free_blocks:2047: group 0, inode 15: block 177:freeing already freed block (bit 11); block bitmap corrupt.
[  311.761479][ T7778] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  313.809840][   T51] Bluetooth: hci5: command tx timeout
[  314.648549][ T7795] loop4: detected capacity change from 0 to 128
[  314.773850][ T7795] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  315.022497][ T7795] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  316.366799][ T5832] Bluetooth: hci5: command tx timeout
[  316.840073][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.409046][   T51] Bluetooth: hci5: command tx timeout
[  318.524571][ T7802] loop0: detected capacity change from 0 to 32768
[  318.602706][ T7802] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.508 (7802)
[  318.790558][ T7806] loop3: detected capacity change from 0 to 40427
[  318.833178][ T7806] F2FS-fs (loop3): build fault injection rate: 174
[  318.863334][ T7806] F2FS-fs (loop3): build fault injection type: 0x3bfe8c
[  318.926676][ T7806] F2FS-fs (loop3): invalid crc value
[  319.035707][ T7828] loop4: detected capacity change from 0 to 128
[  319.133139][ T7828] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  319.255304][ T7828] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  319.383980][ T7802] BTRFS info (device loop0 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  319.420763][ T7766] chnl_net:caif_netlink_parms(): no params data found
[  319.499552][ T7802] BTRFS info (device loop0 state S): using blake2b checksum algorithm
[  319.578344][ T7802] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 2048
[  319.672829][ T7806] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  319.700950][ T7802] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 2048
[  319.745760][ T7802] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  319.789008][ T7802] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  319.807320][ T7806] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  319.879487][ T7802] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  319.879819][ T7802] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  319.895489][ T7802] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 2048
[  319.954162][ T7802] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  319.954566][ T7802] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048
[  319.986061][ T7802] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  319.986388][ T7802] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 2048
[  320.018153][ T7802] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  320.018369][ T7802] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 2048
[  320.068634][ T7802] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  320.070419][ T7802] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  320.112670][ T7802] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  320.138646][ T7802] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  320.175914][ T7802] BTRFS error (device loop0 state ES): open_ctree failed: -12
[  320.246496][ T7848] loop1: detected capacity change from 0 to 256
[  320.496762][ T7837] loop4: detected capacity change from 0 to 4096
[  320.506727][   T51] Bluetooth: hci5: command tx timeout
[  321.282006][ T7837] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  321.298679][ T7766] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.398209][ T7837] ntfs3(loop4): ino=1a, mi_enum_attr
[  321.404289][ T7837] ntfs3(loop4): ino=1a, mi_enum_attr
[  321.417510][ T7766] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.479691][ T7837] ntfs3(loop4): Failed to initialize $Extend/$Reparse.
[  321.560565][ T7766] bridge_slave_0: entered allmulticast mode
[  322.187820][ T7766] bridge_slave_0: entered promiscuous mode
[  322.288243][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  322.296573][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  322.415180][ T7766] bridge0: port 2(bridge_slave_1) entered blocking state
[  322.517613][ T7766] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.577245][ T7766] bridge_slave_1: entered allmulticast mode
[  322.637265][ T7766] bridge_slave_1: entered promiscuous mode
[  322.874106][ T7766] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  322.903144][ T1695] block nbd0: Possible stuck request ffff888027248000: control (read@0,1024B). Runtime 210 seconds
[  322.918723][ T1695] block nbd0: Possible stuck request ffff888027248200: control (read@1024,1024B). Runtime 210 seconds
[  322.932978][ T1695] block nbd0: Possible stuck request ffff888027248400: control (read@2048,1024B). Runtime 210 seconds
[  322.973581][ T7867] loop1: detected capacity change from 0 to 256
[  322.999260][ T7766] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  323.040167][ T7867] exFAT-fs (loop1): failed to test first cluster bit of root dir(5)
[  323.119582][ T1695] block nbd0: Possible stuck request ffff888027248600: control (read@3072,1024B). Runtime 210 seconds
[  323.401777][ T7766] team0: Port device team_slave_0 added
[  323.491887][ T7766] team0: Port device team_slave_1 added
[  326.143865][ T1695] block nbd1: Possible stuck request ffff8880272e8000: control (read@0,1024B). Runtime 210 seconds
[  326.162500][ T1695] block nbd1: Possible stuck request ffff8880272e8200: control (read@1024,1024B). Runtime 210 seconds
[  326.177025][ T1695] block nbd1: Possible stuck request ffff8880272e8400: control (read@2048,1024B). Runtime 210 seconds
[  326.192813][ T1695] block nbd1: Possible stuck request ffff8880272e8600: control (read@3072,1024B). Runtime 210 seconds
[  326.752025][ T7766] batman_adv: batadv0: Adding interface: batadv_slave_0
[  326.762994][ T7766] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  327.261493][ T7766] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  327.815870][ T7766] batman_adv: batadv0: Adding interface: batadv_slave_1
[  328.606721][ T7766] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  328.652235][ T7766] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  328.670808][ T7920] loop3: detected capacity change from 0 to 256
[  328.823393][ T7920] exFAT-fs (loop3): failed to test first cluster bit of root dir(5)
[  329.054332][ T7927] loop0: detected capacity change from 0 to 512
[  329.065217][ T7927] EXT4-fs: Ignoring removed mblk_io_submit option
[  329.077392][ T7927] EXT4-fs: inline encryption not supported
[  329.086875][ T7927] EXT4-fs: Ignoring removed mblk_io_submit option
[  329.819195][ T7927] EXT4-fs (loop0): Test dummy encryption mode enabled
[  329.829159][ T7927] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  329.844408][ T7927] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  330.004500][ T7927] EXT4-fs (loop0): 1 truncate cleaned up
[  330.024277][ T7927] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  330.203780][ T7927] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[  331.335764][ T7937] netlink: 12 bytes leftover after parsing attributes in process `syz.4.540'.
[  332.190546][ T7766] hsr_slave_0: entered promiscuous mode
[  332.522891][ T7766] hsr_slave_1: entered promiscuous mode
[  333.535622][ T7766] debugfs: 'hsr0' already exists in 'hsr'
[  333.686501][ T7766] Cannot create hsr debugfs directory
[  333.720812][ T5819] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.077528][ T1695] block nbd2: Possible stuck request ffff888027308000: control (read@0,1024B). Runtime 210 seconds
[  335.096186][ T1695] block nbd2: Possible stuck request ffff888027308200: control (read@1024,1024B). Runtime 210 seconds
[  335.397944][ T1695] block nbd2: Possible stuck request ffff888027308400: control (read@2048,1024B). Runtime 210 seconds
[  335.423057][ T1695] block nbd2: Possible stuck request ffff888027308600: control (read@3072,1024B). Runtime 210 seconds
[  337.362777][ T7954] syzkaller0: entered promiscuous mode
[  337.392244][ T7954] syzkaller0: entered allmulticast mode
[  338.789209][ T7977] loop4: detected capacity change from 0 to 256
[  338.993436][ T7977] exFAT-fs (loop4): failed to test first cluster bit of root dir(5)
[  340.316091][ T7986] loop3: detected capacity change from 0 to 32768
[  341.426867][ T7988] netlink: 12 bytes leftover after parsing attributes in process `syz.4.554'.
[  341.519578][ T7981] loop1: detected capacity change from 0 to 8192
[  342.360225][ T7986] workqueue: Failed to create a rescuer kthread for wq "ocfs2_wq": -EINTR
[  342.361914][ T7986] (syz.3.552,7986,0):ocfs2_initialize_super:2229 ERROR: status = -12
[  342.391178][ T7986] (syz.3.552,7986,0):ocfs2_fill_super:1177 ERROR: status = -12
[  342.903615][ T7993] loop4: detected capacity change from 0 to 512
[  343.029750][ T7993] EXT4-fs: Ignoring removed oldalloc option
[  343.542779][ T7993] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.555: Parent and EA inode have the same ino 15
[  343.690551][ T7993] loop4: lost filesystem error report for type 5 error -117
[  343.696289][    C0] EXT4-fs (loop4): error count since last fsck: 1
[  343.723818][    C0] EXT4-fs (loop4): initial error at time 1770397697: ext4_xattr_inode_iget:437
[  343.740522][    C0] EXT4-fs (loop4): last error at time 1770397697: ext4_xattr_inode_iget:437
[  344.316416][ T7993] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.555: Parent and EA inode have the same ino 15
[  344.372918][ T7993] loop4: lost filesystem error report for type 5 error -117
[  344.378838][ T7993] EXT4-fs (loop4): 1 orphan inode deleted
[  344.418772][ T7993] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  345.540687][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.106747][ T8019] loop4: detected capacity change from 0 to 256
[  347.144287][ T8019] exFAT-fs (loop4): failed to test first cluster bit of root dir(5)
[  349.243101][ T8031] loop4: detected capacity change from 0 to 512
[  349.315558][ T5832] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  349.335231][ T5832] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  349.359392][ T5832] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  349.364073][ T8031] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.568: invalid indirect mapped block 4294967295 (level 1)
[  349.398947][ T5832] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  349.402119][ T5832] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  349.442124][ T8031] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  349.446298][    C0] EXT4-fs (loop4): error count since last fsck: 1
[  349.477447][    C0] EXT4-fs (loop4): initial error at time 1770397703: ext4_free_branches:1023: inode 11
[  349.502939][    C0] EXT4-fs (loop4): last error at time 1770397703: ext4_free_branches:1023: inode 11
[  349.536588][ T8031] EXT4-fs (loop4): Remounting filesystem read-only
[  349.556105][ T8031] EXT4-fs (loop4): 2 truncates cleaned up
[  349.572165][ T8031] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.717744][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.840884][ T8037] loop4: detected capacity change from 0 to 512
[  349.877617][ T8037] EXT4-fs: Ignoring removed oldalloc option
[  350.024016][ T8037] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.569: Parent and EA inode have the same ino 15
[  350.076876][ T8037] loop4: lost filesystem error report for type 5 error -117
[  350.086278][    C0] EXT4-fs (loop4): error count since last fsck: 1
[  350.107600][    C0] EXT4-fs (loop4): initial error at time 1770397703: ext4_xattr_inode_iget:437
[  350.121971][    C0] EXT4-fs (loop4): last error at time 1770397703: ext4_xattr_inode_iget:437
[  350.790720][ T8037] EXT4-fs error (device loop4): ext4_xattr_inode_iget:437: comm syz.4.569: Parent and EA inode have the same ino 15
[  350.809845][ T8037] loop4: lost filesystem error report for type 5 error -117
[  350.811529][ T8037] EXT4-fs (loop4): 1 orphan inode deleted
[  350.840116][ T8037] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.686604][ T5832] Bluetooth: hci3: command tx timeout
[  351.933508][ T8046] loop3: detected capacity change from 0 to 1024
[  352.022611][ T8046] EXT4-fs: Ignoring removed nomblk_io_submit option
[  352.114559][ T8046] EXT4-fs: Ignoring removed nomblk_io_submit option
[  352.143615][ T8050] loop1: detected capacity change from 0 to 256
[  352.272113][ T8046] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  352.360066][ T8050] exFAT-fs (loop1): failed to test first cluster bit of root dir(5)
[  352.423077][ T8046] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.478198][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.513624][ T7766] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  352.992897][ T1695] block nbd0: Possible stuck request ffff888027248000: control (read@0,1024B). Runtime 240 seconds
[  353.033095][ T1695] block nbd0: Possible stuck request ffff888027248200: control (read@1024,1024B). Runtime 240 seconds
[  353.123965][ T1695] block nbd0: Possible stuck request ffff888027248400: control (read@2048,1024B). Runtime 240 seconds
[  354.101812][ T1695] block nbd0: Possible stuck request ffff888027248600: control (read@3072,1024B). Runtime 240 seconds
[  354.592974][ T5832] Bluetooth: hci3: command tx timeout
[  355.387839][ T7766] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  355.629407][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.791773][ T7766] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  355.961469][ T7766] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  356.181707][ T1695] block nbd1: Possible stuck request ffff8880272e8000: control (read@0,1024B). Runtime 240 seconds
[  356.208269][ T1695] block nbd1: Possible stuck request ffff8880272e8200: control (read@1024,1024B). Runtime 240 seconds
[  356.236419][ T1695] block nbd1: Possible stuck request ffff8880272e8400: control (read@2048,1024B). Runtime 240 seconds
[  356.259634][ T1695] block nbd1: Possible stuck request ffff8880272e8600: control (read@3072,1024B). Runtime 240 seconds
[  356.646363][ T5832] Bluetooth: hci3: command tx timeout
[  358.664020][ T8095] syzkaller0: entered promiscuous mode
[  358.718238][ T8095] syzkaller0: entered allmulticast mode
[  358.988915][ T5832] Bluetooth: hci3: command tx timeout
[  358.992078][ T8098] netlink: 8 bytes leftover after parsing attributes in process `syz.4.583'.
[  360.261792][ T8032] chnl_net:caif_netlink_parms(): no params data found
[  361.815591][ T8113] loop1: detected capacity change from 0 to 8192
[  361.829239][ T8119] loop4: detected capacity change from 0 to 4096
[  361.890154][ T8113] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  362.075144][ T8119] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  362.114926][ T8119] ntfs3(loop4): ino=1a, mi_enum_attr
[  362.140440][ T8119] ntfs3(loop4): ino=1a, mi_enum_attr
[  362.212761][ T8119] ntfs3(loop4): Failed to initialize $Extend/$Reparse.
[  362.293280][ T8113] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  362.426949][ T8113] FAT-fs (loop1): Filesystem has been set read-only
[  362.495293][ T8113] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  362.568764][ T8113] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  362.862716][ T5821] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1052)
[  362.914394][ T8032] bridge0: port 1(bridge_slave_0) entered blocking state
[  362.935750][ T8032] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.882164][ T8032] bridge_slave_0: entered allmulticast mode
[  363.937995][ T8032] bridge_slave_0: entered promiscuous mode
[  364.445995][ T8141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.592'.
[  364.479051][ T8142] faux_driver vgem: [drm] Unknown color mode 9; guessing buffer size.
[  364.658511][ T8032] bridge0: port 2(bridge_slave_1) entered blocking state
[  364.672712][ T8032] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.686322][ T8032] bridge_slave_1: entered allmulticast mode
[  364.711595][ T8032] bridge_slave_1: entered promiscuous mode
[  364.817645][ T7766] 8021q: adding VLAN 0 to HW filter on device bond0
[  365.126762][ T1695] block nbd2: Possible stuck request ffff888027308000: control (read@0,1024B). Runtime 240 seconds
[  365.337180][ T8032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  365.394731][ T8032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  365.541428][ T1695] block nbd2: Possible stuck request ffff888027308200: control (read@1024,1024B). Runtime 240 seconds
[  365.559269][ T1695] block nbd2: Possible stuck request ffff888027308400: control (read@2048,1024B). Runtime 240 seconds
[  365.579714][ T1695] block nbd2: Possible stuck request ffff888027308600: control (read@3072,1024B). Runtime 240 seconds
[  365.689228][ T8154] CIFS: Unable to determine destination address
[  366.522612][ T8032] team0: Port device team_slave_0 added
[  366.612044][ T8032] team0: Port device team_slave_1 added
[  366.640361][ T8156] loop3: detected capacity change from 0 to 4096
[  366.795088][ T8156] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  366.867337][ T7766] 8021q: adding VLAN 0 to HW filter on device team0
[  366.978003][ T8156] ntfs3(loop3): ino=1a, mi_enum_attr
[  367.032496][ T8156] ntfs3(loop3): ino=1a, mi_enum_attr
[  367.073614][ T8156] ntfs3(loop3): Failed to initialize $Extend/$Reparse.
[  367.103768][ T8032] batman_adv: batadv0: Adding interface: batadv_slave_0
[  367.185001][ T8032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  367.281291][ T8032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  367.776268][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  367.786651][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  367.851369][ T8032] batman_adv: batadv0: Adding interface: batadv_slave_1
[  367.879054][ T8032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  368.000567][ T8032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  368.228208][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  368.241502][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  368.674622][ T8032] hsr_slave_0: entered promiscuous mode
[  368.752304][ T8032] hsr_slave_1: entered promiscuous mode
[  368.792870][ T8032] debugfs: 'hsr0' already exists in 'hsr'
[  369.125566][ T8032] Cannot create hsr debugfs directory
[  369.216523][ T8176] netlink: 8 bytes leftover after parsing attributes in process `syz.3.603'.
[  370.305425][ T8180] loop3: detected capacity change from 0 to 1024
[  370.378232][ T8180] EXT4-fs: Ignoring removed nomblk_io_submit option
[  370.479721][ T8180] EXT4-fs: Ignoring removed nomblk_io_submit option
[  370.588502][ T8180] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  370.736068][ T8180] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.056146][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.102620][   T51] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  372.128230][   T51] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  372.160015][   T51] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  372.178965][   T51] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  372.198342][   T51] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  372.854459][ T8196] loop1: detected capacity change from 0 to 4096
[  372.927804][ T8202] CIFS: Unable to determine destination address
[  373.532320][ T8196] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  373.625449][ T8196] ntfs3(loop1): ino=1a, mi_enum_attr
[  373.689045][ T8196] ntfs3(loop1): ino=1a, mi_enum_attr
[  373.695298][ T8196] ntfs3(loop1): Failed to initialize $Extend/$Reparse.
[  374.328372][ T5832] Bluetooth: hci1: command tx timeout
[  374.454656][ T8032] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  374.544031][ T8032] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  374.704094][ T8210] loop3: detected capacity change from 0 to 32768
[  374.749658][ T8210] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  374.783462][ T8228] syz.1.616 uses obsolete (PF_INET,SOCK_PACKET)
[  374.825554][ T8032] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  374.850988][ T8210] XFS (loop3): Ending clean mount
[  375.028588][ T8032] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  375.154573][ T8188] chnl_net:caif_netlink_parms(): no params data found
[  375.471391][ T8216] loop4: detected capacity change from 0 to 40427
[  375.567719][ T8216] F2FS-fs (loop4): build fault injection rate: 19
[  375.601649][ T8216] F2FS-fs (loop4): build fault injection type: 0x3bfe8c
[  375.619429][ T5818] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  375.639816][ T8216] F2FS-fs (loop4): invalid crc value
[  375.855699][ T8240] loop1: detected capacity change from 0 to 164
[  376.157470][ T8216] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810
[  376.397570][ T8216] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410
[  376.415082][ T5832] Bluetooth: hci1: command tx timeout
[  376.437139][ T8216] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  376.497630][ T8216] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  377.073040][ T8252] loop1: detected capacity change from 0 to 16
[  377.093003][ T8252] erofs (device loop1): mounted with root inode @ nid 36.
[  377.350473][ T8188] bridge0: port 1(bridge_slave_0) entered blocking state
[  377.401169][ T8188] bridge0: port 1(bridge_slave_0) entered disabled state
[  377.436828][ T8188] bridge_slave_0: entered allmulticast mode
[  377.451904][ T8188] bridge_slave_0: entered promiscuous mode
[  377.498981][ T8188] bridge0: port 2(bridge_slave_1) entered blocking state
[  377.775602][ T8188] bridge0: port 2(bridge_slave_1) entered disabled state
[  378.376775][ T8188] bridge_slave_1: entered allmulticast mode
[  378.466466][ T8188] bridge_slave_1: entered promiscuous mode
[  378.499656][ T5832] Bluetooth: hci1: command tx timeout
[  379.826315][ T8263] CIFS: Unable to determine destination address
[  380.626643][ T5832] Bluetooth: hci1: command tx timeout
[  380.674481][ T8188] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  380.933854][ T8188] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  381.191685][ T8188] team0: Port device team_slave_0 added
[  381.334246][ T8188] team0: Port device team_slave_1 added
[  381.366900][   T49] bridge_slave_1: left allmulticast mode
[  381.385555][   T49] bridge_slave_1: left promiscuous mode
[  381.399417][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  381.519282][   T49] bridge_slave_0: left allmulticast mode
[  381.591837][   T49] bridge_slave_0: left promiscuous mode
[  381.617177][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  383.051279][ T1695] block nbd0: Possible stuck request ffff888027248000: control (read@0,1024B). Runtime 270 seconds
[  383.128437][ T1695] block nbd0: Possible stuck request ffff888027248200: control (read@1024,1024B). Runtime 270 seconds
[  383.176562][ T1695] block nbd0: Possible stuck request ffff888027248400: control (read@2048,1024B). Runtime 270 seconds
[  383.241704][ T8288] loop3: detected capacity change from 0 to 32768
[  383.256576][ T8288] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.625 (8288)
[  383.295168][ T8288] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  383.320548][ T8288] BTRFS info (device loop3): using crc32c checksum algorithm
[  383.419643][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  383.466987][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  383.505115][   T49] bond0 (unregistering): Released all slaves
[  383.574149][ T8288] BTRFS info (device loop3): turning off barriers
[  383.606711][ T8288] BTRFS info (device loop3): enabling free space tree
[  383.626468][ T8288] BTRFS info (device loop3): use zlib compression, level 3
[  383.706309][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  383.716819][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  383.782325][ T8188] batman_adv: batadv0: Adding interface: batadv_slave_0
[  383.829041][ T8188] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  383.910076][ T8188] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  383.948841][ T8188] batman_adv: batadv0: Adding interface: batadv_slave_1
[  383.958210][ T8188] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  384.126267][ T8188] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  384.297617][ T1695] block nbd0: Possible stuck request ffff888027248600: control (read@3072,1024B). Runtime 270 seconds
[  384.425570][ T5818] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  384.597378][   T49] hsr_slave_0: left promiscuous mode
[  384.731664][ T8321] loop4: detected capacity change from 0 to 1024
[  384.745803][ T8321] EXT4-fs (loop4): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[  384.802209][ T8321] EXT4-fs error (device loop4): ext4_map_blocks:776: inode #3: block 2: comm syz.4.629: lblock 2 mapped to illegal pblock 2 (length 1)
[  384.837279][ T8321] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  384.839037][ T8321] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  384.855843][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  384.855875][    C1] EXT4-fs (loop4): initial error at time 1770397738: ext4_map_blocks:776: inode 3: block 2
[  384.855920][    C1] EXT4-fs (loop4): last error at time 1770397738: ext4_map_blocks:776: inode 3: block 2
[  384.932652][ T8321] EXT4-fs error (device loop4): ext4_map_blocks:776: inode #3: block 48: comm syz.4.629: lblock 0 mapped to illegal pblock 48 (length 1)
[  384.953380][ T8321] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  384.953938][ T8321] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  384.983991][ T8321] EXT4-fs error (device loop4): ext4_acquire_dquot:7003: comm syz.4.629: Failed to acquire dquot type 0
[  385.004178][ T8321] loop4: lost filesystem error report for type 5 error -117
[  385.004777][ T8321] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6246: Corrupt filesystem
[  385.041868][ T8321] loop4: lost filesystem error report for type 5 error -117
[  385.042206][ T8321] EXT4-fs error (device loop4): ext4_evict_inode:255: inode #11: comm syz.4.629: mark_inode_dirty error
[  385.077439][ T8321] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  385.077850][ T8321] EXT4-fs warning (device loop4): ext4_evict_inode:258: couldn't mark inode dirty (err -117)
[  385.160556][   T49] hsr_slave_1: left promiscuous mode
[  385.196143][ T8321] EXT4-fs (loop4): 1 orphan inode deleted
[  385.208799][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  385.231830][ T8321] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  385.361184][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  385.927424][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.951930][ T5964] EXT4-fs error (device loop4): ext4_map_blocks:776: inode #3: block 1: comm kworker/u8:8: lblock 1 mapped to illegal pblock 1 (length 1)
[  385.977096][ T5964] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  385.979757][ T5964] Quota error (device loop4): remove_tree: Can't read quota data block 1
[  386.019359][ T5964] EXT4-fs error (device loop4): ext4_release_dquot:7039: comm kworker/u8:8: Failed to release dquot type 0
[  386.036019][ T5964] loop4: lost filesystem error report for type 5 error -117
[  386.108149][ T5838] EXT4-fs error (device loop4): __ext4_get_inode_loc:4782: comm syz-executor: Invalid inode table block 1 in block_group 0
[  386.194812][ T5838] loop4: lost filesystem error report for type 5 error -117
[  386.205243][ T5838] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6246: Corrupt filesystem
[  386.249554][ T1695] block nbd1: Possible stuck request ffff8880272e8000: control (read@0,1024B). Runtime 270 seconds
[  386.272522][ T1695] block nbd1: Possible stuck request ffff8880272e8200: control (read@1024,1024B). Runtime 270 seconds
[  386.297139][ T1695] block nbd1: Possible stuck request ffff8880272e8400: control (read@2048,1024B). Runtime 270 seconds
[  386.314732][ T1695] block nbd1: Possible stuck request ffff8880272e8600: control (read@3072,1024B). Runtime 270 seconds
[  386.377065][ T5838] loop4: lost filesystem error report for type 5 error -117
[  386.378040][ T5838] EXT4-fs error (device loop4): ext4_quota_off:7287: inode #3: comm syz-executor: mark_inode_dirty error
[  386.405390][ T5838] loop4: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  386.831219][ T8339] CIFS: Unable to determine destination address
[  387.549980][   T49] team0 (unregistering): Port device team_slave_1 removed
[  387.764009][   T49] team0 (unregistering): Port device team_slave_0 removed
[  388.124045][ T8330] loop3: detected capacity change from 0 to 32768
[  388.138548][ T8330] ocfs2: Unknown parameter '��W�@�:ء�ώ����Y�8v��C�E�7��^�V��[�퀚�u�����`Ԡj����-z;G�c7E��5��'
[  391.946138][ T8188] hsr_slave_0: entered promiscuous mode
[  392.032284][ T8188] hsr_slave_1: entered promiscuous mode
[  392.098556][ T8188] debugfs: 'hsr0' already exists in 'hsr'
[  392.136606][ T8188] Cannot create hsr debugfs directory
[  392.415973][ T8032] 8021q: adding VLAN 0 to HW filter on device bond0
[  392.497753][ T8379] CIFS: Unable to determine destination address
[  393.326841][ T8372] bond0: (slave bond_slave_1): Releasing backup interface
[  393.808680][ T8395] loop3: detected capacity change from 0 to 64
[  393.824330][ T8032] 8021q: adding VLAN 0 to HW filter on device team0
[  394.190841][ T6458] bridge0: port 1(bridge_slave_0) entered blocking state
[  394.201453][ T6458] bridge0: port 1(bridge_slave_0) entered forwarding state
[  394.535239][ T5964] bridge0: port 2(bridge_slave_1) entered blocking state
[  394.543347][ T5964] bridge0: port 2(bridge_slave_1) entered forwarding state
[  394.868665][ T8384] loop4: detected capacity change from 0 to 32768
[  394.940546][ T8384] 
[  394.940546][ T8384]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  394.940546][ T8384] 
[  395.188541][ T8384] ERROR: (device loop4): diWrite: ixpxd invalid
[  395.188541][ T8384] 
[  395.217215][ T1695] block nbd2: Possible stuck request ffff888027308000: control (read@0,1024B). Runtime 270 seconds
[  395.311415][ T8384] ERROR: (device loop4): txCommit: 
[  395.311415][ T8384] 
[  395.408183][ T8409] ERROR: (device loop4): diWrite: ixpxd invalid
[  395.408183][ T8409] 
[  395.457870][ T8409] ERROR: (device loop4): txCommit: 
[  395.457870][ T8409] 
[  395.498254][ T8412] ERROR: (device loop4): dtSearch: stack overrun!
[  395.498254][ T8412] 
[  395.537827][ T8412] btstack dump:
[  395.553006][ T8412] bn = 0, index = 0
[  395.563213][ T8412] bn = 0, index = 0
[  395.569026][ T1695] block nbd2: Possible stuck request ffff888027308200: control (read@1024,1024B). Runtime 270 seconds
[  395.596484][ T1695] block nbd2: Possible stuck request ffff888027308400: control (read@2048,1024B). Runtime 270 seconds
[  395.614129][ T8412] bn = 0, index = 0
[  395.614174][ T8412] bn = 0, index = 0
[  395.614187][ T8412] bn = 0, index = 0
[  395.614198][ T8412] bn = 0, index = 0
[  395.614215][ T8412] bn = 0, index = 0
[  395.614227][ T8412] bn = 0, index = 0
[  395.614262][ T8412] jfs_mkdir: dtSearch returned -5
[  395.660247][ T1695] block nbd2: Possible stuck request ffff888027308600: control (read@3072,1024B). Runtime 270 seconds
[  395.865887][ T5838] 
[  395.865887][ T5838]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  395.865887][ T5838] 
[  395.899085][ T5838] 
[  395.899085][ T5838]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  395.899085][ T5838] 
[  396.458310][ T8431] CIFS: Unable to determine destination address
[  397.047785][ T8430] bond0: (slave bond_slave_1): Releasing backup interface
[  397.404061][ T8032] 8021q: adding VLAN 0 to HW filter on device batadv0
[  397.476085][ T8441] netlink: 'syz.3.654': attribute type 21 has an invalid length.
[  397.508318][ T8441] netlink: 128 bytes leftover after parsing attributes in process `syz.3.654'.
[  397.581681][ T8441] netlink: 3 bytes leftover after parsing attributes in process `syz.3.654'.
[  398.514610][ T8188] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  398.667299][ T8188] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  398.729189][ T8188] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  398.791398][ T8188] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  399.498855][ T8188] 8021q: adding VLAN 0 to HW filter on device bond0
[  399.610005][ T8032] veth0_vlan: entered promiscuous mode
[  399.649117][ T8188] 8021q: adding VLAN 0 to HW filter on device team0
[  399.689623][ T6893] bridge0: port 1(bridge_slave_0) entered blocking state
[  399.697434][ T6893] bridge0: port 1(bridge_slave_0) entered forwarding state
[  399.713546][ T8032] veth1_vlan: entered promiscuous mode
[  399.751994][ T6893] bridge0: port 2(bridge_slave_1) entered blocking state
[  399.760083][ T6893] bridge0: port 2(bridge_slave_1) entered forwarding state
[  400.076645][ T8032] veth0_macvtap: entered promiscuous mode
[  400.084128][ T8464] loop4: detected capacity change from 0 to 32768
[  400.134925][ T8032] veth1_macvtap: entered promiscuous mode
[  400.203795][ T8464] 
[  400.203795][ T8464]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  400.203795][ T8464] 
[  400.278530][ T8464] ERROR: (device loop4): diWrite: ixpxd invalid
[  400.278530][ T8464] 
[  400.330968][ T8464] ERROR: (device loop4): txCommit: 
[  400.330968][ T8464] 
[  400.350475][ T8032] batman_adv: batadv0: Interface activated: batadv_slave_0
[  400.395005][ T8491] jfs_mkdir: dtSearch returned -17
[  400.449432][ T8032] batman_adv: batadv0: Interface activated: batadv_slave_1
[  400.566995][ T6458] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  400.601387][ T5838] 
[  400.601387][ T5838]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  400.601387][ T5838] 
[  400.616515][ T6458] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  400.616595][ T6458] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  400.616635][ T6458] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  400.714804][ T5838] 
[  400.714804][ T5838]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  400.714804][ T5838] 
[  400.742443][ T8475] loop1: detected capacity change from 0 to 32768
[  400.977040][ T8475] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  401.049765][ T8475] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  401.616316][ T8475] XFS (loop1): Ending clean mount
[  401.690218][  T991] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  401.716766][  T991] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  401.738025][ T8475] XFS (loop1): Quotacheck needed: Please wait.
[  401.828734][ T8188] 8021q: adding VLAN 0 to HW filter on device batadv0
[  401.906955][ T8475] XFS (loop1): Quotacheck: Done.
[  402.083013][ T5964] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  402.115933][ T8520] netlink: 'syz.4.665': attribute type 21 has an invalid length.
[  402.128623][ T8520] netlink: 128 bytes leftover after parsing attributes in process `syz.4.665'.
[  402.160738][ T8520] netlink: 3 bytes leftover after parsing attributes in process `syz.4.665'.
[  403.133663][ T5964] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  403.715321][ T8521] loop3: detected capacity change from 0 to 32768
[  403.856783][ T8521] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  403.975860][ T8521] JBD2: Ignoring recovery information on journal
[  404.374515][ T8521] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  405.579359][ T8521] OCFS2: ERROR (device loop3): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #32 has an invalid fs_generation of #1
[  405.606879][ T8521] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  405.623466][ T8521] OCFS2: File system is now read-only.
[  405.633584][ T8521] (syz.3.664,8521,1):ocfs2_search_chain:1888 ERROR: status = -30
[  405.645010][ T8521] (syz.3.664,8521,1):ocfs2_search_chain:2011 ERROR: status = -30
[  405.655301][ T8521] (syz.3.664,8521,1):ocfs2_claim_suballoc_bits:2098 ERROR: status = -30
[  405.669070][ T8521] (syz.3.664,8521,1):ocfs2_claim_suballoc_bits:2151 ERROR: status = -30
[  405.683103][ T8521] (syz.3.664,8521,1):__ocfs2_claim_clusters:2532 ERROR: status = -30
[  405.697922][ T8521] (syz.3.664,8521,1):__ocfs2_claim_clusters:2540 ERROR: status = -30
[  405.711459][ T8521] (syz.3.664,8521,1):ocfs2_local_alloc_new_window:1197 ERROR: status = -30
[  405.724859][ T8521] (syz.3.664,8521,1):ocfs2_local_alloc_new_window:1222 ERROR: status = -30
[  405.736502][ T8521] (syz.3.664,8521,1):ocfs2_local_alloc_slide_window:1296 ERROR: status = -30
[  405.748347][ T8521] (syz.3.664,8521,1):ocfs2_local_alloc_slide_window:1315 ERROR: status = -30
[  405.761668][ T8521] (syz.3.664,8521,1):ocfs2_reserve_local_alloc_bits:672 ERROR: status = -30
[  405.774883][ T8521] (syz.3.664,8521,1):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -30
[  405.790689][ T8521] (syz.3.664,8521,1):ocfs2_reserve_clusters_with_limit:1241 ERROR: status = -30
[  405.805008][ T8521] (syz.3.664,8521,1):ocfs2_reserve_clusters_with_limit:1290 ERROR: status = -30
[  405.823820][ T8521] (syz.3.664,8521,1):ocfs2_symlink:1927 ERROR: status = -30
[  405.840303][ T8521] (syz.3.664,8521,1):ocfs2_symlink:2081 ERROR: status = -30
[  406.379995][ T5821] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  406.583026][ T5818] ocfs2: Unmounting device (7,3) on (node local)
[  406.867896][ T8544] loop4: detected capacity change from 0 to 256
[  407.182718][ T8188] veth0_vlan: entered promiscuous mode
[  407.274076][ T8188] veth1_vlan: entered promiscuous mode
[  407.620689][ T8188] veth0_macvtap: entered promiscuous mode
[  407.982671][ T8188] veth1_macvtap: entered promiscuous mode
[  409.814588][ T8188] batman_adv: batadv0: Interface activated: batadv_slave_0
[  410.035056][ T8572] loop1: detected capacity change from 0 to 512
[  410.047031][ T8572] EXT4-fs: Ignoring removed mblk_io_submit option
[  410.054385][ T8572] EXT4-fs: inline encryption not supported
[  410.061815][ T8572] EXT4-fs: Ignoring removed mblk_io_submit option
[  410.120544][ T8572] EXT4-fs (loop1): Test dummy encryption mode enabled
[  410.128616][ T8572] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  410.259314][ T8572] EXT4-fs (loop1): 1 truncate cleaned up
[  410.276749][ T8572] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  410.799487][ T8188] batman_adv: batadv0: Interface activated: batadv_slave_1
[  412.750948][ T8583] loop3: detected capacity change from 0 to 32768
[  414.042761][ T1695] block nbd0: Possible stuck request ffff888027248000: control (read@0,1024B). Runtime 300 seconds
[  414.056164][ T1695] block nbd0: Possible stuck request ffff888027248200: control (read@1024,1024B). Runtime 300 seconds
[  414.068531][ T1695] block nbd0: Possible stuck request ffff888027248400: control (read@2048,1024B). Runtime 300 seconds
[  414.419952][ T5964] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  414.476333][ T5964] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  414.548854][ T5964] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  414.610577][ T5964] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  414.717455][ T1695] block nbd0: Possible stuck request ffff888027248600: control (read@3072,1024B). Runtime 300 seconds
[  414.771235][ T8583] workqueue: Failed to create a rescuer kthread for wq "ocfs2_wq": -EINTR
[  414.771320][ T8583] (syz.3.677,8583,0):ocfs2_initialize_super:2229 ERROR: status = -12
[  414.772037][ T5821] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.782495][ T8583] (syz.3.677,8583,0):ocfs2_fill_super:1177 ERROR: status = -12
[  415.214938][ T8597] loop1: detected capacity change from 0 to 256
[  416.483267][ T1695] block nbd1: Possible stuck request ffff8880272e8000: control (read@0,1024B). Runtime 300 seconds
[  416.495899][ T1695] block nbd1: Possible stuck request ffff8880272e8200: control (read@1024,1024B). Runtime 300 seconds
[  416.511923][ T1695] block nbd1: Possible stuck request ffff8880272e8400: control (read@2048,1024B). Runtime 300 seconds
[  416.531286][ T1695] block nbd1: Possible stuck request ffff8880272e8600: control (read@3072,1024B). Runtime 300 seconds
[  418.249891][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  418.346738][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  418.510349][ T8616] loop4: detected capacity change from 0 to 512
[  418.563915][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  418.633255][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  420.570606][ T8644] 9pnet_fd: p9_fd_create_tcp (8644): problem connecting socket to 127.0.0.1
[  420.919881][ T8650] loop3: detected capacity change from 0 to 512
[  420.939180][ T8650] EXT4-fs: Ignoring removed nobh option
[  420.949760][ T8650] EXT4-fs: quotafile must be on filesystem root
[  424.094083][ T8678] loop5: detected capacity change from 0 to 512
[  425.327157][ T1695] block nbd2: Possible stuck request ffff888027308000: control (read@0,1024B). Runtime 300 seconds
[  426.053189][ T1695] block nbd2: Possible stuck request ffff888027308200: control (read@1024,1024B). Runtime 300 seconds
[  426.066388][ T1695] block nbd2: Possible stuck request ffff888027308400: control (read@2048,1024B). Runtime 300 seconds
[  426.133436][ T1695] block nbd2: Possible stuck request ffff888027308600: control (read@3072,1024B). Runtime 300 seconds
[  426.236685][ T8702] loop6: detected capacity change from 0 to 1024
[  426.290067][ T8702] EXT4-fs: Ignoring removed nomblk_io_submit option
[  426.298219][ T8702] EXT4-fs: Ignoring removed nomblk_io_submit option
[  426.316304][ T8702] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  426.657552][ T8702] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  426.772236][ T8712] 9pnet_fd: p9_fd_create_tcp (8712): problem connecting socket to 127.0.0.1
[  427.756406][ T8718] netlink: 8 bytes leftover after parsing attributes in process `syz.4.709'.
[  428.834485][ T8725] loop3: detected capacity change from 0 to 512
[  429.095866][ T8032] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  432.507485][ T8760] netlink: 8 bytes leftover after parsing attributes in process `syz.5.722'.
[  432.736954][ T8768] loop1: detected capacity change from 0 to 512
[  432.787070][ T8766] loop6: detected capacity change from 0 to 1024
[  432.822627][ T8766] EXT4-fs: Ignoring removed nomblk_io_submit option
[  432.862240][ T8766] EXT4-fs: Ignoring removed nomblk_io_submit option
[  432.929382][ T8766] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  433.663853][ T8766] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  434.469930][ T8032] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.135825][ T8809] loop3: detected capacity change from 0 to 64
[  439.521323][ T8826] loop3: detected capacity change from 0 to 2048
[  439.544249][ T8824] loop4: detected capacity change from 0 to 512
[  439.571267][ T8802] loop6: detected capacity change from 0 to 32768
[  439.643475][ T8826] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  439.657409][ T8826] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  440.111860][ T8802] read_mapping_page failed!
[  440.391358][ T8802] jfs_mount: diMount(ipaimap) failed w/rc = -5
[  441.117603][ T8802] Mount JFS Failure: -5
[  441.181191][ T8802] jfs_mount failed w/return code = -5
[  441.837779][ T8830] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 5 vs 4156096517 free clusters
[  442.128777][ T5818] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  442.201409][ T5947] ==================================================================
[  442.211665][ T5947] BUG: KASAN: slab-use-after-free in kernfs_get+0x20/0x90
[  442.220721][ T5947] Read of size 4 at addr ffff88803c32e5a0 by task kworker/1:8/5947
[  442.231725][ T5947] 
[  442.234451][ T5947] CPU: 1 UID: 0 PID: 5947 Comm: kworker/1:8 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  442.234490][ T5947] Tainted: [L]=SOFTLOCKUP
[  442.234498][ T5947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  442.234530][ T5947] Workqueue: events update_super_work
[  442.234582][ T5947] Call Trace:
[  442.234594][ T5947]  <TASK>
[  442.234604][ T5947]  dump_stack_lvl+0xe8/0x150
[  442.234637][ T5947]  print_report+0xba/0x230
[  442.234664][ T5947]  ? kernfs_get+0x20/0x90
[  442.234687][ T5947]  kasan_report+0x117/0x150
[  442.234714][ T5947]  ? kernfs_get+0x20/0x90
[  442.234743][ T5947]  kasan_check_range+0x264/0x2c0
[  442.234770][ T5947]  kernfs_get+0x20/0x90
[  442.234795][ T5947]  sysfs_notify+0x5a/0xe0
[  442.234816][ T5947]  ? process_one_work+0x87c/0x1650
[  442.234844][ T5947]  process_one_work+0x949/0x1650
[  442.234886][ T5947]  ? __pfx_process_one_work+0x10/0x10
[  442.234912][ T5947]  ? do_raw_spin_lock+0x12b/0x2f0
[  442.234944][ T5947]  worker_thread+0xb46/0x1140
[  442.234979][ T5947]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  442.235013][ T5947]  kthread+0x388/0x470
[  442.235034][ T5947]  ? __pfx_worker_thread+0x10/0x10
[  442.235062][ T5947]  ? __pfx_kthread+0x10/0x10
[  442.235084][ T5947]  ret_from_fork+0x51e/0xb90
[  442.235114][ T5947]  ? __pfx_ret_from_fork+0x10/0x10
[  442.235140][ T5947]  ? __switch_to+0xc7d/0x1450
[  442.235168][ T5947]  ? __pfx_kthread+0x10/0x10
[  442.235188][ T5947]  ret_from_fork_asm+0x1a/0x30
[  442.235231][ T5947]  </TASK>
[  442.235239][ T5947] 
[  442.405692][ T5947] Allocated by task 8826:
[  442.410211][ T5947]  kasan_save_track+0x3e/0x80
[  442.416589][ T5947]  __kasan_slab_alloc+0x6c/0x80
[  442.421576][ T5947]  kmem_cache_alloc_noprof+0x2bc/0x650
[  442.427079][ T5947]  __kernfs_new_node+0xe9/0x8e0
[  442.431964][ T5947]  kernfs_new_node+0x102/0x210
[  442.438086][ T5947]  kernfs_create_dir_ns+0x44/0x130
[  442.448702][ T5947]  sysfs_create_dir_ns+0x12f/0x2a0
[  442.460888][ T5947]  kobject_add_internal+0x62b/0xd00
[  442.468606][ T5947]  kobject_init_and_add+0x12b/0x1a0
[  442.479633][ T5947]  ext4_register_sysfs+0xae/0x2a0
[  442.485823][ T5947]  ext4_fill_super+0x5daf/0x6320
[  442.493465][ T5947]  get_tree_bdev_flags+0x431/0x4f0
[  442.500761][ T5947]  vfs_get_tree+0x92/0x2a0
[  442.505507][ T5947]  do_new_mount+0x341/0xd30
[  442.511171][ T5947]  __se_sys_mount+0x31d/0x420
[  442.520390][ T5947]  do_syscall_64+0x14d/0xf80
[  442.529559][ T5947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.539385][ T5947] 
[  442.543886][ T5947] Freed by task 5188:
[  442.549584][ T5947]  kasan_save_track+0x3e/0x80
[  442.556523][ T5947]  kasan_save_free_info+0x46/0x50
[  442.563204][ T5947]  __kasan_slab_free+0x5c/0x80
[  442.569121][ T5947]  kmem_cache_free+0x187/0x630
[  442.575430][ T5947]  rcu_core+0x7cd/0x1070
[  442.583521][ T5947]  handle_softirqs+0x22a/0x870
[  442.589038][ T5947]  do_softirq+0x76/0xd0
[  442.595950][ T5947]  __local_bh_enable_ip+0xf8/0x130
[  442.603550][ T5947]  __alloc_skb+0x1aa/0x7d0
[  442.608397][ T5947]  netlink_sendmsg+0x5d4/0xb40
[  442.615348][ T5947]  sock_sendmsg_nosec+0x18f/0x1d0
[  442.621583][ T5947]  ____sys_sendmsg+0x589/0x8c0
[  442.628078][ T5947]  ___sys_sendmsg+0x2a5/0x360
[  442.635514][ T5947]  __x64_sys_sendmsg+0x1bd/0x2a0
[  442.641887][ T5947]  do_syscall_64+0x14d/0xf80
[  442.647837][ T5947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.655742][ T5947] 
[  442.658738][ T5947] Last potentially related work creation:
[  442.664967][ T5947]  kasan_save_stack+0x3e/0x60
[  442.670020][ T5947]  kasan_record_aux_stack+0xbd/0xd0
[  442.675815][ T5947]  call_rcu+0xee/0x890
[  442.681528][ T5947]  kernfs_put+0x18e/0x470
[  442.687111][ T5947]  __kobject_del+0xe9/0x330
[  442.692261][ T5947]  kobject_del+0x45/0x60
[  442.698528][ T5947]  ext4_put_super+0x74/0xc40
[  442.704931][ T5947]  generic_shutdown_super+0x13d/0x2d0
[  442.713094][ T5947]  kill_block_super+0x44/0x90
[  442.719658][ T5947]  ext4_kill_sb+0x68/0xb0
[  442.726394][ T5947]  deactivate_locked_super+0xbc/0x130
[  442.733387][ T5947]  cleanup_mnt+0x437/0x4d0
[  442.739220][ T5947]  task_work_run+0x1d9/0x270
[  442.745911][ T5947]  exit_to_user_mode_loop+0xed/0x480
[  442.753379][ T5947]  do_syscall_64+0x32d/0xf80
[  442.758427][ T5947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.766381][ T5947] 
[  442.770570][ T5947] The buggy address belongs to the object at ffff88803c32e5a0
[  442.770570][ T5947]  which belongs to the cache kernfs_node_cache of size 176
[  442.789881][ T5947] The buggy address is located 0 bytes inside of
[  442.789881][ T5947]  freed 176-byte region [ffff88803c32e5a0, ffff88803c32e650)
[  442.804078][ T5947] 
[  442.806614][ T5947] The buggy address belongs to the physical page:
[  442.813208][ T5947] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x3c32e
[  442.822628][ T5947] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  442.830333][ T5947] page_type: f5(slab)
[  442.834447][ T5947] raw: 00fff00000000000 ffff888140413780 dead000000000100 dead000000000122
[  442.844565][ T5947] raw: 0000000000000000 0000000000110011 00000000f5000000 0000000000000000
[  442.855940][ T5947] page dumped because: kasan: bad access detected
[  442.863714][ T5947] page_owner tracks the page as allocated
[  442.870523][ T5947] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 49, tgid 49 (kworker/u8:3), ts 378540699385, free_ts 377415198550
[  442.900626][ T5947]  post_alloc_hook+0x231/0x280
[  442.907642][ T5947]  get_page_from_freelist+0x24dc/0x2580
[  442.913876][ T5947]  __alloc_frozen_pages_noprof+0x18d/0x380
[  442.920266][ T5947]  allocate_slab+0x7b/0x660
[  442.925424][ T5947]  refill_objects+0x331/0x3c0
[  442.930761][ T5947]  __pcs_replace_empty_main+0x2b9/0x620
[  442.936443][ T5947]  kmem_cache_alloc_noprof+0x37d/0x650
[  442.942401][ T5947]  __kernfs_new_node+0xe9/0x8e0
[  442.947976][ T5947]  kernfs_new_node+0x102/0x210
[  442.954732][ T5947]  __kernfs_create_file+0x4b/0x2e0
[  442.961212][ T5947]  sysfs_add_file_mode_ns+0x238/0x300
[  442.969172][ T5947]  internal_create_group+0x673/0x1180
[  442.975738][ T5947]  sysfs_create_groups+0x59/0x120
[  442.983185][ T5947]  device_add_attrs+0xdd/0x5b0
[  442.989036][ T5947]  device_add+0x496/0xb70
[  442.994149][ T5947]  netdev_register_kobject+0x178/0x310
[  443.000467][ T5947] page last free pid 5838 tgid 5838 stack trace:
[  443.007371][ T5947]  free_unref_folios+0xd38/0x14c0
[  443.012455][ T5947]  folios_put_refs+0x789/0x8d0
[  443.017749][ T5947]  truncate_inode_pages_range+0x3dd/0xe30
[  443.024456][ T5947]  blkdev_flush_mapping+0x109/0x2f0
[  443.030617][ T5947]  bdev_release+0x417/0x650
[  443.035637][ T5947]  blkdev_release+0x15/0x20
[  443.040497][ T5947]  __fput+0x44f/0xa70
[  443.044955][ T5947]  task_work_run+0x1d9/0x270
[  443.049883][ T5947]  exit_to_user_mode_loop+0xed/0x480
[  443.055529][ T5947]  do_syscall_64+0x32d/0xf80
[  443.060253][ T5947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  443.066462][ T5947] 
[  443.069257][ T5947] Memory state around the buggy address:
[  443.076668][ T5947]  ffff88803c32e480: fc fc fc fc fc fc fa fb fb fb fb fb fb fb fb fb
[  443.087493][ T5947]  ffff88803c32e500: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  443.096252][ T5947] >ffff88803c32e580: fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb fb
[  443.108895][ T5947]                                ^
[  443.115019][ T5947]  ffff88803c32e600: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc
[  443.124893][ T5947]  ffff88803c32e680: fc fc 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  443.136383][ T5947] ==================================================================
[  443.150205][ T8836] netlink: 8 bytes leftover after parsing attributes in process `syz.5.746'.
[  443.299236][ T5947] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  443.307869][ T5947] CPU: 1 UID: 0 PID: 5947 Comm: kworker/1:8 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  443.328902][ T5947] Tainted: [L]=SOFTLOCKUP
[  443.334319][ T5947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  443.346700][ T5947] Workqueue: events update_super_work
[  443.354439][ T5947] Call Trace:
[  443.359651][ T5947]  <TASK>
[  443.366856][ T5947]  vpanic+0x56c/0xa60
[  443.372214][ T5947]  ? __pfx_vpanic+0x10/0x10
[  443.378875][ T5947]  ? __pfx___schedule+0x10/0x10
[  443.384254][ T5947]  panic+0xc5/0xd0
[  443.390317][ T5947]  ? __pfx_panic+0x10/0x10
[  443.396984][ T5947]  ? preempt_schedule_thunk+0x16/0x30
[  443.403538][ T5947]  ? kernfs_get+0x20/0x90
[  443.408389][ T5947]  check_panic_on_warn+0x89/0xb0
[  443.414623][ T5947]  ? kernfs_get+0x20/0x90
[  443.422375][ T5947]  end_report+0x73/0x180
[  443.427778][ T5947]  ? kernfs_get+0x20/0x90
[  443.432507][ T5947]  kasan_report+0x128/0x150
[  443.437133][ T5947]  ? kernfs_get+0x20/0x90
[  443.442038][ T5947]  kasan_check_range+0x264/0x2c0
[  443.447588][ T5947]  kernfs_get+0x20/0x90
[  443.452523][ T5947]  sysfs_notify+0x5a/0xe0
[  443.457251][ T5947]  ? process_one_work+0x87c/0x1650
[  443.462947][ T5947]  process_one_work+0x949/0x1650
[  443.468785][ T5947]  ? __pfx_process_one_work+0x10/0x10
[  443.475645][ T5947]  ? do_raw_spin_lock+0x12b/0x2f0
[  443.481329][ T5947]  worker_thread+0xb46/0x1140
[  443.486943][ T5947]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  443.493460][ T5947]  kthread+0x388/0x470
[  443.498349][ T5947]  ? __pfx_worker_thread+0x10/0x10
[  443.504124][ T5947]  ? __pfx_kthread+0x10/0x10
[  443.508884][ T5947]  ret_from_fork+0x51e/0xb90
[  443.515389][ T5947]  ? __pfx_ret_from_fork+0x10/0x10
[  443.520818][ T5947]  ? __switch_to+0xc7d/0x1450
[  443.525909][ T5947]  ? __pfx_kthread+0x10/0x10
[  443.530743][ T5947]  ret_from_fork_asm+0x1a/0x30
[  443.535735][ T5947]  </TASK>
[  443.539427][ T5947] Kernel Offset: disabled
[  443.544294][ T5947] Rebooting in 86400 seconds..