last executing test programs:

12m25.072395016s ago: executing program 1 (id=1886):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x44f, 0xb65d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001500)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=")
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000540)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r1, &(0x7f00000093c0)={0x2020, 0x0, <r2=>0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r5, 0x0, 0x0)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000ec0)={0x158, 0x0, 0x0, [{{0x0, 0x0, 0x4, 0xe1ab, 0x3, 0x7f, {0x0, 0x9, 0x6, 0x101, 0xc, 0x6, 0x2, 0x9, 0x3, 0x2000, 0x800, r3, r4, 0xe66, 0x9}}, {0x0, 0x4632, 0x2, 0x3, 'fd'}}, {{0x4, 0x3, 0x0, 0x6, 0xfffffff9, 0x8, {0x5, 0x100, 0xc1, 0xfffffffffffffff9, 0x9, 0x100000000, 0x4, 0x5, 0x1, 0x4000, 0x9, 0x0, r4, 0x2, 0xf6}}, {0x2, 0x5, 0xa, 0x2e, '/dev/cuse\x00'}}]}, 0x0, 0x0, 0x0})
r6 = open(&(0x7f0000000040)='.\x00', 0x0, 0x1b0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r6, 0x800c6613, &(0x7f00000001c0)=@v2={0x2, @aes256, 0x4, '\x00', @a})
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000000080)={0x0, 0x24, 0x48, {0x48, 0x3, "ae54623f47fca317d578c41a8b056cbe79eae7fed3340b38556b20c85bed3f705357a29a2d9f25cfe464ddd955b8c717648f83b5d0e4bbe4174912f61940eab3e6814c5e56e1"}}, &(0x7f0000000100)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x41c}}, &(0x7f0000000140)={0x0, 0x22, 0xb, {[@main=@item_4={0x3, 0x0, 0x9, "956185bc"}, @global=@item_012={0x2, 0x1, 0x5, '62'}, @global=@item_012={0x2, 0x1, 0xa, "7190"}]}}, &(0x7f0000000180)={0x0, 0x21, 0x9, {0x9, 0x21, 0x2, 0x42, 0x1, {0x22, 0x6d8}}}}, &(0x7f0000000400)={0x2c, &(0x7f0000000200)={0x40, 0x5, 0x5a, "4c7a5cbc036970561fa6708c9fca97dc55316b3f7527f3346a4325c0adae37f5d9c7f396ba0b10e085b06c376f0ca71de43e944a26637eeadce7f91be7d7f7c1dac30492098149f5799e336a496a8e52ff007bf62099ea5967f5"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0xff}, &(0x7f00000002c0)={0x0, 0x8, 0x1, 0x1}, &(0x7f0000000440)=ANY=[@ANYBLOB="200188000000ec2a697b77473579648f0efc801370e141dd5cb8ff5bbc89e0799b28f057ff780a2a0b62620f66bb89c01fe97ba4944221adb4b41d7e5b980f6d6542495d5a8c5859f5e2fd1550f539a308ca4bdf13d720473f173546d1029ef62f16c0622580ab70244dd10b0e8458231c37709531d2531b22d72df20892b586b7cd42407026850e6c7c2847818ee33938c614c898f6237f3c3ca5065f980e8cb8e119a921af1e"], &(0x7f00000003c0)={0x20, 0x3, 0x1, 0xf8}})

12m21.106612104s ago: executing program 1 (id=1898):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x1, 0x24, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xf8}}, 0x82}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac95ab194f93f8e795a9b29420fa62d", 0x11}], 0x1}}], 0x1, 0x4000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

12m19.271554483s ago: executing program 1 (id=1901):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$int_in(r0, 0x5452, &(0x7f00000000c0)=0x7f)
bind$inet(r0, &(0x7f0000003900)={0x2, 0x4e24, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @empty}, 0x10)
sendto$inet(r0, &(0x7f0000000100)="f4188a9876a9431deeb98e3edfaafa03a11300e3aebb4102000000000034c5d2af03a5f261a35c07d07d371a4402394549d78c3f511bb4793daf4b4e28410e", 0x3f, 0x4040004, 0x0, 0x0)

12m18.524647181s ago: executing program 1 (id=1906):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000003c0)={[{@errors_remount}, {@gid}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@fmask={'fmask', 0x3d, 0x8c1}}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@errors_continue}, {@keep_last_dots}, {@errors_remount}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'ascii'}}, {@namecase}]}, 0x1, 0x1531, &(0x7f0000001f80)="$eJzs3AucTtX6OPDnWWvtMSS9TXIZ1lrP5k1imSTJJUkuSZIkSW4JSZMcSUgMuSUNSch1SC5DSC4Tk8b9fr8kJEmTJCG5Jev/Ef7qVL9zzu/0O86neb6fz/5Yz+z9rP287/Ne1t6YbzoOqtageuV6RAT/FrzwRxIAxAJAPwC4BgACACgdVzru/P7sEpP+vZOwP9fDqVe6AnYlcf+zNu5/1sb9z9q4/1kb9z9r4/5nbdz/rI37z1hWtnFq/mt5y7ob3///66vzh3v4+/8vJLPE6C9Wl7i+E0DMP5vC/c/auP9/WcE/cxD3P2vj/mdVsVe6APZfgN//f0lNfh1m+8MDuf9ZG/efsazsSt9/vtIbRLL2c3ClX3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxrKGU/6i0+AVAFwKr3RdjDHGGGOMMcYY+/P4bFe6AsYYY4wxxhhjjP3fQxAgQUEAMZANYiE75AABAFdDLrgGInAtxMF1kBuuhzyQF/JBfoiHAlAQNBiwQBBCISgMUbgBisCNUBRugmJQHByUgAS4GUrCLVAKboXScBuUgduhLJSD8lAB7oCKcCdUgrugMtwNVaAqVIPqcA/UgHuhJtwHteB+qA0PQB14EOrCQ1APHob68Ag0gEehITwGjaAxNIGm0Ox/lf8idIWXoBt0hyToAT3hZegFvaEP9IV+8Ar0h1dhALwGyTAQBsHrMBjegCHwJgyFYTAc3oIRMBJGwWgYA2MhBcbBeHgbJsA7MBEmwWSYAqkwFabBuzAdZsBMeA9mwfswG+bAXJgHafABzIcFkA4fwkL4CDJgESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/Yv7Jv8vvhICAAgUqVBiDMRiLsZgDc2BOzIm5MBdGMIJxGIe5MTfmwTyYD/NhPMZjQSyIBg0SEhbCQhjFKBbBIlgUi2IxLIYOHSZgApbEW7AUlsLSWBrLYBksi+WwHFbAClgRK2IlrISVsTJWwSpYDavhPXgP9sCaWBNrYS2sjbUv3Z7CelgP62N9bIANsCE2xEbYCJtgE2yGzbA5NscW2AJbYStsja2xDbbBREzEttgW22E7bI/tsQN2wI7YETthZ+yc+WI2wJfwJeyOVUQP7Ik9sRcmZ+uDfbEvvoL98VV8FV/DZByIg/B1fB3fwCF4AofiMByOw7GiGImjcDSSGIspmILjcTxOwAk4ESfhJJyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4f/1X9j29alQziPCWUiBExIlbEihwih8gpcopcIpeIiIiIE3Eit8gt8og8Ip/IJ+JFvCgoCgojjCARxgCAiIqoKCKKiKKiqCgmigknnEgQCaKkKClKiVKitLhNlBG3i7KinGjpKogKoqJo5SqJu0RlUVlUEVVFNVFdVBc1RA1RU9QUtUQtUVvUFnXEg6Ku6IF98GFxvjMNxEBsKAZhI9FYyIufYM3FEGwhWopW4kkxDIdiG9HcJYpnRFsxCtuJv4nR+JzoIMZiR/GC6CQ6iy7iRdFVtHDdRHcxEXuInmIK9hK9RR/RV0zHquI9nJW9mnhNJIuBYpB4XczDN8QQ8aYYKoaJ4eItMUKMFKPEaDFGjBUpYpwYL94WE8Q7YqKYJCaLKSJVTBXTxLtiupghZor3xCzxvpgt5oi5Yp5IEx+I+WKBSBcfioXiI5EhFonFYolYKpaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Cq2ie3iY7FDfCJ2il1it/hU7BGfib3ic7FPfCH2iy9FpvhKHBBfi4PiG3FIfCsOi+/EEXFUHBPfi+PiB3FCnBSnxGlxRvwozoqfxDnhBUiUQkqpZCBjZDYZK7PLHPIqmVMGF5/da2WcvE7mltfLPDKvzCfzy3hZQBaUWhppJclQFpKFZVTeIIvIG2VReZMsJotLJ0vIBHmzLClvkaXkrbK0vE2WkbfLsrKcLC8ryDtkRXmnhMiFc1SRVWU1WV3eI5PgXllT3idryftlbfmArCMflHXlQ7KefFjWl4/IBvJR2VA+JhvJxrKJbCqbycdlc/mEbCFbylbySdlaPiXbyKdlonxGtpX+4kvkOdlBPi87yhdkJ9lZdpE/yXPSy26yu4QeIHvKl2Uv2Vv2kX1lP/mK7C9flQPkazJZDpSD5OtysHxDDpFvyqFymBwu35Ij5Eg5So6WY+RYmSLHyfHybTlBviMnyklyspwiU+VU2efiTDOl/If5b/9O/oCfz75BbpSb5Ga5RW6V2+R2+bHcIXfInXKn3C13yz1yj9wr98p9cp/cL/fLTJkpD8gD8qA8KA/JQ/KwPCyPyKPytPxeHpc/yBPypDwpT8sz8ow8e/E5AIVKKKmUClSMyqZiVXaVQ12lcqqrVS51jYqoa1Wcuk7lVterPCqvyqfyq3hVQBVUWhllFalQFVKFVVTdgBdfMKqYKq6cKqES1M3/Sr4qom5URdVNv8q/VF/SH9TXTDVTzVVz1UK1UK1UK9VatVZtVBuVqBJVW9VWtVPtVHvVXnVQHVRH1VF1Up1UF9VFdVVdVTfVTSWpJNVTvax6qd6qj+qr+qlXVH/VXw1QA1SySlaD1CA1WA1WQ9QQNVQNVcPVcDVCjVCj1Cg1Ro1RKSpFjVfj1QQ1QU1UE9VkNVmlqlQ1TU1T09V0NVPNVLPULDVbzVZz1VyVptLUfDVfpat0tVAtVBlqkVqklqglaplaplaoFWqVWqXWqDVqnVqnMtRGtVFtVpvVVrVVbVfb1Q61Q+1UO9VutVvtUXvUXrVX7VP71H61X2WqTHVAHVAH1UF1SB1Sh9VhdUQdUcfUMXVcHVcn1Al1Sp1SZ9QZdVadVefUufPLvkAEIlCBCmKCmCA2iA1yBDmCnEHOIFeQK4gEkSAuiAtyB9cHeYK8Qb4gfxAfFAgKBjowgQ3ExaZHgxuCIsGNQdHgpqBYUDxwQYkgIbg5KBncEpQKbg1KB7cFZYLbg7JBuaB8UCG4I6gY3BlUCu4KKgd3B1WCqkG1oHpwT1AjuDeoGdwX1AruD2oHDwR1ggeDusFDQb3g4aB+8EjQIHg0aBg8FjQKGgdNgqZBsz91fu9P5H3CddPddZLuoXvql3Uv3Vv30X11P/2K7q9f1QP0azpZD9SD9Ot6sH5DD9Fv6qF6mB6u39Ij9Eg9So/WY/RYnaLH6fH6bT1Bv6Mn6kl6sp6iU/VUPU2/q6frGXqmfk/P0u/r2XqOnqvn6TT9gZ6vF+h0/aFeqD/SGXqRXqyX6KV6mV6uV+iVepVerdfotXqdXq836I16k96st+itepverj/WO/QneqfepXfrT/Ue/Zneqz/X+/QXer/+Umfqr/QB/bU+qL/Rh/S3+rD+Th/RR/Ux/b0+rn/QJ/RJfUqf1mf0j/qs/kmf0/784v7817tRRpkYE2NiTazJYXKYnCanyWVymYiJmDgTZ3Kb3CaPyWPymXwm3sSbgqagOY8MmUKmkImaqCliipiipqgpZooZZ5xJMAmmpClpSplSprQpbcqYMqasKWvKm/LmDnOHudPcae4yd5m7zd2mqqlqqpvqpoapYWqamqaWqWVqm9qmjqlj6pq6pp6pZ+qb+qaBaWAamoamkWlkmpgmpplpZpqb5qaFaWFamVamtWlt2pg2JtEkmramrWln2pn2pr3pYDqYjqaj6WQ6mS6mi+lquppupptJMkmmp+lpeplepo/pY/qZfqa/6W8GmAEm2SSbQWaQGWwGmyFmiBlqhpnh5xeqZqQZZUZ/O8aMNSkmxYw3480EM8FMNBPNZDPZpJpUM81MM9PNdDPTzDSzzCwz28w2c81ck2bSzHwz36SbdLPQLDQZJsMsNovNUrPULDfLzUqz0qw2q81aWGvWm/Vmo9loNpvNZqvZarab7WaH2WF2mp1mt9lt9pg9Zq/Za/aZfWa/2W8yTaY5YA6Yg+agOWQOmcPmsDlijphj5pg5bo6bE+aEOWVOmTMm78XvS29ibXabw15lc9qrbS57jf37OJ/Nb+NtAVvQapvH5v1VbKy1Re1Ntpgtbp0tYRPszb+Jy9pytrytYO+wFe2dttJv4hr2XlvT3mdr2fttdXvPr+La9gFbxz5q6yIC2Ma2vm1qG9hHbUP7mG1kG9smtqltbZ+ybezTNtE+Y9vaZ38Tz7cL7Eq7yq62a+xOu8uesqftQfuNPWN/tN1sd9vPvmL721ftAPuaTbYDfxMPt2/ZEXakHWVH2zF27G/iyXaKTbVT7TT7rp1uZ/wmTrMf2Fk23c62c+xcO+/n+HxN6fZDu9B+ZDNsAIvtErvULrPL7Yr/X+sSu86utxvsDvuJ3Wy32K12m91+aSFsd9nd9lO7x35mD9iv7T77hd1vD9lM+9XP8fnHd8h+aw/b7+wRe9Qes9/b4/YH9XPuyF4A9kf7vf3JnrPeAiEBSVIUUAxlo1jKTjnoKspJV1MuuoYidC3F0XWUm66nPJSX8lF+iqcCVJA0GbJEFFIhKkxRuoEulVeMipOjEpRAN1NJuoVK0a1Umm6jMnQ7laVyVJ4q0B1Uke6kSnQXVaa7qQpVpWpUne6hGnQv1aT7qBbdT7XpAapDD1Jdeojq0cNUnx6hBvQoNaTHqBE1pibUlJrR49ScnqAW1JJa0ZPUmp6iNvQ0JdIz1JaepXb0N2pPz1EHep460gvUiTpTF3qRutJL1I26UxL1oJ70MvWi3tSH+lI/eoX606s0gF6jZBpIg+h1Gkxv0BB6k4bSMBpOb9EIGkmjaDSNobGUQuNoPL1NE+gdmkiTaDJNoVSaStPoXZpOM2gmvUez6H2aTXNoLs2jNPqA5tMCSqcPaSF9RBm0iBbTElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDt9TDvoE9pJu2g3fUp76DPaS5/TPvqC9tOXlElf0QH6mg7SN3SIvvXd6Ts6QkfpGH1Px+kHOkEn6RSdpjP0I52ln+gceYIQQxHKUIVBGBNmC2PD7GGO8KowZ3h1mCu8JoyE14Zx4XVh7vD6ME+YN8wX5g/jwwJhwVCHJrQhhWFYKCwcRsMbwiLhjWHREMNiYfHQhSXChPDmsGR4S1gqvDUsHd4WlglvD8uG5cJH768Q3hFWDO8MK4V3hZXDu8MqYdWwWlg9vCesEd4b1gzvC2uF94elwgfCOuGDYd3wobBe+HBYP3wkbBA+GjYMHwsbhY3DJmHTsFn4eNg8fCJsEbYMW4VPhq3Dp8I24dNhYvhM2DZ89uf9Dyz44/1JYY+wZ/hy+HLo/X1ybnReNC36QXR+dEE0PfphdGH0o2hGdFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10fXRD1Pvq2cChE0465QIX47K5WJfd5XBXuZzuapfLXeMi7loX565zud31Lo/L6/K5/C7eFXAFnXbGWUcudIVcYRd1N7gi7kZX1N3kirnizrkSLsE1dc1cM9fcPeFauJaulXvSPemeck+5p93T7hnX1j3r2rm/ufbuOdfBPe+edy+4Tq6z6+JedF3duFwX3pNJrqfr6Xq5Xq6P6+P6uX6uv+vvBrgBLtklu0FukBvsBrshbogb6oa64W64G+FGuFFulBvjxrgUl+LGu/FugpvgJrqJbrKb7FJdqpvmprnpbrqrOOPCWWa72W6um+vSXJqb786vGdPdQrfQZbgMt9gtdkvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O9wOt9Nfc2FSt8ftdXvdPrfP7Xdfukz3lTvgvnYH3TfukPvWHXbfuSPuqDvmvnfH3Q/uhDvpTrnT7oz70Z11P7lzzruUyLjI+MjbkQmRdyITI5MikyNTIqmRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF9gc+gL+cI+6m/wRfyNvqi/yRfzxb3zJXyCv9mX9Lf4Uv5WX9rf5sv4231ZX86X94/5Rr6xb+Kb+mb+cd/cP+Fb+Ja+lX/St/ZP+Tb+aZ/on/Ft/bO+nf+bb++f8x38876jf8F38p19F/+i7+pf8t18d5/ke/ie/mXfy/f2fXxf38+/4vv7V/0A/5pP9gP9IP+6H+zf8EP8m36oH+aHx7zlR1y6RIaxPsWP8+P9236Cf8dP9JP8ZD/Fp/qpfpp/10/3M/xM/56f5d/3s/0cP9fP82n+Az/fL/Dp/kO/0H/kM/yiSzeV/XK/wq/0q/xqv8av9ev8er/Bb/Sb/Ga/xW/12/x2/7Hf4T/xO/0uv9t/6vf4z/xe/7nf57/w+/2XPtN/5Q/4r/1B/40/5L/1h/13/og/6o/57/1x/4M/4U/6U/60P+N/9Gf9T/4c/581xhhjjLF/yrjLQ/HrPRdu5/f4nRzxi4N7AsDVW/Jn/nL/+RXl2jwXxr1FfOsIADzTvePDl7YqVZKSki4emyEhKDwH4NLfBJ0XA5fjRdAKnoJEaAklf7f+3qLzGfoH80dvA8jxi5xYuBxfnv9zAEz6nfkff3L4/DLhqbj/Yf45AEULX87JDpfjRdDq5/srLaHUH9Sft/kv64/97fzZv0gBaPGLnJxwOb5cfwI8Ac9C4q+OZIwxxhhjjDHGLugtyre/dP156V98/t71eby6nJMNLsf/6PqcMcYYY4wxxhhjV95znbs8/XhiYsv2//qg0v8q658eNIT/q5l58LsD7wEu/UQBwL85IcD5gfxPPopN/5FzJV986/z9rqWnfQD/Ha38MwZX+IOJMcYYY4wx9qe7vOj/9c/VlSqIMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLgv4Tv07sSj9GxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Er7fwEAAP//nXwDKg==")
mount(0x0, &(0x7f00000002c0)='.\x00', 0x0, 0xc22, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

12m17.395067508s ago: executing program 1 (id=1912):
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000440)='./bus\x00')
r0 = open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)
r1 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
ioctl$FICLONE(r0, 0x40049409, r1)

12m16.819677943s ago: executing program 1 (id=1914):
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

12m13.856502053s ago: executing program 32 (id=1914):
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x4c, 0x2, 0x6, 0x801, 0x0, 0x0, {0x0, 0x0, 0x40}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x4c}}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

12.224854556s ago: executing program 0 (id=4044):
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
open(&(0x7f0000000100)='./file0\x00', 0x440, 0x0)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18, 0x0, 0x0, {0x3b9}}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x0, 0x8004000, 0x7, 0x8, 0x8000, 0x4, 0x0, 0x0, 0x10, 0x5}}, 0x50)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000080), 0x1010412, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x22)
lchown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

11.320852559s ago: executing program 0 (id=4048):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x240540c7, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400))
syz_mount_image$jfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x210004, &(0x7f00000002c0)=ANY=[@ANYBLOB='nointegrity,errors=continue,nodiscard,quota,quota,iocharset=maccenteuro,usrquota,usrquota,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c00aedd58953f0c5af6b9a68b0e78905ba541a4136c1db0c97add6e6185d4e044f01ed179b8404fd065301f8fe76fbf5fe19a9661581c6ad99ac971b3a3b817948e9fbeb0e1e4f6c5c8863869bbe44c8d9fbadeab256dec893e94612eb2c713c963b1a763678d1725d6f7c60d78"], 0x3, 0x62b5, &(0x7f00000069c0)="$eJzs3UuPHFfZB/Cn+jYXv3GsLKK8FkKTxFxCiK/BGAIkWcCCDQvkLbI1mUQWDiDbICey8ESzYcGHACGxRIglKz5AFmzZ8QGwZCOBskqhmjlnXNPpdo/Hma4en99Pmql6+lRNn/K/qy+uqj4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Djc1VEXPlVuuFExP9FP6IXsdLUaxGxsnYiLz+IiBdiuzmej4jhUkSz/vavZyNej4iPj0fcf3Bnvbn5/D778f0//+MPPzn2o7//aXjmv3+51X9j2nK3b//2P3+9+2TbDAAAAKWp67qu0sf8k+nzfa/rTgEAc5Ff/+sk365euHpzwfqjVqvV6iNYt9WT3W0XEbHZXqd5z+BwPAAcMZvxSdddoEPyL9ogIo513QlgoVVdd4BDcf/BnfUq5Vu1Xw/WdtrzuSB78t+sdq/vmDadZfwck3k9vraiH89N6c/KnPqwSHL+vfH8r+y0j9Jyh53/vEzLf7Rz6VNxcv798fzHpPyXt38f6fx7E/MvVc5/sL/8d2z25Q8AAAAAAAss////iY6P/y4dpPMHOIjwqOO/awfpAwAAAAAAAAAsgCcd/2+X8f8AAABgYTWf1Ru/O/7wtmnfxdbcfrmKeGZseaAw6WKZ1a77AQAAAAAAAAAAAAAlGeycw3u5ihhGxDOrq3VdNz9t4/XjetL1j7rStx9K1vWTPAAA7Pj4+Ni1/FXEckRcTt/1N1xdXa3r5ZXVerVeWcrvZ0dLy/VK63Ntnja3LY328YZ4MKqbP7bcWq9t1uflWe3jf6+5r1Hd30fH5qPDwAEgInZeje57RXrK1PWz0fW7HI4G+//Tx/7PfnT9OAUAAAAOX13XdZW+zvtkOubf67pTAMBc5Nf/8eMCarVarVarn766rZ7sbruIiM32Os17BsPxA8ARsxmfdN0FOiT/og0i4oWuOwEstKrrDnAo7j+4s16lfKv260Ea3z2fC7In/81qe728/qTpLOPnmMzr8bUV/XhuSn+en1MfFknOvzee/5Wd9lFa7qD5T8u1q3OMpuXfbOeJDvrTtZx/fzz/MYe9/8/LVvQm5l+qnP/gsfLvyx8AAAAAABZY/v//Ewt1/Hd00M2Z6VHHf9cO7V4BAAAAAAAA4HDdf3BnPV/3mo//f2HCcq7/fDrl/Cv5Fynn3xvL/6tjy/Vb8/fefpj/vx/cWf/jrX/9f57uN/+lPFOlR1aVHhFVuqdqkKZPsnWftTXsj5p7Gla9fnMPa7t//3psxNk9y/bSv0c9fDeubbef29Pe9HS43V73d9rP72kf7Lbn9S/saR+mM53qldx+Otbj53E93tlub9qWZmz/8oz2ekZ7zr9v/y9Szn/Q+mnyX03t1di0ce+j3mf2+/Z00v28de2Lvzl7+Jsz01b0d7etrdm+lzroz/a/ybFR/PLmxo3Tt6/eunXjXKTJnlvPR5p8znL+w/Sz+/z/8k57ft5v76/3Pho9dv6LYisGU/N/uTXfbO8rc+5bF3L+o/ST838ntU/e/49y/tP3/1c76A8AAAAAAAAAAAAAAAA8Sl3X25eIvhURF9P1P11dmwkAzFd+/a+TfPu86v6c70+tPuJ1tWD9mWv9ab1Y/VGrj2LdVk/2ZruIiL+112neM/x60h8DABbZpxHxz647QWfkX7D8fX/N9NSeb/kFnnY3P/jwp1evX9+4cbPrngAAAAAAAAAAB5XH/1xrjf98qq7ru2PL7Rn/9e1Ye9LxPwd5ZneA0SkDVX/OpyRt9Ub9Xmu48RejPT53e4Ti4e7co8b/Hsy4v+GM9tGM9qUZ7csz2ide6NGS83+xNd75qYg4OTb8egnjv46PeV+CnP9Lrcdzk/9XxpZr51///ijn39uT/5lb7//izM0PPnzt2vtX39t4b+NnF86dO3vh4sVLly6deffa9Y2zO7877PHhyvnnsa9z/pQh558zl39Zcv5fSrX8y5Lz/3Kq5V+WnH9+vyf/suT882cf+Zcl5/9KquVflpz/11It/7Lk/F9NtfzLkvP/eqrlX5ac/2upln9Zcv6nUy3/suT8z6R6n/mvHHa/mI+cfz7CZf8vS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzfz3V8i9Lzv8bqZZ/WXL+F1Mt/7Lk/L+ZavmXJed/KdXyL0vO/1upln9Zcv7fTrX8y5LzfyPV8i9Lzv87qZZ/WXL+3021/MuS8/9equVflpz/m6mWf1kefv//os7kS+wXpT9mzJQw0/UzEwAAAAAAAAAAAAAwbh6nE3e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb27jZHjru8APvfoswOJgZA6qSEXx4SQOLmznfiBNsWEx4anEgiFPmC7vrM5cGzHZ5dAI9lRoETCqAjRNrxoCwi1kaoKq+IFrQDlBWpVqRK0L+gbRIWK1KgKKCBVaivIVTvz//9vd29u9863d96d+Xwk++fbnZ35z+x/5/Z35+8OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS75Q2znxrKsqzxJ/9ra5a9qPHvzZNb89tee7VHCAAAAKzVL/K/n78u3XBoBQ9qWuYfX/mdry0sLCxk7x/547HPLyykOyazbGxTluX3RZd/+IGh5mWCJ7KJoeGmr4e7bH6ky/2jXe4f63L/eJf7N3W5f6LL/UsOwBKbi5/H5Cvbmf9za3FIs+uzsfy+nSWPemJo0/Bw/FlObih/zMLY8WwuO5nNZtMtyxfLDuXLf+OWxrbemsVtDTdta3tjhvz0sWNxDEPhGO9s2dbiOqMfvz6b/NlPHzv2l+eeu7Gsdj0MLesrxnn7jsY4PxFuKcY6lG1KxySOc7hpnNtLnpORlnEO5Y9r/Lt9nM+vcJwji8PcUO3P+UQ2nP/7u/lxGm3+sV46TtvDbf9za5ZlFxeH3b7Mkm1lw9mWlluGF5+fiWJGNtbRmEovzUZXNU9vWcE8bdSZna3ztP01EZ//W8LjRpcZQ/PT9OPHx5ue958vXMk8jRp7vdxrpX0O9vq10i9zMM6L7+Y7/WTpHNwZ9v+x25afg6Vzp2QOpv1umoM7us3B4fGRfMzpSRjKH7M4B3e3LD+Sb2kor8/e1nkOTp17+MzU/Mc+ftfcw0dPzJ6YPbV39+7pvfv2HThwYOr43MnZ6eLvKzza/W9LNpxeAzvCsYuvgVe3Lds8VRe+NL7k/Hulr8OJDq/DrW3L9vp1ONq+c0Mb84JcOqeL18Z7Gwd94tJwtsxrLH9+7lj76zDtd9PrcLTpdVj6PaXkdTi6gtdhY5kzd6zsPcto05+yMSz/vWBtc3Br0xxsfz/SPgd7/X6kX+bgRJgX379j+e8F28N4n9y12vcjI0vmYNrdcO5p3JLe708cyEvZvLypccc149n5+dmzdz969Ny5s7uzUDbEy5rmSvt83dK0T9mS+Tq86vl6aO6VT95UcvvWcKwm7mr8NbHsc9VY5p67Oz9X+Xe38uPZcuueLJQe2+jjWfbdvHE8x7PsC99+/MFvPvaFNyx7PBv95iem1v5ePPWlTeffsWXOv7Hvf6HYXlrVEyNjo8XrdyQdnbGW83HrUzWan7uG8m0/P7Wy8/FY+LPR5+PrO5yPt7Ut2+vz8Vj7zsXz8VC3n3asTfvzORHmycnpzufjxjLb9qx2To52PB/fGupQOP6vCZ1C6oua5s5y8zZta3R0LOzXaNxC6zzd27L8WOjNGtt6es+VzdPbby3WNZL2btFGzdPJtmV7PU/Tz76Wm6dD3X76dmXan8+JMC+u39t5njaWeeaetZ87N8d/Np07x7vNwbGR8caYx9IkzM/32cLmOAfvzo5lp7OT2Ux+73g+n4bybe26d2VzcDz82ehz5bYOc/D2tmV7PQfT97Hl5t7Q6NKd74H253MizIun7u08BxvLvHF/b9+73h5uScs0vXdt//nacj/zuqntMK3XXBkN4/z2/s4/m20sc/LAavvMzsfpznDLNSXHqf31u9xraibbmOO0LYzzuQPLH6fGeBrLfP7gCufToSzLLjxyf/7z3vD7lb89/72vtfzepex3Ohceuf8nLz7+D6sZPwCD74WibCm+1zX9Zmolv/8HAAAABkLs+4dDTfT/AAAAUBmx74//KzzR/wMAAEBlxL5/NNSkJv3/tjc+N/fChSwl8xeCeH86DA8Uy8WM63T4enJhUeP2+78y+99/f2Fl2x7OsuznD/xB6fLbHojjKkyGcV5+U+vtS3ztrhVt+8hDF9J2m/PrXwzrj/uz0mlQFsGdzrLsG9d9Jt/O5Acu5fWZB47k9cGLTz7RWOb5g8XX8fHPvqxY/s9C+PfQ8aMtj382HIcfhTr9tvLjER/31Uuv2b7/fYvbi48b2nFtvttPfbBYb/ycnM8+USwfj/Ny4//mp5/+amP5R19VPv4Lw+Xjfzqs9yuh/u8riuWbn4PG1/Fxnwzjb2yvMUPj4+7+8rdKx3/5U8XyZ95cLHck1Lj928PXO9/83Fzz8Xp06GjLfmVvKZaL25/+3h/l98f1xfW3j3/i8KWW49E+P57512I9U23Lx9vjdqK/a9t+Yz3N8zNu/+k/PNJynLtt//KDz76isd727d/ZttyZR+7It7+4vtZPbPrzT36mdHtxPIf+5kzL/hx6d3gdh+0/9cEwH8P9/3e5WF/7pysceXfr+Scu/8WtF1r2J3rrz4rtX37dibxumti85ZoXvfjaizc3jl2WfXdTsb5u2z/xF6dbxv+lG4rjEe+PGf327S8nbv/sR3edOj1/fm4mHdXHrss/O+ftxXjieK8L59b2rw+fPveh2bOT05PTWTZZ3Y/Qu2JfDvUnRbnYeemFJWfQOx4Kz+dNf/qNLbf9y6fj7f/23uL2S28rvm+9Oiz32XD71vD8rW77Sz11yw3563vomTDChaWfF7wW23f+14EVLRj2v/19QZzvZ17+ofw4NO7Lv2/E1/Uax/+DmWI9Xw/HdSF8MvOOGxa317x8/GyES+8pXu9rPn7hNBef178Kz/c7flSsP44r7u8PwvuYb21rPd/F+fH1C8Pt688/xeNiOJ9kF4v741LxeF96/obS4cXPIcku3ph//bm0nhtXtZvLmf/Y/NTJuVPnH506Nzt/bmr+Yx8//PDp86fOHc4/y/Pwh7s9fvH8tCU/P83M7rsny89Wp4uyzq72+M88dGxm//RtM7PHj54/fu6hM7NnTxybnz82OzN/29Hjx2c/2u3xczP37d5zcO/+PbtOzM3cd+Dgwb0Hd82dOt0YRjGoLvZNf2TXqbOH84fM33fPwd333nvP9K6HT8/M3rd/enrX+W6Pz7837Wo8+vd3nZ09efTc3MOzu+bnPj573+6D+/bt6fppgA+fOT4/OXX2/Kmp8/OzZ6eKfZk8l9/c+N7X7fFU0/y/F+9n2w0VH8SXvevOfenzWRu+8viyqyoWafsA0efCZ9H800vOHFjJ17HvHws1qUn/DwAAAHUQ+/7xUBP9PwAAAFRG7Ps3hZro/wEAAKAyYt8/EWpSk/6/cvn/bRdWtH35/8HL/2fy//L/bftzxfn/9/Rb/r84X8j/98Za8/fy/4H8v/y//L/8v/w/PdBv+f/Y92/Oslr2/wAAAFAHse/fEmqi/wcAAIDKiH3/NaEm+n8AAACojNj3vyjUpCb9v/y//L/8v/y//H/59leR/9+UrYD8/8aQ/++s5vn/4a4DkP+fyuqV/7/Yy/HXN/9f9FDy/5Tpt/x/7PtfHGpSk/4fAAAAKuU/y2+Off+1oSb6fwAAAKiM2PdfF2qi/wcAAIDKiH3/1lCTmvT/8v/y//L/8v/y/+Xbd/3/wST/31nN8//dyf+7/r/8v+v/01P9lv+Pff9LQk1q0v8DAABAHcS+/6WhJvp/AAAA6D+jV/aw2Pe/LNRkSf9/hRsAAAAArrrY91+ftQXBa/L7f/l/+X/5f/l/+f/y7a88/z+Syf/3D/n/zuT/u5D/l/+X/5f/p6f6Lf+f9/3ZRPbyUJOa9P8AAABQB7HvvyHURP8PAAAAlRH7/l8KNdH/AwAAQGXEvn9bqElN+n/5/0rm/xtPk/y//P+y269A/j8/WfdP/n9dr/8/GwKb8v8rJP/fmfx/F/L/8v/y//L/9FS/5f9j339jqElN+n8AAACog9j33xRqov8HAACAyoh9/y+Hmuj/AQAAoDJi37891KQm/b/8f5/n/2Ny1PX/5f8X8/+PyP8XapL/d/3/VZL/70z+vwv5f/l/+X/5f3qq3/L/se9/RahJTfp/AAAAqIPY978y1ET/DwAAAJUR+/6bQ030/wAAAFAZse+fDDWpSf8v/9/n+f8ru/6//H+18/+ruv7/zfL/8v81I//fmfx/F/L/8v/y//L/9FS/5f9j339LqElN+n8AAACog9j37wg10f8DAABAZcS+/9ZQE/0/AAAAVEbs+3eGmtSk/5f/l/+X/692/r9s+/L/8v9VJv/fmfx/F/L/8v/y//L/9FS/5f9j3/+qUJOa9P8AAABQB7Hvvy3URP8PAAAAlRH7/leHmuj/AQAAoDJi3397qElN+n/5f/l/+X/5/5rn/y/I/1eL/H9n8v9dyP/3Ij//Dvl/+X/5f6J+y//Hvv81oSY16f8BAACgDmLff0eoif4fAAAAKiP2/XeGmuj/AQAAoDJi378r1KQm/b/8v/y//L/8f83z/67/XzF9kP+fWMv25f/l/yuQ/3f9f/l/+X+Sq5X/z7Ly/H/s++8KNalJ/w8AAAB1EPv+u0NN9P8AAAAwgDaX3hr7/qlQE/0/AAAAVEbs+6dDTWrS/8v/y//L/9c6/39x1fn/mxfXK/9fkP/vL+uW/x/OXP9f/l/+v4tBy/+3/3awP/L/Y/L/VMoV5f+/Wrqqnlz/P/b9u0NNatL/AwAAQB3Evn9PqIn+HwAAACoj9v17Q030/wAAAFAZse+/J9SkJv2//P/G5f9HM/l/+f++y/+7/r/8f+X0wfX/17T9wcv/x12U/5f/H7z8f6/H7/r/8v8sdUX5/3I9yf/Hvv/eUJOa9P8AAABQB7Hv3xdqov8HAACAyoh9//5QE/0/AAAAVEbs+w+EmtSk/5f/d/1/+X/5f/n/8u3L/w8m+f/OXP+/C/l/+X/5f/l/eqrf8v+x7z8YalKT/h8AAADqIPb9rw010f8DAABAZcS+/1dCTfT/AAAAUBmx7//VUJOa9P/y//L/8v/y//L/5duX/x9M8v+dyf93If8v/y//L/9PT/Vb/j/2/feFmtSk/wcAAIA6iH3/r4Wa6P8BAACgMmLf/7pQE/0/AAAAVEbs+w+FmtSk/5f/X2H+f3Pn9cn/t45f/r98fsj/y//L/68/+f/O5P+7kP+X/69g/v9x+X+uon7L/8e+//WhJjXp/wEAAKAOYt9/f6iJ/h8AAAAqI/b9bwg10f8DAABAZcS+/42hJjXp/+X/Xf9f/l/+X/6/fPvy/4NJ/r8z+f8u5P/l/yuY/9+A6/+Phyr/zxIrzf/H91Xrnf+Pff+bQk1q0v8DAABAHcS+/82hJvp/AAAAqIzY978l1ET/DwAAAJUR+/63hprUpP+X/5f/l/+X/5f/L9++/P9gkv/vTP6/C/l/+f8Byf9/r+TxVzH/n3P9f8r02/X/Y9//66EmNen/AQAAoA5i3/9AqIn+HwAAACoj9v1vCzXR/wMAAEBlxL7/7aEmNen/e5f/H5f/byP/L//fPj/k/+X/5f/Xn/x/ZwOW///FteF2+f+C/P86jX/yc8WBH6D8f5nS/P8Pl8v/L2xqf7z8P+uh3/L/se9/R6hJTfp/AAAAqIPY978z1ET/DwAAAJUR+/53hZro/wEAAGDwLRTxgdj3/0aoSU36f9f/b4xjMb28zvn/v5b/l/+X/5f/l/9fX/L/nQ1Y/t/1/9vI//f3+Psy/+/6/1xl/Zb/j33/u0NNatL/AwAAQB3Evv/BUBP9PwAAAFRG7PvfE2qi/wcAAIDKiH3/e0NNatL/y/+7/r/8/4Dn/yezLJP/l/8nkf/vTP6/C/l/+f9+y///h/w/g63f8v+x738o1KQm/T8AAADUQez73xdqov8HAACAyoh9/2+Gmuj/AQAAoDJi3//+UJOa9P/y/4OS/5+U/5f/d/3/tv2R/5f/LyP/39nG5/9X94ZK/l/+f5DH7/r/8v8s1W/5/9j3fyDUZOXfriZWvCQAAABwVcS+/7dCTWry+38AAACog9j3/3aoif4fAAAAKiP2/b8TalKT/l/+f1Dy/67/n8n/y/+37Y/8v/x/mY3L/8czj/y/6//L/0fy//L/8v+067f8f+z7fzfUpCb9PwAAANRB7Ps/GGqi/wcAAICBUPZ/stvFvv9wqEn3/n/V/6cPAAAAuDpi338k1KQmv/+X/5f/l//v0/z/n+z45+9/551Hdsv/y//L/6/Khl7/v/Hid/1/+X/5/0T+X/6/NP+/Sf6/ztYh/z/WfONq8/+x7z8aalKT/h8AAADqIPb9vxdqov8HAACAyoh9/7FQE/0/AAAAVEbs+2dCTWrS/8v/y//L//dp/n+V1/8fCtvph/x/PB7y/616lv+PJ135/1Ibmv9/32JOXP5/tfn/8dJb5f9XnP/P37jJ//fX+OX/Xf+fpXqV/x9ZzP+3WG3+P/b9s6EmNen/AQAAoA5C3z98vKiLd+j/AQAAoDJi338i1ET/DwAAAJUR+/4PhZrUpP+X/5f/l/+vRv7f9f8Xl698/t/1/zuS/++sf/L/5eT/Xf9/kMcv/y//z1LrcP3/FqvN/8e+fy7UpCb9PwAAANRB7Ps/HGqi/wcAAIDKiH3/R0JN9P8AAABQGbHvPxlq8v/s3dmT5fVZx/HT2FPMFBeWVVZ54YXcW/4FXMC1/gFeeOONVZRV4gLuC4P7ivuGC7ivuIAibriCCmpCQvaQlSRkTwhJCElqUsw8zzOnu0//Tvf06enf+T6v10UeGTM5nXGcySfDu75N9r/+X/+v/9f/6/9Xf/7l/n/36r+u/n876P+n6f/X0P/r//X/+n82am79f+7+b4pbmux/AAAA6CB3/x1xi/0PAAAAw8jd/81xi/0PAAAAw8jd/y1xS5P9r//X/w/b/9+q/z/s8/X/3v8fmf5/mv5/jS3q/7/0vP5/bl+//l//z0Fz6/9z939r3NJk/wMAAEAHufu/LW6x/wEAAGAYufvvjFvsfwAAABhG7v674pYm+39f/7+z6Nn/Z8ar/x+p//f+/6Gfr//X/4/s+vb/97zyK5/+X//v/f+g/9f/6//Zb279f+7+b49bmux/AAAA6CB3/3fELfY/AAAADCN3/3fGLfY/AAAADCN3/3fFLU32/8ne/98dpf8vG+j/d7JF1//r//f//ND/6//1/6fP+//TOvX/dz5z0x0vPPLljx7n8/X/+n/9v/6fzZpb/5+7/7vjlib7HwAAADrI3f89cYv9DwAAAMPI3f+9cYv9DwAAAEN4/qsWtfu/L25psv9P1v8P8/5/8f6//v/yN+j/9f/6/62l/5/Wqf+/ls/X/+v/r+Hrr98G9f/6fw6aW/+fu//745Ym+x8AAAA6yN3/A3GL/Q8AAADDyN1/d9xi/wMAAMAwcvdfjFua7H/9/+n3/5/X/299/39uof+/Qv+v/58//f80/f8a+n/9v/f/9f9s1Nz6/9z998QtTfY/AAAAdJC7/wfjFvsfAAAAhpG7/4fiFvsfAAAAhpG7/4fjlib7X//v/X/9v/f/9f+rP1//v530/9P0/2vo/0/az5/T/+v/9f8sO2b///LEL9sb6f9z9/9I3NJk/wMAAEAHuft/NG6x/wEAAGAYuft/LG6x/wEAAGAYuft/PG5psv/1//p//b/+X/+/+vP1/9tJ/z9tNv3/zu7Kb9b/b33/7/1//b/+nz3m9v5/7v6fiFua7H8AAADoIHf/T8Yt9j8AAAAMI3f/T8Ut9j8AAAAMI3f/T8ctTfa//l//r//X/+v/V3/+VP//6NLXp/+fl432/zv6f+//6//1//p//T8nMbf+P3f/z8QtTfY/AAAAdJC7/964xf4HAACAYeTu/9m4ZWn/7/97UQEAAIDtkrv/5+KWJn/+v7r/v/q/1/8fzXXq/3f1//r/K//3vvKvqP+f7P9v8/5/T97/n7a+/89fUfX/+n/9/0b6/8XOKP3/hXXfX//PKnPr/3P3/3zc0mT/AwAAQAe5+38hbrH/AQAAYBi5+38xbrH/AQAAYBi5+38pbmmy/73/v1X9v/f/e/X/D5zz/v9lc3z/f3Hd+/9d/f8R6f+nef9/Df2//t/7/97/Z6Pm1v/n7v/luKXJ/gcAAIAOcvf/Stxi/wMAAMB2WP57Bw55xD93/6/GLfY/AAAADCN3/6/FLU32/+D9/62H/dP0//r/5R+vmfb/h77/r/+/olf/7/3/o9L/T9P/r6H/P41+fnew/v/+w77/HPr/u/X/zMye/v+xq99+Vv1/7v5fj1ua7H8AAADoIHf/fXGL/Q8AAADDyN3/G3GL/Q8AAADDyN3/m3FLk/1/6v3/hcM/2/v/+n/9v/5f/6//3zT9/zT9/xr7+/9X/qOh/t/7/97/1/9zzfb0/0vOqv/P3f9bcUuT/Q8AAAAd5O7/7bjF/gcAAIBh5O6/P26x/wEAAGAYufsfiFua7P/B3/8/lP5f/7/846X/1/+v+nz9/3bS/0/T/6/h/X/9/1n0//ETQP/PiObW/+fu/524pcn+BwAAgA5y9/9u3GL/AwAAwDBy9/9e3GL/AwAAwDBy9/9+3NJk/+v/T7f/z2/X/+v/F/p//b/+/7po2//vrPqd6KBD+v+nbr/4NXu/Rf+v/x+y/3/uVL9+7//r/zloFv3/pav/6TJ3/x/ELU32PwAAAHSQu/8P4xb7HwAAAIaRu/+P4hb7HwAAAIaRu/+P45Ym+3+p/8/kQv/v/X/9v/5f/6//31pt+/8j8v7/tJfi36/+f9T+/3S/fv2//p+DZtH/L/117v4/iVua7H8AAADoIHf/n8Yt9j8AAAAMI3f/n8Ut9j8AAAAMI3f/n8ctTfa/9/979P83LvT/+n/9v/6/B/3/NP3/Gt7/1//r//X/bNTc+v/c/Q/GLU32PwAAAHSQu/8v4hb7HwAAAIaRu/8v4xb7HwAAAIaRu/+v4pYm+1//f0j/vxir//f+v/5/of/X/zeh/5921v3/qt8vl12X/v+hiS9gVf9/6Ub9/5b3/+eP+P31//p/Nm9u/X/u/r+OW5rsfwAAAOggd/9DcYv9DwAAAMPI3f9w3GL/AwAAwDBy9/9N3NJk/+v/e7z/r//X/y/0//r/JvT/01b3/zcc/Cbv/3v/f6D+3/v/+n/Oztz6/9z9fxu3NNn/AAAA0EHu/kfiFvsfAAAAhpG7/+/iFvsfAAAAhpG7/9G4pcn+1//r//X/+n/9/+rP1/9vp9Pr/xcD9/8r6P/1//p//b/+nw2YW/+fu//v45Ym+x8AAAA6yN3/D3GL/Q8AAADDyN3/j3GL/Q8AAADDyN3/T3FLk/1/Vv3/bfp//b/+X/+v/68fVf3/5nj/f5r+fw39v/5f/6//Z6Pm1v/n7v/nuKXJ/gcAAIAOcvc/FrfY/wAAADCM3P3/ErfY/wAAADCM3P3/Grc02f/e/9f/7+3/F4uZ9//5/6T6f/3/CP3/+YX+f+P0/9P0/2vo/8fs/29YDNT/Xzj0++v/maO59f+5+/8tbmmy/wEAAKCD3P3/HrfY/wAAADCM3P3/EbfY/wAAADCM3P3/Gbc02f/6f/2/9//H6f8ff3H1z0f9/2z7//pR1f9vjv5/mv5/Df3/mP2/9//1/5yZufX/ufsfj1ua7H8AAADoIHf/E/v/DNX+BwAAgGE8cfkfzy/+K26x/wEAAGAYufv/O25psv/1//p//f84/b/3/6/Q//d2Rv3/zqY+X/+v/9f/b+/Xr//X/3PQ3Pr/3P3/E7c02f8AAADQQe7+J+MW+x8AAACGkbv/qbjF/gcAAIBh5O7/37ilyf7X/+v/9f/b2f+f1/8P3//nV6b/P565vP9/yy1f/bT+X/+v/9f/6//1/93Nrf/P3f9/cUuT/Q8AAAAd5O7//7jF/gcAAIBh5O5/Vdxi/wMAAMAwcve/Om5psv8P9v/nFlcK1StW9f/RqOn/l+j/9379+v/VPz+8/6//9/7/6ZtL/+/9/2v7+ufW/9+l/9f/n1b/f/PB76//Z0Rz6/9z9z8dtzTZ/wAAANBB7v7XxC32PwAAAMzYqr8T+3C5+18bt9j/AAAAMIzc/c/ELU32v/f/9f/6f/2//n/156/r/5P+f170/9P0/2t4/1//3+j9//j9r36dqv7/i/T/bM7c+v/c/a+LW5rsfwAAAOggd//r4xb7HwAAAIaRu/8NcYv9DwAAAMPI3f/GuKXJ/tf/b7T/313+Nv2//n/fzw/9/2D9v/f/50n/P03/v4b+X//fqP/fz/v/nIa59f+5+98UtzTZ/wAAANBB7v43xy1H2v8XTumrAgAAADYpd/9b4hZ//g8AAADDyN3/1rilyf6fa/9/93b2/3vo/+fS/3+9/n/f5+v/9f8j0//n7+ir6f/X0P8ft59/afkv9P/6f/0/+82t/8/d/2zc0mT/AwAAQAe5+98Wt9j/AAAAMIzc/W+PW+x/AAAAGEbu/nfELU32/1z7/y19/3+POfb/O4uO/b/3/y//9c6O/l//34L+f5r+f43N9v/3NOj/99D/6//1/+w3t/4/d/8745Ym+x8AAAC21dd+5Tc+e9R/bu7+d8Ut9j8AAAAMI3f/u+MW+x8AAACGkbv/ubilyf7X//fq/3u+/6//9/6//r8T/f80/f8a3v/X/+v/9f9s1Nz6/9z974lblobf7rH/XQIAAABzkrv/vXFLkz//BwAAgA5y978vbjmw/y8d8e9qBwAAAOYmd//zcUuTP/8/cf+/2NH/n2b/v9D/6//1//p//f9x6P+nnbD/v7Sj/9f/T9D/6//1/yy7MMP+P3f/++OWJvsfAAAABrXnv1HI3f+BuMX+BwAAgGHk7v9g3GL/AwAAwDBy938obmmy/73/P/P+/5re/79Q/5P+v3n/f+/5lZ+v/9f/j0z/f6gvidvp/f9LX6z/P5az7ue3/evX/+v/OWhu/X/u/g/HLU32PwAAAHSQu/8jcYv9DwAAAMPI3f/RuMX+BwAAgGHk7v9Y3NJk/+v/R+z/vf+v/5/+/HH6/y+76eKTX/cNDz+o/+eq69n/58+FLen/Lzvh+//b1v8f5/Pvu/yP+n/9v/7/2P3/zXH1/6wyt/4/d//H45Ym+x8AAAA6yN3/Qtxi/wMAAMAwcvd/Im6x/wEAAGAYuftfjFua7P+t6v+/Qv8/cv+fP9Zn0P9f3L7+P5vi7v2/9//1/wd5/3+a/n8N/b/+X//v/X82am79f+7+T8YtTfY/AAAAdJC7/1Nxi/0PAAAAw8jd/+m4xf4HAACAYeTufyluabL/t6r/9/7/0P1/upb+Pz/f+//6/4X+vz39/5Ldg9+k/19D/6//1//r/9moufX/ufs/E7c02f8AAADQQe7+l+MW+x8AAACGkbv/s3GL/Q8AAADDyN3/ubilyf7X/+v/R+j/T/j+/9n0/6/8cqP/1//r/zdO/z9N/7+G/l//377/v13/z0bNrf/P3f+FAAAA//9/pV3V")
chmod(&(0x7f00000021c0)='./file1\x00', 0x2b)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
syncfs(r1)

10.684353515s ago: executing program 5 (id=4050):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c646174615f666c7573682c66617374626f6f742c6a71666d743d76667376312c6e6f696e6c696e655f64656e7472792c7573726a71756f74613d66326673002c00ff371013587045d0d273e856ce75c2b11120ece6d6a76856a2cdd8c835ef14aa3aea583b7f3affd12ff9abc9b21098874a75607f009920ad1a283ce7b8b528e239692ab156e30dd8365f708e6c98cfcd0b30d5304dd70f87da026e2d4e4df1ad07ba72683f43d76541d455d1fa118f0900000009fe28bfded255e7c5806f05b80ec0e186b4f72759eb096a1fe6793e734fe61555f01ff9f23bc11370aa247215e8f1410ea4728bb2a2c2d20bc5e61b0a4c7ddb25da21c75f35f711581d1f5b8db3be07c80000000000000000"], 0x1, 0x54f4, &(0x7f0000005600)="$eJzs3M1rI2UYAPBn2u1+uxbx4G0HFqGFTdj0Y9Fb1V38wC7Fj4MnTZM0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJmZ6tYvhKaNtb8fTJ6ZN2+eed5QCs9MmADOrfn0px+SuBFXImI2Iq5H5PtJueXWivBMRNyMiJnHtqQc/23gYkRcjYgb4+RFzqR865Pbo1ur37/245dfX7pw7dMvvpneqoFpezYietvF/l6viFm7iA/L8fqok8feyqiMxRu9R+VxVsS91maeYa9+OK+ex+V2MT/b3h2MY5LUG+PY7mzl49v94oSDUfswT/6Bh/Wd/LjZ2sxjZ5DlsX1Q1LV/UPxvOxgMizzNMt/7efoYDg9jMd7abxXr2X6Ux0Z/WI4XebNma38cR2UsTxeNrNvM69g8zjf93/Z6p7+7n45aO4NO1k9Xq7XnqrW7ldpO1mwNWyuVeq95dyVdaHfH0yrDVr231s6ydrdVbWS9xXSh3WhUarV04V5rs1Pvp7Vadbl6p7K6WO7dTl9+8HbabaYL4/hip7877HQH6Va2kxafWEyXqsvPL6a3aumb6xvpxhv3769vvPXuvXcevLD+6kvlpD+VlS4s3VlaqtTuVJZqi+do/R+WRU9w/XAsybQLADh79P/ANEyj/9/qTq7/D/3/RJyp/ve89/8nsH44Fv0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC59e3cZ6/kO/PF8bVy/ImIm+Ohp8rjJCJmIuKXvzAbF4/knC3zzP3N/Lk/1PBVEnmG8TkuldvViFgrt5+fPOlvAQAAAP6/Pv/g5sdFt168zE+7IE5TcdFm5vp7E8qXRMTc/HcTyjYzfnl6Qsnyv+8LsT+hbPkFrMsTSlZccrswqWz/yuyRcPmxkBRh5lTLAQAATsXRTuB0uxAAAABO00fTLoDpSOLwVubhveD8l/e/3xC8cuQIAAAAOIOSaRcAAAAAnLi8//+H5/+F5/8BAADA2Vc8/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiVnfvJSR2K4gB8Wuh7vD9GYpy7FWewDJfg0KFhAW6CJeAW3ABrwJlLMGBoS7QGE5PetpF8X9JebkN+nBIm515SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJzsZo/3l89tM3Z7tpJczcAAADAMZtiNS9fTKv5v/r6WX3pop5nEZFHxLHefRS/GpmjOqf44v3FpxqeIsqE/Wf8ro+/EXFdH6/nXX8LAAAAcLrWi+Ws6tar03ToguhTtWiT/79JlJdFRDF9SZSW70+XicLK3/c47hKllQtYk0Rh1ZLbOFXat4waw+TDkFVD3ms5AABAL5qdQL9dCAAAAH26HboAhpHFYSvzsBdc/vP+fUPwT2MGAAAA/EDZ0AUAAAAAnSv7f8//AwAAgNNWPf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALm2K1Xy9WM7a5mx37aS5GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgjf15R4EQCIMw2Lu+M5n7H1YaNDU1qQLh428MBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu7nNY4qDgD4d2Z2trYqxig5RETBg17sdlNbe/WgBA/+CUJItzW69Ueagy1FyMWb5NyL6FFEUOKt/0PPLfRSbz3soYJnZWZnmmkacLV0Zpt8PvD2fWcY5n3fJIR8570EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2eW8vzoqPhWmcVudu3b+2XvS39/WFGzt3lotWxEmbST8dXm0eJEvdJQIAAMDRkdX1fUTczXdXiz5dKOv/vL6mqPl/eH4a1/X8/rq/7uvav2i//3bv5QcDLUzHKW56YWM8OvVoKr0nN8v59sK/XtErn3z57iUrvyDph9svTfLyeSbf3bz5fr8Mj7WRLQDwf5ys+yqofx8q+mGXiQFwZPQahXdd/2cL3eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IbJdjxbx0lELPf24sLt+9fWD+pv7NxZrtvZ69d3mvcsbpFHxIWN8ehUi3OZd5evXP1sbTwebbYfvBYR3Y1eBR/PcE1ElxkKHjdIq+/1ecnn6Qg6/sEEAMChk1etqOvv5rurxblkMeLvHx+u/99sxDFj/X/vk7O3mmM16/9hazOcf4OtS18OLl+5+vbGpbWLo4ujz99ZGb47PH3uzJlzg/JdycAbEwAAAB5PP4no76v/08VH1/9PNOKYsf7/6vvhN82xMvX/gfYW/brOBAAA4Gh78fW//kwOOJ/0+/H12tbW5nD6WR3H5kp5vNJBqv/Zsao16/9sseusAAAAgDZMtpOH1v/PN+KYcf3/uZ9e+aV5zywijlfr/yfXvxifb286c62NPyfueo4AAAB063jVmuv/ebn/P32w5SGNiLfemMbVvwGcqf7PPvj25+ZYzf3/p9ub4lxKl6bPo+yXInpLXWcEAADAYfZM1Ypi/498d/XTX0981Lf/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBt/wQAAP//K8ZAQg==")
writev(0xffffffffffffffff, 0x0, 0x0)
quotactl$Q_QUOTAOFF(0xffffffff80000300, &(0x7f0000000300)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
r0 = open(&(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x141642, 0x40)
pwrite64(r0, &(0x7f0000000940)='2', 0x1, 0x8000c61)

10.356828774s ago: executing program 2 (id=4052):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r5, 0xc4c85513, &(0x7f0000000540)={{0xb, 0x6, 0x0, 0x2, 'syz0\x00', 0x281d}, 0x0, [0x1, 0x4ea3, 0x9, 0x56cd, 0x5, 0x6, 0x0, 0x80000001, 0x201, 0x1, 0x3fb, 0x1, 0x9, 0x7, 0x4, 0x10000, 0x43, 0x49b5e351, 0xfffffffffffffffc, 0xe8de, 0xfffffffffffffff9, 0x9, 0x1ff, 0x9, 0x1, 0x8, 0x80000000, 0x4, 0x2, 0x8000, 0x8, 0xa36, 0x57bf4b04, 0x4, 0x40000000000001, 0x6, 0x8, 0x100000000, 0x8, 0x7ff, 0x6, 0x401, 0x5, 0x1, 0x1ff, 0x10000, 0x2, 0xb7, 0x0, 0x5, 0xbe5, 0xa0000000000, 0x0, 0x1, 0x8, 0x8000000000000000, 0xd3d, 0xbbeb, 0x1, 0x6, 0x4, 0x6, 0x8001, 0x3, 0x1, 0x8000000000ec7, 0x646, 0xc58e, 0x3, 0x11ad, 0x0, 0x6, 0x8000, 0x100080, 0x7f, 0x9, 0x1, 0x5, 0x8000000000000000, 0x4, 0x7, 0xa5, 0x1b13, 0x4, 0x85, 0x8, 0x4, 0xf75, 0x9, 0xb, 0xffffffffffff66e3, 0xfffffffffffffff9, 0x851a, 0x5e997b8e, 0x0, 0x7, 0xffffffffffffffff, 0x3, 0x800000100, 0x4, 0x3ff, 0x6, 0x0, 0xffffffffffffff95, 0xa, 0x108000001, 0xcc7e, 0x8, 0x0, 0x6, 0x6, 0xfffffffffffffd96, 0x3f3, 0x1, 0x4, 0x0, 0x7, 0x5, 0x6, 0x1, 0xe1, 0xec2, 0x1, 0x5, 0xfff, 0x0, 0x80]})
sendmmsg$inet6(r4, &(0x7f0000002440)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x1, @remote, 0x8c}, 0x1c, 0x0, 0x0, &(0x7f00000002c0)=[@tclass={{0x14, 0x29, 0x37, 0x9ee}}], 0x18}}], 0x1, 0x80)

6.629374054s ago: executing program 0 (id=4054):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$dri(0x0, 0x1, 0x8000)
socket$nl_netfilter(0x10, 0x3, 0xc)
mount$fuse(0x0, 0x0, 0x0, 0x1010, 0xfffffffffffffffc)

6.629125391s ago: executing program 5 (id=4055):
r0 = syz_open_dev$sndctrl(&(0x7f0000004e80), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc0505510, &(0x7f0000000140)={0x0, 0x400000000000257, 0x7, 0xfffbffff, &(0x7f0000001600)})

6.628950279s ago: executing program 2 (id=4056):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x1003, 0x22000005)

6.207682513s ago: executing program 3 (id=4058):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={{0x14}, [@NFT_MSG_NEWSETELEM={0x18, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x40}}, 0x0)

6.156646617s ago: executing program 2 (id=4059):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
read$rfkill(r0, &(0x7f0000000040), 0x8)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
setsockopt$ax25_int(r1, 0x101, 0x7, &(0x7f0000000040)=0x645, 0x4)
setsockopt$ax25_int(r1, 0x101, 0x1, &(0x7f0000000080)=0xc, 0x4)

6.104913441s ago: executing program 5 (id=4060):
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f00000003c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_GET_SERVICE(r1, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002280)={&(0x7f0000000040)={0x14, r0, 0x1, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x12)

5.594067641s ago: executing program 2 (id=4061):
syz_mount_image$bfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x1, 0x89, &(0x7f0000000180)="$eJzs0qENAjEABdDPrYFgA3a4UQgSHAqCun1YhRHYAIHFQJoWQT0hubyX/Ca/31T0+rwsMyWrKXl1DsfTbrOvZ5ilIcnYUv5A6fexbou23x7n7Sf/fi8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MKQdd+/Lt4BAAD//9+0I9A=")
socket$inet6_sctp(0xa, 0x801, 0x84)
timer_create(0x3, 0x0, 0x0)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0xd, &(0x7f00000008c0), 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x12141, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$vcsn(&(0x7f0000000180), 0x0, 0x26642)
fsetxattr$security_capability(r3, &(0x7f0000000280), &(0x7f0000000380)=@v3={0x3000000, [{0x5, 0x82}, {0x80000000, 0xffffaf0a}]}, 0x18, 0x0)
write$P9_RLERRORu(r3, &(0x7f0000000200)=ANY=[], 0xe)

5.585929044s ago: executing program 3 (id=4062):
syz_usb_connect(0x1, 0x3d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

5.528671097s ago: executing program 5 (id=4063):
r0 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000180)={@local, 0x10000, 0x0, 0x1, 0x1, 0x0, 0x2}, 0x20)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x80000, @loopback}, 0x1c)

5.086104698s ago: executing program 5 (id=4065):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9e, 0x17, 0x36, 0x10, 0x17ef, 0x721e, 0xde06, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6}}]}}]}}, 0x0)
add_key(0x0, 0x0, &(0x7f0000000200)="035eb6c4c7e9a1c4f55d88ec26", 0xd, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000006c0)={0x24, &(0x7f0000000080)={0x0, 0x0, 0x4, "a7212277"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4.569600897s ago: executing program 0 (id=4066):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000018dfde1035121000822953050a0109021200010000000009040001"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

4.013993064s ago: executing program 4 (id=4067):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_emit_ethernet(0x26, &(0x7f0000000040)={@local, @link_local, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x89, 0x0, @dev, @local}, "5613e798"}}}}, 0x0)

3.847379977s ago: executing program 2 (id=4068):
r0 = syz_usb_connect(0x3, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12011f00abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x200401, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
r1 = syz_open_dev$usbfs(0x0, 0x76, 0x109301)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='host1x_channel_submit\x00', r3, 0x0, 0x1}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$USBDEVFS_CLEAR_HALT(r1, 0x80045503, &(0x7f00000000c0)={0x1, 0x1})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000b00)={0x34, &(0x7f0000000140)=ANY=[@ANYBLOB="9a16c57a59a732a69aa1e7000000000053a8bfa99e000008ce39f31336abdb04454167f278ef230d93027a0076b8b261d46a18a10f9d97f6875adc1ae2d697b0d9711ee60400c5db037dd4e2e76302ab0183cca28154"], 0x0, 0x0, 0x0, 0x0, 0x0})

3.731797968s ago: executing program 4 (id=4069):
rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./bus\x00')

3.482185579s ago: executing program 4 (id=4070):
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x0)
userfaultfd(0x80001)
syz_open_dev$radio(&(0x7f0000000100), 0x2, 0x2)
shutdown(0xffffffffffffffff, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x101121)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f00000000c0)={0xf0f041})

2.925027522s ago: executing program 3 (id=4071):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
unshare(0x20000400)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)

2.924835598s ago: executing program 4 (id=4072):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x80000, 0x1}}, 0x40)

2.718464437s ago: executing program 3 (id=4073):
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0xb, &(0x7f0000000040)=0x3, 0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x9)
syz_open_dev$cec(&(0x7f00000001c0), 0x0, 0x80200)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x8200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000180), 0x14d802, 0x0)
r2 = dup(r1)
r3 = open(&(0x7f0000000240)='./file1\x00', 0x183142, 0x2f)
ftruncate(r3, 0x2007ffc)
sendfile(r2, r3, 0x0, 0x800000009)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x1a, &(0x7f0000000240)={0x1, 'veth0_to_team\x00'}, 0x18)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18)
modify_ldt$read_default(0x2, &(0x7f0000000400)=""/78, 0x4e)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r5, 0x0)
close(0x3)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, &(0x7f0000000480)={0x27, 0x5, 0x5, 0xff}, 0x10)

2.515981493s ago: executing program 4 (id=4074):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_opts(r1, 0x29, 0x4d, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0x8)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x1d, &(0x7f0000000040)=0xffff, 0x4)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0xffff, 0x0, @mcast2, 0x9}, 0x1c)
recvmmsg(r1, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000040c0)=""/17, 0x11}, 0x1}], 0x1, 0x58a, 0x0)

2.013248517s ago: executing program 5 (id=4075):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='attr/current\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = accept$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x0)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f0000000240)=0xa, 0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$igmp(0x2, 0x3, 0x2)
preadv(0xffffffffffffffff, &(0x7f00000013c0), 0x0, 0x15f, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, 0x0, 0x4000084)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
writev(r0, &(0x7f00000015c0)=[{&(0x7f00000000c0)='w', 0x1}], 0x1)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)

1.924694094s ago: executing program 0 (id=4076):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={0x0}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
r1 = openat$cgroup_type(r0, &(0x7f0000000300), 0x2, 0x0)
write$cgroup_type(r1, &(0x7f0000000280), 0x9)
r2 = openat$cgroup_procs(r0, &(0x7f00000002c0)='cgroup.threads\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000080), 0x12)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_ro(r3, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000200)=0x1, 0x12)
write$cgroup_int(r4, &(0x7f00000000c0), 0x12)

1.38279006s ago: executing program 3 (id=4077):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$RDS_GET_MR(0xffffffffffffffff, 0x114, 0x2, 0x0, 0x0)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000140)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x64010102, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x6, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x3d, 0xfff6, 0x65, 0x5, 0x5, 0x4, 0x3, @rand_addr=0x64010102, @local}}}}}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f00000001c0)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x20, 0xdc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x67, 0x5}}}}}, 0x0)
setsockopt$MRT_FLUSH(r0, 0x0, 0xd4, &(0x7f000000a500)=0x5, 0x4)

630.564658ms ago: executing program 2 (id=4078):
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x4490, &(0x7f0000000140)=ANY=[], 0xfb, 0x29b, &(0x7f0000000900)="$eJzs3T9v004cx/HPOUnr369Vcf8gJMRUqMSE2rIgliKUgZ2FCQFNkCqiIkERf6bAjGBn5ynwABiZEDMSGxMPIFvQnc+Nk9pxEpE6gfdLauTE97W/F59z9w1CEYB/1s36j49Xf9o/I1VUkXRdCiSFUlXSWZ0Lnx0eHRy1mo1hB6q4CPtnFEeaE232D5tZoTbORXiRfVbVcvo1TEf4Xe33N249LzsPlMvd/RkCadHfnW5/eOqZTUe77ARKZjrq6IVWys4DAFAuP/8Hfp5f9uv3IJC2/LTfP//P+QTaKTuBKftcsD81/7sqq2vs9T3jdvXqPVfC2f1BUiVOksuC4pHVt8A0RVWlyyX47+FBq3ll/3GrEeiN9rxar9mGe2zEQzeRzvb1yUNvZtSmQ0ze9yXXh5rtw246/1ST9T97xmLmi/lq7ppIH9Q4Xv9Vu8ZeJnelooErFee/nX9E18sFuVY5vVx1Jznvz+AN7WVFORWJkhG1qv4vCKKiPF3U2kBU3Ludgqj1zKjdzIDacdTGYFRvNOefb9rMO3PHbOqXPqmeWv8H9t3e0ih3pm3jWvqRMbQ/VdcycvOJv+vaFzJbBpP2CBN4qwe6ppWnL189ut9qNZ/Mw0byeTBWlL0TZyH5MjfsR1L6lWQQuFfCZGMWUjXjXdxZ37BvcilnT+adIUOi4DilfCrhlPUu+piB/NvM38Kuu0xc/6XqlW23WLMPUf86fTEd2y06eOqIOzm1wZp7/D+/gutj3FcPS/kV3Kg118XL0qVRzhiLfJ6zZ2+SIFPXN93j+38AAAAAAAAAAAAAAAAAAIB5M8b/K0hCctqEygsvt4cAAAAAAAAAAAAAAAAAAAAAAMy/mfv939uKn/H7v8DU/Q4AAP//QFNsMg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

602.537361ms ago: executing program 0 (id=4079):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="b80000001900674c00000000fddbdf25fc010000000000000000000000000000fc0000000000000000000000000000010000000000000000020000"], 0xb8}}, 0x10)
syz_emit_ethernet(0x26, &(0x7f0000000040)={@local, @link_local, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x89, 0x0, @dev, @local}, "5613e798"}}}}, 0x0)

485.391397ms ago: executing program 4 (id=4080):
rename(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./bus\x00')

0s ago: executing program 3 (id=4081):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
poll(&(0x7f00000000c0)=[{r0, 0x3388}], 0x1, 0x800)
syz_usb_connect(0x5, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

scriptor's value: 2
[ 1450.402921][T11714] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1450.412484][T11714] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1450.652818][T11714] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1450.661598][T11714] usb 3-1: invalid MIDI out EP 0
[ 1450.850216][T16785] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1450.860411][T16785] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1450.896786][T16779] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1451.154873][    T9] cdc_mbim 4-1:1.0: bind() failure
[ 1451.241914][T11714] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1451.251811][    T9] cdc_ncm 4-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1451.297734][ T6045] udevd[6045]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1451.305111][    T9] cdc_mbim 4-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1451.380175][T11714] usb 3-1: USB disconnect, device number 15
[ 1451.411315][    T9] usbtest 4-1:1.1: probe with driver usbtest failed with error -71
[ 1451.495829][    T9] usb 4-1: USB disconnect, device number 50
[ 1452.491813][T16811] loop3: detected capacity change from 0 to 1024
[ 1452.888693][T16811] nbd0: detected capacity change from 0 to 63
[ 1452.941306][T16068] block nbd0: Receive control failed (result -32)
[ 1452.951094][ T6488] block nbd0: Dead connection, failed to find a fallback
[ 1452.959909][ T6488] block nbd0: shutting down sockets
[ 1452.966364][ T6488] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1452.975881][ T6488] buffer_io_error: 158 callbacks suppressed
[ 1452.975958][ T6488] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1452.990608][ T6488] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1453.000237][ T6488] Buffer I/O error on dev nbd0, logical block 1, async page read
[ 1453.008543][ T6488] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1453.018094][ T6488] Buffer I/O error on dev nbd0, logical block 2, async page read
[ 1453.026228][ T6488] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1453.035765][ T6488] Buffer I/O error on dev nbd0, logical block 3, async page read
[ 1453.044132][ T6488] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1453.053625][ T6488] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1453.062162][ T6488] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1453.071632][ T6488] Buffer I/O error on dev nbd0, logical block 1, async page read
[ 1453.079938][ T6488] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1453.089416][ T6488] Buffer I/O error on dev nbd0, logical block 2, async page read
[ 1453.097627][ T6488] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1453.107145][ T6488] Buffer I/O error on dev nbd0, logical block 3, async page read
[ 1453.115555][ T6488] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1453.125113][ T6488] Buffer I/O error on dev nbd0, logical block 0, async page read
[ 1453.133536][ T6488] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1453.143103][ T6488] Buffer I/O error on dev nbd0, logical block 1, async page read
[ 1453.154562][ T6488] ldm_validate_partition_table(): Disk read failed.
[ 1453.164093][ T6488] Dev nbd0: unable to read RDB block 0
[ 1453.173504][ T6488]  nbd0: unable to read partition table
[ 1453.193506][ T6488] ldm_validate_partition_table(): Disk read failed.
[ 1453.203866][ T6488] Dev nbd0: unable to read RDB block 0
[ 1453.212037][ T6488]  nbd0: unable to read partition table
[ 1453.356441][T16819] loop0: detected capacity change from 0 to 4096
[ 1453.436481][ T6060] ldm_validate_partition_table(): Disk read failed.
[ 1453.445920][ T6060] Dev nbd0: unable to read RDB block 0
[ 1453.454218][ T6060]  nbd0: unable to read partition table
[ 1453.514896][ T1125] hfsplus: b-tree write err: -5, ino 4
[ 1453.539414][ T6060] ldm_validate_partition_table(): Disk read failed.
[ 1453.548706][ T6060] Dev nbd0: unable to read RDB block 0
[ 1453.556811][ T6060]  nbd0: unable to read partition table
[ 1454.028847][   T30] audit: type=1800 audit(1751550422.644:237): pid=16819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3670" name="file1" dev="loop0" ino=33 res=0 errno=0
[ 1454.958622][    T9] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[ 1455.171839][    T9] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1455.184188][    T9] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1455.195489][    T9] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1455.336685][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1455.346328][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1455.354780][    T9] usb 4-1: Product: syz
[ 1455.359457][    T9] usb 4-1: Manufacturer: syz
[ 1455.364288][    T9] usb 4-1: SerialNumber: syz
[ 1455.493897][    T9] cdc_mbim 4-1:1.0: skipping garbage
[ 1455.568652][T11714] usb 6-1: new full-speed USB device number 79 using dummy_hcd
[ 1455.668650][T16159] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[ 1455.716658][T16843] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1455.785164][T11714] usb 6-1: config 5 has an invalid interface number: 123 but max is 0
[ 1455.794473][T11714] usb 6-1: config 5 has no interface number 0
[ 1455.801183][T11714] usb 6-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[ 1455.813902][T11714] usb 6-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1455.824221][T11714] usb 6-1: config 5 interface 123 has no altsetting 0
[ 1455.896311][T11714] usb 6-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[ 1455.906977][T11714] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1455.915675][T11714] usb 6-1: Product: syz
[ 1455.920294][T11714] usb 6-1: Manufacturer: syz
[ 1455.924772][T16159] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1455.925026][T11714] usb 6-1: SerialNumber: syz
[ 1455.940948][T16159] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1456.046820][T16159] usb 1-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[ 1456.060360][T16159] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1456.068959][T16159] usb 1-1: Product: syz
[ 1456.073544][T16159] usb 1-1: Manufacturer: syz
[ 1456.078753][T16159] usb 1-1: SerialNumber: syz
[ 1456.201701][T16159] usb 1-1: config 0 descriptor??
[ 1456.258320][T16159] dm9601 1-1:0.0: probe with driver dm9601 failed with error -22
[ 1456.402616][T16864] FAULT_INJECTION: forcing a failure.
[ 1456.402616][T16864] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1456.416651][T16864] CPU: 0 UID: 0 PID: 16864 Comm: syz.2.3684 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1456.416796][T16864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1456.416877][T16864] Call Trace:
[ 1456.416928][T16864]  <TASK>
[ 1456.416982][T16864]  __dump_stack+0x26/0x30
[ 1456.417146][T16864]  dump_stack_lvl+0x1df/0x270
[ 1456.417325][T16864]  dump_stack+0x1e/0x25
[ 1456.417473][T16864]  should_fail_ex+0x7dc/0x8a0
[ 1456.417648][T16864]  should_fail+0x2a/0x40
[ 1456.417793][T16864]  should_fail_usercopy+0x2e/0x40
[ 1456.417950][T16864]  _copy_to_user+0x35/0x120
[ 1456.418094][T16864]  simple_read_from_buffer+0x1b2/0x340
[ 1456.418289][T16864]  proc_fail_nth_read+0x1d2/0x2c0
[ 1456.418443][T16864]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1456.418590][T16864]  vfs_read+0x279/0xf00
[ 1456.418752][T16864]  ? stack_depot_save_flags+0x35/0x7b0
[ 1456.418898][T16864]  ? kmsan_get_metadata+0xfb/0x160
[ 1456.419073][T16864]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1456.419273][T16864]  __x64_sys_read+0x1fb/0x4d0
[ 1456.419466][T16864]  x64_sys_call+0x39db/0x3db0
[ 1456.419634][T16864]  do_syscall_64+0xd9/0x210
[ 1456.419766][T16864]  ? irqentry_exit+0x16/0x60
[ 1456.419939][T16864]  ? clear_bhb_loop+0x40/0x90
[ 1456.420086][T16864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1456.420234][T16864] RIP: 0033:0x7fcae678d33c
[ 1456.420334][T16864] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1456.420453][T16864] RSP: 002b:00007fcae7522030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1456.420584][T16864] RAX: ffffffffffffffda RBX: 00007fcae69b5fa0 RCX: 00007fcae678d33c
[ 1456.420680][T16864] RDX: 000000000000000f RSI: 00007fcae75220a0 RDI: 0000000000000003
[ 1456.420762][T16864] RBP: 00007fcae7522090 R08: 0000000000000000 R09: 0000000000000000
[ 1456.420847][T16864] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1456.420925][T16864] R13: 0000000000000000 R14: 00007fcae69b5fa0 R15: 00007fff1a33ad28
[ 1456.421044][T16864]  </TASK>
[ 1456.784662][T16843] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1457.072160][    T9] cdc_mbim 4-1:1.0: bind() failure
[ 1457.144949][    T9] cdc_ncm 4-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1457.181816][    T9] cdc_mbim 4-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1457.223711][    T9] usbtest 4-1:1.1: probe with driver usbtest failed with error -71
[ 1457.995814][T16873] loop2: detected capacity change from 0 to 32768
[ 1458.021299][    T9] usb 4-1: USB disconnect, device number 51
[ 1458.126640][T16873] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1458.724579][T11714] ni6501 6-1:5.123: driver 'ni6501' failed to auto-configure device.
[ 1458.803622][ T5848] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[ 1458.807041][T16873] XFS (loop2): Ending clean mount
[ 1458.829059][T11714] usb 6-1: USB disconnect, device number 79
[ 1458.969086][T14100] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1459.042153][ T5848] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1459.052940][ T5848] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1459.105897][T16889] loop3: detected capacity change from 0 to 2048
[ 1459.163429][ T5848] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1459.173469][ T5848] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1459.181968][ T5848] usb 5-1: SerialNumber: syz
[ 1459.362935][    T9] usb 1-1: USB disconnect, device number 25
[ 1459.397509][T16889] syz.3.3688: attempt to access beyond end of device
[ 1459.397509][T16889] loop3: rw=0, sector=13194139533394, nr_sectors = 2 limit=2048
[ 1459.412552][T16889] NILFS (loop3): I/O error reading meta-data file (ino=5, block-offset=0)
[ 1459.461144][ T5848] usb 5-1: cannot find UAC_HEADER
[ 1459.553625][T16889] NILFS (loop3): error -5 while loading super root
[ 1459.659090][T11714] usb 6-1: new high-speed USB device number 80 using dummy_hcd
[ 1459.691904][ T5848] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1459.783719][ T5848] usb 5-1: USB disconnect, device number 12
[ 1459.881828][T11714] usb 6-1: Using ep0 maxpacket: 32
[ 1459.936791][T11714] usb 6-1: config 0 has an invalid interface number: 253 but max is 2
[ 1459.945733][T11714] usb 6-1: config 0 has an invalid interface number: 193 but max is 2
[ 1459.954578][T11714] usb 6-1: config 0 has an invalid interface descriptor of length 7, skipping
[ 1459.964108][T11714] usb 6-1: config 0 has an invalid interface number: 128 but max is 2
[ 1459.973265][T11714] usb 6-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[ 1459.982382][T11714] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1459.992875][T11714] usb 6-1: config 0 has no interface number 0
[ 1459.999392][T11714] usb 6-1: config 0 has no interface number 1
[ 1460.005720][T11714] usb 6-1: config 0 has no interface number 2
[ 1460.012210][T11714] usb 6-1: config 0 interface 253 altsetting 1 endpoint 0x9 has invalid maxpacket 1023, setting to 64
[ 1460.024961][T11714] usb 6-1: config 0 interface 253 altsetting 1 bulk endpoint 0x1 has invalid maxpacket 8
[ 1460.035444][T11714] usb 6-1: config 0 interface 253 altsetting 1 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[ 1460.036788][ T6060] udevd[6060]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1460.046841][T11714] usb 6-1: config 0 interface 253 altsetting 1 has a duplicate endpoint with address 0x1, skipping
[ 1460.047016][T11714] usb 6-1: config 0 interface 253 altsetting 1 endpoint 0xD has invalid maxpacket 512, setting to 64
[ 1460.047170][T11714] usb 6-1: config 0 interface 253 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1460.098502][T11714] usb 6-1: config 0 interface 253 altsetting 1 has a duplicate endpoint with address 0x5, skipping
[ 1460.109625][T11714] usb 6-1: config 0 interface 253 altsetting 1 has a duplicate endpoint with address 0x8, skipping
[ 1460.120877][T11714] usb 6-1: config 0 interface 253 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[ 1460.132221][T11714] usb 6-1: config 0 interface 193 altsetting 9 endpoint 0xF has invalid maxpacket 1024, setting to 64
[ 1460.143675][T11714] usb 6-1: config 0 interface 193 altsetting 9 has a duplicate endpoint with address 0xF, skipping
[ 1460.154891][T11714] usb 6-1: config 0 interface 193 altsetting 9 has a duplicate endpoint with address 0xC, skipping
[ 1460.166541][T11714] usb 6-1: config 0 interface 193 altsetting 9 has 3 endpoint descriptors, different from the interface descriptor's value: 14
[ 1460.180224][T11714] usb 6-1: config 0 interface 128 altsetting 209 has 0 endpoint descriptors, different from the interface descriptor's value: 14
[ 1460.194285][T11714] usb 6-1: config 0 interface 253 has no altsetting 0
[ 1460.201475][T11714] usb 6-1: config 0 interface 193 has no altsetting 0
[ 1460.208609][T11714] usb 6-1: config 0 interface 128 has no altsetting 0
[ 1460.338786][    T9] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[ 1460.754936][T11714] usb 6-1: New USB device found, idVendor=0403, idProduct=d9af, bcdDevice=28.08
[ 1460.764774][T11714] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1460.773484][T11714] usb 6-1: Product: syz
[ 1460.778191][T11714] usb 6-1: Manufacturer: syz
[ 1460.783052][T11714] usb 6-1: SerialNumber: syz
[ 1460.791541][T16906] FAULT_INJECTION: forcing a failure.
[ 1460.791541][T16906] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1460.805381][T16906] CPU: 0 UID: 0 PID: 16906 Comm: syz.3.3692 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1460.805529][T16906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1460.805609][T16906] Call Trace:
[ 1460.805659][T16906]  <TASK>
[ 1460.805709][T16906]  __dump_stack+0x26/0x30
[ 1460.805918][T16906]  dump_stack_lvl+0x1df/0x270
[ 1460.806085][T16906]  dump_stack+0x1e/0x25
[ 1460.806230][T16906]  should_fail_ex+0x7dc/0x8a0
[ 1460.806401][T16906]  should_fail+0x2a/0x40
[ 1460.806544][T16906]  should_fail_usercopy+0x2e/0x40
[ 1460.806700][T16906]  _copy_from_user+0x33/0x100
[ 1460.806858][T16906]  ___sys_sendmsg+0x11b/0x3b0
[ 1460.807006][T16906]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1460.807191][T16906]  ? __rcu_read_unlock+0x6d/0xd0
[ 1460.807329][T16906]  ? __fget_files+0x3b4/0x4a0
[ 1460.807452][T16906]  ? __fget_files+0x3b9/0x4a0
[ 1460.807578][T16906]  ? kmsan_get_metadata+0xfb/0x160
[ 1460.807744][T16906]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1460.807930][T16906]  __x64_sys_sendmsg+0x211/0x3e0
[ 1460.808056][T16906]  ? fput+0x113/0x160
[ 1460.808184][T16906]  ? kmsan_get_metadata+0xfb/0x160
[ 1460.808349][T16906]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1460.808517][T16906]  ? kmsan_get_metadata+0xfb/0x160
[ 1460.808701][T16906]  x64_sys_call+0x32fb/0x3db0
[ 1460.808866][T16906]  do_syscall_64+0xd9/0x210
[ 1460.808992][T16906]  ? irqentry_exit+0x16/0x60
[ 1460.809151][T16906]  ? clear_bhb_loop+0x40/0x90
[ 1460.809287][T16906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1460.809419][T16906] RIP: 0033:0x7fb70dd8e929
[ 1460.809516][T16906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1460.809624][T16906] RSP: 002b:00007fb70ecbf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1460.809745][T16906] RAX: ffffffffffffffda RBX: 00007fb70dfb5fa0 RCX: 00007fb70dd8e929
[ 1460.809843][T16906] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000004
[ 1460.809921][T16906] RBP: 00007fb70ecbf090 R08: 0000000000000000 R09: 0000000000000000
[ 1460.810001][T16906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1460.810081][T16906] R13: 0000000000000000 R14: 00007fb70dfb5fa0 R15: 00007ffc051356f8
[ 1460.810196][T16906]  </TASK>
[ 1461.042831][T16907] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3693'.
[ 1461.061333][T11714] usb 6-1: config 0 descriptor??
[ 1461.071060][T16893] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1461.372616][T16893] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1461.382739][T16893] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1461.539463][T16159] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1461.575129][T11714] ftdi_sio 6-1:0.253: FTDI USB Serial Device converter detected
[ 1461.583037][T16893] unsupported nla_type 52263
[ 1461.592834][T11714] ftdi_sio ttyUSB0: unknown device type: 0x2808
[ 1461.743027][T16159] usb 3-1: Using ep0 maxpacket: 8
[ 1461.814320][T11714] ftdi_sio 6-1:0.193: FTDI USB Serial Device converter detected
[ 1461.825388][T11714] ftdi_sio ttyUSB1: unknown device type: 0x2808
[ 1461.830361][T16159] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[ 1461.841626][T16159] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1461.850105][T16159] usb 3-1: Product: syz
[ 1461.854503][T16159] usb 3-1: Manufacturer: syz
[ 1461.859558][T16159] usb 3-1: SerialNumber: syz
[ 1461.923390][T11714] ftdi_sio 6-1:0.128: FTDI USB Serial Device converter detected
[ 1461.934201][T11714] ftdi_sio ttyUSB2: unknown device type: 0x2808
[ 1462.021124][T16159] usb 3-1: config 0 descriptor??
[ 1462.121668][T11714] usb 6-1: USB disconnect, device number 80
[ 1462.138557][T11714] ftdi_sio 6-1:0.253: device disconnected
[ 1462.151831][T11714] ftdi_sio 6-1:0.193: device disconnected
[ 1462.162343][T11714] ftdi_sio 6-1:0.128: device disconnected
[ 1462.241830][T16920] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1462.312764][T16907] loop2: detected capacity change from 0 to 16
[ 1462.450686][T16907] erofs (device loop2): mounted with root inode @ nid 36.
[ 1462.547403][T16907] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36
[ 1462.614911][T16907] erofs (device loop2): failed to decompress -57 in[61, 4035] out[1851]
[ 1462.624104][T16907] erofs (device loop2): read error -117 @ 43 of nid 36
[ 1462.655430][    T9] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[ 1462.736578][T16159] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1462.879290][    T9] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1462.891097][    T9] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1462.902315][    T9] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1462.912476][    T9] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1463.187083][    T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1463.197143][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1463.205852][    T9] usb 1-1: Product: syz
[ 1463.210474][    T9] usb 1-1: Manufacturer: syz
[ 1463.215550][    T9] usb 1-1: SerialNumber: syz
[ 1463.653373][    T9] cdc_mbim 1-1:1.0: skipping garbage
[ 1463.760546][T16932] loop5: detected capacity change from 0 to 32768
[ 1463.825225][T16159] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1463.876987][T16921] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1463.926900][T16159] usb 3-1: USB disconnect, device number 16
[ 1463.936947][T16932] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1463.998795][ T5962] udevd[5962]: setting owner of /dev/bus/usb/003/016 to uid=0, gid=0 failed: No such file or directory
[ 1464.601879][T16921] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1464.812812][T16932] XFS (loop5): Ending clean mount
[ 1464.916183][    T9] cdc_mbim 1-1:1.0: bind() failure
[ 1465.031217][T11305] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1465.068904][    T9] cdc_ncm 1-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1465.144138][    T9] cdc_mbim 1-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1465.192165][    T9] usbtest 1-1:1.1: probe with driver usbtest failed with error -71
[ 1465.309345][    T9] usb 1-1: USB disconnect, device number 27
[ 1466.090956][T16961] netlink: 'syz.4.3706': attribute type 64 has an invalid length.
[ 1466.103147][T16961] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3706'.
[ 1466.538555][    T9] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[ 1466.800506][    T9] usb 1-1: Using ep0 maxpacket: 32
[ 1466.888981][    T9] usb 1-1: config 1 has an invalid interface number: 242 but max is 0
[ 1466.897728][    T9] usb 1-1: config 1 has no interface number 0
[ 1466.904447][    T9] usb 1-1: config 1 interface 242 has no altsetting 0
[ 1467.111254][    T9] usb 1-1: New USB device found, idVendor=2eca, idProduct=c101, bcdDevice= 7.df
[ 1467.121127][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1467.129631][    T9] usb 1-1: Product: syz
[ 1467.134042][    T9] usb 1-1: Manufacturer: syz
[ 1467.139140][    T9] usb 1-1: SerialNumber: syz
[ 1467.143819][T16971] loop3: detected capacity change from 0 to 32768
[ 1467.234770][T11714] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 1467.261244][T16971] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1467.488293][T11714] usb 5-1: Using ep0 maxpacket: 8
[ 1467.513521][T11714] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0069, bcdDevice=6e.55
[ 1467.523140][T11714] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1467.531844][T11714] usb 5-1: Product: syz
[ 1467.536250][T11714] usb 5-1: Manufacturer: syz
[ 1467.541289][T11714] usb 5-1: SerialNumber: syz
[ 1467.590589][T16964] loop0: detected capacity change from 0 to 256
[ 1467.644737][T16985] netlink: 'syz.5.3710': attribute type 29 has an invalid length.
[ 1467.653612][T16985] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3710'.
[ 1467.694298][T11714] usb 5-1: config 0 descriptor??
[ 1467.883714][T16971] XFS (loop3): Ending clean mount
[ 1467.896885][T16971] XFS (loop3): Quotacheck needed: Please wait.
[ 1467.921687][T11714] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1467.981165][T11714] dvb_usb_af9015 5-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[ 1468.035910][T16971] XFS (loop3): Quotacheck: Done.
[ 1468.073917][T11714] usb 5-1: USB disconnect, device number 13
[ 1468.104013][T16985] input: syz1 as /devices/virtual/input/input68
[ 1468.275859][T16964] FAT-fs (loop0): Directory bread(block 64) failed
[ 1468.283922][T16964] FAT-fs (loop0): Directory bread(block 65) failed
[ 1468.293012][T16964] FAT-fs (loop0): Directory bread(block 66) failed
[ 1468.300079][T16964] FAT-fs (loop0): Directory bread(block 67) failed
[ 1468.307109][T16964] FAT-fs (loop0): Directory bread(block 68) failed
[ 1468.314146][T16964] FAT-fs (loop0): Directory bread(block 69) failed
[ 1468.321311][T16964] FAT-fs (loop0): Directory bread(block 70) failed
[ 1468.328254][T16964] FAT-fs (loop0): Directory bread(block 71) failed
[ 1468.335348][T16964] FAT-fs (loop0): Directory bread(block 72) failed
[ 1468.342342][T16964] FAT-fs (loop0): Directory bread(block 73) failed
[ 1468.661338][T14672] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1468.854667][    T9] aqc111 1-1:1.242: probe with driver aqc111 failed with error -71
[ 1469.002053][    T9] usb 1-1: USB disconnect, device number 28
[ 1469.293135][T16996] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3714'.
[ 1469.613340][    T9] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[ 1469.842727][T11835] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[ 1469.864147][    T9] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1469.873885][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1469.927400][    T9] usb 3-1: config 0 descriptor??
[ 1469.984475][    T9] cp210x 3-1:0.0: cp210x converter detected
[ 1470.058705][T11835] usb 5-1: Using ep0 maxpacket: 8
[ 1470.136876][T11835] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[ 1470.146593][T11835] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1470.155231][T11835] usb 5-1: Product: syz
[ 1470.160003][T11835] usb 5-1: Manufacturer: syz
[ 1470.164997][T11835] usb 5-1: SerialNumber: syz
[ 1471.001534][T17001] loop0: detected capacity change from 0 to 32768
[ 1471.024022][    T9] usb 3-1: cp210x converter now attached to ttyUSB0
[ 1471.040583][T11835] usb 5-1: config 0 descriptor??
[ 1471.104528][T17001] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1471.257010][T16996] loop4: detected capacity change from 0 to 16
[ 1471.273704][T16996] erofs (device loop4): mounted with root inode @ nid 36.
[ 1471.319862][T16996] erofs (device loop4): bogus lookback distance 1388 @ lcn 42 of nid 36
[ 1471.414559][T16996] erofs (device loop4): failed to decompress -57 in[61, 4035] out[1851]
[ 1471.423640][T16996] erofs (device loop4): read error -117 @ 43 of nid 36
[ 1471.456249][T11835] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1471.555090][T17001] XFS (loop0): Ending clean mount
[ 1471.795158][T14999] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1471.960103][T11714] usb 6-1: new high-speed USB device number 81 using dummy_hcd
[ 1472.231121][T11714] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1472.242888][T11714] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1472.254009][T11714] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1472.264352][T11714] usb 6-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1472.456099][    T9] usb 3-1: USB disconnect, device number 17
[ 1472.489905][T11835] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1472.537352][T11714] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1472.548863][T11714] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1472.551737][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1472.557029][T11714] usb 6-1: Product: syz
[ 1472.570121][T11714] usb 6-1: Manufacturer: syz
[ 1472.575033][T11714] usb 6-1: SerialNumber: syz
[ 1472.587141][T11835] usb 5-1: USB disconnect, device number 14
[ 1472.602614][ T6488] udevd[6488]: setting owner of /dev/bus/usb/005/014 to uid=0, gid=0 failed: No such file or directory
[ 1472.711480][    T9] cp210x 3-1:0.0: device disconnected
[ 1472.744078][T11714] cdc_mbim 6-1:1.0: skipping garbage
[ 1472.915072][T17026] netlink: 'syz.0.3718': attribute type 7 has an invalid length.
[ 1472.950564][T17022] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[ 1473.703983][T17022] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[ 1473.964986][T11714] cdc_mbim 6-1:1.0: bind() failure
[ 1474.040129][T11714] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1474.108625][T11714] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1474.126657][T17035] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[ 1474.142041][T17035] overlayfs: overlapping lowerdir path
[ 1474.176423][T11714] usbtest 6-1:1.1: probe with driver usbtest failed with error -71
[ 1474.251238][T11714] usb 6-1: USB disconnect, device number 81
[ 1474.540642][T17036] loop0: detected capacity change from 0 to 4096
[ 1475.291042][T17039] loop2: detected capacity change from 0 to 32768
[ 1475.368439][T17039] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1475.495729][T17055] loop5: detected capacity change from 0 to 164
[ 1475.978381][T11714] usb 6-1: new high-speed USB device number 82 using dummy_hcd
[ 1476.017768][T17039] XFS (loop2): Ending clean mount
[ 1476.031773][T17039] XFS (loop2): Quotacheck needed: Please wait.
[ 1476.140291][T17039] XFS (loop2): Quotacheck: Done.
[ 1476.199905][T11714] usb 6-1: Using ep0 maxpacket: 8
[ 1476.284636][T11714] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1476.336176][T11714] usb 6-1: config 17 has an invalid interface number: 8 but max is 1
[ 1476.345095][T11714] usb 6-1: config 17 has 1 interface, different from the descriptor's value: 2
[ 1476.354675][T11714] usb 6-1: config 17 has no interface number 0
[ 1476.368943][T11714] usb 6-1: config 17 interface 8 altsetting 6 endpoint 0x3 has an invalid bInterval 48, changing to 7
[ 1476.380562][T11714] usb 6-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid maxpacket 24624, setting to 1024
[ 1476.392193][T11714] usb 6-1: config 17 interface 8 has no altsetting 0
[ 1476.535961][T11714] usb 6-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[ 1476.546018][T11714] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1476.554603][T11714] usb 6-1: Product: syz
[ 1476.559176][T11714] usb 6-1: Manufacturer: syz
[ 1476.564007][T11714] usb 6-1: SerialNumber: syz
[ 1476.584186][T17064] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3726'.
[ 1476.596934][T14100] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1477.686602][T11714] usb 6-1: selecting invalid altsetting 0
[ 1477.692796][T11714] usb 6-1: 8:6 : no UAC_FORMAT_TYPE desc
[ 1477.699532][T11714] usb 6-1: selecting invalid altsetting 0
[ 1478.013899][T17076] loop2: detected capacity change from 0 to 32768
[ 1478.136621][T11714] usb 6-1: USB disconnect, device number 82
[ 1478.210309][T17076] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1478.435096][T17093] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3730'.
[ 1478.961241][T17076] XFS (loop2): Ending clean mount
[ 1478.978787][T11714] usb 6-1: new high-speed USB device number 83 using dummy_hcd
[ 1479.147567][T14100] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1479.189042][T11714] usb 6-1: Using ep0 maxpacket: 8
[ 1479.219821][T11714] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[ 1479.229375][T11714] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1479.237735][T11714] usb 6-1: Product: syz
[ 1479.243391][T11714] usb 6-1: Manufacturer: syz
[ 1479.249088][T11714] usb 6-1: SerialNumber: syz
[ 1479.307550][ T6063] udevd[6063]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1479.421530][T11714] usb 6-1: config 0 descriptor??
[ 1479.508697][    T9] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[ 1479.642952][T17093] loop5: detected capacity change from 0 to 16
[ 1479.714162][T17093] erofs (device loop5): mounted with root inode @ nid 36.
[ 1479.731225][    T9] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1479.742678][    T9] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1479.753091][    T9] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1479.763159][    T9] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0
[ 1479.849982][T17093] erofs (device loop5): bogus lookback distance 1388 @ lcn 42 of nid 36
[ 1479.890673][T17093] erofs (device loop5): failed to decompress -57 in[61, 4035] out[1851]
[ 1479.900249][T17093] erofs (device loop5): read error -117 @ 43 of nid 36
[ 1479.962284][T11714] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1479.969969][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1479.980778][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1479.989134][    T9] usb 4-1: Product: syz
[ 1479.993545][    T9] usb 4-1: Manufacturer: syz
[ 1479.998501][    T9] usb 4-1: SerialNumber: syz
[ 1480.146507][    T9] cdc_mbim 4-1:1.0: skipping garbage
[ 1480.258561][ T5848] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[ 1480.416821][T17102] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1480.469536][ T5848] usb 1-1: Using ep0 maxpacket: 16
[ 1480.503368][ T5848] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1480.517793][ T5848] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1480.623387][ T5848] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1480.635344][ T5848] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1480.644031][ T5848] usb 1-1: Product: syz
[ 1480.648701][ T5848] usb 1-1: Manufacturer: syz
[ 1480.653729][ T5848] usb 1-1: SerialNumber: syz
[ 1480.803069][ T5848] usb 1-1: config 0 descriptor??
[ 1480.883620][ T5848] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1480.893574][ T5848] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class)
[ 1481.038420][T11714] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1481.100665][T11714] usb 6-1: USB disconnect, device number 83
[ 1481.115910][T17102] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1481.348171][    T9] cdc_mbim 4-1:1.0: bind() failure
[ 1481.385840][    T9] cdc_ncm 4-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1481.433211][    T9] cdc_mbim 4-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1481.462670][    T9] usbtest 4-1:1.1: probe with driver usbtest failed with error -71
[ 1481.485257][ T5848] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[ 1481.519870][ T5848] em28xx 1-1:0.0: Config register raw data: 0xfffffffb
[ 1482.173515][T17111] loop4: detected capacity change from 0 to 32768
[ 1482.187594][    T9] usb 4-1: USB disconnect, device number 52
[ 1482.194491][ T5848] em28xx 1-1:0.0: Unknown AC97 audio processor detected!
[ 1482.358849][ T5848] em28xx 1-1:0.0: AC97 command still being executed: not handled properly!
[ 1482.367857][ T5848] em28xx 1-1:0.0: couldn't setup AC97 register 2
[ 1482.375174][T17111] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[ 1482.375281][T17111]   allowing incompatible features above 0.0: (unknown version)
[ 1482.375366][T17111]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1482.413821][T17111] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[ 1482.422403][T17111] bcachefs (loop4): initializing new filesystem
[ 1482.439222][T17111] bcachefs (loop4): going read-write
[ 1482.544267][T17111] bcachefs (loop4): marking superblocks
[ 1482.595469][T17111] bcachefs (loop4): initializing freespace
[ 1482.622048][T17111] bcachefs (loop4): done initializing freespace
[ 1482.641515][T17111] bcachefs (loop4): reading snapshots table
[ 1482.647993][T17111] bcachefs (loop4): reading snapshots done
[ 1482.739321][T17111] bcachefs (loop4):  loop4: Superblock write was silently dropped! (seq 0 expected 42)
[ 1482.751183][T17111] bcachefs (loop4): done starting filesystem
[ 1482.754935][ T5848] em28xx 1-1:0.0: couldn't setup AC97 register 4
[ 1482.810549][ T5848] em28xx 1-1:0.0: couldn't setup AC97 register 6
[ 1482.868556][ T5848] em28xx 1-1:0.0: couldn't setup AC97 register 54
[ 1482.909115][ T5848] em28xx 1-1:0.0: couldn't setup AC97 register 56
[ 1482.946428][ T5848] usb 1-1: USB disconnect, device number 29
[ 1483.048200][    T9] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 1483.258596][    T9] usb 5-1: Using ep0 maxpacket: 16
[ 1483.293639][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1483.305069][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1483.315331][    T9] usb 5-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00
[ 1483.324755][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1483.479725][    T9] usb 5-1: config 0 descriptor??
[ 1483.869693][T17134] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3741'.
[ 1484.030037][    T9] nzxt-kraken2 0003:1E71:170E.0011: hidraw0: USB HID v0.00 Device [HID 1e71:170e] on usb-dummy_hcd.4-1/input0
[ 1484.160470][    T9] usb 5-1: USB disconnect, device number 15
[ 1484.308865][ T5848] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[ 1484.529404][ T5848] usb 1-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1484.542455][ T5848] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1484.554061][ T5848] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1484.556773][T17142] fido_id[17142]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[ 1484.565723][ T5848] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1484.565861][ T5848] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1484.701718][T17139] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1484.821351][T15341] bcachefs (loop4): shutting down
[ 1484.826805][T15341] bcachefs (loop4): going read-only
[ 1484.832960][T15341] bcachefs (loop4): finished waiting for writes to stop
[ 1484.960475][T15341] bcachefs (loop4): flushing journal and stopping allocators, journal seq 5
[ 1485.163138][T17139] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1485.173431][T17139] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1485.319796][T15341] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 5
[ 1485.397622][T15341] bcachefs (loop4): clean shutdown complete, journal seq 6
[ 1485.489886][T15341] bcachefs (loop4): marking filesystem clean
[ 1485.733618][T15341] bcachefs (loop4): shutdown complete
[ 1485.813803][T17147] loop2: detected capacity change from 0 to 32768
[ 1485.865690][T17139] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1485.876718][T17139] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1485.949705][T17147] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1486.290193][T17166] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3749'.
[ 1486.369219][ T5848] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[ 1486.387153][ T5848] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input69
[ 1486.812957][    C1] aiptek 1-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[ 1486.821630][ T5848] usb 1-1: USB disconnect, device number 30
[ 1486.830505][T17147] XFS (loop2): Ending clean mount
[ 1486.844782][T11714] usb 6-1: new high-speed USB device number 84 using dummy_hcd
[ 1486.980802][T14100] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1487.018862][T11714] usb 6-1: Using ep0 maxpacket: 8
[ 1487.110437][T11714] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[ 1487.121330][T11714] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1487.131250][T11714] usb 6-1: Product: syz
[ 1487.136475][T11714] usb 6-1: Manufacturer: syz
[ 1487.143189][T11714] usb 6-1: SerialNumber: syz
[ 1487.211106][T11714] usb 6-1: config 0 descriptor??
[ 1487.372213][T17171] FAULT_INJECTION: forcing a failure.
[ 1487.372213][T17171] name failslab, interval 1, probability 0, space 0, times 0
[ 1487.387692][T17171] CPU: 1 UID: 0 PID: 17171 Comm: syz.0.3752 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1487.387850][T17171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1487.387926][T17171] Call Trace:
[ 1487.387976][T17171]  <TASK>
[ 1487.388025][T17171]  __dump_stack+0x26/0x30
[ 1487.388185][T17171]  dump_stack_lvl+0x1df/0x270
[ 1487.388342][T17171]  dump_stack+0x1e/0x25
[ 1487.388482][T17171]  should_fail_ex+0x7dc/0x8a0
[ 1487.388644][T17171]  should_failslab+0x15b/0x200
[ 1487.388837][T17171]  kmem_cache_alloc_noprof+0xf0/0xec0
[ 1487.388971][T17171]  ? vm_area_dup+0x5c/0xcc0
[ 1487.389110][T17171]  ? kmsan_get_metadata+0xfb/0x160
[ 1487.389301][T17171]  vm_area_dup+0x5c/0xcc0
[ 1487.389426][T17171]  ? kmsan_get_metadata+0xfb/0x160
[ 1487.389613][T17171]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1487.389803][T17171]  __split_vma+0x2a3/0x13a0
[ 1487.389940][T17171]  ? mas_state_walk+0xf37/0x1200
[ 1487.390128][T17171]  ? kmsan_get_metadata+0xfb/0x160
[ 1487.390292][T17171]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1487.390473][T17171]  vms_gather_munmap_vmas+0x1535/0x1960
[ 1487.390655][T17171]  ? kmsan_get_metadata+0xfb/0x160
[ 1487.390835][T17171]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1487.391015][T17171]  ? kmsan_get_metadata+0xfb/0x160
[ 1487.391213][T17171]  mmap_region+0xafd/0x4a70
[ 1487.391360][T17171]  ? arch_get_unmapped_area_topdown+0x534/0x1120
[ 1487.391602][T17171]  ? kmsan_get_metadata+0xfb/0x160
[ 1487.391813][T17171]  do_mmap+0x17a8/0x1d70
[ 1487.392001][T17171]  vm_mmap_pgoff+0x48e/0x770
[ 1487.392212][T17171]  ksys_mmap_pgoff+0x51b/0x7c0
[ 1487.392389][T17171]  __x64_sys_mmap+0x19c/0x260
[ 1487.392550][T17171]  x64_sys_call+0x1a6e/0x3db0
[ 1487.392721][T17171]  do_syscall_64+0xd9/0x210
[ 1487.392858][T17171]  ? irqentry_exit+0x16/0x60
[ 1487.393027][T17171]  ? clear_bhb_loop+0x40/0x90
[ 1487.393171][T17171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1487.393314][T17171] RIP: 0033:0x7f211a58e929
[ 1487.393418][T17171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1487.393534][T17171] RSP: 002b:00007f211b362038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1487.393663][T17171] RAX: ffffffffffffffda RBX: 00007f211a7b5fa0 RCX: 00007f211a58e929
[ 1487.393767][T17171] RDX: 0000000000000000 RSI: 0000000000004000 RDI: 0000200000ffc000
[ 1487.393856][T17171] RBP: 00007f211b362090 R08: 0000000000000006 R09: 0000000000000000
[ 1487.393945][T17171] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[ 1487.394029][T17171] R13: 0000000000000000 R14: 00007f211a7b5fa0 R15: 00007ffc11df2318
[ 1487.394153][T17171]  </TASK>
[ 1487.792169][T17166] loop5: detected capacity change from 0 to 16
[ 1487.919024][T17166] erofs (device loop5): mounted with root inode @ nid 36.
[ 1487.999633][T17166] erofs (device loop5): bogus lookback distance 1388 @ lcn 42 of nid 36
[ 1488.075733][T17166] erofs (device loop5): failed to decompress -57 in[61, 4035] out[1851]
[ 1488.091560][T17166] erofs (device loop5): read error -117 @ 43 of nid 36
[ 1488.157435][T17179] netlink: 'syz.3.3754': attribute type 5 has an invalid length.
[ 1488.259754][T11714] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1489.046156][T17189] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3757'.
[ 1489.245273][T11714] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1489.300650][T11714] usb 6-1: USB disconnect, device number 84
[ 1489.802850][    T9] usb 1-1: new low-speed USB device number 31 using dummy_hcd
[ 1489.968724][    T9] usb 1-1: device descriptor read/64, error -71
[ 1490.241109][    T9] usb 1-1: new low-speed USB device number 32 using dummy_hcd
[ 1490.439181][    T9] usb 1-1: device descriptor read/64, error -71
[ 1490.577412][    T9] usb usb1-port1: attempt power cycle
[ 1490.865396][T17199] loop3: detected capacity change from 0 to 32768
[ 1491.685198][T17203] loop5: detected capacity change from 0 to 40427
[ 1491.701404][T17203] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[ 1491.709876][T17203] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[ 1491.725095][T17203] F2FS-fs (loop5): invalid crc value
[ 1491.731803][T17203] F2FS-fs (loop5): invalid crc value
[ 1491.737403][T17203] F2FS-fs (loop5): Failed to get valid F2FS checkpoint
[ 1491.748542][    T9] usb 1-1: new low-speed USB device number 33 using dummy_hcd
[ 1491.795480][    T9] usb 1-1: device descriptor read/8, error -71
[ 1491.899934][T17199] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1492.078811][    T9] usb 1-1: new low-speed USB device number 34 using dummy_hcd
[ 1492.171547][    T9] usb 1-1: device descriptor read/8, error -71
[ 1492.290409][    T9] usb usb1-port1: unable to enumerate USB device
[ 1492.589589][T17199] XFS (loop3): Ending clean mount
[ 1492.729406][T14672] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1493.309453][T17235] binder: BINDER_SET_CONTEXT_MGR already set
[ 1493.315789][T17235] binder: 17234:17235 ioctl 4018620d 200000000040 returned -16
[ 1493.340851][T17235] binder: 17234:17235 ioctl c0306201 200000000240 returned -11
[ 1493.533424][T17240] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3771'.
[ 1494.130106][T17243] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3772'.
[ 1494.668597][T11714] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1494.734202][T17251] FAULT_INJECTION: forcing a failure.
[ 1494.734202][T17251] name failslab, interval 1, probability 0, space 0, times 0
[ 1494.747521][T17251] CPU: 0 UID: 0 PID: 17251 Comm: syz.2.3775 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1494.747665][T17251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1494.747753][T17251] Call Trace:
[ 1494.747809][T17251]  <TASK>
[ 1494.747865][T17251]  __dump_stack+0x26/0x30
[ 1494.748047][T17251]  dump_stack_lvl+0x1df/0x270
[ 1494.748208][T17251]  dump_stack+0x1e/0x25
[ 1494.748352][T17251]  should_fail_ex+0x7dc/0x8a0
[ 1494.748528][T17251]  should_failslab+0x15b/0x200
[ 1494.748720][T17251]  __kmalloc_noprof+0x182/0x1310
[ 1494.748866][T17251]  ? tomoyo_realpath_from_path+0xeb/0x9f0
[ 1494.749037][T17251]  ? tomoyo_path_number_perm+0x91/0x7d0
[ 1494.749174][T17251]  ? filter_irq_stacks+0x49/0x190
[ 1494.749303][T17251]  ? kmsan_get_metadata+0xfb/0x160
[ 1494.749494][T17251]  tomoyo_realpath_from_path+0xeb/0x9f0
[ 1494.749658][T17251]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1494.749851][T17251]  ? __srcu_read_lock+0x5e/0xd0
[ 1494.750014][T17251]  tomoyo_path_number_perm+0x1d0/0x7d0
[ 1494.750155][T17251]  ? stack_depot_save_flags+0x35/0x7b0
[ 1494.750324][T17251]  ? kmsan_get_metadata+0xfb/0x160
[ 1494.750501][T17251]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1494.750730][T17251]  tomoyo_file_ioctl+0x3d/0x50
[ 1494.750904][T17251]  security_file_ioctl+0x141/0x590
[ 1494.751100][T17251]  __se_sys_ioctl+0xbb/0x400
[ 1494.751272][T17251]  __x64_sys_ioctl+0x97/0xe0
[ 1494.751441][T17251]  x64_sys_call+0x1ebe/0x3db0
[ 1494.751610][T17251]  do_syscall_64+0xd9/0x210
[ 1494.751751][T17251]  ? clear_bhb_loop+0x40/0x90
[ 1494.751980][T17251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1494.752125][T17251] RIP: 0033:0x7fcae678e929
[ 1494.752228][T17251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1494.752344][T17251] RSP: 002b:00007fcae7522038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1494.752472][T17251] RAX: ffffffffffffffda RBX: 00007fcae69b5fa0 RCX: 00007fcae678e929
[ 1494.752562][T17251] RDX: 0000000000000000 RSI: 0000000040047459 RDI: 0000000000000003
[ 1494.752644][T17251] RBP: 00007fcae7522090 R08: 0000000000000000 R09: 0000000000000000
[ 1494.752727][T17251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1494.752871][T17251] R13: 0000000000000000 R14: 00007fcae69b5fa0 R15: 00007fff1a33ad28
[ 1494.752989][T17251]  </TASK>
[ 1494.878448][T11714] usb 5-1: Using ep0 maxpacket: 8
[ 1494.881770][T17251] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1495.047690][T11714] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[ 1495.057624][T11714] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1495.066360][T11714] usb 5-1: Product: syz
[ 1495.070975][T11714] usb 5-1: Manufacturer: syz
[ 1495.075805][T11714] usb 5-1: SerialNumber: syz
[ 1495.201631][T11714] usb 5-1: config 0 descriptor??
[ 1495.434774][T17243] loop4: detected capacity change from 0 to 16
[ 1495.512498][T17243] erofs (device loop4): mounted with root inode @ nid 36.
[ 1495.586634][T17243] erofs (device loop4): bogus lookback distance 1388 @ lcn 42 of nid 36
[ 1495.680203][T17243] erofs (device loop4): failed to decompress -57 in[61, 4035] out[1851]
[ 1495.689795][T17243] erofs (device loop4): read error -117 @ 43 of nid 36
[ 1495.814982][T11714] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1496.079827][T17265] loop0: detected capacity change from 0 to 8
[ 1496.137582][T17265] SQUASHFS error: zlib decompression failed, data probably corrupt
[ 1496.146286][T17265] SQUASHFS error: Failed to read block 0x9b: -5
[ 1496.153272][T17265] SQUASHFS error: Unable to read metadata cache entry [99]
[ 1496.160873][T17265] SQUASHFS error: Unable to read inode 0x127
[ 1496.600383][T17268] loop3: detected capacity change from 0 to 512
[ 1496.622529][T17268] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1496.630389][T17268] ext4: Bad value for 'data'
[ 1496.682281][T17264] loop2: detected capacity change from 0 to 32768
[ 1496.760162][T17264] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1496.828522][T11714] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1496.874521][T11714] usb 5-1: USB disconnect, device number 16
[ 1497.362881][T17264] XFS (loop2): Ending clean mount
[ 1497.565643][T14100] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1498.429254][T17287] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3783'.
[ 1498.455670][T17287] vlan2: entered promiscuous mode
[ 1498.461229][T17287] bridge0: entered promiscuous mode
[ 1498.838383][T17286] loop2: detected capacity change from 0 to 4096
[ 1499.134352][T17286] ntfs3(loop2): ino=b, mi_enum_attr
[ 1499.134390][T17291] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3785'.
[ 1499.150034][T17286] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[ 1499.198757][T17286] ntfs3(loop2): Failed to load $Extend (-22).
[ 1499.205179][T17286] ntfs3(loop2): Failed to initialize $Extend.
[ 1499.558580][T11714] usb 6-1: new high-speed USB device number 85 using dummy_hcd
[ 1499.762645][T11714] usb 6-1: Using ep0 maxpacket: 8
[ 1499.816420][T11714] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[ 1499.827613][T11714] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1499.839620][T11714] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1499.851751][T11714] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1499.863363][T11714] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1500.172649][T11714] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[ 1500.180629][T11714] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1500.192488][T11714] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1500.204649][T11714] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1500.216459][T11714] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1500.302716][T17303] overlayfs: missing 'lowerdir'
[ 1500.431759][T11714] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[ 1500.440395][T11714] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1500.452219][T11714] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1500.464622][T11714] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1500.476719][T11714] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1500.758285][ T5848] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[ 1500.809879][T11714] usb 6-1: string descriptor 0 read error: -22
[ 1500.816844][T11714] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1500.826603][T11714] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1500.903449][T17308] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3792'.
[ 1500.939328][ T5848] usb 5-1: Using ep0 maxpacket: 16
[ 1501.518803][    T9] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[ 1501.675829][T17310] loop3: detected capacity change from 0 to 32768
[ 1501.689702][ T5848] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1501.698947][ T5848] usb 5-1: config 0 has no interface number 0
[ 1501.708985][T11714] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1501.724111][T11714] usb 6-1: USB disconnect, device number 85
[ 1501.751064][ T5848] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1501.760686][ T5848] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1501.769151][ T5848] usb 5-1: Product: syz
[ 1501.773681][ T5848] usb 5-1: Manufacturer: syz
[ 1501.778424][    T9] usb 1-1: Using ep0 maxpacket: 8
[ 1501.783873][ T5848] usb 5-1: SerialNumber: syz
[ 1501.799573][T17310] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1501.829400][ T5848] usb 5-1: config 0 descriptor??
[ 1501.839812][    T9] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[ 1501.847666][ T5848] gspca_main: spca1528-2.14.0 probing 04fc:1528
[ 1501.849431][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1501.864233][    T9] usb 1-1: Product: syz
[ 1501.868873][    T9] usb 1-1: Manufacturer: syz
[ 1501.873732][    T9] usb 1-1: SerialNumber: syz
[ 1501.992552][    T9] usb 1-1: config 0 descriptor??
[ 1502.212742][T17308] loop0: detected capacity change from 0 to 16
[ 1502.235668][T17310] XFS (loop3): Ending clean mount
[ 1502.371817][T17308] erofs (device loop0): mounted with root inode @ nid 36.
[ 1502.422527][T14672] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1502.472330][T17308] erofs (device loop0): bogus lookback distance 1388 @ lcn 42 of nid 36
[ 1502.499142][T17308] erofs (device loop0): failed to decompress -57 in[61, 4035] out[1851]
[ 1502.508201][T17308] erofs (device loop0): read error -117 @ 43 of nid 36
[ 1502.712537][    T9] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1503.485917][ T5848] gspca_spca1528: reg_w err -110
[ 1503.491680][ T5848] spca1528 5-1:0.1: probe with driver spca1528 failed with error -110
[ 1504.227422][ T5848] usb 5-1: USB disconnect, device number 17
[ 1504.330866][T17328] loop5: detected capacity change from 0 to 32768
[ 1504.347223][    T9] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1504.383090][    T9] usb 1-1: USB disconnect, device number 35
[ 1504.599376][T17328] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1504.599529][T17328]   allowing incompatible features above 0.0: (unknown version)
[ 1504.599619][T17328]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1504.647428][T17328] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[ 1504.656025][T17328] bcachefs (loop5): initializing new filesystem
[ 1504.672891][T17328] bcachefs (loop5): going read-write
[ 1504.706885][T17328] bcachefs (loop5): marking superblocks
[ 1504.758302][T17328] bcachefs (loop5): initializing freespace
[ 1504.784049][T17328] bcachefs (loop5): done initializing freespace
[ 1504.803009][T17328] bcachefs (loop5): reading snapshots table
[ 1504.809448][T17328] bcachefs (loop5): reading snapshots done
[ 1505.041037][T17328] bcachefs (loop5): done starting filesystem
[ 1505.248484][T11835] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[ 1505.452215][T17353] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3800'.
[ 1505.729694][T11835] usb 5-1: device not accepting address 18, error -71
[ 1506.011366][ T6060] udevd[6060]: failed to send result of seq 29585 to main daemon: Connection refused
[ 1506.211255][T17355] loop0: detected capacity change from 0 to 4096
[ 1506.420895][T11305] bcachefs (loop5): shutting down
[ 1506.426280][T11305] bcachefs (loop5): going read-only
[ 1506.431850][T11305] bcachefs (loop5): finished waiting for writes to stop
[ 1506.492514][T17360] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1506.581812][T11305] bcachefs (loop5): flushing journal and stopping allocators, journal seq 4
[ 1506.840753][T11305] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 5
[ 1506.860746][T11305] bcachefs (loop5): clean shutdown complete, journal seq 6
[ 1506.890831][T11305] bcachefs (loop5): marking filesystem clean
[ 1507.092847][T11305] bcachefs (loop5): shutdown complete
[ 1507.308957][ T5848] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 1507.478623][T11714] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1507.495856][ T5848] usb 1-1: Using ep0 maxpacket: 16
[ 1507.528199][ T5848] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1507.536502][ T5848] usb 1-1: config 0 has no interface number 0
[ 1507.580615][ T5848] usb 1-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1507.590186][ T5848] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1507.598604][ T5848] usb 1-1: Product: syz
[ 1507.603008][ T5848] usb 1-1: Manufacturer: syz
[ 1507.608116][ T5848] usb 1-1: SerialNumber: syz
[ 1507.649399][ T5848] usb 1-1: config 0 descriptor??
[ 1507.675426][ T5848] gspca_main: spca1528-2.14.0 probing 04fc:1528
[ 1507.754147][T11714] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1507.765321][T11714] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1507.775344][T11714] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1507.871655][T11714] usb 3-1: config 0 descriptor??
[ 1507.908584][T11714] pwc: Askey VC010 type 2 USB webcam detected.
[ 1508.389596][T11714] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1508.431687][T11714] pwc: recv_control_msg error -32 req 02 val 2700
[ 1508.447151][T11714] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1508.462718][T11714] pwc: recv_control_msg error -32 req 04 val 1000
[ 1508.484119][T11714] pwc: recv_control_msg error -32 req 04 val 1300
[ 1508.705174][T11714] pwc: recv_control_msg error -71 req 02 val 2000
[ 1508.759371][T11714] pwc: recv_control_msg error -71 req 02 val 2100
[ 1508.789827][T11714] pwc: recv_control_msg error -71 req 04 val 1500
[ 1508.818553][T11714] pwc: recv_control_msg error -71 req 02 val 2500
[ 1508.848709][T11714] pwc: recv_control_msg error -71 req 02 val 2400
[ 1508.889608][T11714] pwc: recv_control_msg error -71 req 02 val 2600
[ 1508.929454][T11714] pwc: recv_control_msg error -71 req 02 val 2900
[ 1508.962748][T11714] pwc: recv_control_msg error -71 req 02 val 2800
[ 1509.048651][T11714] pwc: recv_control_msg error -71 req 04 val 1100
[ 1509.106700][T11714] pwc: recv_control_msg error -71 req 04 val 1200
[ 1509.229605][T11714] pwc: Registered as video103.
[ 1509.238414][T11714] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input71
[ 1509.288788][ T5848] gspca_spca1528: reg_w err -110
[ 1509.294446][ T5848] spca1528 1-1:0.1: probe with driver spca1528 failed with error -110
[ 1509.490443][T11714] usb 3-1: USB disconnect, device number 18
[ 1509.572536][T17384] loop4: detected capacity change from 0 to 32768
[ 1509.597188][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1509.604738][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1509.688892][T17384] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1509.959843][    T9] usb 1-1: USB disconnect, device number 36
[ 1510.102226][T17402] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3817'.
[ 1510.267772][T17384] XFS (loop4): Ending clean mount
[ 1510.282789][T17384] XFS (loop4): Quotacheck needed: Please wait.
[ 1510.323397][T17384] XFS (loop4): Quotacheck: Done.
[ 1510.503155][T15341] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1510.779030][    T9] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[ 1510.981670][    T9] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1510.990235][    T9] usb 3-1: config 0 has no interface number 0
[ 1511.052638][    T9] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1511.062329][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1511.070698][    T9] usb 3-1: Product: syz
[ 1511.075091][    T9] usb 3-1: Manufacturer: syz
[ 1511.080116][    T9] usb 3-1: SerialNumber: syz
[ 1511.129744][    T9] usb 3-1: config 0 descriptor??
[ 1511.351380][    T9] usb 3-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 1511.369798][    T9] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1511.381369][    T9] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[ 1511.390199][    T9] usb 3-1: media controller created
[ 1511.491462][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1511.581828][T17406] FAULT_INJECTION: forcing a failure.
[ 1511.581828][T17406] name failslab, interval 1, probability 0, space 0, times 0
[ 1511.594977][T17406] CPU: 1 UID: 0 PID: 17406 Comm: syz.2.3819 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1511.595115][T17406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1511.595195][T17406] Call Trace:
[ 1511.595244][T17406]  <TASK>
[ 1511.595297][T17406]  __dump_stack+0x26/0x30
[ 1511.595449][T17406]  dump_stack_lvl+0x1df/0x270
[ 1511.595604][T17406]  dump_stack+0x1e/0x25
[ 1511.595741][T17406]  should_fail_ex+0x7dc/0x8a0
[ 1511.595907][T17406]  should_failslab+0x15b/0x200
[ 1511.596091][T17406]  __kmalloc_noprof+0x182/0x1310
[ 1511.596222][T17406]  ? tomoyo_file_ioctl+0x3d/0x50
[ 1511.596383][T17406]  ? tomoyo_realpath_from_path+0xeb/0x9f0
[ 1511.596541][T17406]  ? __msan_warning+0x1b/0x30
[ 1511.596685][T17406]  ? filter_irq_stacks+0x13f/0x190
[ 1511.596809][T17406]  ? kmsan_get_metadata+0xfb/0x160
[ 1511.596988][T17406]  tomoyo_realpath_from_path+0xeb/0x9f0
[ 1511.597147][T17406]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1511.597329][T17406]  ? __srcu_read_lock+0x5e/0xd0
[ 1511.597486][T17406]  tomoyo_path_number_perm+0x1d0/0x7d0
[ 1511.597623][T17406]  ? stack_depot_save_flags+0x35/0x7b0
[ 1511.597784][T17406]  ? kmsan_get_metadata+0xfb/0x160
[ 1511.597951][T17406]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1511.598160][T17406]  tomoyo_file_ioctl+0x3d/0x50
[ 1511.598326][T17406]  security_file_ioctl+0x141/0x590
[ 1511.598514][T17406]  __se_sys_ioctl+0xbb/0x400
[ 1511.598688][T17406]  __x64_sys_ioctl+0x97/0xe0
[ 1511.598853][T17406]  x64_sys_call+0x1ebe/0x3db0
[ 1511.599025][T17406]  do_syscall_64+0xd9/0x210
[ 1511.599156][T17406]  ? irqentry_exit+0x16/0x60
[ 1511.599334][T17406]  ? clear_bhb_loop+0x40/0x90
[ 1511.599479][T17406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1511.599619][T17406] RIP: 0033:0x7fcae678e929
[ 1511.599722][T17406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1511.599837][T17406] RSP: 002b:00007fcae7522038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1511.599971][T17406] RAX: ffffffffffffffda RBX: 00007fcae69b5fa0 RCX: 00007fcae678e929
[ 1511.600073][T17406] RDX: 0000200000000200 RSI: 0000000000000707 RDI: 0000000000000004
[ 1511.600175][T17406] RBP: 00007fcae7522090 R08: 0000000000000000 R09: 0000000000000000
[ 1511.600264][T17406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1511.600354][T17406] R13: 0000000000000000 R14: 00007fcae69b5fa0 R15: 00007fff1a33ad28
[ 1511.600478][T17406]  </TASK>
[ 1511.842840][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1511.850537][T17406] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1511.903107][    T9] i2c i2c-1: ec100: i2c rd failed=-32 reg=33
[ 1512.418448][T11714] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 1512.669691][T11714] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1512.681198][T11714] usb 1-1: config 0 has no interfaces?
[ 1512.686958][T11714] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1512.696492][T11714] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1512.809209][T11714] usb 1-1: config 0 descriptor??
[ 1513.040615][    T9] usb 3-1: USB disconnect, device number 19
[ 1513.177601][T11835] usb 1-1: USB disconnect, device number 37
[ 1513.190750][T17428] FAULT_INJECTION: forcing a failure.
[ 1513.190750][T17428] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1513.204507][T17428] CPU: 0 UID: 0 PID: 17428 Comm: syz.4.3826 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1513.204657][T17428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1513.204737][T17428] Call Trace:
[ 1513.204791][T17428]  <TASK>
[ 1513.204842][T17428]  __dump_stack+0x26/0x30
[ 1513.205003][T17428]  dump_stack_lvl+0x1df/0x270
[ 1513.205180][T17428]  dump_stack+0x1e/0x25
[ 1513.205323][T17428]  should_fail_ex+0x7dc/0x8a0
[ 1513.205499][T17428]  should_fail+0x2a/0x40
[ 1513.205640][T17428]  should_fail_usercopy+0x2e/0x40
[ 1513.205802][T17428]  _copy_from_user+0x33/0x100
[ 1513.205953][T17428]  ___sys_sendmsg+0x11b/0x3b0
[ 1513.206093][T17428]  ? kmsan_get_metadata+0xfb/0x160
[ 1513.206279][T17428]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1513.206469][T17428]  ? __rcu_read_unlock+0x6d/0xd0
[ 1513.206608][T17428]  ? __fget_files+0x3b4/0x4a0
[ 1513.206733][T17428]  ? __fget_files+0x3b9/0x4a0
[ 1513.206865][T17428]  ? kmsan_get_metadata+0xfb/0x160
[ 1513.207040][T17428]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1513.207234][T17428]  __sys_sendmmsg+0x2d9/0x7c0
[ 1513.207373][T17428]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1513.207548][T17428]  ? vfs_write+0x1359/0x1580
[ 1513.207719][T17428]  ? kmsan_get_metadata+0xfb/0x160
[ 1513.207895][T17428]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1513.208062][T17428]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1513.208261][T17428]  __x64_sys_sendmmsg+0xc6/0x150
[ 1513.208413][T17428]  x64_sys_call+0x3ce7/0x3db0
[ 1513.208585][T17428]  do_syscall_64+0xd9/0x210
[ 1513.208716][T17428]  ? irqentry_exit+0x16/0x60
[ 1513.208883][T17428]  ? clear_bhb_loop+0x40/0x90
[ 1513.209030][T17428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1513.209177][T17428] RIP: 0033:0x7f023878e929
[ 1513.209278][T17428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1513.209398][T17428] RSP: 002b:00007f0239550038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1513.209529][T17428] RAX: ffffffffffffffda RBX: 00007f02389b5fa0 RCX: 00007f023878e929
[ 1513.209630][T17428] RDX: 0000000000000001 RSI: 0000200000004300 RDI: 0000000000000003
[ 1513.209718][T17428] RBP: 00007f0239550090 R08: 0000000000000000 R09: 0000000000000000
[ 1513.209807][T17428] R10: 0000000020040855 R11: 0000000000000246 R12: 0000000000000001
[ 1513.209894][T17428] R13: 0000000000000000 R14: 00007f02389b5fa0 R15: 00007ffdb9b43678
[ 1513.210016][T17428]  </TASK>
[ 1513.812065][T17426] loop5: detected capacity change from 0 to 32768
[ 1513.902442][T17426] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1514.066871][T17438] loop3: detected capacity change from 0 to 256
[ 1514.095383][T17438] exfat: Deprecated parameter 'utf8'
[ 1514.107706][T17426] XFS (loop5): Ending clean mount
[ 1514.218619][T17438] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xdd33351c, utbl_chksum : 0xe619d30d)
[ 1514.315414][T11305] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1514.569179][T11835] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1514.761088][T11835] usb 5-1: Using ep0 maxpacket: 16
[ 1514.791420][T11835] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1514.800013][T11835] usb 5-1: config 0 has no interface number 0
[ 1514.848496][T11835] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1514.858126][T11835] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1514.866412][T11835] usb 5-1: Product: syz
[ 1514.871094][T11835] usb 5-1: Manufacturer: syz
[ 1514.875912][T11835] usb 5-1: SerialNumber: syz
[ 1514.907370][T11835] usb 5-1: config 0 descriptor??
[ 1514.923457][T11835] gspca_main: spca1528-2.14.0 probing 04fc:1528
[ 1515.208596][    T9] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 1515.410174][    T9] usb 4-1: Using ep0 maxpacket: 16
[ 1515.452424][    T9] usb 4-1: config 0 has no interfaces?
[ 1515.458519][    T9] usb 4-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88
[ 1515.468346][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1515.529864][    T9] usb 4-1: config 0 descriptor??
[ 1515.608772][T17450] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3833'.
[ 1515.753507][T11714] usb 4-1: USB disconnect, device number 53
[ 1516.031559][T17452] loop2: detected capacity change from 0 to 4096
[ 1516.485436][T11835] gspca_spca1528: reg_w err -110
[ 1516.491086][T11835] spca1528 5-1:0.1: probe with driver spca1528 failed with error -110
[ 1516.956749][ T5848] usb 5-1: USB disconnect, device number 20
[ 1517.334628][T17466] FAULT_INJECTION: forcing a failure.
[ 1517.334628][T17466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1517.348811][T17466] CPU: 0 UID: 0 PID: 17466 Comm: syz.0.3838 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1517.348908][T17466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1517.348959][T17466] Call Trace:
[ 1517.348997][T17466]  <TASK>
[ 1517.349030][T17466]  __dump_stack+0x26/0x30
[ 1517.349136][T17466]  dump_stack_lvl+0x1df/0x270
[ 1517.349250][T17466]  dump_stack+0x1e/0x25
[ 1517.349342][T17466]  should_fail_ex+0x7dc/0x8a0
[ 1517.349453][T17466]  should_fail+0x2a/0x40
[ 1517.349542][T17466]  should_fail_usercopy+0x2e/0x40
[ 1517.349641][T17466]  _copy_from_user+0x33/0x100
[ 1517.349736][T17466]  __sys_bpf+0x2c8/0xe60
[ 1517.349850][T17466]  __x64_sys_bpf+0xa4/0xf0
[ 1517.349944][T17466]  x64_sys_call+0x2c3b/0x3db0
[ 1517.350058][T17466]  do_syscall_64+0xd9/0x210
[ 1517.350146][T17466]  ? irqentry_exit+0x16/0x60
[ 1517.350254][T17466]  ? clear_bhb_loop+0x40/0x90
[ 1517.350345][T17466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1517.350434][T17466] RIP: 0033:0x7f211a58e929
[ 1517.350500][T17466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1517.350573][T17466] RSP: 002b:00007f211b362038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1517.350654][T17466] RAX: ffffffffffffffda RBX: 00007f211a7b5fa0 RCX: 00007f211a58e929
[ 1517.350715][T17466] RDX: 0000000000000050 RSI: 00002000000000c0 RDI: 0000000000000000
[ 1517.350770][T17466] RBP: 00007f211b362090 R08: 0000000000000000 R09: 0000000000000000
[ 1517.350824][T17466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1517.350876][T17466] R13: 0000000000000000 R14: 00007f211a7b5fa0 R15: 00007ffc11df2318
[ 1517.350954][T17466]  </TASK>
[ 1518.019275][ T5848] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[ 1518.212023][ T5848] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1518.223434][ T5848] usb 3-1: config 0 has no interfaces?
[ 1518.229597][ T5848] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1518.239896][ T5848] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1518.351272][ T5848] usb 3-1: config 0 descriptor??
[ 1518.846197][ T5848] usb 3-1: USB disconnect, device number 20
[ 1519.691140][T17497] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3850'.
[ 1520.531541][ T5848] usb 6-1: new high-speed USB device number 86 using dummy_hcd
[ 1520.710377][ T5848] usb 6-1: Using ep0 maxpacket: 32
[ 1520.828577][ T5848] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1520.842024][ T5848] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1520.853717][ T5848] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1520.865336][ T5848] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1520.875176][ T5848] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1521.025240][ T5848] usb 6-1: config 0 descriptor??
[ 1521.033515][T17509] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1521.075955][T17522] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3861'.
[ 1521.121337][ T5848] hub 6-1:0.0: USB hub found
[ 1521.491177][ T5848] hub 6-1:0.0: 2 ports detected
[ 1521.512054][T11835] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1521.732318][T17509] binder: binder_mmap: 17506 200000001000-20000000b000 bad vm_flags failed -1
[ 1521.749986][T11835] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1521.754895][ T5848] hub 6-1:0.0: hub_hub_status failed (err = -71)
[ 1521.760725][T11835] usb 5-1: config 0 has no interfaces?
[ 1521.766920][ T5848] hub 6-1:0.0: config failed, can't get hub status (err -71)
[ 1521.772627][T11835] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1521.790253][T11835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1521.919891][ T5848] usbhid 6-1:0.0: can't add hid device: -71
[ 1521.926608][ T5848] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1522.020456][T11835] usb 5-1: config 0 descriptor??
[ 1522.030039][ T5848] usb 6-1: USB disconnect, device number 86
[ 1522.297010][T11835] usb 5-1: USB disconnect, device number 21
[ 1522.637503][T17542] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3870'.
[ 1522.840259][T17540] loop3: detected capacity change from 0 to 4096
[ 1523.028763][T17540] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[ 1524.106464][T17563] FAULT_INJECTION: forcing a failure.
[ 1524.106464][T17563] name failslab, interval 1, probability 0, space 0, times 0
[ 1524.120066][T17563] CPU: 0 UID: 0 PID: 17563 Comm: syz.3.3879 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1524.120225][T17563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1524.120308][T17563] Call Trace:
[ 1524.120360][T17563]  <TASK>
[ 1524.120411][T17563]  __dump_stack+0x26/0x30
[ 1524.120575][T17563]  dump_stack_lvl+0x1df/0x270
[ 1524.120744][T17563]  dump_stack+0x1e/0x25
[ 1524.120890][T17563]  should_fail_ex+0x7dc/0x8a0
[ 1524.121063][T17563]  should_failslab+0x15b/0x200
[ 1524.121257][T17563]  __kmalloc_noprof+0x182/0x1310
[ 1524.121389][T17563]  ? tomoyo_file_ioctl+0x3d/0x50
[ 1524.121554][T17563]  ? tomoyo_realpath_from_path+0xeb/0x9f0
[ 1524.121715][T17563]  ? __msan_warning+0x1b/0x30
[ 1524.121867][T17563]  ? filter_irq_stacks+0x13f/0x190
[ 1524.121997][T17563]  ? kmsan_get_metadata+0xfb/0x160
[ 1524.122188][T17563]  tomoyo_realpath_from_path+0xeb/0x9f0
[ 1524.122363][T17563]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1524.122550][T17563]  ? __srcu_read_lock+0x5e/0xd0
[ 1524.122715][T17563]  tomoyo_path_number_perm+0x1d0/0x7d0
[ 1524.122854][T17563]  ? stack_depot_save_flags+0x35/0x7b0
[ 1524.123022][T17563]  ? kmsan_get_metadata+0xfb/0x160
[ 1524.123202][T17563]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1524.123426][T17563]  tomoyo_file_ioctl+0x3d/0x50
[ 1524.123595][T17563]  security_file_ioctl+0x141/0x590
[ 1524.123788][T17563]  __se_sys_ioctl+0xbb/0x400
[ 1524.123956][T17563]  __x64_sys_ioctl+0x97/0xe0
[ 1524.124125][T17563]  x64_sys_call+0x1ebe/0x3db0
[ 1524.124299][T17563]  do_syscall_64+0xd9/0x210
[ 1524.124433][T17563]  ? irqentry_exit+0x16/0x60
[ 1524.124603][T17563]  ? clear_bhb_loop+0x40/0x90
[ 1524.124747][T17563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1524.124888][T17563] RIP: 0033:0x7fb70dd8e929
[ 1524.124990][T17563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1524.125115][T17563] RSP: 002b:00007fb70ecbf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1524.125251][T17563] RAX: ffffffffffffffda RBX: 00007fb70dfb5fa0 RCX: 00007fb70dd8e929
[ 1524.125351][T17563] RDX: 00002000000002c0 RSI: 0000000000004c0a RDI: 0000000000000003
[ 1524.125439][T17563] RBP: 00007fb70ecbf090 R08: 0000000000000000 R09: 0000000000000000
[ 1524.125524][T17563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1524.125605][T17563] R13: 0000000000000000 R14: 00007fb70dfb5fa0 R15: 00007ffc051356f8
[ 1524.125729][T17563]  </TASK>
[ 1524.125782][T17563] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1524.381095][T17563] loop2: detected capacity change from 0 to 7
[ 1524.399933][T17564] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3877'.
[ 1524.648612][T17558] loop4: detected capacity change from 0 to 32768
[ 1524.673430][T17563]  loop2:
[ 1524.676643][T17563] loop2: partition table partially beyond EOD, truncated
[ 1524.785936][T17558] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1525.368564][T17558] XFS (loop4): Ending clean mount
[ 1525.863797][T15341] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1526.550661][T17596] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3890'.
[ 1526.562803][T17593] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3888'.
[ 1526.634143][T17594] FAULT_INJECTION: forcing a failure.
[ 1526.634143][T17594] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1526.648253][T17594] CPU: 1 UID: 0 PID: 17594 Comm: syz.0.3889 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1526.648403][T17594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1526.648485][T17594] Call Trace:
[ 1526.648535][T17594]  <TASK>
[ 1526.648589][T17594]  __dump_stack+0x26/0x30
[ 1526.648750][T17594]  dump_stack_lvl+0x1df/0x270
[ 1526.648892][T17594]  dump_stack+0x1e/0x25
[ 1526.649023][T17594]  should_fail_ex+0x7dc/0x8a0
[ 1526.649196][T17594]  should_fail+0x2a/0x40
[ 1526.649331][T17594]  should_fail_usercopy+0x2e/0x40
[ 1526.649482][T17594]  _copy_to_user+0x35/0x120
[ 1526.649637][T17594]  simple_read_from_buffer+0x1b2/0x340
[ 1526.649838][T17594]  proc_fail_nth_read+0x1d2/0x2c0
[ 1526.650005][T17594]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1526.650152][T17594]  vfs_read+0x279/0xf00
[ 1526.650314][T17594]  ? stack_depot_save_flags+0x35/0x7b0
[ 1526.650462][T17594]  ? kmsan_get_metadata+0xfb/0x160
[ 1526.650641][T17594]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1526.650835][T17594]  __x64_sys_read+0x1fb/0x4d0
[ 1526.651040][T17594]  x64_sys_call+0x39db/0x3db0
[ 1526.651203][T17594]  do_syscall_64+0xd9/0x210
[ 1526.651331][T17594]  ? irqentry_exit+0x16/0x60
[ 1526.651500][T17594]  ? clear_bhb_loop+0x40/0x90
[ 1526.651647][T17594]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1526.651790][T17594] RIP: 0033:0x7f211a58d33c
[ 1526.651891][T17594] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1526.652013][T17594] RSP: 002b:00007f211b362030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1526.652143][T17594] RAX: ffffffffffffffda RBX: 00007f211a7b5fa0 RCX: 00007f211a58d33c
[ 1526.652238][T17594] RDX: 000000000000000f RSI: 00007f211b3620a0 RDI: 0000000000000006
[ 1526.652322][T17594] RBP: 00007f211b362090 R08: 0000000000000000 R09: 0000000000000000
[ 1526.652410][T17594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1526.652498][T17594] R13: 0000000000000000 R14: 00007f211a7b5fa0 R15: 00007ffc11df2318
[ 1526.652621][T17594]  </TASK>
[ 1527.229875][    T9] usb 6-1: new high-speed USB device number 87 using dummy_hcd
[ 1527.356616][T17607] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3892'.
[ 1527.408404][    T9] usb 6-1: Using ep0 maxpacket: 8
[ 1527.444104][    T9] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[ 1527.454070][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1527.462620][    T9] usb 6-1: Product: syz
[ 1527.467012][    T9] usb 6-1: Manufacturer: syz
[ 1527.472040][    T9] usb 6-1: SerialNumber: syz
[ 1527.485457][    T9] usb 6-1: config 0 descriptor??
[ 1527.499606][ T5848] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[ 1527.668960][ T5848] usb 4-1: Using ep0 maxpacket: 16
[ 1527.685684][ T5848] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[ 1527.695686][ T5848] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1527.732706][T17593] loop5: detected capacity change from 0 to 16
[ 1527.741424][ T5848] usb 4-1: config 0 descriptor??
[ 1527.768633][ T5848] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[ 1527.783055][T17593] erofs (device loop5): mounted with root inode @ nid 36.
[ 1527.808713][T17593] erofs (device loop5): bogus lookback distance 1388 @ lcn 42 of nid 36
[ 1527.848866][T17593] erofs (device loop5): failed to decompress -57 in[61, 4035] out[1851]
[ 1527.858217][T17593] erofs (device loop5): read error -117 @ 43 of nid 36
[ 1527.989238][ T5848] usb 4-1: Detected FT232A
[ 1528.006952][ T5848] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1528.035205][ T5848] usb 4-1: USB disconnect, device number 54
[ 1528.072296][ T5848] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1528.083592][ T5848] ftdi_sio 4-1:0.0: device disconnected
[ 1528.100685][    T9] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1528.210727][    T9] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1528.250482][    T9] usb 6-1: USB disconnect, device number 87
[ 1529.184813][T17613] loop2: detected capacity change from 0 to 32768
[ 1529.237703][T17613] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1529.426156][T17613] XFS (loop2): Ending clean mount
[ 1529.432370][    T9] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[ 1529.593674][T17629] FAULT_INJECTION: forcing a failure.
[ 1529.593674][T17629] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1529.607810][T17629] CPU: 0 UID: 0 PID: 17629 Comm: syz.5.3898 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1529.607963][T17629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1529.608043][T17629] Call Trace:
[ 1529.608094][T17629]  <TASK>
[ 1529.608147][T17629]  __dump_stack+0x26/0x30
[ 1529.608309][T17629]  dump_stack_lvl+0x1df/0x270
[ 1529.608474][T17629]  dump_stack+0x1e/0x25
[ 1529.608622][T17629]  should_fail_ex+0x7dc/0x8a0
[ 1529.608796][T17629]  should_fail+0x2a/0x40
[ 1529.608948][T17629]  should_fail_usercopy+0x2e/0x40
[ 1529.609108][T17629]  _copy_to_iter+0x1d9/0x33f0
[ 1529.609236][T17629]  ? kmsan_get_metadata+0xfb/0x160
[ 1529.609417][T17629]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1529.609590][T17629]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1529.609755][T17629]  ? kmsan_get_metadata+0xfb/0x160
[ 1529.609933][T17629]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1529.610110][T17629]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1529.610291][T17629]  eventfd_read+0x670/0xb90
[ 1529.610421][T17629]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1529.610633][T17629]  vfs_read+0x85a/0xf00
[ 1529.610814][T17629]  ? __pfx_eventfd_read+0x10/0x10
[ 1529.610966][T17629]  __x64_sys_read+0x1fb/0x4d0
[ 1529.611157][T17629]  x64_sys_call+0x39db/0x3db0
[ 1529.611320][T17629]  do_syscall_64+0xd9/0x210
[ 1529.611448][T17629]  ? irqentry_exit+0x16/0x60
[ 1529.611605][T17629]  ? clear_bhb_loop+0x40/0x90
[ 1529.611742][T17629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1529.611867][T17629] RIP: 0033:0x7f80d5d8e929
[ 1529.611965][T17629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1529.612071][T17629] RSP: 002b:00007f80d6c7c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1529.612183][T17629] RAX: ffffffffffffffda RBX: 00007f80d5fb5fa0 RCX: 00007f80d5d8e929
[ 1529.612272][T17629] RDX: 0000000000000008 RSI: 0000200000000240 RDI: 0000000000000003
[ 1529.612349][T17629] RBP: 00007f80d6c7c090 R08: 0000000000000000 R09: 0000000000000000
[ 1529.612426][T17629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1529.612498][T17629] R13: 0000000000000000 R14: 00007f80d5fb5fa0 R15: 00007fff9dff9e68
[ 1529.612604][T17629]  </TASK>
[ 1529.699735][T14100] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1529.789185][    T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1529.860373][    T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1529.906906][    T9] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1529.916876][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1529.925317][    T9] usb 4-1: SerialNumber: syz
[ 1530.167330][    T9] usb 4-1: 0:2 : does not exist
[ 1530.238496][    T9] usb 4-1: USB disconnect, device number 55
[ 1530.330659][T17637] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3901'.
[ 1530.751634][T17644] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3904'.
[ 1531.368990][T17650] fuse: Invalid rootmode
[ 1531.711134][T17648] loop3: detected capacity change from 0 to 32768
[ 1531.743365][T17653] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3907'.
[ 1531.897790][T17648] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1531.899482][T17648]   allowing incompatible features above 0.0: (unknown version)
[ 1531.899577][T17648]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1531.945800][T17648] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[ 1531.954538][T17648] bcachefs (loop3): initializing new filesystem
[ 1531.971938][T17648] bcachefs (loop3): going read-write
[ 1532.059710][T17648] bcachefs (loop3): marking superblocks
[ 1532.107258][T17648] bcachefs (loop3): initializing freespace
[ 1532.133161][T17648] bcachefs (loop3): done initializing freespace
[ 1532.152558][T17648] bcachefs (loop3): reading snapshots table
[ 1532.159082][T17648] bcachefs (loop3): reading snapshots done
[ 1532.306498][T17648] bcachefs (loop3): done starting filesystem
[ 1532.359306][ T5848] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[ 1533.273053][T17668] loop5: detected capacity change from 0 to 32768
[ 1533.318324][ T5848] usb 3-1: Using ep0 maxpacket: 8
[ 1533.327314][T17668] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1533.466402][ T5848] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[ 1533.476825][ T5848] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1533.485310][ T5848] usb 3-1: Product: syz
[ 1533.509733][ T5848] usb 3-1: Manufacturer: syz
[ 1533.514610][ T5848] usb 3-1: SerialNumber: syz
[ 1533.525774][ T5848] usb 3-1: config 0 descriptor??
[ 1533.557489][T14672] bcachefs (loop3): shutting down
[ 1533.563268][T14672] bcachefs (loop3): going read-only
[ 1533.569205][T14672] bcachefs (loop3): finished waiting for writes to stop
[ 1533.600013][T14672] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[ 1533.770023][T17653] loop2: detected capacity change from 0 to 16
[ 1533.796494][T14672] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 4
[ 1533.809900][T17653] erofs (device loop2): mounted with root inode @ nid 36.
[ 1533.835190][T14672] bcachefs (loop3): clean shutdown complete, journal seq 5
[ 1533.842134][T17668] XFS (loop5): Ending clean mount
[ 1533.855825][T14672] bcachefs (loop3): marking filesystem clean
[ 1533.870711][T17653] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36
[ 1533.873078][T17668] XFS (loop5): Quotacheck needed: Please wait.
[ 1533.920908][T17653] erofs (device loop2): failed to decompress -57 in[61, 4035] out[1851]
[ 1533.930014][T17653] erofs (device loop2): read error -117 @ 43 of nid 36
[ 1533.958930][T17668] XFS (loop5): Quotacheck: Done.
[ 1533.999873][T17681] FAULT_INJECTION: forcing a failure.
[ 1533.999873][T17681] name failslab, interval 1, probability 0, space 0, times 0
[ 1534.000819][T14672] bcachefs (loop3): shutdown complete
[ 1534.013236][T17681] CPU: 1 UID: 0 PID: 17681 Comm: syz.4.3911 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1534.013392][T17681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1534.013471][T17681] Call Trace:
[ 1534.013524][T17681]  <TASK>
[ 1534.013577][T17681]  __dump_stack+0x26/0x30
[ 1534.013738][T17681]  dump_stack_lvl+0x1df/0x270
[ 1534.013905][T17681]  dump_stack+0x1e/0x25
[ 1534.014046][T17681]  should_fail_ex+0x7dc/0x8a0
[ 1534.014221][T17681]  should_failslab+0x15b/0x200
[ 1534.014413][T17681]  __kmalloc_noprof+0x182/0x1310
[ 1534.014546][T17681]  ? tomoyo_realpath_from_path+0xeb/0x9f0
[ 1534.014712][T17681]  ? tomoyo_path_number_perm+0x91/0x7d0
[ 1534.014845][T17681]  ? filter_irq_stacks+0x49/0x190
[ 1534.014970][T17681]  ? kmsan_get_metadata+0xfb/0x160
[ 1534.015158][T17681]  tomoyo_realpath_from_path+0xeb/0x9f0
[ 1534.015390][T17681]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1534.015596][T17681]  ? __srcu_read_lock+0x5e/0xd0
[ 1534.015765][T17681]  tomoyo_path_number_perm+0x1d0/0x7d0
[ 1534.015907][T17681]  ? stack_depot_save_flags+0x35/0x7b0
[ 1534.016076][T17681]  ? kmsan_get_metadata+0xfb/0x160
[ 1534.016254][T17681]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1534.016498][T17681]  tomoyo_file_ioctl+0x3d/0x50
[ 1534.016668][T17681]  security_file_ioctl+0x141/0x590
[ 1534.016861][T17681]  __se_sys_ioctl+0xbb/0x400
[ 1534.017035][T17681]  __x64_sys_ioctl+0x97/0xe0
[ 1534.017200][T17681]  x64_sys_call+0x1ebe/0x3db0
[ 1534.017415][T17681]  do_syscall_64+0xd9/0x210
[ 1534.017550][T17681]  ? clear_bhb_loop+0x40/0x90
[ 1534.017700][T17681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1534.017844][T17681] RIP: 0033:0x7f023878e929
[ 1534.017948][T17681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1534.018067][T17681] RSP: 002b:00007f0239550038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1534.018218][T17681] RAX: ffffffffffffffda RBX: 00007f02389b5fa0 RCX: 00007f023878e929
[ 1534.018328][T17681] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[ 1534.018402][T17681] RBP: 00007f0239550090 R08: 0000000000000000 R09: 0000000000000000
[ 1534.018485][T17681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1534.018563][T17681] R13: 0000000000000000 R14: 00007f02389b5fa0 R15: 00007ffdb9b43678
[ 1534.018682][T17681]  </TASK>
[ 1534.019499][T17681] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1534.293474][ T5848] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1534.510919][T11305] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1534.663805][T17690] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3914'.
[ 1535.172559][ T5848] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 1535.235942][ T5848] usb 3-1: USB disconnect, device number 21
[ 1535.459598][T11714] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1535.601088][T11714] usb 5-1: device descriptor read/64, error -71
[ 1535.859908][T11714] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1535.938634][ T1693] usb 6-1: new high-speed USB device number 88 using dummy_hcd
[ 1536.025865][T11714] usb 5-1: device descriptor read/64, error -71
[ 1536.127696][ T1693] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1536.138657][ T1693] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1536.157370][T11714] usb usb5-port1: attempt power cycle
[ 1536.178865][T17705] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3920'.
[ 1536.192883][ T1693] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1536.202796][ T1693] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1536.211329][ T1693] usb 6-1: SerialNumber: syz
[ 1536.227199][T17705] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3920'.
[ 1536.444661][ T1693] usb 6-1: 0:2 : does not exist
[ 1536.509510][ T1693] usb 6-1: USB disconnect, device number 88
[ 1536.519158][T11714] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1536.562623][T11714] usb 5-1: device descriptor read/8, error -71
[ 1536.664609][T17710] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3921'.
[ 1536.809112][T11714] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1536.852043][T11714] usb 5-1: device descriptor read/8, error -71
[ 1536.869420][T17712] loop0: detected capacity change from 0 to 4096
[ 1536.906374][T17712] NILFS (loop0): invalid segment: Checksum error in segment payload
[ 1536.915464][T17712] NILFS (loop0): trying rollback from an earlier position
[ 1536.980648][T11714] usb usb5-port1: unable to enumerate USB device
[ 1537.037045][T17712] NILFS (loop0): recovery complete
[ 1537.365391][T17720] fuse: Invalid rootmode
[ 1537.599718][    T9] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[ 1537.664389][T17723] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3927'.
[ 1537.778131][    T9] usb 3-1: Using ep0 maxpacket: 8
[ 1537.804543][    T9] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1537.814294][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1537.823122][    T9] usb 3-1: Product: syz
[ 1537.827519][    T9] usb 3-1: Manufacturer: syz
[ 1537.832477][    T9] usb 3-1: SerialNumber: syz
[ 1537.986304][    T9] usb 3-1: config 0 descriptor??
[ 1538.284855][    T9] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1538.407015][T17725] loop5: detected capacity change from 0 to 32768
[ 1538.477362][T17719] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1538.487615][T17719] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1538.579435][T17725] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1538.579587][T17725]   allowing incompatible features above 0.0: (unknown version)
[ 1538.579673][T17725]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1538.625653][T17725] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[ 1538.634422][T17725] bcachefs (loop5): initializing new filesystem
[ 1538.651636][T17725] bcachefs (loop5): going read-write
[ 1538.708163][T17736] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3931'.
[ 1538.749853][T17736] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3931'.
[ 1538.790949][T17725] bcachefs (loop5): marking superblocks
[ 1538.846235][T17725] bcachefs (loop5): initializing freespace
[ 1538.874557][T17725] bcachefs (loop5): done initializing freespace
[ 1538.893808][T17725] bcachefs (loop5): reading snapshots table
[ 1538.900294][T17725] bcachefs (loop5): reading snapshots done
[ 1539.043425][T17725] bcachefs (loop5): done starting filesystem
[ 1539.289489][T17731] loop0: detected capacity change from 0 to 32768
[ 1539.315959][    T9] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[ 1539.456816][T11305] bcachefs (loop5): shutting down
[ 1539.462342][T11305] bcachefs (loop5): going read-only
[ 1539.468123][T11305] bcachefs (loop5): finished waiting for writes to stop
[ 1539.550988][T11305] bcachefs (loop5): flushing journal and stopping allocators, journal seq 3
[ 1539.783576][T11305] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 3
[ 1539.842546][T11305] bcachefs (loop5): clean shutdown complete, journal seq 4
[ 1539.876017][T11305] bcachefs (loop5): marking filesystem clean
[ 1540.015157][T11305] bcachefs (loop5): shutdown complete
[ 1540.091744][T17743] loop4: detected capacity change from 0 to 32768
[ 1540.110726][T17731] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1540.110877][T17731]   allowing incompatible features above 0.0: (unknown version)
[ 1540.110965][T17731]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1540.159058][T17731] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 1540.167537][T17731] bcachefs (loop0): initializing new filesystem
[ 1540.189135][T17731] bcachefs (loop0): going read-write
[ 1540.208788][T17731] bcachefs (loop0): marking superblocks
[ 1540.256038][T17731] bcachefs (loop0): initializing freespace
[ 1540.282129][T17731] bcachefs (loop0): done initializing freespace
[ 1540.304400][T17731] bcachefs (loop0): reading snapshots table
[ 1540.310899][T17731] bcachefs (loop0): reading snapshots done
[ 1540.388850][T17731] bcachefs (loop0): done starting filesystem
[ 1540.402330][T17743] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1540.462503][T11714] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[ 1540.720138][    T9] usb 3-1: USB disconnect, device number 22
[ 1540.812807][T14999] bcachefs (loop0): shutting down
[ 1540.818822][T14999] bcachefs (loop0): going read-only
[ 1540.824314][T14999] bcachefs (loop0): finished waiting for writes to stop
[ 1540.855217][T17743] XFS (loop4): Ending clean mount
[ 1540.866657][T17743] XFS (loop4): Quotacheck needed: Please wait.
[ 1540.878584][T11714] usb 4-1: device not accepting address 56, error -71
[ 1540.886033][T14999] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[ 1540.953654][T17743] XFS (loop4): Quotacheck: Done.
[ 1541.083143][T15341] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1541.107225][T14999] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[ 1541.130474][T14999] bcachefs (loop0): clean shutdown complete, journal seq 4
[ 1541.149557][T14999] bcachefs (loop0): marking filesystem clean
[ 1541.339910][T14999] bcachefs (loop0): shutdown complete
[ 1541.583813][T17769] fuse: Bad value for 'rootmode'
[ 1541.705215][T17770] loop2: detected capacity change from 0 to 1024
[ 1541.846761][T11434] hfsplus: b-tree write err: -5, ino 4
[ 1541.965784][T17772] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3940'.
[ 1542.792228][T11714] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[ 1542.887246][T17786] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3944'.
[ 1542.925982][T17786] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3944'.
[ 1543.461009][T17790] loop4: detected capacity change from 0 to 2048
[ 1543.615097][T17784] loop2: detected capacity change from 0 to 32768
[ 1543.626128][T11714] usb 4-1: device descriptor read/64, error -71
[ 1543.672569][T17793] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1543.720868][   T30] audit: type=1800 audit(1751550512.344:238): pid=17788 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3945" name="file2" dev="loop4" ino=16 res=0 errno=0
[ 1543.812355][T17788] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[ 1543.827736][T17784] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1543.828133][T17784]   allowing incompatible features above 0.0: (unknown version)
[ 1543.828223][T17784]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1543.874396][T17784] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[ 1543.883108][T17784] bcachefs (loop2): initializing new filesystem
[ 1543.899854][T17784] bcachefs (loop2): going read-write
[ 1543.900019][T17788] Remounting filesystem read-only
[ 1543.947441][T17784] bcachefs (loop2): marking superblocks
[ 1543.964992][T17790] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[ 1543.995003][T17784] bcachefs (loop2): initializing freespace
[ 1544.016000][T17807] NILFS error (device loop4): nilfs_lookup: deleted inode referenced: 12
[ 1544.021222][T17784] bcachefs (loop2): done initializing freespace
[ 1544.043895][T17784] bcachefs (loop2): reading snapshots table
[ 1544.050409][T17784] bcachefs (loop2): reading snapshots done
[ 1544.061838][T11714] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[ 1544.179124][T17784] bcachefs (loop2): done starting filesystem
[ 1544.249736][T11714] usb 4-1: device descriptor read/64, error -71
[ 1544.364437][T11714] usb usb4-port1: attempt power cycle
[ 1544.479061][T14100] bcachefs (loop2): shutting down
[ 1544.490486][T14100] bcachefs (loop2): going read-only
[ 1544.500371][T14100] bcachefs (loop2): finished waiting for writes to stop
[ 1544.520440][T14100] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3
[ 1544.723799][T11714] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 1544.774597][T14100] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[ 1544.785646][T11714] usb 4-1: device descriptor read/8, error -71
[ 1544.845053][T14100] bcachefs (loop2): clean shutdown complete, journal seq 4
[ 1544.873650][T14100] bcachefs (loop2): marking filesystem clean
[ 1545.138994][T14100] bcachefs (loop2): shutdown complete
[ 1545.148390][T11714] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[ 1545.197265][T11714] usb 4-1: device descriptor read/8, error -71
[ 1545.224172][T17813] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3936'.
[ 1545.257607][T17813] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1545.269196][T17813] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1545.278357][T17813] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1545.287385][T17813] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1545.310830][T11714] usb usb4-port1: unable to enumerate USB device
[ 1545.339597][T17813] vxlan0: entered promiscuous mode
[ 1545.538491][T17819] fuse: Bad value for 'rootmode'
[ 1546.279152][T17832] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3955'.
[ 1546.929277][    T9] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[ 1547.125803][    T9] usb 5-1: config 0 has an invalid interface number: 9 but max is 0
[ 1547.134639][    T9] usb 5-1: config 0 has no interface number 0
[ 1547.141105][    T9] usb 5-1: config 0 interface 9 has no altsetting 0
[ 1547.148161][    T9] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0093, bcdDevice=40.8d
[ 1547.157485][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1547.274786][    T9] usb 5-1: config 0 descriptor??
[ 1547.463582][T17838] loop3: detected capacity change from 0 to 32768
[ 1547.502832][    T9] usb 5-1: string descriptor 0 read error: -71
[ 1547.557321][    T9] usb 5-1: USB disconnect, device number 26
[ 1547.604669][T17838] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1547.604823][T17838]   allowing incompatible features above 0.0: (unknown version)
[ 1547.604911][T17838]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1547.664468][T17838] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[ 1547.673157][T17838] bcachefs (loop3): initializing new filesystem
[ 1547.690220][T17838] bcachefs (loop3): going read-write
[ 1547.740008][T17838] bcachefs (loop3): marking superblocks
[ 1547.786956][T17838] bcachefs (loop3): initializing freespace
[ 1547.812590][T17838] bcachefs (loop3): done initializing freespace
[ 1547.831076][T17838] bcachefs (loop3): reading snapshots table
[ 1547.837433][T17838] bcachefs (loop3): reading snapshots done
[ 1547.934676][T17838] bcachefs (loop3): done starting filesystem
[ 1548.234572][T14672] bcachefs (loop3): shutting down
[ 1548.240922][T14672] bcachefs (loop3): going read-only
[ 1548.247003][T14672] bcachefs (loop3): finished waiting for writes to stop
[ 1548.281694][T17859] fuse: Bad value for 'rootmode'
[ 1548.299483][T14672] bcachefs (loop3): flushing journal and stopping allocators, journal seq 2
[ 1548.348314][    T9] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 1548.446293][T14672] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3
[ 1548.476229][T14672] bcachefs (loop3): clean shutdown complete, journal seq 4
[ 1548.491502][T17861] overlayfs: missing 'lowerdir'
[ 1548.506703][T14672] bcachefs (loop3): marking filesystem clean
[ 1548.520161][    T9] usb 1-1: device descriptor read/64, error -71
[ 1548.652331][T14672] bcachefs (loop3): shutdown complete
[ 1548.778498][    T9] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 1548.949195][    T9] usb 1-1: device descriptor read/64, error -71
[ 1549.064845][    T9] usb usb1-port1: attempt power cycle
[ 1549.188481][T11835] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[ 1549.285841][T17873] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3969'.
[ 1549.360223][T11835] usb 5-1: Using ep0 maxpacket: 16
[ 1549.378735][T11835] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1549.387187][T11835] usb 5-1: config 0 has no interface number 0
[ 1549.413633][T11835] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1549.423413][T11835] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1549.431868][T11835] usb 5-1: Product: syz
[ 1549.436291][T11835] usb 5-1: Manufacturer: syz
[ 1549.441411][T11835] usb 5-1: SerialNumber: syz
[ 1549.449272][    T9] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 1549.470638][T11835] usb 5-1: config 0 descriptor??
[ 1549.487190][T11835] gspca_main: spca1528-2.14.0 probing 04fc:1528
[ 1549.508578][    T9] usb 1-1: device descriptor read/8, error -71
[ 1549.681332][T17876] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3970'.
[ 1549.754963][    T9] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 1549.790851][    T9] usb 1-1: device descriptor read/8, error -71
[ 1549.902978][    T9] usb usb1-port1: unable to enumerate USB device
[ 1550.291009][T11714] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[ 1550.448795][T11714] usb 3-1: Using ep0 maxpacket: 8
[ 1550.486933][T11714] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1550.497209][T11714] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1550.505735][T11714] usb 3-1: Product: syz
[ 1550.510327][T11714] usb 3-1: Manufacturer: syz
[ 1550.515162][T11714] usb 3-1: SerialNumber: syz
[ 1550.602606][T11714] usb 3-1: config 0 descriptor??
[ 1550.864750][T11714] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1551.119111][T11835] gspca_spca1528: reg_w err -110
[ 1551.124539][T11835] spca1528 5-1:0.1: probe with driver spca1528 failed with error -110
[ 1551.405591][T17893] loop5: detected capacity change from 0 to 8
[ 1551.427506][T17893] squashfs: Unknown parameter 'ÿÿ'
[ 1551.484602][T17893] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3975'.
[ 1551.871624][ T5848] usb 5-1: USB disconnect, device number 27
[ 1552.053953][T17891] loop0: detected capacity change from 0 to 32768
[ 1552.119109][T11835] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 1552.191165][T17891] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[ 1552.191314][T17891]   allowing incompatible features above 0.0: (unknown version)
[ 1552.191402][T17891]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1552.237495][T17891] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[ 1552.246260][T17891] bcachefs (loop0): initializing new filesystem
[ 1552.262831][T17891] bcachefs (loop0): going read-write
[ 1552.292286][T17902] fuse: Unknown parameter 'use00000000000000000000'
[ 1552.310784][T17891] bcachefs (loop0): marking superblocks
[ 1552.358256][T17891] bcachefs (loop0): initializing freespace
[ 1552.384394][T17891] bcachefs (loop0): done initializing freespace
[ 1552.403556][T17891] bcachefs (loop0): reading snapshots table
[ 1552.410033][T17891] bcachefs (loop0): reading snapshots done
[ 1552.494372][T11835] usb 4-1: New USB device found, idVendor=13d8, idProduct=0011, bcdDevice=d0.62
[ 1552.504001][T11835] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1552.512483][T11835] usb 4-1: Product: syz
[ 1552.516888][T11835] usb 4-1: Manufacturer: syz
[ 1552.521900][T11835] usb 4-1: SerialNumber: syz
[ 1552.535627][T11835] usb 4-1: config 0 descriptor??
[ 1552.545129][T17891] bcachefs (loop0): done starting filesystem
[ 1552.576814][T11835] usb 4-1: selecting invalid altsetting 1
[ 1552.583020][T11835] comedi comedi0: could not switch to alternate setting 1
[ 1552.590480][T11835] usbduxfast 4-1:0.0: driver 'usbduxfast' failed to auto-configure device.
[ 1552.784324][T17889] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1552.794138][T17889] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1552.920277][T11835] usb 4-1: USB disconnect, device number 62
[ 1553.075265][T14999] bcachefs (loop0): shutting down
[ 1553.081094][T14999] bcachefs (loop0): going read-only
[ 1553.086698][T14999] bcachefs (loop0): finished waiting for writes to stop
[ 1553.234148][T14999] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[ 1553.469978][T14999] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[ 1553.536778][T14999] bcachefs (loop0): clean shutdown complete, journal seq 4
[ 1553.581950][T14999] bcachefs (loop0): marking filesystem clean
[ 1553.629898][T17912] loop5: detected capacity change from 0 to 32768
[ 1553.647171][T11714] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[ 1553.664798][T11714] usb 3-1: USB disconnect, device number 23
[ 1553.695735][T14999] bcachefs (loop0): shutdown complete
[ 1553.729170][T17912] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1554.139210][T17912] XFS (loop5): Ending clean mount
[ 1554.154769][T17912] XFS (loop5): Quotacheck needed: Please wait.
[ 1554.180326][T17912] XFS (loop5): Quotacheck: Done.
[ 1554.295823][T11305] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1554.641818][T17930] veth0_to_bridge: entered promiscuous mode
[ 1554.691332][T17930] loop3: detected capacity change from 0 to 512
[ 1554.714509][T17930] EXT4-fs: Ignoring removed i_version option
[ 1554.750079][T17930] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1554.830321][T17930] EXT4-fs (loop3): 1 truncate cleaned up
[ 1554.838831][T17930] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1555.004782][T17928] veth0_to_bridge: left promiscuous mode
[ 1555.261975][T14672] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1556.343535][T11835] usb 6-1: new high-speed USB device number 89 using dummy_hcd
[ 1556.540604][T11835] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1556.551296][T11835] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1556.611278][T11835] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1556.620821][T11835] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1556.629278][T11835] usb 6-1: SerialNumber: syz
[ 1556.857798][T17945] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3980'.
[ 1556.967512][T11835] usb 6-1: skipping empty audio interface (v1)
[ 1557.064962][T11835] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1557.104199][T11835] usb 6-1: USB disconnect, device number 89
[ 1557.141618][T17947] netlink: 'syz.4.3989': attribute type 4 has an invalid length.
[ 1557.199615][T17947] netlink: 'syz.4.3989': attribute type 4 has an invalid length.
[ 1558.528000][T17962] vcan0: tx drop: invalid sa for name 0x0000000000000001
[ 1560.009810][T11714] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[ 1560.190686][T11714] usb 5-1: Using ep0 maxpacket: 8
[ 1560.229505][T11714] usb 5-1: New USB device found, idVendor=04b4, idProduct=8613, bcdDevice=95.8f
[ 1560.239327][T11714] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=1
[ 1560.247600][T11714] usb 5-1: Product: syz
[ 1560.252274][T11714] usb 5-1: Manufacturer: syz
[ 1560.257176][T11714] usb 5-1: SerialNumber: syz
[ 1560.268647][T11714] usb 5-1: config 0 descriptor??
[ 1560.285395][T11714] usbtest 5-1:0.0: FX2 device
[ 1560.290661][T11714] usbtest 5-1:0.0: high-speed {control bulk-in bulk-out} tests (+alt)
[ 1560.610687][T11714] usb 5-1: USB disconnect, device number 28
[ 1562.878868][T17979] netlink: 'syz.3.4003': attribute type 3 has an invalid length.
[ 1562.887112][T17979] netlink: 'syz.3.4003': attribute type 3 has an invalid length.
[ 1562.895701][T17979] netlink: 'syz.3.4003': attribute type 3 has an invalid length.
[ 1562.926136][T17979] netlink: 'syz.3.4003': attribute type 3 has an invalid length.
[ 1562.943047][T17979] netlink: 'syz.3.4003': attribute type 3 has an invalid length.
[ 1562.952158][T17979] netlink: 'syz.3.4003': attribute type 3 has an invalid length.
[ 1562.960697][T17979] netlink: 'syz.3.4003': attribute type 3 has an invalid length.
[ 1562.968992][T17979] netlink: 'syz.3.4003': attribute type 3 has an invalid length.
[ 1562.977237][T17979] netlink: 'syz.3.4003': attribute type 3 has an invalid length.
[ 1562.985433][T17979] netlink: 'syz.3.4003': attribute type 3 has an invalid length.
[ 1563.115408][T17982] misc userio: The device must be registered before sending interrupts
[ 1564.094094][T18000] loop0: detected capacity change from 0 to 256
[ 1564.793308][T18000] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1564.952249][T11714] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 1564.977391][   T30] audit: type=1800 audit(1751550533.604:239): pid=18000 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4012" name="file0" dev="loop0" ino=1048648 res=0 errno=0
[ 1565.177686][T11714] usb 4-1: Using ep0 maxpacket: 32
[ 1565.219304][T11714] usb 4-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c
[ 1565.228982][T11714] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1565.237238][T11714] usb 4-1: Product: syz
[ 1565.242454][T11714] usb 4-1: Manufacturer: syz
[ 1565.247368][T11714] usb 4-1: SerialNumber: syz
[ 1565.354808][T11714] usb 4-1: config 0 descriptor??
[ 1565.381244][T11714] gspca_main: gspca_topro-2.14.0 probing 06a2:0003
[ 1566.268667][ T5848] usb 6-1: new high-speed USB device number 90 using dummy_hcd
[ 1566.471074][T11714] gspca_topro: reg_w err -71
[ 1566.498916][T11714] gspca_topro: Sensor soi763a
[ 1566.533399][T11714] usb 4-1: USB disconnect, device number 63
[ 1566.632519][ T5848] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1566.643275][ T5848] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1566.769326][ T5848] usb 6-1: config 0 descriptor??
[ 1568.228418][ T5848] udl 6-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1568.249112][ T5848] [drm:udl_init] *ERROR* Selecting channel failed
[ 1568.274188][ T5848] [drm] Initialized udl 0.0.1 for 6-1:0.0 on minor 2
[ 1568.281380][ T5848] [drm] Initialized udl on minor 2
[ 1568.288716][ T5848] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1568.297769][ T5848] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[ 1568.309763][ T5848] usb 6-1: USB disconnect, device number 90
[ 1568.321414][T11714] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1568.330622][T11714] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[ 1571.122180][ T1292] ieee802154 phy0 wpan0: encryption failed: -22
[ 1571.129182][ T1292] ieee802154 phy1 wpan1: encryption failed: -22
[ 1572.122663][T18040] loop2: detected capacity change from 0 to 128
[ 1574.460633][T18053] relay: one or more items not logged [item size (56) > sub-buffer size (10)]
[ 1576.313843][T18067] loop3: detected capacity change from 0 to 256
[ 1576.926193][T18069] loop5: detected capacity change from 0 to 8
[ 1577.000616][T18069] squashfs image failed sanity check
[ 1577.122677][T18069] loop5: detected capacity change from 0 to 764
[ 1577.165898][T18069] rock: corrupted directory entry. extent=32, offset=2044, size=237
[ 1577.399618][T11835] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 1577.562435][T18085] loop4: detected capacity change from 0 to 64
[ 1577.598067][T11835] usb 4-1: Using ep0 maxpacket: 8
[ 1577.624780][T11835] usb 4-1: config 0 has an invalid interface number: 52 but max is 0
[ 1577.633842][T11835] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1577.644292][T11835] usb 4-1: config 0 has no interface number 0
[ 1577.650909][T11835] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1577.662255][T11835] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1577.675524][T11835] usb 4-1: config 0 interface 52 has no altsetting 0
[ 1577.693897][T11835] usb 4-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[ 1577.707162][T11835] usb 4-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 1577.715628][T11835] usb 4-1: Manufacturer: syz
[ 1577.740863][T11835] usb 4-1: config 0 descriptor??
[ 1578.925728][T11835] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.52/input/input72
[ 1579.414206][ T5848] usb 4-1: USB disconnect, device number 64
[ 1579.414214][    C0] synaptics_usb 4-1:0.52: synusb_irq - usb_submit_urb failed with result: -19
[ 1580.465092][T18105] loop2: detected capacity change from 0 to 512
[ 1580.524611][T18105] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1580.625025][T18105] EXT4-fs (loop2): revision level too high, forcing read-only mode
[ 1580.634040][T18105] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[ 1580.779499][T18105] EXT4-fs (loop2): couldn't mount RDWR because of unsupported optional features (80)
[ 1580.789821][T18105] EXT4-fs (loop2): Skipping orphan cleanup due to unknown ROCOMPAT features
[ 1580.801183][T18105] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1581.136158][T18105] EXT4-fs (loop2): couldn't mount RDWR because of unsupported optional features (80)
[ 1581.450694][T14100] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1584.636927][T18127] loop3: detected capacity change from 0 to 256
[ 1584.746172][T18127] exfat: Deprecated parameter 'namecase'
[ 1584.752876][T18127] exfat: Deprecated parameter 'utf8'
[ 1585.052891][T18127] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[ 1586.393715][T18147] loop2: detected capacity change from 0 to 65
[ 1586.441862][T18147] BFS-fs: bfs_fill_super(): NOTE: filesystem loop2 was created with 512 inodes, the real maximum is 511, mounting anyway
[ 1586.608921][ T5848] usb 4-1: new low-speed USB device number 65 using dummy_hcd
[ 1587.270021][ T5848] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[ 1587.278941][ T5848] usb 4-1: config 0 has no interface number 0
[ 1587.285566][ T5848] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1587.297104][ T5848] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1587.308806][ T5848] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1587.321210][ T5848] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1587.333416][ T5848] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1587.344974][ T5848] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1587.358943][ T5848] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1587.368841][ T5848] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1587.738309][    T9] usb 6-1: new full-speed USB device number 91 using dummy_hcd
[ 1587.742332][ T5848] usb 4-1: config 0 descriptor??
[ 1587.758898][T18146] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1587.766648][T18146] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1587.865863][ T5848] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1588.009821][    T9] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1588.019675][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1588.028885][    T9] usb 6-1: Product: syz
[ 1588.033299][    T9] usb 6-1: Manufacturer: syz
[ 1588.038458][    T9] usb 6-1: SerialNumber: syz
[ 1588.095163][T10297] usb 4-1: USB disconnect, device number 65
[ 1588.133129][T10297] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[ 1588.164326][    T9] r8152-cfgselector 6-1: Unknown version 0x0000
[ 1588.171207][    T9] r8152-cfgselector 6-1: config 0 descriptor??
[ 1588.188253][T16159] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 1588.348285][T16159] usb 1-1: Using ep0 maxpacket: 16
[ 1588.369998][T16159] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1588.390784][T16159] usb 1-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=29.82
[ 1588.400895][T16159] usb 1-1: New USB device strings: Mfr=83, Product=5, SerialNumber=10
[ 1588.409444][T16159] usb 1-1: Product: syz
[ 1588.414024][T16159] usb 1-1: Manufacturer: syz
[ 1588.419115][T16159] usb 1-1: SerialNumber: syz
[ 1588.438621][T16159] usb 1-1: config 0 descriptor??
[ 1588.489039][ T5848] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[ 1588.573311][T18166] vivid-004: disconnect
[ 1588.587306][T18164] vivid-004: reconnect
[ 1588.612347][T11714] r8152-cfgselector 6-1: USB disconnect, device number 91
[ 1588.672292][ T5848] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1588.681891][ T5848] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1588.717658][ T5848] usb 3-1: config 0 descriptor??
[ 1588.806342][T16159] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 1588.922081][T16159] usb 1-1: USB disconnect, device number 42
[ 1589.010525][ T5848] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1589.057128][ T5848] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[ 1589.064567][ T5848] [drm] Initialized udl on minor 2
[ 1589.227073][ T5848] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[ 1589.234689][ T5848] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1589.535796][T11714] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1589.563401][ T5848] usb 3-1: USB disconnect, device number 24
[ 1589.597170][T11714] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1589.606765][T11714] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1591.744756][T18187] loop2: detected capacity change from 0 to 64
[ 1592.200701][T18187] =====================================================
[ 1592.208273][T18187] BUG: KMSAN: uninit-value in hfs_find_set_zero_bits+0x74d/0xb60
[ 1592.216366][T18187]  hfs_find_set_zero_bits+0x74d/0xb60
[ 1592.222879][T18187]  hfs_vbm_search_free+0x13c/0x5b0
[ 1592.228792][T18187]  hfs_extend_file+0x6a5/0x1b00
[ 1592.234006][T18187]  hfs_get_block+0x435/0x1150
[ 1592.239287][T18187]  __block_write_begin_int+0xa73/0x3030
[ 1592.245189][T18187]  cont_write_begin+0x10e1/0x1bc0
SYZFAIL: failed to send rpc
fd=3 want=48 sent=0 n=-1 (errno 32: Broken pipe)
[ 1592.251040][T18187]  hfs_write_begin+0x85/0x130
[ 1592.256050][T18187]  generic_perform_write+0x3f7/0x10c0
[ 1592.261800][T18187]  __generic_file_write_iter+0x213/0x460
[ 1592.267755][T18187]  generic_file_write_iter+0x131/0x980
[ 1592.273608][T18187]  do_iter_readv_writev+0x947/0xba0
[ 1592.279449][T18187]  vfs_writev+0x52a/0x1500
[ 1592.284279][T18187]  __se_sys_pwritev2+0x22f/0x480
[ 1592.289615][T18187]  __x64_sys_pwritev2+0xe4/0x150
[ 1592.294842][T18187]  x64_sys_call+0x22b9/0x3db0
[ 1592.299888][T18187]  do_syscall_64+0xd9/0x210
[ 1592.304593][T18187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1592.311188][T18187] 
[ 1592.313681][T18187] Uninit was created at:
[ 1592.318495][T18187]  __kmalloc_cache_noprof+0x7f7/0xed0
[ 1592.324273][T18187]  hfs_mdb_get+0x1cc8/0x2a90
[ 1592.329240][T18187]  hfs_fill_super+0x3d0/0xb80
[ 1592.334309][T18187]  get_tree_bdev_flags+0x6e6/0x920
[ 1592.340066][T18187]  get_tree_bdev+0x38/0x50
[ 1592.344903][T18187]  hfs_get_tree+0x35/0x40
[ 1592.349742][T18187]  vfs_get_tree+0xb3/0x5c0
[ 1592.354545][T18187]  do_new_mount+0x738/0x1610
[ 1592.359518][T18187]  path_mount+0x6db/0x1e90
[ 1592.364299][T18187]  __se_sys_mount+0x6eb/0x7d0
[ 1592.369662][T18187]  __x64_sys_mount+0xe4/0x150
[ 1592.374700][T18187]  x64_sys_call+0xfa7/0x3db0
[ 1592.379737][T18187]  do_syscall_64+0xd9/0x210
[ 1592.384478][T18187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1592.390789][T18187] 
[ 1592.393409][T18187] CPU: 0 UID: 0 PID: 18187 Comm: syz.2.4078 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1592.406632][T18187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1592.417424][T18187] =====================================================
[ 1592.424828][T18187] Disabling lock debugging due to kernel taint
[ 1592.431517][T18187] Kernel panic - not syncing: kmsan.panic set ...
[ 1592.438142][T18187] CPU: 0 UID: 0 PID: 18187 Comm: syz.2.4078 Tainted: G    B               6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[ 1592.452189][T18187] Tainted: [B]=BAD_PAGE
[ 1592.456453][T18187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1592.466650][T18187] Call Trace:
[ 1592.470160][T18187]  <TASK>
[ 1592.473241][T18187]  __dump_stack+0x26/0x30
[ 1592.477796][T18187]  dump_stack_lvl+0x53/0x270
[ 1592.482576][T18187]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1592.488699][T18187]  dump_stack+0x1e/0x25
[ 1592.493028][T18187]  panic+0x4bd/0xd50
[ 1592.497156][T18187]  kmsan_report+0x31c/0x320
[ 1592.501897][T18187]  ? __msan_warning+0x1b/0x30
[ 1592.506777][T18187]  ? hfs_find_set_zero_bits+0x74d/0xb60
[ 1592.512520][T18187]  ? hfs_vbm_search_free+0x13c/0x5b0
[ 1592.517988][T18187]  ? hfs_extend_file+0x6a5/0x1b00
[ 1592.523212][T18187]  ? hfs_get_block+0x435/0x1150
[ 1592.528263][T18187]  ? __block_write_begin_int+0xa73/0x3030
[ 1592.534223][T18187]  ? cont_write_begin+0x10e1/0x1bc0
[ 1592.539593][T18187]  ? hfs_write_begin+0x85/0x130
[ 1592.544644][T18187]  ? generic_perform_write+0x3f7/0x10c0
[ 1592.550387][T18187]  ? __generic_file_write_iter+0x213/0x460
[ 1592.556383][T18187]  ? generic_file_write_iter+0x131/0x980
[ 1592.562198][T18187]  ? do_iter_readv_writev+0x947/0xba0
[ 1592.567792][T18187]  ? vfs_writev+0x52a/0x1500
[ 1592.572560][T18187]  ? __se_sys_pwritev2+0x22f/0x480
[ 1592.577830][T18187]  ? __x64_sys_pwritev2+0xe4/0x150
[ 1592.583112][T18187]  ? x64_sys_call+0x22b9/0x3db0
[ 1592.588171][T18187]  ? do_syscall_64+0xd9/0x210
[ 1592.593022][T18187]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1592.599294][T18187]  ? hfs_extend_file+0x46d/0x1b00
[ 1592.604632][T18187]  ? hfs_get_block+0x435/0x1150
[ 1592.609689][T18187]  ? __block_write_begin_int+0xa73/0x3030
[ 1592.615642][T18187]  ? cont_write_begin+0x10e1/0x1bc0
[ 1592.621022][T18187]  ? hfs_write_begin+0x85/0x130
[ 1592.626176][T18187]  ? generic_perform_write+0x3f7/0x10c0
[ 1592.631916][T18187]  ? __generic_file_write_iter+0x213/0x460
[ 1592.637921][T18187]  ? generic_file_write_iter+0x131/0x980
[ 1592.643740][T18187]  ? do_iter_readv_writev+0x947/0xba0
[ 1592.649334][T18187]  ? vfs_writev+0x52a/0x1500
[ 1592.654106][T18187]  ? __se_sys_pwritev2+0x22f/0x480
[ 1592.659385][T18187]  ? __x64_sys_pwritev2+0xe4/0x150
[ 1592.664677][T18187]  ? x64_sys_call+0x22b9/0x3db0
[ 1592.669745][T18187]  ? do_syscall_64+0xd9/0x210
[ 1592.674592][T18187]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1592.680933][T18187]  ? kmsan_get_metadata+0xfb/0x160
[ 1592.686270][T18187]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1592.692320][T18187]  ? kfree+0x121/0xec0
[ 1592.696542][T18187]  ? filter_irq_stacks+0x49/0x190
[ 1592.701756][T18187]  ? stack_depot_save_flags+0x35/0x7b0
[ 1592.707399][T18187]  ? kmsan_get_metadata+0xfb/0x160
[ 1592.712743][T18187]  __msan_warning+0x1b/0x30
[ 1592.717453][T18187]  hfs_find_set_zero_bits+0x74d/0xb60
[ 1592.723046][T18187]  ? kmsan_get_metadata+0xfb/0x160
[ 1592.728423][T18187]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1592.734473][T18187]  hfs_vbm_search_free+0x13c/0x5b0
[ 1592.739786][T18187]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1592.745837][T18187]  hfs_extend_file+0x6a5/0x1b00
[ 1592.750909][T18187]  ? __mark_inode_dirty+0x371/0x1090
[ 1592.756405][T18187]  hfs_get_block+0x435/0x1150
[ 1592.761297][T18187]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1592.767579][T18187]  ? kmsan_get_metadata+0xfb/0x160
[ 1592.772928][T18187]  __block_write_begin_int+0xa73/0x3030
[ 1592.778766][T18187]  ? __pfx_hfs_get_block+0x10/0x10
[ 1592.784113][T18187]  cont_write_begin+0x10e1/0x1bc0
[ 1592.789310][T18187]  ? kmsan_get_metadata+0xfb/0x160
[ 1592.794636][T18187]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1592.800657][T18187]  ? kmsan_get_metadata+0xfb/0x160
[ 1592.806000][T18187]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1592.812067][T18187]  hfs_write_begin+0x85/0x130
[ 1592.816980][T18187]  ? __pfx_hfs_get_block+0x10/0x10
[ 1592.822314][T18187]  ? __pfx_hfs_write_begin+0x10/0x10
[ 1592.827801][T18187]  generic_perform_write+0x3f7/0x10c0
[ 1592.833420][T18187]  __generic_file_write_iter+0x213/0x460
[ 1592.839267][T18187]  generic_file_write_iter+0x131/0x980
[ 1592.844921][T18187]  ? __rcu_read_unlock+0x6d/0xd0
[ 1592.850036][T18187]  ? aa_file_perm+0x24c/0x18d0
[ 1592.855003][T18187]  ? kmsan_get_metadata+0xfb/0x160
[ 1592.860431][T18187]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1592.866465][T18187]  ? vfs_iter_read+0x711/0x770
[ 1592.871435][T18187]  ? filter_irq_stacks+0x49/0x190
[ 1592.876680][T18187]  ? stack_depot_save_flags+0x35/0x7b0
[ 1592.882323][T18187]  ? kmsan_get_metadata+0xfb/0x160
[ 1592.887642][T18187]  ? kmsan_get_metadata+0xfb/0x160
[ 1592.892964][T18187]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[ 1592.899517][T18187]  ? __pfx_generic_file_write_iter+0x10/0x10
[ 1592.905689][T18187]  do_iter_readv_writev+0x947/0xba0
[ 1592.911142][T18187]  ? __pfx_generic_file_write_iter+0x10/0x10
[ 1592.917363][T18187]  ? __pfx_generic_file_write_iter+0x10/0x10
[ 1592.923531][T18187]  vfs_writev+0x52a/0x1500
[ 1592.928126][T18187]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1592.934212][T18187]  ? kmsan_get_metadata+0xfb/0x160
[ 1592.939559][T18187]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[ 1592.945605][T18187]  __se_sys_pwritev2+0x22f/0x480
[ 1592.950766][T18187]  __x64_sys_pwritev2+0xe4/0x150
[ 1592.955911][T18187]  x64_sys_call+0x22b9/0x3db0
[ 1592.960803][T18187]  do_syscall_64+0xd9/0x210
[ 1592.965480][T18187]  ? irqentry_exit+0x16/0x60
[ 1592.970294][T18187]  ? clear_bhb_loop+0x40/0x90
[ 1592.975167][T18187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1592.981276][T18187] RIP: 0033:0x7fcae678e929
[ 1592.985841][T18187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1593.005663][T18187] RSP: 002b:00007fcae7522038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[ 1593.014355][T18187] RAX: ffffffffffffffda RBX: 00007fcae69b5fa0 RCX: 00007fcae678e929
[ 1593.022476][T18187] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: 0000000000000004
[ 1593.030671][T18187] RBP: 00007fcae6810b39 R08: 0000000000000000 R09: 0000000000000000
[ 1593.038788][T18187] R10: 0000000000000e7b R11: 0000000000000246 R12: 0000000000000000
[ 1593.046991][T18187] R13: 0000000000000000 R14: 00007fcae69b5fa0 R15: 00007fff1a33ad28
[ 1593.055146][T18187]  </TASK>
[ 1593.058562][T18187] Kernel Offset: disabled
[ 1593.062977][T18187] Rebooting in 86400 seconds..