last executing test programs:

1m26.704688759s ago: executing program 1 (id=98):
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x0, &(0x7f0000005240), 0x1, 0x51b8, &(0x7f0000005280)="$eJzs3V+IVNcdB/Azu65uXepOoRQLQlcoLS0+LIVSi5RuS9X6sDJV+lBbdfuHQvFlFR8qfeiGBIPkIesKEvMQNwQiSUAXMcQQIasSDSGQByEo8cGEJWwwD0LyvISde8/szLnenXGjWaOfT9i9c+Z3zrlnhvsw343nTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAQwu3PawMz//vJSFl94vTFubnZ7T0TNw/1bT2//0YIlfrzlby+9/d/3PHvnXuHe+OAkT9lx2q1bMps6K2ssbLlyflxrT9/DyH0JBN058fNfU1jK+kJwoHihIvatmv3hd7J4Y2HD264NHn01FjxpTOvd7kXsFzy62pm4Voaqv/uSno02k2XXqXlEs3GpxfcN/IiAIB7MlirHxofR/OPuI32WFpP2kNJezxpx08I482NpcjmXVm2zoG0vkzrHMqiwqrSdSb1/P1vtGvp+KSdRI17WGdr1zzS9JatczSpL9c6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4me87N/Pf2u1dOltUnTl+cm5vd3jNx81Df1vP7b4RQrT9fycqV6yfXHfvVP7cMvHl8+GeD//rDju58XDyuaOocrscHv+4P4R9NlZk47WdrQqi1FurNcKJY+E/9wbZYAAAA4FHyw/rvrkY7i4M9Le1KPU1W6v9FeVjctftC7+TwxsMHN1yaPHpqbOnz1UrmG7rrfI12deGn0hSMY/xN51uox64HCvMsLp0xzfNXLm+8uOXqnqNl4wv5v7p4/o/vnPwPAADA1yH/p/Msrl3+f/XIE7MDT539adn4Qv4faDllIf/HFcf83xWWlv8BAADgYfag8/9QYZ7Ftcv/f91z4ncfbukdKhtfyP+DneX/Fc3Ljk++Hxe8rz+EwXZLBwAAAErE/+++8KeFmNeziJ/m9TMvH5u+9vFvNpXNV8j/Q53l/577/soAAACApfr57ls/ePHt786W1Qv5v9ZZ/l/1wFcOAAAAdGr9mc1vVV+oPFdWL+T/kc7y/+r8mO98yAZdif8K4Vh/CL3zD0azwtUw/ttGAQAAALhPYk7//7NX33m6+8/fKetXyP+ji9//P97pIO7/b7n/X2H/f1Mhu+vfJjcGAAAA4HFU3M8fb4+ffXNB2ffvd7r//5N1517/5bXp58vOX8j/Y53l/+7m4/38/j8AAABYgm/b9//9pTDP4trd///T77/23pdzP7pcNr6Q/8c7y//x2Nf88qbj+/Nkfwhr5x/kdxN8JZ5uX1KY6mkqZG98MmJnHJEXplY1FepGkxG/6A9h/fyDsaTwvVgYTwp31uSFyaTwQSzk10OjcDopTMcr7fiafLlp4Y1YyDdYTMUdFH2NLRHJiC/KRswX7jrio8bJAQAAHisxPOdZtqe1GdIoO1Vp12F1uw5d7Tp0t+uwIumQdix7Poy0FuLzf3vp7Ooj1Us/DiUK+X+ys/wf34qV2aFs/3+I+//zLyBs7P8fiYVqUpiKhVp6x4BaPEcWdp+J56jW8hF31jYKAAAA8EiLfxfoXuZ1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFfs3X+QXVV9APCzP96+7GazWcRBVAZWqGDqsNkkpojSMdgo1h+4KK1jHWtCsuCaxQQSOoShnQWs/cHYUkDaaa2Eto7CWJrBKZDWlkgbbAc6Bdo6QNTRIiN2qg5Di7UgdN7ee97ed+7evJdkN2Tp5/PHvvPe9/y878e+c+995wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8/HHfHvtoHf/Dw+6vi19/+leeff/Lc2vVf37n0nLsveTSE8ZnHu7Jw1yM3n3DDGZvePrLnpvesGNu8/n19ebk8HpY2/nTndz4Ra/3OshDu6gqhNw2cPpgFavn9wVjfCYMhHBNmA80SEwNZibThsK8/hF1hNtCsak9/CIOFwPkP33vPpxqJG/tDeG0IoZ628Y161kZ/Gji1LwsMpIGtvVngRy9kmoG7u7MAHLb4Zmi+6HePt2YYnrtcxeuvNm8de3Glw+uJieHqfN8/e4E7VdCXPjB+WE9bqToWROntsde7bRG820rb+TpPW/GLVP4N5YXZUD10b564cONlUzviI91hdLSnqqYFep4fferKTQeTXjSvw9iB4Xl5He578KH+49a+e89ta+9cv+f+xx463G4+UtikxfRCq4f8Nbdonsdonc+TRfD2K31LGvGlK4Rw12umT/mlC558Y1W8NP8fPvD8P76c4213S+5Y67ND2dw8PjIYEz8cyubmAAAAsGgshr2m+//w6eEPvPd3bq+qrzT/H+ns+H885J9P5rPR7g1h3UzimuUhHD/zeBa4NTZ3wfIQXjOTGm8NnJ0E9obwypnEimZVSYklscRIEvjuUB5YlwTui4HxJPC5GLguCXwiBnYngU0xsDcJvDUGwmTrOH56KB9Hx4H+GNiQbcTd8SyEp4dia8m22t+sCgAAYJ7ks8Na693CuQ6HmyFOL3f3t8sQz8CuzFBPakhnsM1pVWUNve1q6G5XQ3Pc0wcefqnmrnY1l07D6GrN0PPmdfse3/b460KF0vx/7MDz//ocHekqHf8P4byZvzF3dx6ZasY3jLdkAAAAAA7Dg3//2T//1zPfeUNVvDT/X9fZ+f9xn0hPIXN4IO6G2LI8hLHWQFbtm8uB7Kj30jwAAAAAi0HzeHzzWPhkfpudop3Op8v5xw8yfzzwv27O/J8597tf/tnPvuGcqv6W5v/jnZ3/P9B6m3XivtiLG5aHsKQQ+GrsZSMwYyQGvvWW1kA+/vviBrg2VpWfmNCs6tpYYkMMjCWBXVUlHmyWOL41kD9ZzcavaY5jMi9RCAAAAMARF3cHxOPy8fz/tZ/75avXPPLEB6vKleb/Gw7u/P+ZeXDp9P6ppSGs7A2hJ/1hwAMD2cKAMTDYlSf+ZiCrqyet6qqBEM5qDCyt6tv5+v+96RqDD/dnVcXA8Sd/4alTG4k/7Q9hZTHwtQ/dsraR2JEEmo3/Qn8IJzVGmzb+l0uyxmtp47+/JIQTC4FmVRcsCaHRWF9a1b31/DoGaVV/UQ/h2EKgWdXP1EPYGQBYpOK/0s3FB7fvvGLLxqmpiUsXMBH34feHCyenJkY3bZ3aXK/o0+akzy3LGF1VHlN3h2Pfny9R9NzbTh7uJN38neBYsS/5fvzSiYP5/fhdqDYzztW1lrtr0iG/7pRyE+mQ5hpypz9hPNQhDxQrmX0SK/vRF5aGJZdtn7h09PKNO3Zcuir722n21dnfeJgp21ar0m01MFffOnh5VK6WlTjUbXVasZKVOy7etnL7zitOn7x440UTF018fNWasbE3rl51xplrVzZGNZb9bTPU0+aqOhnqC7d0OK55HOqreguVHIlPDQkJicWWWHHnm37xi//x+ElVHz+l+f+2A8//46dO/OTP12eoOv4/HA/zZ4/PHubfEAO7Oj3+P1x1NL95YsBIEpiOgWmH+QEAAHhpiLsj497MuNf6ye9dcd2xt5z09apypfn/dGe//5+n9f+bS9e/s2qZ/xWxxFjV+v/pMv/N9f+nq9b/T5f5b67/v+tFWP//smYg2SRPW/8fAAB4KThy6/+3Xd4/vUBAKUPb5f3TCwSUMrRdxr/TCwQc9Pr/T/xg65LjX3brhlChNP+/rrP5v4X7AQAA4Ojx6Qc27zrtJz+pPCpcmv/v6mz+f+TX/wtV5/+PVAXGqxYGtP4fAAAAi1TV+n8fe/2WZZP/NnZBVbnS/H93Z/P/eNpFd0vuWOuzQ9madiFd0+6HQ82fDAAAAMDi0B1GR2sd5m1ZGfXsQ2/z0Xwp0AOli87a/Sc/33PldZUtlub/ezub/7f8LmPfgw/1H7f23XuevW3tnev33P/YQ7PH/wEAAICF0+l+CQAAAAAAAAAAAAAA4MW3/m8/+hsfvuezb6iKl37/H86bebzq9//xun/x9wUvb8kda22//l9+//x33b5zZsnCB4ZCOKUY2HL1lmNCfm3+04qBez684hWNxNVpiS9/861PNBIfSQPvOP1lzzQSZyWBDXGRxFemgXhVxWeWJYG4vOK/pIG4PXangb488FvLsnF0pdvqe4PZtupKt9VjgyEsLwSa2+quwayNrnSANyaB5gAvSQNxgOfmge60V7cvzXoVA4Ox6M1Ls14BAHDUit8Ca+HCyamJsfgVPt6+qrf1NmpZsuyqcrVdHTa/P1+a7Lm3nTzcSbon/S46e63xWqg3hrCq9HW1mKVrZpTzU0ubTffyiiG3W+2tu6Jc6mA3XV/1iPqzEY1u2jq1udZ24GvaZ1nd2zbLqtJkp5ile2aTdlBLB33pYEQdbpsOuhzvd4fR0Z4k15ticDi0aPeK6PT3+sV1/qpeBcU8oyf+6hXTE3c8WVVfaf4/3Nn8v14c1zP5xQCm45X1rlkeQuUlBwEAAIBDtP+vH1m99Y8++cX09jff9Sv/e9dPXflMVbnS/H+ks/l/3IOVHwrO9nbsjdf/b87/h7PArbG5C5aH8JqZ1HgskV1Q/52xxFgWuDXuMFkRS2wYb61qSQzsTgLfHcoDe5PAfTGQ76X4Qsh35fzeUAhrZ1LntZbYFksMJ4H3xsBIEhiNgbEksCwG1iWB/1yWB8aTwP0xECZbt9WXltm7AgAAHIJ8nlVrvRvSed7u3nYZutplGGiXobtdhnq7DFWjiPfviBlqyckrXYVMtbTW/qSWUoZ4MfyD7lcpQ3iwNWdasNR0PP+geb5BV2uGUz7/+g+EZb99c6hQmv+PdTb/H2i9zVq/L87/Z6//lwW+Grt3Qzx1fCQGvvWW1kC+Y+C+ONm9tlnVeF4in7RfG0usi4GRJLAtBtYlgQ3n5YFdr2gN5DPtZuPXNBufzEsUAgAAAHDExR0EcTdNnP9f/tzbl3/6i7/+31XlSvP/dZ3N/2N7S4uNfSLW+p1lIdzVNdubZuD0wSwQ92MMxp/HnzAYwjGFHRzNEhMDWYm+pOGwrz/7hXpfWtWe/myNgXj//IfvvedTjcSN/SG8trD3pdnGN+pZG/1p4NS+LDCQBrb2ZoG456cZuLs7C8Bha+4VjC+o/FSXpuG5y1W8/l4q1wRNh1faBzpHvrl+c7VQ6ukD+T7VpoN72krVsSBKb4+93m2L8d027N1W/CKVf0N5YTZUD92bJy7ceNnUjvhI8ZesJQv0PBd/pdpJeh5eh9OH3tv26mkHxpKPj7G5y839OuyK1e178KH+49a+e89ta+9cv+f+xx7quBsV4g+FX/2j24YfKWzehVYP+Wtu0X2ejPs8WYz/BkY8bSGEf1p/4eXPhr/rr4qX5v/jnc3/e5PbGT+OG3P78hBeV9i4D8TN/3PLs8/BQiD7lDy2HMgOuT8+VPnJCQAAAPOtubujub9gMr/NTghP58nl/OMHmT/ur1g3Z/5O+/2GPztz1VdO3P7HVfHS/H/Dgef/S5JuOv7v+D8LxPH/OR3tu6KXpA9MH9au6FJ1LAjH/+d0tL/bHP+fk+P/jv/PxfH/Nhz/n9PR/rSVviVt86WrMR/9nw9+8t/PHjylKl6a/2/rbP5v/b+5F+1rrv+3oWr9v21V6/9NW/8PAABYUBULzaXzvNLqfaUM6ep9pQxtFwhsu8Sg9f8Oev2/Nw/0vv93+29aESqU5v/Tnc3/48thabH1xbL+38h5FVVdFwPbLAwIAADA0ahqBwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvrpvuHdn3Dz/+0glV8etv/8rzzz95bu36r+9ces7dlzwawuTM411ZuOuRm0+44YxNbx/Zc9N7VoxtXv++el6ult++uiV3rPXZoRB2FR4ZjIkfDjXuzAbOf9ftO3sbiQeGQjilGNhy9ZZjGonPDYVwWjFwz4dXvKKRuDot8eVvvvWJRuIjaeAdp7/smUbirDzQlXb3M8uy7nal3f3UshCWFwLN7n5sWWtVzTbOyQPdaRufH8zaiIHBWPQPBrM2YmAqlphcEsLK3hB60qr+sZ5V1ZNW9Vf1rKqetKpfq4dwVgihN63qm31ZVb3pyP+5L6sqBo4/+QtPndpI7OoLYWUx8LUP3bK2kbgkCTQbf19fCCc1XjJp43fUssZraeM31kI4MYTQl5b4r96sRF9a4tu9IRxbCDQb/2hvCDsDLwnxw2dz8cHtO6/YsnFqauLSBUz05W31hwsnpyZGN22d2lxP+lSlq5B+4aoDxw9k/1NXbmrcPve2k4c7Sffm5WozXV5da7m7Zr56X1ug3sd+DRQrmX0+SvXH/H1haVhy2faJS0cv37hjx6Wrsr+dZl+d/e1pDq6xrVbN17bq1KFuq9OKlazccfG2ldt3XnH65MUbL5q4aOLjq9aMjb1x9aozzly7sjGqsezvfAz1liM/1Ff1Fio5Eh8AEhISiy3R3fLpNna0f5CXvujPdrQW6jMf0KVpRTFL18wo52PQZx/iiA/le0rbEa0qTRxKWVa3z7KmNJmYzdKfZZn5XleaHBZr6p7ZpPF+dxgd7anaDsOtd4ub9/uHsXkfzTddp2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2MHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WYfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//HB8mtQ==")
open(&(0x7f0000000200)='./bus\x00', 0x14d27e, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17ffff7, 0x4002011, r0, 0x0)
ftruncate(r0, 0x20cf01)
io_uring_setup(0x0, &(0x7f0000003580)={0x0, 0x80000000, 0x1400, 0x1})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000006, &(0x7f0000000380)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@quota}, {@minixdf}, {@data_err_abort}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@bsdgroups}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {@quota}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_dev$usbfs(0x0, 0x76, 0x101301)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r7, 0xc0105502, &(0x7f0000000340)={0x1, 0x1})
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x28, r3, 0x101, 0x4, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x50}}}}}, 0x28}}, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8000c61)
truncate(&(0x7f0000000040)='./file1\x00', 0x1bfc)

1m14.371179789s ago: executing program 1 (id=98):
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x0, &(0x7f0000005240), 0x1, 0x51b8, &(0x7f0000005280)="$eJzs3V+IVNcdB/Azu65uXepOoRQLQlcoLS0+LIVSi5RuS9X6sDJV+lBbdfuHQvFlFR8qfeiGBIPkIesKEvMQNwQiSUAXMcQQIasSDSGQByEo8cGEJWwwD0LyvISde8/szLnenXGjWaOfT9i9c+Z3zrlnhvsw343nTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAQwu3PawMz//vJSFl94vTFubnZ7T0TNw/1bT2//0YIlfrzlby+9/d/3PHvnXuHe+OAkT9lx2q1bMps6K2ssbLlyflxrT9/DyH0JBN058fNfU1jK+kJwoHihIvatmv3hd7J4Y2HD264NHn01FjxpTOvd7kXsFzy62pm4Voaqv/uSno02k2XXqXlEs3GpxfcN/IiAIB7MlirHxofR/OPuI32WFpP2kNJezxpx08I482NpcjmXVm2zoG0vkzrHMqiwqrSdSb1/P1vtGvp+KSdRI17WGdr1zzS9JatczSpL9c6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4me87N/Pf2u1dOltUnTl+cm5vd3jNx81Df1vP7b4RQrT9fycqV6yfXHfvVP7cMvHl8+GeD//rDju58XDyuaOocrscHv+4P4R9NlZk47WdrQqi1FurNcKJY+E/9wbZYAAAA4FHyw/rvrkY7i4M9Le1KPU1W6v9FeVjctftC7+TwxsMHN1yaPHpqbOnz1UrmG7rrfI12deGn0hSMY/xN51uox64HCvMsLp0xzfNXLm+8uOXqnqNl4wv5v7p4/o/vnPwPAADA1yH/p/Msrl3+f/XIE7MDT539adn4Qv4faDllIf/HFcf83xWWlv8BAADgYfag8/9QYZ7Ftcv/f91z4ncfbukdKhtfyP+DneX/Fc3Ljk++Hxe8rz+EwXZLBwAAAErE/+++8KeFmNeziJ/m9TMvH5u+9vFvNpXNV8j/Q53l/577/soAAACApfr57ls/ePHt786W1Qv5v9ZZ/l/1wFcOAAAAdGr9mc1vVV+oPFdWL+T/kc7y/+r8mO98yAZdif8K4Vh/CL3zD0azwtUw/ttGAQAAALhPYk7//7NX33m6+8/fKetXyP+ji9//P97pIO7/b7n/X2H/f1Mhu+vfJjcGAAAA4HFU3M8fb4+ffXNB2ffvd7r//5N1517/5bXp58vOX8j/Y53l/+7m4/38/j8AAABYgm/b9//9pTDP4trd///T77/23pdzP7pcNr6Q/8c7y//x2Nf88qbj+/Nkfwhr5x/kdxN8JZ5uX1KY6mkqZG98MmJnHJEXplY1FepGkxG/6A9h/fyDsaTwvVgYTwp31uSFyaTwQSzk10OjcDopTMcr7fiafLlp4Y1YyDdYTMUdFH2NLRHJiC/KRswX7jrio8bJAQAAHisxPOdZtqe1GdIoO1Vp12F1uw5d7Tp0t+uwIumQdix7Poy0FuLzf3vp7Ooj1Us/DiUK+X+ys/wf34qV2aFs/3+I+//zLyBs7P8fiYVqUpiKhVp6x4BaPEcWdp+J56jW8hF31jYKAAAA8EiLfxfoXuZ1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFfs3X+QXVV9APCzP96+7GazWcRBVAZWqGDqsNkkpojSMdgo1h+4KK1jHWtCsuCaxQQSOoShnQWs/cHYUkDaaa2Eto7CWJrBKZDWlkgbbAc6Bdo6QNTRIiN2qg5Di7UgdN7ee97ed+7evJdkN2Tp5/PHvvPe9/y878e+c+995wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8/HHfHvtoHf/Dw+6vi19/+leeff/Lc2vVf37n0nLsveTSE8ZnHu7Jw1yM3n3DDGZvePrLnpvesGNu8/n19ebk8HpY2/nTndz4Ra/3OshDu6gqhNw2cPpgFavn9wVjfCYMhHBNmA80SEwNZibThsK8/hF1hNtCsak9/CIOFwPkP33vPpxqJG/tDeG0IoZ628Y161kZ/Gji1LwsMpIGtvVngRy9kmoG7u7MAHLb4Zmi+6HePt2YYnrtcxeuvNm8de3Glw+uJieHqfN8/e4E7VdCXPjB+WE9bqToWROntsde7bRG820rb+TpPW/GLVP4N5YXZUD10b564cONlUzviI91hdLSnqqYFep4fferKTQeTXjSvw9iB4Xl5He578KH+49a+e89ta+9cv+f+xx463G4+UtikxfRCq4f8Nbdonsdonc+TRfD2K31LGvGlK4Rw12umT/mlC558Y1W8NP8fPvD8P76c4213S+5Y67ND2dw8PjIYEz8cyubmAAAAsGgshr2m+//w6eEPvPd3bq+qrzT/H+ns+H885J9P5rPR7g1h3UzimuUhHD/zeBa4NTZ3wfIQXjOTGm8NnJ0E9obwypnEimZVSYklscRIEvjuUB5YlwTui4HxJPC5GLguCXwiBnYngU0xsDcJvDUGwmTrOH56KB9Hx4H+GNiQbcTd8SyEp4dia8m22t+sCgAAYJ7ks8Na693CuQ6HmyFOL3f3t8sQz8CuzFBPakhnsM1pVWUNve1q6G5XQ3Pc0wcefqnmrnY1l07D6GrN0PPmdfse3/b460KF0vx/7MDz//ocHekqHf8P4byZvzF3dx6ZasY3jLdkAAAAAA7Dg3//2T//1zPfeUNVvDT/X9fZ+f9xn0hPIXN4IO6G2LI8hLHWQFbtm8uB7Kj30jwAAAAAi0HzeHzzWPhkfpudop3Op8v5xw8yfzzwv27O/J8597tf/tnPvuGcqv6W5v/jnZ3/P9B6m3XivtiLG5aHsKQQ+GrsZSMwYyQGvvWW1kA+/vviBrg2VpWfmNCs6tpYYkMMjCWBXVUlHmyWOL41kD9ZzcavaY5jMi9RCAAAAMARF3cHxOPy8fz/tZ/75avXPPLEB6vKleb/Gw7u/P+ZeXDp9P6ppSGs7A2hJ/1hwAMD2cKAMTDYlSf+ZiCrqyet6qqBEM5qDCyt6tv5+v+96RqDD/dnVcXA8Sd/4alTG4k/7Q9hZTHwtQ/dsraR2JEEmo3/Qn8IJzVGmzb+l0uyxmtp47+/JIQTC4FmVRcsCaHRWF9a1b31/DoGaVV/UQ/h2EKgWdXP1EPYGQBYpOK/0s3FB7fvvGLLxqmpiUsXMBH34feHCyenJkY3bZ3aXK/o0+akzy3LGF1VHlN3h2Pfny9R9NzbTh7uJN38neBYsS/5fvzSiYP5/fhdqDYzztW1lrtr0iG/7pRyE+mQ5hpypz9hPNQhDxQrmX0SK/vRF5aGJZdtn7h09PKNO3Zcuir722n21dnfeJgp21ar0m01MFffOnh5VK6WlTjUbXVasZKVOy7etnL7zitOn7x440UTF018fNWasbE3rl51xplrVzZGNZb9bTPU0+aqOhnqC7d0OK55HOqreguVHIlPDQkJicWWWHHnm37xi//x+ElVHz+l+f+2A8//46dO/OTP12eoOv4/HA/zZ4/PHubfEAO7Oj3+P1x1NL95YsBIEpiOgWmH+QEAAHhpiLsj497MuNf6ye9dcd2xt5z09apypfn/dGe//5+n9f+bS9e/s2qZ/xWxxFjV+v/pMv/N9f+nq9b/T5f5b67/v+tFWP//smYg2SRPW/8fAAB4KThy6/+3Xd4/vUBAKUPb5f3TCwSUMrRdxr/TCwQc9Pr/T/xg65LjX3brhlChNP+/rrP5v4X7AQAA4Ojx6Qc27zrtJz+pPCpcmv/v6mz+f+TX/wtV5/+PVAXGqxYGtP4fAAAAi1TV+n8fe/2WZZP/NnZBVbnS/H93Z/P/eNpFd0vuWOuzQ9madiFd0+6HQ82fDAAAAMDi0B1GR2sd5m1ZGfXsQ2/z0Xwp0AOli87a/Sc/33PldZUtlub/ezub/7f8LmPfgw/1H7f23XuevW3tnev33P/YQ7PH/wEAAICF0+l+CQAAAAAAAAAAAAAA4MW3/m8/+hsfvuezb6iKl37/H86bebzq9//xun/x9wUvb8kda22//l9+//x33b5zZsnCB4ZCOKUY2HL1lmNCfm3+04qBez684hWNxNVpiS9/861PNBIfSQPvOP1lzzQSZyWBDXGRxFemgXhVxWeWJYG4vOK/pIG4PXangb488FvLsnF0pdvqe4PZtupKt9VjgyEsLwSa2+quwayNrnSANyaB5gAvSQNxgOfmge60V7cvzXoVA4Ox6M1Ls14BAHDUit8Ca+HCyamJsfgVPt6+qrf1NmpZsuyqcrVdHTa/P1+a7Lm3nTzcSbon/S46e63xWqg3hrCq9HW1mKVrZpTzU0ubTffyiiG3W+2tu6Jc6mA3XV/1iPqzEY1u2jq1udZ24GvaZ1nd2zbLqtJkp5ile2aTdlBLB33pYEQdbpsOuhzvd4fR0Z4k15ticDi0aPeK6PT3+sV1/qpeBcU8oyf+6hXTE3c8WVVfaf4/3Nn8v14c1zP5xQCm45X1rlkeQuUlBwEAAIBDtP+vH1m99Y8++cX09jff9Sv/e9dPXflMVbnS/H+ks/l/3IOVHwrO9nbsjdf/b87/h7PArbG5C5aH8JqZ1HgskV1Q/52xxFgWuDXuMFkRS2wYb61qSQzsTgLfHcoDe5PAfTGQ76X4Qsh35fzeUAhrZ1LntZbYFksMJ4H3xsBIEhiNgbEksCwG1iWB/1yWB8aTwP0xECZbt9WXltm7AgAAHIJ8nlVrvRvSed7u3nYZutplGGiXobtdhnq7DFWjiPfviBlqyckrXYVMtbTW/qSWUoZ4MfyD7lcpQ3iwNWdasNR0PP+geb5BV2uGUz7/+g+EZb99c6hQmv+PdTb/H2i9zVq/L87/Z6//lwW+Grt3Qzx1fCQGvvWW1kC+Y+C+ONm9tlnVeF4in7RfG0usi4GRJLAtBtYlgQ3n5YFdr2gN5DPtZuPXNBufzEsUAgAAAHDExR0EcTdNnP9f/tzbl3/6i7/+31XlSvP/dZ3N/2N7S4uNfSLW+p1lIdzVNdubZuD0wSwQ92MMxp/HnzAYwjGFHRzNEhMDWYm+pOGwrz/7hXpfWtWe/myNgXj//IfvvedTjcSN/SG8trD3pdnGN+pZG/1p4NS+LDCQBrb2ZoG456cZuLs7C8Bha+4VjC+o/FSXpuG5y1W8/l4q1wRNh1faBzpHvrl+c7VQ6ukD+T7VpoN72krVsSBKb4+93m2L8d027N1W/CKVf0N5YTZUD92bJy7ceNnUjvhI8ZesJQv0PBd/pdpJeh5eh9OH3tv26mkHxpKPj7G5y839OuyK1e178KH+49a+e89ta+9cv+f+xx7quBsV4g+FX/2j24YfKWzehVYP+Wtu0X2ejPs8WYz/BkY8bSGEf1p/4eXPhr/rr4qX5v/jnc3/e5PbGT+OG3P78hBeV9i4D8TN/3PLs8/BQiD7lDy2HMgOuT8+VPnJCQAAAPOtubujub9gMr/NTghP58nl/OMHmT/ur1g3Z/5O+/2GPztz1VdO3P7HVfHS/H/Dgef/S5JuOv7v+D8LxPH/OR3tu6KXpA9MH9au6FJ1LAjH/+d0tL/bHP+fk+P/jv/PxfH/Nhz/n9PR/rSVviVt86WrMR/9nw9+8t/PHjylKl6a/2/rbP5v/b+5F+1rrv+3oWr9v21V6/9NW/8PAABYUBULzaXzvNLqfaUM6ep9pQxtFwhsu8Sg9f8Oev2/Nw/0vv93+29aESqU5v/Tnc3/48thabH1xbL+38h5FVVdFwPbLAwIAADA0ahqBwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvrpvuHdn3Dz/+0glV8etv/8rzzz95bu36r+9ces7dlzwawuTM411ZuOuRm0+44YxNbx/Zc9N7VoxtXv++el6ult++uiV3rPXZoRB2FR4ZjIkfDjXuzAbOf9ftO3sbiQeGQjilGNhy9ZZjGonPDYVwWjFwz4dXvKKRuDot8eVvvvWJRuIjaeAdp7/smUbirDzQlXb3M8uy7nal3f3UshCWFwLN7n5sWWtVzTbOyQPdaRufH8zaiIHBWPQPBrM2YmAqlphcEsLK3hB60qr+sZ5V1ZNW9Vf1rKqetKpfq4dwVgihN63qm31ZVb3pyP+5L6sqBo4/+QtPndpI7OoLYWUx8LUP3bK2kbgkCTQbf19fCCc1XjJp43fUssZraeM31kI4MYTQl5b4r96sRF9a4tu9IRxbCDQb/2hvCDsDLwnxw2dz8cHtO6/YsnFqauLSBUz05W31hwsnpyZGN22d2lxP+lSlq5B+4aoDxw9k/1NXbmrcPve2k4c7Sffm5WozXV5da7m7Zr56X1ug3sd+DRQrmX0+SvXH/H1haVhy2faJS0cv37hjx6Wrsr+dZl+d/e1pDq6xrVbN17bq1KFuq9OKlazccfG2ldt3XnH65MUbL5q4aOLjq9aMjb1x9aozzly7sjGqsezvfAz1liM/1Ff1Fio5Eh8AEhISiy3R3fLpNna0f5CXvujPdrQW6jMf0KVpRTFL18wo52PQZx/iiA/le0rbEa0qTRxKWVa3z7KmNJmYzdKfZZn5XleaHBZr6p7ZpPF+dxgd7anaDsOtd4ub9/uHsXkfzTddp2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2MHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WYfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//HB8mtQ==")
open(&(0x7f0000000200)='./bus\x00', 0x14d27e, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17ffff7, 0x4002011, r0, 0x0)
ftruncate(r0, 0x20cf01)
io_uring_setup(0x0, &(0x7f0000003580)={0x0, 0x80000000, 0x1400, 0x1})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000006, &(0x7f0000000380)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@quota}, {@minixdf}, {@data_err_abort}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@bsdgroups}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {@quota}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_dev$usbfs(0x0, 0x76, 0x101301)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r7, 0xc0105502, &(0x7f0000000340)={0x1, 0x1})
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x28, r3, 0x101, 0x4, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x50}}}}}, 0x28}}, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8000c61)
truncate(&(0x7f0000000040)='./file1\x00', 0x1bfc)

58.153716719s ago: executing program 1 (id=98):
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x0, &(0x7f0000005240), 0x1, 0x51b8, &(0x7f0000005280)="$eJzs3V+IVNcdB/Azu65uXepOoRQLQlcoLS0+LIVSi5RuS9X6sDJV+lBbdfuHQvFlFR8qfeiGBIPkIesKEvMQNwQiSUAXMcQQIasSDSGQByEo8cGEJWwwD0LyvISde8/szLnenXGjWaOfT9i9c+Z3zrlnhvsw343nTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAQwu3PawMz//vJSFl94vTFubnZ7T0TNw/1bT2//0YIlfrzlby+9/d/3PHvnXuHe+OAkT9lx2q1bMps6K2ssbLlyflxrT9/DyH0JBN058fNfU1jK+kJwoHihIvatmv3hd7J4Y2HD264NHn01FjxpTOvd7kXsFzy62pm4Voaqv/uSno02k2XXqXlEs3GpxfcN/IiAIB7MlirHxofR/OPuI32WFpP2kNJezxpx08I482NpcjmXVm2zoG0vkzrHMqiwqrSdSb1/P1vtGvp+KSdRI17WGdr1zzS9JatczSpL9c6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4me87N/Pf2u1dOltUnTl+cm5vd3jNx81Df1vP7b4RQrT9fycqV6yfXHfvVP7cMvHl8+GeD//rDju58XDyuaOocrscHv+4P4R9NlZk47WdrQqi1FurNcKJY+E/9wbZYAAAA4FHyw/rvrkY7i4M9Le1KPU1W6v9FeVjctftC7+TwxsMHN1yaPHpqbOnz1UrmG7rrfI12deGn0hSMY/xN51uox64HCvMsLp0xzfNXLm+8uOXqnqNl4wv5v7p4/o/vnPwPAADA1yH/p/Msrl3+f/XIE7MDT539adn4Qv4faDllIf/HFcf83xWWlv8BAADgYfag8/9QYZ7Ftcv/f91z4ncfbukdKhtfyP+DneX/Fc3Ljk++Hxe8rz+EwXZLBwAAAErE/+++8KeFmNeziJ/m9TMvH5u+9vFvNpXNV8j/Q53l/577/soAAACApfr57ls/ePHt786W1Qv5v9ZZ/l/1wFcOAAAAdGr9mc1vVV+oPFdWL+T/kc7y/+r8mO98yAZdif8K4Vh/CL3zD0azwtUw/ttGAQAAALhPYk7//7NX33m6+8/fKetXyP+ji9//P97pIO7/b7n/X2H/f1Mhu+vfJjcGAAAA4HFU3M8fb4+ffXNB2ffvd7r//5N1517/5bXp58vOX8j/Y53l/+7m4/38/j8AAABYgm/b9//9pTDP4trd///T77/23pdzP7pcNr6Q/8c7y//x2Nf88qbj+/Nkfwhr5x/kdxN8JZ5uX1KY6mkqZG98MmJnHJEXplY1FepGkxG/6A9h/fyDsaTwvVgYTwp31uSFyaTwQSzk10OjcDopTMcr7fiafLlp4Y1YyDdYTMUdFH2NLRHJiC/KRswX7jrio8bJAQAAHisxPOdZtqe1GdIoO1Vp12F1uw5d7Tp0t+uwIumQdix7Poy0FuLzf3vp7Ooj1Us/DiUK+X+ys/wf34qV2aFs/3+I+//zLyBs7P8fiYVqUpiKhVp6x4BaPEcWdp+J56jW8hF31jYKAAAA8EiLfxfoXuZ1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFfs3X+QXVV9APCzP96+7GazWcRBVAZWqGDqsNkkpojSMdgo1h+4KK1jHWtCsuCaxQQSOoShnQWs/cHYUkDaaa2Eto7CWJrBKZDWlkgbbAc6Bdo6QNTRIiN2qg5Di7UgdN7ee97ed+7evJdkN2Tp5/PHvvPe9/y878e+c+995wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8/HHfHvtoHf/Dw+6vi19/+leeff/Lc2vVf37n0nLsveTSE8ZnHu7Jw1yM3n3DDGZvePrLnpvesGNu8/n19ebk8HpY2/nTndz4Ra/3OshDu6gqhNw2cPpgFavn9wVjfCYMhHBNmA80SEwNZibThsK8/hF1hNtCsak9/CIOFwPkP33vPpxqJG/tDeG0IoZ628Y161kZ/Gji1LwsMpIGtvVngRy9kmoG7u7MAHLb4Zmi+6HePt2YYnrtcxeuvNm8de3Glw+uJieHqfN8/e4E7VdCXPjB+WE9bqToWROntsde7bRG820rb+TpPW/GLVP4N5YXZUD10b564cONlUzviI91hdLSnqqYFep4fferKTQeTXjSvw9iB4Xl5He578KH+49a+e89ta+9cv+f+xx463G4+UtikxfRCq4f8Nbdonsdonc+TRfD2K31LGvGlK4Rw12umT/mlC558Y1W8NP8fPvD8P76c4213S+5Y67ND2dw8PjIYEz8cyubmAAAAsGgshr2m+//w6eEPvPd3bq+qrzT/H+ns+H885J9P5rPR7g1h3UzimuUhHD/zeBa4NTZ3wfIQXjOTGm8NnJ0E9obwypnEimZVSYklscRIEvjuUB5YlwTui4HxJPC5GLguCXwiBnYngU0xsDcJvDUGwmTrOH56KB9Hx4H+GNiQbcTd8SyEp4dia8m22t+sCgAAYJ7ks8Na693CuQ6HmyFOL3f3t8sQz8CuzFBPakhnsM1pVWUNve1q6G5XQ3Pc0wcefqnmrnY1l07D6GrN0PPmdfse3/b460KF0vx/7MDz//ocHekqHf8P4byZvzF3dx6ZasY3jLdkAAAAAA7Dg3//2T//1zPfeUNVvDT/X9fZ+f9xn0hPIXN4IO6G2LI8hLHWQFbtm8uB7Kj30jwAAAAAi0HzeHzzWPhkfpudop3Op8v5xw8yfzzwv27O/J8597tf/tnPvuGcqv6W5v/jnZ3/P9B6m3XivtiLG5aHsKQQ+GrsZSMwYyQGvvWW1kA+/vviBrg2VpWfmNCs6tpYYkMMjCWBXVUlHmyWOL41kD9ZzcavaY5jMi9RCAAAAMARF3cHxOPy8fz/tZ/75avXPPLEB6vKleb/Gw7u/P+ZeXDp9P6ppSGs7A2hJ/1hwAMD2cKAMTDYlSf+ZiCrqyet6qqBEM5qDCyt6tv5+v+96RqDD/dnVcXA8Sd/4alTG4k/7Q9hZTHwtQ/dsraR2JEEmo3/Qn8IJzVGmzb+l0uyxmtp47+/JIQTC4FmVRcsCaHRWF9a1b31/DoGaVV/UQ/h2EKgWdXP1EPYGQBYpOK/0s3FB7fvvGLLxqmpiUsXMBH34feHCyenJkY3bZ3aXK/o0+akzy3LGF1VHlN3h2Pfny9R9NzbTh7uJN38neBYsS/5fvzSiYP5/fhdqDYzztW1lrtr0iG/7pRyE+mQ5hpypz9hPNQhDxQrmX0SK/vRF5aGJZdtn7h09PKNO3Zcuir722n21dnfeJgp21ar0m01MFffOnh5VK6WlTjUbXVasZKVOy7etnL7zitOn7x440UTF018fNWasbE3rl51xplrVzZGNZb9bTPU0+aqOhnqC7d0OK55HOqreguVHIlPDQkJicWWWHHnm37xi//x+ElVHz+l+f+2A8//46dO/OTP12eoOv4/HA/zZ4/PHubfEAO7Oj3+P1x1NL95YsBIEpiOgWmH+QEAAHhpiLsj497MuNf6ye9dcd2xt5z09apypfn/dGe//5+n9f+bS9e/s2qZ/xWxxFjV+v/pMv/N9f+nq9b/T5f5b67/v+tFWP//smYg2SRPW/8fAAB4KThy6/+3Xd4/vUBAKUPb5f3TCwSUMrRdxr/TCwQc9Pr/T/xg65LjX3brhlChNP+/rrP5v4X7AQAA4Ojx6Qc27zrtJz+pPCpcmv/v6mz+f+TX/wtV5/+PVAXGqxYGtP4fAAAAi1TV+n8fe/2WZZP/NnZBVbnS/H93Z/P/eNpFd0vuWOuzQ9madiFd0+6HQ82fDAAAAMDi0B1GR2sd5m1ZGfXsQ2/z0Xwp0AOli87a/Sc/33PldZUtlub/ezub/7f8LmPfgw/1H7f23XuevW3tnev33P/YQ7PH/wEAAICF0+l+CQAAAAAAAAAAAAAA4MW3/m8/+hsfvuezb6iKl37/H86bebzq9//xun/x9wUvb8kda22//l9+//x33b5zZsnCB4ZCOKUY2HL1lmNCfm3+04qBez684hWNxNVpiS9/861PNBIfSQPvOP1lzzQSZyWBDXGRxFemgXhVxWeWJYG4vOK/pIG4PXangb488FvLsnF0pdvqe4PZtupKt9VjgyEsLwSa2+quwayNrnSANyaB5gAvSQNxgOfmge60V7cvzXoVA4Ox6M1Ls14BAHDUit8Ca+HCyamJsfgVPt6+qrf1NmpZsuyqcrVdHTa/P1+a7Lm3nTzcSbon/S46e63xWqg3hrCq9HW1mKVrZpTzU0ubTffyiiG3W+2tu6Jc6mA3XV/1iPqzEY1u2jq1udZ24GvaZ1nd2zbLqtJkp5ile2aTdlBLB33pYEQdbpsOuhzvd4fR0Z4k15ticDi0aPeK6PT3+sV1/qpeBcU8oyf+6hXTE3c8WVVfaf4/3Nn8v14c1zP5xQCm45X1rlkeQuUlBwEAAIBDtP+vH1m99Y8++cX09jff9Sv/e9dPXflMVbnS/H+ks/l/3IOVHwrO9nbsjdf/b87/h7PArbG5C5aH8JqZ1HgskV1Q/52xxFgWuDXuMFkRS2wYb61qSQzsTgLfHcoDe5PAfTGQ76X4Qsh35fzeUAhrZ1LntZbYFksMJ4H3xsBIEhiNgbEksCwG1iWB/1yWB8aTwP0xECZbt9WXltm7AgAAHIJ8nlVrvRvSed7u3nYZutplGGiXobtdhnq7DFWjiPfviBlqyckrXYVMtbTW/qSWUoZ4MfyD7lcpQ3iwNWdasNR0PP+geb5BV2uGUz7/+g+EZb99c6hQmv+PdTb/H2i9zVq/L87/Z6//lwW+Grt3Qzx1fCQGvvWW1kC+Y+C+ONm9tlnVeF4in7RfG0usi4GRJLAtBtYlgQ3n5YFdr2gN5DPtZuPXNBufzEsUAgAAAHDExR0EcTdNnP9f/tzbl3/6i7/+31XlSvP/dZ3N/2N7S4uNfSLW+p1lIdzVNdubZuD0wSwQ92MMxp/HnzAYwjGFHRzNEhMDWYm+pOGwrz/7hXpfWtWe/myNgXj//IfvvedTjcSN/SG8trD3pdnGN+pZG/1p4NS+LDCQBrb2ZoG456cZuLs7C8Bha+4VjC+o/FSXpuG5y1W8/l4q1wRNh1faBzpHvrl+c7VQ6ukD+T7VpoN72krVsSBKb4+93m2L8d027N1W/CKVf0N5YTZUD92bJy7ceNnUjvhI8ZesJQv0PBd/pdpJeh5eh9OH3tv26mkHxpKPj7G5y839OuyK1e178KH+49a+e89ta+9cv+f+xx7quBsV4g+FX/2j24YfKWzehVYP+Wtu0X2ejPs8WYz/BkY8bSGEf1p/4eXPhr/rr4qX5v/jnc3/e5PbGT+OG3P78hBeV9i4D8TN/3PLs8/BQiD7lDy2HMgOuT8+VPnJCQAAAPOtubujub9gMr/NTghP58nl/OMHmT/ur1g3Z/5O+/2GPztz1VdO3P7HVfHS/H/Dgef/S5JuOv7v+D8LxPH/OR3tu6KXpA9MH9au6FJ1LAjH/+d0tL/bHP+fk+P/jv/PxfH/Nhz/n9PR/rSVviVt86WrMR/9nw9+8t/PHjylKl6a/2/rbP5v/b+5F+1rrv+3oWr9v21V6/9NW/8PAABYUBULzaXzvNLqfaUM6ep9pQxtFwhsu8Sg9f8Oev2/Nw/0vv93+29aESqU5v/Tnc3/48thabH1xbL+38h5FVVdFwPbLAwIAADA0ahqBwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvrpvuHdn3Dz/+0glV8etv/8rzzz95bu36r+9ces7dlzwawuTM411ZuOuRm0+44YxNbx/Zc9N7VoxtXv++el6ult++uiV3rPXZoRB2FR4ZjIkfDjXuzAbOf9ftO3sbiQeGQjilGNhy9ZZjGonPDYVwWjFwz4dXvKKRuDot8eVvvvWJRuIjaeAdp7/smUbirDzQlXb3M8uy7nal3f3UshCWFwLN7n5sWWtVzTbOyQPdaRufH8zaiIHBWPQPBrM2YmAqlphcEsLK3hB60qr+sZ5V1ZNW9Vf1rKqetKpfq4dwVgihN63qm31ZVb3pyP+5L6sqBo4/+QtPndpI7OoLYWUx8LUP3bK2kbgkCTQbf19fCCc1XjJp43fUssZraeM31kI4MYTQl5b4r96sRF9a4tu9IRxbCDQb/2hvCDsDLwnxw2dz8cHtO6/YsnFqauLSBUz05W31hwsnpyZGN22d2lxP+lSlq5B+4aoDxw9k/1NXbmrcPve2k4c7Sffm5WozXV5da7m7Zr56X1ug3sd+DRQrmX0+SvXH/H1haVhy2faJS0cv37hjx6Wrsr+dZl+d/e1pDq6xrVbN17bq1KFuq9OKlazccfG2ldt3XnH65MUbL5q4aOLjq9aMjb1x9aozzly7sjGqsezvfAz1liM/1Ff1Fio5Eh8AEhISiy3R3fLpNna0f5CXvujPdrQW6jMf0KVpRTFL18wo52PQZx/iiA/le0rbEa0qTRxKWVa3z7KmNJmYzdKfZZn5XleaHBZr6p7ZpPF+dxgd7anaDsOtd4ub9/uHsXkfzTddp2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2MHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WYfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//HB8mtQ==")
open(&(0x7f0000000200)='./bus\x00', 0x14d27e, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17ffff7, 0x4002011, r0, 0x0)
ftruncate(r0, 0x20cf01)
io_uring_setup(0x0, &(0x7f0000003580)={0x0, 0x80000000, 0x1400, 0x1})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000006, &(0x7f0000000380)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@quota}, {@minixdf}, {@data_err_abort}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@bsdgroups}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {@quota}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_dev$usbfs(0x0, 0x76, 0x101301)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r7, 0xc0105502, &(0x7f0000000340)={0x1, 0x1})
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x28, r3, 0x101, 0x4, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x50}}}}}, 0x28}}, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8000c61)
truncate(&(0x7f0000000040)='./file1\x00', 0x1bfc)

40.718287053s ago: executing program 1 (id=98):
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x0, &(0x7f0000005240), 0x1, 0x51b8, &(0x7f0000005280)="$eJzs3V+IVNcdB/Azu65uXepOoRQLQlcoLS0+LIVSi5RuS9X6sDJV+lBbdfuHQvFlFR8qfeiGBIPkIesKEvMQNwQiSUAXMcQQIasSDSGQByEo8cGEJWwwD0LyvISde8/szLnenXGjWaOfT9i9c+Z3zrlnhvsw343nTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAQwu3PawMz//vJSFl94vTFubnZ7T0TNw/1bT2//0YIlfrzlby+9/d/3PHvnXuHe+OAkT9lx2q1bMps6K2ssbLlyflxrT9/DyH0JBN058fNfU1jK+kJwoHihIvatmv3hd7J4Y2HD264NHn01FjxpTOvd7kXsFzy62pm4Voaqv/uSno02k2XXqXlEs3GpxfcN/IiAIB7MlirHxofR/OPuI32WFpP2kNJezxpx08I482NpcjmXVm2zoG0vkzrHMqiwqrSdSb1/P1vtGvp+KSdRI17WGdr1zzS9JatczSpL9c6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4me87N/Pf2u1dOltUnTl+cm5vd3jNx81Df1vP7b4RQrT9fycqV6yfXHfvVP7cMvHl8+GeD//rDju58XDyuaOocrscHv+4P4R9NlZk47WdrQqi1FurNcKJY+E/9wbZYAAAA4FHyw/rvrkY7i4M9Le1KPU1W6v9FeVjctftC7+TwxsMHN1yaPHpqbOnz1UrmG7rrfI12deGn0hSMY/xN51uox64HCvMsLp0xzfNXLm+8uOXqnqNl4wv5v7p4/o/vnPwPAADA1yH/p/Msrl3+f/XIE7MDT539adn4Qv4faDllIf/HFcf83xWWlv8BAADgYfag8/9QYZ7Ftcv/f91z4ncfbukdKhtfyP+DneX/Fc3Ljk++Hxe8rz+EwXZLBwAAAErE/+++8KeFmNeziJ/m9TMvH5u+9vFvNpXNV8j/Q53l/577/soAAACApfr57ls/ePHt786W1Qv5v9ZZ/l/1wFcOAAAAdGr9mc1vVV+oPFdWL+T/kc7y/+r8mO98yAZdif8K4Vh/CL3zD0azwtUw/ttGAQAAALhPYk7//7NX33m6+8/fKetXyP+ji9//P97pIO7/b7n/X2H/f1Mhu+vfJjcGAAAA4HFU3M8fb4+ffXNB2ffvd7r//5N1517/5bXp58vOX8j/Y53l/+7m4/38/j8AAABYgm/b9//9pTDP4trd///T77/23pdzP7pcNr6Q/8c7y//x2Nf88qbj+/Nkfwhr5x/kdxN8JZ5uX1KY6mkqZG98MmJnHJEXplY1FepGkxG/6A9h/fyDsaTwvVgYTwp31uSFyaTwQSzk10OjcDopTMcr7fiafLlp4Y1YyDdYTMUdFH2NLRHJiC/KRswX7jrio8bJAQAAHisxPOdZtqe1GdIoO1Vp12F1uw5d7Tp0t+uwIumQdix7Poy0FuLzf3vp7Ooj1Us/DiUK+X+ys/wf34qV2aFs/3+I+//zLyBs7P8fiYVqUpiKhVp6x4BaPEcWdp+J56jW8hF31jYKAAAA8EiLfxfoXuZ1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFfs3X+QXVV9APCzP96+7GazWcRBVAZWqGDqsNkkpojSMdgo1h+4KK1jHWtCsuCaxQQSOoShnQWs/cHYUkDaaa2Eto7CWJrBKZDWlkgbbAc6Bdo6QNTRIiN2qg5Di7UgdN7ee97ed+7evJdkN2Tp5/PHvvPe9/y878e+c+995wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8/HHfHvtoHf/Dw+6vi19/+leeff/Lc2vVf37n0nLsveTSE8ZnHu7Jw1yM3n3DDGZvePrLnpvesGNu8/n19ebk8HpY2/nTndz4Ra/3OshDu6gqhNw2cPpgFavn9wVjfCYMhHBNmA80SEwNZibThsK8/hF1hNtCsak9/CIOFwPkP33vPpxqJG/tDeG0IoZ628Y161kZ/Gji1LwsMpIGtvVngRy9kmoG7u7MAHLb4Zmi+6HePt2YYnrtcxeuvNm8de3Glw+uJieHqfN8/e4E7VdCXPjB+WE9bqToWROntsde7bRG820rb+TpPW/GLVP4N5YXZUD10b564cONlUzviI91hdLSnqqYFep4fferKTQeTXjSvw9iB4Xl5He578KH+49a+e89ta+9cv+f+xx463G4+UtikxfRCq4f8Nbdonsdonc+TRfD2K31LGvGlK4Rw12umT/mlC558Y1W8NP8fPvD8P76c4213S+5Y67ND2dw8PjIYEz8cyubmAAAAsGgshr2m+//w6eEPvPd3bq+qrzT/H+ns+H885J9P5rPR7g1h3UzimuUhHD/zeBa4NTZ3wfIQXjOTGm8NnJ0E9obwypnEimZVSYklscRIEvjuUB5YlwTui4HxJPC5GLguCXwiBnYngU0xsDcJvDUGwmTrOH56KB9Hx4H+GNiQbcTd8SyEp4dia8m22t+sCgAAYJ7ks8Na693CuQ6HmyFOL3f3t8sQz8CuzFBPakhnsM1pVWUNve1q6G5XQ3Pc0wcefqnmrnY1l07D6GrN0PPmdfse3/b460KF0vx/7MDz//ocHekqHf8P4byZvzF3dx6ZasY3jLdkAAAAAA7Dg3//2T//1zPfeUNVvDT/X9fZ+f9xn0hPIXN4IO6G2LI8hLHWQFbtm8uB7Kj30jwAAAAAi0HzeHzzWPhkfpudop3Op8v5xw8yfzzwv27O/J8597tf/tnPvuGcqv6W5v/jnZ3/P9B6m3XivtiLG5aHsKQQ+GrsZSMwYyQGvvWW1kA+/vviBrg2VpWfmNCs6tpYYkMMjCWBXVUlHmyWOL41kD9ZzcavaY5jMi9RCAAAAMARF3cHxOPy8fz/tZ/75avXPPLEB6vKleb/Gw7u/P+ZeXDp9P6ppSGs7A2hJ/1hwAMD2cKAMTDYlSf+ZiCrqyet6qqBEM5qDCyt6tv5+v+96RqDD/dnVcXA8Sd/4alTG4k/7Q9hZTHwtQ/dsraR2JEEmo3/Qn8IJzVGmzb+l0uyxmtp47+/JIQTC4FmVRcsCaHRWF9a1b31/DoGaVV/UQ/h2EKgWdXP1EPYGQBYpOK/0s3FB7fvvGLLxqmpiUsXMBH34feHCyenJkY3bZ3aXK/o0+akzy3LGF1VHlN3h2Pfny9R9NzbTh7uJN38neBYsS/5fvzSiYP5/fhdqDYzztW1lrtr0iG/7pRyE+mQ5hpypz9hPNQhDxQrmX0SK/vRF5aGJZdtn7h09PKNO3Zcuir722n21dnfeJgp21ar0m01MFffOnh5VK6WlTjUbXVasZKVOy7etnL7zitOn7x440UTF018fNWasbE3rl51xplrVzZGNZb9bTPU0+aqOhnqC7d0OK55HOqreguVHIlPDQkJicWWWHHnm37xi//x+ElVHz+l+f+2A8//46dO/OTP12eoOv4/HA/zZ4/PHubfEAO7Oj3+P1x1NL95YsBIEpiOgWmH+QEAAHhpiLsj497MuNf6ye9dcd2xt5z09apypfn/dGe//5+n9f+bS9e/s2qZ/xWxxFjV+v/pMv/N9f+nq9b/T5f5b67/v+tFWP//smYg2SRPW/8fAAB4KThy6/+3Xd4/vUBAKUPb5f3TCwSUMrRdxr/TCwQc9Pr/T/xg65LjX3brhlChNP+/rrP5v4X7AQAA4Ojx6Qc27zrtJz+pPCpcmv/v6mz+f+TX/wtV5/+PVAXGqxYGtP4fAAAAi1TV+n8fe/2WZZP/NnZBVbnS/H93Z/P/eNpFd0vuWOuzQ9madiFd0+6HQ82fDAAAAMDi0B1GR2sd5m1ZGfXsQ2/z0Xwp0AOli87a/Sc/33PldZUtlub/ezub/7f8LmPfgw/1H7f23XuevW3tnev33P/YQ7PH/wEAAICF0+l+CQAAAAAAAAAAAAAA4MW3/m8/+hsfvuezb6iKl37/H86bebzq9//xun/x9wUvb8kda22//l9+//x33b5zZsnCB4ZCOKUY2HL1lmNCfm3+04qBez684hWNxNVpiS9/861PNBIfSQPvOP1lzzQSZyWBDXGRxFemgXhVxWeWJYG4vOK/pIG4PXangb488FvLsnF0pdvqe4PZtupKt9VjgyEsLwSa2+quwayNrnSANyaB5gAvSQNxgOfmge60V7cvzXoVA4Ox6M1Ls14BAHDUit8Ca+HCyamJsfgVPt6+qrf1NmpZsuyqcrVdHTa/P1+a7Lm3nTzcSbon/S46e63xWqg3hrCq9HW1mKVrZpTzU0ubTffyiiG3W+2tu6Jc6mA3XV/1iPqzEY1u2jq1udZ24GvaZ1nd2zbLqtJkp5ile2aTdlBLB33pYEQdbpsOuhzvd4fR0Z4k15ticDi0aPeK6PT3+sV1/qpeBcU8oyf+6hXTE3c8WVVfaf4/3Nn8v14c1zP5xQCm45X1rlkeQuUlBwEAAIBDtP+vH1m99Y8++cX09jff9Sv/e9dPXflMVbnS/H+ks/l/3IOVHwrO9nbsjdf/b87/h7PArbG5C5aH8JqZ1HgskV1Q/52xxFgWuDXuMFkRS2wYb61qSQzsTgLfHcoDe5PAfTGQ76X4Qsh35fzeUAhrZ1LntZbYFksMJ4H3xsBIEhiNgbEksCwG1iWB/1yWB8aTwP0xECZbt9WXltm7AgAAHIJ8nlVrvRvSed7u3nYZutplGGiXobtdhnq7DFWjiPfviBlqyckrXYVMtbTW/qSWUoZ4MfyD7lcpQ3iwNWdasNR0PP+geb5BV2uGUz7/+g+EZb99c6hQmv+PdTb/H2i9zVq/L87/Z6//lwW+Grt3Qzx1fCQGvvWW1kC+Y+C+ONm9tlnVeF4in7RfG0usi4GRJLAtBtYlgQ3n5YFdr2gN5DPtZuPXNBufzEsUAgAAAHDExR0EcTdNnP9f/tzbl3/6i7/+31XlSvP/dZ3N/2N7S4uNfSLW+p1lIdzVNdubZuD0wSwQ92MMxp/HnzAYwjGFHRzNEhMDWYm+pOGwrz/7hXpfWtWe/myNgXj//IfvvedTjcSN/SG8trD3pdnGN+pZG/1p4NS+LDCQBrb2ZoG456cZuLs7C8Bha+4VjC+o/FSXpuG5y1W8/l4q1wRNh1faBzpHvrl+c7VQ6ukD+T7VpoN72krVsSBKb4+93m2L8d027N1W/CKVf0N5YTZUD92bJy7ceNnUjvhI8ZesJQv0PBd/pdpJeh5eh9OH3tv26mkHxpKPj7G5y839OuyK1e178KH+49a+e89ta+9cv+f+xx7quBsV4g+FX/2j24YfKWzehVYP+Wtu0X2ejPs8WYz/BkY8bSGEf1p/4eXPhr/rr4qX5v/jnc3/e5PbGT+OG3P78hBeV9i4D8TN/3PLs8/BQiD7lDy2HMgOuT8+VPnJCQAAAPOtubujub9gMr/NTghP58nl/OMHmT/ur1g3Z/5O+/2GPztz1VdO3P7HVfHS/H/Dgef/S5JuOv7v+D8LxPH/OR3tu6KXpA9MH9au6FJ1LAjH/+d0tL/bHP+fk+P/jv/PxfH/Nhz/n9PR/rSVviVt86WrMR/9nw9+8t/PHjylKl6a/2/rbP5v/b+5F+1rrv+3oWr9v21V6/9NW/8PAABYUBULzaXzvNLqfaUM6ep9pQxtFwhsu8Sg9f8Oev2/Nw/0vv93+29aESqU5v/Tnc3/48thabH1xbL+38h5FVVdFwPbLAwIAADA0ahqBwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvrpvuHdn3Dz/+0glV8etv/8rzzz95bu36r+9ces7dlzwawuTM411ZuOuRm0+44YxNbx/Zc9N7VoxtXv++el6ult++uiV3rPXZoRB2FR4ZjIkfDjXuzAbOf9ftO3sbiQeGQjilGNhy9ZZjGonPDYVwWjFwz4dXvKKRuDot8eVvvvWJRuIjaeAdp7/smUbirDzQlXb3M8uy7nal3f3UshCWFwLN7n5sWWtVzTbOyQPdaRufH8zaiIHBWPQPBrM2YmAqlphcEsLK3hB60qr+sZ5V1ZNW9Vf1rKqetKpfq4dwVgihN63qm31ZVb3pyP+5L6sqBo4/+QtPndpI7OoLYWUx8LUP3bK2kbgkCTQbf19fCCc1XjJp43fUssZraeM31kI4MYTQl5b4r96sRF9a4tu9IRxbCDQb/2hvCDsDLwnxw2dz8cHtO6/YsnFqauLSBUz05W31hwsnpyZGN22d2lxP+lSlq5B+4aoDxw9k/1NXbmrcPve2k4c7Sffm5WozXV5da7m7Zr56X1ug3sd+DRQrmX0+SvXH/H1haVhy2faJS0cv37hjx6Wrsr+dZl+d/e1pDq6xrVbN17bq1KFuq9OKlazccfG2ldt3XnH65MUbL5q4aOLjq9aMjb1x9aozzly7sjGqsezvfAz1liM/1Ff1Fio5Eh8AEhISiy3R3fLpNna0f5CXvujPdrQW6jMf0KVpRTFL18wo52PQZx/iiA/le0rbEa0qTRxKWVa3z7KmNJmYzdKfZZn5XleaHBZr6p7ZpPF+dxgd7anaDsOtd4ub9/uHsXkfzTddp2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2MHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WYfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//HB8mtQ==")
open(&(0x7f0000000200)='./bus\x00', 0x14d27e, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17ffff7, 0x4002011, r0, 0x0)
ftruncate(r0, 0x20cf01)
io_uring_setup(0x0, &(0x7f0000003580)={0x0, 0x80000000, 0x1400, 0x1})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000006, &(0x7f0000000380)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@quota}, {@minixdf}, {@data_err_abort}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@bsdgroups}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {@quota}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_dev$usbfs(0x0, 0x76, 0x101301)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r7, 0xc0105502, &(0x7f0000000340)={0x1, 0x1})
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x28, r3, 0x101, 0x4, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x50}}}}}, 0x28}}, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8000c61)
truncate(&(0x7f0000000040)='./file1\x00', 0x1bfc)

22.998989682s ago: executing program 1 (id=98):
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x0, &(0x7f0000005240), 0x1, 0x51b8, &(0x7f0000005280)="$eJzs3V+IVNcdB/Azu65uXepOoRQLQlcoLS0+LIVSi5RuS9X6sDJV+lBbdfuHQvFlFR8qfeiGBIPkIesKEvMQNwQiSUAXMcQQIasSDSGQByEo8cGEJWwwD0LyvISde8/szLnenXGjWaOfT9i9c+Z3zrlnhvsw343nTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAQwu3PawMz//vJSFl94vTFubnZ7T0TNw/1bT2//0YIlfrzlby+9/d/3PHvnXuHe+OAkT9lx2q1bMps6K2ssbLlyflxrT9/DyH0JBN058fNfU1jK+kJwoHihIvatmv3hd7J4Y2HD264NHn01FjxpTOvd7kXsFzy62pm4Voaqv/uSno02k2XXqXlEs3GpxfcN/IiAIB7MlirHxofR/OPuI32WFpP2kNJezxpx08I482NpcjmXVm2zoG0vkzrHMqiwqrSdSb1/P1vtGvp+KSdRI17WGdr1zzS9JatczSpL9c6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4me87N/Pf2u1dOltUnTl+cm5vd3jNx81Df1vP7b4RQrT9fycqV6yfXHfvVP7cMvHl8+GeD//rDju58XDyuaOocrscHv+4P4R9NlZk47WdrQqi1FurNcKJY+E/9wbZYAAAA4FHyw/rvrkY7i4M9Le1KPU1W6v9FeVjctftC7+TwxsMHN1yaPHpqbOnz1UrmG7rrfI12deGn0hSMY/xN51uox64HCvMsLp0xzfNXLm+8uOXqnqNl4wv5v7p4/o/vnPwPAADA1yH/p/Msrl3+f/XIE7MDT539adn4Qv4faDllIf/HFcf83xWWlv8BAADgYfag8/9QYZ7Ftcv/f91z4ncfbukdKhtfyP+DneX/Fc3Ljk++Hxe8rz+EwXZLBwAAAErE/+++8KeFmNeziJ/m9TMvH5u+9vFvNpXNV8j/Q53l/577/soAAACApfr57ls/ePHt786W1Qv5v9ZZ/l/1wFcOAAAAdGr9mc1vVV+oPFdWL+T/kc7y/+r8mO98yAZdif8K4Vh/CL3zD0azwtUw/ttGAQAAALhPYk7//7NX33m6+8/fKetXyP+ji9//P97pIO7/b7n/X2H/f1Mhu+vfJjcGAAAA4HFU3M8fb4+ffXNB2ffvd7r//5N1517/5bXp58vOX8j/Y53l/+7m4/38/j8AAABYgm/b9//9pTDP4trd///T77/23pdzP7pcNr6Q/8c7y//x2Nf88qbj+/Nkfwhr5x/kdxN8JZ5uX1KY6mkqZG98MmJnHJEXplY1FepGkxG/6A9h/fyDsaTwvVgYTwp31uSFyaTwQSzk10OjcDopTMcr7fiafLlp4Y1YyDdYTMUdFH2NLRHJiC/KRswX7jrio8bJAQAAHisxPOdZtqe1GdIoO1Vp12F1uw5d7Tp0t+uwIumQdix7Poy0FuLzf3vp7Ooj1Us/DiUK+X+ys/wf34qV2aFs/3+I+//zLyBs7P8fiYVqUpiKhVp6x4BaPEcWdp+J56jW8hF31jYKAAAA8EiLfxfoXuZ1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFfs3X+QXVV9APCzP96+7GazWcRBVAZWqGDqsNkkpojSMdgo1h+4KK1jHWtCsuCaxQQSOoShnQWs/cHYUkDaaa2Eto7CWJrBKZDWlkgbbAc6Bdo6QNTRIiN2qg5Di7UgdN7ee97ed+7evJdkN2Tp5/PHvvPe9/y878e+c+995wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8/HHfHvtoHf/Dw+6vi19/+leeff/Lc2vVf37n0nLsveTSE8ZnHu7Jw1yM3n3DDGZvePrLnpvesGNu8/n19ebk8HpY2/nTndz4Ra/3OshDu6gqhNw2cPpgFavn9wVjfCYMhHBNmA80SEwNZibThsK8/hF1hNtCsak9/CIOFwPkP33vPpxqJG/tDeG0IoZ628Y161kZ/Gji1LwsMpIGtvVngRy9kmoG7u7MAHLb4Zmi+6HePt2YYnrtcxeuvNm8de3Glw+uJieHqfN8/e4E7VdCXPjB+WE9bqToWROntsde7bRG820rb+TpPW/GLVP4N5YXZUD10b564cONlUzviI91hdLSnqqYFep4fferKTQeTXjSvw9iB4Xl5He578KH+49a+e89ta+9cv+f+xx463G4+UtikxfRCq4f8Nbdonsdonc+TRfD2K31LGvGlK4Rw12umT/mlC558Y1W8NP8fPvD8P76c4213S+5Y67ND2dw8PjIYEz8cyubmAAAAsGgshr2m+//w6eEPvPd3bq+qrzT/H+ns+H885J9P5rPR7g1h3UzimuUhHD/zeBa4NTZ3wfIQXjOTGm8NnJ0E9obwypnEimZVSYklscRIEvjuUB5YlwTui4HxJPC5GLguCXwiBnYngU0xsDcJvDUGwmTrOH56KB9Hx4H+GNiQbcTd8SyEp4dia8m22t+sCgAAYJ7ks8Na693CuQ6HmyFOL3f3t8sQz8CuzFBPakhnsM1pVWUNve1q6G5XQ3Pc0wcefqnmrnY1l07D6GrN0PPmdfse3/b460KF0vx/7MDz//ocHekqHf8P4byZvzF3dx6ZasY3jLdkAAAAAA7Dg3//2T//1zPfeUNVvDT/X9fZ+f9xn0hPIXN4IO6G2LI8hLHWQFbtm8uB7Kj30jwAAAAAi0HzeHzzWPhkfpudop3Op8v5xw8yfzzwv27O/J8597tf/tnPvuGcqv6W5v/jnZ3/P9B6m3XivtiLG5aHsKQQ+GrsZSMwYyQGvvWW1kA+/vviBrg2VpWfmNCs6tpYYkMMjCWBXVUlHmyWOL41kD9ZzcavaY5jMi9RCAAAAMARF3cHxOPy8fz/tZ/75avXPPLEB6vKleb/Gw7u/P+ZeXDp9P6ppSGs7A2hJ/1hwAMD2cKAMTDYlSf+ZiCrqyet6qqBEM5qDCyt6tv5+v+96RqDD/dnVcXA8Sd/4alTG4k/7Q9hZTHwtQ/dsraR2JEEmo3/Qn8IJzVGmzb+l0uyxmtp47+/JIQTC4FmVRcsCaHRWF9a1b31/DoGaVV/UQ/h2EKgWdXP1EPYGQBYpOK/0s3FB7fvvGLLxqmpiUsXMBH34feHCyenJkY3bZ3aXK/o0+akzy3LGF1VHlN3h2Pfny9R9NzbTh7uJN38neBYsS/5fvzSiYP5/fhdqDYzztW1lrtr0iG/7pRyE+mQ5hpypz9hPNQhDxQrmX0SK/vRF5aGJZdtn7h09PKNO3Zcuir722n21dnfeJgp21ar0m01MFffOnh5VK6WlTjUbXVasZKVOy7etnL7zitOn7x440UTF018fNWasbE3rl51xplrVzZGNZb9bTPU0+aqOhnqC7d0OK55HOqreguVHIlPDQkJicWWWHHnm37xi//x+ElVHz+l+f+2A8//46dO/OTP12eoOv4/HA/zZ4/PHubfEAO7Oj3+P1x1NL95YsBIEpiOgWmH+QEAAHhpiLsj497MuNf6ye9dcd2xt5z09apypfn/dGe//5+n9f+bS9e/s2qZ/xWxxFjV+v/pMv/N9f+nq9b/T5f5b67/v+tFWP//smYg2SRPW/8fAAB4KThy6/+3Xd4/vUBAKUPb5f3TCwSUMrRdxr/TCwQc9Pr/T/xg65LjX3brhlChNP+/rrP5v4X7AQAA4Ojx6Qc27zrtJz+pPCpcmv/v6mz+f+TX/wtV5/+PVAXGqxYGtP4fAAAAi1TV+n8fe/2WZZP/NnZBVbnS/H93Z/P/eNpFd0vuWOuzQ9madiFd0+6HQ82fDAAAAMDi0B1GR2sd5m1ZGfXsQ2/z0Xwp0AOli87a/Sc/33PldZUtlub/ezub/7f8LmPfgw/1H7f23XuevW3tnev33P/YQ7PH/wEAAICF0+l+CQAAAAAAAAAAAAAA4MW3/m8/+hsfvuezb6iKl37/H86bebzq9//xun/x9wUvb8kda22//l9+//x33b5zZsnCB4ZCOKUY2HL1lmNCfm3+04qBez684hWNxNVpiS9/861PNBIfSQPvOP1lzzQSZyWBDXGRxFemgXhVxWeWJYG4vOK/pIG4PXangb488FvLsnF0pdvqe4PZtupKt9VjgyEsLwSa2+quwayNrnSANyaB5gAvSQNxgOfmge60V7cvzXoVA4Ox6M1Ls14BAHDUit8Ca+HCyamJsfgVPt6+qrf1NmpZsuyqcrVdHTa/P1+a7Lm3nTzcSbon/S46e63xWqg3hrCq9HW1mKVrZpTzU0ubTffyiiG3W+2tu6Jc6mA3XV/1iPqzEY1u2jq1udZ24GvaZ1nd2zbLqtJkp5ile2aTdlBLB33pYEQdbpsOuhzvd4fR0Z4k15ticDi0aPeK6PT3+sV1/qpeBcU8oyf+6hXTE3c8WVVfaf4/3Nn8v14c1zP5xQCm45X1rlkeQuUlBwEAAIBDtP+vH1m99Y8++cX09jff9Sv/e9dPXflMVbnS/H+ks/l/3IOVHwrO9nbsjdf/b87/h7PArbG5C5aH8JqZ1HgskV1Q/52xxFgWuDXuMFkRS2wYb61qSQzsTgLfHcoDe5PAfTGQ76X4Qsh35fzeUAhrZ1LntZbYFksMJ4H3xsBIEhiNgbEksCwG1iWB/1yWB8aTwP0xECZbt9WXltm7AgAAHIJ8nlVrvRvSed7u3nYZutplGGiXobtdhnq7DFWjiPfviBlqyckrXYVMtbTW/qSWUoZ4MfyD7lcpQ3iwNWdasNR0PP+geb5BV2uGUz7/+g+EZb99c6hQmv+PdTb/H2i9zVq/L87/Z6//lwW+Grt3Qzx1fCQGvvWW1kC+Y+C+ONm9tlnVeF4in7RfG0usi4GRJLAtBtYlgQ3n5YFdr2gN5DPtZuPXNBufzEsUAgAAAHDExR0EcTdNnP9f/tzbl3/6i7/+31XlSvP/dZ3N/2N7S4uNfSLW+p1lIdzVNdubZuD0wSwQ92MMxp/HnzAYwjGFHRzNEhMDWYm+pOGwrz/7hXpfWtWe/myNgXj//IfvvedTjcSN/SG8trD3pdnGN+pZG/1p4NS+LDCQBrb2ZoG456cZuLs7C8Bha+4VjC+o/FSXpuG5y1W8/l4q1wRNh1faBzpHvrl+c7VQ6ukD+T7VpoN72krVsSBKb4+93m2L8d027N1W/CKVf0N5YTZUD92bJy7ceNnUjvhI8ZesJQv0PBd/pdpJeh5eh9OH3tv26mkHxpKPj7G5y839OuyK1e178KH+49a+e89ta+9cv+f+xx7quBsV4g+FX/2j24YfKWzehVYP+Wtu0X2ejPs8WYz/BkY8bSGEf1p/4eXPhr/rr4qX5v/jnc3/e5PbGT+OG3P78hBeV9i4D8TN/3PLs8/BQiD7lDy2HMgOuT8+VPnJCQAAAPOtubujub9gMr/NTghP58nl/OMHmT/ur1g3Z/5O+/2GPztz1VdO3P7HVfHS/H/Dgef/S5JuOv7v+D8LxPH/OR3tu6KXpA9MH9au6FJ1LAjH/+d0tL/bHP+fk+P/jv/PxfH/Nhz/n9PR/rSVviVt86WrMR/9nw9+8t/PHjylKl6a/2/rbP5v/b+5F+1rrv+3oWr9v21V6/9NW/8PAABYUBULzaXzvNLqfaUM6ep9pQxtFwhsu8Sg9f8Oev2/Nw/0vv93+29aESqU5v/Tnc3/48thabH1xbL+38h5FVVdFwPbLAwIAADA0ahqBwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvrpvuHdn3Dz/+0glV8etv/8rzzz95bu36r+9ces7dlzwawuTM411ZuOuRm0+44YxNbx/Zc9N7VoxtXv++el6ult++uiV3rPXZoRB2FR4ZjIkfDjXuzAbOf9ftO3sbiQeGQjilGNhy9ZZjGonPDYVwWjFwz4dXvKKRuDot8eVvvvWJRuIjaeAdp7/smUbirDzQlXb3M8uy7nal3f3UshCWFwLN7n5sWWtVzTbOyQPdaRufH8zaiIHBWPQPBrM2YmAqlphcEsLK3hB60qr+sZ5V1ZNW9Vf1rKqetKpfq4dwVgihN63qm31ZVb3pyP+5L6sqBo4/+QtPndpI7OoLYWUx8LUP3bK2kbgkCTQbf19fCCc1XjJp43fUssZraeM31kI4MYTQl5b4r96sRF9a4tu9IRxbCDQb/2hvCDsDLwnxw2dz8cHtO6/YsnFqauLSBUz05W31hwsnpyZGN22d2lxP+lSlq5B+4aoDxw9k/1NXbmrcPve2k4c7Sffm5WozXV5da7m7Zr56X1ug3sd+DRQrmX0+SvXH/H1haVhy2faJS0cv37hjx6Wrsr+dZl+d/e1pDq6xrVbN17bq1KFuq9OKlazccfG2ldt3XnH65MUbL5q4aOLjq9aMjb1x9aozzly7sjGqsezvfAz1liM/1Ff1Fio5Eh8AEhISiy3R3fLpNna0f5CXvujPdrQW6jMf0KVpRTFL18wo52PQZx/iiA/le0rbEa0qTRxKWVa3z7KmNJmYzdKfZZn5XleaHBZr6p7ZpPF+dxgd7anaDsOtd4ub9/uHsXkfzTddp2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2MHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WYfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//HB8mtQ==")
open(&(0x7f0000000200)='./bus\x00', 0x14d27e, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17ffff7, 0x4002011, r0, 0x0)
ftruncate(r0, 0x20cf01)
io_uring_setup(0x0, &(0x7f0000003580)={0x0, 0x80000000, 0x1400, 0x1})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000006, &(0x7f0000000380)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@quota}, {@minixdf}, {@data_err_abort}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@bsdgroups}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {@quota}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_dev$usbfs(0x0, 0x76, 0x101301)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r7, 0xc0105502, &(0x7f0000000340)={0x1, 0x1})
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x28, r3, 0x101, 0x4, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x50}}}}}, 0x28}}, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8000c61)
truncate(&(0x7f0000000040)='./file1\x00', 0x1bfc)

10.041305965s ago: executing program 1 (id=98):
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x0, &(0x7f0000005240), 0x1, 0x51b8, &(0x7f0000005280)="$eJzs3V+IVNcdB/Azu65uXepOoRQLQlcoLS0+LIVSi5RuS9X6sDJV+lBbdfuHQvFlFR8qfeiGBIPkIesKEvMQNwQiSUAXMcQQIasSDSGQByEo8cGEJWwwD0LyvISde8/szLnenXGjWaOfT9i9c+Z3zrlnhvsw343nTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAQwu3PawMz//vJSFl94vTFubnZ7T0TNw/1bT2//0YIlfrzlby+9/d/3PHvnXuHe+OAkT9lx2q1bMps6K2ssbLlyflxrT9/DyH0JBN058fNfU1jK+kJwoHihIvatmv3hd7J4Y2HD264NHn01FjxpTOvd7kXsFzy62pm4Voaqv/uSno02k2XXqXlEs3GpxfcN/IiAIB7MlirHxofR/OPuI32WFpP2kNJezxpx08I482NpcjmXVm2zoG0vkzrHMqiwqrSdSb1/P1vtGvp+KSdRI17WGdr1zzS9JatczSpL9c6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4me87N/Pf2u1dOltUnTl+cm5vd3jNx81Df1vP7b4RQrT9fycqV6yfXHfvVP7cMvHl8+GeD//rDju58XDyuaOocrscHv+4P4R9NlZk47WdrQqi1FurNcKJY+E/9wbZYAAAA4FHyw/rvrkY7i4M9Le1KPU1W6v9FeVjctftC7+TwxsMHN1yaPHpqbOnz1UrmG7rrfI12deGn0hSMY/xN51uox64HCvMsLp0xzfNXLm+8uOXqnqNl4wv5v7p4/o/vnPwPAADA1yH/p/Msrl3+f/XIE7MDT539adn4Qv4faDllIf/HFcf83xWWlv8BAADgYfag8/9QYZ7Ftcv/f91z4ncfbukdKhtfyP+DneX/Fc3Ljk++Hxe8rz+EwXZLBwAAAErE/+++8KeFmNeziJ/m9TMvH5u+9vFvNpXNV8j/Q53l/577/soAAACApfr57ls/ePHt786W1Qv5v9ZZ/l/1wFcOAAAAdGr9mc1vVV+oPFdWL+T/kc7y/+r8mO98yAZdif8K4Vh/CL3zD0azwtUw/ttGAQAAALhPYk7//7NX33m6+8/fKetXyP+ji9//P97pIO7/b7n/X2H/f1Mhu+vfJjcGAAAA4HFU3M8fb4+ffXNB2ffvd7r//5N1517/5bXp58vOX8j/Y53l/+7m4/38/j8AAABYgm/b9//9pTDP4trd///T77/23pdzP7pcNr6Q/8c7y//x2Nf88qbj+/Nkfwhr5x/kdxN8JZ5uX1KY6mkqZG98MmJnHJEXplY1FepGkxG/6A9h/fyDsaTwvVgYTwp31uSFyaTwQSzk10OjcDopTMcr7fiafLlp4Y1YyDdYTMUdFH2NLRHJiC/KRswX7jrio8bJAQAAHisxPOdZtqe1GdIoO1Vp12F1uw5d7Tp0t+uwIumQdix7Poy0FuLzf3vp7Ooj1Us/DiUK+X+ys/wf34qV2aFs/3+I+//zLyBs7P8fiYVqUpiKhVp6x4BaPEcWdp+J56jW8hF31jYKAAAA8EiLfxfoXuZ1AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFfs3X+QXVV9APCzP96+7GazWcRBVAZWqGDqsNkkpojSMdgo1h+4KK1jHWtCsuCaxQQSOoShnQWs/cHYUkDaaa2Eto7CWJrBKZDWlkgbbAc6Bdo6QNTRIiN2qg5Di7UgdN7ee97ed+7evJdkN2Tp5/PHvvPe9/y878e+c+995wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8/HHfHvtoHf/Dw+6vi19/+leeff/Lc2vVf37n0nLsveTSE8ZnHu7Jw1yM3n3DDGZvePrLnpvesGNu8/n19ebk8HpY2/nTndz4Ra/3OshDu6gqhNw2cPpgFavn9wVjfCYMhHBNmA80SEwNZibThsK8/hF1hNtCsak9/CIOFwPkP33vPpxqJG/tDeG0IoZ628Y161kZ/Gji1LwsMpIGtvVngRy9kmoG7u7MAHLb4Zmi+6HePt2YYnrtcxeuvNm8de3Glw+uJieHqfN8/e4E7VdCXPjB+WE9bqToWROntsde7bRG820rb+TpPW/GLVP4N5YXZUD10b564cONlUzviI91hdLSnqqYFep4fferKTQeTXjSvw9iB4Xl5He578KH+49a+e89ta+9cv+f+xx463G4+UtikxfRCq4f8Nbdonsdonc+TRfD2K31LGvGlK4Rw12umT/mlC558Y1W8NP8fPvD8P76c4213S+5Y67ND2dw8PjIYEz8cyubmAAAAsGgshr2m+//w6eEPvPd3bq+qrzT/H+ns+H885J9P5rPR7g1h3UzimuUhHD/zeBa4NTZ3wfIQXjOTGm8NnJ0E9obwypnEimZVSYklscRIEvjuUB5YlwTui4HxJPC5GLguCXwiBnYngU0xsDcJvDUGwmTrOH56KB9Hx4H+GNiQbcTd8SyEp4dia8m22t+sCgAAYJ7ks8Na693CuQ6HmyFOL3f3t8sQz8CuzFBPakhnsM1pVWUNve1q6G5XQ3Pc0wcefqnmrnY1l07D6GrN0PPmdfse3/b460KF0vx/7MDz//ocHekqHf8P4byZvzF3dx6ZasY3jLdkAAAAAA7Dg3//2T//1zPfeUNVvDT/X9fZ+f9xn0hPIXN4IO6G2LI8hLHWQFbtm8uB7Kj30jwAAAAAi0HzeHzzWPhkfpudop3Op8v5xw8yfzzwv27O/J8597tf/tnPvuGcqv6W5v/jnZ3/P9B6m3XivtiLG5aHsKQQ+GrsZSMwYyQGvvWW1kA+/vviBrg2VpWfmNCs6tpYYkMMjCWBXVUlHmyWOL41kD9ZzcavaY5jMi9RCAAAAMARF3cHxOPy8fz/tZ/75avXPPLEB6vKleb/Gw7u/P+ZeXDp9P6ppSGs7A2hJ/1hwAMD2cKAMTDYlSf+ZiCrqyet6qqBEM5qDCyt6tv5+v+96RqDD/dnVcXA8Sd/4alTG4k/7Q9hZTHwtQ/dsraR2JEEmo3/Qn8IJzVGmzb+l0uyxmtp47+/JIQTC4FmVRcsCaHRWF9a1b31/DoGaVV/UQ/h2EKgWdXP1EPYGQBYpOK/0s3FB7fvvGLLxqmpiUsXMBH34feHCyenJkY3bZ3aXK/o0+akzy3LGF1VHlN3h2Pfny9R9NzbTh7uJN38neBYsS/5fvzSiYP5/fhdqDYzztW1lrtr0iG/7pRyE+mQ5hpypz9hPNQhDxQrmX0SK/vRF5aGJZdtn7h09PKNO3Zcuir722n21dnfeJgp21ar0m01MFffOnh5VK6WlTjUbXVasZKVOy7etnL7zitOn7x440UTF018fNWasbE3rl51xplrVzZGNZb9bTPU0+aqOhnqC7d0OK55HOqreguVHIlPDQkJicWWWHHnm37xi//x+ElVHz+l+f+2A8//46dO/OTP12eoOv4/HA/zZ4/PHubfEAO7Oj3+P1x1NL95YsBIEpiOgWmH+QEAAHhpiLsj497MuNf6ye9dcd2xt5z09apypfn/dGe//5+n9f+bS9e/s2qZ/xWxxFjV+v/pMv/N9f+nq9b/T5f5b67/v+tFWP//smYg2SRPW/8fAAB4KThy6/+3Xd4/vUBAKUPb5f3TCwSUMrRdxr/TCwQc9Pr/T/xg65LjX3brhlChNP+/rrP5v4X7AQAA4Ojx6Qc27zrtJz+pPCpcmv/v6mz+f+TX/wtV5/+PVAXGqxYGtP4fAAAAi1TV+n8fe/2WZZP/NnZBVbnS/H93Z/P/eNpFd0vuWOuzQ9madiFd0+6HQ82fDAAAAMDi0B1GR2sd5m1ZGfXsQ2/z0Xwp0AOli87a/Sc/33PldZUtlub/ezub/7f8LmPfgw/1H7f23XuevW3tnev33P/YQ7PH/wEAAICF0+l+CQAAAAAAAAAAAAAA4MW3/m8/+hsfvuezb6iKl37/H86bebzq9//xun/x9wUvb8kda22//l9+//x33b5zZsnCB4ZCOKUY2HL1lmNCfm3+04qBez684hWNxNVpiS9/861PNBIfSQPvOP1lzzQSZyWBDXGRxFemgXhVxWeWJYG4vOK/pIG4PXangb488FvLsnF0pdvqe4PZtupKt9VjgyEsLwSa2+quwayNrnSANyaB5gAvSQNxgOfmge60V7cvzXoVA4Ox6M1Ls14BAHDUit8Ca+HCyamJsfgVPt6+qrf1NmpZsuyqcrVdHTa/P1+a7Lm3nTzcSbon/S46e63xWqg3hrCq9HW1mKVrZpTzU0ubTffyiiG3W+2tu6Jc6mA3XV/1iPqzEY1u2jq1udZ24GvaZ1nd2zbLqtJkp5ile2aTdlBLB33pYEQdbpsOuhzvd4fR0Z4k15ticDi0aPeK6PT3+sV1/qpeBcU8oyf+6hXTE3c8WVVfaf4/3Nn8v14c1zP5xQCm45X1rlkeQuUlBwEAAIBDtP+vH1m99Y8++cX09jff9Sv/e9dPXflMVbnS/H+ks/l/3IOVHwrO9nbsjdf/b87/h7PArbG5C5aH8JqZ1HgskV1Q/52xxFgWuDXuMFkRS2wYb61qSQzsTgLfHcoDe5PAfTGQ76X4Qsh35fzeUAhrZ1LntZbYFksMJ4H3xsBIEhiNgbEksCwG1iWB/1yWB8aTwP0xECZbt9WXltm7AgAAHIJ8nlVrvRvSed7u3nYZutplGGiXobtdhnq7DFWjiPfviBlqyckrXYVMtbTW/qSWUoZ4MfyD7lcpQ3iwNWdasNR0PP+geb5BV2uGUz7/+g+EZb99c6hQmv+PdTb/H2i9zVq/L87/Z6//lwW+Grt3Qzx1fCQGvvWW1kC+Y+C+ONm9tlnVeF4in7RfG0usi4GRJLAtBtYlgQ3n5YFdr2gN5DPtZuPXNBufzEsUAgAAAHDExR0EcTdNnP9f/tzbl3/6i7/+31XlSvP/dZ3N/2N7S4uNfSLW+p1lIdzVNdubZuD0wSwQ92MMxp/HnzAYwjGFHRzNEhMDWYm+pOGwrz/7hXpfWtWe/myNgXj//IfvvedTjcSN/SG8trD3pdnGN+pZG/1p4NS+LDCQBrb2ZoG456cZuLs7C8Bha+4VjC+o/FSXpuG5y1W8/l4q1wRNh1faBzpHvrl+c7VQ6ukD+T7VpoN72krVsSBKb4+93m2L8d027N1W/CKVf0N5YTZUD92bJy7ceNnUjvhI8ZesJQv0PBd/pdpJeh5eh9OH3tv26mkHxpKPj7G5y839OuyK1e178KH+49a+e89ta+9cv+f+xx7quBsV4g+FX/2j24YfKWzehVYP+Wtu0X2ejPs8WYz/BkY8bSGEf1p/4eXPhr/rr4qX5v/jnc3/e5PbGT+OG3P78hBeV9i4D8TN/3PLs8/BQiD7lDy2HMgOuT8+VPnJCQAAAPOtubujub9gMr/NTghP58nl/OMHmT/ur1g3Z/5O+/2GPztz1VdO3P7HVfHS/H/Dgef/S5JuOv7v+D8LxPH/OR3tu6KXpA9MH9au6FJ1LAjH/+d0tL/bHP+fk+P/jv/PxfH/Nhz/n9PR/rSVviVt86WrMR/9nw9+8t/PHjylKl6a/2/rbP5v/b+5F+1rrv+3oWr9v21V6/9NW/8PAABYUBULzaXzvNLqfaUM6ep9pQxtFwhsu8Sg9f8Oev2/Nw/0vv93+29aESqU5v/Tnc3/48thabH1xbL+38h5FVVdFwPbLAwIAADA0ahqBwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvrpvuHdn3Dz/+0glV8etv/8rzzz95bu36r+9ces7dlzwawuTM411ZuOuRm0+44YxNbx/Zc9N7VoxtXv++el6ult++uiV3rPXZoRB2FR4ZjIkfDjXuzAbOf9ftO3sbiQeGQjilGNhy9ZZjGonPDYVwWjFwz4dXvKKRuDot8eVvvvWJRuIjaeAdp7/smUbirDzQlXb3M8uy7nal3f3UshCWFwLN7n5sWWtVzTbOyQPdaRufH8zaiIHBWPQPBrM2YmAqlphcEsLK3hB60qr+sZ5V1ZNW9Vf1rKqetKpfq4dwVgihN63qm31ZVb3pyP+5L6sqBo4/+QtPndpI7OoLYWUx8LUP3bK2kbgkCTQbf19fCCc1XjJp43fUssZraeM31kI4MYTQl5b4r96sRF9a4tu9IRxbCDQb/2hvCDsDLwnxw2dz8cHtO6/YsnFqauLSBUz05W31hwsnpyZGN22d2lxP+lSlq5B+4aoDxw9k/1NXbmrcPve2k4c7Sffm5WozXV5da7m7Zr56X1ug3sd+DRQrmX0+SvXH/H1haVhy2faJS0cv37hjx6Wrsr+dZl+d/e1pDq6xrVbN17bq1KFuq9OKlazccfG2ldt3XnH65MUbL5q4aOLjq9aMjb1x9aozzly7sjGqsezvfAz1liM/1Ff1Fio5Eh8AEhISiy3R3fLpNna0f5CXvujPdrQW6jMf0KVpRTFL18wo52PQZx/iiA/le0rbEa0qTRxKWVa3z7KmNJmYzdKfZZn5XleaHBZr6p7ZpPF+dxgd7anaDsOtd4ub9/uHsXkfzTddp2kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/2MHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WYfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//HB8mtQ==")
open(&(0x7f0000000200)='./bus\x00', 0x14d27e, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x10103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x17ffff7, 0x4002011, r0, 0x0)
ftruncate(r0, 0x20cf01)
io_uring_setup(0x0, &(0x7f0000003580)={0x0, 0x80000000, 0x1400, 0x1})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000006, &(0x7f0000000380)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10000}}, {@orlov}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@quota}, {@minixdf}, {@data_err_abort}, {@max_batch_time={'max_batch_time', 0x3d, 0x2}}, {@bsdgroups}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {@quota}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_open_dev$usbfs(0x0, 0x76, 0x101301)
ioctl$TCSETA(0xffffffffffffffff, 0x5406, 0x0)
ioctl$USBDEVFS_CLEAR_HALT(r7, 0xc0105502, &(0x7f0000000340)={0x1, 0x1})
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$NL80211_CMD_JOIN_IBSS(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)={0x28, r3, 0x101, 0x4, 0x0, {{}, {@val={0x8}, @val={0xc, 0x99, {0x800, 0x50}}}}}, 0x28}}, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8000c61)
truncate(&(0x7f0000000040)='./file1\x00', 0x1bfc)

7.961890282s ago: executing program 3 (id=713):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005240)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000340)="a177723329a41ef14f0806c8648e29c07f", 0x11}], 0x1, 0x0, 0x78, 0x20000000}}], 0x1, 0x2000c050)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x41, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7.526371159s ago: executing program 3 (id=716):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000080)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0x3, 0x4421, &(0x7f0000004500)="$eJzs3c9PHGUfAPBnBt63UNsKtYeamLiJTTRqCPSk0kRKaSm0WFNtY7xsF9i26MI2sBgPPeCtiScTD8ZDo4k3Tg0Hr/VP8OKxnpvowYuJSSNmd2eBGXbDSliwzeeTlNl5fu9+d5595jB94kTl9txSbm4pV1jIlWduLp3OfVYuLc8XQ7xPDrp/2tOJOIn9wbly7sIH10+H8NPsL4/X19fXQ1V3aGpoy+s//7g7s/XYEGfqVNtt3tpe+TiEcGLbuKq6Qggf/RhCFEI4m6SNJsfeEMKxUM+7fvfLG7k9Gs2DR8Uz+SdT99aGT02u3l9r/d6jEL4tvfjmrfnfXuka/vX1PeoeAAAAAAAAAAAAAAAAAICn3PjVK9feHxwKD6PQvRptf153PDm2ej52fc+83Pk3CwAAAAAAAAAAAAAAAAAAAP9Rm8//56LjTZ7/H0uOIy3qr7/b+THSORPvXRk7PziU7P8ebct/K0n6/WxX6G+y73t2//ezmfrN93/f3s9uNcbX6LcvRPFA6jyOBwZC+D7Z+P1kdDgulZcqb9wsLy/M7tkwnlrp+Nd3709FJ9nQv934j2ba7/z+/y9s+zZVz2/s3VfsmZaOf1fLcj98EbUV/3OZevsRf3YvHf/uWlrv1gIj9QmgGv+vuneO/1im/U7F/1gIIRdVx5pLzQDVNUw1vdV6hbR0/P9XS0tNnckH2er6/ysT//OZ9g9q/l/J/hDRVDr+/6+l9aRKbF7//fHO1/+FTPsHEf/q+Ff8/rclHf9D9cTuVJHaJ9nu/D+eab9T8b8WJ+M8FqW+AatRPb3V/1dHWjr+PdvyN+//4rbWfxcz9ffr/q/Rb+P+rzH9vxbV7/9oLh3/3pbl2r3+JzL1Oj3/j9TWf+xWOv6Ha2nptXNf7W+78Z/MtN+p+NdWJT2N+G/OJ38fqqd/Z/3XlnT8n6snxltLrNT+1tZ/0c7r/0uZ9g9i/Vcd/0rc2V6fFen4H2lZrhr/n9v4/b+cqdf5+IcwaK2/a+n4H21Zrnb99+wc/6lMvU7H/9VONg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFBhNjn0higdS53E8MBDCueT8ZDgcTRdm89Ol8synSyGMJem5cDy6VSpPF0r5uYXybDFfKJXKMyGcT/JPhJ5oqVSu5OcLdy5stNUb3S4WFivTxUIlhDCepL8Ujjbamp6rzBfuhBAubuQ9H5cX79wuLORn5xbfGRwcHAwTG2Poj4qfV4oLlXrv9dwQJjfq9kVbBlfLvrQxliPRJ+XlxYVCqZZ+eUudUnmmUNpSZyrJ+zr0R5XF5YWZQqWYL5VvNfo7SCPJcWzi6odXLw9ty78R1Y+j+zssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lh8NvfxNC6K6fxSGEXJS8iJJ/KQ8eFc/kn0zdWxs+Nbl6f+1xszIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//z8QH1I=")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000100)=0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102008e}, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf9, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x361)
bpf$MAP_CREATE(0x0, 0x0, 0x52)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xb, 0x0, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x6}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x4}, 0x10, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000340)=@abs, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
creat(&(0x7f0000000140)='./file0\x00', 0x0)

7.063241498s ago: executing program 2 (id=719):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000240)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000280)='xprtrdma_marshal_failed\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffff9}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0b000000030000001000000022bf000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8, 0x1}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = inotify_init1(0x0)
fcntl$setown(r4, 0x8, 0xffffffffffffffff)
fcntl$getownex(r4, 0x10, &(0x7f0000000380)={0x0, <r5=>0x0})
symlink(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180)='./file1\x00')
setpgid(0x0, r5)

5.656009938s ago: executing program 3 (id=723):
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000540)=@o_path={&(0x7f0000000200)='./file1\x00', 0x0, 0x10}, 0x18)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_PORT={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x44}}, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000004c0)={r5, 0xe0, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0, 0xa1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdc5, 0x0, 0x0, 0xfffffdec, 0x0}}, 0x10)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=r7, 0x4)
r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r9, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000900)=@base={0xa, 0x37e, 0xffffff80, 0x5, 0x10402, 0x1, 0x800, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x5, 0x1, 0x0, @void, @value, @value}, 0x50)
r11 = openat$bsg(0xffffffffffffff9c, &(0x7f00000009c0), 0x604002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x3, 0x12, &(0x7f0000000800)=ANY=[@ANYBLOB="080000000300000000000000b604000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018180000", @ANYRES32=r0], &(0x7f0000000580)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41100, 0x20, '\x00', r2, @sched_cls=0x2e, 0xffffffffffffffff, 0x8, &(0x7f00000008c0)={0x4, 0x2}, 0x8, 0x10, 0x0, 0x0, r7, r9, 0x0, &(0x7f0000000a00)=[r10, 0xffffffffffffffff, r11, 0x1], 0x0, 0x10, 0x3986, @void, @value}, 0x94)
syz_mount_image$minix(&(0x7f00000003c0), &(0x7f0000000c40)='./file1/file0\x00', 0x280085e, &(0x7f0000000c00)=ANY=[@ANYRES64=r3, @ANYRES64=r4, @ANYRES8=r8, @ANYRES64=r6], 0xa, 0x229, &(0x7f00000005c0)="$eJzs2z1PFEEcx/HfPtxxoIARtTCaEI1oI+dDZWHUjoo3QEXgVOIaUbSAmAiNWphQ2dlYmZhYWBqDnbHyBViY2GmIFJdYWbBmz32Am3vO3a4e30/D7Pxm2NkNc/eH5QRgz7qqcVmylA8OjhUOrI9ZWS8JQEr88Ou26yfsKATQ324OZ70CANnYuia9OCX9LD+ck5OPyoKgAvi6KWlj4olWFeb2gKRXnyU3rh+21qSjbphbBQ1W1xcvpdPRfGvIqD+C+UNxvm9HMhjnZ05G59+vYY1oNBckBzUW5vPx/CNN6x23reoIAID+ZGmyWd5wgK3rC17pXN08V8nP183zlfxCk/xifDwQt2aeTz9471/eDvLJuTvefKNlAqjB7mD/fzmetJ0m+9+ts/+rf08AkL6l5ZVbs57nP5IqjdK9sCdsRH8RSHocY0xXGtEzhxYGR08ojSj4Hjt6HHP6+oR57d27CjtZ2Kik3tyof7ihGtG3qb/3JO6xe3HndzVO/Pj9ePHZ23etDH7T5ins+KduZqNUrhojW+rhdY0bu2DWK7Q23Vr1/TZPWvPlIvnngEK3X4kApK14//ZicWl55eyCI+lGKRe94U9936xU9sXG9T2A/1fypl8rXTN6/N2H0x8//Spfev20gzNfkfTBfCAIAAAAAAAAAAAAAADadkiHs14CAAAAgJSYn/65O9Ltjy5lfY0AAAAAAAAAAAAAAAAAAPSbPwEAAP//dhAJcA==")
r12 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r13 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r13, 0xaf01, 0x0)
r14 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r13, 0x4004af07, 0x0)
ioctl$VHOST_SET_VRING_KICK(r13, 0x4008af20, &(0x7f0000000040)={0x0, r14})
ioctl$VHOST_SET_VRING_ADDR(r13, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/233, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r13, 0x4028af11, &(0x7f0000000780)={0x0, 0x1, 0x0, &(0x7f0000000700)=""/99, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r13, 0x4008af03, &(0x7f0000000640))
write$RDMA_USER_CM_CMD_CREATE_ID(r12, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000080)={<r15=>0xffffffffffffffff}, 0x106, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_CONNECT(r12, &(0x7f0000000400)={0x6, 0x118, 0xfa00, {{0x5, 0x59282ac0, "63b8ec0a20055d2bd11b02925a41f54ac86147159264c35641ebb3834c566979eddcc819f406893fb8a217fd7545a4dd6faa2690bfefbbfc541fe2bacb7ec3116fb868e39ff41ae512e290b2127bc1e67004fde289aab39ef4f7fb8c0bfcecb026013b1297deb8dd7e17a034e9da6ea7fa6cfa53411a11e72105435b52f0b4fc86d4aaf198918c2b4d4d335bc8e98c59fa9ad65f6361e9e6ecb52fdcd3aca89aa94bba96f959b41be2a85069e10eb9f518f239a037f10726f62c61670735aa84d556e8ab9ac212cb1fe5ee365af7c3492ae652768e5af22764b5c97164366ca9e9ba0a30a3c409d98add89f0b583c3845c443f031de75981261f21c98ff7eef2", 0x0, 0x3, 0x2, 0x5, 0x5, 0x7, 0x2, 0x1}, r15}}, 0x120)
ioctl$VHOST_VSOCK_SET_RUNNING(r13, 0x4004af61, &(0x7f0000000000)=0x20000)
ioctl$VHOST_VDPA_GET_VRING_NUM(r13, 0x4008af10, &(0x7f00000001c0))
truncate(&(0x7f0000000180)='./file1\x00', 0x6)

5.127745313s ago: executing program 4 (id=726):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005240)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000340)="a177723329a41ef14f0806c8648e29c07f", 0x11}], 0x1, 0x0, 0x78, 0x20000000}}], 0x1, 0x2000c050)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x41, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.989662485s ago: executing program 0 (id=727):
syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000c80)='./bus\x00', 0x800004, &(0x7f00000003c0)=ANY=[@ANYRES32, @ANYRESDEC=0x0, @ANYBLOB="8746f5065034903224edc599b6b5216410076d588abfbd94bdfe6a70288a8083f1fb57c7b45748016469534f8308727971072c0635972121c88b1d51df73eb5a1fd60f49012807415c7d68a552a69b658cc3b8793ec1273893b759c6602e3bb16a0bc48a8700329c2038abf6eb1304e160ee7fa17f720216eb6be3b8f7daa3af7865d2ff69abd8d78d396b6652", @ANYRES32=0x0, @ANYBLOB="2c73ffffffff0000000069643d69676e6f72652c73686f727461642c766f6c756d65303030303030362c000000000000000000000000000000353774136cdbdbb995344e7f3af747af8df245120f94039fb148fb5d00780f72f8d20b09625b0cd253a6a6fe51560db5f64c830871ddd885fd75d752b2c34e10c1867d6b5823411f4499c47dbb2a96ab98268268243ff702dcd1e3d191d0f587a8b09a7b0b482f35a5aee232a5a531bdb1004168c01e6116579f2d8e2e5547ab7f333d7c26e518b63eaf079731358245035c96c7d628b1570fef34ef7ac3d136f220a6dbe7df0c15ec47eb5ff36ead1d7cf9c40fae77"], 0x1, 0xc28, &(0x7f0000001940)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvatv2kJowL1KSwmIXpVeFLfdmO3dJJC29GJVzsw30khrW9q1Lcnr5zH278yZ98x8Z1av5pzZc+YEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDx9W+cHBpOez0KAGA3nZl8c2jE+z8APFHO2f8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGB7KYr4bqR49wetNN2+3TFwutG8cnVqfOLuiw2mSFGJol1f/h0YPjpy7JVXj4928/7LP2xfiDcmz52snVqYX1yaXV6enalNNRsXFmZmd/wID7r8VkfaL0Bt/u0rMxcvLteOvjyy6e6r1TsHnj5UPTF6eOStbu3U+MTEZE9NX//HfvYPSQ/vofgEeSqK+Gak+PlL76d6RFTiwXthm98dj9pg9JX9116JqfGJ9orMNerNlfLOVMlVfRHVnoXGuj2yC734QMYirpX/ncoBHylXb3KxvlQ/PzdbO1tfWmmsNBaaqdIZbbk+1ajEaIpYjIhWsdeDZ7/pjyKORYo7v26l8xFRdPvgxTOTbw6NbP8AfbswyHs8bbWIWI3HoGdhnzoQRfx5pPjh9FBcyH3Vbpv3Ir5S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4heRYiG10ky399vblae/VXu9eXGhp7a7XfnY7x/sJtsm7GMDUcT59hZ/K338D7sAAAAAAAAAAAAAgN1RxE8jxc35F9Ji9J5T2mheqp2rn5/rHBXcPfa/lpdaW1tbq6ZO1nIO5RzLeTbndM7FnNdyXs95I+fNnLdyrua8nbOVMyr5+XPWcg7lHMt5Nud0zsWc13Jez3kj582ct3Ku5ryds5UznPcEAAAAAAAAAAAAAAAAAADAQzYYRUxEihvv/kH7utLRvi79p0+Mnhl/rvea8Z/b5nHK2pcj4qexs2vy9udrjadK+efhrxewvYEo4jv5+n9/tNeDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9oVKFPHdSPGj37RSpIgYi5iOTt4u9np0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBpIBVxKlL81zcG2rdXI+KLEfHBWvkn4n/XttrrEQMAAAAAAAAAAAAAAAAAAMAnUCricqT48c9bqRoRV6t3Djx9qHpi9PDIW0UUkcqS3vo3Js+drJ1amF9cml1enp2pTTUbFxZmZnf6dAOnG80rV6fGJx7Jymxr8BGPf3Dg1MLiO0uNS7+/ctf7Dw6cPL+8slS/cPe7YzD6IoZ65xxpD3hqfKI96LlGvdleNFXuMcC+iNpOVwYAAAAAAAAAAAAAAAAAAIB942AqYjxSPP+zY6l73nhf55z/T3VuFeu1P/nDje8CmNuSXb3fH7CT6bTTgR5pn3hfmxqfmJjsmd3X/+HSckwpFfHZSHH47z7fPh8+xcG7nhtf1v1JpBj9v2O5rnq4rBvbVDVwZGp8onZmofnSybm5hQv1lfr5udna5GL9wo6/OAAAAAAAAAAAAAAAAAAAAADu42Aq4k8jxbHXV1P3uvP5/P++zq2e8/9fi+hedn4gbc517XP7f7t9bn9n+tMnRl8/+vy95j+K8//LMaVUxAeR4pm/+Hz7evrd8/+HttSWdT+OFL/43pdyXeWpsm64uzqdR7zYmJsdKmtfjBTfP9utjXbtq7n2Mxu1w2Xt30eKZ39vc+3xXPvcRu3RsvZOpJg4c/faz27UjpS1g5Hiq39c69YeLGu/nmsPbdS+fGFhbmanLy9PprL//y1SfHn4m6n7M3/P/u/5/o9rW3Ldh3r+/tMPq/+rPfOu5b5ey/0/vE3/X44Uf3b9S7mu03tH8/3PtP/d6P/vR4rf+dTm2ldy7bMbtcM7XS3YS2X//2OkWL39L+s/87n/c2dtdGhv/3+xb3N2twv2qv+f6ZlXzeMa+YivBTxplt/59tv1ubnZJRMmTJhYn9jr30zAo1Zu//93pPja5SJ192Pz9v9vdW5t7P//z3c2tv9PbMl1e7T9/2zPvBN5r6W/L2JgZX6x/3MRA8vvfPulxnz90uyl2ebIyOjx3z02fPT4cP9T3Z37jakdv3bwuCv7/+1I8ZO/+uf1z7E37//f/fO/g1ty3R71/2d612nTfs2OXwp44pT9/5eR4l9vvL/+/5vu9/lf93O+F57fnIPdoh33/4GPNtBt+v+5nnm1/M9oz7wXioiTH+0ZAQAAAAAAAABg3zuYivhZpPib1j+sX/N+8/E/8eVube/xf/eyH67/DwDcX/n+Pxkp/ungV1P3O2R2cvz/zJZct0fH/x/qmTezS+c17/hFBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAjylFEQcixbs/aKXbRXm7Y+B0o3nl6tT4xN0XG0yRohJFu778OzB8dOTYK68eH+3m/Zd/2L4Qb0yeO1k7tTC/uDS7vDw7U5tqNi4szMzu+BEedPmtjrRfgNr821dmLl5crh19eWTT3Verdw48fah6YvTwyFvd2qnxiYnJnpq+/o/97B+SHt5D8QnyVPx1nno//XsRUYkH74Vtfnc8aoPRV/ZfeyWmxifaKzLXqDdXyjtTJVf1RVR7Fhrr9sgu9OIDGYu4FhGVcsBHytWbXKwv1c/PzdbO1pdWGiuNhWaqdEZbrk81KjGaIhYjolXs9eDZb/qjiL+NFHd+3Ur/UUQU3T548czkm0Mj2z9A3y4M8h5PWy0iVuMx6FnYpw5EEc9Fih9OD8V/Fp2+arfNexFfKfO1iMtl3kpxPd9O5S+I0YhfeT+Bx1pfFHE2UiykVnqvyL3f3q48/a3a682LCz213e3Kx37/YDfZNmEfG4giftne4m+lX3o/BwAAAAAAAAAAAIB9roivRYqb8y+k9vmh6+eUNpqXaufq5+c6h/V3j/2v5aXW1tbWqqmTtZxDOcdyns05nXMx57Wc13PeyHkz562cqzlv52zljEp+/py1nEM5x3KezTmdczHntZzXc97IeTPnrZyrOW/nbOUMx0kDAAAAAAAAAAAAAAAAAPCIVKKI70WKH/2mldaKzvVlp6OTt53nCp9o/x8AAP//0apE3g==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ftruncate(r0, 0x2008002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r1, &(0x7f00000000c0)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
r6 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = dup(r6)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000200)={'tunl0\x00', 0x0, 0x8000, 0x8080, 0x4, 0x7, {{0xb, 0x4, 0x0, 0x2, 0x2c, 0x64, 0x0, 0x20, 0x2f, 0x0, @private=0xa010102, @multicast1, {[@ssrr={0x89, 0xf, 0x13, [@empty, @multicast1, @rand_addr=0x64010100]}, @lsrr={0x83, 0x7, 0x42, [@dev={0xac, 0x14, 0x14, 0x34}]}]}}}}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCGPGRP(r7, 0x540f, &(0x7f0000000000)=<r8=>0x0)
syz_open_procfs(r8, &(0x7f00000000c0)='pagemap\x00')
ioctl$CAPI_REGISTER(r6, 0x400c4301, &(0x7f0000000680)={0x0, 0x0, 0x98})
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
shutdown(r9, 0x0)

4.761798505s ago: executing program 4 (id=728):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x14, r1, 0x7d8ef487a120937d}, 0x14}}, 0x0)
copy_file_range(r0, &(0x7f0000000000)=0xff, r0, 0x0, 0x9, 0x0)

4.625305266s ago: executing program 4 (id=729):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = dup2(r1, r1)
bind$alg(r2, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-avx2\x00'}, 0x58)
r3 = accept4$alg(r1, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
sendmmsg$alg(r3, &(0x7f0000006840)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000000)='4', 0x1}], 0x1}], 0x1, 0x24008811)
write$binfmt_script(r4, &(0x7f0000000040)={'#! ', './file0'}, 0xb)
ftruncate(r4, 0x8979)
sendfile(r3, r4, 0x0, 0xfff)
connect$inet6(r0, &(0x7f0000000080)={0x2, 0x0, 0x0, @private1}, 0xf)
syz_emit_ethernet(0x7e, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaa000000100000080045000052f247b8e48b8270000000000001907864010100ac000045000000000000000089000000000000ac1414aa862a00000000000d5e000000ff00000000000000054eb8a600129606"], 0x0)
socket$rds(0x15, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000240)='sched_switch\x00'}, 0x18)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$kcm(0x29, 0x5, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000000)='net/kcm\x00')
preadv(r8, &(0x7f0000000080)=[{&(0x7f0000000100)=""/68, 0x44}], 0x1, 0x92, 0x0)

4.624877976s ago: executing program 2 (id=730):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0xfef2)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @dev}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x9, &(0x7f0000000040), 0x4)

4.492031287s ago: executing program 2 (id=731):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000040)={0x18, 0x0, {0x3, @multicast, 'ip6gre0\x00'}}, 0x1e)
sendmmsg(r3, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0) (fail_nth: 4)

3.476228894s ago: executing program 0 (id=732):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="eca6400000000000004a0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = openat$vimc2(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000400)={0x9, @raw_data="1a7b3ac5cdce493683725abbbefc531fbf42470570cd59f77b20343b982e0c8ec134a284e0b42707523c50930877c2f2854285a1c83a7b82f795c8dc56ec8a71ef223bcc57ae9028d8bf5d663b12ba64c5695f9311bb3f10dc7a93ddadb69c805b5df0533853d0f2f3dcf8b973adecac801759bd8b1d2fe35f63f1f77157e022f426c977646e4b33055ebb28d3780c71eb1971033e696c1825bc3787cb457890f6e965042dc7710779dce00a4056151b61ac757b8a5f4b861c3f9f51ecb5a3b62b1354a22511666a"})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe9e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400))
r5 = socket$tipc(0x1e, 0x2, 0x0)
sendmsg$tipc(r5, &(0x7f0000000540)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x2, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4044001}, 0x44)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x77359400}, {0x0, 0x9}}, 0x0)
r6 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$VHOST_SET_FEATURES(r7, 0x4008af00, &(0x7f0000000080)=0x8001100)
timer_settime(0x0, 0x0, &(0x7f00000001c0)={{0x77359400}}, &(0x7f0000000200))
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(0x0, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r8 = socket$qrtr(0x2a, 0x2, 0x0)
getpeername(r8, 0x0, 0x0)
ioctl$sock_qrtr_TIOCINQ(r8, 0x541b, 0x0)
connect$qrtr(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0x4, 0x0, 0x0, 0x3, 0x9, 0x750, 0x6, 0x8, 0x1, 0x6, 0x9e4, 0x9, 0x8001, 0x2, 0x4, 0x29, {0x0, 0x2}, 0x7, 0x8}})

3.453702666s ago: executing program 4 (id=733):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000080)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0x3, 0x4421, &(0x7f0000004500)="$eJzs3c9PHGUfAPBnBt63UNsKtYeamLiJTTRqCPSk0kRKaSm0WFNtY7xsF9i26MI2sBgPPeCtiScTD8ZDo4k3Tg0Hr/VP8OKxnpvowYuJSSNmd2eBGXbDSliwzeeTlNl5fu9+d5595jB94kTl9txSbm4pV1jIlWduLp3OfVYuLc8XQ7xPDrp/2tOJOIn9wbly7sIH10+H8NPsL4/X19fXQ1V3aGpoy+s//7g7s/XYEGfqVNtt3tpe+TiEcGLbuKq6Qggf/RhCFEI4m6SNJsfeEMKxUM+7fvfLG7k9Gs2DR8Uz+SdT99aGT02u3l9r/d6jEL4tvfjmrfnfXuka/vX1PeoeAAAAAAAAAAAAAAAAAICn3PjVK9feHxwKD6PQvRptf153PDm2ej52fc+83Pk3CwAAAAAAAAAAAAAAAAAAAP9Rm8//56LjTZ7/H0uOIy3qr7/b+THSORPvXRk7PziU7P8ebct/K0n6/WxX6G+y73t2//ezmfrN93/f3s9uNcbX6LcvRPFA6jyOBwZC+D7Z+P1kdDgulZcqb9wsLy/M7tkwnlrp+Nd3709FJ9nQv934j2ba7/z+/y9s+zZVz2/s3VfsmZaOf1fLcj98EbUV/3OZevsRf3YvHf/uWlrv1gIj9QmgGv+vuneO/1im/U7F/1gIIRdVx5pLzQDVNUw1vdV6hbR0/P9XS0tNnckH2er6/ysT//OZ9g9q/l/J/hDRVDr+/6+l9aRKbF7//fHO1/+FTPsHEf/q+Ff8/rclHf9D9cTuVJHaJ9nu/D+eab9T8b8WJ+M8FqW+AatRPb3V/1dHWjr+PdvyN+//4rbWfxcz9ffr/q/Rb+P+rzH9vxbV7/9oLh3/3pbl2r3+JzL1Oj3/j9TWf+xWOv6Ha2nptXNf7W+78Z/MtN+p+NdWJT2N+G/OJ38fqqd/Z/3XlnT8n6snxltLrNT+1tZ/0c7r/0uZ9g9i/Vcd/0rc2V6fFen4H2lZrhr/n9v4/b+cqdf5+IcwaK2/a+n4H21Zrnb99+wc/6lMvU7H/9VONg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFBhNjn0higdS53E8MBDCueT8ZDgcTRdm89Ol8synSyGMJem5cDy6VSpPF0r5uYXybDFfKJXKMyGcT/JPhJ5oqVSu5OcLdy5stNUb3S4WFivTxUIlhDCepL8Ujjbamp6rzBfuhBAubuQ9H5cX79wuLORn5xbfGRwcHAwTG2Poj4qfV4oLlXrv9dwQJjfq9kVbBlfLvrQxliPRJ+XlxYVCqZZ+eUudUnmmUNpSZyrJ+zr0R5XF5YWZQqWYL5VvNfo7SCPJcWzi6odXLw9ty78R1Y+j+zssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lh8NvfxNC6K6fxSGEXJS8iJJ/KQ8eFc/kn0zdWxs+Nbl6f+1xszIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//z8QH1I=")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000100)=0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102008e}, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf9, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x361)
bpf$MAP_CREATE(0x0, 0x0, 0x52)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xb, 0x0, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x6}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x4}, 0x10, 0x0, r1, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000340)=@abs, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
creat(&(0x7f0000000140)='./file0\x00', 0x0)

3.261889662s ago: executing program 3 (id=734):
unshare(0x20040600) (async)
r0 = syz_open_dev$sndpcmc(&(0x7f0000000080), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r1=>r0, {0x2}}, './cgroup/cgroup.procs\x00'})
r2 = openat(r1, &(0x7f0000000100)='./cgroup/cgroup.procs\x00', 0x0, 0x0)
pread64(r2, &(0x7f00000008c0)=""/107, 0x6b, 0x26d7) (async)
lseek(r2, 0x0, 0x3) (async)
socket$qrtr(0x2a, 0x2, 0x0) (async)
ioctl$SNDRV_PCM_IOCTL_LINK(r0, 0x40044160, &(0x7f0000000000)=0x4)

3.128171263s ago: executing program 2 (id=735):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}, {0x0, 0x6}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000a40)=@delchain={0x24, 0x66, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0x4, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x0) (fail_nth: 4)

3.081760498s ago: executing program 3 (id=736):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_io_uring_setup(0xec4, &(0x7f00000004c0)={0x0, 0x2f4c, 0x400, 0x20000003, 0x26d}, &(0x7f0000000540)=<r2=>0x0, &(0x7f0000000340)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_READV=@use_registered_buffer={0x1, 0x0, 0x0, @fd_index=0x4})
io_uring_enter(r1, 0x47fa, 0x0, 0x0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x41, 0x0)

2.530136815s ago: executing program 2 (id=737):
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x802)
write$evdev(r0, &(0x7f0000000000), 0x100000008)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e0000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x40044581, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

2.143914547s ago: executing program 2 (id=738):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000480)=@newtaction={0x108, 0x30, 0x10, 0x80000, 0x0, {}, [{0xf4, 0x1, [@m_ct={0xf0, 0x1, 0x0, 0x0, {{0x7}, {0x4}, {0xc8, 0x6, "5036ca65a97c2e40aa3fc920ee06e39256c01771030ca867c2dd7e03de925de1c4f8317e7fbeb821c3371311dab98393e08606e63ff0630dfef5e743683b4425907621851b4377d43fae5ca5e8552df05be8952d96b80b46923d17c3fda085ec6d51d1dfd33494d925a8e7b6c9fca2394ac0ae13af1b4ba758301353df57925c1fd337ed7bc2bc1bacc9e2f6ea9f9428da22f9c999e02662224ff05b1795ef0a9948cb975e20cc5a53b22f37ca8930f5e518f31aced5e45d43677a1e4bc118cdff71554b"}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}, 0x108}, 0x1, 0x0, 0x0, 0x94}, 0x430dd0ad4854bb52)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x2, 0x2, 0x3, 0x1, 0x0, 0x36}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r1 = socket$xdp(0x2c, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'vlan0\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000240)={'wg2\x00', <r6=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE1={0x8, 0x1, r4}, @IFLA_HSR_SLAVE2={0x8, 0x2, r6}]}}}]}, 0x40}}, 0x0)
r7 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r7, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/96, 0x128000, 0x800}, 0x20)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r7, 0x11b, 0x6, &(0x7f0000000140)=0x20, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r8, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r9=>0x0})
setsockopt$XDP_RX_RING(r7, 0x11b, 0x2, &(0x7f0000000180)=0x8, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r7, 0x11b, 0x5, &(0x7f0000000100)=0x20, 0x4)
bind$xdp(r7, &(0x7f00000002c0)={0x2c, 0x0, r9}, 0x10)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x16b301, 0x0)
ioctl$TIOCSETD(r10, 0x5423, &(0x7f0000000040)=0xd)
write$binfmt_aout(r10, &(0x7f0000000000)=ANY=[], 0xff2e)
ioctl$TIOCSTI(r10, 0x5412, &(0x7f0000000080)=0x8)
bind$xdp(r1, &(0x7f00000001c0)={0x2c, 0x4, r4, 0x13, r7}, 0x10)
r11 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r11, 0xc0045516, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
dup(r11)
r12 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW(r12, 0x5403, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "90737f0000ff256003abbc74dd8e277fffffeb"})

1.87211485s ago: executing program 0 (id=739):
open(0x0, 0x400141042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x14}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_dev$vim2m(&(0x7f0000000140), 0x8000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x2})
write$binfmt_script(r4, &(0x7f0000000100), 0xfecc)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r5, &(0x7f0000000180)={0x20, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000080))

1.121356075s ago: executing program 4 (id=740):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x14, r4, 0x7d8ef487a120937d}, 0x14}}, 0x0) (fail_nth: 4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffcbf)
socket$pppl2tp(0x18, 0x1, 0x1)
open(0x0, 0x400141042, 0x0)
openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS_OLD(0xffffffffffffffff, 0xc1004111, 0x0)

924.291641ms ago: executing program 0 (id=741):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000940)={[{@jqfmt_vfsold}, {@bh}, {@debug}, {@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x5ff}}, {@jqfmt_vfsv0}]}, 0xfe, 0x46d, &(0x7f0000000f00)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQKNbQmQohWD3g0JN6N/4XxpBejXjTxqndDQgwXUC9rZmemLMtu2aXbLnQ/n2S6zzPzdJ/nOzPP7jPz7G4APWsk+5NE/C8ifo+IoTx7a4GR/OHGtYtTf1+7OJVEpfLWX0m13PVrF6fKouX/bcszlUqR39Sg3kvvRkzOzc2cK/Jji2c+GFs4f+GF2TOTp2ZOzZydOHbs8KG9g0cnjnQkziyu67s/nt+z6/g7l9+YOnH5vZ+S/sjjjro4OmUk37sNPd3pyrpse026umOX7fvlZrrRmUA39UVEdrgGqv1/KPpiy/K2oXjts642DlhTlUqlssKr8lIF2MCS6HYLgO4o3+iz699yWaehxz3h6sv5BVAW941iybf0R5on9g3UXd920khEnFj656tsiTW6DwEAUOu7bPzzfKPxXxoP54nB7M//izmU4Yh4ICJ2RMSDEbEzIh6KqJZ9JCIebbP++hmS28c/6ZW7Dq4F2fjvpWJu69bxX1oWGe4rctur8Q8kJ2fnZg4W++RADGw6OZvMjK9Qx/ev/vZFs221479syeovx4JFO670192gm55cnFxNzLWufhqxu79R/EmU0zhJROyKiN13Wcfss/1Nt905/hU0f9qWVb6OeCY//ktRF38paTo/Of7i0YkjY5tjbubgWHlW3O7nXy+92az+VcXfAdnx39rw/F+OfzjZHLFw/sLp6nztQvt1XPrj86bXNG2e/8e3F+f/YPJ2dcVgseGjycXFc+MRg8nrt6+fuPlsZb4sn8V/YH/j/r8jbu6JxyJiT0TsjYjHs4vCou1PRMSTEbF/hfh/fOWp99uPf33mSrP4p+90/KP2+Lef6Dv9w7d3jn9zRDQ7/oerqQPFmlZe/1pt4Gr2HQAAANwv0upn4JN0dDmdpqOj+Wf4d8bWdG5+YfG5k/Mfnp3OPys/HANpeadrqOZ+6Hhxb7jMT9TlDxX3jb/s21LNj07Nz013O3jocdua9P/Mn33dbh2w5jowjwbcp/R/6F36P/SmRP+Hnqb/Q+9q1P8/aVp69Js1bQywrrz/Q+9qof8v5Q/NRwXA/cn7P/Qu/R96UtPvxqer+sr/uif+LX7P8F5pz8ZPRHpPNGPjJ/pb/jGLNhKVobz/Z2s2NSzT7VcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvgvAAD//w3J5b0=") (async)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) (async, rerun: 64)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000480)=ANY=[@ANYBLOB="1201000000000008ac055302400001020301090224000101000000090400ff0003010200092100000001220000090581030000000000dc5bfead128a714d1bc7fb0b9625f91002215e775a1d0366c8"], 0x0) (async, rerun: 64)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6d0, &(0x7f0000001340)="$eJzs3cFvHFcdB/DvrNeOt1TBaRMaoSKiRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeKitEKQAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXe/aXif2OoHPJxq/9+bNvPntb9/MeNdZbYD/W1fOpvkgRa6cfeNe2V5fW2ivry0cqbvbScp6I2l2ixS3kuJhslj2F31L+sohH69cfuuzR+ufd1vNetmy/+xYIY84xv16yakkU3U5bHqs8btjVeHlxSRX63LQzLhjDWxYJu1MXcKh6wy5v5fdtz3fgWdf7+5UdO+bQ+aSF+o7c/U7QX11aEwuwoOxp6scAAAAPKc+vX3YEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDzp/7+/6JeGnWZUyl63/8/01tX159Bi2Nv+eBA4wAAAAAAAACAyfj64zzOvRzttTtF9Tf/01XjeL7oJF/K+7mb5dzJudzLUlazmju5kGSub6CZe0urq3cubOxZGr3nxZF7XpzUIwYAAAAAAACA/0m/TGvz7/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAsKJKpblEtx+syc2k0s9mX+8k/k8wcdrx7UIxa+WDycQAAAMBTmX2Cfb78OI9zL0d77U5Rveb/SvV6eTbv51ZWs5LVtLOca/Vr6PJVf2N9baG9vrZws1zK9uC43//3nsKYqUeYqlqjjnyy2qKV61mp1pzL1SqYa2l0j30mOdmLpy+uPh+VMRXfq40ZWbNOa3mw32/3LsK+GHwrorHDlq3N4JKNjMzXsZV7HutmoKjeqEm2ZmLXZ6c50JqrRp3eONKFNDbe+Tl+ADl/oS7Lx/ObA835Xm1kopEqExd7s688Z3bORPKNv/7p7RvtW+/euH737LPzkHYxtc36rXNioS8TrzzXmWjucfv5KhMnNtpX8qP8JGdzKm/mTlby0yxlNcvp1P1L9Xwuf87tnKnFgdabu0UyUz8v3edsnJhO5YdVbSmnq32PZiVFbudalvN69e9iLuTbuZRLudz3DJ/YNu7qsVVnfWPrWd97pv82Mvgz36wr5dXtt5tXucWdHvF2s3O/dK/9ZV6P9eW1O+sfbWx1rO88mO/L0ku97EyPHPxJro3Nr9aV8hi/2uU+MVlzdSbKE6h3l+hF93I3E83qXjQ8z//QKfdL+1anc2PpvW3Gv7+l/VpdltNq7Wu7bd0z+qnYX+V8eSmz9ZVkcHaUfS9vXGX6+jqbc7nbN3jHLfc7UfUVRe9M/XFuVxNg+EydqX+HGx7pYtX3ysi+harvZF/fwO9buZ12rk0gfwA8iX+8vVGdywszrX+1Pm190vp160brjdkfHPnOkVdnMv336e8256dea7xa/CWf5Oebr/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAnd/eDD99dareX74yuNLbvGqi0snXNdiMfGT1OUX+hzxjHei4qs0kG1lTfczTxMFpbwxiqdH6RTDw/vS8RHL3N78pKc2hGjaosDqz58/CAH+0xwmK88+IAK41M9qBTGT0BDvGiBEzE+dWb752/+8GH31q5ufTO8jvLt6YvXbo8f/nS6wvnr6+0l+e7Pw87SuAgbN70DzsSAAAAAAAAAAAAYFyjPhhw+sXdPjQy1mc8/M9CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYF9cOZvmgxS5MH9uvmyvry20y6VX39yymaTRSIqfJcXDZDHdJXN9wxX548N0Rhzn45XLb332aP3zzbGa3e2TRl1ub+feJPfrJaeSTNXlUxgY7+pTj1f8p/cYyoR90el0Fp8uPtgf/w0AAP//R5H0sg==")
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) (async)
rename(&(0x7f0000000c00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001f80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (async, rerun: 64)
r2 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000340), r1) (async, rerun: 64)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000300)={0x42}, 0x10) (async)
ppoll(&(0x7f0000000240)=[{r3, 0x1070}], 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0) (async)
socketpair$nbd(0x1, 0x1, 0x0, 0x0) (async, rerun: 64)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r4}, 0x10) (async)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2}) (async)
ioctl$TUNATTACHFILTER(r5, 0x401054d5, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x15, 0x0, 0x4, 0x80ffffff}]}) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) (async)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) (async)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)={0x1c, r2, 0x5, 0x0, 0x0, {0x7, 0x74, 0x600}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x2, @broadcast}]}, 0x1c}, 0x1, 0xffffffff00000003}, 0x0)

621.938317ms ago: executing program 0 (id=742):
syz_mount_image$udf(&(0x7f0000000180), &(0x7f0000000c80)='./bus\x00', 0x800004, &(0x7f00000003c0)=ANY=[@ANYRES32, @ANYRESDEC=0x0, @ANYBLOB="8746f5065034903224edc599b6b5216410076d588abfbd94bdfe6a70288a8083f1fb57c7b45748016469534f8308727971072c0635972121c88b1d51df73eb5a1fd60f49012807415c7d68a552a69b658cc3b8793ec1273893b759c6602e3bb16a0bc48a8700329c2038abf6eb1304e160ee7fa17f720216eb6be3b8f7daa3af7865d2ff69abd8d78d396b6652", @ANYRES32=0x0, @ANYBLOB="2c73ffffffff0000000069643d69676e6f72652c73686f727461642c766f6c756d65303030303030362c000000000000000000000000000000353774136cdbdbb995344e7f3af747af8df245120f94039fb148fb5d00780f72f8d20b09625b0cd253a6a6fe51560db5f64c830871ddd885fd75d752b2c34e10c1867d6b5823411f4499c47dbb2a96ab98268268243ff702dcd1e3d191d0f587a8b09a7b0b482f35a5aee232a5a531bdb1004168c01e6116579f2d8e2e5547ab7f333d7c26e518b63eaf079731358245035c96c7d628b1570fef34ef7ac3d136f220a6dbe7df0c15ec47eb5ff36ead1d7cf9c40fae77"], 0x1, 0xc28, &(0x7f0000001940)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvatv2kJowL1KSwmIXpVeFLfdmO3dJJC29GJVzsw30khrW9q1Lcnr5zH278yZ98x8Z1av5pzZc+YEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDx9W+cHBpOez0KAGA3nZl8c2jE+z8APFHO2f8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGB7KYr4bqR49wetNN2+3TFwutG8cnVqfOLuiw2mSFGJol1f/h0YPjpy7JVXj4928/7LP2xfiDcmz52snVqYX1yaXV6enalNNRsXFmZmd/wID7r8VkfaL0Bt/u0rMxcvLteOvjyy6e6r1TsHnj5UPTF6eOStbu3U+MTEZE9NX//HfvYPSQ/vofgEeSqK+Gak+PlL76d6RFTiwXthm98dj9pg9JX9116JqfGJ9orMNerNlfLOVMlVfRHVnoXGuj2yC734QMYirpX/ncoBHylXb3KxvlQ/PzdbO1tfWmmsNBaaqdIZbbk+1ajEaIpYjIhWsdeDZ7/pjyKORYo7v26l8xFRdPvgxTOTbw6NbP8AfbswyHs8bbWIWI3HoGdhnzoQRfx5pPjh9FBcyH3Vbpv3Ir5S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4heRYiG10ky399vblae/VXu9eXGhp7a7XfnY7x/sJtsm7GMDUcT59hZ/K338D7sAAAAAAAAAAAAAgN1RxE8jxc35F9Ji9J5T2mheqp2rn5/rHBXcPfa/lpdaW1tbq6ZO1nIO5RzLeTbndM7FnNdyXs95I+fNnLdyrua8nbOVMyr5+XPWcg7lHMt5Nud0zsWc13Jez3kj582ct3Ku5ryds5UznPcEAAAAAAAAAAAAAAAAAADAQzYYRUxEihvv/kH7utLRvi79p0+Mnhl/rvea8Z/b5nHK2pcj4qexs2vy9udrjadK+efhrxewvYEo4jv5+n9/tNeDAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9oVKFPHdSPGj37RSpIgYi5iOTt4u9np0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBpIBVxKlL81zcG2rdXI+KLEfHBWvkn4n/XttrrEQMAAAAAAAAAAAAAAAAAAMAnUCricqT48c9bqRoRV6t3Djx9qHpi9PDIW0UUkcqS3vo3Js+drJ1amF9cml1enp2pTTUbFxZmZnf6dAOnG80rV6fGJx7Jymxr8BGPf3Dg1MLiO0uNS7+/ctf7Dw6cPL+8slS/cPe7YzD6IoZ65xxpD3hqfKI96LlGvdleNFXuMcC+iNpOVwYAAAAAAAAAAAAAAAAAAIB942AqYjxSPP+zY6l73nhf55z/T3VuFeu1P/nDje8CmNuSXb3fH7CT6bTTgR5pn3hfmxqfmJjsmd3X/+HSckwpFfHZSHH47z7fPh8+xcG7nhtf1v1JpBj9v2O5rnq4rBvbVDVwZGp8onZmofnSybm5hQv1lfr5udna5GL9wo6/OAAAAAAAAAAAAAAAAAAAAADu42Aq4k8jxbHXV1P3uvP5/P++zq2e8/9fi+hedn4gbc517XP7f7t9bn9n+tMnRl8/+vy95j+K8//LMaVUxAeR4pm/+Hz7evrd8/+HttSWdT+OFL/43pdyXeWpsm64uzqdR7zYmJsdKmtfjBTfP9utjXbtq7n2Mxu1w2Xt30eKZ39vc+3xXPvcRu3RsvZOpJg4c/faz27UjpS1g5Hiq39c69YeLGu/nmsPbdS+fGFhbmanLy9PprL//y1SfHn4m6n7M3/P/u/5/o9rW3Ldh3r+/tMPq/+rPfOu5b5ey/0/vE3/X44Uf3b9S7mu03tH8/3PtP/d6P/vR4rf+dTm2ldy7bMbtcM7XS3YS2X//2OkWL39L+s/87n/c2dtdGhv/3+xb3N2twv2qv+f6ZlXzeMa+YivBTxplt/59tv1ubnZJRMmTJhYn9jr30zAo1Zu//93pPja5SJ192Pz9v9vdW5t7P//z3c2tv9PbMl1e7T9/2zPvBN5r6W/L2JgZX6x/3MRA8vvfPulxnz90uyl2ebIyOjx3z02fPT4cP9T3Z37jakdv3bwuCv7/+1I8ZO/+uf1z7E37//f/fO/g1ty3R71/2d612nTfs2OXwp44pT9/5eR4l9vvL/+/5vu9/lf93O+F57fnIPdoh33/4GPNtBt+v+5nnm1/M9oz7wXioiTH+0ZAQAAAAAAAABg3zuYivhZpPib1j+sX/N+8/E/8eVube/xf/eyH67/DwDcX/n+Pxkp/ungV1P3O2R2cvz/zJZct0fH/x/qmTezS+c17/hFBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAjylFEQcixbs/aKXbRXm7Y+B0o3nl6tT4xN0XG0yRohJFu778OzB8dOTYK68eH+3m/Zd/2L4Qb0yeO1k7tTC/uDS7vDw7U5tqNi4szMzu+BEedPmtjrRfgNr821dmLl5crh19eWTT3Verdw48fah6YvTwyFvd2qnxiYnJnpq+/o/97B+SHt5D8QnyVPx1nno//XsRUYkH74Vtfnc8aoPRV/ZfeyWmxifaKzLXqDdXyjtTJVf1RVR7Fhrr9sgu9OIDGYu4FhGVcsBHytWbXKwv1c/PzdbO1pdWGiuNhWaqdEZbrk81KjGaIhYjolXs9eDZb/qjiL+NFHd+3Ur/UUQU3T548czkm0Mj2z9A3y4M8h5PWy0iVuMx6FnYpw5EEc9Fih9OD8V/Fp2+arfNexFfKfO1iMtl3kpxPd9O5S+I0YhfeT+Bx1pfFHE2UiykVnqvyL3f3q48/a3a682LCz213e3Kx37/YDfZNmEfG4giftne4m+lX3o/BwAAAAAAAAAAAIB9roivRYqb8y+k9vmh6+eUNpqXaufq5+c6h/V3j/2v5aXW1tbWqqmTtZxDOcdyns05nXMx57Wc13PeyHkz562cqzlv52zljEp+/py1nEM5x3KezTmdczHntZzXc97IeTPnrZyrOW/nbOUMx0kDAAAAAAAAAAAAAAAAAPCIVKKI70WKH/2mldaKzvVlp6OTt53nCp9o/x8AAP//0apE3g==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x0)
ftruncate(r0, 0x2008002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r1, &(0x7f00000000c0)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
r6 = openat$capi20(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = dup(r6)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f0000000100)={'sit0\x00', &(0x7f0000000200)={'tunl0\x00', 0x0, 0x8000, 0x8080, 0x4, 0x7, {{0xb, 0x4, 0x0, 0x2, 0x2c, 0x64, 0x0, 0x20, 0x2f, 0x0, @private=0xa010102, @multicast1, {[@ssrr={0x89, 0xf, 0x13, [@empty, @multicast1, @rand_addr=0x64010100]}, @lsrr={0x83, 0x7, 0x42, [@dev={0xac, 0x14, 0x14, 0x34}]}]}}}}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCGPGRP(r7, 0x540f, &(0x7f0000000000)=<r8=>0x0)
syz_open_procfs(r8, &(0x7f00000000c0)='pagemap\x00')
ioctl$CAPI_REGISTER(r6, 0x400c4301, &(0x7f0000000680)={0x0, 0x0, 0x98})
r9 = socket$inet_smc(0x2b, 0x1, 0x0)
shutdown(r9, 0x0)

561.908352ms ago: executing program 3 (id=743):
sendmsg$AUDIT_TRIM(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x5, 0x3f6, 0x4, 0x70bd29, 0x25dfdbff, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0xc8c4}, 0x8800)
r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)={0x14, r0, 0x50dc85624ea6c250, 0x1, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x20004050}, 0x40)
syz_genetlink_get_family_id$devlink(&(0x7f0000000280), 0xffffffffffffffff)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080), 0x4)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
getsockopt$WPAN_WANTACK(r1, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000240)=0x4)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r3)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r4)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r5, 0x1, 0x8, &(0x7f0000000000), 0x4)
ioctl$SIOCSIFHWADDR(r4, 0x8b18, &(0x7f0000000000)={'wlan1\x00', @random="010000000700"})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x40, r8, 0xb7a006d1969b963b, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME={0x24, 0x33, @probe_request={{{}, {}, @broadcast, @device_b}, @void, @void, @void, @void, @val={0x72, 0x6}}}]}, 0x40}}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="02000000000a"})
vmsplice(r2, &(0x7f0000000400)=[{&(0x7f0000000180)="77690addcfbe1fbb", 0x8}, {&(0x7f0000000340)}], 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r10=>0xffffffffffffffff})
splice(r10, 0x0, r2, 0x0, 0x10000008ebc, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000000180)='./file1\x00', 0x8012, &(0x7f0000000400)=ANY=[@ANYRES64=0x0], 0x1, 0x14fe, &(0x7f0000001580)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==")
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)

83.532332ms ago: executing program 4 (id=744):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x8241, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="000008000000080482"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xd01c4813, 0x0)

0s ago: executing program 0 (id=745):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, &(0x7f0000000040)={0x18, 0x0, {0x3, @multicast, 'ip6gre0\x00'}}, 0x1e)
sendmmsg(r3, &(0x7f0000002340)=[{{0x0, 0x5a8, 0x0}}], 0x3e8, 0x0)

kernel console output (not intermixed with test programs):

80" name="bus" dev="loop0" ino=17058 res=0 errno=0
[  260.337429][ T5595] ocfs2: Unmounting device (7,0) on (node local)
[  260.369644][ T7455] loop4: detected capacity change from 0 to 1024
[  260.429678][ T7455] EXT4-fs (loop4): Ignoring removed orlov option
[  260.457568][ T7455] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  260.523159][ T7455] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  261.114461][ T1314] hub 3-1:0.0: activate --> -90
[  261.154901][ T3686] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  261.243978][ T4312] usb 3-1: USB disconnect, device number 25
[  261.256207][ T1314] hub 3-1:0.0: hub_ext_port_status failed (err = -71)
[  261.424825][ T3686] usb 5-1: Using ep0 maxpacket: 32
[  261.568145][ T3686] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  261.586456][ T7467] FAULT_INJECTION: forcing a failure.
[  261.586456][ T7467] name failslab, interval 1, probability 0, space 0, times 0
[  261.608161][ T3686] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  261.614742][ T7467] CPU: 0 PID: 7467 Comm: syz.3.586 Not tainted 5.15.167-syzkaller #0
[  261.625932][ T7467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  261.635855][ T3686] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  261.635978][ T7467] Call Trace:
[  261.635988][ T7467]  <TASK>
[  261.654894][ T7467]  dump_stack_lvl+0x1e3/0x2d0
[  261.659580][ T7467]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  261.665214][ T7467]  ? panic+0x860/0x860
[  261.669290][ T7467]  ? __might_sleep+0xc0/0xc0
[  261.673879][ T7467]  ? memset+0x1f/0x40
[  261.677872][ T7467]  ? lockdep_init_map_type+0x9d/0x8d0
[  261.683252][ T7467]  should_fail+0x38a/0x4c0
[  261.687683][ T7467]  should_failslab+0x5/0x20
[  261.690899][ T3686] usb 5-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  261.692211][ T7467]  slab_pre_alloc_hook+0x53/0xc0
[  261.706121][ T7467]  ? security_inode_alloc+0x24/0x110
[  261.711411][ T7467]  kmem_cache_alloc+0x3f/0x280
[  261.716176][ T7467]  security_inode_alloc+0x24/0x110
[  261.721296][ T7467]  inode_init_always+0x939/0xc70
[  261.726235][ T7467]  ? shmem_match+0x150/0x150
[  261.730831][ T7467]  new_inode_pseudo+0x8f/0x210
[  261.735594][ T7467]  new_inode+0x25/0x1d0
[  261.739757][ T7467]  ? do_raw_spin_unlock+0x137/0x8b0
[  261.744956][ T7467]  shmem_get_inode+0x327/0xad0
[  261.749733][ T7467]  __shmem_file_setup+0x109/0x290
[  261.752510][ T3686] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.754757][ T7467]  ? shmem_file_setup+0x13/0x30
[  261.754785][ T7467]  __se_sys_memfd_create+0x2bb/0x590
[  261.754803][ T7467]  ? vtime_user_exit+0x2d1/0x400
[  261.754824][ T7467]  ? __x64_sys_memfd_create+0x60/0x60
[  261.754841][ T7467]  ? syscall_enter_from_user_mode+0x2e/0x240
[  261.754862][ T7467]  ? lockdep_hardirqs_on+0x94/0x130
[  261.754880][ T7467]  ? syscall_enter_from_user_mode+0x2e/0x240
[  261.754901][ T7467]  do_syscall_64+0x3b/0xb0
[  261.754918][ T7467]  ? clear_bhb_loop+0x15/0x70
[  261.754934][ T7467]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  261.754953][ T7467] RIP: 0033:0x7f3b9ec83ff9
[  261.754969][ T7467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  261.754985][ T7467] RSP: 002b:00007f3b9d0fbe18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  261.755005][ T7467] RAX: ffffffffffffffda RBX: 0000000000000474 RCX: 00007f3b9ec83ff9
[  261.755019][ T7467] RDX: 00007f3b9d0fbef0 RSI: 0000000000000000 RDI: 00007f3b9ecf6b02
[  261.755031][ T7467] RBP: 00000000200003c0 R08: 00007f3b9d0fbbb7 R09: 00007f3b9d0fbe40
[  261.755043][ T7467] R10: 000000000000000a R11: 0000000000000202 R12: 00000000200001c0
[  261.755054][ T7467] R13: 00007f3b9d0fbef0 R14: 00007f3b9d0fbeb0 R15: 0000000020000840
[  261.836220][ T3686] usb 5-1: config 0 descriptor??
[  261.839347][ T7467]  </TASK>
[  261.971386][ T7462] loop0: detected capacity change from 0 to 32768
[  262.046793][ T7462] XFS (loop0): Mounting V5 Filesystem
[  262.082890][ T7462] XFS (loop0): Ending clean mount
[  262.094865][ T7462] XFS (loop0): Quotacheck needed: Please wait.
[  262.165446][ T7462] XFS (loop0): Quotacheck: Done.
[  262.418271][ T3686] ntrig 0003:1B96:000A.0009: unknown main item tag 0x0
[  262.430144][ T3686] ntrig 0003:1B96:000A.0009: unknown main item tag 0x0
[  262.439465][ T3686] ntrig 0003:1B96:000A.0009: unknown main item tag 0x0
[  262.450018][ T3686] ntrig 0003:1B96:000A.0009: unknown main item tag 0x0
[  262.459149][ T3686] ntrig 0003:1B96:000A.0009: unknown main item tag 0x0
[  262.473261][ T3686] ntrig 0003:1B96:000A.0009: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.4-1/input0
[  262.498927][ T5595] XFS (loop0): Unmounting Filesystem
[  262.698259][ T3686] usb 5-1: USB disconnect, device number 26
[  262.771586][ T3697] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.840838][ T3697] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.882016][ T3697] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.930811][ T3697] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.283965][ T7066] EXT4-fs error (device loop4): ext4_map_blocks:628: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1)
[  263.306559][ T7066] EXT4-fs error (device loop4): __ext4_get_inode_loc:4320: comm syz-executor: Invalid inode table block 0 in block_group 0
[  263.324254][ T7066] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5803: Corrupt filesystem
[  263.347372][ T7066] EXT4-fs error (device loop4): ext4_dirty_inode:6007: inode #2: comm syz-executor: mark_inode_dirty error
[  263.447892][    T9] EXT4-fs error (device loop4): __ext4_get_inode_loc:4320: comm kworker/u4:0: Invalid inode table block 0 in block_group 0
[  263.886242][ T3697] device hsr_slave_0 left promiscuous mode
[  263.926627][ T3697] device hsr_slave_1 left promiscuous mode
[  263.935849][ T3697] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  263.976436][ T3697] batman_adv: batadv0: Removing interface: batadv_slave_0
[  264.003499][ T3697] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  264.061098][ T3697] batman_adv: batadv0: Removing interface: batadv_slave_1
[  264.070847][ T3697] device bridge_slave_1 left promiscuous mode
[  264.104245][ T3697] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.131846][ T3697] device bridge_slave_0 left promiscuous mode
[  264.146663][ T3697] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.183933][ T3697] device veth1_macvtap left promiscuous mode
[  264.200357][ T3697] device veth0_macvtap left promiscuous mode
[  264.206428][ T3697] device veth1_vlan left promiscuous mode
[  264.266718][ T3697] device veth0_vlan left promiscuous mode
[  264.296388][ T7503] loop2: detected capacity change from 0 to 32768
[  264.353074][ T7503] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.588 (7503)
[  264.355902][ T7502] loop0: detected capacity change from 0 to 32768
[  264.403556][ T7503] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  264.435643][ T7503] BTRFS info (device loop2): using free space tree
[  264.461645][ T7503] BTRFS info (device loop2): has skinny extents
[  264.631783][ T7547] netlink: 'syz.0.587': attribute type 29 has an invalid length.
[  264.643429][ T7547] netlink: 8 bytes leftover after parsing attributes in process `syz.0.587'.
[  264.688313][ T7503] BTRFS info (device loop2): enabling ssd optimizations
[  264.874419][ T7506] loop3: detected capacity change from 0 to 65536
[  264.957207][ T5661] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  265.002510][ T7506] XFS (loop3): Mounting V5 Filesystem
[  265.122980][ T7506] XFS (loop3): Ending clean mount
[  265.133368][ T7506] FAULT_INJECTION: forcing a failure.
[  265.133368][ T7506] name failslab, interval 1, probability 0, space 0, times 0
[  265.146521][ T7506] CPU: 0 PID: 7506 Comm: syz.3.589 Not tainted 5.15.167-syzkaller #0
[  265.154597][ T7506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  265.164649][ T7506] Call Trace:
[  265.167930][ T7506]  <TASK>
[  265.170861][ T7506]  dump_stack_lvl+0x1e3/0x2d0
[  265.175546][ T7506]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  265.181181][ T7506]  ? panic+0x860/0x860
[  265.185254][ T7506]  ? __might_sleep+0xc0/0xc0
[  265.189850][ T7506]  should_fail+0x38a/0x4c0
[  265.194271][ T7506]  should_failslab+0x5/0x20
[  265.198770][ T7506]  slab_pre_alloc_hook+0x53/0xc0
[  265.203706][ T7506]  ? getname_kernel+0x55/0x2d0
[  265.208472][ T7506]  kmem_cache_alloc+0x3f/0x280
[  265.213245][ T7506]  getname_kernel+0x55/0x2d0
[  265.217837][ T7506]  do_file_open_root+0x15b/0x7a0
[  265.222774][ T7506]  ? path_openat+0x2f20/0x2f20
[  265.227556][ T7506]  ? alloc_fd+0x598/0x630
[  265.231882][ T7506]  ? build_open_flags+0x41a/0x590
[  265.236905][ T7506]  file_open_root+0x243/0x2a0
[  265.241580][ T7506]  ? filp_open+0x2c0/0x2c0
[  265.246009][ T7506]  do_handle_open+0x57e/0x960
[  265.250689][ T7506]  ? __x64_compat_sys_open_by_handle_at+0x80/0x80
[  265.257113][ T7506]  ? syscall_enter_from_user_mode+0x2e/0x240
[  265.263112][ T7506]  ? lockdep_hardirqs_on+0x94/0x130
[  265.268318][ T7506]  ? syscall_enter_from_user_mode+0x2e/0x240
[  265.274304][ T7506]  do_syscall_64+0x3b/0xb0
[  265.278717][ T7506]  ? clear_bhb_loop+0x15/0x70
[  265.283393][ T7506]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  265.289288][ T7506] RIP: 0033:0x7f3b9ec83ff9
[  265.293699][ T7506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.313299][ T7506] RSP: 002b:00007f3b9d0fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  265.321714][ T7506] RAX: ffffffffffffffda RBX: 00007f3b9ee3bf80 RCX: 00007f3b9ec83ff9
[  265.329682][ T7506] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000004
[  265.337650][ T7506] RBP: 00007f3b9d0fc090 R08: 0000000000000000 R09: 0000000000000000
[  265.345623][ T7506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  265.353593][ T7506] R13: 0000000000000000 R14: 00007f3b9ee3bf80 R15: 00007ffe48615b78
[  265.361575][ T7506]  </TASK>
[  265.365659][ T3697] team0 (unregistering): Port device team_slave_1 removed
[  265.384759][ T7129] XFS (loop3): Unmounting Filesystem
[  265.409479][ T3697] team0 (unregistering): Port device team_slave_0 removed
[  265.426635][ T5661] usb 1-1: Using ep0 maxpacket: 32
[  265.434517][ T3697] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  265.438197][ T7562] loop2: detected capacity change from 0 to 32768
[  265.466069][ T3697] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  265.543188][ T7562] JBD2: Ignoring recovery information on journal
[  265.617475][ T5661] usb 1-1: unable to get BOS descriptor or descriptor too short
[  265.651652][ T3697] bond0 (unregistering): Released all slaves
[  265.660615][ T7562] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  265.678878][ T3648] Bluetooth: hci0: command 0x0409 tx timeout
[  265.713326][   T26] audit: type=1800 audit(1728862718.527:142): pid=7562 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.594" name="bus" dev="loop2" ino=17058 res=0 errno=0
[  265.734204][ T5661] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  265.883354][ T7547] netlink: 'syz.0.587': attribute type 29 has an invalid length.
[  265.904823][ T7547] netlink: 8 bytes leftover after parsing attributes in process `syz.0.587'.
[  265.915457][ T5661] usb 1-1: New USB device found, idVendor=0123, idProduct=0001, bcdDevice=4a.fe
[  265.941926][ T5661] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.955086][ T5661] usb 1-1: Product: syz
[  265.960765][ T5661] usb 1-1: Manufacturer: syz
[  265.965509][ T5661] usb 1-1: SerialNumber: syz
[  266.021742][ T5661] usb 1-1: config 0 descriptor??
[  266.201947][ T5961] ocfs2: Unmounting device (7,2) on (node local)
[  266.212174][ T7511] chnl_net:caif_netlink_parms(): no params data found
[  266.325382][ T4829] Bluetooth: hci4: command 0x0409 tx timeout
[  266.404005][ T5661] usbtouchscreen: probe of 1-1:0.0 failed with error -71
[  266.415264][ T5661] usb 1-1: USB disconnect, device number 24
[  266.918031][ T7511] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.935438][ T7511] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.959533][ T7511] device bridge_slave_0 entered promiscuous mode
[  266.987425][ T7521] chnl_net:caif_netlink_parms(): no params data found
[  267.040183][ T7511] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.052828][ T7511] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.093311][ T7511] device bridge_slave_1 entered promiscuous mode
[  267.297115][ T7597] loop0: detected capacity change from 0 to 4096
[  267.300172][ T7511] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  267.331272][ T7511] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  267.391142][ T7604] netlink: 32 bytes leftover after parsing attributes in process `syz.2.599'.
[  267.514269][ T7597] ntfs: volume version 3.1.
[  267.551296][ T7511] team0: Port device team_slave_0 added
[  267.634424][ T7521] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.658795][ T7521] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.694956][ T7521] device bridge_slave_0 entered promiscuous mode
[  267.715950][ T7511] team0: Port device team_slave_1 added
[  267.759152][ T4607] Bluetooth: hci0: command 0x041b tx timeout
[  267.796165][ T7521] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.820648][ T7521] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.828765][ T7521] device bridge_slave_1 entered promiscuous mode
[  267.865645][ T7511] batman_adv: batadv0: Adding interface: batadv_slave_0
[  267.882800][ T7511] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  267.969177][ T7511] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.098937][ T7511] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.116668][ T7511] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.235328][ T7511] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  268.303156][ T7521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.395406][ T7521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  268.399659][ T4607] Bluetooth: hci4: command 0x041b tx timeout
[  268.435418][ T7511] device hsr_slave_0 entered promiscuous mode
[  268.484561][ T7511] device hsr_slave_1 entered promiscuous mode
[  268.497678][ T7511] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  268.539372][ T7511] Cannot create hsr debugfs directory
[  268.632766][ T7521] team0: Port device team_slave_0 added
[  268.690850][ T7611] loop2: detected capacity change from 0 to 32768
[  268.700270][ T7521] team0: Port device team_slave_1 added
[  268.817731][ T7521] batman_adv: batadv0: Adding interface: batadv_slave_0
[  268.847358][ T7521] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.878611][ T7521] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  268.897337][ T7611] XFS (loop2): Mounting V5 Filesystem
[  268.904538][ T7521] batman_adv: batadv0: Adding interface: batadv_slave_1
[  268.913961][ T7521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  268.979537][ T7521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  269.186502][ T7611] XFS (loop2): Ending clean mount
[  269.201490][ T7611] XFS (loop2): Quotacheck needed: Please wait.
[  269.294147][ T7521] device hsr_slave_0 entered promiscuous mode
[  269.319497][ T7521] device hsr_slave_1 entered promiscuous mode
[  269.356189][ T7611] XFS (loop2): Quotacheck: Done.
[  269.383654][ T7521] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  269.427881][ T7521] Cannot create hsr debugfs directory
[  269.840446][ T4607] Bluetooth: hci0: command 0x040f tx timeout
[  269.869761][ T7521] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  269.974774][ T7521] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.058806][ T7521] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.159052][ T7521] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  270.369053][ T7521] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  270.417399][ T7521] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  270.437431][ T7511] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  270.463834][ T7521] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  270.480974][ T4607] Bluetooth: hci4: command 0x040f tx timeout
[  270.485868][ T7511] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  270.498958][ T7611] XFS (loop2): User initiated shutdown received.
[  270.509163][ T7611] XFS (loop2): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x10c/0x150 (fs/xfs/xfs_fsops.c:481).  Shutting down filesystem.
[  270.539006][ T7521] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  270.554776][ T7511] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  270.578645][ T7611] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  270.622544][ T7511] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  270.696933][ T5961] XFS (loop2): Unmounting Filesystem
[  270.803663][ T7521] 8021q: adding VLAN 0 to HW filter on device bond0
[  270.868889][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  270.898748][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  270.964161][ T7521] 8021q: adding VLAN 0 to HW filter on device team0
[  271.017322][ T7511] 8021q: adding VLAN 0 to HW filter on device bond0
[  271.041621][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  271.049993][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  271.089658][ T5928] bridge0: port 1(bridge_slave_0) entered blocking state
[  271.096776][ T5928] bridge0: port 1(bridge_slave_0) entered forwarding state
[  271.167604][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  271.192155][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  271.203450][ T5928] bridge0: port 2(bridge_slave_1) entered blocking state
[  271.210508][ T5928] bridge0: port 2(bridge_slave_1) entered forwarding state
[  271.241649][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  271.250447][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  271.301851][ T7511] 8021q: adding VLAN 0 to HW filter on device team0
[  271.332971][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  271.354408][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  271.402020][ T7662] FAULT_INJECTION: forcing a failure.
[  271.402020][ T7662] name failslab, interval 1, probability 0, space 0, times 0
[  271.404907][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  271.457650][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  271.467619][ T7662] CPU: 0 PID: 7662 Comm: syz.2.604 Not tainted 5.15.167-syzkaller #0
[  271.470314][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  271.475694][ T7662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  271.475753][ T7662] Call Trace:
[  271.475761][ T7662]  <TASK>
[  271.475768][ T7662]  dump_stack_lvl+0x1e3/0x2d0
[  271.475794][ T7662]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  271.490425][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  271.493004][ T7662]  ? panic+0x860/0x860
[  271.493032][ T7662]  ? __might_sleep+0xc0/0xc0
[  271.493059][ T7662]  should_fail+0x38a/0x4c0
[  271.493086][ T7662]  should_failslab+0x5/0x20
[  271.497873][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  271.499267][ T7662]  slab_pre_alloc_hook+0x53/0xc0
[  271.504960][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  271.509536][ T7662]  __kmalloc_node_track_caller+0x6b/0x390
[  271.509561][ T7662]  ? sock_omalloc+0x88/0x170
[  271.509578][ T7662]  ? kmem_cache_alloc_node+0x154/0x2c0
[  271.570489][ T7662]  ? __alloc_skb+0xdd/0x590
[  271.575003][ T7662]  ? sock_omalloc+0x88/0x170
[  271.579597][ T7662]  __alloc_skb+0x12c/0x590
[  271.584023][ T7662]  sock_omalloc+0x88/0x170
[  271.588448][ T7662]  msg_zerocopy_alloc+0x4b/0x420
[  271.593393][ T7662]  tcp_sendmsg_locked+0x320c/0x3a90
[  271.598615][ T7662]  ? mark_lock+0x98/0x340
[  271.602941][ T7662]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  271.608913][ T7662]  ? lockdep_hardirqs_on_prepare+0x7a0/0x7a0
[  271.614881][ T7662]  ? __local_bh_enable_ip+0x164/0x1f0
[  271.620240][ T7662]  ? lockdep_hardirqs_on+0x94/0x130
[  271.625432][ T7662]  ? tcp_free_fastopen_req+0x70/0x70
[  271.630702][ T7662]  ? __local_bh_enable_ip+0x164/0x1f0
[  271.636061][ T7662]  ? do_raw_spin_unlock+0x137/0x8b0
[  271.641250][ T7662]  tcp_sendmsg+0x2c/0x40
[  271.645478][ T7662]  ? inet_send_prepare+0x250/0x250
[  271.650577][ T7662]  ____sys_sendmsg+0x59e/0x8f0
[  271.655326][ T7662]  ? iovec_from_user+0x300/0x390
[  271.660605][ T7662]  ? __sys_sendmsg_sock+0x30/0x30
[  271.665629][ T7662]  ___sys_sendmsg+0x252/0x2e0
[  271.670297][ T7662]  ? __sys_sendmsg+0x260/0x260
[  271.675077][ T7662]  ? __fdget+0x191/0x220
[  271.679310][ T7662]  __sys_sendmmsg+0x2bf/0x560
[  271.683986][ T7662]  ? __ia32_sys_sendmsg+0x80/0x80
[  271.689005][ T7662]  ? __lock_acquire+0x1ff0/0x1ff0
[  271.694025][ T7662]  ? print_irqtrace_events+0x210/0x210
[  271.699467][ T7662]  ? vtime_user_exit+0x2d1/0x400
[  271.704392][ T7662]  ? syscall_enter_from_user_mode+0x2e/0x240
[  271.710359][ T7662]  __x64_sys_sendmmsg+0x9c/0xb0
[  271.715197][ T7662]  do_syscall_64+0x3b/0xb0
[  271.719596][ T7662]  ? clear_bhb_loop+0x15/0x70
[  271.724258][ T7662]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  271.730140][ T7662] RIP: 0033:0x7ff44cb7dff9
[  271.734541][ T7662] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.754134][ T7662] RSP: 002b:00007ff44aff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  271.762535][ T7662] RAX: ffffffffffffffda RBX: 00007ff44cd35f80 RCX: 00007ff44cb7dff9
[  271.770491][ T7662] RDX: 0000000000000002 RSI: 0000000020000500 RDI: 0000000000000003
[  271.778448][ T7662] RBP: 00007ff44aff6090 R08: 0000000000000000 R09: 0000000000000000
[  271.786404][ T7662] R10: 0000000004004441 R11: 0000000000000246 R12: 0000000000000001
[  271.794364][ T7662] R13: 0000000000000000 R14: 00007ff44cd35f80 R15: 00007ffd749fe118
[  271.802341][ T7662]  </TASK>
[  271.861027][ T7521] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  271.907599][ T7521] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  271.922398][ T4608] Bluetooth: hci0: command 0x0419 tx timeout
[  271.943212][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  271.967722][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  271.976892][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  271.991217][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  272.026371][ T3718] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.033486][ T3718] bridge0: port 1(bridge_slave_0) entered forwarding state
[  272.056510][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  272.072482][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  272.099175][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  272.112565][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  272.142007][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  272.182155][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  272.203605][ T3696] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.210668][ T3696] bridge0: port 2(bridge_slave_1) entered forwarding state
[  272.243339][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  272.343797][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  272.353935][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  272.380098][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  272.422685][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  272.433191][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  272.461954][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  272.483893][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  272.510991][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  272.547049][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  272.562612][ T4606] Bluetooth: hci4: command 0x0419 tx timeout
[  272.579716][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  272.608141][ T7686] kvm: pic: non byte write
[  272.631780][ T7671] loop2: detected capacity change from 0 to 32768
[  272.699333][ T3697] device hsr_slave_0 left promiscuous mode
[  272.706413][ T7671] JBD2: Ignoring recovery information on journal
[  272.714308][ T3697] device hsr_slave_1 left promiscuous mode
[  272.725069][ T3697] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  272.748411][ T3697] batman_adv: batadv0: Removing interface: batadv_slave_0
[  272.771361][ T3697] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  272.799737][ T7691] loop3: detected capacity change from 0 to 128
[  272.808321][ T7671] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  272.822757][ T3697] batman_adv: batadv0: Removing interface: batadv_slave_1
[  272.848426][   T26] audit: type=1800 audit(1728862725.653:143): pid=7671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.607" name="bus" dev="loop2" ino=17058 res=0 errno=0
[  272.894472][ T7691] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  272.912894][ T3697] device bridge_slave_1 left promiscuous mode
[  272.919564][ T3697] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.032605][ T7691] ext4 filesystem being mounted at /13/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  273.094648][ T3697] device bridge_slave_0 left promiscuous mode
[  273.100939][ T3697] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.137486][ T3697] device veth1_macvtap left promiscuous mode
[  273.149965][ T3697] device veth0_macvtap left promiscuous mode
[  273.156872][ T3697] device veth1_vlan left promiscuous mode
[  273.182297][ T3697] device veth0_vlan left promiscuous mode
[  273.345548][ T5961] ocfs2: Unmounting device (7,2) on (node local)
[  273.715324][ T3697] team0 (unregistering): Port device team_slave_1 removed
[  273.738488][ T3697] team0 (unregistering): Port device team_slave_0 removed
[  273.759636][ T3697] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  273.781122][ T3697] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  273.924122][ T3697] bond0 (unregistering): Released all slaves
[  274.015610][ T7511] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  274.076517][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  274.092192][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  274.132469][ T7521] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.388681][ T7697] loop3: detected capacity change from 0 to 32768
[  274.440913][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  274.456353][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  274.474430][ T7697] XFS: noikeep mount option is deprecated.
[  274.499876][ T7511] 8021q: adding VLAN 0 to HW filter on device batadv0
[  274.609324][ T7697] XFS (loop3): Mounting V5 Filesystem
[  274.635646][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  274.650340][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  274.717831][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  274.761868][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  274.786756][ T7697] XFS (loop3): Ending clean mount
[  274.849735][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  274.879470][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  274.913951][ T7521] device veth0_vlan entered promiscuous mode
[  274.922106][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  274.967517][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  274.991956][ T7511] device veth0_vlan entered promiscuous mode
[  275.011111][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  275.029326][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  275.069566][ T7521] device veth1_vlan entered promiscuous mode
[  275.082192][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  275.122758][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  275.167382][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  275.220534][ T7129] XFS (loop3): Unmounting Filesystem
[  275.236738][ T7511] device veth1_vlan entered promiscuous mode
[  275.299531][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  275.314721][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  275.363500][ T7521] device veth0_macvtap entered promiscuous mode
[  275.391856][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  275.414393][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  275.444714][ T5928] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  275.477203][ T7511] device veth0_macvtap entered promiscuous mode
[  275.488817][ T7521] device veth1_macvtap entered promiscuous mode
[  275.508196][ T7511] device veth1_macvtap entered promiscuous mode
[  275.543074][ T7521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.573840][ T7521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.603967][ T7521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.643973][ T7521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.675158][ T7521] batman_adv: batadv0: Interface activated: batadv_slave_0
[  275.685868][ T7511] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.709213][ T7511] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.735319][ T7511] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.769192][ T7511] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.786150][ T7511] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  275.824194][ T7511] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  275.844261][ T7511] batman_adv: batadv0: Interface activated: batadv_slave_0
[  275.851606][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  275.874846][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  275.882898][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  275.930242][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  275.955223][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  275.977784][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  276.015371][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  276.039702][ T7521] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  276.083473][ T7521] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.123295][ T7521] batman_adv: batadv0: Interface activated: batadv_slave_1
[  276.146871][ T7511] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  276.175133][ T7511] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.199601][ T7511] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  276.235367][ T7511] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  276.267216][ T7511] batman_adv: batadv0: Interface activated: batadv_slave_1
[  276.307758][ T7511] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  276.352736][ T7511] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  276.374429][ T7511] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  276.383129][ T7511] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  276.442852][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  276.455377][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  276.593131][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  276.604985][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  277.130968][ T7521] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  277.271956][ T7521] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  277.296596][ T7521] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  277.339561][ T7521] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  277.471575][ T7779] FAULT_INJECTION: forcing a failure.
[  277.471575][ T7779] name failslab, interval 1, probability 0, space 0, times 0
[  277.506849][ T7779] CPU: 1 PID: 7779 Comm: syz.2.616 Not tainted 5.15.167-syzkaller #0
[  277.514931][ T7779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  277.524964][ T7779] Call Trace:
[  277.528228][ T7779]  <TASK>
[  277.531166][ T7779]  dump_stack_lvl+0x1e3/0x2d0
[  277.535842][ T7779]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  277.541455][ T7779]  ? panic+0x860/0x860
[  277.545500][ T7779]  ? __might_sleep+0xc0/0xc0
[  277.550071][ T7779]  should_fail+0x38a/0x4c0
[  277.554468][ T7779]  should_failslab+0x5/0x20
[  277.558946][ T7779]  slab_pre_alloc_hook+0x53/0xc0
[  277.563866][ T7779]  kmem_cache_alloc_node+0x49/0x2c0
[  277.569040][ T7779]  ? __alloc_skb+0xdd/0x590
[  277.573523][ T7779]  __alloc_skb+0xdd/0x590
[  277.577826][ T7779]  ? __local_bh_enable_ip+0x164/0x1f0
[  277.583193][ T7779]  __ip_append_data+0x2640/0x3ad0
[  277.588213][ T7779]  ? raw_send_hdrinc+0x1430/0x1430
[  277.593301][ T7779]  ? print_irqtrace_events+0x210/0x210
[  277.598738][ T7779]  ? lockdep_hardirqs_on_prepare+0x7a0/0x7a0
[  277.604714][ T7779]  ? ip_setup_cork+0x860/0x860
[  277.609462][ T7779]  ? ipv4_mtu+0x2a4/0x3c0
[  277.613797][ T7779]  ? ip_setup_cork+0x4a2/0x860
[  277.618549][ T7779]  ip_append_data+0x12c/0x1a0
[  277.623205][ T7779]  ? raw_send_hdrinc+0x1430/0x1430
[  277.628299][ T7779]  raw_sendmsg+0x18e6/0x2450
[  277.632884][ T7779]  ? compat_raw_ioctl+0x60/0x60
[  277.637730][ T7779]  ? aa_sk_perm+0x8fc/0xa30
[  277.642217][ T7779]  ? aa_af_perm+0x350/0x350
[  277.646696][ T7779]  ? sock_rps_record_flow+0x19/0x3c0
[  277.651961][ T7779]  ? inet_sendmsg+0x81/0x310
[  277.656536][ T7779]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  277.661814][ T7779]  ? security_socket_sendmsg+0x7d/0xa0
[  277.667251][ T7779]  ? inet_send_prepare+0x250/0x250
[  277.672340][ T7779]  ____sys_sendmsg+0x59e/0x8f0
[  277.677083][ T7779]  ? iovec_from_user+0x5d/0x390
[  277.681914][ T7779]  ? __sys_sendmsg_sock+0x30/0x30
[  277.686924][ T7779]  ___sys_sendmsg+0x252/0x2e0
[  277.691581][ T7779]  ? __sys_sendmsg+0x260/0x260
[  277.696343][ T7779]  ? __fdget+0x191/0x220
[  277.700564][ T7779]  __sys_sendmmsg+0x2bf/0x560
[  277.705232][ T7779]  ? __ia32_sys_sendmsg+0x80/0x80
[  277.710256][ T7779]  ? __lock_acquire+0x1ff0/0x1ff0
[  277.715268][ T7779]  ? print_irqtrace_events+0x210/0x210
[  277.720705][ T7779]  ? vtime_user_exit+0x2d1/0x400
[  277.725622][ T7779]  ? syscall_enter_from_user_mode+0x2e/0x240
[  277.731585][ T7779]  __x64_sys_sendmmsg+0x9c/0xb0
[  277.736413][ T7779]  do_syscall_64+0x3b/0xb0
[  277.740833][ T7779]  ? clear_bhb_loop+0x15/0x70
[  277.745494][ T7779]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  277.751383][ T7779] RIP: 0033:0x7ff44cb7dff9
[  277.755804][ T7779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.775392][ T7779] RSP: 002b:00007ff44aff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  277.783786][ T7779] RAX: ffffffffffffffda RBX: 00007ff44cd35f80 RCX: 00007ff44cb7dff9
[  277.791736][ T7779] RDX: 0000000000000002 RSI: 0000000020004780 RDI: 0000000000000004
[  277.799684][ T7779] RBP: 00007ff44aff6090 R08: 0000000000000000 R09: 0000000000000000
[  277.807635][ T7779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.815588][ T7779] R13: 0000000000000000 R14: 00007ff44cd35f80 R15: 00007ffd749fe118
[  277.823548][ T7779]  </TASK>
[  278.087309][ T5928] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.122472][ T5928] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  278.138793][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.192180][ T6282] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.225242][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  278.238053][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  278.253736][ T6282] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  278.274994][ T3718] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  278.285837][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  278.353681][ T3718] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  278.383132][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  278.434921][ T7791] loop2: detected capacity change from 0 to 64
[  278.525596][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  279.285105][ T7788] chnl_net:caif_netlink_parms(): no params data found
[  279.450103][ T7788] bridge0: port 1(bridge_slave_0) entered blocking state
[  279.465207][ T7788] bridge0: port 1(bridge_slave_0) entered disabled state
[  279.483896][ T7788] device bridge_slave_0 entered promiscuous mode
[  279.528596][ T7788] bridge0: port 2(bridge_slave_1) entered blocking state
[  279.572116][ T7798] loop4: detected capacity change from 0 to 32768
[  279.586895][ T7788] bridge0: port 2(bridge_slave_1) entered disabled state
[  279.609264][ T7788] device bridge_slave_1 entered promiscuous mode
[  279.678623][ T7798] JBD2: Ignoring recovery information on journal
[  279.693907][ T7788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.708322][ T7788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.741363][ T7798] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  279.752196][    T9] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.790082][   T26] audit: type=1800 audit(1728862732.599:144): pid=7798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.620" name="bus" dev="loop4" ino=17058 res=0 errno=0
[  279.814120][ T7788] team0: Port device team_slave_0 added
[  279.824118][ T7788] team0: Port device team_slave_1 added
[  279.853231][ T7788] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.860295][ T7788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.886989][ T7788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.899286][ T7788] batman_adv: batadv0: Adding interface: batadv_slave_1
[  279.906220][ T7788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  279.989955][ T7788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  280.011542][    T9] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.045404][ T7788] device hsr_slave_0 entered promiscuous mode
[  280.052299][ T7788] device hsr_slave_1 entered promiscuous mode
[  280.104899][    T9] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.211996][    T9] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.224419][ T7521] ocfs2: Unmounting device (7,4) on (node local)
[  280.385321][    T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.413425][ T4607] Bluetooth: hci5: command 0x0409 tx timeout
[  280.442792][    T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.522997][    T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.575852][    T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  280.819402][ T7852] netlink: 132 bytes leftover after parsing attributes in process `syz.2.621'.
[  280.868629][ T7852] netlink: 12 bytes leftover after parsing attributes in process `syz.2.621'.
[  281.434054][ T7878] loop4: detected capacity change from 0 to 512
[  281.543086][ T7878] EXT4-fs (loop4): Ignoring removed orlov option
[  281.545152][ T7867] loop3: detected capacity change from 0 to 32768
[  281.627019][ T7878] EXT4-fs (loop4): 1 orphan inode deleted
[  281.647304][ T7878] EXT4-fs (loop4): mounted filesystem without journal. Opts: resgid=0x0000000000000000,journal_dev=0x0000000000000002,noblock_validity,grpjquota=,orlov,resgid=0x0000000000000000,sysvgroups,norecovery,usrquota,,errors=continue. Quota mode: writeback.
[  281.687698][ T7878] ext4 filesystem being mounted at /3/file1 supports timestamps until 2038 (0x7fffffff)
[  281.759008][ T7867] XFS (loop3): Mounting V5 Filesystem
[  281.765648][ T7788] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  281.822165][ T7863] chnl_net:caif_netlink_parms(): no params data found
[  281.863602][ T7788] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  281.922710][ T7788] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  281.935638][ T7867] XFS (loop3): Ending clean mount
[  282.006813][ T7788] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  282.064916][ T7904] loop4: detected capacity change from 0 to 512
[  282.154705][ T7904] EXT4-fs (loop4): Ignoring removed orlov option
[  282.190373][ T7873] loop2: detected capacity change from 0 to 32768
[  282.219071][ T7904] EXT4-fs (loop4): 1 orphan inode deleted
[  282.237886][ T7904] EXT4-fs (loop4): mounted filesystem without journal. Opts: resgid=0x0000000000000000,journal_dev=0x0000000000000002,noblock_validity,grpjquota=,orlov,resgid=0x0000000000000000,sysvgroups,norecovery,usrquota,,errors=continue. Quota mode: writeback.
[  282.274319][ T7863] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.286666][ T7863] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.302490][ T7863] device bridge_slave_0 entered promiscuous mode
[  282.367863][ T7904] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038 (0x7fffffff)
[  282.401128][ T7863] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.417455][ T7863] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.428795][ T7863] device bridge_slave_1 entered promiscuous mode
[  282.495771][ T4608] Bluetooth: hci5: command 0x041b tx timeout
[  282.609589][ T7863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  282.689220][ T7788] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.704491][ T7863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  282.734435][ T7129] XFS (loop3): Unmounting Filesystem
[  282.809414][ T7928] loop4: detected capacity change from 0 to 64
[  282.864605][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  282.878633][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  282.957446][ T7863] team0: Port device team_slave_0 added
[  283.010399][ T7788] 8021q: adding VLAN 0 to HW filter on device team0
[  283.060449][ T7863] team0: Port device team_slave_1 added
[  283.070534][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  283.086867][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  283.128105][ T4773] bridge0: port 1(bridge_slave_0) entered blocking state
[  283.128393][ T5663] Bluetooth: hci0: command 0x0409 tx timeout
[  283.135186][ T4773] bridge0: port 1(bridge_slave_0) entered forwarding state
[  283.356519][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  283.387865][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  283.420968][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  283.466823][ T4773] bridge0: port 2(bridge_slave_1) entered blocking state
[  283.473934][ T4773] bridge0: port 2(bridge_slave_1) entered forwarding state
[  283.538082][    T9] device hsr_slave_0 left promiscuous mode
[  283.561270][    T9] device hsr_slave_1 left promiscuous mode
[  283.585855][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  283.613657][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  283.643593][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  283.674652][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  283.718214][    T9] device bridge_slave_1 left promiscuous mode
[  283.742133][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  283.772826][    T9] device bridge_slave_0 left promiscuous mode
[  283.793720][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  283.851974][    T9] device hsr_slave_0 left promiscuous mode
[  283.873598][    T9] device hsr_slave_1 left promiscuous mode
[  283.901908][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  283.947331][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  283.996596][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  284.016472][    T9] device bridge_slave_1 left promiscuous mode
[  284.027550][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.072864][    T9] device bridge_slave_0 left promiscuous mode
[  284.107648][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.191218][    T9] device veth1_macvtap left promiscuous mode
[  284.226502][    T9] device veth0_macvtap left promiscuous mode
[  284.252996][    T9] device veth1_vlan left promiscuous mode
[  284.278093][    T9] device veth0_vlan left promiscuous mode
[  284.307691][    T9] device veth1_macvtap left promiscuous mode
[  284.315652][    T9] device veth0_macvtap left promiscuous mode
[  284.325839][    T9] device veth1_vlan left promiscuous mode
[  284.352320][    T9] device veth0_vlan left promiscuous mode
[  284.569202][ T4313] Bluetooth: hci5: command 0x040f tx timeout
[  284.894474][    T9] team0 (unregistering): Port device team_slave_1 removed
[  284.918017][    T9] team0 (unregistering): Port device team_slave_0 removed
[  284.934169][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  284.998037][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  285.154398][    T9] bond0 (unregistering): Released all slaves
[  285.210314][ T4517] Bluetooth: hci0: command 0x041b tx timeout
[  285.390235][    T9] team0 (unregistering): Port device team_slave_1 removed
[  285.426644][    T9] team0 (unregistering): Port device team_slave_0 removed
[  285.463955][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  285.531172][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  285.693541][    T9] bond0 (unregistering): Released all slaves
[  285.764253][ T7863] batman_adv: batadv0: Adding interface: batadv_slave_0
[  285.775903][ T7863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.838965][ T7863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.869217][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  285.907617][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  285.947187][ T7863] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.956982][ T7863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.990373][ T7863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  286.038329][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  286.059201][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  286.070666][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  286.090236][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  286.100029][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  286.117287][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  286.135359][ T7863] device hsr_slave_0 entered promiscuous mode
[  286.148843][ T7863] device hsr_slave_1 entered promiscuous mode
[  286.156280][ T7863] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  286.172184][ T7863] Cannot create hsr debugfs directory
[  286.186065][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  286.194659][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  286.203787][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  286.240757][ T7788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  286.401884][ T7953] loop4: detected capacity change from 0 to 32768
[  286.413768][ T4608] Bluetooth: hci1: command 0x0409 tx timeout
[  286.491188][ T7953] XFS (loop4): Mounting V5 Filesystem
[  286.573480][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  286.590101][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  286.652875][ T4313] Bluetooth: hci5: command 0x0419 tx timeout
[  286.685287][ T7953] XFS (loop4): Ending clean mount
[  286.707519][ T7953] XFS (loop4): Quotacheck needed: Please wait.
[  286.717321][ T7788] 8021q: adding VLAN 0 to HW filter on device batadv0
[  286.728447][ T7949] chnl_net:caif_netlink_parms(): no params data found
[  286.927786][ T7953] XFS (loop4): Quotacheck: Done.
[  286.995989][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  287.021497][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  287.107665][ T7521] XFS (loop4): Unmounting Filesystem
[  287.169824][ T7949] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.177436][ T7949] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.187799][ T7949] device bridge_slave_0 entered promiscuous mode
[  287.224060][ T7788] device veth0_vlan entered promiscuous mode
[  287.233164][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  287.253264][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  287.288689][ T7949] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.290608][ T4313] Bluetooth: hci0: command 0x040f tx timeout
[  287.299842][ T7949] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.322851][ T7949] device bridge_slave_1 entered promiscuous mode
[  287.338307][ T7788] device veth1_vlan entered promiscuous mode
[  287.356585][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  287.366156][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  287.386721][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  287.497137][ T7949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  287.558355][ T7949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  287.605313][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  287.627964][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  287.661137][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  287.761411][ T7788] device veth0_macvtap entered promiscuous mode
[  287.762583][ T7978] loop2: detected capacity change from 0 to 32768
[  287.776000][ T7863] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  287.805239][ T7949] team0: Port device team_slave_0 added
[  287.817668][ T7863] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  287.834483][ T7863] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  287.915644][ T7788] device veth1_macvtap entered promiscuous mode
[  287.940134][ T7949] team0: Port device team_slave_1 added
[  287.959121][ T7978] XFS (loop2): Mounting V5 Filesystem
[  288.046021][ T7863] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  288.081732][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  288.102286][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  288.107417][ T7978] XFS (loop2): Ending clean mount
[  288.122189][ T7978] XFS (loop2): Quotacheck needed: Please wait.
[  288.131102][ T7949] batman_adv: batadv0: Adding interface: batadv_slave_0
[  288.153899][ T7949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.215776][ T7978] XFS (loop2): Quotacheck: Done.
[  288.220761][ T7949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  288.222487][ T7949] batman_adv: batadv0: Adding interface: batadv_slave_1
[  288.259359][ T7949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.316043][ T5961] XFS (loop2): Unmounting Filesystem
[  288.329678][ T7949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  288.404565][ T7788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.430814][ T7788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.440628][ T7788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  288.451387][ T7788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.462710][ T7788] batman_adv: batadv0: Interface activated: batadv_slave_0
[  288.491335][ T4599] Bluetooth: hci1: command 0x041b tx timeout
[  288.515322][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  288.528845][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  288.565121][ T7788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.635641][ T7788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.665910][ T7788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  288.685691][ T7788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  288.724556][ T7788] batman_adv: batadv0: Interface activated: batadv_slave_1
[  288.784855][ T7949] device hsr_slave_0 entered promiscuous mode
[  288.803105][ T8018] loop4: detected capacity change from 0 to 64
[  288.848761][ T7949] device hsr_slave_1 entered promiscuous mode
[  288.863380][ T7949] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  288.870925][ T7949] Cannot create hsr debugfs directory
[  288.920216][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  288.929648][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  288.974459][ T7788] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  288.995955][ T7788] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  289.041136][ T7788] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  289.049832][ T7788] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  289.371632][ T4313] Bluetooth: hci0: command 0x0419 tx timeout
[  289.493196][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.523664][ T8035] Cannot find set identified by id 0 to match
[  289.530219][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.549612][ T7863] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.574384][ T3697] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  289.605993][ T3697] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  289.628832][ T3697] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  289.645698][ T7949] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.686264][ T7863] 8021q: adding VLAN 0 to HW filter on device team0
[  289.704524][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  289.724702][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  289.746490][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  289.784148][ T7949] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  289.830443][ T8051] loop2: detected capacity change from 0 to 1024
[  289.849393][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  289.867739][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  289.913002][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.913307][ T8051] hfsplus: unable to parse mount options
[  289.920058][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.962556][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  290.047755][ T8059] loop4: detected capacity change from 0 to 2048
[  290.066154][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  290.080309][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.087412][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.139357][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  290.186190][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  290.195399][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  290.353828][ T7949] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.572155][ T4608] Bluetooth: hci1: command 0x040f tx timeout
[  290.611910][ T4313] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  290.639331][ T8059] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  290.691976][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  290.701200][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  290.749924][ T7521] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  290.780213][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  290.795157][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  290.804102][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  290.821699][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  290.872594][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  290.882713][ T4313] usb 3-1: Using ep0 maxpacket: 16
[  290.899449][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  290.920065][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  290.929303][ T7863] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  291.003314][ T4313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  291.024426][ T4313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  291.061411][ T4313] usb 3-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  291.080420][ T4313] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.109975][ T4313] usb 3-1: config 0 descriptor??
[  291.159425][ T7949] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.347947][ T7949] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  291.400279][ T7949] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  291.427067][ T7949] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  291.474298][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  291.526224][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  291.552843][ T7949] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  291.573716][ T7863] 8021q: adding VLAN 0 to HW filter on device batadv0
[  291.614514][ T4313] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:05AC:8241.000A/input/input15
[  291.719401][ T8085] loop4: detected capacity change from 0 to 32768
[  291.752610][ T4313] appleir 0003:05AC:8241.000A: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  291.787014][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  291.801995][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  291.845715][ T8085] JBD2: Ignoring recovery information on journal
[  291.942242][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  291.957380][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  291.966466][ T8085] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  291.994839][ T7863] device veth0_vlan entered promiscuous mode
[  292.018615][   T26] audit: type=1800 audit(1728862744.812:145): pid=8085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.653" name="bus" dev="loop4" ino=17058 res=0 errno=0
[  292.062337][ T7949] 8021q: adding VLAN 0 to HW filter on device bond0
[  292.079999][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  292.097876][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  292.151467][ T7949] 8021q: adding VLAN 0 to HW filter on device team0
[  292.168352][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  292.184501][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  292.207752][ T7863] device veth1_vlan entered promiscuous mode
[  292.223662][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  292.242071][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  292.262129][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  292.290554][ T3696] bridge0: port 1(bridge_slave_0) entered blocking state
[  292.297632][ T3696] bridge0: port 1(bridge_slave_0) entered forwarding state
[  292.356993][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  292.375393][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  292.403327][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  292.423648][ T3696] bridge0: port 2(bridge_slave_1) entered blocking state
[  292.430748][ T3696] bridge0: port 2(bridge_slave_1) entered forwarding state
[  292.449935][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  292.480877][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  292.490420][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  292.503598][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  292.545632][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  292.566614][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  292.586279][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  292.617269][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  292.675754][ T4313] Bluetooth: hci1: command 0x0419 tx timeout
[  292.691950][ T7521] ocfs2: Unmounting device (7,4) on (node local)
[  292.702258][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  292.751936][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  292.773138][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  292.798971][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  292.813998][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  292.839472][ T7949] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  292.913993][ T4313] usb 3-1: reset high-speed USB device number 26 using dummy_hcd
[  292.987036][ T7863] device veth0_macvtap entered promiscuous mode
[  293.076736][ T7863] device veth1_macvtap entered promiscuous mode
[  293.145409][    T9] device hsr_slave_0 left promiscuous mode
[  293.181705][    T9] device hsr_slave_1 left promiscuous mode
[  293.231584][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  293.274030][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  293.296371][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  293.318435][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  293.354239][    T9] device bridge_slave_1 left promiscuous mode
[  293.371515][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.394887][    T9] device bridge_slave_0 left promiscuous mode
[  293.417309][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.449498][    T9] device veth1_macvtap left promiscuous mode
[  293.508668][    T9] device veth0_macvtap left promiscuous mode
[  293.532009][    T9] device veth1_vlan left promiscuous mode
[  293.548352][    T9] device veth0_vlan left promiscuous mode
[  293.636051][ T8143] loop2: detected capacity change from 0 to 64
[  293.800310][ T4608] usb 3-1: USB disconnect, device number 26
[  293.936750][ T8136] loop4: detected capacity change from 0 to 32768
[  294.097023][ T8136] JBD2: Ignoring recovery information on journal
[  294.154620][ T8136] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  294.258740][   T26] audit: type=1800 audit(1728862747.051:146): pid=8136 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.655" name="bus" dev="loop4" ino=17058 res=0 errno=0
[  294.258931][    T9] team0 (unregistering): Port device team_slave_1 removed
[  294.300202][    T9] team0 (unregistering): Port device team_slave_0 removed
[  294.323491][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  294.363765][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  294.573029][    T9] bond0 (unregistering): Released all slaves
[  294.672869][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  294.686885][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  294.722351][ T7863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.743295][ T7863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.759613][ T7863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.770532][ T7863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.785861][ T8167] loop0: detected capacity change from 0 to 256
[  294.787434][ T7863] batman_adv: batadv0: Interface activated: batadv_slave_0
[  294.810696][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  294.820547][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  294.859587][ T7863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.870709][ T7863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.883728][ T7863] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.900432][ T7863] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.911960][ T7863] batman_adv: batadv0: Interface activated: batadv_slave_1
[  294.942186][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  294.981121][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  294.981922][ T8167] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  295.012569][ T7521] ocfs2: Unmounting device (7,4) on (node local)
[  295.033329][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  295.065597][ T8167] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  295.066265][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  295.103574][ T8167] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  295.136426][ T7863] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  295.173911][ T8167] UDF-fs: Scanning with blocksize 512 failed
[  295.182056][ T7863] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  295.200463][ T8167] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  295.215182][ T7863] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  295.223878][ T7863] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  295.265704][ T8167] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  295.287965][ T7949] 8021q: adding VLAN 0 to HW filter on device batadv0
[  295.385702][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  295.398806][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  295.471959][ T7949] device veth0_vlan entered promiscuous mode
[  295.482144][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  295.493363][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  295.519681][ T7949] device veth1_vlan entered promiscuous mode
[  295.542643][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.550983][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  295.564938][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.573465][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  295.597941][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  295.619653][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  295.663865][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  295.694954][ T7949] device veth0_macvtap entered promiscuous mode
[  295.703680][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.713285][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  295.723692][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.737048][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  295.779518][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  295.826692][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  295.856412][ T7949] device veth1_macvtap entered promiscuous mode
[  295.913639][ T7949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.937060][ T7949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  295.953629][ T7949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  295.994506][ T7949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.014279][ T7949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  296.034353][ T7949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.100430][ T7949] batman_adv: batadv0: Interface activated: batadv_slave_0
[  296.159213][ T7949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  296.193595][ T8206] FAULT_INJECTION: forcing a failure.
[  296.193595][ T8206] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  296.229162][ T7949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.259443][ T8206] CPU: 1 PID: 8206 Comm: syz.2.661 Not tainted 5.15.167-syzkaller #0
[  296.267520][ T8206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  296.277568][ T8206] Call Trace:
[  296.280843][ T8206]  <TASK>
[  296.283767][ T8206]  dump_stack_lvl+0x1e3/0x2d0
[  296.288449][ T8206]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  296.294077][ T8206]  ? panic+0x860/0x860
[  296.298149][ T8206]  ? snprintf+0xd6/0x120
[  296.302418][ T8206]  should_fail+0x38a/0x4c0
[  296.306840][ T8206]  _copy_to_user+0x2d/0x130
[  296.311342][ T8206]  simple_read_from_buffer+0xc6/0x150
[  296.316721][ T8206]  proc_fail_nth_read+0x1a3/0x210
[  296.321748][ T8206]  ? proc_fault_inject_write+0x390/0x390
[  296.327379][ T8206]  ? fsnotify_perm+0x442/0x590
[  296.332138][ T8206]  ? proc_fault_inject_write+0x390/0x390
[  296.337766][ T8206]  vfs_read+0x2fc/0xe10
[  296.341929][ T8206]  ? kernel_read+0x1f0/0x1f0
[  296.346521][ T8206]  ? __fget_files+0x413/0x480
[  296.351204][ T8206]  ? mutex_lock_nested+0x17/0x20
[  296.356136][ T8206]  ? __fdget_pos+0x2cb/0x380
[  296.360720][ T8206]  ? ksys_read+0x77/0x2c0
[  296.365048][ T8206]  ksys_read+0x1a2/0x2c0
[  296.369290][ T8206]  ? print_irqtrace_events+0x210/0x210
[  296.374748][ T8206]  ? vfs_write+0xe50/0xe50
[  296.379164][ T8206]  ? syscall_enter_from_user_mode+0x2e/0x240
[  296.385141][ T8206]  ? lockdep_hardirqs_on+0x94/0x130
[  296.390340][ T8206]  ? syscall_enter_from_user_mode+0x2e/0x240
[  296.396324][ T8206]  do_syscall_64+0x3b/0xb0
[  296.400740][ T8206]  ? clear_bhb_loop+0x15/0x70
[  296.405416][ T8206]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  296.411307][ T8206] RIP: 0033:0x7ff44cb7ca3c
[  296.415723][ T8206] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  296.435321][ T8206] RSP: 002b:00007ff44afd5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  296.443098][ T7949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  296.443733][ T8206] RAX: ffffffffffffffda RBX: 00007ff44cd36058 RCX: 00007ff44cb7ca3c
[  296.454161][ T7949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.462075][ T8206] RDX: 000000000000000f RSI: 00007ff44afd50a0 RDI: 0000000000000006
[  296.462090][ T8206] RBP: 00007ff44afd5090 R08: 0000000000000000 R09: 0000000000000000
[  296.462103][ T8206] R10: 000000000000005a R11: 0000000000000246 R12: 0000000000000001
[  296.472275][ T7949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  296.479817][ T8206] R13: 0000000000000001 R14: 00007ff44cd36058 R15: 00007ffd749fe118
[  296.479849][ T8206]  </TASK>
[  296.488345][ T7949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  296.551116][ T7949] batman_adv: batadv0: Interface activated: batadv_slave_1
[  296.562292][ T3697] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  296.581485][ T3697] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  296.596795][ T3697] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  296.610511][ T3697] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  296.656747][ T7949] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  296.665869][ T7949] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  296.679478][ T7949] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  296.689681][ T7949] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  296.884413][ T8215] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  296.902870][ T4773] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  296.941746][ T4773] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  296.989186][ T3697] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  297.000676][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  297.013867][ T3697] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  297.045220][ T3718] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  297.082196][ T8212] loop2: detected capacity change from 0 to 8192
[  297.233743][ T8212] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  297.259414][ T8212] REISERFS (device loop2): using ordered data mode
[  297.266047][ T8212] reiserfs: using flush barriers
[  297.284983][ T8212] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  297.303219][ T8212] REISERFS (device loop2): checking transaction log (loop2)
[  297.449889][ T8212] REISERFS (device loop2): Using tea hash to sort names
[  297.476941][ T8212] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  297.518361][ T8212] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  297.576507][ T8212] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  298.104347][    T9] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.185883][    T9] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.239646][    T9] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.320747][    T9] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  298.681033][ T8239] netlink: 132 bytes leftover after parsing attributes in process `syz.3.634'.
[  298.924641][ T8259] FAULT_INJECTION: forcing a failure.
[  298.924641][ T8259] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.958492][ T8259] CPU: 1 PID: 8259 Comm: syz.3.669 Not tainted 5.15.167-syzkaller #0
[  298.966574][ T8259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  298.976625][ T8259] Call Trace:
[  298.979888][ T8259]  <TASK>
[  298.982803][ T8259]  dump_stack_lvl+0x1e3/0x2d0
[  298.987465][ T8259]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  298.993078][ T8259]  ? panic+0x860/0x860
[  298.997158][ T8259]  ? snprintf+0xd6/0x120
[  299.001383][ T8259]  should_fail+0x38a/0x4c0
[  299.005800][ T8259]  _copy_to_user+0x2d/0x130
[  299.010284][ T8259]  simple_read_from_buffer+0xc6/0x150
[  299.015644][ T8259]  proc_fail_nth_read+0x1a3/0x210
[  299.020674][ T8259]  ? proc_fault_inject_write+0x390/0x390
[  299.026309][ T8259]  ? fsnotify_perm+0x442/0x590
[  299.031054][ T8259]  ? proc_fault_inject_write+0x390/0x390
[  299.036662][ T8259]  vfs_read+0x2fc/0xe10
[  299.040803][ T8259]  ? kernel_read+0x1f0/0x1f0
[  299.045378][ T8259]  ? __fget_files+0x413/0x480
[  299.050041][ T8259]  ? mutex_lock_nested+0x17/0x20
[  299.054958][ T8259]  ? __fdget_pos+0x2cb/0x380
[  299.059534][ T8259]  ? ksys_read+0x77/0x2c0
[  299.063847][ T8259]  ksys_read+0x1a2/0x2c0
[  299.068072][ T8259]  ? print_irqtrace_events+0x210/0x210
[  299.073515][ T8259]  ? vfs_write+0xe50/0xe50
[  299.077938][ T8259]  ? syscall_enter_from_user_mode+0x2e/0x240
[  299.083900][ T8259]  ? lockdep_hardirqs_on+0x94/0x130
[  299.089078][ T8259]  ? syscall_enter_from_user_mode+0x2e/0x240
[  299.095035][ T8259]  do_syscall_64+0x3b/0xb0
[  299.099430][ T8259]  ? clear_bhb_loop+0x15/0x70
[  299.104092][ T8259]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  299.109989][ T8259] RIP: 0033:0x7f51fb93ca3c
[  299.114386][ T8259] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  299.133969][ T8259] RSP: 002b:00007f51f9d95030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  299.142383][ T8259] RAX: ffffffffffffffda RBX: 00007f51fbaf6058 RCX: 00007f51fb93ca3c
[  299.150354][ T8259] RDX: 000000000000000f RSI: 00007f51f9d950a0 RDI: 000000000000000e
[  299.158307][ T8259] RBP: 00007f51f9d95090 R08: 0000000000000000 R09: 0000000000000000
[  299.166435][ T8259] R10: 000000000000005a R11: 0000000000000246 R12: 0000000000000001
[  299.174401][ T8259] R13: 0000000000000001 R14: 00007f51fbaf6058 R15: 00007ffc18a31658
[  299.182363][ T8259]  </TASK>
[  299.342603][ T8264] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  299.372708][ T8267] loop2: detected capacity change from 0 to 128
[  299.567119][ T8260] chnl_net:caif_netlink_parms(): no params data found
[  299.864784][    T9] device hsr_slave_0 left promiscuous mode
[  299.880812][ T8280] loop0: detected capacity change from 0 to 2048
[  299.897275][    T9] device hsr_slave_1 left promiscuous mode
[  299.911707][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  299.962260][ T8280] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  300.004072][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  300.027628][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  300.035513][ T8280] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  300.048155][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  300.325472][    T9] device bridge_slave_1 left promiscuous mode
[  300.331811][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.344308][    T9] device bridge_slave_0 left promiscuous mode
[  300.350991][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.364496][    T9] device veth1_macvtap left promiscuous mode
[  300.375825][    T9] device veth0_macvtap left promiscuous mode
[  300.391510][    T9] device veth1_vlan left promiscuous mode
[  300.397707][    T9] device veth0_vlan left promiscuous mode
[  300.586265][ T4606] usb 1-1: new low-speed USB device number 25 using dummy_hcd
[  300.725955][    T9] team0 (unregistering): Port device team_slave_1 removed
[  300.744477][    T9] team0 (unregistering): Port device team_slave_0 removed
[  300.771081][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  300.791729][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  300.826776][ T4829] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  300.836442][ T4606] usb 1-1: Invalid ep0 maxpacket: 16
[  300.931442][    T9] bond0 (unregistering): Released all slaves
[  300.986353][ T4606] usb 1-1: new low-speed USB device number 26 using dummy_hcd
[  301.017761][ T8260] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.064748][ T8260] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.091477][ T8260] device bridge_slave_0 entered promiscuous mode
[  301.125926][ T8260] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.154168][ T8260] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.190210][   T26] audit: type=1326 audit(1728862753.988:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8301 comm="syz.3.678" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f51fb93dff9 code=0x0
[  301.213727][ T8260] device bridge_slave_1 entered promiscuous mode
[  301.239409][ T4829] usb 3-1: config 0 has an invalid interface number: 27 but max is 0
[  301.256490][ T4606] usb 1-1: Invalid ep0 maxpacket: 16
[  301.258978][ T4829] usb 3-1: config 0 has no interface number 0
[  301.261940][ T4606] usb usb1-port1: attempt power cycle
[  301.313347][ T8306] FAULT_INJECTION: forcing a failure.
[  301.313347][ T8306] name failslab, interval 1, probability 0, space 0, times 0
[  301.327601][ T4829] usb 3-1: config 0 interface 27 altsetting 0 endpoint 0x2 has invalid maxpacket 128, setting to 64
[  301.355868][ T8306] CPU: 0 PID: 8306 Comm: syz.3.679 Not tainted 5.15.167-syzkaller #0
[  301.363929][ T8306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  301.373963][ T8306] Call Trace:
[  301.377223][ T8306]  <TASK>
[  301.380135][ T8306]  dump_stack_lvl+0x1e3/0x2d0
[  301.384795][ T8306]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  301.390414][ T8306]  ? panic+0x860/0x860
[  301.394482][ T8306]  ? __might_sleep+0xc0/0xc0
[  301.399057][ T8306]  ? memset+0x1f/0x40
[  301.403020][ T8306]  should_fail+0x38a/0x4c0
[  301.407419][ T8306]  should_failslab+0x5/0x20
[  301.411920][ T8306]  slab_pre_alloc_hook+0x53/0xc0
[  301.416840][ T8306]  __kmalloc+0x6e/0x300
[  301.420973][ T8306]  ? ceph_monc_init+0x17d/0xb10
[  301.425802][ T8306]  ceph_monc_init+0x17d/0xb10
[  301.430456][ T8306]  ? memcpy+0x3c/0x60
[  301.434416][ T8306]  ? ceph_messenger_init+0x3be/0x5e0
[  301.439677][ T8306]  ceph_create_client+0x1ff/0x2c0
[  301.444681][ T8306]  ceph_get_tree+0x100/0x12b0
[  301.449336][ T8306]  ? apparmor_capable+0x12e/0x190
[  301.454345][ T8306]  ? bpf_lsm_capable+0x5/0x10
[  301.459005][ T8306]  vfs_get_tree+0x88/0x270
[  301.463403][ T8306]  __se_sys_fsconfig+0xa5d/0xec0
[  301.468322][ T8306]  ? __x64_sys_fsconfig+0xc0/0xc0
[  301.473325][ T8306]  ? syscall_enter_from_user_mode+0x2e/0x240
[  301.479369][ T8306]  ? lockdep_hardirqs_on+0x94/0x130
[  301.484552][ T8306]  ? __x64_sys_fsconfig+0x1c/0xc0
[  301.489557][ T8306]  do_syscall_64+0x3b/0xb0
[  301.493950][ T8306]  ? clear_bhb_loop+0x15/0x70
[  301.498610][ T8306]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  301.504483][ T8306] RIP: 0033:0x7f51fb93dff9
[  301.508878][ T8306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.528462][ T8306] RSP: 002b:00007f51f9db6038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  301.536872][ T8306] RAX: ffffffffffffffda RBX: 00007f51fbaf5f80 RCX: 00007f51fb93dff9
[  301.544819][ T8306] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000003
[  301.552765][ T8306] RBP: 00007f51f9db6090 R08: 0000000000000000 R09: 0000000000000000
[  301.560712][ T8306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.568660][ T8306] R13: 0000000000000000 R14: 00007f51fbaf5f80 R15: 00007ffc18a31658
[  301.576631][ T8306]  </TASK>
[  301.618501][ T3778] Bluetooth: hci0: command 0x0409 tx timeout
[  301.716410][ T8260] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  301.745880][ T8260] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  301.755312][ T4829] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=71.8f
[  301.768983][ T4829] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.794095][ T4829] usb 3-1: Product: syz
[  301.804309][ T4829] usb 3-1: Manufacturer: syz
[  301.813868][ T4829] usb 3-1: SerialNumber: syz
[  301.838751][ T4829] usb 3-1: config 0 descriptor??
[  301.880611][ T8260] team0: Port device team_slave_0 added
[  301.911780][ T8260] team0: Port device team_slave_1 added
[  301.959508][ T8323] loop3: detected capacity change from 0 to 1024
[  301.998139][ T8323] hfsplus: request for non-existent node 40 in B*Tree
[  302.005259][ T8323] hfsplus: request for non-existent node 40 in B*Tree
[  302.026800][ T4606] usb 1-1: new low-speed USB device number 27 using dummy_hcd
[  302.094723][ T8260] batman_adv: batadv0: Adding interface: batadv_slave_0
[  302.127005][ T4606] usb 1-1: Invalid ep0 maxpacket: 16
[  302.145055][ T8260] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  302.155037][ T8323] fuse: Bad value for 'group_id'
[  302.203899][ T8332] loop2: detected capacity change from 0 to 1024
[  302.211910][ T8260] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  302.216577][ T8333] overlayfs: failed to get inode (-116)
[  302.246238][ T8260] batman_adv: batadv0: Adding interface: batadv_slave_1
[  302.255487][ T8333] overlayfs: failed to get inode (-116)
[  302.257828][ T8260] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  302.261981][ T8333] overlayfs: failed to get inode (-116)
[  302.295527][ T8333] overlayfs: failed to get inode (-116)
[  302.296783][ T8260] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  302.311830][ T4606] usb 1-1: new low-speed USB device number 28 using dummy_hcd
[  302.392719][ T8332] EXT4-fs (loop2): mounted filesystem without journal. Opts: noauto_da_alloc,max_dir_size_kb=0x0000000000000001,dioread_lock,norecovery,discard,lazytime,noload,usrquota,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  302.417332][ T4606] usb 1-1: Invalid ep0 maxpacket: 16
[  302.423327][ T4606] usb usb1-port1: unable to enumerate USB device
[  302.501562][ T8260] device hsr_slave_0 entered promiscuous mode
[  302.515327][   T26] audit: type=1804 audit(1728862755.308:148): pid=8300 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.677" name="/newroot/73/file1/bus" dev="loop2" ino=18 res=1 errno=0
[  302.548177][ T8260] device hsr_slave_1 entered promiscuous mode
[  302.578444][ T8260] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  302.604418][ T8343] loop4: detected capacity change from 0 to 128
[  302.613515][ T8260] Cannot create hsr debugfs directory
[  302.613669][ T8338] kvm: emulating exchange as write
[  302.637470][ T4829] ath6kl: Failed to submit usb control message: -71
[  302.644087][ T4829] ath6kl: unable to send the bmi data to the device: -71
[  302.661083][ T4829] ath6kl: Unable to send get target info: -71
[  302.724826][ T4829] ath6kl: Failed to init ath6kl core: -71
[  302.845356][ T4829] ath6kl_usb: probe of 3-1:0.27 failed with error -71
[  302.892767][ T4829] usb 3-1: USB disconnect, device number 27
[  303.363012][ T8364] netlink: 'syz.2.687': attribute type 1 has an invalid length.
[  303.504832][ T8369] loop3: detected capacity change from 0 to 2048
[  303.588441][ T8369] UDF-fs: bad mount option "����00000000000000000000�F�P4�2$�ř��!dmX������jp(�����WǴWH
diSO�ryq" or missing value
[  303.697674][ T4313] Bluetooth: hci0: command 0x041b tx timeout
[  303.831668][ T8260] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  303.851174][ T8365] loop2: detected capacity change from 0 to 4096
[  303.892153][ T8260] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  304.046732][ T8260] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  304.272238][ T8365] ntfs: volume version 3.1.
[  304.451641][ T8378] capability: warning: `syz.3.689' uses 32-bit capabilities (legacy support in use)
[  304.483123][ T8378] loop3: detected capacity change from 0 to 2048
[  304.668060][ T8260] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  304.831473][ T8385] netlink: 104 bytes leftover after parsing attributes in process `syz.0.690'.
[  304.874096][ T8378] delete_channel: no stack
[  305.491345][ T8398] loop2: detected capacity change from 0 to 64
[  305.593056][ T8403] FAULT_INJECTION: forcing a failure.
[  305.593056][ T8403] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  305.627166][ T8403] CPU: 0 PID: 8403 Comm: syz.3.693 Not tainted 5.15.167-syzkaller #0
[  305.635243][ T8403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  305.645299][ T8403] Call Trace:
[  305.648578][ T8403]  <TASK>
[  305.651505][ T8403]  dump_stack_lvl+0x1e3/0x2d0
[  305.656190][ T8403]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  305.661838][ T8403]  ? panic+0x860/0x860
[  305.665929][ T8403]  should_fail+0x38a/0x4c0
[  305.670361][ T8403]  _copy_to_user+0x2d/0x130
[  305.674869][ T8403]  __snd_timer_user_ioctl+0x1eb2/0x50b0
[  305.680436][ T8403]  ? snd_timer_user_fasync+0x60/0x60
[  305.685735][ T8403]  ? read_lock_is_recursive+0x10/0x10
[  305.691114][ T8403]  ? __mutex_trylock_common+0x17e/0x2e0
[  305.693801][ T8260] 8021q: adding VLAN 0 to HW filter on device bond0
[  305.696657][ T8403]  ? __might_sleep+0xc0/0xc0
[  305.707799][ T8403]  ? rcu_lock_release+0x20/0x20
[  305.712665][ T8403]  ? __mutex_lock_common+0x444/0x25a0
[  305.718050][ T8403]  ? snd_timer_user_ioctl+0x4d/0x80
[  305.723246][ T8403]  ? mutex_lock_io_nested+0x60/0x60
[  305.728454][ T8403]  ? __fget_files+0x413/0x480
[  305.733150][ T8403]  snd_timer_user_ioctl+0x5d/0x80
[  305.738174][ T8403]  ? snd_timer_user_poll+0x130/0x130
[  305.742204][ T3697] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  305.743456][ T8403]  __se_sys_ioctl+0xf1/0x160
[  305.755199][ T8403]  do_syscall_64+0x3b/0xb0
[  305.759623][ T8403]  ? clear_bhb_loop+0x15/0x70
[  305.763763][ T3697] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  305.764300][ T8403]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  305.777343][ T8403] RIP: 0033:0x7f51fb93dff9
[  305.778328][ T4606] Bluetooth: hci0: command 0x040f tx timeout
[  305.781758][ T8403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  305.801572][ T8260] 8021q: adding VLAN 0 to HW filter on device team0
[  305.807294][ T8403] RSP: 002b:00007f51f9db6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  305.807321][ T8403] RAX: ffffffffffffffda RBX: 00007f51fbaf5f80 RCX: 00007f51fb93dff9
[  305.807334][ T8403] RDX: 00000000200022c0 RSI: 0000000080e85411 RDI: 0000000000000003
[  305.807345][ T8403] RBP: 00007f51f9db6090 R08: 0000000000000000 R09: 0000000000000000
[  305.807357][ T8403] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  305.807368][ T8403] R13: 0000000000000000 R14: 00007f51fbaf5f80 R15: 00007ffc18a31658
[  305.807397][ T8403]  </TASK>
[  305.938276][ T4313] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  306.034110][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  306.054717][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  306.123694][ T6282] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.130818][ T6282] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.155018][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  306.169794][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  306.188519][ T4313] usb 1-1: Using ep0 maxpacket: 16
[  306.194614][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  306.213414][ T6282] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.220526][ T6282] bridge0: port 2(bridge_slave_1) entered forwarding state
[  306.243336][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  306.268696][ T3634] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  306.287527][ T3634] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  306.308558][ T4313] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  306.336238][ T3634] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  306.360413][ T4313] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  306.365760][ T3634] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  306.410422][ T4313] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  306.416651][ T8422] loop3: detected capacity change from 0 to 512
[  306.426702][ T4313] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.436650][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  306.453418][ T4313] usb 1-1: config 0 descriptor??
[  306.463512][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  306.496119][ T8260] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  306.536263][ T8260] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  306.552220][ T8422] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz.3.697: casefold flag without casefold feature
[  306.590529][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  306.626670][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  306.644892][ T8422] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.697: couldn't read orphan inode 15 (err -117)
[  306.657085][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  306.670541][ T8422] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,,errors=continue. Quota mode: writeback.
[  306.682647][ T5663] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  306.723918][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  306.727674][ T8412] loop4: detected capacity change from 0 to 32768
[  306.755244][ T4773] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  306.780722][ T8412] (syz.4.696,8412,0):ocfs2_parse_options:1447 ERROR: Unrecognized mount option "" or missing value
[  306.819012][ T8412] (syz.4.696,8412,0):ocfs2_fill_super:1177 ERROR: status = -22
[  306.942179][ T4313] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:05AC:8241.000B/input/input16
[  306.997024][ T8441] loop3: detected capacity change from 0 to 2048
[  307.047088][ T3634] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  307.061485][ T8441] UDF-fs: bad mount option "����00000000000000000000�F�P4�2$�ř��!dmX������jp(�����WǴWH
diSO�ryq" or missing value
[  307.090605][ T4313] appleir 0003:05AC:8241.000B: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  307.108967][ T5663] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  307.116879][ T3634] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  307.133835][ T8260] 8021q: adding VLAN 0 to HW filter on device batadv0
[  307.140196][ T5663] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  307.186290][ T5663] usb 3-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  307.200871][ T3634] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  307.214797][ T3634] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  307.215430][ T5663] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.242881][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  307.254011][ T8412] loop4: detected capacity change from 0 to 1024
[  307.273306][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  307.302707][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  307.323323][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  307.324230][ T5663] usb 3-1: config 0 descriptor??
[  307.334199][ T8260] device veth0_vlan entered promiscuous mode
[  307.376754][ T8412] hfsplus: found bad thread record in catalog
[  307.377119][ T8260] device veth1_vlan entered promiscuous mode
[  307.446562][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  307.470118][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  307.486649][ T3634] hfsplus: b-tree write err: -5, ino 4
[  307.493099][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  307.502520][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  307.516545][ T8260] device veth0_macvtap entered promiscuous mode
[  307.577316][ T8260] device veth1_macvtap entered promiscuous mode
[  307.617487][ T8260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.640726][ T8260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.662580][ T8260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.684628][ T8260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.704867][ T8260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  307.726966][ T8260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.751136][ T8260] batman_adv: batadv0: Interface activated: batadv_slave_0
[  307.801344][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  307.816872][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  307.854402][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  307.863163][ T3778] Bluetooth: hci0: command 0x0419 tx timeout
[  307.865249][ T5663] hid-led 0003:1D34:000A.000C: unknown main item tag 0x0
[  307.898294][ T3696] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  307.926767][ T8260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.953945][ T8260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  307.982304][ T8260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  307.997949][ T8260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.018082][ T8260] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  308.038890][ T8260] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  308.070930][ T8260] batman_adv: batadv0: Interface activated: batadv_slave_1
[  308.084996][ T3697] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  308.117957][ T3697] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  308.140606][ T8466] loop3: detected capacity change from 0 to 4096
[  308.170579][ T8260] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  308.187263][ T8466] ntfs3: loop3: Different NTFS' sector size (4096) and media sector size (512)
[  308.210760][ T8260] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  308.225818][ T8260] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  308.234937][ T8260] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  308.249139][ T3778] usb 1-1: reset high-speed USB device number 29 using dummy_hcd
[  308.311466][ T8466] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  308.461749][ T3696] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  308.486325][ T3696] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  308.545532][ T6282] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  308.560075][ T5663] hid-led: probe of 0003:1D34:000A.000C failed with error -71
[  308.582847][ T5663] usb 3-1: USB disconnect, device number 28
[  308.590256][ T3634] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  308.609250][ T3634] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  308.637149][ T3697] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  308.994473][ T8500] kvm: pic: non byte write
[  309.136767][ T4608] usb 1-1: USB disconnect, device number 29
[  309.396526][ T8508] kvm: pic: non byte write
[  309.570741][ T4606] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  309.596653][ T8487] loop3: detected capacity change from 0 to 32768
[  309.650461][ T8487] XFS: ikeep mount option is deprecated.
[  309.663053][ T8511] loop0: detected capacity change from 0 to 64
[  309.800630][ T8513] FAULT_INJECTION: forcing a failure.
[  309.800630][ T8513] name failslab, interval 1, probability 0, space 0, times 0
[  309.829669][ T4606] usb 3-1: Using ep0 maxpacket: 16
[  309.894747][ T8487] XFS (loop3): Mounting V5 Filesystem
[  309.929304][ T8513] CPU: 1 PID: 8513 Comm: syz.4.709 Not tainted 5.15.167-syzkaller #0
[  309.937383][ T8513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  309.947437][ T8513] Call Trace:
[  309.950716][ T8513]  <TASK>
[  309.953647][ T8513]  dump_stack_lvl+0x1e3/0x2d0
[  309.958330][ T8513]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  309.963963][ T8513]  ? panic+0x860/0x860
[  309.968035][ T8513]  ? __might_sleep+0xc0/0xc0
[  309.972637][ T8513]  should_fail+0x38a/0x4c0
[  309.977061][ T8513]  should_failslab+0x5/0x20
[  309.981564][ T8513]  slab_pre_alloc_hook+0x53/0xc0
[  309.986676][ T8513]  __kmalloc+0x6e/0x300
[  309.990836][ T8513]  ? tomoyo_realpath_from_path+0xd8/0x5e0
[  309.996568][ T8513]  tomoyo_realpath_from_path+0xd8/0x5e0
[  310.002128][ T8513]  tomoyo_path_number_perm+0x225/0x810
[  310.007603][ T8513]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  310.013111][ T8513]  ? __fget_files+0x413/0x480
[  310.015678][ T8487] XFS (loop3): Ending clean mount
[  310.017794][ T8513]  security_file_ioctl+0x6d/0xa0
[  310.027717][ T8513]  __se_sys_ioctl+0x47/0x160
[  310.032315][ T8513]  do_syscall_64+0x3b/0xb0
[  310.036741][ T8513]  ? clear_bhb_loop+0x15/0x70
[  310.041425][ T8513]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  310.045855][ T8487] XFS (loop3): Quotacheck needed: Please wait.
[  310.047491][ T8513] RIP: 0033:0x7ffba0b38ff9
[  310.058024][ T8513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.077643][ T8513] RSP: 002b:00007ffb9efb1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  310.086072][ T8513] RAX: ffffffffffffffda RBX: 00007ffba0cf0f80 RCX: 00007ffba0b38ff9
[  310.094042][ T8513] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  310.102013][ T8513] RBP: 00007ffb9efb1090 R08: 0000000000000000 R09: 0000000000000000
[  310.109986][ T8513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  310.117955][ T8513] R13: 0000000000000000 R14: 00007ffba0cf0f80 R15: 00007ffee73c2fa8
[  310.125939][ T8513]  </TASK>
[  310.137044][ T8513] ERROR: Out of memory at tomoyo_realpath_from_path.
[  310.144664][ T4606] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  310.145117][ T8487] XFS (loop3): Quotacheck: Done.
[  310.155666][ T4606] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  310.155884][ T4606] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  310.355310][ T4606] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  310.520438][ T4606] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  310.543207][ T4606] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.828308][ T4606] usb 3-1: Product: syz
[  310.887534][ T4606] usb 3-1: Manufacturer: syz
[  310.983002][ T4606] usb 3-1: SerialNumber: syz
[  311.175116][ T7949] XFS (loop3): Unmounting Filesystem
[  311.364372][ T8507] loop2: detected capacity change from 0 to 164
[  311.810218][ T8535] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  311.893338][ T8533] loop4: detected capacity change from 0 to 2048
[  311.950885][ T8533] UDF-fs: bad mount option "����00000000000000000000�F�P4�2$�ř��!dmX������jp(�����WǴWH
diSO�ryq" or missing value
[  312.033696][ T8547] kvm: pic: non byte write
[  312.470282][ T8555] loop0: detected capacity change from 0 to 128
[  312.518417][    T9] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.558707][ T8543] chnl_net:caif_netlink_parms(): no params data found
[  312.725488][    T9] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.846605][    T9] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.887807][ T8543] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.940693][ T8543] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.950036][ T8543] device bridge_slave_0 entered promiscuous mode
[  312.958924][ T8543] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.989509][ T8543] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.018360][ T8543] device bridge_slave_1 entered promiscuous mode
[  313.019949][ T8556] loop3: detected capacity change from 0 to 32768
[  313.040234][ T4606] usb 3-1: USB disconnect, device number 29
[  313.120657][    T9] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  313.221167][ T5661] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  313.264284][ T8543] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  313.327192][ T8543] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  313.338395][ T8556] JBD2: Ignoring recovery information on journal
[  313.421903][ T8576] FAULT_INJECTION: forcing a failure.
[  313.421903][ T8576] name failslab, interval 1, probability 0, space 0, times 0
[  313.434626][ T8576] CPU: 1 PID: 8576 Comm: syz.0.721 Not tainted 5.15.167-syzkaller #0
[  313.442691][ T8576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  313.452739][ T8576] Call Trace:
[  313.456015][ T8576]  <TASK>
[  313.458939][ T8576]  dump_stack_lvl+0x1e3/0x2d0
[  313.463618][ T8576]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  313.469248][ T8576]  ? panic+0x860/0x860
[  313.473327][ T8576]  should_fail+0x38a/0x4c0
[  313.477751][ T8576]  should_failslab+0x5/0x20
[  313.482248][ T8576]  slab_pre_alloc_hook+0x53/0xc0
[  313.487185][ T8576]  ? security_file_alloc+0x24/0x120
[  313.492386][ T8576]  kmem_cache_alloc+0x3f/0x280
[  313.497157][ T8576]  security_file_alloc+0x24/0x120
[  313.502185][ T8576]  __alloc_file+0xc3/0x240
[  313.506604][ T8576]  alloc_empty_file+0x92/0x180
[  313.511374][ T8576]  path_openat+0xfc/0x2f20
[  313.515787][ T8576]  ? finish_lock_switch+0x8f/0x100
[  313.520896][ T8576]  ? finish_task_switch+0x134/0x630
[  313.526091][ T8576]  ? __switch_to_asm+0x34/0x60
[  313.530864][ T8576]  ? __schedule+0x12cc/0x45b0
[  313.535552][ T8576]  ? mark_lock+0x98/0x340
[  313.539883][ T8576]  ? __lock_acquire+0x1295/0x1ff0
[  313.544903][ T8576]  ? do_filp_open+0x460/0x460
[  313.549679][ T8576]  do_filp_open+0x21c/0x460
[  313.554205][ T8576]  ? vfs_tmpfile+0x2e0/0x2e0
[  313.558812][ T8576]  ? _raw_spin_unlock+0x24/0x40
[  313.563664][ T8576]  ? alloc_fd+0x598/0x630
[  313.568000][ T8576]  do_sys_openat2+0x13b/0x4f0
[  313.572680][ T8576]  ? do_sys_open+0x220/0x220
[  313.577276][ T8576]  __x64_sys_openat+0x243/0x290
[  313.582128][ T8576]  ? __ia32_sys_open+0x270/0x270
[  313.587065][ T8576]  ? syscall_enter_from_user_mode+0x2e/0x240
[  313.593044][ T8576]  ? lockdep_hardirqs_on+0x94/0x130
[  313.598244][ T8576]  ? syscall_enter_from_user_mode+0x2e/0x240
[  313.604223][ T8576]  do_syscall_64+0x3b/0xb0
[  313.608636][ T8576]  ? clear_bhb_loop+0x15/0x70
[  313.613306][ T8576]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  313.619195][ T8576] RIP: 0033:0x7fe89c86d990
[  313.623617][ T8576] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[  313.643224][ T8576] RSP: 002b:00007fe89aca4f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  313.651646][ T8576] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fe89c86d990
[  313.659619][ T8576] RDX: 0000000000000002 RSI: 00007fe89aca4fa0 RDI: 00000000ffffff9c
[  313.667589][ T8576] RBP: 00007fe89aca4fa0 R08: 0000000000000000 R09: 0000000000000000
[  313.675556][ T8576] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  313.683521][ T8576] R13: 0000000000000000 R14: 00007fe89ca27130 R15: 00007ffc77d2c5b8
[  313.691504][ T8576]  </TASK>
[  313.747236][ T8556] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  313.777889][   T26] audit: type=1800 audit(1728862766.564:149): pid=8556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.716" name="bus" dev="loop3" ino=17058 res=0 errno=0
[  313.953638][ T5661] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  313.974566][ T8543] team0: Port device team_slave_0 added
[  313.986298][ T5661] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  314.012819][ T8543] team0: Port device team_slave_1 added
[  314.025226][ T5661] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  314.050468][ T5661] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.101336][ T4606] Bluetooth: hci0: command 0x0409 tx timeout
[  314.110620][ T5661] usb 5-1: config 0 descriptor??
[  314.233554][ T8543] batman_adv: batadv0: Adding interface: batadv_slave_0
[  314.240505][ T8543] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.273959][ T7949] ocfs2: Unmounting device (7,3) on (node local)
[  314.307358][ T8543] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  314.429974][ T8543] batman_adv: batadv0: Adding interface: batadv_slave_1
[  314.447368][ T8543] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  314.541486][ T8543] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  314.738149][ T8543] device hsr_slave_0 entered promiscuous mode
[  314.771509][ T5661] usbhid 5-1:0.0: can't add hid device: -71
[  314.777669][ T5661] usbhid: probe of 5-1:0.0 failed with error -71
[  314.793161][ T8598] loop3: detected capacity change from 0 to 64
[  314.819589][ T5661] usb 5-1: USB disconnect, device number 27
[  314.844789][ T8543] device hsr_slave_1 entered promiscuous mode
[  314.890017][ T8543] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  314.898389][ T8543] Cannot create hsr debugfs directory
[  315.056596][ T8616] loop0: detected capacity change from 0 to 2048
[  315.142590][ T8616] UDF-fs: bad mount option "����00000000000000000000�F�P4�2$�ř��!dmX������jp(�����WǴWH
diSO�ryq" or missing value
[  315.648988][ T8633] FAULT_INJECTION: forcing a failure.
[  315.648988][ T8633] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  315.662158][ T8633] CPU: 0 PID: 8633 Comm: syz.2.731 Not tainted 5.15.167-syzkaller #0
[  315.670220][ T8633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  315.680258][ T8633] Call Trace:
[  315.683523][ T8633]  <TASK>
[  315.686442][ T8633]  dump_stack_lvl+0x1e3/0x2d0
[  315.691104][ T8633]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  315.696729][ T8633]  ? panic+0x860/0x860
[  315.700793][ T8633]  ? pppoe_sendmsg+0xd1/0x740
[  315.705468][ T8633]  should_fail+0x38a/0x4c0
[  315.709888][ T8633]  _copy_from_user+0x2d/0x170
[  315.714553][ T8633]  __copy_msghdr_from_user+0xaf/0x7c0
[  315.719918][ T8633]  ? __ia32_sys_shutdown+0x60/0x60
[  315.725014][ T8633]  ? rcu_is_watching+0x11/0xa0
[  315.729764][ T8633]  ? ___sys_sendmsg+0x27b/0x2e0
[  315.734600][ T8633]  ? mark_lock+0x98/0x340
[  315.738918][ T8633]  ___sys_sendmsg+0x166/0x2e0
[  315.743582][ T8633]  ? __sys_sendmsg+0x260/0x260
[  315.748356][ T8633]  ? __might_fault+0xb4/0x110
[  315.753021][ T8633]  __sys_sendmmsg+0x2bf/0x560
[  315.757689][ T8633]  ? __ia32_sys_sendmsg+0x80/0x80
[  315.762713][ T8633]  ? __lock_acquire+0x1ff0/0x1ff0
[  315.767735][ T8633]  ? print_irqtrace_events+0x210/0x210
[  315.773177][ T8633]  ? vtime_user_exit+0x2d1/0x400
[  315.778101][ T8633]  ? syscall_enter_from_user_mode+0x2e/0x240
[  315.784066][ T8633]  __x64_sys_sendmmsg+0x9c/0xb0
[  315.788905][ T8633]  do_syscall_64+0x3b/0xb0
[  315.793304][ T8633]  ? clear_bhb_loop+0x15/0x70
[  315.797964][ T8633]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  315.803844][ T8633] RIP: 0033:0x7ff44cb7dff9
[  315.808242][ T8633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.827833][ T8633] RSP: 002b:00007ff44afb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  315.836229][ T8633] RAX: ffffffffffffffda RBX: 00007ff44cd36130 RCX: 00007ff44cb7dff9
[  315.844183][ T8633] RDX: 00000000000003e8 RSI: 0000000020002340 RDI: 0000000000000005
[  315.852139][ T8633] RBP: 00007ff44afb4090 R08: 0000000000000000 R09: 0000000000000000
[  315.860093][ T8633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.868063][ T8633] R13: 0000000000000000 R14: 00007ff44cd36130 R15: 00007ffd749fe118
[  315.876030][ T8633]  </TASK>
[  316.391812][ T4608] Bluetooth: hci0: command 0x041b tx timeout
[  316.753091][ T8646] FAULT_INJECTION: forcing a failure.
[  316.753091][ T8646] name failslab, interval 1, probability 0, space 0, times 0
[  316.807931][ T8646] CPU: 0 PID: 8646 Comm: syz.2.735 Not tainted 5.15.167-syzkaller #0
[  316.816018][ T8646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  316.826057][ T8646] Call Trace:
[  316.829319][ T8646]  <TASK>
[  316.832240][ T8646]  dump_stack_lvl+0x1e3/0x2d0
[  316.836907][ T8646]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  316.842520][ T8646]  ? panic+0x860/0x860
[  316.846578][ T8646]  ? __might_sleep+0xc0/0xc0
[  316.851155][ T8646]  should_fail+0x38a/0x4c0
[  316.855566][ T8646]  should_failslab+0x5/0x20
[  316.860053][ T8646]  slab_pre_alloc_hook+0x53/0xc0
[  316.864991][ T8646]  __kmalloc_node_track_caller+0x6b/0x390
[  316.870702][ T8646]  ? netlink_sendmsg+0x6f8/0xd60
[  316.875627][ T8646]  ? kmem_cache_alloc_node+0x154/0x2c0
[  316.881070][ T8646]  ? __alloc_skb+0xdd/0x590
[  316.885563][ T8646]  ? netlink_sendmsg+0x6f8/0xd60
[  316.890486][ T8646]  __alloc_skb+0x12c/0x590
[  316.894889][ T8646]  netlink_sendmsg+0x6f8/0xd60
[  316.899644][ T8646]  ? netlink_getsockopt+0x5b0/0x5b0
[  316.904829][ T8646]  ? aa_sock_msg_perm+0x91/0x150
[  316.909785][ T8646]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[  316.915067][ T8646]  ? security_socket_sendmsg+0x7d/0xa0
[  316.920512][ T8646]  ? netlink_getsockopt+0x5b0/0x5b0
[  316.925732][ T8646]  ____sys_sendmsg+0x59e/0x8f0
[  316.930482][ T8646]  ? iovec_from_user+0x300/0x390
[  316.935411][ T8646]  ? __sys_sendmsg_sock+0x30/0x30
[  316.940428][ T8646]  ___sys_sendmsg+0x252/0x2e0
[  316.945096][ T8646]  ? __sys_sendmsg+0x260/0x260
[  316.949874][ T8646]  ? __fdget+0x191/0x220
[  316.954101][ T8646]  __se_sys_sendmsg+0x19a/0x260
[  316.958936][ T8646]  ? __x64_sys_sendmsg+0x80/0x80
[  316.963867][ T8646]  ? syscall_enter_from_user_mode+0x2e/0x240
[  316.969833][ T8646]  ? lockdep_hardirqs_on+0x94/0x130
[  316.975017][ T8646]  ? syscall_enter_from_user_mode+0x2e/0x240
[  316.980988][ T8646]  do_syscall_64+0x3b/0xb0
[  316.985392][ T8646]  ? clear_bhb_loop+0x15/0x70
[  316.990056][ T8646]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  316.995935][ T8646] RIP: 0033:0x7ff44cb7dff9
[  317.000339][ T8646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.019933][ T8646] RSP: 002b:00007ff44aff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  317.028331][ T8646] RAX: ffffffffffffffda RBX: 00007ff44cd35f80 RCX: 00007ff44cb7dff9
[  317.036293][ T8646] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  317.044264][ T8646] RBP: 00007ff44aff6090 R08: 0000000000000000 R09: 0000000000000000
[  317.052217][ T8646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  317.060171][ T8646] R13: 0000000000000000 R14: 00007ff44cd35f80 R15: 00007ffd749fe118
[  317.068147][ T8646]  </TASK>
[  317.352251][ T5663] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  317.367732][    T9] device hsr_slave_0 left promiscuous mode
[  317.377712][    T9] device hsr_slave_1 left promiscuous mode
[  317.387648][ T1390] ieee802154 phy0 wpan0: encryption failed: -22
[  317.393971][ T1390] ieee802154 phy1 wpan1: encryption failed: -22
[  317.427892][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  317.437720][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  317.474707][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  317.492382][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  317.501378][    T9] device bridge_slave_1 left promiscuous mode
[  317.515435][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.551934][    T9] device bridge_slave_0 left promiscuous mode
[  317.563657][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.639829][ T8637] loop4: detected capacity change from 0 to 32768
[  317.646448][ T5663] usb 4-1: Using ep0 maxpacket: 8
[  317.702490][    T9] device veth1_macvtap left promiscuous mode
[  317.708524][    T9] device veth0_macvtap left promiscuous mode
[  317.722261][    T9] device veth1_vlan left promiscuous mode
[  317.728057][    T9] device veth0_vlan left promiscuous mode
[  317.782443][ T5663] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  317.810187][ T5663] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  317.819416][ T5663] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.835247][ T8637] JBD2: Ignoring recovery information on journal
[  317.843564][ T5663] usb 4-1: config 0 descriptor??
[  317.951499][ T8637] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  318.069949][   T26] audit: type=1800 audit(1728862770.853:150): pid=8637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.733" name="bus" dev="loop4" ino=17058 res=0 errno=0
[  318.398088][ T5663] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  318.743603][ T4608] Bluetooth: hci0: command 0x040f tx timeout
[  318.797029][ T4606] usb 4-1: USB disconnect, device number 18
[  318.806134][ T4606] iowarrior 4-1:0.0: I/O-Warror #0 now disconnected
[  318.821646][ T7521] ocfs2: Unmounting device (7,4) on (node local)
[  319.008212][ T8677] loop0: detected capacity change from 0 to 512
[  319.172000][    T9] team0 (unregistering): Port device team_slave_1 removed
[  319.207287][    T9] team0 (unregistering): Port device team_slave_0 removed
[  319.228653][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  319.251139][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  319.574049][ T8690] loop0: detected capacity change from 0 to 2048
[  319.684137][ T8690] UDF-fs: bad mount option "����00000000000000000000�F�P4�2$�ř��!dmX������jp(�����WǴWH
diSO�ryq" or missing value
[  319.719676][    T9] bond0 (unregistering): Released all slaves
[  319.762646][ T8693] loop3: detected capacity change from 0 to 256
[  319.862320][ T8693] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  319.926904][ T8691] ------------[ cut here ]------------
[  319.932794][ T8691] WARNING: CPU: 1 PID: 8691 at kernel/softirq.c:363 __local_bh_enable_ip+0x1b3/0x1f0
[  319.942282][ T8691] Modules linked in:
[  319.946157][ T8691] CPU: 1 PID: 8691 Comm: syz.3.743 Not tainted 5.15.167-syzkaller #0
[  319.954200][ T8691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  319.964239][ T8691] RIP: 0010:__local_bh_enable_ip+0x1b3/0x1f0
[  319.970203][ T8691] Code: 04 25 28 00 00 00 48 3b 44 24 60 75 4a 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b e9 d0 fe ff ff e8 3f 00 00 00 eb a2 <0f> 0b e9 02 ff ff ff 48 c7 c1 44 94 e9 8d 80 e1 07 80 c1 03 38 c1
[  319.989795][ T8691] RSP: 0018:ffffc90003387140 EFLAGS: 00010046
[  319.995959][ T8691] RAX: 0000000000000000 RBX: 1ffff92000670e2c RCX: 0000000000040000
[  320.003919][ T8691] RDX: ffffc90004e91000 RSI: 0000000000000200 RDI: ffffffff884b8e55
[  320.011895][ T8691] RBP: ffffc900033871f0 R08: dffffc0000000000 R09: fffffbfff1bd2c16
[  320.019871][ T8691] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  320.027868][ T8691] R13: 1ffff1100f3bd318 R14: ffffc90003387180 R15: 0000000000000200
[  320.035862][ T8691] FS:  00007f51f9d746c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  320.044800][ T8691] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  320.051392][ T8691] CR2: 00000000200bd038 CR3: 000000002a7f6000 CR4: 00000000003506e0
[  320.059365][ T8691] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  320.067316][ T8691] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  320.075270][ T8691] Call Trace:
[  320.078535][ T8691]  <TASK>
[  320.081461][ T8691]  ? __warn+0x15b/0x300
[  320.085622][ T8691]  ? __local_bh_enable_ip+0x1b3/0x1f0
[  320.091005][ T8691]  ? report_bug+0x1b7/0x2e0
[  320.095496][ T8691]  ? handle_bug+0x3d/0x70
[  320.099806][ T8691]  ? exc_invalid_op+0x16/0x40
[  320.104464][ T8691]  ? asm_exc_invalid_op+0x16/0x20
[  320.109478][ T8691]  ? local_bh_enable+0x5/0x20
[  320.114134][ T8691]  ? __local_bh_enable_ip+0x1b3/0x1f0
[  320.119508][ T8691]  ? local_bh_enable+0x5/0x20
[  320.124174][ T8691]  ? _local_bh_enable+0xa0/0xa0
[  320.129021][ T8691]  __dev_queue_xmit+0x1c56/0x3230
[  320.134057][ T8691]  ? dev_queue_xmit+0x20/0x20
[  320.138739][ T8691]  ? __copy_skb_header+0x47b/0x600
[  320.143869][ T8691]  ? __skb_clone+0x454/0x6c0
[  320.148466][ T8691]  ? skb_clone+0x1ee/0x350
[  320.152878][ T8691]  __netlink_deliver_tap+0x4d2/0x760
[  320.158192][ T8691]  netlink_deliver_tap+0x16c/0x180
[  320.163310][ T8691]  netlink_broadcast_filtered+0xc2d/0x11a0
[  320.169133][ T8691]  netlink_broadcast+0x35/0x50
[  320.173902][ T8691]  genlmsg_multicast_netns+0x8e/0xc0
[  320.179171][ T8691]  nl80211_frame_tx_status+0x659/0xa40
[  320.184627][ T8691]  ? cfg80211_control_port_tx_status+0x50/0x50
[  320.190780][ T8691]  ? do_raw_spin_unlock+0x137/0x8b0
[  320.195964][ T8691]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  320.201844][ T8691]  ? _raw_spin_unlock+0x40/0x40
[  320.206677][ T8691]  cfg80211_mgmt_tx_status+0x3a/0x50
[  320.211943][ T8691]  ieee80211_report_used_skb+0x12f6/0x1810
[  320.217737][ T8691]  ? _raw_spin_lock_irqsave+0xac/0x120
[  320.223180][ T8691]  ? ieee80211_handle_filtered_frame+0x750/0x750
[  320.229489][ T8691]  ? _raw_spin_lock_irqsave+0xdd/0x120
[  320.234936][ T8691]  ? _raw_spin_lock+0x40/0x40
[  320.239614][ T8691]  ? skb_queue_purge+0x2b9/0x2e0
[  320.244575][ T8691]  ieee80211_free_txskb+0x1e/0x30
[  320.249583][ T8691]  ieee80211_do_stop+0x10b8/0x1ce0
[  320.254689][ T8691]  ? ieee80211_stop_queues_by_reason+0x1ce/0x250
[  320.261000][ T8691]  ? ieee80211_sdata_stop+0x70/0x70
[  320.266205][ T8691]  ? ieee80211_add_pending_skbs+0x390/0x390
[  320.272109][ T8691]  ? ieee80211_get_vif_queues+0x228/0x390
[  320.277816][ T8691]  ieee80211_if_change_type+0x447/0x9f0
[  320.283363][ T8691]  ieee80211_change_iface+0x57/0x430
[  320.288651][ T8691]  ? cfg80211_mlme_purge_registrations+0x1f3/0x220
[  320.295160][ T8691]  cfg80211_change_iface+0x8ab/0x10c0
[  320.300519][ T8691]  __cfg80211_wext_siwmode+0x1b7/0x280
[  320.305961][ T8691]  ? __cfg80211_wext_giwfreq+0x7e0/0x7e0
[  320.311606][ T8691]  ? apparmor_capable+0x12e/0x190
[  320.316627][ T8691]  ? full_name_hash+0x8f/0xe0
[  320.321295][ T8691]  ioctl_standard_call+0xdb/0x280
[  320.326304][ T8691]  ? __cfg80211_wext_giwfreq+0x7e0/0x7e0
[  320.331925][ T8691]  ? __cfg80211_wext_giwfreq+0x7e0/0x7e0
[  320.337548][ T8691]  wext_ioctl_dispatch+0x16f/0x460
[  320.342670][ T8691]  ? wext_ioctl_dispatch+0x460/0x460
[  320.347934][ T8691]  ? iw_handler_get_private+0x1e0/0x1e0
[  320.353463][ T8691]  wext_handle_ioctl+0x15b/0x260
[  320.358389][ T8691]  ? call_commit_handler+0xf0/0xf0
[  320.363490][ T8691]  sock_ioctl+0x13b/0x770
[  320.367804][ T8691]  ? sock_poll+0x410/0x410
[  320.372207][ T8691]  ? __fget_files+0x413/0x480
[  320.376880][ T8691]  ? bpf_lsm_file_ioctl+0x5/0x10
[  320.381800][ T8691]  ? security_file_ioctl+0x7d/0xa0
[  320.386906][ T8691]  ? sock_poll+0x410/0x410
[  320.391328][ T8691]  __se_sys_ioctl+0xf1/0x160
[  320.395905][ T8691]  do_syscall_64+0x3b/0xb0
[  320.400307][ T8691]  ? clear_bhb_loop+0x15/0x70
[  320.404962][ T8691]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  320.410863][ T8691] RIP: 0033:0x7f51fb93dff9
[  320.415263][ T8691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.434855][ T8691] RSP: 002b:00007f51f9d74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  320.443271][ T8691] RAX: ffffffffffffffda RBX: 00007f51fbaf6130 RCX: 00007f51fb93dff9
[  320.451234][ T8691] RDX: 0000000020000000 RSI: 0000000000008b06 RDI: 0000000000000007
[  320.459204][ T8691] RBP: 00007f51fb9b0296 R08: 0000000000000000 R09: 0000000000000000
[  320.467178][ T8691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  320.475222][ T8691] R13: 0000000000000001 R14: 00007f51fbaf6130 R15: 00007ffc18a31658
[  320.483198][ T8691]  </TASK>
[  320.486230][ T8691] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  320.493500][ T8691] CPU: 1 PID: 8691 Comm: syz.3.743 Not tainted 5.15.167-syzkaller #0
[  320.501543][ T8691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  320.511579][ T8691] Call Trace:
[  320.514843][ T8691]  <TASK>
[  320.517764][ T8691]  dump_stack_lvl+0x1e3/0x2d0
[  320.522441][ T8691]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  320.528055][ T8691]  ? panic+0x860/0x860
[  320.532111][ T8691]  ? panic+0x860/0x860
[  320.536167][ T8691]  ? __local_bh_enable_ip+0xe0/0x1f0
[  320.541453][ T8691]  ? __local_bh_enable_ip+0xe0/0x1f0
[  320.546718][ T8691]  panic+0x318/0x860
[  320.550598][ T8691]  ? __warn+0x16a/0x300
[  320.554754][ T8691]  ? fb_is_primary_device+0xd0/0xd0
[  320.559945][ T8691]  ? __local_bh_enable_ip+0x1b3/0x1f0
[  320.565298][ T8691]  __warn+0x2b2/0x300
[  320.569270][ T8691]  ? __local_bh_enable_ip+0x1b3/0x1f0
[  320.574637][ T8691]  report_bug+0x1b7/0x2e0
[  320.578962][ T8691]  handle_bug+0x3d/0x70
[  320.583150][ T8691]  exc_invalid_op+0x16/0x40
[  320.587656][ T8691]  asm_exc_invalid_op+0x16/0x20
[  320.592534][ T8691] RIP: 0010:__local_bh_enable_ip+0x1b3/0x1f0
[  320.598495][ T8691] Code: 04 25 28 00 00 00 48 3b 44 24 60 75 4a 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 0f 0b e9 d0 fe ff ff e8 3f 00 00 00 eb a2 <0f> 0b e9 02 ff ff ff 48 c7 c1 44 94 e9 8d 80 e1 07 80 c1 03 38 c1
[  320.618082][ T8691] RSP: 0018:ffffc90003387140 EFLAGS: 00010046
[  320.624130][ T8691] RAX: 0000000000000000 RBX: 1ffff92000670e2c RCX: 0000000000040000
[  320.632081][ T8691] RDX: ffffc90004e91000 RSI: 0000000000000200 RDI: ffffffff884b8e55
[  320.640035][ T8691] RBP: ffffc900033871f0 R08: dffffc0000000000 R09: fffffbfff1bd2c16
[  320.648006][ T8691] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000
[  320.655979][ T8691] R13: 1ffff1100f3bd318 R14: ffffc90003387180 R15: 0000000000000200
[  320.663962][ T8691]  ? local_bh_enable+0x5/0x20
[  320.668626][ T8691]  ? local_bh_enable+0x5/0x20
[  320.673284][ T8691]  ? _local_bh_enable+0xa0/0xa0
[  320.678119][ T8691]  __dev_queue_xmit+0x1c56/0x3230
[  320.683154][ T8691]  ? dev_queue_xmit+0x20/0x20
[  320.687879][ T8691]  ? __copy_skb_header+0x47b/0x600
[  320.692998][ T8691]  ? __skb_clone+0x454/0x6c0
[  320.697589][ T8691]  ? skb_clone+0x1ee/0x350
[  320.701990][ T8691]  __netlink_deliver_tap+0x4d2/0x760
[  320.707267][ T8691]  netlink_deliver_tap+0x16c/0x180
[  320.712361][ T8691]  netlink_broadcast_filtered+0xc2d/0x11a0
[  320.718161][ T8691]  netlink_broadcast+0x35/0x50
[  320.722911][ T8691]  genlmsg_multicast_netns+0x8e/0xc0
[  320.728181][ T8691]  nl80211_frame_tx_status+0x659/0xa40
[  320.733657][ T8691]  ? cfg80211_control_port_tx_status+0x50/0x50
[  320.739820][ T8691]  ? do_raw_spin_unlock+0x137/0x8b0
[  320.745024][ T8691]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  320.750935][ T8691]  ? _raw_spin_unlock+0x40/0x40
[  320.755775][ T8691]  cfg80211_mgmt_tx_status+0x3a/0x50
[  320.761054][ T8691]  ieee80211_report_used_skb+0x12f6/0x1810
[  320.766849][ T8691]  ? _raw_spin_lock_irqsave+0xac/0x120
[  320.772294][ T8691]  ? ieee80211_handle_filtered_frame+0x750/0x750
[  320.778601][ T8691]  ? _raw_spin_lock_irqsave+0xdd/0x120
[  320.784046][ T8691]  ? _raw_spin_lock+0x40/0x40
[  320.788746][ T8691]  ? skb_queue_purge+0x2b9/0x2e0
[  320.793667][ T8691]  ieee80211_free_txskb+0x1e/0x30
[  320.798672][ T8691]  ieee80211_do_stop+0x10b8/0x1ce0
[  320.803774][ T8691]  ? ieee80211_stop_queues_by_reason+0x1ce/0x250
[  320.810083][ T8691]  ? ieee80211_sdata_stop+0x70/0x70
[  320.815262][ T8691]  ? ieee80211_add_pending_skbs+0x390/0x390
[  320.821224][ T8691]  ? ieee80211_get_vif_queues+0x228/0x390
[  320.826945][ T8691]  ieee80211_if_change_type+0x447/0x9f0
[  320.832479][ T8691]  ieee80211_change_iface+0x57/0x430
[  320.837750][ T8691]  ? cfg80211_mlme_purge_registrations+0x1f3/0x220
[  320.844258][ T8691]  cfg80211_change_iface+0x8ab/0x10c0
[  320.849619][ T8691]  __cfg80211_wext_siwmode+0x1b7/0x280
[  320.855064][ T8691]  ? __cfg80211_wext_giwfreq+0x7e0/0x7e0
[  320.860685][ T8691]  ? apparmor_capable+0x12e/0x190
[  320.865707][ T8691]  ? full_name_hash+0x8f/0xe0
[  320.870367][ T8691]  ioctl_standard_call+0xdb/0x280
[  320.875376][ T8691]  ? __cfg80211_wext_giwfreq+0x7e0/0x7e0
[  320.880989][ T8691]  ? __cfg80211_wext_giwfreq+0x7e0/0x7e0
[  320.886609][ T8691]  wext_ioctl_dispatch+0x16f/0x460
[  320.891726][ T8691]  ? wext_ioctl_dispatch+0x460/0x460
[  320.896990][ T8691]  ? iw_handler_get_private+0x1e0/0x1e0
[  320.902518][ T8691]  wext_handle_ioctl+0x15b/0x260
[  320.907437][ T8691]  ? call_commit_handler+0xf0/0xf0
[  320.912539][ T8691]  sock_ioctl+0x13b/0x770
[  320.916850][ T8691]  ? sock_poll+0x410/0x410
[  320.921244][ T8691]  ? __fget_files+0x413/0x480
[  320.925905][ T8691]  ? bpf_lsm_file_ioctl+0x5/0x10
[  320.930845][ T8691]  ? security_file_ioctl+0x7d/0xa0
[  320.935981][ T8691]  ? sock_poll+0x410/0x410
[  320.940409][ T8691]  __se_sys_ioctl+0xf1/0x160
[  320.945012][ T8691]  do_syscall_64+0x3b/0xb0
[  320.949431][ T8691]  ? clear_bhb_loop+0x15/0x70
[  320.954088][ T8691]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  320.959967][ T8691] RIP: 0033:0x7f51fb93dff9
[  320.964367][ T8691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.983961][ T8691] RSP: 002b:00007f51f9d74038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  320.992376][ T8691] RAX: ffffffffffffffda RBX: 00007f51fbaf6130 RCX: 00007f51fb93dff9
[  321.000353][ T8691] RDX: 0000000020000000 RSI: 0000000000008b06 RDI: 0000000000000007
[  321.008309][ T8691] RBP: 00007f51fb9b0296 R08: 0000000000000000 R09: 0000000000000000
[  321.016267][ T8691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  321.024216][ T8691] R13: 0000000000000001 R14: 00007f51fbaf6130 R15: 00007ffc18a31658
[  321.032197][ T8691]  </TASK>
[  321.035415][ T8691] Kernel Offset: disabled
[  321.040061][ T8691] Rebooting in 86400 seconds..