last executing test programs:

7m25.923037452s ago: executing program 0 (id=13):
r0 = socket$kcm(0xa, 0x2, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r1 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil)
shmat(r1, &(0x7f0000001000/0x3000)=nil, 0x1000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
pipe(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
read$FUSE(r3, &(0x7f0000000080)={0x2020, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
write$binfmt_elf32(r4, &(0x7f0000002180)=ANY=[@ANYBLOB], 0x58)
getpriority(0x2, r5)
read$msr(r2, &(0x7f000001dc00)=""/102392, 0x18ff8)
mknod(0x0, 0xc000, 0x0)
mount(&(0x7f0000000180)=@nullb, 0x0, &(0x7f0000000040)='befs\x00', 0x0, 0x0)
socket(0x2, 0x80805, 0x0)
sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r7, <r8=>0x0})
r9 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r9, 0xc01c64ad, &(0x7f0000000080)={r8})
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1000004, 0x13, r9, 0x100000000)

7m21.030320466s ago: executing program 0 (id=19):
r0 = socket$kcm(0xa, 0x2, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r1 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil)
shmat(r1, &(0x7f0000001000/0x3000)=nil, 0x1000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
pipe(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
read$FUSE(r3, &(0x7f0000000080)={0x2020, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
write$binfmt_elf32(r4, &(0x7f0000002180)=ANY=[@ANYBLOB="7f454c46040c02050f0000000000000002003e00f7267d0e65"], 0x58)
getpriority(0x2, r5)
read$msr(r2, &(0x7f000001dc00)=""/102392, 0x18ff8)
mknod(&(0x7f0000000080)='./bus\x00', 0xc000, 0x0)
mount(&(0x7f0000000180)=@nullb, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000040)='befs\x00', 0x0, 0x0)
socket(0x2, 0x80805, 0x0)
sendmsg$sock(r0, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r7, <r8=>0x0})
r9 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB(r9, 0xc01c64ad, &(0x7f0000000080)={r8})
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x1000004, 0x13, r9, 0x100000000)
syz_clone(0x1000, 0x0, 0x0, &(0x7f0000000240), 0x0, 0x0)

7m18.112157035s ago: executing program 0 (id=23):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x16)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000280)='./bus\x00', 0x2000898, &(0x7f00000002c0), 0x1, 0x55ae, &(0x7f0000005600)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
inotify_add_watch(0xffffffffffffffff, 0x0, 0xe2000162)
readv(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0xc0400b0)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x2b21054, &(0x7f0000000340)=ANY=[], 0x1, 0x1516, &(0x7f0000003140)="$eJzs3Au4TtX2MPAx5pyLTS5vkvsacyze5DJJklyS5JIkSUjuCUmSJElik1sSkpDrTpJbyD3ttN3vl9yTdo4kSUJCwvye3eVzupyvc86/8+l/9vg9z3r2HGutOd4x99jvXmu9z7P3l12HVW9Uo0p9ZoZ/h/55gD9+SQSABAAYCADZASAAgDI5yuRIO55JY+K/9SLiP6TB9MtdgbicpP/pm/Q/fZP+p2/S//RN+p++Sf/TsUzS//RO+i9EujYz75Wypd9NPv//X079TybL9f+/D+Jvd/2jc6X//230v3S29D/dyPB7O6X/6cXvXwKk/+mb9D89Cy53AeIyk/d/+ib9FyJd+9M/U15/9nJ/pi3bv7AJIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBD/H5z1lxgA+Hl8uesSQgghhBBCCCHEn8e/fbkrEEIIIYQQQgghxH8eggINBgLIABkhATJBZrgCskBWyAbZIQZXQg64CnLC1ZALckMeyAv5ID8UgBAILDBEUBAKQRyugcJwLRSBolAMioODElASroNScD2UhhugDNwIZeEmKAfloQJUhJuhEtwCleFWqAK3QVWoBtWhBtwONeEOqAV3Qm24C+rA3VAX7oF6cC/UhwbQEO6DRnA/NIYm0BSaQXNoAS3/YH5S9t+b/wz0gGehJ/SCROgNfeA56Av9oD8MgIHwPAyCF2AwvAhDYCgMg5dgOLwMI+AVGAmjYDS8CmNgLIyD8TABJkISvAaT4HWYDG/cnxXehKkwDabDDJgJb8EsmA1z4G2YC/NgPiRlWgiLYDG8A0vgXUiG92ApvA8psAyWwwpYCatgNayBtbAO1sMG2AibYDNsga3wAWyD7bADdsIu2A174EPYCx/BPvgYUvGTf3H+mV/Oh24ICKhQoUGDGTADJmACZsbMmAWzYDbMhjGMYQ7MgTkxJ+bCXJgH82A+zIcFsAASEjIyFsSCGMc4FsbCWASLYDEshg4dlsSSWAqvx9JYWpfBMlgWy2I5LI/lsSJWxEpYCStjZayCVbAqVsXqWB1vx9vxDqyFtbA21sY6WAfrYl2sh/WwPtbHhtgQG2EjbIyNsSk2xebYHFtiS2yFrbA1tsa22BbbYTtsj+2xA3bAjtgRO2En7IydsQt2wa7YFbvh0/g0PoPP4LP4LPbCqqo39sE+2Bf7Yn8cgAPweRyEL+AL+CIOwaE4DF/Cl/BlHIGncSSOwtE4GiupsTgOxyOriZiESZgRJuFknIwZf3pHTccZOBNn4iycjbPxbZyL83AeLsAFuAgX42Jcgu9iMibjUjyDKbgMl+MKXImrcCWuwbW4BtfjBlyPm3ATbsEt+AF+gNtxO+7Enbgbd+OH+CF+hB/hEEzFVNyP+/EAHsCDeBAP4SE8jIfxCB7Bo3gUj+ExPI4n8CSewFN4Ck/jGTwLAOfwHJ7H83gRL6a9+VUao4zKoDKoBJWgMqvMKovKorKpbCqmYiqHyqFyqpwql8ql8qg8Kp/KpwqoAooUKVaRKqgKqriKq8KqsCqiiqhiqphyyqmSqqQqpUqp0qq0KqNuVGXVTaqcKq/auIqqoqqk2rrK6lZVRVVRVVU1VV3VUDVUTVVT1VK1VG1VW9VRdVRddY+qp3pjf2yg0jrTSA3FxmoYNlXNVHPVQr2MD6hWagS2Vm1UW/WQGoUjsb1q5TqoR1VHNQ47qcfVeHxCdVETsat6SnVTT6vu6hnVQ7V2PVUvNQV7qz5qGvZV/VR/NUDNwmoqrWPV1YtqiBqqhqmX1CJ8WY1Qr6iRapQarV5VY9RYNU6NVxPURJWkXlOT1OtqsnpDTVFvqqlqmpquZqiZ6i01S81Wc9Tbaq6ap+arBWqhWqQWq3fUEvWuSlbvqaXqfZWilqnlaoVaqVap1WqNWqvWqfVqg9qoNqnNaovaqj5Q29R2tUPtVLvUbrVHfaj2qo/UPvWxSlWfqP3qb+qA+lQdVJ+pQ+pzdVh9oY6oL9VR9ZU6pr5Wx9UJdVJ9o06pb9VpdUadVd+pc+p7dV5dUBeVV6BRK6210YHOoDPqBJ1JZ9ZX6Cw6q86ms+uYvlLn0FfpnPpqnUvn1nlMXp1P59cFdKhJW8060gV1IR3X1+jC+lpdRBfVxXRx7XQJXVJfp0vp63VpfYMuo2/UZfVNupwuryt40DfrSvoWXVnfqqvo23RVXU1X1zX07bqmvkPX0nfq2vouXUffrevqe3Q9fa+urxvohvo+3UjfrxvrJrqpbqab6xa6pX5At9IP6ta6jW6rH9Lt9MO6vX5Ed9CP6o76Md1JP6476yd0F/2k7qqf0t3007q7vqAvaq976l46UffWffRzuq/up/vrAXqgfl4P0i/owfpFPUQP1cP0S3q4flmP0K/okXqUHq1f1WP0WD1Oj9cT9ESdpF/Tk/TrerJ+Q0/Rb+qpepqermfo/j9lmvNPzH/9d+YP/uHVt+it+gO9TW/XO/ROvUvv1nv0Hr1X79X79D6dqlP1fr1fH9AH9EF9UB/Sh/RhfVgf0Uf0UX1UH9PH9HF9Qn+nv9Gn9Lf6tD6jz+jv9Dl9Tp//6XsABo0y2hgTmAwmo0kwmUxmc4XJYrKabCa7iZkrTQ5zlclprja5TG6Tx+Q1+Ux+U8CEhow1bCJT0BQycXONKWyuNUVMUVPMFDfOlDAlzXX/4/l/VF9L09K0Mq1Ma9PatDVtTTvTzrQ37U0H08F0NB1NJ9PJdDadTRfTxXQ1XU030810N91ND9PD9DQ9TaJJNH3Mc6av6Wf6mwFmoHneDDKDzGAz2AwxQ8wwM8wMN8PNCDPCjDQjzWgz2owxY8w4M85MMBNMks9uJplJZrKZbKaYKWbqwOxmupluZpqZZpaZZeaYOWaumWvmm/lmoVloFpvFZolZYpJNsllqlpoUs8wsMyvMCrPKrDJrzBqzzqwzG8wGs8lsMilmq9lqtpltZofZYXaZXWaP2WP2mr1mn9lnUk2q2W/2mwPmgDloDppD5pA5bA6bI+aIOWqOmmPmmDlujpuT5qQ5ZU6Z0+a0OWvOmnPmnDlvzpuL5mLabV+gAhWYwAQZggxBQpAQZA4yB1mCLEG2IFsQC2JBjiBHkDO4OsgV5A7yBHmDfEH+oEAQBhTYgIMoKBgUCuLBNUHh4NqgSFA0KBYUD1xQIigZXBeUCq4PSgc3BGWCG4OywU1BuaB8UCGoGNwcVApuCSoHtwZVgtuCqkG1oHpQI7g9qBncEdQK7gxqB3cFdYK7g7rBPUG94N6gftAgaBjcFzQK7g8aB02CpkGzoHnQImj5p+b3/nTuB13PsFeYGPYO+4TPhX3DfmH/cEA4MHw+HBS+EA4OXwyHhEPDYeFL4fDw5XBE+Eo4MhwVjg5fDceEY8Nx4fhwQjgxTApfCyeFr4eTwzfCKeGb4dRgWjg9nBHODN8KZ4Wzwznh2+HccF44P1wQLgwXhYg/3jskh++FS8P3w5RwWbg8XBGuDFeFq8M14dpwXbg+3BBuDDeVGfTjqeG2cHu4I9wZ7gp3h3vCDxMh/CjcF34cpoafhPvDv4UHwk/Dg+Fn4aHw8/Bw+EV4JPwyPBp+FR4Lvw6PhycyQfhNeCr8NjwdngnPht+F58Lvw/PhhfBi6NNu7tMu72TIUAbKQAmUQJkpM2WhLJSNslGMYpSDclBOykm5KBfloTyUj/JRASpAaZiYClJBilOcClNhKkJFqBgVI0eOSlJJKkWlqDSVpjJUhspSWSpHlipQBbqZbqZb6Ba6lW6l2+g2qkbVqAbVIMSaVItqUW2qTXWoDtWlulSP6lF9qk8NqSE1okbUmBpTU2pKzak5taSW1IpaUWtqTW2pLbWjdtSe2lMH6kAdqSN1ok7UmTpTF+pCXakrdaNu1J26Uw/qQT2pJyVSIvWhPtSX+lJ/6k8DaSANokE0mAbTEBpCw2gYDafhNIJG0EgaRaPpVRpDY2kcjacJNJGSKIkm0SSaTJNpCk2hqTSVptN0mkkzaRbNojk0h+bSXJpP82khLaTFtJiW0BJKpmRaSksphVJoOS2nlbSSVtNqWktraT2tp420kTbTZtpKW2kbbaMdtIN20S7aQ3toL+2lfbSPUimV9tN+OkAH6CAdpEN0iA7TYTpCR+goHaVjdIyO03E6SSfpFJ2i03SaztJZOkff03m6QBfJU4LNZDPbK2wWm9Vms9ntr+M8Nq/NZ/PbAja0uWzuX8RkrS1ii9pitrh1toQtaa/7TVzOlrcVbEV7s61kb7GVbTmbCf4+rmnvsLXsnba2vcvWsLf/Iq5j77Z17f22nm1i69tmtqFtYRvZ+21j28Q2tc1sc9vCtrMP2/b2EdvBPmo72sd+Ey+x79q1dp1dbzfYvfYje9Z+Z4/YL+05+73taXvZgfZ5O8i+YAfbF+0QO/SXMYAdbV+1Y+xYO86OtxPsxN/EU+00O93OsDPtW3aWnf2beLF9x861yXa+XWAX2kU/xGk1Jdv37FL7vk2xy+xyu8KutKvsarvm/9a6wm6ym+0Wu8d+aLfZ7XaH3Wl32d0/xGnr2Gc/tqn2E3vYfmEP2E/tQXvUHrKf/xCnre+o/coes1/b4/aEPWm/safst/a0PfPD+tPW/o29YC9ab4GRFWs2HHAGzsgJnIkz8xWchbNyNs7OMb6Sc/BVnJOv5lycm/NwXs7H+bkAh0xsmTniglyI43wNF+ZruQgX5WJcnB2X4JJ8HZfi67k038Bl+EYuyzdxOS7PFbgi38yV+BauzLdyFb6Nq3I1rs41+HauyXdwLb6Ta/NdXIfv5rp8D9fje7k+N+CGfB834vu5MTfhptyMm3MLbskPcCt+kFtzG27LD3E7fpjb8yPcgR/ljvwYd+LHuTM/wV34Se7KT3E3fpq78zPcg5/lntyLE7k39+HnuC/34/48gAfy8zyIX+DB/CIP4aE8jF/i4fwyj+BXeCSP4tH8Ko/hsTyOx/MEnshJ/BpP4td5Mr/BU/hNnsrTeDrP4Jn8Fs/i2TyH3+a5PI/n8wJeyIt4Mb/DS/hdTub3eCm/zym8jJfzCl7Jq3g1r+G1vI7X8wbeyJt4M2/hrfwBb+PtvIN38i7ezXv4Q97LH/E+/phT+RPez3/jA/wpH+TP+BB/zof5Cz7CX/JR/oqP8dd8nE/wSf6GT/G3fJrP8Fn+js/x93yeL/BF9gwRRirSkYmCKEOUMUqIMkWZoyuiLFHWKFuUPYpFV0Y5oquinNHVUa4od5Qnyhvli/JHBaIwoshGHEVRwahQFI+uiQpH10ZFoqJRsah45KISUcnouqhUdH1UOrohKhPdGJWNborKReWjClHF6OaoUnRLVDm6NaoS3RZVjapF1aMa0e1RzeiOqFZ0Z1Q7uisqHd0d1Y3uiepF90b1owZRw+i+qFF0f9Q4ahI1jZpFzaMWUcvogahV9GDUOmoTtY0eitpFD0fto0eiDtGjUcfosUvHiwY/Xk1/dTwx6h3pn57n79QL44vii+PvxJfE340nx9+LL42/H0+JL4svj6+Ir4yviq+Or4mvja+Lr49viG+Mb4pvjm+Je18jIzhMexAG4wKXwWV0CS6Ty+yucFlcVpfNZXcxd6XL4a5yOd3VLpfL7fK4vC6fy+8KuNCRs45d5Aq6Qi7urnGF3bWuiCvqirnizrkSrqRr4Vq6lq6Ve9C1dm1cW/eQe8g97B52j7hH3KOuo3vMdXKPu87uCdfFPemedE+5bu5p190943q4Z11P18slukTXx/VxfV1f19/1dwPdQDfIDXKD3WA3xA1xw9wwN9wNdyPcCDfSjXSj3Wg3xo1x49w4N8FNcEkuyU1yk9xkN9lNcVPcVDfVTXfT3Uw3081ys9wcN8fNdXPdfDffLXQL3WK32C1xS1yyS3ZL3VKX4lLccrfcrXQr3Wq32q11a916t95tdBvdZrfZbXVb3Ta3ze1wO9wut8vtcXvcXrfX7XP7XKpLdfvdfnfAHXAH3WfukPvcHXZfuCPuS3fUfeWOua/dcXfCnXTfuFPuW3fanXFn3XfunPvenXcX3EXnXVLstdik2OuxybE3YlNib8amxqbFpsdmxGbG3orNis2OzYm9HZsbmxebH1sQWxhbFFsceye2JPZuLDn2Xmxp7P1YSmxZbHlsRWxlbFXM+/zbIl/QF/Jxf40v7K/1RXxRX8wX986X8CX9db6Uv96X9jf4Mv5GX9bf5Mv58r6Cb+Kb+ma+uW/hW/oHfCv/oG/t2/i2/iHfzj/s2/tHfAf/qO/oH/Od/OO+s3/Cd/FP+q7+qXk//Xj6Hv5Z39P38om+t+/jn/N9fT/f3w/wA/3zfpB/wQ/2L/ohfqgf5l/yw/3LfoR/xY/0o/xo/6of48f6cX68n+An+iT/mp/kX/eT/Rt+in/TT/XT/HQ/w8/0b/lZfraf49/2c/08P98v8Av9Ir/Yv+OX+Hd9sn/PL/Xv+xS/zC/3K/xKv8qv9mv8Wr/Or/cb/Ea/yW/2W/xWnxG2+e1+h9/pd/ndfo//0O/1H/l9/mOf6j/x+/3f/AH/qT/oP/OH/Of+sP/CH/Ff+qP+K3/Mf+2P+xP+pP/Gn/Lf+tP+jD/rv/Pn/Pf+vL/gL8rfrAkhhBBC/FP0Hxzv/Tv71E+bAYA+AJB1e95Dv865MdeP435qb8cYADzaq2uDn7cGDRITE386N0VDUGgBAMQuzc8Al+Jl0BYehg7QBkr9bn39VAXkX+UP/u54Wv74jQCZATL9vC8Bfoh/lf/6f5C/yTu/zv/r+uMLAIoUujQn7YV+ji/lL/0P8u9u9wf5M32aBND67+ZkgUvxpfwl4UF4DDr84kwhhBBCCCGEEOJH/dS5bn/0fJv2fJ7PXJqTES7Ff/R8/gcq/xlrEEIIIYQQQgghxP/bE093f+SBDh3adP5vHmT8a5TxFxggAPwFypDBX39wuX8zCSGEEEIIIf5sl276L3clQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vXv/4cw9U+ffLnXKIQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQlxu/ycAAP//vjFLpA==")
truncate(&(0x7f0000000080)='./file1\x00', 0xf62)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
r4 = openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x3}})
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
ioctl$SNDRV_TIMER_IOCTL_INFO(r4, 0x80e85411, &(0x7f0000000100))

7m15.239641828s ago: executing program 0 (id=27):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xffffffffffffff7e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING(r4, 0x4068aea3, &(0x7f0000000000)={0xc0, 0x0, 0x1000})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000000000000014d564b0000000001"])
r6 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
ioctl$COMEDI_INSN(r6, 0x8028640c, &(0x7f0000000000)={0x8000001, 0x0, 0x0, 0x1, 0x4000007})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000000)={0x0, 0x0}, 0x10)
sendmmsg(r1, &(0x7f0000001c00), 0x400000000000159, 0x40840)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getdents64(r7, &(0x7f00000000c0)=""/4096, 0x1000)
syz_io_uring_setup(0x49f, &(0x7f0000000080)={0x0, 0x8bb5, 0x1, 0x7ffc, 0x8040024d}, 0x0, &(0x7f0000000100))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
eventfd2(0xff, 0x80001)

7m9.748212107s ago: executing program 0 (id=33):
r0 = socket$pppoe(0x18, 0x1, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000040)='./file2\x00', 0x3200c00, &(0x7f0000002680)=ANY=[], 0x6, 0xa9b, &(0x7f0000000c00)="$eJzs3U2MG1fhAPBn73qTTdJ/nP4TuiRpm/DVFuhus1lCIYKmai5ETcUtUsUlStMSkQZEKkGrSvk4cYJWVbhCEadyqAAhtRcU9cSlEo3EpeJQOHAgClIlDlBIjNb7nnf8Ynfs7Ift9e8nvX1+88bz3syOx+OZee8FYGxVm38XFmYqIVx5+7Wjf//c36YXpzzWmqPe/DtZSNVCCJWYnsyW98HEUnzzw5dPdYorYb75N6XDUzda790aQrgY9oWroR52X7n26rvzTx6/dOzy/vfeOHy9WMaJVd0CAAAwPr559fDCrr/8cc+Oj96870jY1Jqezs/rMb0tnvcfiSf+6fy/GtrTlUIomsrmm4yhms030WG+Yjm1bL7JLuVPZcuttfL3tM23qaT8icK0TusNoyztx/VQqc62pavV2dml3+Sh+bt+qjJ77szZZ88PqKLAqvvn/SGEfUK/odFoXGhuwCGoiyDcaWhsH/QRCBhnre/SDvcLb3Mxv7KwMq2lTfZW/o3Hq53fD6tgvff/svJ//OfBln+bMS//l5cccVg9G3VvSuuVPkfbYjq/j5A/v9Tv5z8tL78fUeuxnt3uI4zK/YVu9ZxY53rcqW71z/eLjeprMU7b4etZfvHzk/9PR+V/DHT2r/W6/v/69MCvdS6GfUNQhw0dakNQB6Hn0Bj0AQgYWsvPzS1pRCk/f64vz99Ukr+5JH+6JH9LSf7WknwYZ7994Sfhlcry7/z8N32/18PSdba7Yvx/fdYnvx7Zb/n5c7/9Wmn5+fPEix5dYZ1grbx18sTpR595+trS8/+V1v5/K+7v+2K6Hj9bV+MM6Xphfl299ex/vb2capf57s7qc9dt8zeWStzZPl9l5/JyQuE4s7z8ex9q5s20v297t/rubZ+vns03HcPmrL75+cmW7H3p/CMdV9P2mszWt5atx1RWj3Rc2RHjvB5wJ9L+2O35/7R/zoRa5dkzZ08/EtNpP/3DRG3T4vQDxYX+an3qDqxMr+1/ZkJ7+59trem1auG40Dr9TseLA63ltU+fX0rW8vkPxnT6nvv2xHRz+uyp7559ZrVXHsbc+Rdf+s7Js2dPf9+L9GLaZvHCi7Ijx0Z9chDGx9wLz39v7vyLLz185vmTz51+7vS5g4cOHZyfP/SVgwtzzfP6ueKvfmAjWf7SH3RNAAAAAAAAAAAAgF794NjRa39658vvL7X/X27/l9r/pyd/U/v/H2Xt//N28qlVQGpnv6NDfnPcvbfa6zGVzVeL4f+z+u7MytmVve8TMW6N4xfb/6f29nm/rqk+92TT8/5703xZdwK39ZcylfVB0hovMDbY/1RMX47xLwIMUGW68+QYl/Vvnfb1Zv8UF9aqkqy11J9I2htSPyap/Xe3fp3S8X/HOtSR1bcezQkHvY5AZ/8YxvE/q8V04Ux80PX6+NBoDL4OKw/Dv52FVQyNhlE8gOEw6PE/03XPFJ/7/Tc2L4Y0243H24+Xef+lsBLDPv6k8jfW+J+t8e96Ov516F29rZ/n3kdX+PfPrr9fKDbs7vX4m69/6gd6Z3mZRR/F8tP6PxB6K7/xelZ+fkOoR//Jyt/SY/m3rf/eOyv/v7H8tNke/HSv5S/VuFJtr0d+3Tjd/8uvGyc3s/VPfXv2vf5xv+l3XI9bsXwYZ93Hme11BNvhNCrj/3aTP4fxpZhOB8L0nEP+jdxv/dPzFel7YFe2/ErJ99uojFPczbiP//vVGJd9HtL4v2l/rHdIVwvpWodtO+r7Cmw0Hwzj/b9RDheHoA7CkIbhGAO7GBqNxkA78taL+GANevsP+u7zoMsf9PYvk4//m5/D5+P/VrMfEPn4v/n78/F/8/x8fL08Px//N9+e+fi/ef492XLz64gzJfmfLMnfXZK/Zzl/ulP+3pL331uSv78k/76S/PtL8u8uyZ8oyf9Me37anVr5ny15f+PCx+c/WPL+h0ryN7pme5TCh2rc1h/GWd4+z+cfxke6/9Pt87+zJB8YXT9988ATT//mW/Wl9v9Trd9r6T7ekZiuxd/OP4zp/L53KKQX896J6b9m+cN+vQPGSd5/Rv79/kBJPjC60nNePt8whiqbO0+OcToudOu3qtt5PqPl8zH+Qoy/GOOHYzwb47kYH4jx/DrVj7XxxK9/d/iVyvLv/e1Zfq/Pk+ftgfJ+og72WJ/8+kC/z7Pn/fj1a6Xl32FzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIGpNv8uLMxUQrjy9mtHTxw/M7c45bHWHPXm38lCqtZ6XwiPxHgixj+PL25++PKpYnwrxpUwHyqh0poenrrRKmlrCOFi2BeuhnrYfeXaq+/OP3n80rHL+9974/D1tdsCAAAAsPH9LwAA//8SciNw")
open(&(0x7f0000000040)='.\x00', 0x0, 0x72)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x807, @empty, 'vlan1\x00'}}, 0x1e)
sendmmsg(r0, 0x0, 0x0, 0x24048084)
pidfd_send_signal(0xffffffffffffffff, 0x11, 0x0, 0x1000000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = syz_open_procfs(0x0, 0x0)
getdents(r5, &(0x7f0000001fc0)=""/184, 0xb8)
sendmsg$IPCTNL_MSG_EXP_NEW(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)={0x6c, 0x0, 0x2, 0x401, 0x0, 0x0, {0x2}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_MASK={0x18, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @broadcast}}}]}, @CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0xe, 0x4, @local}}}]}]}, 0x6c}}, 0xc0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000040)='cubic', 0x9)
ioctl$I2C_TENBIT(0xffffffffffffffff, 0x704, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x20f0410, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x0)

7m7.282666667s ago: executing program 0 (id=37):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xc000, &(0x7f0000000380), 0x2, 0x24d, &(0x7f0000000440)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==")
mkdir(0x0, 0x0)
r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000140)=@v1={0x0, @adiantum, 0x4, @desc3})
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000000)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000001180))
mmap$dsp(&(0x7f0000ff8000/0x3000)=nil, 0x3000, 0xc, 0x20010, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000ffa000/0x1000)=nil)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x80)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a140000001100010000000000000000000000000a46ea826e7a3bb2"], 0x64}}, 0x0)

6m50.866218751s ago: executing program 32 (id=37):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xc000, &(0x7f0000000380), 0x2, 0x24d, &(0x7f0000000440)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==")
mkdir(0x0, 0x0)
r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f0000000140)=@v1={0x0, @adiantum, 0x4, @desc3})
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4000000)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000001180))
mmap$dsp(&(0x7f0000ff8000/0x3000)=nil, 0x3000, 0xc, 0x20010, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000ffa000/0x1000)=nil)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x80)
sendmsg$NFT_BATCH(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a140000001100010000000000000000000000000a46ea826e7a3bb2"], 0x64}}, 0x0)

5m24.881925098s ago: executing program 2 (id=164):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SCAUSEDIAG(r0, 0x89ec, &(0x7f00000000c0)={0xff, 0x1})
r1 = socket$kcm(0x10, 0x400000002, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x110)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x400246}, &(0x7f0000000340)=<r4=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r4, 0x0, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r3, 0x0, 0x0, 0x0, 0x2})
io_uring_enter(r3, 0x4c6e, 0xc67a, 0x8, 0x0, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
sendmsg$nl_route_sched(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0x0, 0xf}, {}, {0xf, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8035}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)
sendmsg$inet(r1, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000000140)="608400002e000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r9, 0x4040aea0, &(0x7f0000000080)=@x86={0x0, 0xe5, 0x10, 0x0, 0x4f5, 0x81, 0x2b, 0x94, 0x81, 0x77, 0xe, 0x7, 0x0, 0x6, 0x7, 0x0, 0x2, 0x2, 0x40, '\x00', 0xa, 0x8})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x43, 0x0, 0xfffffffffffffd27)

5m22.921116632s ago: executing program 2 (id=168):
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1e, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x40f00, 0x44, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
syz_emit_vhci(0x0, 0xa)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'ip6tnl0\x00'})
r4 = landlock_create_ruleset(&(0x7f0000000140)={0x0, 0x2, 0x2}, 0x18, 0x0)
r5 = landlock_create_ruleset(&(0x7f0000000000)={0xe020, 0x0, 0x3}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0)
landlock_restrict_self(r4, 0x0)
landlock_restrict_self(r4, 0x0)
landlock_restrict_self(r4, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', 0x0, 0x8, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)=@newqdisc={0x38, 0x24, 0xf0b, 0x2, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xc}, {0xffff, 0xffff}, {0xd, 0xc}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x44004}, 0x8040)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000040)='.\x00', &(0x7f0000000000)='minix\x00', 0x0, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r6, 0x4b72, &(0x7f0000000000)={0x0, 0x1, 0x19, 0x1f, 0x200, &(0x7f0000000140)="1ae19337aa151f36ae49bb3f8cb95c5bf840d4f1e55efaaf098d47a70eb36a73090000000000001b0f4743f490c585108c1331c7749299a25a705f5096cb268cbc6070d680e1be250700000000000000472471ff550c0010000007f3c7b61abe4162256004ea8ca5e5b5f379c6eb3257eda08f7e6959090000004d13184d382747e035b4722525e00ade86b4c6d1e157c75d15c1f961ebc0a64d7f2a73f8979fcecacaa64f9b9069ebcc1d5b471edbc4f6c7f1b98ae74e909aa6f25b7fa77bf9cd4ed36d5c53dc519d11c3cc1c22a3b86cf3c645413f4afbcea0c99ded703699d2bb6a4a663b99b6069da5aaf64785a5887c31261d4b9e57ee07000000def6f255ca26108f11f02047d47f2d0fec30f7e92482f71496e184214a4e0c5fdc48b0af0c0478940016d8f0990a0e1090fd515380aae83c5eaeed338701574b64200a16ef2811fadcf1e0f49a514df529061e09ce45e3da03a03fe9b4a6bcfa7d04594e4f6d0714a2e14ea127ab37d64a5e0db630cd01802e6c985a542ff20a9b2193f265f93a258a88dd6c9d6a926dd23d32425849c5d9210007660a617f22133b6cb5087f4c6057942aa18193172bd995fa70a1f949b196f2e2a3c1758585757144e5ee3f7f4dcecc98123f9ded3afdebe13d79a7a101ef8bc6e6fb853111401612df7ee995f74fb97a63bf62d61f78c062f959119ab50c1f706a930121ebcd53ccb93d158186ed360750ca8e728150d988844b9a5cff46591ccaff416e5a8c25f9555da5ca6fdf75b86ea6171b046b856168f403b5253a5cc393430a09a4489a0895571e597ac8846f945ffb372a88d3a25978b463dc961416c80c55773f917020751ed51cfd73c1e06fbadd156d56bedc117af95d242d6dccbe2ce34dccd6005e944afa92b22ec9a698469c6edc06caa2cfcd61912607d459b4c28ebea9745bcd4697d75c9601fd333d3cd7974a3a3c71b7cc5fdc756da8d97207936e5f53b53b732533c2722e03002293517966611602f297de6ff5408777b7a93c45cee3ee5c5601a4e94266b295ea7a86812a7ab8896ec5ea1b12643e1844b185734528399e62bceb8700cc6cd491e4a4430d0a3ba329a5a2fa170fd0b1cc4ba8294dfc88cd35df2cd7344aa8a9f3432b96fb889c02f484f635a0cc3466a3c2733d45f176931b2db18dba54991a9553cedb8a5869e3d4e036e8afea0a04c04f542b152ca1fd1f8efee60425c5a122fd1b90e98635284abd9f217d9e19cb2a64b354c9d79509cc47d7305114990148a7291cb0fe2d6ae04aa62c534d072ae54c2ca0d5962cc58945d8924abfc4d5af962462507430d8f2c17479a6678b0b3700000000000000000000000000000000000000000000f800"})

5m18.634021188s ago: executing program 2 (id=170):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x52)
mkdir(0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000001c0)='./bus\x00', 0x21)
r3 = open(&(0x7f0000000040)='./file0\x00', 0x400, 0x43)
mknodat$loop(r3, 0x0, 0xc000, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r3, &(0x7f0000000100)='./file1\x00', r3, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x800007, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, 0x0}, &(0x7f0000000100)=0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
sendfile(r6, r6, 0x0, 0x2)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c000000100005ff04000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006261746164760000", @ANYRES32], 0x3c}}, 0x0)

5m14.411808894s ago: executing program 2 (id=177):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000004c0), 0xfe, 0x269, &(0x7f0000000200)="$eJzs3b1rJGUcB/Df7EvWmBCiNja+gIhoIMRCEGy0UQhIEBFBhYiIlSRCTNqslY2FvUoqmyB2RkuxCTb3B+TuUuSaa8IVF+7grthjZnaPzWZDXvZljsznA7szz87ztrDfZyeQmQ2gtGYj4t2IqEbEXETUIyLprvBy/phtF7cmd5cjWq2P7yRZvbyc67SbiohmRLwdUesc29j5/ODe3gev/bRef/X3nc8mx/X+uh0e7H949NvSj38tvrlRab823d52v49hSvq8Vksinh3FYE+IpFb0DDifP6+nuX8uIl7J8l+PSjuyP69N/FePN37t327iaLzzBEah1aqn34HNFlA6lewcOKnMR0S+X6nMz+fn8DeqSXy7uvb93Der6ytfF71SAUOQNPO/e/ff/6fx91RP/m9X8/yfy1sjnikwEmn+P/lo+2a6f1QtejbAWLyQb9L8z325+XrIP5SO/EN5yT+Ul/zDFXDJ7Mo/lJf8Q3nJP1xh9c5Os+/hwfN/v/0fhJefIjBuM9mz738or578F3I9LlCM7vwDAOXSahR8ATJQmKLXHwAAAAAAAAAAAAAAAAAA4KStyd3lzmNcY/7/S8ThexFROz5+IztazX6POOKp7Pnpu0la7bEkbzaQL14asIMB/THkq6+XGherP3NruONf1LUXR9PvD8eLp97bbnMloplWXqjVTn7+k/bn70yn9v/MGQ3rX51vgGFJesrvfDre8Xs93C52/MW9iH/T9Weh3/pXieezbf/1Z7r7FsuX9N2DATsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgbB4FAAD//1eqcO0=")
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
syz_usb_connect(0x6, 0x36, &(0x7f0000000780)={{0x12, 0x1, 0x201, 0x40, 0xd8, 0x5b, 0xc7, 0x13b1, 0x11, 0x5c34, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x4, 0x8, 0x0, 0x7, [{{0x9, 0x4, 0x3, 0x8, 0x2, 0x53, 0xee, 0x97, 0x5, [], [{{0x9, 0x5, 0xf, 0x3, 0x400, 0x6, 0x9, 0xfe}}, {{0x9, 0x5, 0xd, 0x0, 0x400, 0x2, 0x7, 0xe}}]}}]}}]}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
syz_emit_ethernet(0xf3, &(0x7f0000000540)={@random="21732e13d4b0", @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xe5, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @multicast2}, {0x2001, 0x0, 0xd1, 0x0, @gue={{0x2, 0x1, 0x3, 0x2, 0x100, @val=0x80}, "dd2cc8235fce7d9aa194bcd8b2b2b2291072e3b8d7a1e00ac3dcd04f1cce70530fe49e8fa776d7e4ef097a0bdcd83ae439d14c04d2259baa4b3cb77a8da7303987c04c856e226418eef6e866f756d7b1137ad6cad38ee997eccb67689103aa8b69a868b244fee793c108fa2028cadd2f855c60bfb8d3eca5df3c647a421e60708e869cde03b2b69be4d7a66ab99bddbaffafe9cce9e637f61c7ff509a96479e6941b6895c66d778ef340e021275ccf8340f62360149b47df508222117d924c57dd"}}}}}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, r4, {0x0, <r5=>0xffffffffffffffff}}, './file0\x00'})
fchownat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, r5, 0x800)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
prlimit64(r2, 0x2, 0x0, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r6, 0x0, 0x2a, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40186f40, &(0x7f0000000440)=0x1f)
setns(r1, 0x24020000)
syz_clone(0x120e1100, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01002dbd7000aaa7c5f52c03fedbdf250100000008000100ffffffff04000480080062ca151db1625ffe4287c66f1d68d7e6eec7da230872"], 0x14}, 0x1, 0x0, 0x0, 0x2400c8c5}, 0x40010)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x0, 0x2}, 0x0)

5m9.977740352s ago: executing program 2 (id=179):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000002200000000000000000000850000006d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x6fb9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$6lowpan_control(r4, &(0x7f00000001c0)='connect aa:aa:aa:aa:aa:10 1', 0x1b)
r5 = io_uring_setup(0x5f44, &(0x7f0000000340)={0x0, 0x14c4, 0x4008, 0x1})
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r6)
sendmsg$NFC_CMD_SE_IO(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x14, r7, 0x105, 0xf0bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x200010d4}, 0x800)
r8 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r8, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r8, 0x10e, 0x4, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES64=r4], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r9, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10)
close_range(r5, 0xffffffffffffffff, 0x0)

5m6.238861345s ago: executing program 2 (id=184):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x465e, 0x400, 0x3, 0x285}, &(0x7f00000004c0)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x6000, @fd=r0, 0x0, 0x0, 0x0, 0x0, 0x1})
r4 = syz_io_uring_setup(0x7dc9, &(0x7f0000000340)={0x0, 0x849b, 0x10100, 0xfffffffc, 0x234, 0x0, r1}, &(0x7f0000000140), &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_setup(0x1868, &(0x7f00000007c0)={0x0, 0xf503, 0x40, 0x0, 0x10}, &(0x7f0000000700)=<r6=>0x0, &(0x7f0000000640))
syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r4, 0x184c, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r1, 0x40f9, 0x217, 0xa5, 0x0, 0xf5)
syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xb02, &(0x7f0000000a40)="$eJzs3V2IXFcdAPBzd3c2u0lrNjXRNY1tYrWt2m6azRqrQZOSIBqaIr4Uii8hTWswRrCCWgomefLNlpKCT37gU19KFcGCSOiTLwUbKEKeqqAPDRELPtRoMrIz98zMPZnJ3dmPuTO7vx/cPXPvuXf+587euffOvfecE4ANa6zxd2FhNgvh4hsvH33v/n9ML0451JpjpvF3omOsFkLI8vGJ5P3eHW+mN95/4WS3NAvzjb9xPDxxrbXslhDCubA7XAozYefFyy+9Nf/48fPHLux5+9WDV9dm7QEAYGP5+qWDCzv++ue7t11/7Z7DYVNrejw/n4kTpprn/YfzE/94/j8WiuOL6bYrSZD22xZ+NywOY9PFWce7zNcZp5bMN9El/uIwmRSh1mO+TeH28cc7pnVbbxhlcTueCdnYXAhhc2t8bGxurvmbPDR+109mc2dPn3nmuYoKCqy6f98bQtjdMRy5UBwftuHQEJRhmUN9CMowksPhwcW6Xm+qfJ0HNNS3Vr0HAmhK7xfe4ly2qvFa7zZx2/itSwDXHhvrvjysgkFv/33Fn7wl/vRA44eK138I4v/6vD0Oq2e9bk1xveL36I58PL2PkD6/9Mofisu1pXc6ilPT+xG1JZaz132EUbm/0Kuc4wMux3L1Kn+6XaxXX8rT+Dl8uZB7b+H7k/5PR+V/DHT3QXr932BYw+HR96ovw8gPoTBeW8l71Sve/wDDK31urh7vj+YmS/I33Tb/q604vZafLsnfXJK/pSQfNrLffv+n4cWsfb0r/U3f7/XweJ3tzjz9UJ/lSa9H9hs/fe63XyuNnz5PDMPs9yeePPXo009dbj7/n7W2/5v59h5/bszk361L+QzxemF6XT0+V9+uOFDMT+e7KynPnV3mb7zeXpwv295+n9Cxn7mlHLPF5bb2mm9Xcb6ZZL7pfJhKypuen2xOlovnH3G/Gj+viWR9a8l6TCbliPuVbXmalgOWI26Pyde19fx/3D5nQy175vSZU4/k43E7/dN4bdPi9H0DKi+wetL6P+3xYv2f2VCs/3NHa3ptrHO/sLU9PWvuF17P3684fb4Vp2N6x0EtHue+NT7dmH/u5HfPPL3K6w4b3XM/ev7bJ86cOfW9/l8cW9ni6+fFV4ajGP28iD9bhqU8XvT7Yvdah6h4xwSsub0/bh7FHz79nRPPnnr21Nn9Bw7sn58/8IX9C3sb5/V7O8/uO52roLTAamof9KsuCQAAAAAAAAAAALBUPzh29PI7b37+SrP+f7v+X6z/H5/8jfX/f5LU/0/rycd68LEe4LYu+Y15kgZWJ5P5avnw4aS825M4O5LlPpKnrX788vr/MVzarmssz0eT6bUeo0lzAre0lzKZtEGS9hf4iTy9kKe/ClChrHsT/ul226V96+yDjm09tk/RUYW3rn3g0RH/b42toaNJo1j/u2u7Tl3qazNaBlFjsep1BLr754Zq//tf7RXvY7mHKi/3RhsmBhvvZ/1vE+tlqPc8S19qDzYAq6Pq/j//Hppx4/XPs3/82tTiEGe79lhxf5m2Xwr9+Ms7xfFh739yreOn/fYNOn7V6z/o/j9b/d/l+7+43+u9/0t6zEsbjl2i//z86pWOsGHnUuOn6x/bgd7eX/zrefy4Ng+EpcWv/zKJn94QWqL/JvE3LzH+Leu/a3nx/5fHjx/bg/ctNX6zxNlYsRzTyXrE+3/pdePoRrL+sW3P28T/xvPd1n+ZHTXezOPDRjYq/cz2KzmPaJ20l/X/2+/xf6X9/7YKmxULkz6H8bl8PO6I43MOaX8n/ZY/Pl8RjwM7kvfPSo5v+v8dbV/M07LvQ+z/N26PM/khv2O88VnG8VqXz3a97mtgVL1bev8v/9YOwb2KjqF9EKu+LF2Gq5tXULap6stv6GOojy9juU1Dsv3W6/W1vaBVotLgVP75V/07oer4VX/+ZdL+f9Nz+LT/3zQ/7f83zZ8qyZ/O/0O98tP+f9PPM+3/N0sLnrxv2j/wbEn+x0ryd3bPb0W/u2T5XSX5Hy/J39PKP1SYI+bfc9vl2/P1ev+7SvLvK8n/ZEn+p0ry7y/Jf7Ajv7MP6Jj/6WT5LMlf72J9lF6fH7B+pfXzfP9h44j3f3p9/7e38yc7ZxlsKYG18Mpr+4489ZtvzjTr/0+2rofE+3iH8/Fa/tvoh/l4et87dIwv5r2Zj/8tyR/26x2wkaTtZ6TH/wdK8oHRFZ/z8v2GDSib6j45T8varep1ns9o+UyefjZPH8rTh/N0Lk/35um+PJ0fUPlYG0de/93BF7P27/2tSf5SnydP6wMV2okKIexfYnnS6wP9Ps+etuPXr5XGX2Z1MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMqMNf4uLMxmIVx84+WjTx4/vXdxyqHWHDONvxMdY7XWciE8kqfjefqL/MWN91842ZnezNMszIcsZK3p4YlrrUhbQgjnwu5wKcyEnRcvv/TW/OPHzx+7sOftVw9eXbtPAAAAANa//wcAAP//kusIDw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
fcntl$dupfd(r7, 0x0, r7)
read$msr(r7, &(0x7f0000004c00)=""/102392, 0x18ff8)
creat(0x0, 0x109)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
readv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000040)=""/9, 0x9}, {0x0}], 0x2)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x6, 0x0, &(0x7f0000000000)="072731a0fe20", 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="a00000001900090000000000000000001c140000fe00000100000000040013000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100"/160], 0xa0}}, 0x0)

4m50.156089149s ago: executing program 33 (id=184):
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r0 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r0, &(0x7f0000000200)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000540)={0x0, 0x465e, 0x400, 0x3, 0x285}, &(0x7f00000004c0)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x6000, @fd=r0, 0x0, 0x0, 0x0, 0x0, 0x1})
r4 = syz_io_uring_setup(0x7dc9, &(0x7f0000000340)={0x0, 0x849b, 0x10100, 0xfffffffc, 0x234, 0x0, r1}, &(0x7f0000000140), &(0x7f0000000000)=<r5=>0x0)
syz_io_uring_setup(0x1868, &(0x7f00000007c0)={0x0, 0xf503, 0x40, 0x0, 0x10}, &(0x7f0000000700)=<r6=>0x0, &(0x7f0000000640))
syz_io_uring_submit(r6, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r4, 0x184c, 0x0, 0x0, 0x0, 0x0)
io_uring_enter(r1, 0x40f9, 0x217, 0xa5, 0x0, 0xf5)
syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xb02, &(0x7f0000000a40)="$eJzs3V2IXFcdAPBzd3c2u0lrNjXRNY1tYrWt2m6azRqrQZOSIBqaIr4Uii8hTWswRrCCWgomefLNlpKCT37gU19KFcGCSOiTLwUbKEKeqqAPDRELPtRoMrIz98zMPZnJ3dmPuTO7vx/cPXPvuXf+587euffOvfecE4ANa6zxd2FhNgvh4hsvH33v/n9ML0451JpjpvF3omOsFkLI8vGJ5P3eHW+mN95/4WS3NAvzjb9xPDxxrbXslhDCubA7XAozYefFyy+9Nf/48fPHLux5+9WDV9dm7QEAYGP5+qWDCzv++ue7t11/7Z7DYVNrejw/n4kTpprn/YfzE/94/j8WiuOL6bYrSZD22xZ+NywOY9PFWce7zNcZp5bMN9El/uIwmRSh1mO+TeH28cc7pnVbbxhlcTueCdnYXAhhc2t8bGxurvmbPDR+109mc2dPn3nmuYoKCqy6f98bQtjdMRy5UBwftuHQEJRhmUN9CMowksPhwcW6Xm+qfJ0HNNS3Vr0HAmhK7xfe4ly2qvFa7zZx2/itSwDXHhvrvjysgkFv/33Fn7wl/vRA44eK138I4v/6vD0Oq2e9bk1xveL36I58PL2PkD6/9Mofisu1pXc6ilPT+xG1JZaz132EUbm/0Kuc4wMux3L1Kn+6XaxXX8rT+Dl8uZB7b+H7k/5PR+V/DHT3QXr932BYw+HR96ovw8gPoTBeW8l71Sve/wDDK31urh7vj+YmS/I33Tb/q604vZafLsnfXJK/pSQfNrLffv+n4cWsfb0r/U3f7/XweJ3tzjz9UJ/lSa9H9hs/fe63XyuNnz5PDMPs9yeePPXo009dbj7/n7W2/5v59h5/bszk361L+QzxemF6XT0+V9+uOFDMT+e7KynPnV3mb7zeXpwv295+n9Cxn7mlHLPF5bb2mm9Xcb6ZZL7pfJhKypuen2xOlovnH3G/Gj+viWR9a8l6TCbliPuVbXmalgOWI26Pyde19fx/3D5nQy175vSZU4/k43E7/dN4bdPi9H0DKi+wetL6P+3xYv2f2VCs/3NHa3ptrHO/sLU9PWvuF17P3684fb4Vp2N6x0EtHue+NT7dmH/u5HfPPL3K6w4b3XM/ev7bJ86cOfW9/l8cW9ni6+fFV4ajGP28iD9bhqU8XvT7Yvdah6h4xwSsub0/bh7FHz79nRPPnnr21Nn9Bw7sn58/8IX9C3sb5/V7O8/uO52roLTAamof9KsuCQAAAAAAAAAAALBUPzh29PI7b37+SrP+f7v+X6z/H5/8jfX/f5LU/0/rycd68LEe4LYu+Y15kgZWJ5P5avnw4aS825M4O5LlPpKnrX788vr/MVzarmssz0eT6bUeo0lzAre0lzKZtEGS9hf4iTy9kKe/ClChrHsT/ul226V96+yDjm09tk/RUYW3rn3g0RH/b42toaNJo1j/u2u7Tl3qazNaBlFjsep1BLr754Zq//tf7RXvY7mHKi/3RhsmBhvvZ/1vE+tlqPc8S19qDzYAq6Pq/j//Hppx4/XPs3/82tTiEGe79lhxf5m2Xwr9+Ms7xfFh739yreOn/fYNOn7V6z/o/j9b/d/l+7+43+u9/0t6zEsbjl2i//z86pWOsGHnUuOn6x/bgd7eX/zrefy4Ng+EpcWv/zKJn94QWqL/JvE3LzH+Leu/a3nx/5fHjx/bg/ctNX6zxNlYsRzTyXrE+3/pdePoRrL+sW3P28T/xvPd1n+ZHTXezOPDRjYq/cz2KzmPaJ20l/X/2+/xf6X9/7YKmxULkz6H8bl8PO6I43MOaX8n/ZY/Pl8RjwM7kvfPSo5v+v8dbV/M07LvQ+z/N26PM/khv2O88VnG8VqXz3a97mtgVL1bev8v/9YOwb2KjqF9EKu+LF2Gq5tXULap6stv6GOojy9juU1Dsv3W6/W1vaBVotLgVP75V/07oer4VX/+ZdL+f9Nz+LT/3zQ/7f83zZ8qyZ/O/0O98tP+f9PPM+3/N0sLnrxv2j/wbEn+x0ryd3bPb0W/u2T5XSX5Hy/J39PKP1SYI+bfc9vl2/P1ev+7SvLvK8n/ZEn+p0ry7y/Jf7Ajv7MP6Jj/6WT5LMlf72J9lF6fH7B+pfXzfP9h44j3f3p9/7e38yc7ZxlsKYG18Mpr+4489ZtvzjTr/0+2rofE+3iH8/Fa/tvoh/l4et87dIwv5r2Zj/8tyR/26x2wkaTtZ6TH/wdK8oHRFZ/z8v2GDSib6j45T8varep1ns9o+UyefjZPH8rTh/N0Lk/35um+PJ0fUPlYG0de/93BF7P27/2tSf5SnydP6wMV2okKIexfYnnS6wP9Ps+etuPXr5XGX2Z1MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMqMNf4uLMxmIVx84+WjTx4/vXdxyqHWHDONvxMdY7XWciE8kqfjefqL/MWN91842ZnezNMszIcsZK3p4YlrrUhbQgjnwu5wKcyEnRcvv/TW/OPHzx+7sOftVw9eXbtPAAAAANa//wcAAP//kusIDw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
fcntl$dupfd(r7, 0x0, r7)
read$msr(r7, &(0x7f0000004c00)=""/102392, 0x18ff8)
creat(0x0, 0x109)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
readv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000000040)=""/9, 0x9}, {0x0}], 0x2)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={0xffffffffffffffff, 0x0, 0x6, 0x0, &(0x7f0000000000)="072731a0fe20", 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="a00000001900090000000000000000001c140000fe00000100000000040013000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100"/160], 0xa0}}, 0x0)

1m31.950414012s ago: executing program 1 (id=450):
unshare(0x26020480)
r0 = syz_open_dev$usbmon(&(0x7f0000000000), 0x1, 0x82042)
ioctl$MON_IOCQ_URB_LEN(r0, 0x9201)

1m31.655642405s ago: executing program 1 (id=458):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_SUBMITURB(r0, 0x802c550a, &(0x7f0000000280)=@urb_type_interrupt={0x1, {0x1, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1m31.362279707s ago: executing program 1 (id=461):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="0007000042009103"], 0xfe33)
recvmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000004700)=""/4093, 0xffd}, {&(0x7f0000006700)=""/4104, 0x1008}, {&(0x7f0000002d80)=""/4153, 0x1039}, {&(0x7f0000000780)=""/190, 0xbe}, {&(0x7f00000004c0)=""/190, 0xbe}, {&(0x7f0000000140)=""/181, 0xb5}], 0x6}, 0x0)

1m31.057765538s ago: executing program 1 (id=465):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2ad, &(0x7f0000000a80)="$eJzs3b9rO2UYAPDn0jQJOiSCkwge6OD05dvv6pIiLRQzKRnUQYttQZogtFDwB8ZOri6Ori6C4OY/4eJ/ILgKbhYsnNzlrklqGpPatP74fJa+fe953nve69uWDvf03eeHxwdpHJ1/8lO0WknUutGNiyQ6UYvKZzGj+0UAAP9mF1kWv2Zjq+QlEdFaX1kAwBqt/Pv/u7WXBACs2RtvvvXadq+383qatmJ3+PlZP//LPv84vr59FO/HIA7jcbTjMiK7Mh7vZlk2qqe5Trw0HJ3188zhOz+U62//ElHkb0U7OsXUbP5eb2crHZvKH+V1PFXev5vnP4l2PDvn/nu9nSdz8qPfiJdfnKr/UbTjx/figxjEQVHEOD9qEZ9upemr2Ze/ffx2Xl6en4zO+s0ibiLbuOcvDQAAAAAAAAAAAAAAAAAAAAAA/2GPyt45zSj69+RTZf+djcv8k81IK53Z/jzj/KRa6Fp/oFEWX1X9eR6naZqVgZP8ejxXj/rD7BoAAAAAAAAAAAAAAAAAAAD+WU4//Oh4fzA4PLmTQdUNoHqt/7brdKdmXojFwc3JvWrlcMHKsVHFJBELy8g3sXTNv5dtD2736J65qeZvvl16na//eu/lYHOJmL85qE7X8X4y/xk2o5ppVYfk++mYRix5r8ZNl7KVjl9j7qX2yntvPF0MRgtiIllU2Cs/j59cOZNc30WjeKpz0zfLwVT6bExr+fOcf6f8SXLVrSO52x9CAAAAAAAAAAAAAAAAAABAYfLS75yL5wtTa1lzbWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2a/P//FQajMnmJ4EacnD7wFgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPgf+CMAAP//SfdjDw==")
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff)
mount$binderfs(0x0, &(0x7f00000000c0)='./binderfs\x00', &(0x7f0000000100), 0x808, 0x0)

1m30.732030373s ago: executing program 1 (id=468):
r0 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
syz_emit_ethernet(0x66, &(0x7f0000000180)={@local, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "a24b9f", 0x30, 0x2b, 0x0, @remote, @local, {[@routing={0x3a, 0x2, 0x2, 0x1, 0x0, [@mcast1]}], {0x4e22, 0x0, 0x18, 0x0, @wg=@data}}}}}}, 0x0)

1m29.651764448s ago: executing program 1 (id=477):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000018c0)={0x130, r1, 0xacf5e67dd0b583a1, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc}}}, [@beacon=[@NL80211_ATTR_FTM_RESPONDER={0x108, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x104, 0x3, "88e6af14f1aa7e139a03be0fa22a23f1588071dd4316e909af1f917364ffa379e7767238bccff5d534b7d787caf96b8d1967f14e051e9b2c4cd664d99345d4e07a5c8a13b5cb6cf01bb980a84e52f36c9c87f43f709e763857fd97a3f3d686de3a8f57c52757f7a8363708d3c1582643e7420be7f9d97554a63d5c87f37435d28d7f836e6f60bfcdf957fe16bd088b15f243ee92b13b4b062e07316596bdeea8610428f56ad643854829bc0a8e02afda9a76f3dfaccc34fb177cd70185327245fa401c13dd77ff5ce93982cb8f6619bc200283a294af362cbd1f7c41f5377ea6460af4d76a749e402924a075278526800eb5042e33beb70d469955405409e232"}]}]]}, 0x130}}, 0x0)

1m29.064987875s ago: executing program 34 (id=477):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000018c0)={0x130, r1, 0xacf5e67dd0b583a1, 0x0, 0x0, {{0x5}, {@val={0x8}, @val={0xc}}}, [@beacon=[@NL80211_ATTR_FTM_RESPONDER={0x108, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_CIVICLOC={0x104, 0x3, "88e6af14f1aa7e139a03be0fa22a23f1588071dd4316e909af1f917364ffa379e7767238bccff5d534b7d787caf96b8d1967f14e051e9b2c4cd664d99345d4e07a5c8a13b5cb6cf01bb980a84e52f36c9c87f43f709e763857fd97a3f3d686de3a8f57c52757f7a8363708d3c1582643e7420be7f9d97554a63d5c87f37435d28d7f836e6f60bfcdf957fe16bd088b15f243ee92b13b4b062e07316596bdeea8610428f56ad643854829bc0a8e02afda9a76f3dfaccc34fb177cd70185327245fa401c13dd77ff5ce93982cb8f6619bc200283a294af362cbd1f7c41f5377ea6460af4d76a749e402924a075278526800eb5042e33beb70d469955405409e232"}]}]]}, 0x130}}, 0x0)

8.105772833s ago: executing program 6 (id=941):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000300)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000780)={0xfc78, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x20, 0x1, 0x1, 0x1}, 0x0})
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000003c0)={0x34, &(0x7f0000000140), 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x5b03, 0x0)

6.840056813s ago: executing program 5 (id=948):
sched_setscheduler(0x0, 0x5, &(0x7f0000000480))
ioprio_set$uid(0x3, 0x0, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x20000023892)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

6.257774352s ago: executing program 5 (id=952):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x100)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000080)={{0x1, 0x0, 0x4}})
readv(r1, &(0x7f0000000240)=[{&(0x7f00000004c0)=""/53, 0x35}], 0x1)
read(r1, &(0x7f00000002c0)=""/200, 0x39)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2)

5.624912468s ago: executing program 6 (id=957):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r0, 0x1000)
r1 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
close(0x3)
dup(r1)
pselect6(0x40, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x1000000}, &(0x7f00000000c0)={0x9, 0x0, 0x5, 0x0, 0x1, 0xfffffffffffffffd}, 0x0, 0x0, 0x0)

4.809431972s ago: executing program 5 (id=958):
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
sendmsg$alg(0xffffffffffffffff, &(0x7f0000003540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x34000041)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x40000)
r1 = syz_open_dev$MSR(&(0x7f0000000540), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000100)='./file0\x00', 0x10)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x3000005, 0x0)
chroot(&(0x7f0000000200)='./file0\x00')
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x0, 0x38415261}})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x5)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELOBJ={0x34, 0x14, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}]}], {0x14}}, 0x98}}, 0x0)

4.803754616s ago: executing program 7 (id=959):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000000)={0x1000, 0x802, 0xfa, 0x17, 0x402, 0x1c49})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

4.045979551s ago: executing program 7 (id=962):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x101}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="3de6", 0x2}], 0x1}}], 0x1, 0x48819)
prctl$PR_MCE_KILL(0x4c, 0x0, 0x2)
sendto$inet6(r0, &(0x7f0000000400)="25eed0aee8c79f49b53c108367401019c41e56367aa3f23916ddf42df6a5ca47adc0f14939ee362a401f6425b5933ed45ac2e4089f33e87ea4fa53cb6f37fa25746f5805cefb6f78a3d525962f72cff39e3fd9074e3260c84fdfced1c00ba3c8cfcd6220a22b568b9ea6d0e366394ae3490b19d046c22e484b0aa11954836b45d4047ab5007b7b758a16f51f05661f02e1cc365db0bf3b54c3c468a8b5462008bc5ffb9db10bed599639774620b78184ada2301d9d494c2c7622d859213c2d7cc96412661b8f8afb818669f98776b43d6f8c598c00e43ade1e0808a35608882523edf4820dc6b1de1a71cb3dcec7265acaaeab264a1082660423eaf763e3d5e6756b9d2e4115906f4284e5e11388dae00c59c49d5bdc02592fbd96f69a586c8e6f36af50d6de76993809225f4a7dfbd1e7feee4438420c40ee1587ef9279cba9847f32d185f2405d680fd8776df5edc7c149279dc808c693dab77ec90071fff6b0b63f5eaadf5e2118dbeebbeb235b90b8b1b871af2ebc579d404578310950526b7be662a9d89be66d6a02522e7352357c02c3a56f8ff816331bd070041ba511613602956381e6d78b645d02dbc77a188168b6312a0998fe17cfd2940c8e5d39e5a95c50f8b0cee4a9c145b23997f830c08fe2e8af162363f4e14d78fd1275af0192483de50d521d85ed5dd21e51e9fba69d7c208ae998c914f5a2393f0594abb1228eb6df78d022707d2e705854e20338e898482ced2d8b853d8cd972bf7d2df97c7fbc2fffb60e9ec9335bf4e98c6d53244dabe2d1d038c75476b620b9263bda96ec2c61f3306dfcfb9f023c3c9678e0ef245b8c3de356f4c4dfe2d791e213b592f8106467517bd0eb3be609108ac41507edb9029c1975fe0c08e461b66b0850a9faf160e658fd770266fa0c70deab155084869592563fe0c136728a2999c6a5d40891a0de089cec58b1ffe2d40e44513b3d51c8c34935b75a351d0d7f9049e6e488585c819437a4e7b338cd5772a744fe79a21327f919ef4bdb9936a5dccd353a45e2642b8cad7aea0152de1d15577c37eff9fc206115e1ed9612183f5aa55ba23b2e2b77432f038b3cc3f0c189414de1402b002ba4464448d74fac86d1ab674a4eb3d8b6e8af11ee37145026fdedb952097fa069ddd516a76c8a647c0faf5a47a75a7294b0eba99291457e4614f0e985bd363de3593590e6f303e511220ce37e1e66711dac26dadaa5f26ab172ef6c7a2f53ed66c0813867e1d53e769efafac557c3977836517f216c53625d8752073fed32346d274613fef1f874d71a632a48220978d6efbf4fb938a46777f05b10cc71d1996772e2536a22b171e2cabffb9099e73026e56210a6162140681048fa9e55388619d83278ea60e5421eaade222b61237aae0d6684f19e090d88da58d0f8e0b4725c41bfc94a5a066d842f768d7ecc527ae2f8ed793ef072da9258db0d11d36637c4765afed52049524efb6feaaa3239dcce104e0889fb10e6a4b7923b4932fecafb1add915f673426c5d6fe7f0290ee8df38763c3737a8bdb4e78b64dd66831440a5dc4e14ccbd14a13f1c513773b9daf0e06cab2bf564b57c8145af47cc64a539fa8326467b318b2e8df6b6cec365f53a3745f4a6cc3d5bfcbe3f11f48713a9568b0fda6f5d88c0d889862e9f36c4f2664da2341b2002d340a4ffb524fa4ae475c2de3842e9c10354a8aa5ee08dcd538ebe243cd8f502cc2fca6dfc7e84a9c844a9be36e198b78d7ab7161f2f590b61fdf175035dee46c5620c9c02ea6b2f7b5d1edee27ba642832a64f7f2dd88a80937bf92d187a4a3dda7cc981b1cbd09416c418af48af5cfef16adb3ebf966a2fe7cbfb1a42b20eeea1c5f5406e644c4561d6e7009ae32331b5c372eccd802c962a56a994c793b145523b1c52356ffc8d0eef096851598692ca35f3d458890493a9883a61501d0fbc92d4543fa753a33bc954544a128a0e02d229737ca4432f9e013b4eba209b7b043eafd698bd756bd6c931798b07b7f62852ce7b3e38c6a3e3ce45535a8f383b57d3217881e7a62aa933809a6b0934b5e63f5617337971b515ccf38208be292107c1a83af71f1d5cc93cf96c1baaae648fa360f7a1a51eace114ba9b1a05db6dedd55ffe78a0e028c42346252a4e27d659447083f30850b02acda5903ca7605fcc9f22015f4c9ea924e7055d4d983a2cbb20a53cc4124bb300bbfb2628565fd09c6702b2d6dd15cff149c0fe7404a297500c4ca3186ccf88c7f46e3d6bf138ec31ba901c42e5ad349ff36c1572df219a1fca81b2aad102c2767006dd82a741cb6024231101e52bef3c581fe339377167620a8e443fead98c800ad9a25dd40e9af5a789bbafc6d742fa9a1b18e01a87cfa2c914ae559b4e63f9ca50943cfe8143d276ca84c814a0f8e8ee2c0a34a65b09856ac5e78bf92344d9b8394a4c2a60800dae54b10caf40bb09b47526e6707141d4f0a013a6e3567daf6db158b7886d84245b865216e916584149c5b84110dd677a756dc1e76c0d2f4e29fe6a67dd4f550b64936cd642adfff786fb89146b447195162ac8ef682874e20fca482bdce967eeb8c68503ad5ce7374b57df9541e1d7a848d863a5cc6dcbeed060103352e90eed71d60cd2be1ec63d98e25d652656601fd70910491b6f2ec81bec992eed2a5e749c93026375a197d93b88b626320340bdca0061d097505bd608543a25eb455f082700ceb2a4361eed56f1d93c40f84050b91a768830f36e6c5044b0df74cccd22dee667e4c597db72e9d3b9e59684130e07699edc511934a270288d5b52b6179c5abf048ede9d5e0d2d0d845dd63962523622d0564fdfdebd4503304681ec758083c639d11b4e2d47e0e63c5f6e7e96d6f2d6c58bdd8df926879c2047794b343b9ceeefa88e96b762cfc469739c933594627bc7e547f8c3cbeb0903473e8d4b323d5021e80dc4f2b0db7ce6f3da41790a4faf682a21593dfcf2e672e471aeceac0746510485f432ef35f68b5e5b2942525ef5c915236f4893e2281f05c586220041d9685ce8c59315cd783932691ae67e1ad85814af28a253d562b00c8503a0a7bf7dd73ee66641a59606c83fc783966c54cb183a812cfd135c945dcb752c29fae0d55c5b35659361d866b790010eeb98a4909038e6870e4b79c756612761e53831186b840840558dc25361c5ccb919222a9effef676b1e68e7d06a596b712e0adcf2d1972d92d979d95ee44ace518e3f95311cd51f7e48f79775233ae1b2500ca1779ed92cd575e85391d1c7a283d19e008379e9ccd2706f9c191094d31ca0e4e8148776250302774111ef74b980613bd350f6043e8b745f6134336e615e65d491a2c552407a9b87c2aa2883c2d829441ac92ebd11b4425ced9f5d68aeb034a7e6cacb0cc22267cf8f6b3d8a49371b392b0ac9d1845ca7a3e016a3161cd0099e459fdb05719660edaab4f7f2ee5cabe8802222a3acb2551106a63a1b29d5700742619dd758476a95f5b9f98422d54b0104f01f78ca632dae4e7294a4ba6083882ca7f406d97e6049d32fed8864671fb03992e902d463175de1fc784d0b2bc14023f850a3258658755ac00daa52abc1e824527a028b9bff2abd893e58169c736c26fc16e16dfaf132ca505bb9bff4c058763f54f0f36177e510e0ec237dba1f2c5d051158872ae09e7c2177e7cd366fd706b96ad75604c0477b715871602f00e5020d2112536bd255469d94a2ecf73557aa562da2df3aa12224e2f2a1cef614c5320a72bc54c81712205613f9fbe4449722aeaf130585ee52d993b37b18946958894cf2d795770d831fc6097e5795db584dadcafd5faf9352d31d9968a1bc09b32fd126a897dfa18b07910595446c28cffc0b76c046a1db4dbe14bebf0a44d68ddb6d4c073d5e79fb2788a5fdbfa0df9d6084bca32f7bd135ac843c728c040fdf2e10d1cf691508ae64aa3c40d0a198160c3b32d1d02399b509b88c82d77ca6a2bd81adaf671efdd790741a3f67023417fdb734fc697b456af920b1831ba52df170e1c45c3149ee393972a6b9dc97dd4aca5df478c4a593c76ee67ae259fc414bcad85098692f7e9aa660bb27c3ee6e96171ee240919c636aca69d875543d04d6cf48305a785422f4b4f5a99525a0951448acf33e8fc438b32b31eae7169cc82daba924d51708fd2f64c9076cfc7ad03da98051316209d66eb752346adcbc696dfb13000a77fa3655fdfca05b41ca01247c5d8e385cda3c8e2b65f9b34679130f99c81838e3ae716ab9fc9f07f6267d0197a43ed163e5025a11cb9fc1cec83e253d3c8a2d3a8f697ceaa3772bcf37ed8f0151b47e82bf270e549fc5651541a9da77aa128b193bb98f6e023cae58237daa93ddfa781394cd4c4a2519d4a0ea8a60bef2bd0e7bcac51999e6a916ea3a5566845ae498c048a7d036b1bfb1e59ed700421b0019ff1c1aee887b90cc8e1be4669e44dadb3468593b24e4b8d2c3365b95932d00503a82ce2dba2622986a14967a16233924bbf03a33d5a018274f44ccf31959057a696f63b4d5a319b81d8674cfe615807bdad84f79a1bc3a679bfd5fd24bca93a49c355e1d0c4cf42162111413c328b6df45191d5a38ef9e6e525590332eee19e20174ec5ce53e5ff5988a1135bd49dc1ebed1004afd6c77b79c607f074e8a7bd348706921201b49f656a9218cd3073ae9dccee23d99840c18e7d9eb1c6028f94c5e234a2fa05a350ad23e10a6e6ed6a592cf48877a32dc147f32eb05817e0e438d78c8ff4d5ef22d8747f88ebe57b96ed8a4d00729dd659361bf9198477562a4daec9f60c7a73f18f537db5e43c75edd13c98d224a614fe684835bda1e84cf441fa3240eab03e241fd4f84e594cc82a6acc80ecc74e6ca93e3d9706075cda806a6da92a73a57b5af5be2d8e97500dd2c920fc36d19b4f8673b45fd13ea736aeeaaa5872f6d95ce3fd560a9377f12e0b2440ff9f2986e5c1495f66e7e45cf4822e33670dd150e184c30ee769d9df212ca8a73928188ed025759260b7bcdfe21ff326bb01641305d874316c9d28889fbbdedd1fdf2174558625b3bf161c9fd312b2e41223e03939e04ee3e9fd6779ef6155279ab275949a0e7b84e54daa6eff264e079d5e41744234b86e712f48fd56b1481ed9e7a1c074b0f1a1b3a4c5286fa8d07df3c9eb161401286d09881bd52cd5ac0dd6d84bab3fd907d0fc572c8e4e00060cf6274026e3c3568bc6df507ee2c407d6c77e8a0fca12c40a5e590d4b0ad6a534929986adf883937893fe8a61407341b314796124652d3f94962ed1b25126d1e63aebbe4d2b1c148e98c570838212e253049496da922ea734b19f27a4f17e46a70e2d5a4fa97d2b5df5e0fe0795183e1e6d9be3726909d408dbda8332e59c95180aedfdbca78843fb062f9ed25f5df9cb7635a2214e6c7471913fe8f31b4458133c3cec6d6976e837c8d3da4556b257cb016d5cd0d7a832a4741c2b5693d162ca14f697b4f490a606951b0af34a1de42008e85caeecfad118ed787dd27829fab887fb07bc096a079ac23f78cd6258849e5f30626f222de9015925e944ce7933cf580578a6e14aab46e1a23e1af9a82dfb946ecb6de82bb7843b1ff731631a9c9466bc547a32a38744934a3e88e1f761f23504375d062e9f8d921776e18b8e210aaa20f4d416f481bc497a6a47a022636ab85f91d34b94654a4b39aebc77c40c1493ee44d5ffb2039f830bebefcf5b4ac693d67cc7f9e7bbc363fc3cd888ff85e749e0415ecc5fc70297722b9005aebc", 0x1000, 0x4000, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000240)=""/158, 0x9e, 0x1, 0x0}, &(0x7f0000000180)=0x40)

3.980721229s ago: executing program 5 (id=963):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x8000, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2b2, &(0x7f0000000880)="$eJzs3NFLU28cx/Hvz6mbE91+EEFB9aVu6uag6w+oEQrRoDAn1UVwzLMaO21yzlgsIncT3fZ3SJfdBdU/4E100313EgTdeBGd8Jwd3XTa1M2t+X6BnO/xeT4+jzrlewSf9XtvnhZyrpEzyzIUUxkSqcmGSHKzqvuvfh3y61FpVJMr4z+/nrt7/8GtdCYzM6c6m56/mlLVyQsfnr14e/FTeXzh3eT7qKwlH67/SH1bO712Zv33/JO8q3lXi6WymrpYKpXNRdvSpbxbMFTv2JbpWpovupbTNJ6zS8vLVTWLSxPxZcdyXTWLVS1YVS2XtOxU1Xxs5otqGIZOxOVkG25jTnZ1bs5M7znsRTq6I3RetPl2rNUcx0nXWg9mV7u1LwAA0L/27/+DXn/v/j+zEFw73P+L0P93Sa3p7i/9PwaC46TNeP3ntxn9PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIr+FbVERiIhLe93qf6I5Dfv+v9Wi76LCGf9yLidivK9lKNrgG4+mc5MUWS6YkIb/810NdUM/ezMxMqW+k/iE38yuVbMQ/m8DPh5Kt8uf/nw7yKh83c5V6fkTijeunJCGnWq+f2s6HxyGsVLKjcvlSQ96QhHx+JCWxZcl/XW/nX06r3rid2bH+mD8PAAAAAIBBYOiWZPPzb3D2o+FPiMnu8SB/gL8P7Hi+Hpaz7RxRCQAAAAAAjsytPi+Ytm05hyiiInKE+KAWEemLbeworotIH2zjuIqYiATv0cPEv2/F20p5bcwZFpGef1kOUPT6NxMAAACATttu+g8Q+vKqizsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafc8sHD+rqFwYJ94w3KRY/8EAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD7yJwAA//+j7Rqj")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file1\x00', 0x8800d0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14000000"], &(0x7f0000000000), 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x244b02)

3.861145198s ago: executing program 7 (id=965):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x60, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xc, 0xfff1}, {}, {0x5, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x30, 0x2, [@TCA_FLOW_EMATCHES={0x2c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x20, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x1, 0x0, 0x0, {{0x4, 0x3, 0x20cc}, {0x800000, 0xb8e, 0x5, 0x4}}}]}]}]}}]}, 0x60}}, 0x20040054)

3.580246143s ago: executing program 3 (id=967):
sendmsg$NBD_CMD_RECONFIGURE(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x6c, 0x0, 0x20, 0x70bd2a, 0x25dfdbff, {}, [@NBD_ATTR_SOCKETS={0x28, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8}}, {0xc, 0x1, 0x0, 0x1, {0x8}}, {0xc, 0x1, 0x0, 0x1, {0x8}}]}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x20}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0xf}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x6c}}, 0x4212d43d3101d15c)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000640), r1)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000680)={'wpan0\x00', <r3=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEV(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000280)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000fbdbdf251a00000004002e8008000300", @ANYRES32=r3, @ANYBLOB='4\x00.'], 0x6c}, 0x1, 0x0, 0x0, 0x20040040}, 0x20040)

3.510366348s ago: executing program 5 (id=968):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x20108c0, &(0x7f0000002ac0)=ANY=[@ANYRES8=0x0], 0xfe, 0x61e6, &(0x7f0000002b00)="$eJzs3c9vHGf9B/DP7C//yLep1UPVb4SQm5YfpTSJkxICBdoe4MClB5QrSuS6VUQKKAkorSziykLiwIm/AITEESGOiAN/QA9cuXHiRCQbCdQTg8Z+nni82e06tb2z9rxekjPzmWd2/YzfO/sjM7NPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADx3e98b6WIiBs/TQuWIv4vuhGdiIWqXo6IheWlvH4vIp6LneZ4NiL6cxHV7Xf+eTri1Yj46GzE1vb6arX48gH78e0//O233z/z1l9/37/4nz/e6742br3793/57z89ONw2AwAAQNuUZVkW6WP+ufT5vtN0pwCAqciv/2WSl5/6+lf/eOvPs9QftVqtVqunUNeVoz2oFxGxUb9N9Z7B4XgAOGE24uOmu0CD5N9qvYg403QngJlWNN0BjsXW9vpqkfIt6q8Hy7vt+VyQfflvFI+u7xg3nWT4HJNpPb42oxvPjOnPwpT6MEty/p3h/G/stg/Sesed/7SMy3+we+lT6+T8u8P5Dzk9+XdG5t9WOf/eE+XflT8AAAAAAMyw/P//Sw0f/507/KYcyCcd/12eUh8AAAAAAAAA4Kgddvy/R4z/BwAAADOr+qxe+fXZvWXjvoutWn69iHhqaH2gZdLFMotN9wMAAAAAAAAAAAAA2qS3ew7v9SKiHxFPLS6WZVn91A3XT+qwtz/p2r790GZNP8kDAMCuj87ma/n7uwuKiPmIuJ6+66+/uLhYlvMLi+ViuTCX388O5ubLhdrn2jytls0NDvCGuDcoqzubr92ubtLn5Untw/dX/a5B2T1Ax45I+mPGmOYGAweA9AIVseUV6ZQpy6fHvfmAfez/p9BSLDX9uGL2Nf0wBQAAAI5fWZZlkb7O+1w65t9pulMAwFTk1//h4wKHqjtj2iOO5v7VarVarVZ/qrquHO1BvYiIjfptqvcMhuMHgBNmIz5uugs0SP6t1ouI55ruBDDTiqY7wLHY2l5fLVK+Rf31II3vns8F2Zf/RrFzu3z7UdNJhs8xmdbjazO68cyY/jw7pT7Mkpx/Zzj/G7vtg7Tecec/LePyH+xcMtc+Of/ucP5DTk/+nZH5t1XOv/dE+XflDwAAAAAAMyz///+S4795kwEAAAAAAADgxNnaXl/N173m4/+fGbGe6z9Pp5x/8aT5L6R5+Z9oOf/OUP5fHFqvW5t/+Obe/v+v7fXV39375//n6UHzn8szRXpkFekRUaTfVPTS9DBb97jNfndQ/aZ+0en20jk/Zf+duBW3Yy0u7Vu3k/4ee+0r+9qrnvb3tV/e1957rP3KvvZ++t6BciG3X4jV+FHcjrd32qu2uQnbPz+hvZzQnvPvev5vpZx/r/ZT5b+Y2ouhaeXhh53H9vv6dNTveePWZ39x6fg3Z6LN6D7atrpq+8430J+dv8mZQfzk7tqdC/dv3rt3ZyXSZN/Sy5EmRyzn39/5mdt7/n9htz0/79f314cfDp44/1mxGb2x+b9Qm6+296Up960JOf9B+sn5v53aR+//Jzn/8fv/yw30BwAAAAAAAAAAAAAAAD5JWZY7l4i+ERFX0/U/TV2bCQBMV379L5O8XK1Wq9Vq9emr68rRXq8XEfGX+m2q9ww/G3VnAMAs+29E/L3pTtAY+bdY/r6/avpi050Bpuru+x/84Obt22t37jbdEwAAAAAAAADg08rjfy7Xxn9+MSKWhtbbN/7rm7F82PE/e3nm0QCjRzzQ9xibnUG3Uxtu/PnYGZ/7wrjxv8/H4+N/5zFxu/XtGKM/oX0woX1uQvv8yKV7aY280KMm5/98bbzzKv9zQ8Ovt2H81+Ex79sg53++9niu8v/C0Hr1/MvfzFz+GwddcTM6+/K/eO+9H1+8+/4Hr9x67+a7a++u/fDKysqlK1evXrt27eI7t26vXdr993h6PQNy/nnsa+eBtkvOP2cu/3bJ+X8u1fJvl5z/51Mt/3bJ+ef3e/Jvl5x//uwj/3bJ+b+Uavm3S87/S6mWf7tsba/PVfm/nGr5t0ve/7+cavm3S87/lVTLv11y/hdSLf92yflfTPUB8vf18KdIzj8f4bL/t0vOfyXV8m+XnP/lVMu/XXL+V1It/3bJ+b+aavm3S87/K6mWf7vk/K+mWv7tkvP/aqrl3y45/2upln+75Py/lmr5t0vO/+upln+75PxfS7X82yXn/41Uy79dcv7fTLX82yXn/61Uy79dcv6vp1r+7bL3/f9mzMzCzM+P9g67MSPbddJmmn5mAgAAAAAAAAAAAACGTeN04qa3EQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd28xct31HcDP7M1rhxADITipgbVjjHGW7PoSX2hdTLg2QLklFHrBdr1rs+AbXrsEimTTQImEUVEFavrQFhBqI1UVVsUDrSjNQ9XLU2kf6EtFVQmpURWigIrUVjRbzZz//++Z2dmZXXu8nj3/z0eyf7szZ+acOXNmdr9rf/cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECzLW+c/VytKIr6n8ZfG4viBfWP109sbFz2ulu9hQAAAMCN+r/G38/dkS44vIwbNS3zd6/4x28uLCwsFB8Y/vLolxYW0hUTRTG6riga10VX//2DteZlgseK8dpQ0+dDPVY/3OP6kR7Xj/a4fqzH9et6XD/e4/pFO2CR9eXPYxp3tq3x4cZylxZ3FqON67Z1uNVjtXVDQ/FnOQ21xm0WRk8Uc8WpYraYblm+XLbWWP7bW+rrelsR1zXUtK7N9SPkR586HrehFvbxtpZ1XbvP6IdvKCZ+/KNPHf/jC8/c3Wn23A0t91du546t9e38TLik3NZasS7tk7idQ03bubnDczLcsp21xu3qH7dv53PL3M7ha5u5qtqf8/FiqPHxdxv7aaT5x3ppP20Ol/33vUVRXL622e3LLFpXMVRsaLlk6NrzM14ekfX7qB9KLy5GVnScblnGcVqfM9taj9P210R8/reE240ssQ3NT9MPPz226Hlf6XEa1R/1Uq+V9mOw36+VQTkG43Hx3caDfrzjMbgtPP5PbV/6GOx47HQ4BtPjbjoGt/Y6BofGhhvbnJ6EWuM2147BXS3LDzfWVGvMp7d3PwanLpw+NzX/iU++du70sZOzJ2fP7Nm1a3rPvn0HDhyYOjF3ana6/Ps69/bg21AMpdfA1rDv4mvg1W3LNh+qC1/t3+twvMvrcGPbsv1+HY60P7ja6rwgFx/T5Wvj4fpOH78yVCzxGms8Pztv/HWYHnfT63Ck6XXY8WtKh9fhyDJeh/Vlzu1c3vcsI01/Om3DzfpasLHpGGz/fqT9GOz39yODcgyOh+PiX3cu/bVgc9jexydX+v3I8KJjMD3c8N5TvyR9vz9+oDE6HZf31K+4bay4OD97/v5Hj124cH5XEcaqeEnTsdJ+vG5oekzFouN1aMXH6+G5Vzx+T4fLN4Z9Nf7a+l/jSz5X9WX23t/9uWp8deu8P1su3V2E0WervT87fTWv78+UJbvsz/oyn5m68e/FUy5tev8dXeL9N+b+58v1pbt6bHh0pHz9Dqe9M9ryftz6VI003rtqjXU/N7W89+PR8Ge134/v7PJ+vKlt2X6/H4+2P7j4flzr9dOOG9P+fI6H4+TUdPf34/oym3av9Jgc6fp+fG+YtbD/XxOSQspFTcfOUsdtWtfIyGh4XCNxDa3H6Z6W5UdDNquv68nd13ec7ri3vK/h9OiuWa3jdKJt2X4fp+n9aqnjtNbrp2/Xp/35HA/HxZ17uh+n9WWe2nvj753r44dN751jvY7B0eGx+jaPpoOwfL9fWB+PwfuL48XZ4lQx07h2rHE81RrrmnxgecfgWPiz2u+Vm7ocgzvalu33MZi+ji117NVGFj/4Pmh/PsfDcfHEA92Pwfoyb9rf3+9dd4RL0jJN37u2/3xtqZ953dO2m27mz7zq2/k3+7v/bLa+zKkDK82Z3ffTfeGS2zrsp/bX71KvqZlidfbTprCdzxxYej/Vt6e+zJcOLvN4OlwUxaWPPdj4eW/495U/v/i9b7b8u0unf9O59LEHn739xN+uZPsBWPueL8eG8mtd079MLeff/wEAAIA1Ieb+oTAT+R8AAAAqI+b++L/CE/kfAAAAKiPm/pEwk0zy/6Y3PTP3/KUiNfMXgnh92g0PlcvFjut0+Hxi4Zr65Q9+ffYnf3lpeeseKoripw/9ZsflNz0Ut6s0Ebbz6ptbL198w0vLWv/RR64t19xf/0q4//h4lnsYdKrgThdF8e07vtBYz8QHrzTmUw8dbcz3Xn78sfoyzx0sP4+3f/ol5fJ/EMq/h08ca7n902E//CDM6bd33h/xdt+48prN+99/bX3xdrWtL2w87Cc+VN5v/D05X3ysXD7u56W2/68+/+Q36ss/+qrO239pqPP2Pxnu9+th/s/Ly+Wbn4P65/F2nw3bH9cXb3f/177Tcfuvfq5c/txbyuWOhhnXvyN8vu0tz8w1769Ha8daHlfx1nK5uP7p7/1O4/p4f/H+27d//MiVlv3Rfnw89c/l/Uy1LR8vj+uJ/qJt/fX7aT4+4/qf/O2jLfu51/qvvvfpl9fvt33997UtN9x2+/bf2PSHn/1Cx/XF7Tn8Z+daHs/h94TXcVj/Ex8Kx2O4/n+vfqFlvdHR97S+/8Tlv7LxUsvjid7243L9V19/sjH/Y+Inv3/bC25/4eVX1vddUXz3feX99Vr/yT8627L9X71rZ+P5iNfHjn77+pcS13/+45Nnzs5fnJtp2quN353zjnJ71o2v31Df3jvCe2v750fOXvjw7PmJ6Ynpopio7q/Qu25fC/PZclxe6e13PhKez3t+79sbtv/T5+Pl//JwefmVt5dft14dlvtiuHxj+fwt1G5w/U9suavx+q49VX7e0mPvg83b/vPAshYMj7/9+4J4vJ976Ycb+6F+XePrRnxd3+D2f3+mvJ9vhf26EH4z89a7rq2vefn4uxGuvK98vd/w/gtvc/F5/ZPwfL/zB+X9x+2Kj/f74fuY72xqfb+Lx8e3Lg2133/jt3hcDu8nxeXy+rhU3N9Xnrur4+bF30NSXL678fnvpvu5e0UPcynzn5ifOjV35uKjUxdm5y9MzX/ik0dOn7145sKRxu/yPPKRXre/9v60ofH+NDO7b28xvb4oirPF9Cq8Yd2c7a9/tLztP/fI8Zn909tnZk8cu3jiwiPnZs+fPD4/f3x2Zn77sRMnZj/e6/ZzM4d27T64Z//uyZNzM4cOHDy45+Dk3Jmz9c0oN6qHfdMfnTxz/kjjJvOH9h7c9cADe6cnT5+dmT20f3p68mKv2ze+Nk3Wb/0bk+dnTx27MHd6dnJ+7pOzh3Yd3Ldvd8/fBnj63In5ianzF89MXZyfPT9VPpaJC42L61/7et2eapr/t/L72Xa18hfxFe+6b1/6/ax1X//0kndVLtL2C0SfCb+L5h9edO7Acj6PuX80zCST/A8AAAA5iLl/LMxE/gcAAIDKiLl/XZiJ/A8AAACVEXP/eJhJJvlf/1//f3n9//J6/f+8+v/nPlb2Std6/z/25/X/83CL+/83vH79f/3/6vX/l9+fX+vbr/+v/89ig9b/j7l/fVFkmf8BAAAgBzH3bwgzkf8BAACgMmLuvy3MRP4HAACAyoi5/wVhJpnk/xz6/+/usNgK+/+7exWuqt//XzPn/19f6P/r/zf3/+OTo/+fjRX379//cMun+v+B/r/+v/6//r/+PzdsdMlrblX/P+b+28NMMsn/AAAAkIOY+18YZiL/AwAAQGXE3H9HmIn8DwAAAJURc//GMJNM8n8O/f9OnP+/sv1/5//X/+/v+f+bNkb/f21w/v/uOvf/x25bdJH+/wr7/+P6/2ux/z/a3+0f7P5/z83X/+emGLTz/8fc/6Iwk0zyPwAAAOQg5v4Xh5nI/wAAAFAZMfe/JMxE/gcAAIDKiLn/zjCTTPK//r/+v/6//r/+f+f19z7/f/mR/v9g0f/vzvn/e3D+/7z6/33e/sHu//f7/P+jb26/vf4/nQxa/z/m/peGmWSS/wEAACAHMfffFWYi/wMAAEBlxNz/sjAT+R8AAAAqI+b+TWEmmeR//X/9f/1//X/9/87r793/L+n/Dxb9/+70/3vQ/9f/1/9fXv+/wze/+v90Mmj9/5j77w4zyST/AwAAQA5i7r8nzET+BwAAgMqIuf9nwkzkfwAAAKiMmPs3h5lkkv/1//X/9f/z6v/fN6b/r/9fbfr/3en/96D/r/+v/7/M8/8vtpL+/7ped0ZlDFr/P+b+l4eZZJL/AQAAIAcx978izET+BwAAgMqIuf+VYSbyPwAAAFRGzP0TYSaZ5H/9/2r1///0r594ZaH/r//fY/0V7f/Hw0D/P3P6/93p//eg/6//r/+/Kv1/8jFo/f+Y+7eEmWSS/wEAACAHMfdvDTOR/wEAAKAyYu6/N8xE/gcAAIDKiLl/W5hJJvlf/79a/f9I/1//v9v6K9r/T/T/86b/30HTi1T/vwf9f/3/7Pv/8btf/X/6Y9D6/zH3vyrMJJP8DwAAADmIuX97mIn8DwAAAJURc/+rw0zkfwAAAKiMmPt3hJlkkv/1//X/9f/1//X/O69f/39t0v/vbqX9/zH9f/1//f/M+v/O/09/DVr/P+b+14SZZJL/AQAAIAcx9+8MM5H/AQAAoDLi/98s/9+r/A8AAABVFHP/ZJhJJvlf/1//P6f+f03/X/9f/7/y9P+7c/7/HvT/9f/1//X/6atB6//H3P/aMJNM8j8AAADkIOb++8NM5H8AAACojJj7p8JM5H8AAACojJj7p8NMMsn/+v/6/zn1/53/X/9f/7/69P+70//vQf9f/79q/f+i0P/nlhq0/n/M/bvCTDLJ/wAAAJCDmPt3h5nI/wAAAFAZMffvCTOR/wEAAKAyYu7fG2aSSf7X/9f/1//X/9f/77x+/f+1qVv//svLuL3+f6D/r/+v/1+N/r/z/3OLDVr/P+b+B8JMMsn/AAAAkIOY+/eFmcj/AAAAUBkx9+8PMwn5v9P/6wYAAADWlpj7D4SZZPLv//r/Fen//9bft6xb/1//v9v6+9P/X6//H6b+/2Cp6Pn/218W121t9v+fT49f/1//f5C3X/9f/5/FBq3/H3P/wTCTTPI/AAAA5CDm/teFmcj/AAAAUBkx9/9smIn8DwAAAJURc//PhZlkkv/1/yvS/2+j/6//3239zv+v/19lFe3/983a7P8vcf7/If1//f/B2n79/+X0/9f1uhsq5ub3/+NHy+v/x9x/KMwkk/wPAAAAOYi5/+fDTOR/AAAAqIyY+18fZiL/AwAAQGXE3H84zCST/K//r/+v/6//f3P6/68v2g1i/79+8Oj/V4v+f3eV6v87/7/+/4Btv/6/8/+z2KCd/z/m/jeEmWSS/wEAACAHMfc/GGYi/wMAAEBlxNz/xjAT+R8AAAAqI+b+N4WZZJL/9f/1//X/9f+d/7/z+vX/1yb9/+70/3vQ/9f/1//X/6evbl3/f13H62Puf3OYSSb5HwAAAHIQc/9bwkzkfwAAAKiMmPvfGmYi/wMAAEBlxNz/tjCTTPK//r/+v/6//r/+f+f16/+vTfr/3en/96D/r/+v/6//T18N2vn/Y+7/hTCTTPI/AAAA5CDm/ofCTOR/AAAAqIyY+98eZiL/AwAAQGXE3P+OMJNM8r/+v/6//r/+v/5/5/Xr/69N+v/d6f/3oP+v/6//r/9PXw1a/z/m/neGmWSS/wEAACAHMff/YpiJ/A8AAACVEXP/u8JM5H8AAACojJj73x1mkkn+1//X/x+s/v/Cpebb6f/r/xf96v/Xb6T/nwX9/+70/3vo0P9fp/+v/6//r//PdRu0/n/M/e8JM8kk/wMAAEAOYu5/b5iJ/A8AAACVEXP/+8JM5H8AAACojJj7Hw4zyST/6/9n2f9PD3nw+v/O/6//7/z/+v83Rv+/O/3/Hpz/X/9/Tfb/R8P86GT82qT/z6AYtP5/zP2PhJlkkv8BAAAgBzH3vz/MRP4HAACAyoi5/5fCTOR/AAAAqIyY+z8QZpJJ/tf/z7L/P8Dn/69a/3+k5fjIqf8/3vR8puNS/1//fxXo/3en/9+D/r/+/yD3/8PRvH6J2zv/P4No0Pr/Mfd/MMwkk/wPAAAAOYi5/5fDTOR/AAAAqIyY+38lzET+BwAAgMqIuf9Xw0wyyf/6//r/+v/O/+/8/53Xr/+/Nun/d6f/34P+fz79/5H+b/+tO/9/Sf+fQTRo/f+Y+38tzGTJ4Pfsfy3jYQIAAAADJOb+D4WZZPLv/wAAAJCDmPuPhJnI/wAAAFAZMfcfDTPJJP/r/7f3/+MZVfX/9f/1//X/9f/Xov71/192e1Ho/+v/6/9Xtv9/E7Zf/1//n8UGrf8fc/+xMJNM8j8AAADkIOb+Xw8zkf8BAACgMmLuPx5mIv8DAABAZcTcPxNmkkn+X+3+f1Ovd3Qw+//O/3+9/f+f6v/r/wf6/53p/68O5//vTv+/B/1//X/9f/1/+mrQ+v8x98+GmWSS/wEAAKDC0o+DY+4/EWYi/wMAAEBlxNx/MsxE/gcAAIDKiLn/w2EmmeR/5//X/3f+/1vR/x9pWV7/v6T/r//fD/r/3en/96D/r/+v/6//T18NWv8/5v65MJNM8j8AAADkIOb+j4SZyP8AAABQGTH3fzTMRP4HAACAyoi5/1SYSSb5X/9f/z/3/n+tKC47/7/+f6f16/+vTfr/3en/96D/r/+v/6//T18NWv8/5v7TYSaZ5H8AAAD+n737aLLrqvo4fLGVegQfgTEjhmZkD/gATJlRxZhscrBNzmCiyWDA5JyzyTnnbHKOJhhDVVNur7Wk1r19jqQ+6nvO3s8zWa9UFn2FG7v+r+pXmx7k7r9v3GL/AwAAQDNy998vbrH/AQAAoBm5++8ft3Sy//X/+v/e+//VVt7/3//Xt9//3/53SP+v/z8Ka/39sc1/3UFR+IH9/10vu/Je+n/9v/5/kP5f/6//52xz6/9z9z8gbulk/wMAAEAPcvc/MG6x/wEAAKAZufsfFLfY/wAAANCM3P1Xxi2d7H/9v/5f/6//39f/3+j9f/3/snn/f9gy+v/Ldnd39f+b6P/n/fn1//p/1s2t/8/d/+C4pZP9DwAAAD3I3f+QuMX+BwAAgGbk7n9o3GL/AwAAQDNy9z8sbulk/+v/9f/6/6X0/ycW/P5/fD/o//X/R0D/P2wZ/b/3//X/y/z8+n/9P+vOv/8/8B/bk/T/ufsfHrd0sv8BAACgB7n7HxG32P8AAADQjNz9j4xb7H8AAABoRu7+R8Utnex//b/+X/+/lP7/iN7/1//r/xfu+tXpfybo/9fp/0eM9P+rlf5/yDn385t/e8v5/AfQ/+v/WXf+/f+B/1GT9P+5+x8dt1yxWp240N8kAAAAMCu5+x8Tt3Ty5/8AAADQg9z9V8Ut9j8AAAA0I3f/1XFLJ/tf/6//1//r//X/m7++/n+ZvP8/7PD9/13udJ9799v/e/9/mPf/p+7/b/vOaLL/l1l3ZG79f+7+a+KWTvY/AAAA9CB3/2PjFvsfAAAAmpG7/3Fxi/0PAAAAzcjd//i4pZP9r/9vrf+/dN+vO6P/36td9P9L7//vrv/X/+v/R+j/h3n/f8TeP+Z26of6f/2/9/+9/8/hzK3/z93/hLilk/0PAAAAPcjd/8S4xf4HAACAZuTuf1LcYv8DAABAM3L3Pzlu6WT/6/9b6//3/zrv/7fW/3v/f6X/1/+P0P8P0/+PaOX9/wv8rtl2P39Y2/78+n/9P+vm1v/n7n9K3NLJ/gcAAIAe5O5/atxi/wMAAEAzcvc/LW6x/wEAAKAZufufHrd0sv/1//r/ZfT/+RX0//r/i9//J/3/Mun/h+n/R7TS/1+gbffzS//8+n/9P+vm1v/n7n9G3NLJ/gcAAIAe5O5/Ztxi/wMAAEAzcvc/K26x/wEAAKAZufufHbd0sv/1//r/ZfT/3v/X/3v/X/9/bvT/w/T/I/T/+n/9v/6fSc2t/8/df23c0sn+BwAAgB7k7n9O3GL/AwAAQDNy9z83brH/AQAAoBm5+58Xt3Sy//X/+n/9v/5f/7/56+v/l0n/P0z/P0L/r//X/+v/mdSM+v8zftWp1fPjlk72PwAAAPQgd/8L4hb7HwAAAJqRu/+FcYv9DwAAAM3I3X9d3NLJ/tf/z6b/38v52ur/d1arlf5/1Wn/v3PG38/6vtT/6/+PgP5/mP5/hP5f/6//1/8zqRn1/3s/zt3/orilk/0PAAAAPcjd/+K4xf4HAACAZuTuf0ncYv8DAABAM3L3vzRu6WT/6/9n0//vaav/9/7/2d8fPfX/3v9fp/8/Gvr/Yfr/Efp//b/+X//PpObW/+fuf1ncdOL4Bf8WAQAAgJnJ3f/yuKWTP/8HAACAHuTuf0XcYv8DAADAQl279jO5+18Zt3Sy//X/0/b/J874Of2//v/s7w/9v/5f/3/x6f+H6f9H6P/1//p//T+Tmlv/n7v/VXFLJ/sfAAAAepC7//q4xf4HAACAZuTuf3XcYv8DAABAM3L3vyZu6WT/6/+9/6//1//r/zd/ff3/Mun/h+n/R+j/D+znz+VpbP3/ofv/k6f/T/0/bTiP/n93d/eqi97/5+5/bdzSyf4HAACAHuTuvyFusf8BAACgGbn7Xxe32P8AAADQjNz9r49bOtn/+v9O+//8Vl9W/3/1aqX/1//r//X/w/T/w/T/I/T/3v/3/r/+n0nN7f3/3P1viFs62f8AAADQg9z9b4xb7H8AAABoRu7+N8Ut9j8AAAA0I3f/m+OWTva//r/T/t/7//p//f9R9/+3rvT/R2IR/f/OwV9/7v3/Nfp//f+A7vr/e9xt3w/1//p/1s2t/8/d/5a4pZP9DwAAAD3I3f/WuMX+BwAAgGbk7n9b3GL/AwAAQDNy9789bjrWyf7X/+v/9f/6f/3/5q9/xO//n1itVvr/CSyi/x8w9/5/mvf/z/5f+Wn6f/3/kj+//l//z7q59f+5+98Rt3Sy/wEAAKAHufvfGbfY/wAAANCM3P3vilvsfwAAAGhG7v53xy2d7H/9v/5f/6//b77/v2YR/b/3/yei/x82j/7/YPp//f+SP7/+X//PudtW/5+7/z1xSyf7HwAAAHqQu/+9cYv9DwAAAM3I3f++uMX+BwAAgGbk7n9/3NLJ/tf/6//Pp//Pz6n/b6v/Pzm7/v/Uvv+8Tt7/1/9PRP8/TP8/Qv+v/9f/X6v/Z0pze/8/d/8H4pZO9j8AAAD0IHf/B+PW/+vW/gcAAIBm5O7/UNxi/wMAAEAzcvd/OG7pZP/r//X/3v/X/zf//r/+vyv6/2H6/xH6f/2//t/7/0xqbv1/7v6PxC2d7H8AAADoQe7+j8Yt9j8AAAA0I3f/x+IW+x8AAACakbv/xrilk/2v/9f/6//1//r/2/8e6v/boP8fdjT9/47+X/9f/fwd4n8F+n/9/9ivp01z6/9z9388bulk/wMAAEBrjm/4udz9n4hb7H8AAABoRu7+T8Yt9j8AAAAs0rENP5e7/1NxyyL3/6YKfZj+X/+v/9f/6/83f339/zJtpf/Pbwr9v/f/Qz/9/533/Whp7/+f/e+vS1f6f/0/U5tb/5+7/9NxyyL3PwAAALBJ7v7PxC32PwAAADQjd/9n4xb7HwAAAJqRu/9zcUsn+1//r//X/+v/9f+bv77+f5m8/z9M/z9C/7/V9/OX/vn1//p/1s2t/8/d//m4pZP9DwAAAD3I3f+FuMX+BwAAgGbk7v9i3GL/AwAAQDP2dn/GZR3uf/2//l//r//X/2/++vr/ZdL/D9P/j9D/6//1//p/JjW3/v9Le7/q1OrLcUsn+x8AAAB6kLv/K3GL/Q8AAADNyN3/1bjF/gcAAIBm5O7/WtzSyf7X/+v/l9H/7+7uXqX/1//v//2c7v9vWnD/f53+f2L6/2H6/xH6f/3/7Pv/s/8teZr+nzmaW/+fu//rcUsn+x8AAAB6kLv/G3GL/Q8AAADNyN3/zbjF/gcAAIBm5O7/VtzSyf7X/8+g/z+l//f+v/5/5f1//f9E9P/D9P8jWuz/T537b3/b/fxhbfvze/9f/8+6ufX/ufu/Hbd0sv8BAACgB7n7vxO32P8AAADQjNz9341b7H8AAABoRu7+78Utnex//f/R9f+3/XfXy/v/O6vNn1//r//X/+v/Lzb9/zD9/4gW+//zsO1+fumfX/+v/2fd3Pr/3P3fj1v2D7/j5/e7BAAAAOYkd/8P4pZO/vwfAAAAepC7/4dxi/0PAAAAzcjd/6O4pZP9r/+fwfv/Dfb/3v/f/P2h/591/3+J/r8N+v9h+v8R+n/9v/5/ov4/v5v1/72bW/+fu//HcUsn+x8AAAB6kLv/J3HLFTvb+kgAAADAxHL3/zRu8ef/AAAA0Izc/TfFLWfs/01tdyv0//p//b/+X/+/+evr/5dJ/z/sXPv/k6vD9f9J/6//1//32v97/5/bHXH/f/VY/5+7/2dxiz//BwAAgMU5fsDP5+7/edxi/wMAAEAzcvf/Im6x/wEAAKAZuft/GbfcfMm2PtKR0v/r//X/I/3/LfENrv/X/+v/F0H/P8z7/yP0/1P085fr/9vo/1cr/T+Hd8T9/+iPc/f/Km7x5/8AAADQjNz9v45b7H8AAABoRu7+38Qt9j8AAAA0I3f/b+OWTva//l//f8j+fy/NbLr/9/6//j/o/5dB/z9s+/3/DYNfVv/fRP/v/f9G+n/v/zOFufX/uft/F7d0sv8BAACgB7n7fx+32P8AAADQjNz9f4hb7H8AAABoRu7+P8Ytnez/rfX/8V+1/n/x/X/77/8P9v+7K/2//l//Py/6/2Hb7/+H6f/1/0v+/Pp//T/r5tb/5+7/U9zSyf4HAACAHuTu/3PcYv8DAABAM3L3/yVusf8BAACgGbn7/xq3dLL/vf+v/9f/e/9f/7/56+v/l0n/P0z/v1n9jdL/6//1//p/JjW3/j93/9/ilk72PwAAAPQgd//f4xb7HwAAAJqRu//muMX+BwAAgGbk7v9H3NLE/j82+lfo/xfZ/1cerf/X/+v/9f/sp/8fts3+/553HP+y3v/fev+fH0H/r//X/zOJufX/ufv/Gbc0sf8BAACA2+Tu/1fcYv8DAABAM3L3/ztusf8BAACgGbn7b4lbOtn/I/3/yfoL9f+DvP+///Pr/zd/f+j/9f/6/4tP/z/M+/8j9P/e/9f/6/+Z1Nz6/9z9/4lbOtn/AAAA0IPc/bfGLfY/AAAANCN3/3/jFvsfAAAAmpG7/39xSyf73/v/S+r/L9f/6//1//p//f8I/f8w/f8I/b/+X/+v/2dSc+v/c/f/PwAA///2nlJP")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ftruncate(r0, 0xc17a)
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x1010006, &(0x7f0000000180)=ANY=[@ANYBLOB='quota,discard=0x000000000000aff9,iocharset=none,iocharset=macgreek,iocharset=iso8859-1,integrity,nodiscard,noquota,uid=', @ANYRESHEX=0xee01, @ANYRESDEC], 0x24, 0x61b6, &(0x7f00000075c0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6z/Drcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8ehfGf22Oed8FOf+Xao/nKv+vNJar51/+fpHz7+3J/8yt939x5uYHH7527f2r7228t/GzC+fOnb1w8eKlS5fOvHvt+sbZnX9b7PHRyvnnsa+dB9otOf+cufy7Jef/pVTLv1ty/l9Otfy7Jeef3+/Jv1ty/vmzj/y7Jef/Sqrl3y05/6+lWv7dkvN/NdXy75ac/9dTLf9uyfm/lmr5d0vO/3Sq5d8tOf8zqT5g/itH3S9mI+efj3DZ/7sl55/PbJB/t+T8z6da/t2S87+Qavl3S87/9VTLv1ty/t9Itfy7Jed/MdXy75ac/zdTLf9uyflfSrX8uyXn/61Uy79bcv7fTrX8uyXn/0aq5d8tOf/vpFr+3ZLz/26q5d8tOf/vpVr+3ZLzfzPV8u+Wh9//b8aMGTN5pu1nJgAAAAAAAAAAAACgaRanE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl989qBxEDI38nfwMYxISSb7NpO/EKbYsJrw1sJhEJfsF3v2iz4Da9dAo1k00CJhFFRRdtw0RYQanNTkQsuaAUoF6gVUiVoL+gNokLlIqoCCkiVaAXZas55nmdnZmdndu3x+sw5n4+U/LIzZ+acOXPm7H53850BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNWtr5//dCPLsuY/+b+2ZtkLmv+9eWprftlrrvUWAgAAAFfqV/m/n7shXXBwDTdqWeafX/7dry0tLS1l7xv98/HPLy2lK6aybHxTluXXRU/96P2N1mWCx7LJxkjL1yN9Vj/a5/qxPteP97l+os/1m/pcP9nn+hU7YIXNxe9j8jvbmf/n1mKXZjdm4/l1O7vc6rHGppGR+LucXCO/zdL4sWwhO5HNZ7NtyxfLNvLlv3Frc11vyeK6RlrWtb15hPzs0aNxGxphH+9sW9fyfUY/eV029fOfPXr0b889e3O32Xc3tN1fsZ137Ghu5yfDJcW2NrJNaZ/E7Rxp2c7tXZ6T0bbtbOS3a/5353Y+t8btHF3ezA3V+ZxPZiP5f38v309jrb/WS/tpe7jsF7dlWXZxebM7l1mxrmwk29J2ycjy8zNZHJHN+2geSi/OxtZ1nN66huO0Oed2th+nna+J+PzfGm43tso2tD5NP/nERMvz/sulyzlOo+ajXu210nkMDvq1UpZjMB4X38sf9ONdj8Gd4fE/evvqx2DXY6fLMZged8sxuKPfMTgyMZpvc3oSGvltlo/BXW3Lj+ZrauTzmdt7H4Mz506emVn82MfvXjh55Pj88flTe3btmt2zd+/+/ftnji2cmJ8t/n2Ze7v8tmQj6TWwI+y7+Bp4VceyrYfq0pcmVpx/L/d1ONnjdbi1Y9lBvw7HOh9cY2NekCuP6eK18Z7mTp+8NJKt8hrLn587r/x1mB53y+twrOV12PV7SpfX4dgaXofNZc7cubafWcZa/um2Dat/L7iyY3BryzHY+fNI5zE46J9HynIMTobj4gd3rv69YHvY3sen1/vzyOiKYzA93HDuaV6Sft6f3J+PbsflLc0rrpvIzi/On73nkSPnzp3dlYWxIV7Scqx0Hq9bWh5TtuJ4HVn38Xpw4eWP39Ll8q1hX03e3fzX5KrPVXOZe+/p/Vzl392678+2S3dnYQzYRu/Pbt/Nm/tzIsu+8O1PPPTNR7/w+lX3ZzNvfnLmyn8WT7m05fw7vsr5N+b+54v1pbt6bHR8rHj9jqa9M952Pm5/qsbyc1cjX/dzM2s7H4+Hfzb6fHxjj/Pxto5lB30+Hu98cPF83Oj3244r0/l8Tobj5MRs7/Nxc5ltu9d7TI71PB/fFmYj7P9Xh6SQclHLsbPacZvWNTY2Hh7XWFxD+3G6p2358ZDNmut6cnf4oTBt5dqO0ztuK5YfbbldtFHH6VTHsoM+TtPvvlY7Thv9fvt2eTqfz8lwXNy4p/dx2lzm6Xuv/Ny5Of5ny7lzot8xOD460dzm8XQQ5uf7bGlzPAbvyY5mp7MT2Vx+7UR+PDXydU3ft7Zz5UT4Z6PPldt6HIN3dCw76GMwfR9b7dhrjK188APQ+XxOhuPiift6H4PNZd6wb7A/u94RLknLtPzs2vn7tdV+53VLx266WsfKWNjOb+/r/bvZ5jIn9q83Z/beT3eFS67rsp86X7+rvabmso3ZT9vCdj67f/X91Nye5jKfP7DG4+lglmUXPvJA/vve8PeVC+e//7W2v7t0+5vOhY888NMXHvun9Ww/AMPv+WJsKb7Xtfxlai1//wcAAACGQsz9I2Em8j8AAABURsz98f8KT+R/AAAAqIyY+8fCTKqQ//+4/yLb3vDswvMXstTMXwri9Wk3PFgsFzuus+HrqaVlzcsf+Mr8f//jhbVt3kiWZb988I+6Lr/twbhdhamwnU+9sf3yFb5295rWffjhC2m9rf31L4b7j49nrYdBtwrubJZl37jhs/l6pt5/KZ9PP3g4nw9dfPyx5jLPHSi+jrd/5iXF8n8Vyr8Hjx1pu/0zYT/8OMzZt3bfH/F2X7306u373ru8vni7xo7r84f9xAeK+43vk/O5x4rl435ebfu/+Zknv9pc/pFXdt/+CyPdt//JcL9fCfN/XlYs3/ocNL+Ot/tU2P64vni7e778ra7b/9Sni+XPvKlY7nCYcf13hK93vunZhdb99UjjSNvjyt5cLBfXP/v9P82vj/cX779z+ycPXWrbH53Hx9P/VtzPTMfy8fK4nugfOtbfvJ/W4zOu/8k/Ody2n/ut/6mHnnlZ8347139Xx3JnPnJnvv7l+2t/x6a//tRnu64vbs/Bvz/T9ngOviu8jsP6n/hAOB7D9f/7VHF/ne+ucPhd7eefuPwXt15oezzRW35erP+p1x7P56bJzVuue8ELr7/4iua+y7LvbSrur9/6j//N6bbt/9JNxf6I18eOfuf6VxPXf/aj06dOL55fmEt79dEb8vfOeVuxPXF7bwjn1s6vD50+98H5s1OzU7NZNlXdt9C7bF8O86fFuNh76aUVZ9A7Hw7P5y1/+Y0tt//rZ+Ll//6e4vJLby2+b70qLPe5cPnW8Pytb/0rPXHrTfnru/F02MKlle8XfCW27/yv/WtaMDz+zp8L4vF+5qUfzPdD87r8+0Z8XV/h9v9wrrifr4f9uhTemXnHTcvra10+vjfCpXcXr/cr3n/hNBef178Lz/fbf1zcf9yu+Hh/GH6O+da29vNdPD6+fmGk8/7zd/G4GM4n2cXi+rhU3N+Xnrup6+bF9yHJLt6cf/1n6X5uXtfDXM3ixxZnTiycOv/IzLn5xXMzix/7+KGTp8+fOncofy/PQx/qd/vl89OW/Pw0N7/33iw/W50uxlV2rbf/zMNH5/bN3j43f+zI+WPnHj4zf/b40cXFo/Nzi7cfOXZs/qP9br8wd/+u3Qf27Ns9fXxh7v79Bw7sOTC9cOp0czOKjepj7+yHp0+dPZTfZPH+ew/suu++e2enT56em79/3+zs9Pl+t8+/N003b/2H02fnTxw5t3Byfnpx4ePz9+86sHfv7r7vBnjyzLHFqZmz50/NnF+cPztTPJapc/nFze99/W5PNS3+R/HzbKdG8UZ82Tvv2pven7XpK59Y9a6KRTreQPTZ8F4033nRmf1r+Trm/vEwkyrkfwAAACAXc/9EmIn8DwAAAJURc/+mMBP5HwAAACoj5v7JMNP/ElCT/F+5/v+2C2tav/6//n/r/tL/r1n//91l6/8X5wv9/8G40v69/n+g/6//r/+v/6//zwCUrf8fc//mLPP3fwAAAKiomPu3hJnI/wAAAFAZMfdfF2Yi/wMAAEBlxNz/gjCTmuR//X/9f/1//X/9/+7r1/8fTvr/ven/96H/P5PVq/9/cZDbfw36/5tbv9D/p4zK1v+Puf+FYSY1yf8AAABQBzH3Xx9mIv8DAABAZcTcf0OYifwPAAAAlRFz/9Ywk5rkf/3/K+r/p86V/n/79uv/t9P/D8eD/r/+/wbQ/+9N/78P/X+f/z9c/f82+v+UUdn6/zH3vyjMpCb5HwAAAOog5v4Xh5nI/wAAAFA+Y5d3s5j7XxJmsiL/X+YKAAAAgGsu5v4bs44ieE3+/q//7/P/9f/1//X/u69/7f3/0Uz/vzz0/3vT/+9D/1//X/9f/5+BKlv/P8/92WT20jCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7v9/YSbyPwAAAFRGzP3bwkxqkv/1/yvT//9F61On/6//32v9+v8+/7/K9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu6/JcxE/gcAAIDKiLn//4eZyP8AAABQGTH3bw8zqUn+1/8vef8/Nkd9/r/+v/5/Kfv/k/r/paP/35v+fx/6//r/+v/6/wxU2fr/Mfe/LMykJvkfAAAA6iDm/peHmcj/AAAAUBkx978izET+BwAAgMqIuX8qzKQm+X89/f/GRf3/1Vzlz/+fWMPn/7fR/9f/77V+/X+f/19l+v+96f/3of+v/6//r//PQJWt/x9z/61hJjXJ/wAAAFAHMffvCDOR/wEAAKAyYu6/LcxE/gcAAIDKiLl/Z5hJTfK/z/8fiv5/pv+v/6//r/+v/782+v+96f/3of+v/6//r//PQJWt/x9z/yvDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/VWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dfv/7/cNL/703/vw/9f/1//X/9fwaqbP3/mPtfHWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx90+HmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j77w4zqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6ZMBP5HwAAACoj5v7ZMJOa5H/9f/1//X/9/3X1/1+xfL/6/wX9/3LR/+9N/78P/X/9/2ve/x/X/6dSytb/j7l/V5hJTfI/AAAA1EHM/bvDTOR/AAAAqIyY+/eEmcj/AAAAUBkx998bZlKT/K//r/+v/6//7/P/u69f/3846f/3Nvj+f3yI+v/6//r/Pv9f/5+Vytb/j7n/vjCTmuR/AAAAqIOY+/eGmcj/AAAAUBkx9+8LM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r//fff36/8NJ/783n//fh/6//v8Q9/+bx5b+P2VTtv5/zP0Hwkxqkv8BAACgDmLuf02YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9/96mElN8r/+v/6//r/+f9n7/xP6//r/66D/35v+fx/6//r/Q9z/9/n/lFHZ+v8x998fZlKT/A8AAAB1EHP/b4SZyP8AAABQGTH3vzbMRP4HAACAyoi5/2CYSU3yv/7/BvX/44X6//r/+v8+/1///6rS/+9N/78P/X/9f/1//X8Gqmz9/5j7XxdmUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP2vDzOR/wEAAKAyYu5/Q5hJTfK//r/P/7/2/f/xtm3X/1++nf5/Qf9f/3899P970//vQ/9f/1//X/+fgSpb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMpCb5X/9f///a9/99/r/+f0H/X/9/EPT/e9P/70P/X/9f/1//n4EqW/8/5v7fDDOpSf4HAACAOoi5/8EwE/kfAAAAKiPm/reGmcj/AAAAUBkx978tzKQm+V//X/9f/1//X/+/+/r1/4eT/n9vQ9b//9X14XL9/4L+f7m3f739/7GOr69K//9Hq/X/lzZ13l7/n6uhbP3/mPvfHmZSk/wPAAAAdRBz/zvCTOR/AAAAqIyY+98ZZiL/AwAAQGXE3P9bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7wkxqkv8BAACgDmLufyjMRP4HAACAyoi5/91hJvI/AAAAVEbM/e8JM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/8NhJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/t8NM5H8AAACojJj73xdmUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x978/zGTt+X9yzUsCAAAA10TM/b8TZlKTv/8DAABAHcTc/7thJvI/AAAAVEbM/b8XZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/36YSU3yPwAAANRBzP0fCDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/seNffvDddxzepf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfMA/AAAADLeY+/8gzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/793uSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZFmm/6//zzVUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAACojJj7PxhmUpP8r/+v/6//r//v8/+7r7+0/X+f/9+T/n9v5en/d+fz//X/h3n79f/1/1mpbP3/mPsXwkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/4fDTOR/AAAAqIyY+0+EmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j7T4aZ1CT/AwAAQB3E3H8qzOT/2LuPJsvq847jt3FTzBQb77zwwt77JbAwa/sFeMHGC7vK5YWxjXNicI4454BtJRRQAAmhhHICJSSUhSSUc0AZSTUqmOd5Znr69LndM7e7z/0/n89CDzSMzkU1BfrRfDn2PwAAAAwjd//NcYv9DwAAAMPI3f/LcUuT/a//1/8P2///pP7/oOfr//X/I9P/z9P/r6H/1//r//X/bNTS+v/c/b8StzTZ/wAAANBB7v5fjVvsfwAAABhG7v5b4hb7HwAAAIaRu//X4pYm+/+y/n9n1bP/z4xX/z9S/+/9/wc+X/+v/x/Zyfb/tz3xZz79v/5f/x/0//p//T+XW1r/n7v/1+OWJvsfAAAAOsjd/xtxi/0PAAAAw8jd/5txi/0PAAAAw8jd/1txS5P97/3/3v+v/9f/6/+nn6//307e/z+vU/9/y8PX/9Jj9/7ofUd5vv5f/6//1/+zWUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+383brH/AQAAYAudnfxq7v7fi1ua7H/9v/5f/x/9/xn9v/5f/z8C/f+8Tv3/lTxf/6//1//r/9mspfX/uft/P25psv8BAACgg9z9fxC32P8AAACwXFP/IPaM3P23xi32PwAAAAwjd/+5uKXJ/tf/H3///339/3b0/97/r//X/w9B/z9P/7+G/l//r//X/7NRS+v/c/ffFrc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/3/+v/9f/6/+nn6/+3k/5/nv5/Df3/1fbz1+r/9f/6fy51xP7/8Zk/bW+k/8/d/ydxS5P9DwAAAB3k7v/TuMX+BwAAgGHk7v+zuMX+BwAAgGHk7v/zuKXJ/tf/6//1//r/K+7/9//Ue5L+f5r+/2To/+ctpv/f2Z38sv5/6/t/7//X/+v/2WNp7//P3f8XcUuT/Q8AAAAd5O7/y7hlZv8f+W/mAwAAAKcqd/9fxS2+/w8AAABbL6uz3P1/Hbc02f/6f/2//l//7/3/08+f6//vu+Tz6f+XRf8/bzH9/wH0//r/bf78+n/9P/strf/P3f83cUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv+n+/+Lv13/fzj6/72fX/8//fNjU/1//jfq/2f7/xu9/78n/f88/f8a+n/9v/7/oP7/7Lofr/9nytL6/9z9fx+3NNn/AAAA0EHu/n+IW+x/AAAAGEbu/n+MW+x/AAAAGEbu/n+KW5rsf+//1//r/7ev//f+/wtO8/3/qxPv/3f1/4ek/5+n/19D/6//1//Pv/9/5t8CoP9nytL6/9z9/xy3NNn/AAAA0EHu/n+JW+x/AAAA2A6X/rMDl/8DpSF3/7/GLfY/AAAADCN3/7/FLePs/9l3der/9f/6f/2//n/6+cvq/73//7D0//P0/2vo/4+jn98drP+/46Afv4T+/9bj7v9n6P+Zsqf/v//i10+r/8/d/+9xyzj7HwAAANrL3f8fcYv9DwAAAMPI3f+fcYv9DwAAAMPI3f9fcUuT/X/s/f/Mv31A/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9LnFb/n7v/v+OWJvsfAAAAOsjd/z9xi/0PAAAAw8jdf0fcYv8DAADAMHL3/2/c0mT/e/+//l//r//X/08/X/+/na6qv79G/1/0//p//b/+X//PBiyt/8/d/39xS5P9DwAAAB3k7v//uMX+BwAAgGHk7n9K3GL/AwAAwDBy9z81bmmy//X/x9v/59f1//r/lf5f/6//PxFt3/+/M/VXov0O6P8f/IVzP733K/p//b/+X/+v/+eQfnjmty2i/z9/8f9d5u5/WtzSZP8DAABAB7n7nx632P8AAAAwjNz9z4hb7H8AAAAYRu7+O+OWI+7/ueZhyfT/3v+v/9f/6/+nn6//305t+/9D8v7/NfT/+n/9v/6fjVpE/3/Jr+fuf2bc4vv/AAAAMIzc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3Pilib7X/+v/9f/6//1/9PP1/9vJ/3/PP3/GtvU/995Ff3/7vSXT7ufv1qn/fn1//p/9lta/5+7/664pcn+BwAAgA5y9z83brH/AQAAYBi5+58Xt9j/AAAAMIzc/c+PW5rsf/2//l//r//X/08/X/+/nfT/8/T/q9Xq7pkPMNX/n79umf2/9/8v7vPr//X/7Le0/j93/wvilib7HwAAADrI3X933GL/AwAAwDBy998Tt9j/AAAAMIzc/S+MW5rsf/2//l//r//X/08/X/+/nfT/8/T/a2zT+//1/4v7/Pp//T/7La3/z93/orilyf4HAACADnL33xu32P8AAAAwjNz9L45b7H8AAAAYRu7+++KWJvtf/6//1//r//X/08/X/2+n4+v/V/p//b/+fw39v/5f/8/lltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/p5+v/99O3v8/T/+/hv5f/6//1/+zUdP9/62n1v/n7n9F3NJk/wMAAEAHufvvj1vsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//r//f2/+vVvp//b/+/4IT6P/PrPT/G6f/n6f/X0P/P2b/f81qoP7/7IE/Xv/PEi3t/f+5+18dtzTZ/wAAANBB7v7XxC32PwAAAAwjd/9r4xb7HwAAAIaRu/91cUuT/a//1/97/7/+X/8//Xzv/99O+v95+v819P9j9v/e/6//59Qsrf/P3f/6uKXJ/gcAAIAOcve/IW6x/wEAAGAYufvfGLfY/wAAADCM3P1vilua7H/9v/5f/6//1/9PP1//v530//P0/2vo//X/+n/9Pxu1tP4/d/+b45Ym+x8AAAA6yN3/QNxi/wMAAMAwcvc/GLfY/wAAADCM3P1viVua7H/9v/5f/7+d/f8Z/b/+X/8/aSn9/w03/NRD+n/9v/5f/6//1/93t7T+P3f/W+OWJvsfAAAAOsjd/7a4xf4HAACAYeTuf3vcYv8DAADAMHL3vyNuabL/9/f/164uFKoXTPX/0ajp/y+h/9/7+fX/0z8/vP9f/6//P35L6f+9///KPr/+X/+/zZ//SP3/j+//8fp/RrS0/j93/0NxS5P9DwAAAB3k7n9n3GL/AwAAwDBy978rbrH/AQAAYBi5+x+OW5rsf+//1//r//X/+v/p5+v/t5P+f57+fw39v/7f+/9v/rkf0v+zOUvr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6//1/9PP1/9vJ/3/PP1/ufwP7YI+/f+ZqS+edj9/tU778w/T/3v/Pxu0tP4/d//745Ym+x8AAAA6yN3/gbjF/gcAAIBh5O7/YNxi/wMAAMAwcvd/KG5psv/1//r/8fv/n9X/X/Z8/b/+f2T6//wr+jT9/xp9+v9Jp93Pb/vn1//r/9lvaf1/7v5H4pYm+x8AAAA6yN3/4bjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1/736/51Vx/7f+//1//r/TvT/8/T/a+j/9f/6f/0/G7W0/j93/6M7uy33PwAAAGyrn/mJX3zksL/vo0/+55nVx+KWG1fnD/ltbAAAAGDhntj9O7ur1cef/DXf/wcAAIAR5e7/RNzSZP/r/3v1/z3f/6//1//r/zvR/8/T/6+h/9f/6//1/2zU0vr/3P2fjFsuGX67R/6jBAAAAJYkd/+n4pYm3/8HAACADnL3fzpu2bf//esAAQAAYFvl7v9M3NLk+//6/4X3/6tj6v/j99P/X6D/1/9PPV//v530//Ousv8/v6P/1//P0P/r//X/XG5p/X/u/s/GLU32PwAAAAxqz99RyN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwcvd/IW5psv/1/yfe/2eqfozv/z9bv+T9/837/9vPTD5f/6//H5n+f573/6+h/x+l/79O/6//ZxmW1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCM3P1fjlvsfwAAABhG7v6vxC1N9r/+f+Hv/7+i/v8Q7//X//fo/w94/jj9/49cf+6Bm37+nrv0/1x0kv1//lzQ/+v/9f8XLKj/9/5//T8Lsfn+f3fPF4/a/+fu/2rc0mT/AwAAQAe5+x+LW+x/AAAAGEbu/q/FLfY/AAAADCN3/9fjlib7X/+v/19K/5//W59C/3/uivv/s6vV6lT6/2yKu/f/3v+v/9/P+//n6f/X0P/r//X/+n82avP9/94vHrX/z93/jbilyf4HAACADnL3fzNuyf2/c+S/dQ8AAAAsTO7+b8Utvv8PAAAAw8jd/+24pcn+1//r/5fS/yfv/7/448Z6//9NFaf27P9/rH5J/3+89P/z9P9r6P/1//p//T8btbT+P3f/d+KWJvsfAAAAOsjd/3jcYv8DAADAMHL3fzdusf8BAABgGLn7vxe3NNn/+v9R+/8s4vX/+v+l9P/e/+/9/ydD/z9P/7+G/l//r//X/7NRS+v/c/f/IAAA//9GqnSo")
fdatasync(r0)

3.468864308s ago: executing program 4 (id=969):
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f0000000080)={@desc={0x4000, 0x0, @auto="b8f92416074d3848"}})

3.38398101s ago: executing program 7 (id=970):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f00000004c0)=""/55, 0x37)
getdents64(r1, 0xfffffffffffffffe, 0x29)

3.346641432s ago: executing program 3 (id=971):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x3, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40004}, 0x4000)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=@deltfilter={0x24, 0x2d, 0x1, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xc, 0xe}, {0x1, 0x1}, {0x4, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x24004010}, 0x240408cc)

3.189242861s ago: executing program 7 (id=972):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000600)={{0x12, 0x1, 0x0, 0x35, 0xff, 0xaa, 0x20, 0xccd, 0x10af, 0x384e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x59, 0x2, 0x1, 0x9b, 0x1e, 0x2a, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000cc0)={0x2c, &(0x7f0000000d00)=ANY=[], 0x0, 0x0, 0x0, 0x0})

3.004494769s ago: executing program 6 (id=973):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
write$vga_arbiter(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='lock io'], 0xc)
io_setup(0x6, &(0x7f0000000540)=<r1=>0x0)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
io_submit(r1, 0x1, &(0x7f0000000880)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r2, 0x0}])
write$vga_arbiter(r0, &(0x7f0000000180)=@unlock_all, 0xb)

2.894581565s ago: executing program 4 (id=974):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000180)='tlb_flush\x00', r0, 0x0, 0x51}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='tlb_flush\x00', r0, 0x0, 0x10000000000000}, 0x18)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r1, &(0x7f0000000100)=[{&(0x7f00000000c0)='4', 0x1}], 0x1)

2.861152278s ago: executing program 3 (id=975):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x0, 0x7, 0x109e96, 0xffffffffffffffff, 0x400000, 0xd, 0x0, 0x2, 0xfffffffffffffffd, 0x48d6, 0x10000, 0x6, 0x6, 0x1, 0x8], 0xd5d5c004, 0x8340})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000080)=@x86={0x80, 0x4, 0x5, 0x0, 0x9, 0x5, 0x40, 0x7, 0x6, 0x4, 0xf9, 0x8, 0x0, 0x0, 0x5, 0x2, 0x84, 0x3, 0x4, '\x00', 0x4, 0x9})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.824906118s ago: executing program 6 (id=976):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0xbda, 0x80000001, 0x96d}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
sendmsg$nl_route_sched(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0xfffff000, {0x0, 0x0, 0x0, r3, {0xf000, 0xffff}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0x0, 0x4}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)

2.592458897s ago: executing program 4 (id=977):
socket$nl_xfrm(0x10, 0x3, 0x6)
capset(0x0, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1000002, 0x2010, 0xffffffffffffffff, 0x72377000)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x65)
syz_mount_image$fuse(0x0, 0x0, 0x3000009, 0x0, 0x1, 0x0, 0x0)
syz_emit_ethernet(0x8e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaa1acd1f78800d86dd608a37f200587300fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES8], 0x0)

2.589580042s ago: executing program 6 (id=978):
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000000040))
r0 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_RESET(r0, 0x4141, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x9f)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a3100000000090003007379"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = getpgrp(0xffffffffffffffff)
ptrace$ARCH_MAP_VDSO_32(0x1e, r4, 0x9, 0x2002)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000700000a7c000000060a030400000000000000000a0000050900010073797a3100000000500004804c0001800b00010074617267657400003c00028024000300733900000455afb9fdd672bad09dfb78c7699c74e891a0c7000000000000000008000240000000000c00010052415445455354000900020073797a32"], 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
socket$nl_generic(0x10, 0x3, 0x10)

2.496654401s ago: executing program 4 (id=979):
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x7, &(0x7f0000000000)=[{0x5}, {}, {0xffff, 0x0, 0x6}, {}, {0x5}, {}, {0x0, 0x0, 0x0, 0x420008}]})
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x12020)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0xa, 0x4, 0x1}, 0x48)
r0 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x8001, @dev={0xfe, 0x80, '\x00', 0x3d}, 0x7}}, 0x80, 0x0}, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x890b, &(0x7f0000000000))

2.306587018s ago: executing program 3 (id=980):
syz_emit_ethernet(0x3e, &(0x7f0000000400)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x4, 0x30, 0x80, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x6, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x67, 0x0, 0x0, 0x89, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2}}}}}}, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)

1.788538677s ago: executing program 4 (id=981):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x10c000)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x2000000b, 0x80, &(0x7f0000000240)={0x3, 0x0, 0xfffa, 0x4360}, 0x8, 0x6, 0x7d, 0x0, 0x1, 0x101, 0x0})
ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4008550d, &(0x7f0000000040))

1.734243477s ago: executing program 6 (id=982):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000004c0), 0xfe, 0x269, &(0x7f0000000200)="$eJzs3b1rJGUcB/Df7EvWmBCiNja+gIhoIMRCEGy0UQhIEBFBhYiIlSRCTNqslY2FvUoqmyB2RkuxCTb3B+TuUuSaa8IVF+7grthjZnaPzWZDXvZljsznA7szz87ztrDfZyeQmQ2gtGYj4t2IqEbEXETUIyLprvBy/phtF7cmd5cjWq2P7yRZvbyc67SbiohmRLwdUesc29j5/ODe3gev/bRef/X3nc8mx/X+uh0e7H949NvSj38tvrlRab823d52v49hSvq8Vksinh3FYE+IpFb0DDifP6+nuX8uIl7J8l+PSjuyP69N/FePN37t327iaLzzBEah1aqn34HNFlA6lewcOKnMR0S+X6nMz+fn8DeqSXy7uvb93Der6ytfF71SAUOQNPO/e/ff/6fx91RP/m9X8/yfy1sjnikwEmn+P/lo+2a6f1QtejbAWLyQb9L8z325+XrIP5SO/EN5yT+Ul/zDFXDJ7Mo/lJf8Q3nJP1xh9c5Os+/hwfN/v/0fhJefIjBuM9mz738or578F3I9LlCM7vwDAOXSahR8ATJQmKLXHwAAAAAAAAAAAAAAAAAA4KStyd3lzmNcY/7/S8ThexFROz5+IztazX6POOKp7Pnpu0la7bEkbzaQL14asIMB/THkq6+XGherP3NruONf1LUXR9PvD8eLp97bbnMloplWXqjVTn7+k/bn70yn9v/MGQ3rX51vgGFJesrvfDre8Xs93C52/MW9iH/T9Weh3/pXieezbf/1Z7r7FsuX9N2DATsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgbB4FAAD//1eqcO0=")
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x147c40, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
syz_usb_connect(0x6, 0x36, &(0x7f0000000780)={{0x12, 0x1, 0x201, 0x40, 0xd8, 0x5b, 0xc7, 0x13b1, 0x11, 0x5c34, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x4, 0x8, 0x0, 0x7, [{{0x9, 0x4, 0x3, 0x8, 0x2, 0x53, 0xee, 0x97, 0x5, [], [{{0x9, 0x5, 0xf, 0x3, 0x400, 0x6, 0x9, 0xfe}}, {{0x9, 0x5, 0xd, 0x0, 0x400, 0x2, 0x7, 0xe}}]}}]}}]}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
syz_emit_ethernet(0xf3, &(0x7f0000000540)={@random="21732e13d4b0", @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xe5, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @multicast2}, {0x2001, 0x0, 0xd1, 0x0, @gue={{0x2, 0x1, 0x3, 0x2, 0x100, @val=0x80}, "dd2cc8235fce7d9aa194bcd8b2b2b2291072e3b8d7a1e00ac3dcd04f1cce70530fe49e8fa776d7e4ef097a0bdcd83ae439d14c04d2259baa4b3cb77a8da7303987c04c856e226418eef6e866f756d7b1137ad6cad38ee997eccb67689103aa8b69a868b244fee793c108fa2028cadd2f855c60bfb8d3eca5df3c647a421e60708e869cde03b2b69be4d7a66ab99bddbaffafe9cce9e637f61c7ff509a96479e6941b6895c66d778ef340e021275ccf8340f62360149b47df508222117d924c57dd"}}}}}}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, r4, {0x0, <r5=>0xffffffffffffffff}}, './file0\x00'})
fchownat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, r5, 0x800)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
prlimit64(r2, 0x2, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40186f40, &(0x7f0000000440)=0x1f)
setns(r1, 0x24020000)
syz_clone(0x120e1100, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_ADD(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01002dbd7000aaa7c5f52c03fedbdf250100000008000100ffffffff04000480080062ca151db1625ffe4287c66f1d68d7e6eec7da230872"], 0x14}, 0x1, 0x0, 0x0, 0x2400c8c5}, 0x40010)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x0, 0x2}, 0x0)

1.644255807s ago: executing program 4 (id=983):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xb, &(0x7f0000000000), 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r0 = gettid()
tkill(r0, 0x12)
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
tkill(r0, 0x14)

1.000500056s ago: executing program 3 (id=984):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000540)={0x1ff, 0x6, 0x1, 0x2})

245.682475ms ago: executing program 3 (id=985):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40002002, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="7800000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000600000005800128008000100677470004c00028008000100", @ANYRES32=r0], 0x78}}, 0x20000800)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x8, 0x30, 0x1, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x1, 0x4e20, 0x1c, 0x0, @opaque="6a984ab4d800b9dafef94a7558c842cacfe675fd"}}}}}, 0x0)

225.491528ms ago: executing program 5 (id=986):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000640)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0xfff1, 0x8}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_FROM={0x8, 0x3, 0x71}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x800)

0s ago: executing program 7 (id=987):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x1000, &(0x7f0000fe6000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="65400f20463ef226662ed93f0f05670f01cbc74424008000c0fec744240271000000c7442406000000000f011c2466b885000f00d8c4e3b57e3700f30fc7710f460f0766b8f5000f00d0", 0x4a}], 0x1, 0x2, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

led: -4
[  362.827356][ T5865] Bluetooth: hci3: command 0x0406 tx timeout
[  362.827397][ T5874] Bluetooth: hci2: command 0x0406 tx timeout
[  363.170372][ T5874] Bluetooth: hci1: command 0x0c1a tx timeout
[  363.679646][ T5874] Bluetooth: hci4: command 0x0c1a tx timeout
[  365.028266][ T5874] Bluetooth: hci3: command 0x0406 tx timeout
[  365.034351][ T5874] Bluetooth: hci2: command 0x0406 tx timeout
[  365.227475][ T5874] Bluetooth: hci1: command 0x0c1a tx timeout
[  365.736948][ T5874] Bluetooth: hci4: command 0x0c1a tx timeout
[  366.889627][ T7854] loop1: detected capacity change from 0 to 131072
[  367.122542][ T7854] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  367.145847][ T7854] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  367.307535][ T5874] Bluetooth: hci1: command 0x0c1a tx timeout
[  367.487871][ T7864] netlink: 40 bytes leftover after parsing attributes in process `syz.3.325'.
[  367.582301][ T7866] loop4: detected capacity change from 0 to 128
[  367.628380][ T7867] netlink: 40 bytes leftover after parsing attributes in process `syz.3.325'.
[  367.652743][ T7854] F2FS-fs (loop1): lookup inode (7) has corrupted xattr
[  367.856022][ T5874] Bluetooth: hci4: command 0x0c1a tx timeout
[  368.294469][ T7871] F2FS-fs (loop1): recover xattr in inode (7), error(0)
[  368.301997][ T7871] F2FS-fs (loop1): set inode (7) has corrupted xattr
[  369.531809][ T7866] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  369.837393][ T7866] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  370.531518][ T7566] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  370.816136][ T7566] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  370.860593][ T7566] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  370.887013][ T7566] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  372.397883][ T7566] 8021q: adding VLAN 0 to HW filter on device bond0
[  372.439322][ T7566] 8021q: adding VLAN 0 to HW filter on device team0
[  372.686539][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[  372.694007][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  373.000750][ T6154] bridge0: port 2(bridge_slave_1) entered blocking state
[  373.008257][ T6154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  373.963398][ T7911] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  374.238443][ T7568] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  374.337550][ T7568] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  374.365803][ T7568] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  374.410947][ T7568] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  374.494884][ T7566] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  374.601995][ T7566] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  379.587757][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  379.599580][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  380.098995][ T7959] trusted_key: encrypted_key: master key parameter 'cœYõ
Ù?(<ÁÐ`Ͼ3QÃ#¡Pèðd' is invalid
[  381.714746][ T7966] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  381.880680][ T5865] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  381.909767][ T5865] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  382.213654][ T5868] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  382.283028][ T7976] loop4: detected capacity change from 0 to 64
[  382.296686][ T7976] minix: Unknown parameter 'syz3'
[  382.343457][ T5185] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  382.357150][ T5185] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  382.379326][ T5185] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  382.747537][ T5185] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  382.758182][ T5185] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  382.766470][ T5185] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  382.784253][ T5874] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  385.823241][ T5865] Bluetooth: hci1: command tx timeout
[  385.830186][ T5865] Bluetooth: hci4: command tx timeout
[  387.152632][ T7969] wlan0 speed is unknown, defaulting to 1000
[  387.209444][ T7973] wlan0 speed is unknown, defaulting to 1000
[  387.878447][ T5874] Bluetooth: hci4: command tx timeout
[  387.884435][ T5874] Bluetooth: hci1: command tx timeout
[  388.484520][ T8005] sctp: [Deprecated]: syz.3.346 (pid 8005) Use of struct sctp_assoc_value in delayed_ack socket option.
[  388.484520][ T8005] Use struct sctp_sack_info instead
[  389.756953][ T8009] loop3: detected capacity change from 0 to 256
[  389.769655][ T8009] exfat: Deprecated parameter 'utf8'
[  389.775787][ T8009] exfat: Deprecated parameter 'namecase'
[  389.986884][ T5865] Bluetooth: hci1: command tx timeout
[  389.992470][ T5865] Bluetooth: hci4: command tx timeout
[  390.150624][ T8009] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  390.208830][ T8008] netlink: 8 bytes leftover after parsing attributes in process `syz.3.347'.
[  390.341558][ T8013] sctp: [Deprecated]: syz.4.343 (pid 8013) Use of struct sctp_assoc_value in delayed_ack socket option.
[  390.341558][ T8013] Use struct sctp_sack_info instead
[  392.231393][ T5874] Bluetooth: hci4: command tx timeout
[  392.236987][ T5865] Bluetooth: hci1: command tx timeout
[  392.330463][ T8022] netlink: 24 bytes leftover after parsing attributes in process `syz.1.349'.
[  392.962961][   T43] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  393.034077][ T8028] loop3: detected capacity change from 0 to 256
[  393.050394][ T8028] exfat: Deprecated parameter 'utf8'
[  393.055879][ T8028] exfat: Deprecated parameter 'namecase'
[  393.062510][ T8028] exfat: Deprecated parameter 'utf8'
[  393.087095][ T8028] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x389acbd6, utbl_chksum : 0xe619d30d)
[  393.560609][ T8033] exFAT-fs (loop3): start_clu is invalid cluster(0x0)
[  393.603831][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  393.603877][   T30] audit: type=1326 audit(1758736885.522:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8027 comm="syz.3.350" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe1fcd8eec9 code=0x0
[  394.028513][ T7969] chnl_net:caif_netlink_parms(): no params data found
[  394.067850][ T7893] bridge_slave_1: left allmulticast mode
[  394.073588][ T7893] bridge_slave_1: left promiscuous mode
[  394.209294][ T7893] bridge0: port 2(bridge_slave_1) entered disabled state
[  394.278124][ T7893] bridge_slave_0: left allmulticast mode
[  394.283833][ T7893] bridge_slave_0: left promiscuous mode
[  394.337145][ T7893] bridge0: port 1(bridge_slave_0) entered disabled state
[  397.045022][ T7893] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  397.060450][ T7893] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  397.087068][ T7893] bond0 (unregistering): Released all slaves
[  397.987706][ T7973] chnl_net:caif_netlink_parms(): no params data found
[  398.051777][ T8062] Bluetooth: MGMT ver 1.23
[  398.065606][ T8062] loop3: detected capacity change from 0 to 1024
[  398.073048][ T8062] EXT4-fs: Ignoring removed bh option
[  398.078810][ T8062] EXT4-fs: Ignoring removed nomblk_io_submit option
[  398.173325][ T8062] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  398.191445][ T7893] hsr_slave_0: left promiscuous mode
[  398.208050][ T7893] hsr_slave_1: left promiscuous mode
[  398.278488][ T7893] batman_adv: batadv0: Removing interface: batadv_slave_0
[  398.343084][ T7893] batman_adv: batadv0: Removing interface: batadv_slave_1
[  398.500969][ T5875] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.611023][ T7893] team0 (unregistering): Port device team_slave_1 removed
[  401.691867][ T7893] team0 (unregistering): Port device team_slave_0 removed
[  402.143021][ T7969] bridge0: port 1(bridge_slave_0) entered blocking state
[  403.678163][ T8098] loop4: detected capacity change from 0 to 32768
[  403.690495][ T8098] bcachefs: bch2_fs_parse_param() Error parsing option errors: option_value
[  404.123769][ T7969] bridge0: port 1(bridge_slave_0) entered disabled state
[  404.161071][ T7969] bridge_slave_0: entered allmulticast mode
[  404.820974][ T7969] bridge_slave_0: entered promiscuous mode
[  404.972769][ T8103] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  405.565015][ T7969] bridge0: port 2(bridge_slave_1) entered blocking state
[  405.572788][ T7969] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.580459][ T7969] bridge_slave_1: entered allmulticast mode
[  405.878411][ T7969] bridge_slave_1: entered promiscuous mode
[  406.081614][ T7969] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  406.185846][ T7969] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  406.415807][ T7969] team0: Port device team_slave_0 added
[  407.500546][ T7969] team0: Port device team_slave_1 added
[  408.446368][ T7973] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.477854][ T7973] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.508141][ T7973] bridge_slave_0: entered allmulticast mode
[  408.520350][ T7973] bridge_slave_0: entered promiscuous mode
[  408.580854][ T8124] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  408.681796][ T7969] batman_adv: batadv0: Adding interface: batadv_slave_0
[  408.689099][ T7969] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  408.716407][ T7969] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  408.751688][ T7973] bridge0: port 2(bridge_slave_1) entered blocking state
[  408.776592][ T7973] bridge0: port 2(bridge_slave_1) entered disabled state
[  408.786459][ T7973] bridge_slave_1: entered allmulticast mode
[  408.811158][ T7973] bridge_slave_1: entered promiscuous mode
[  409.152724][ T7969] batman_adv: batadv0: Adding interface: batadv_slave_1
[  409.177311][ T7969] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  409.207865][ T7969] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  409.268733][ T8140] binder: 8135:8140 ioctl c0306201 200000000780 returned -11
[  409.307955][ T8140] loop3: detected capacity change from 0 to 128
[  409.853143][ T8142] random: crng reseeded on system resumption
[  410.556080][ T7973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  410.654565][ T8140] virtio-fs: tag </dev/md0> not found
[  410.841821][ T7973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  411.018234][ T8148] loop1: detected capacity change from 0 to 128
[  411.025808][ T8148] EXT4-fs: Ignoring removed nobh option
[  411.199050][ T8148] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  411.213195][ T8148] ext4 filesystem being mounted at /103/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  411.273490][ T5874] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  411.778427][ T7973] team0: Port device team_slave_0 added
[  411.800499][ T8155] Bluetooth: hci0: invalid length 0, exp 2 for type 27
[  411.810922][ T7969] hsr_slave_0: entered promiscuous mode
[  411.821370][ T7969] hsr_slave_1: entered promiscuous mode
[  411.911285][ T7973] team0: Port device team_slave_1 added
[  412.200338][ T8158] loop3: detected capacity change from 0 to 64
[  412.237752][ T5869] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  413.622155][ T8163] syz.3.371: attempt to access beyond end of device
[  413.622155][ T8163] loop3: rw=2049, sector=65, nr_sectors = 1 limit=64
[  413.638041][ T8163] Buffer I/O error on dev loop3, logical block 65, lost async page write
[  413.650785][ T8163] syz.3.371: attempt to access beyond end of device
[  413.650785][ T8163] loop3: rw=2049, sector=66, nr_sectors = 1 limit=64
[  413.665019][ T8163] Buffer I/O error on dev loop3, logical block 66, lost async page write
[  413.677257][ T8163] syz.3.371: attempt to access beyond end of device
[  413.677257][ T8163] loop3: rw=2049, sector=67, nr_sectors = 1 limit=64
[  413.698355][ T8163] Buffer I/O error on dev loop3, logical block 67, lost async page write
[  413.711823][ T8163] syz.3.371: attempt to access beyond end of device
[  413.711823][ T8163] loop3: rw=2049, sector=68, nr_sectors = 1 limit=64
[  413.726226][ T8163] Buffer I/O error on dev loop3, logical block 68, lost async page write
[  413.741733][ T8163] syz.3.371: attempt to access beyond end of device
[  413.741733][ T8163] loop3: rw=2049, sector=72, nr_sectors = 1 limit=64
[  413.767035][ T8163] Buffer I/O error on dev loop3, logical block 72, lost async page write
[  413.782275][ T8163] syz.3.371: attempt to access beyond end of device
[  413.782275][ T8163] loop3: rw=2049, sector=73, nr_sectors = 1 limit=64
[  413.797218][ T8163] Buffer I/O error on dev loop3, logical block 73, lost async page write
[  413.849266][ T8163] syz.3.371: attempt to access beyond end of device
[  413.849266][ T8163] loop3: rw=2049, sector=76, nr_sectors = 1 limit=64
[  413.863297][ T8163] Buffer I/O error on dev loop3, logical block 76, lost async page write
[  413.872324][ T8163] syz.3.371: attempt to access beyond end of device
[  413.872324][ T8163] loop3: rw=2049, sector=77, nr_sectors = 1 limit=64
[  413.885850][ T8163] Buffer I/O error on dev loop3, logical block 77, lost async page write
[  413.896118][ T8163] syz.3.371: attempt to access beyond end of device
[  413.896118][ T8163] loop3: rw=2049, sector=78, nr_sectors = 760 limit=64
[  414.266690][ T8167] loop1: detected capacity change from 0 to 1024
[  414.938138][ T5920] IPVS: starting estimator thread 0...
[  414.956164][ T8168] overlayfs: missing 'lowerdir'
[  415.107628][ T8169] IPVS: using max 28 ests per chain, 67200 per kthread
[  415.827739][ T7973] batman_adv: batadv0: Adding interface: batadv_slave_0
[  415.834923][ T7973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  416.591386][ T7973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  416.604786][ T7973] batman_adv: batadv0: Adding interface: batadv_slave_1
[  416.670712][ T5865] Bluetooth: hci4: command 0x0405 tx timeout
[  416.688535][ T7973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  416.748991][ T7973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  418.775775][ T7973] hsr_slave_0: entered promiscuous mode
[  418.793351][ T7973] hsr_slave_1: entered promiscuous mode
[  418.838668][ T7973] debugfs: 'hsr0' already exists in 'hsr'
[  418.844838][ T7973] Cannot create hsr debugfs directory
[  418.851010][   T10] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  419.024475][ T8198] loop3: detected capacity change from 0 to 1024
[  419.038997][   T10] usb 5-1: unable to get BOS descriptor or descriptor too short
[  419.048847][   T10] usb 5-1: not running at top speed; connect to a high speed hub
[  419.056811][ T8198] hfsplus: invalid extent btree flag
[  419.063073][ T8198] hfsplus: failed to load extents file
[  419.086972][   T10] usb 5-1: config 128 interface 0 has no altsetting 0
[  419.111363][   T10] usb 5-1: New USB device found, idVendor=15a4, idProduct=901b, bcdDevice=7a.d1
[  419.133367][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.153742][   T10] usb 5-1: Product: syz
[  419.167406][   T10] usb 5-1: Manufacturer: syz
[  419.172467][   T10] usb 5-1: SerialNumber: syz
[  419.333074][ T8200] loop3: detected capacity change from 0 to 164
[  419.388708][ T7893] bridge_slave_1: left allmulticast mode
[  419.394629][ T7893] bridge_slave_1: left promiscuous mode
[  419.428553][ T7893] bridge0: port 2(bridge_slave_1) entered disabled state
[  419.497087][ T7893] bridge_slave_0: left allmulticast mode
[  419.512475][ T7893] bridge_slave_0: left promiscuous mode
[  419.516575][   T10] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  419.535664][ T7893] bridge0: port 1(bridge_slave_0) entered disabled state
[  419.541222][   T10] dvb_usb_af9015 5-1:128.0: probe with driver dvb_usb_af9015 failed with error -22
[  419.578609][   T10] usb 5-1: USB disconnect, device number 3
[  419.643946][ T8196] loop1: detected capacity change from 0 to 32768
[  419.792163][ T8196] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.378 (8196)
[  419.808190][ T8207] netlink: 8 bytes leftover after parsing attributes in process `syz.3.381'.
[  419.817367][ T8207] netlink: 4 bytes leftover after parsing attributes in process `syz.3.381'.
[  419.826276][ T8207] netlink: 'syz.3.381': attribute type 5 has an invalid length.
[  419.834782][ T8207] netlink: 'syz.3.381': attribute type 11 has an invalid length.
[  419.855241][ T8196] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  419.922257][ T8196] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  420.278002][ T1148] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  420.314548][ T8196] BTRFS error (device loop1): failed to load root extent
[  420.369146][   T36] BTRFS warning (device loop1 state C): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  420.468997][ T8196] BTRFS error (device loop1 state C): failed to load root free space
[  420.521471][ T6326] BTRFS warning (device loop1 state C): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xceda3bc49047826ec4468b88ec74a14d6cd3232f25b2c41331ed48993507590e level 0
[  420.610494][ T6154] BTRFS warning (device loop1 state C): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  420.688313][ T8196] BTRFS info (device loop1 state C): enabling ssd optimizations
[  420.737434][ T8196] BTRFS info (device loop1 state C): using spread ssd allocation scheme
[  420.765818][ T8196] BTRFS info (device loop1 state C): turning off barriers
[  420.820971][ T8196] BTRFS info (device loop1 state C): enabling free space tree
[  420.837253][ T8196] BTRFS info (device loop1 state C): enabling auto defrag
[  420.876343][ T8196] BTRFS info (device loop1 state C): ignoring bad roots
[  420.895902][ T8196] BTRFS info (device loop1 state C): ignoring data csums
[  421.805975][ T5869] BTRFS info (device loop1 state C): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  422.237491][ T5865] Bluetooth: hci4: command 0x0405 tx timeout
[  422.968485][ T7893] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  422.982467][ T7893] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  422.996666][ T7893] bond0 (unregistering): Released all slaves
[  424.434196][ T8245] loop4: detected capacity change from 0 to 256
[  425.351761][ T8245] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x7b82335c, utbl_chksum : 0xe619d30d)
[  426.220213][ T7893] hsr_slave_0: left promiscuous mode
[  426.226190][ T7893] hsr_slave_1: left promiscuous mode
[  426.232693][ T7893] batman_adv: batadv0: Removing interface: batadv_slave_0
[  426.241546][ T7893] batman_adv: batadv0: Removing interface: batadv_slave_1
[  428.080521][ T5874] Bluetooth: hci2: unexpected event for opcode 0x0000
[  428.201636][ T5874] Bluetooth: hci3: unexpected event for opcode 0x1804
[  430.518767][ T7893] team0 (unregistering): Port device team_slave_1 removed
[  430.602002][   T30] audit: type=1326 audit(1758736922.652:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz.4.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  430.624347][    C1] vkms_vblank_simulate: vblank timer overrun
[  430.709458][   T30] audit: type=1326 audit(1758736922.652:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz.4.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  430.957838][   T30] audit: type=1326 audit(1758736922.682:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz.4.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  430.982273][   T30] audit: type=1326 audit(1758736922.682:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz.4.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  431.005205][    C1] vkms_vblank_simulate: vblank timer overrun
[  431.964447][   T30] audit: type=1326 audit(1758736922.682:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8276 comm="syz.4.394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  432.044063][ T7893] team0 (unregistering): Port device team_slave_0 removed
[  432.112737][ T5874] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  432.128222][ T5874] Bluetooth: hci2: Injecting HCI hardware error event
[  432.150371][ T8286] loop1: detected capacity change from 0 to 1024
[  432.157991][ T8286] EXT4-fs: Ignoring removed bh option
[  432.163521][ T8286] EXT4-fs: Ignoring removed nomblk_io_submit option
[  432.176372][ T5874] Bluetooth: hci2: hardware error 0x00
[  432.263559][ T8286] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  432.575303][ T5869] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  432.972876][ T8294] bridge1: entered allmulticast mode
[  433.210413][ T8310] loop4: detected capacity change from 0 to 512
[  433.267702][ T8310] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  433.288552][ T8310] UDF-fs: Scanning with blocksize 512 failed
[  433.366837][ T8310] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  433.374403][ T8310] UDF-fs: Scanning with blocksize 1024 failed
[  433.439350][ T8310] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  433.479290][ T8310] UDF-fs: Scanning with blocksize 2048 failed
[  433.528318][ T8310] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  433.619207][ T8310] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  434.387812][ T5874] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  436.473997][ T8337] random: crng reseeded on system resumption
[  436.552278][ T7969] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  436.575785][ T7969] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  436.650431][ T7969] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  436.722615][ T7969] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  437.856571][ T8359] loop4: detected capacity change from 0 to 2048
[  437.880954][ T7969] 8021q: adding VLAN 0 to HW filter on device bond0
[  437.908136][ T7969] 8021q: adding VLAN 0 to HW filter on device team0
[  437.910478][ T8359] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  437.929099][ T7246] bridge0: port 1(bridge_slave_0) entered blocking state
[  437.936411][ T7246] bridge0: port 1(bridge_slave_0) entered forwarding state
[  437.952481][ T7246] bridge0: port 2(bridge_slave_1) entered blocking state
[  437.960026][ T7246] bridge0: port 2(bridge_slave_1) entered forwarding state
[  438.003377][ T8359] UDF-fs: error (device loop4): udf_read_inode: (ino 1345) failed !bh
[  438.865508][ T7246] bridge_slave_1: left allmulticast mode
[  438.871624][ T7246] bridge_slave_1: left promiscuous mode
[  438.885580][ T5865] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  438.909835][ T5865] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  438.921645][ T5865] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  438.924425][ T7246] bridge0: port 2(bridge_slave_1) entered disabled state
[  438.954140][ T5865] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  438.964528][ T7246] bridge_slave_0: left allmulticast mode
[  438.969822][ T5865] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  438.974871][ T7246] bridge_slave_0: left promiscuous mode
[  438.979224][ T5868] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  438.984738][ T7246] bridge0: port 1(bridge_slave_0) entered disabled state
[  438.999975][ T5865] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  439.011027][ T5865] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  439.021822][ T5874] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  439.030944][ T5874] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  439.161888][ T7246] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  439.173202][ T7246] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  439.185598][ T7246] bond0 (unregistering): Released all slaves
[  439.259001][ T8366] wlan0 speed is unknown, defaulting to 1000
[  439.284445][ T8368] wlan0 speed is unknown, defaulting to 1000
[  439.330022][ T7246] hsr_slave_0: left promiscuous mode
[  439.336256][ T7246] hsr_slave_1: left promiscuous mode
[  439.342894][ T7246] batman_adv: batadv0: Removing interface: batadv_slave_0
[  439.350755][ T7246] batman_adv: batadv0: Removing interface: batadv_slave_1
[  439.511264][ T7246] team0 (unregistering): Port device team_slave_1 removed
[  439.548427][ T7246] team0 (unregistering): Port device team_slave_0 removed
[  440.047618][ T8366] chnl_net:caif_netlink_parms(): no params data found
[  440.175921][ T8368] chnl_net:caif_netlink_parms(): no params data found
[  440.212861][ T8366] bridge0: port 1(bridge_slave_0) entered blocking state
[  440.220702][ T8366] bridge0: port 1(bridge_slave_0) entered disabled state
[  440.228695][ T8366] bridge_slave_0: entered allmulticast mode
[  440.236142][ T8366] bridge_slave_0: entered promiscuous mode
[  440.288584][ T8366] bridge0: port 2(bridge_slave_1) entered blocking state
[  440.295892][ T8366] bridge0: port 2(bridge_slave_1) entered disabled state
[  440.303966][ T8366] bridge_slave_1: entered allmulticast mode
[  440.313445][ T8366] bridge_slave_1: entered promiscuous mode
[  440.352237][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  440.359803][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  440.417436][ T8366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  440.445357][ T8366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  440.511011][ T8368] bridge0: port 1(bridge_slave_0) entered blocking state
[  440.518442][ T8368] bridge0: port 1(bridge_slave_0) entered disabled state
[  440.525668][ T8368] bridge_slave_0: entered allmulticast mode
[  440.533988][ T8368] bridge_slave_0: entered promiscuous mode
[  440.559658][ T8366] team0: Port device team_slave_0 added
[  440.566098][ T8368] bridge0: port 2(bridge_slave_1) entered blocking state
[  440.573551][ T8368] bridge0: port 2(bridge_slave_1) entered disabled state
[  440.581169][ T8368] bridge_slave_1: entered allmulticast mode
[  440.589746][ T8368] bridge_slave_1: entered promiscuous mode
[  440.598818][ T8366] team0: Port device team_slave_1 added
[  440.684827][ T8368] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  440.695389][ T8366] batman_adv: batadv0: Adding interface: batadv_slave_0
[  440.703619][ T8366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  440.731947][ T8366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  440.745287][ T8366] batman_adv: batadv0: Adding interface: batadv_slave_1
[  440.753226][ T8366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  440.779883][ T8366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  440.794157][ T8368] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  440.859626][ T8368] team0: Port device team_slave_0 added
[  440.885297][ T8368] team0: Port device team_slave_1 added
[  440.936518][ T8368] batman_adv: batadv0: Adding interface: batadv_slave_0
[  440.944124][ T8368] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  440.971485][ T8368] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  440.986108][ T8368] batman_adv: batadv0: Adding interface: batadv_slave_1
[  440.998563][ T8368] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  441.026047][ T8368] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  441.043651][ T8366] hsr_slave_0: entered promiscuous mode
[  441.050406][ T8366] hsr_slave_1: entered promiscuous mode
[  441.056962][ T8366] debugfs: 'hsr0' already exists in 'hsr'
[  441.062769][ T8366] Cannot create hsr debugfs directory
[  441.076934][ T5874] Bluetooth: hci1: command tx timeout
[  441.077180][ T5185] Bluetooth: hci4: command tx timeout
[  441.209944][ T8368] hsr_slave_0: entered promiscuous mode
[  441.216854][ T8368] hsr_slave_1: entered promiscuous mode
[  441.223486][ T8368] debugfs: 'hsr0' already exists in 'hsr'
[  441.230137][ T8368] Cannot create hsr debugfs directory
[  441.346538][ T7246] bridge_slave_1: left allmulticast mode
[  441.352641][ T7246] bridge_slave_1: left promiscuous mode
[  441.358939][ T7246] bridge0: port 2(bridge_slave_1) entered disabled state
[  441.370266][ T7246] bridge_slave_0: left allmulticast mode
[  441.376220][ T7246] bridge_slave_0: left promiscuous mode
[  441.383190][ T7246] bridge0: port 1(bridge_slave_0) entered disabled state
[  441.779970][ T7246] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  441.792741][ T7246] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  441.804790][ T7246] bond0 (unregistering): Released all slaves
[  441.935893][ T7246] hsr_slave_0: left promiscuous mode
[  441.942588][ T7246] hsr_slave_1: left promiscuous mode
[  441.950716][ T7246] batman_adv: batadv0: Removing interface: batadv_slave_0
[  441.958876][ T7246] batman_adv: batadv0: Removing interface: batadv_slave_1
[  442.204326][ T7246] team0 (unregistering): Port device team_slave_1 removed
[  442.260616][ T7246] team0 (unregistering): Port device team_slave_0 removed
[  442.876192][ T8366] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  442.910607][ T8366] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  442.926248][ T8366] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  442.962804][ T8366] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  443.110640][ T8366] 8021q: adding VLAN 0 to HW filter on device bond0
[  443.147014][ T5185] Bluetooth: hci4: command tx timeout
[  443.147322][ T5874] Bluetooth: hci1: command tx timeout
[  443.161414][ T8366] 8021q: adding VLAN 0 to HW filter on device team0
[  443.175776][ T7246] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.183083][ T7246] bridge0: port 1(bridge_slave_0) entered forwarding state
[  443.212723][ T7246] bridge0: port 2(bridge_slave_1) entered blocking state
[  443.219940][ T7246] bridge0: port 2(bridge_slave_1) entered forwarding state
[  443.393342][ T8368] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  443.406455][ T8368] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  443.420569][ T8368] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  443.432479][ T8368] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  443.571173][ T8368] 8021q: adding VLAN 0 to HW filter on device bond0
[  443.607393][ T8368] 8021q: adding VLAN 0 to HW filter on device team0
[  443.623779][ T7246] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.631062][ T7246] bridge0: port 1(bridge_slave_0) entered forwarding state
[  443.645979][ T8366] 8021q: adding VLAN 0 to HW filter on device batadv0
[  443.658813][ T7887] bridge0: port 2(bridge_slave_1) entered blocking state
[  443.666446][ T7887] bridge0: port 2(bridge_slave_1) entered forwarding state
[  443.984364][ T8368] 8021q: adding VLAN 0 to HW filter on device batadv0
[  444.074810][ T8366] veth0_vlan: entered promiscuous mode
[  444.094017][ T8366] veth1_vlan: entered promiscuous mode
[  444.154831][ T8366] veth0_macvtap: entered promiscuous mode
[  444.173617][ T8366] veth1_macvtap: entered promiscuous mode
[  444.211544][ T8366] batman_adv: batadv0: Interface activated: batadv_slave_0
[  444.236003][ T8366] batman_adv: batadv0: Interface activated: batadv_slave_1
[  444.267148][ T7893] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  444.281138][ T7887] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  444.293761][ T7887] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  444.308117][ T7887] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  444.412402][ T7889] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  444.431250][ T7889] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  444.473567][ T7889] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  444.486346][ T7889] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  444.520678][ T8368] veth0_vlan: entered promiscuous mode
[  444.541038][ T8368] veth1_vlan: entered promiscuous mode
[  444.654456][ T8368] veth0_macvtap: entered promiscuous mode
[  444.773613][ T8419] loop3: detected capacity change from 0 to 764
[  444.934066][ T8422] usb usb1: check_ctrlrecip: process 8422 (syz.1.428) requesting ep 01 but needs 81
[  444.950814][ T8422] usb usb1: usbfs: process 8422 (syz.1.428) did not claim interface 0 before use
[  445.228993][ T5874] Bluetooth: hci4: command tx timeout
[  445.240444][ T5874] Bluetooth: hci1: command tx timeout
[  445.475748][ T8368] veth1_macvtap: entered promiscuous mode
[  446.349162][ T8368] batman_adv: batadv0: Interface activated: batadv_slave_0
[  446.482042][ T8368] batman_adv: batadv0: Interface activated: batadv_slave_1
[  446.588244][   T60] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  446.610785][   T60] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  447.307608][ T5185] Bluetooth: hci1: command tx timeout
[  447.313270][ T5185] Bluetooth: hci4: command tx timeout
[  447.350686][   T60] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  447.600778][   T60] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  449.470398][   T30] audit: type=1400 audit(1758736941.522:97): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=2626200D3A950D02494F07333A pid=8449 comm="syz.5.427"
[  449.932231][ T7898] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  449.967473][ T7898] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.070815][ T8461] rdma_rxe: rxe_newlink: failed to add bond0
[  450.158411][ T7246] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  450.192250][ T7246] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  450.376076][ T8474] loop5: detected capacity change from 0 to 256
[  450.628674][ T8477] netlink: 8 bytes leftover after parsing attributes in process `syz.3.443'.
[  450.672565][ T8481] netlink: 40 bytes leftover after parsing attributes in process `syz.5.442'.
[  450.682485][ T8477] netlink: 24 bytes leftover after parsing attributes in process `syz.3.443'.
[  450.693168][ T8477] netlink: 24 bytes leftover after parsing attributes in process `syz.3.443'.
[  452.623309][ T8507] openvswitch: netlink: Message has 8 unknown bytes.
[  452.942193][ T8525] usb usb8: usbfs: process 8525 (syz.1.458) did not claim interface 0 before use
[  453.063036][ T8529] comedi comedi3: no devices specified
[  453.517118][   T43] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  453.534837][ T8543] loop1: detected capacity change from 0 to 256
[  453.690067][   T43] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  453.714120][ T5869] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  453.741511][   T43] usb 6-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  453.888280][ T5869] FAT-fs (loop1): Filesystem has been set read-only
[  453.909944][   T43] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  453.926396][   T43] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  453.940830][   T43] usb 6-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  453.957315][   T43] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  453.996027][   T43] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  454.051222][ T8548] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  454.315106][ T5869] FAT-fs (loop1): error, corrupted directory (invalid entries)
[  454.334501][   T43] usb 6-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  454.353126][   T43] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  454.419681][   T43] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  454.487643][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  454.548205][   T43] usb 6-1: SerialNumber: syz
[  454.641015][ T5869] syz_tun (unregistering): left promiscuous mode
[  454.856437][ T8565] loop6: detected capacity change from 0 to 128
[  454.905010][ T8565] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  454.981882][ T8565] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  455.163767][ T7895] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.207323][ T7895] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  455.369417][ T7895] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.381668][   T10] usb 6-1: USB disconnect, device number 2
[  455.386882][ T7895] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  455.660888][ T7895] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  455.706681][ T8576] loop5: detected capacity change from 0 to 4096
[  455.716823][ T7895] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  455.743351][ T8567] loop4: detected capacity change from 0 to 32768
[  455.836006][ T8576] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  455.893454][ T8576] ntfs3(loop5): Failed to load $Extend (-22).
[  455.922783][ T8576] ntfs3(loop5): Failed to initialize $Extend.
[  456.065020][ T8576] ntfs3(loop5): ino=1e, mi_enum_attr
[  456.117659][ T7895] bond0: (slave netdevsim0): Releasing backup interface
[  456.187727][ T7895] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  456.243041][ T7895] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  456.256641][ T8582] loop6: detected capacity change from 0 to 4096
[  456.351378][ T8588] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  456.480379][ T8590] netlink: 16 bytes leftover after parsing attributes in process `syz.4.489'.
[  456.535702][ T8590] netlink: 108 bytes leftover after parsing attributes in process `syz.4.489'.
[  456.582842][ T8590] netlink: 16 bytes leftover after parsing attributes in process `syz.4.489'.
[  456.777123][ T5874] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  456.788681][ T5874] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  456.816005][ T5874] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  456.832050][ T5874] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  456.840238][ T5874] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  457.140924][ T8602] overlayfs: missing 'lowerdir'
[  457.756020][ T8595] wlan0 speed is unknown, defaulting to 1000
[  457.767079][ T7895] bridge_slave_1: left allmulticast mode
[  457.773091][ T7895] bridge_slave_1: left promiscuous mode
[  457.808233][ T7895] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.899437][ T7895] bridge_slave_0: left allmulticast mode
[  457.941529][ T7895] bridge_slave_0: left promiscuous mode
[  457.965388][ T7895] bridge0: port 1(bridge_slave_0) entered disabled state
[  458.207408][   T43] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  458.374081][   T43] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  458.386968][ T1210] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  458.413827][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  458.446421][   T43] usb 6-1: config 0 descriptor??
[  458.578352][ T1210] usb 7-1: Using ep0 maxpacket: 16
[  458.607622][ T1210] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 102, changing to 7
[  458.620065][ T1210] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 24624, setting to 1024
[  458.643785][ T1210] usb 7-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  458.659539][ T1210] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  458.669416][ T1210] usb 7-1: Product: syz
[  458.674035][ T1210] usb 7-1: Manufacturer: syz
[  458.679715][ T1210] usb 7-1: SerialNumber: syz
[  458.687930][   T43] udl 6-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  458.739396][ T1210] usb 7-1: config 0 descriptor??
[  458.794850][ T1210] usb 7-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  458.899788][   T43] [drm:udl_init] *ERROR* Selecting channel failed
[  458.907230][ T5874] Bluetooth: hci2: command tx timeout
[  458.970784][   T43] [drm] Initialized udl 0.0.1 for 6-1:0.0 on minor 2
[  458.998562][   T43] [drm] Initialized udl on minor 2
[  459.030847][   T43] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  459.095646][ T8492] usb 7-1: Failed to submit usb control message: -71
[  459.103114][ T5963] usb 7-1: USB disconnect, device number 2
[  459.112574][ T8492] usb 7-1: unable to send the bmi data to the device: -71
[  459.178766][ T8492] usb 7-1: unable to get target info from device
[  459.191177][ T8492] usb 7-1: could not get target info (-71)
[  459.191392][   T43] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[  459.214578][ T8492] usb 7-1: could not probe fw (-71)
[  459.241654][ T1210] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  459.291533][   T43] usb 6-1: USB disconnect, device number 3
[  459.328088][ T1210] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[  459.861701][ T7895] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  459.892584][ T7895] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  459.909218][ T7895] bond0 (unregistering): Released all slaves
[  459.969628][ T5963] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  460.170490][ T8641] netlink: 8 bytes leftover after parsing attributes in process `syz.3.506'.
[  460.171724][ T5963] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  460.197802][ T5963] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  460.213420][ T5963] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  460.231264][ T5963] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  460.243850][ T8641] bridge0: port 3(macvlan0) entered blocking state
[  460.248005][ T5963] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  460.252353][ T8641] bridge0: port 3(macvlan0) entered disabled state
[  460.271445][ T8641] macvlan0: entered allmulticast mode
[  460.277560][ T8641] bridge0: entered allmulticast mode
[  460.289874][ T5963] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  460.290493][ T8641] macvlan0: left allmulticast mode
[  460.305393][ T5963] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  460.314788][ T5963] usb 7-1: Product: syz
[  460.316892][ T8641] bridge0: left allmulticast mode
[  460.320066][ T5963] usb 7-1: Manufacturer: syz
[  460.374258][ T5963] cdc_wdm 7-1:1.0: skipping garbage
[  460.381521][ T5963] cdc_wdm 7-1:1.0: skipping garbage
[  460.466562][ T5963] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  460.475541][ T5963] cdc_wdm 7-1:1.0: Unknown control protocol
[  460.484117][ T8643] loop5: detected capacity change from 0 to 1024
[  460.507541][ T5874] Bluetooth: hci3: command 0x0406 tx timeout
[  460.610553][ T2153] usb 7-1: USB disconnect, device number 3
[  460.716271][ T8643] syz.5.507: attempt to access beyond end of device
[  460.716271][ T8643] loop5: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  460.734914][ T8643] Buffer I/O error on dev loop5, logical block 100663296, async page read
[  460.748263][ T8643] syz.5.507: attempt to access beyond end of device
[  460.748263][ T8643] loop5: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  460.763455][ T8643] Buffer I/O error on dev loop5, logical block 100663296, async page read
[  460.944529][ T7895] hsr_slave_0: left promiscuous mode
[  460.986987][ T5874] Bluetooth: hci2: command tx timeout
[  461.031114][ T7895] hsr_slave_1: left promiscuous mode
[  461.058717][ T7895] batman_adv: batadv0: Removing interface: batadv_slave_0
[  461.116541][ T8656] loop3: detected capacity change from 0 to 256
[  461.189299][ T7895] veth1_macvtap: left promiscuous mode
[  461.195035][ T7895] veth0_macvtap: left promiscuous mode
[  461.201408][ T7895] veth1_vlan: left promiscuous mode
[  461.220990][ T8656] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7b82335c, utbl_chksum : 0xe619d30d)
[  461.236476][ T7895] veth0_vlan: left promiscuous mode
[  461.517371][ T5963] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  462.180587][ T5963] usb 6-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  462.270394][ T5963] usb 6-1: config 0 interface 0 has no altsetting 0
[  462.342795][ T5963] usb 6-1: New USB device found, idVendor=17ef, idProduct=60a4, bcdDevice= 0.00
[  462.778976][ T5963] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  462.865331][ T8667] loop4: detected capacity change from 0 to 128
[  462.913098][ T8667] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  463.003432][ T5963] usb 6-1: config 0 descriptor??
[  463.009697][ T8659] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  463.031646][ T8667] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  463.080882][ T5874] Bluetooth: hci2: command tx timeout
[  463.457176][   T43] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  463.525417][ T5963] lenovo 0003:17EF:60A4.0001: hidraw0: USB HID v1.01 Device [HID 17ef:60a4] on usb-dummy_hcd.5-1/input0
[  463.640041][   T43] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  463.671291][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.681076][ T5963] usb 6-1: USB disconnect, device number 4
[  463.691941][   T43] usb 4-1: Product: syz
[  463.703915][ T8675] fido_id[8675]: Failed to read report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:17EF:60A4.0001/report_descriptor': No such device
[  463.704814][   T43] usb 4-1: Manufacturer: syz
[  463.748529][   T43] usb 4-1: SerialNumber: syz
[  463.776515][   T43] usb 4-1: config 0 descriptor??
[  463.933686][ T7895] team0 (unregistering): Port device team_slave_1 removed
[  463.995857][ T7895] team0 (unregistering): Port device team_slave_0 removed
[  464.009048][   T43] usb-storage 4-1:0.0: USB Mass Storage device detected
[  464.285983][   T43] usb 4-1: USB disconnect, device number 6
[  464.783803][ T8669] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  464.803020][ T8669] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  464.817746][ T8669] netdevsim netdevsim6: Falling back to sysfs fallback for: .
[  465.036398][ T8686] netlink: 'syz.5.523': attribute type 1 has an invalid length.
[  465.048055][ T8686] netlink: 'syz.5.523': attribute type 1 has an invalid length.
[  465.058587][ T8686] netlink: 'syz.5.523': attribute type 1 has an invalid length.
[  465.085970][ T8686] netlink: 'syz.5.523': attribute type 1 has an invalid length.
[  465.095397][ T8686] netlink: 'syz.5.523': attribute type 1 has an invalid length.
[  465.104598][ T8686] netlink: 'syz.5.523': attribute type 1 has an invalid length.
[  465.115070][ T8686] netlink: 'syz.5.523': attribute type 1 has an invalid length.
[  465.124268][ T8686] netlink: 'syz.5.523': attribute type 1 has an invalid length.
[  465.132367][ T8686] netlink: 'syz.5.523': attribute type 1 has an invalid length.
[  465.140330][ T8686] netlink: 'syz.5.523': attribute type 1 has an invalid length.
[  465.147292][ T5185] Bluetooth: hci2: command tx timeout
[  465.384637][ T8595] chnl_net:caif_netlink_parms(): no params data found
[  465.497157][   T43] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  466.157127][   T43] usb 5-1: config 0 interface 0 has no altsetting 0
[  466.194091][    T9] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  466.250041][   T43] usb 5-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  466.263156][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.308476][   T43] usb 5-1: config 0 descriptor??
[  466.379080][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  466.403290][ T7895] IPVS: stop unused estimator thread 0...
[  466.417056][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  466.439379][    T9] usb 6-1: New USB device found, idVendor=1b1c, idProduct=1c23, bcdDevice= 0.00
[  466.449643][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.490851][ T8595] bridge0: port 1(bridge_slave_0) entered blocking state
[  466.521751][    T9] usb 6-1: config 0 descriptor??
[  466.528789][ T8595] bridge0: port 1(bridge_slave_0) entered disabled state
[  466.537097][ T8595] bridge_slave_0: entered allmulticast mode
[  466.549859][ T8595] bridge_slave_0: entered promiscuous mode
[  466.550649][ T8696] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  466.572170][ T8595] bridge0: port 2(bridge_slave_1) entered blocking state
[  466.580311][ T8595] bridge0: port 2(bridge_slave_1) entered disabled state
[  466.588292][ T8595] bridge_slave_1: entered allmulticast mode
[  466.623100][ T8595] bridge_slave_1: entered promiscuous mode
[  466.694186][ T8709] loop6: detected capacity change from 0 to 1024
[  466.779147][ T8595] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  466.813820][ T8595] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  466.909943][ T8709] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  466.992855][   T30] audit: type=1800 audit(1758736959.042:98): pid=8709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.528" name="file1" dev="loop6" ino=15 res=0 errno=0
[  467.018358][ T8595] team0: Port device team_slave_0 added
[  467.031401][ T8595] team0: Port device team_slave_1 added
[  467.048103][   T43] video4linux radio48: keene_cmd_set failed (-71)
[  467.065281][   T43] radio-keene 5-1:0.0: V4L2 device registered as radio48
[  467.102455][ T8368] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  467.117457][   T43] usb 5-1: USB disconnect, device number 4
[  467.213959][    T9] corsair-psu 0003:1B1C:1C23.0002: unbalanced collection at end of report description
[  467.247784][    T9] corsair-psu 0003:1B1C:1C23.0002: probe with driver corsair-psu failed with error -22
[  467.351344][ T8595] batman_adv: batadv0: Adding interface: batadv_slave_0
[  467.362239][ T8595] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  467.400013][ T8595] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  467.458544][   T43] usb 6-1: USB disconnect, device number 5
[  467.462072][ T8595] batman_adv: batadv0: Adding interface: batadv_slave_1
[  467.472430][ T8595] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  467.506028][ T8595] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  467.770879][ T8595] hsr_slave_0: entered promiscuous mode
[  467.806993][ T8595] hsr_slave_1: entered promiscuous mode
[  468.280559][ T8729] loop4: detected capacity change from 0 to 47
[  468.498563][    T9] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  468.670357][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  468.701402][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  468.746562][    T9] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  468.789365][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  468.833014][    T9] usb 6-1: config 0 descriptor??
[  468.863260][    T9] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  468.903536][    T9] dvb-usb: bulk message failed: -22 (3/0)
[  468.944152][ T8595] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  468.955131][    T9] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  468.977857][    T9] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  469.013429][ T8595] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  469.024211][    T9] usb 6-1: media controller created
[  469.061739][ T8595] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  469.063208][ T8727] dvb-usb: bulk message failed: -22 (2/0)
[  469.072105][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  469.095228][ T8595] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  469.138019][    T9] dvb-usb: bulk message failed: -22 (6/0)
[  469.175379][    T9] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  469.243406][    T9] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input5
[  469.343795][    T9] dvb-usb: schedule remote query interval to 150 msecs.
[  469.381531][    T9] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  469.403501][ T8745] netlink: 8 bytes leftover after parsing attributes in process `syz.3.539'.
[  469.416614][    T9] usb 6-1: USB disconnect, device number 6
[  469.571150][    T9] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  469.598776][ T8595] 8021q: adding VLAN 0 to HW filter on device bond0
[  469.650756][ T8747] loop6: detected capacity change from 0 to 16
[  469.697940][ T8595] 8021q: adding VLAN 0 to HW filter on device team0
[  469.701430][ T8747] erofs (device loop6): mounted with root inode @ nid 36.
[  469.713140][ T5874] Bluetooth: hci3: connection err: -111
[  469.744263][ T7895] bridge0: port 1(bridge_slave_0) entered blocking state
[  469.751791][ T7895] bridge0: port 1(bridge_slave_0) entered forwarding state
[  469.813716][ T7895] bridge0: port 2(bridge_slave_1) entered blocking state
[  469.821465][ T7895] bridge0: port 2(bridge_slave_1) entered forwarding state
[  469.887444][ T5874] Bluetooth: hci3: unexpected Set CIG Parameters response data
[  469.900029][ T5874] Bluetooth: hci3: unexpected event for opcode 0x2062
[  470.310069][ T8737] loop4: detected capacity change from 0 to 32768
[  470.340936][ T8737] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.538 (8737)
[  470.387334][ T8737] BTRFS info (device loop4): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  470.410598][ T8737] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  470.420018][    T9] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  470.551839][ T8737] BTRFS info (device loop4): enabling ssd optimizations
[  470.586923][    T9] usb 7-1: Using ep0 maxpacket: 16
[  470.593028][ T8737] BTRFS info (device loop4): enabling free space tree
[  470.603418][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  470.630464][    T9] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  470.641146][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.670843][    T9] usb 7-1: Product: syz
[  470.675078][    T9] usb 7-1: Manufacturer: syz
[  470.731226][    T9] usb 7-1: SerialNumber: syz
[  470.764854][    T9] usb 7-1: config 0 descriptor??
[  470.801972][    T9] hub 7-1:0.0: bad descriptor, ignoring hub
[  470.823843][ T8595] 8021q: adding VLAN 0 to HW filter on device batadv0
[  470.832708][    T9] hub 7-1:0.0: probe with driver hub failed with error -5
[  470.867531][    T9] input: syz syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input6
[  470.889039][ T5862] BTRFS info (device loop4): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  470.905840][ T8787] loop3: detected capacity change from 0 to 128
[  470.980711][ T8787] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  471.034246][ T8787] ext4 filesystem being mounted at /150/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  471.275865][ T8793] netlink: 784 bytes leftover after parsing attributes in process `syz.5.551'.
[  471.316888][ T8793] netlink: 8 bytes leftover after parsing attributes in process `syz.5.551'.
[  471.361471][ T8793] tipc: Started in network mode
[  471.430945][ T8793] tipc: Node identity 917f, cluster identity 183
[  471.481944][ T8793] tipc: Node number set to 37247
[  471.488346][ T8793] tipc: Cannot configure node identity twice
[  471.607315][ T8798] ubi: mtd0 is already attached to ubi31
[  472.616510][ T8810] loop4: detected capacity change from 0 to 512
[  472.662600][ T8595] veth0_vlan: entered promiscuous mode
[  472.686046][ T8810] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  472.717005][ T8810] ext4 filesystem being mounted at /163/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  472.733826][ T8595] veth1_vlan: entered promiscuous mode
[  472.897466][ T8595] veth0_macvtap: entered promiscuous mode
[  472.941373][ T5862] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  472.945512][ T8595] veth1_macvtap: entered promiscuous mode
[  473.045686][ T8595] batman_adv: batadv0: Interface activated: batadv_slave_0
[  473.089970][ T8595] batman_adv: batadv0: Interface activated: batadv_slave_1
[  473.134207][    T9] usb 7-1: USB disconnect, device number 4
[  473.151970][ T8492] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  473.191409][ T8492] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  473.215889][ T8492] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  473.259724][ T8492] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  473.443086][ T8823] loop6: detected capacity change from 0 to 4096
[  473.505946][ T7242] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  473.535920][ T7242] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  473.584997][ T8823] ntfs3(loop6): ino=b, mi_enum_attr
[  473.587722][ T8492] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  473.601120][ T8823] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  473.604797][ T8492] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  473.617569][ T5948] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  473.665118][ T8823] ntfs3(loop6): Failed to load $Extend (-22).
[  473.697676][ T8823] ntfs3(loop6): Failed to initialize $Extend.
[  473.806919][ T5948] usb 5-1: Using ep0 maxpacket: 32
[  473.820880][ T5948] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  473.847021][ T5948] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  473.872614][ T5948] usb 5-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[  473.883954][ T5948] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  473.917157][ T5948] usb 5-1: config 0 descriptor??
[  473.950780][ T5874] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  473.961424][ T5874] Bluetooth: hci3: Injecting HCI hardware error event
[  473.971282][ T5874] Bluetooth: hci3: hardware error 0x00
[  474.031684][ T5875] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  474.248108][ T8825] loop5: detected capacity change from 0 to 32768
[  474.327320][ T8825] find_entry called with index >= next_index
[  474.333947][ T8825] find_entry called with index >= next_index
[  474.367011][ T8825] find_entry called with index >= next_index
[  474.375703][ T8825] find_entry called with index >= next_index
[  474.412154][ T5948] betop 0003:20BC:5500.0003: collection stack underflow
[  474.437279][ T5948] betop 0003:20BC:5500.0003: item 0 2 0 12 parsing failed
[  474.444749][ T8825] find_entry called with index >= next_index
[  474.466268][ T5948] betop 0003:20BC:5500.0003: parse failed
[  474.473109][ T8825] add_index: next_index = 0.  Resetting!
[  474.487849][ T5948] betop 0003:20BC:5500.0003: probe with driver betop failed with error -22
[  474.507328][ T8825] find_entry called with index >= next_index
[  474.517997][   T43] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  474.538650][ T8825] find_entry called with index >= next_index
[  474.544865][ T8825] find_entry called with index >= next_index
[  474.580954][ T8838] find_entry called with index >= next_index
[  474.591716][ T8838] find_entry called with index >= next_index
[  474.599214][ T8838] find_entry called with index >= next_index
[  474.614943][ T5948] usb 5-1: USB disconnect, device number 5
[  474.689124][   T43] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  474.703232][   T43] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  474.727481][   T43] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  474.756121][   T43] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  474.771575][   T43] usb 4-1: Manufacturer: syz
[  474.801552][   T43] usb 4-1: config 0 descriptor??
[  474.952757][   T43] rc_core: IR keymap rc-hauppauge not found
[  474.960469][   T43] Registered IR keymap rc-empty
[  474.968711][   T43] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  474.983617][   T43] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input7
[  475.177347][ T5948] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  475.239465][ T8860] netlink: 16 bytes leftover after parsing attributes in process `syz.4.575'.
[  475.253621][ T8854] rc rc0: two consecutive events of type space
[  475.338582][ T5948] usb 7-1: Using ep0 maxpacket: 16
[  475.347417][ T5948] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  475.373586][ T5948] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  475.392686][ T8864] loop4: detected capacity change from 0 to 512
[  475.397786][ T5948] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  475.401354][ T8864] EXT4-fs: Ignoring removed mblk_io_submit option
[  475.425967][ T5963] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  475.426015][ T8864] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  475.442546][ T5948] usb 7-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  475.454328][ T5948] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.468709][   T43] usb 4-1: USB disconnect, device number 7
[  475.470752][ T8864] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a043c11c, mo2=0002]
[  475.483606][ T8864] System zones: 1-12
[  475.495871][ T8864] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.577: corrupted in-inode xattr: e_value size too large
[  475.502520][ T5948] usb 7-1: config 0 descriptor??
[  475.514536][ T8864] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.577: couldn't read orphan inode 15 (err -117)
[  475.532122][ T8864] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  475.612312][ T5963] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  475.632539][ T5963] usb 6-1: New USB device found, idVendor=17ef, idProduct=6062, bcdDevice= 0.00
[  475.643325][ T5963] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.645846][ T5862] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  475.656475][ T5963] usb 6-1: config 0 descriptor??
[  475.761938][ T8851] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  475.776882][ T8851] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  475.812136][ T5185] Bluetooth: hci1: Malformed LE Event: 0x0d
[  475.821567][ T5948] usbhid 7-1:0.0: can't add hid device: -71
[  475.832166][ T5948] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  475.848030][ T5948] usb 7-1: USB disconnect, device number 5
[  476.027788][ T5874] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  476.100219][ T5963] lenovo 0003:17EF:6062.0004: unknown main item tag 0x1
[  476.128458][ T5963] lenovo 0003:17EF:6062.0004: hidraw0: USB HID v0.04 Device [HID 17ef:6062] on usb-dummy_hcd.5-1/input0
[  476.180642][ T8881] netlink: 16 bytes leftover after parsing attributes in process `syz.3.584'.
[  476.322503][    T9] usb 6-1: USB disconnect, device number 7
[  476.536974][   T43] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  476.546033][ T5963] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  476.717256][ T5963] usb 4-1: Using ep0 maxpacket: 8
[  476.724452][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  476.736310][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  476.746830][   T43] usb 5-1: New USB device found, idVendor=1532, idProduct=010e, bcdDevice= 0.00
[  476.757165][ T5963] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  476.769201][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.777705][ T5963] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  476.791346][   T43] usb 5-1: config 0 descriptor??
[  476.796810][ T5963] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8
[  476.810149][ T5963] usb 4-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00
[  476.819797][ T5963] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.847928][ T5963] usb 4-1: config 0 descriptor??
[  476.884698][ T8898] netlink: 8 bytes leftover after parsing attributes in process `syz.5.591'.
[  476.897299][    T9] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  476.906480][ T8898] netlink: 4 bytes leftover after parsing attributes in process `syz.5.591'.
[  476.917618][ T8898] validate_nla: 43 callbacks suppressed
[  476.917637][ T8898] netlink: 'syz.5.591': attribute type 3 has an invalid length.
[  477.121901][    T9] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  477.135061][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  477.189243][    T9] usb 7-1: config 0 descriptor??
[  477.582768][ T5963] elecom 0003:056E:00FE.0005: unknown main item tag 0x4
[  477.699215][    T9] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  477.709200][ T5963] elecom 0003:056E:00FE.0005: unknown main item tag 0x6
[  477.716369][ T5963] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  477.752654][   T43] razer 0003:1532:010E.0006: unknown main item tag 0x3
[  477.776657][ T5963] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  477.783873][ T5963] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  477.801398][   T43] razer 0003:1532:010E.0006: unbalanced collection at end of report description
[  477.814278][   T43] razer 0003:1532:010E.0006: probe with driver razer failed with error -22
[  477.824185][ T5963] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  477.835851][ T5963] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  477.855661][   T43] usb 5-1: USB disconnect, device number 6
[  477.862513][ T5963] elecom 0003:056E:00FE.0005: unknown main item tag 0x0
[  477.898489][ T5963] elecom 0003:056E:00FE.0005: hidraw0: USB HID v0.00 Device [HID 056e:00fe] on usb-dummy_hcd.3-1/input0
[  477.900972][    T9] [drm:udl_init] *ERROR* Selecting channel failed
[  477.968640][ T5963] usb 4-1: USB disconnect, device number 8
[  477.972424][    T9] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 2
[  477.983747][    T9] [drm] Initialized udl on minor 2
[  477.991849][    T9] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  478.005133][    T9] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  478.041971][ T2153] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  478.050836][ T8907] loop7: detected capacity change from 0 to 64
[  478.069990][    T9] usb 7-1: USB disconnect, device number 6
[  478.084885][ T2153] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  478.201260][ T8908] fido_id[8908]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  478.412429][ T8915] tipc: Started in network mode
[  478.452981][ T8915] tipc: Node identity , cluster identity 4711
[  478.521958][ T8915] tipc: Failed to set node id, please configure manually
[  478.536923][ T8915] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  478.587096][ T2153] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  478.673691][ T8921] netlink: 44 bytes leftover after parsing attributes in process `syz.6.601'.
[  478.743396][ T8925] loop7: detected capacity change from 0 to 128
[  478.780117][ T2153] usb 6-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  478.816483][ T8925] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  478.832997][ T2153] usb 6-1: config 0 interface 0 has no altsetting 0
[  478.847775][ T8925] ext4 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  478.893466][ T2153] usb 6-1: New USB device found, idVendor=046d, idProduct=c283, bcdDevice= 0.00
[  478.913312][ T2153] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.944324][ T2153] usb 6-1: config 0 descriptor??
[  479.314190][ T8940] ubi: mtd0 is already attached to ubi31
[  480.010649][ T2153] logitech 0003:046D:C283.0007: hidraw0: USB HID v0.04 Device [HID 046d:c283] on usb-dummy_hcd.5-1/input0
[  480.010705][ T2153] logitech 0003:046D:C283.0007: no inputs found
[  480.045095][ T2153] usb 6-1: USB disconnect, device number 8
[  480.100238][   T43] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  480.196431][ T8945] fido_id[8945]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  480.250761][   T43] usb 7-1: Using ep0 maxpacket: 32
[  480.253224][   T43] usb 7-1: config 0 has an invalid interface number: 184 but max is 0
[  480.253255][   T43] usb 7-1: config 0 has no interface number 0
[  480.253306][   T43] usb 7-1: config 0 interface 184 has no altsetting 0
[  480.256356][   T43] usb 7-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  480.293619][   T43] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  480.293653][   T43] usb 7-1: Product: syz
[  480.293668][   T43] usb 7-1: Manufacturer: syz
[  480.293684][   T43] usb 7-1: SerialNumber: syz
[  480.309593][   T43] usb 7-1: config 0 descriptor??
[  480.316571][   T43] smsc75xx v1.0.0
[  481.086149][   T43] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  481.208447][   T43] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  481.253609][   T43] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  481.356371][   T43] smsc75xx 7-1:0.184: probe with driver smsc75xx failed with error -71
[  481.424671][   T43] usb 7-1: USB disconnect, device number 7
[  482.058656][ T8595] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  482.253069][ T8966] netlink: 12 bytes leftover after parsing attributes in process `syz.5.617'.
[  482.668096][ T5920] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  483.118998][ T5920] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  483.139230][ T5920] usb 4-1: config 0 interface 0 has no altsetting 0
[  483.156411][ T5920] usb 4-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  483.169532][ T5920] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  483.179178][ T5920] usb 4-1: Product: syz
[  483.184298][ T5920] usb 4-1: Manufacturer: syz
[  483.189937][ T5920] usb 4-1: SerialNumber: syz
[  483.207651][ T5920] usb 4-1: config 0 descriptor??
[  483.217470][ T5920] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  483.248839][ T5920] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  483.326663][ T5920] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  483.346903][ T5920] usb 4-1: media controller created
[  483.437471][ T5920] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  483.708227][ T8988] netlink: 'syz.6.627': attribute type 8 has an invalid length.
[  483.740121][ T5920] DVB: Unable to find symbol tda10046_attach()
[  483.746441][ T5920] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  483.924345][ T8981] loop7: detected capacity change from 0 to 32768
[  483.991847][ T5920] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  484.140950][ T8981] JBD2: Ignoring recovery information on journal
[  484.310265][ T8981] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  484.453239][ T5920] dvb_usb_m920x 4-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  484.474831][ T5920] usb 4-1: USB disconnect, device number 9
[  484.664343][ T8595] ocfs2: Unmounting device (7,7) on (node local)
[  484.705178][ T8983] loop4: detected capacity change from 0 to 40427
[  484.787259][ T8983] F2FS-fs (loop4): Image doesn't support compression
[  484.827522][ T8983] F2FS-fs (loop4): invalid crc value
[  484.855545][ T8999] netlink: 60 bytes leftover after parsing attributes in process `syz.6.631'.
[  485.010195][ T9006] loop3: detected capacity change from 0 to 512
[  485.116602][ T9006] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  485.230313][ T8983] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  485.240526][ T9015] netlink: 8 bytes leftover after parsing attributes in process `syz.5.636'.
[  485.257122][ T9006] ext4 filesystem being mounted at /164/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  485.306588][ T8983] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  485.317411][ T9006] EXT4-fs (loop3): shut down requested (1)
[  485.525490][ T5875] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.721332][ T9027] netlink: 8 bytes leftover after parsing attributes in process `syz.6.641'.
[  485.823902][ T9026] loop6: detected capacity change from 0 to 256
[  485.853913][ T9026] exfat: Deprecated parameter 'utf8'
[  485.861081][ T9026] exfat: Deprecated parameter 'namecase'
[  486.177109][ T5920] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  486.201678][ T9026] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  486.440480][ T5920] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  486.486785][ T5920] usb 6-1: config 0 has no interface number 0
[  486.512990][ T5920] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  486.554964][ T5920] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  486.611213][ T5920] usb 6-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  486.637208][   T43] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  486.654507][ T5920] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.683671][ T5920] usb 6-1: config 0 descriptor??
[  486.807707][   T43] usb 7-1: Using ep0 maxpacket: 8
[  486.865961][   T43] usb 7-1: config 0 has an invalid interface association descriptor of length 2, skipping
[  486.900481][   T43] usb 7-1: config 0 has an invalid descriptor of length 187, skipping remainder of the config
[  486.937280][   T43] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  487.009525][   T43] usb 7-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=bc.76
[  487.054376][   T43] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  487.183292][   T43] usb 7-1: Product: syz
[  487.252072][   T43] usb 7-1: Manufacturer: syz
[  487.277803][ T5949] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  487.316655][   T43] usb 7-1: SerialNumber: syz
[  487.357384][ T5920] prodikeys 0003:041E:2801.0008: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.5-1/input1
[  487.448969][   T43] usb 7-1: config 0 descriptor??
[  487.481188][ T5920] hid_prodikeys: hid-prodikeys: failed to find output report
[  487.481188][ T5920] 
[  487.571397][ T5920] usb 6-1: USB disconnect, device number 9
[  487.579375][ T5949] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[  487.614722][ T9043] fido_id[9043]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  487.616844][ T5949] usb 5-1: config 0 has no interface number 0
[  487.645362][ T5949] usb 5-1: too many endpoints for config 0 interface 2 altsetting 0: 129, using maximum allowed: 30
[  487.658647][ T5949] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  487.670462][ T5949] usb 5-1: config 0 interface 2 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  487.696829][ T5949] usb 5-1: config 0 interface 2 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  487.728851][   T43] usb 7-1: USB disconnect, device number 8
[  487.741719][ T5949] usb 5-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  487.761208][ T5949] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.769815][ T9045] loop3: detected capacity change from 0 to 1024
[  487.777979][ T5949] usb 5-1: config 0 descriptor??
[  487.886623][ T6368] hfsplus: b-tree write err: -5, ino 4
[  488.375506][ T5949] hid_parser_main: 51 callbacks suppressed
[  488.375535][ T5949] wacom 0003:056A:0084.0009: unknown main item tag 0x0
[  488.392771][ T5949] wacom 0003:056A:0084.0009: unknown main item tag 0x0
[  488.429625][ T5949] wacom 0003:056A:0084.0009: hidraw0: USB HID vff.ea Device [HID 056a:0084] on usb-dummy_hcd.4-1/input2
[  488.474605][ T5949] usb 5-1: USB disconnect, device number 7
[  488.596995][ T9063] loop6: detected capacity change from 0 to 256
[  488.613595][ T9063] exfat: Deprecated parameter 'utf8'
[  488.619541][ T9063] exfat: Deprecated parameter 'namecase'
[  488.625424][ T9063] exfat: Deprecated parameter 'utf8'
[  488.656265][ T9063] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x389acbd6, utbl_chksum : 0xe619d30d)
[  488.816832][ T5920] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  488.969091][ T9064] fido_id[9064]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  489.027294][ T5920] usb 6-1: Using ep0 maxpacket: 32
[  489.241166][ T9066] exFAT-fs (loop6): start_clu is invalid cluster(0x0)
[  489.880390][   T30] audit: type=1326 audit(1758736981.242:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9062 comm="syz.6.655" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9c96d8eec9 code=0x0
[  490.027247][ T5920] usb 6-1: config 0 interface 0 has no altsetting 0
[  490.033966][ T5920] usb 6-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  490.073975][ T5920] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  490.127981][ T5920] usb 6-1: config 0 descriptor??
[  490.314299][ T9071] loop3: detected capacity change from 0 to 1024
[  491.151415][ T5920] corsair-cpro 0003:1B1C:0C10.000A: unknown main item tag 0x0
[  491.159167][ T5920] corsair-cpro 0003:1B1C:0C10.000A: unknown main item tag 0x0
[  491.167008][ T5920] corsair-cpro 0003:1B1C:0C10.000A: unknown main item tag 0x0
[  491.167042][ T5920] corsair-cpro 0003:1B1C:0C10.000A: unknown main item tag 0x0
[  491.167067][ T5920] corsair-cpro 0003:1B1C:0C10.000A: unknown main item tag 0x0
[  491.210040][   T36] hfsplus: b-tree write err: -5, ino 4
[  491.229792][ T5920] corsair-cpro 0003:1B1C:0C10.000A: hidraw0: USB HID v4.06 Device [HID 1b1c:0c10] on usb-dummy_hcd.5-1/input0
[  491.406156][ T9085] netlink: 76 bytes leftover after parsing attributes in process `syz.6.660'.
[  491.646330][ T5920] corsair-cpro 0003:1B1C:0C10.000A: probe with driver corsair-cpro failed with error -110
[  491.667848][ T5920] usb 6-1: USB disconnect, device number 10
[  491.872966][ T9090] loop6: detected capacity change from 0 to 256
[  491.901663][ T9090] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  492.512401][ T9101] loop5: detected capacity change from 0 to 4096
[  492.523651][ T9101] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  492.570146][ T9101] ntfs3(loop5): ino=19, mi_enum_attr
[  492.575681][ T9101] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  492.619203][ T9101] ntfs3(loop5): failed to convert "c46c" to macceltic
[  492.630219][ T9101] ntfs3(loop5): ino=20, mi_enum_attr
[  494.692841][ T9132] program syz.4.679 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  494.825442][ T9138] loop3: detected capacity change from 0 to 136
[  494.831599][ T9139] netlink: 'syz.6.682': attribute type 1 has an invalid length.
[  494.840160][ T9139] netlink: 72 bytes leftover after parsing attributes in process `syz.6.682'.
[  494.850843][   T10] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  494.859333][ T9139] netlink: 97 bytes leftover after parsing attributes in process `syz.6.682'.
[  494.922545][ T9138] rock: directory entry would overflow storage
[  494.934023][ T9138] rock: sig=0x4f50, size=4, remaining=3
[  494.941041][ T9138] iso9660: Corrupted directory entry in block 2 of inode 1472
[  495.024446][   T10] usb 6-1: Using ep0 maxpacket: 8
[  495.034136][   T10] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  495.044349][   T10] usb 6-1: config 0 has no interface number 0
[  495.052050][   T10] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  495.064468][   T10] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  495.074627][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.086236][   T10] usb 6-1: config 0 descriptor??
[  495.098063][   T10] iowarrior 6-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  495.309423][   T43] usb 6-1: USB disconnect, device number 11
[  496.015776][ T9152] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  497.087985][ T9162] loop4: detected capacity change from 0 to 256
[  498.099523][ T9181] netlink: 60 bytes leftover after parsing attributes in process `syz.7.701'.
[  498.244088][ T9157] loop3: detected capacity change from 0 to 32768
[  498.492517][ T9190] loop4: detected capacity change from 0 to 512
[  498.546278][ T9190] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  498.669964][ T9190] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  498.759483][ T9190] ext4 filesystem being mounted at /196/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  499.330436][ T5862] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  499.598435][ T9206] netlink: 8 bytes leftover after parsing attributes in process `syz.6.711'.
[  500.286279][ T9221] loop5: detected capacity change from 0 to 2048
[  500.338022][ T9222] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  500.377412][   T43] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  500.541980][   T43] usb 7-1: too many configurations: 9, using maximum allowed: 8
[  500.559443][   T43] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  500.579048][   T43] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  500.616409][   T43] usb 7-1: config 0 interface 0 has no altsetting 0
[  500.625340][   T43] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  500.635619][   T43] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  500.657270][   T43] usb 7-1: config 0 interface 0 has no altsetting 0
[  500.665787][   T43] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  500.675260][   T43] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  500.687942][   T43] usb 7-1: config 0 interface 0 has no altsetting 0
[  500.698311][   T43] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  500.716578][   T43] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  500.728734][   T43] usb 7-1: config 0 interface 0 has no altsetting 0
[  500.738227][   T43] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  500.757543][   T43] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  500.776913][   T43] usb 7-1: config 0 interface 0 has no altsetting 0
[  500.785352][   T43] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  500.796801][   T43] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  500.816811][   T43] usb 7-1: config 0 interface 0 has no altsetting 0
[  500.845346][   T43] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  500.851415][ T9232] netlink: 8 bytes leftover after parsing attributes in process `syz.5.722'.
[  500.855136][   T43] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  500.864534][ T9232] netlink: 52 bytes leftover after parsing attributes in process `syz.5.722'.
[  500.895729][   T43] usb 7-1: config 0 interface 0 has no altsetting 0
[  500.907748][   T43] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9
[  500.918921][   T43] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  500.940345][   T43] usb 7-1: config 0 interface 0 has no altsetting 0
[  500.969504][   T43] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  500.986778][   T43] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  501.005613][   T43] usb 7-1: Product: syz
[  501.010703][   T43] usb 7-1: Manufacturer: syz
[  501.015515][   T43] usb 7-1: SerialNumber: syz
[  501.041936][   T43] usb 7-1: config 0 descriptor??
[  501.078027][   T43] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0
[  501.380518][ T5963] usb 7-1: USB disconnect, device number 9
[  501.392258][ T5963] yurex 7-1:0.0: USB YUREX #0 now disconnected
[  501.798242][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  501.805173][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  502.551849][ T5920] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  502.735972][ T5920] usb 5-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  502.796866][ T5920] usb 5-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  502.833992][ T5920] usb 5-1: config 0 interface 0 has no altsetting 0
[  502.849601][ T5920] usb 5-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  502.864457][ T5920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  502.936026][ T5920] usb 5-1: config 0 descriptor??
[  503.191986][ T9283] bond0: entered promiscuous mode
[  503.205396][ T9283] bond_slave_0: entered promiscuous mode
[  503.214519][ T9283] bond_slave_1: entered promiscuous mode
[  503.232797][ T9283] bond0: left promiscuous mode
[  503.237083][   T43] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  503.238127][ T9283] bond_slave_0: left promiscuous mode
[  503.267664][ T9283] bond_slave_1: left promiscuous mode
[  503.316816][ T5963] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  503.395932][ T5920] holtek 0003:1241:5015.000B: hidraw0: USB HID v0.00 Device [HID 1241:5015] on usb-dummy_hcd.4-1/input0
[  503.406818][   T43] usb 7-1: Using ep0 maxpacket: 16
[  503.407384][ T5920] holtek 0003:1241:5015.000B: no inputs found
[  503.426305][   T43] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  503.456035][   T43] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  503.482303][ T5963] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  503.506851][   T43] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  503.524921][ T5963] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  503.535578][ T5963] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  503.548402][ T5963] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.558271][   T43] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  503.569660][   T43] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.580197][ T5963] usb 4-1: config 0 descriptor??
[  503.588530][   T43] usb 7-1: Product: syz
[  503.595607][   T43] usb 7-1: Manufacturer: syz
[  503.601065][   T43] usb 7-1: SerialNumber: syz
[  503.635936][ T5949] usb 5-1: USB disconnect, device number 8
[  503.933622][ T9294] loop5: detected capacity change from 0 to 32768
[  503.944342][ T9294] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.751 (9294)
[  503.978857][ T9294] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  503.990812][ T9294] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  504.013815][ T5963] cm6533_jd 0003:0D8C:0022.000C: unknown main item tag 0x0
[  504.027081][ T5963] cm6533_jd 0003:0D8C:0022.000C: unknown main item tag 0x0
[  504.035483][ T5963] cm6533_jd 0003:0D8C:0022.000C: unknown main item tag 0x0
[  504.045697][ T5963] cm6533_jd 0003:0D8C:0022.000C: unknown main item tag 0x0
[  504.054519][   T43] usb 7-1: 0:2 : does not exist
[  504.061537][ T5963] cm6533_jd 0003:0D8C:0022.000C: unknown main item tag 0x0
[  504.105972][ T5963] cm6533_jd 0003:0D8C:0022.000C: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0
[  504.151014][ T9294] BTRFS info (device loop5): enabling ssd optimizations
[  504.166995][ T9294] BTRFS info (device loop5): enabling free space tree
[  504.322177][ T5920] usb 4-1: USB disconnect, device number 10
[  504.463155][ T8366] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  504.595769][   T30] audit: type=1326 audit(1758736996.642:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.4.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  504.695247][   T43] usb 7-1: 1:0: failed to get current value for ch 0 (-22)
[  504.709282][   T30] audit: type=1326 audit(1758736996.672:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.4.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  504.787741][   T30] audit: type=1326 audit(1758736996.692:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.4.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  504.810483][    C1] vkms_vblank_simulate: vblank timer overrun
[  504.843317][   T30] audit: type=1326 audit(1758736996.692:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.4.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  504.867539][ T9318] syzkaller1: tun_chr_ioctl cmd 2147767520
[  504.897371][   T30] audit: type=1326 audit(1758736996.692:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.4.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  505.000773][   T30] audit: type=1326 audit(1758736996.692:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.4.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  505.112785][   T30] audit: type=1326 audit(1758736996.702:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.4.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  505.167149][   T43] usb 7-1: USB disconnect, device number 10
[  505.224269][   T30] audit: type=1326 audit(1758736996.702:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.4.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f8f54f8eec9 code=0x7ffc0000
[  505.295286][   T30] audit: type=1326 audit(1758736996.702:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.4.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8f54f2af79 code=0x7ffc0000
[  505.302581][ T7262] udevd[7262]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  505.454732][   T30] audit: type=1326 audit(1758736996.702:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9314 comm="syz.4.754" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8f54f2af79 code=0x7ffc0000
[  505.540450][ T9326] loop3: detected capacity change from 0 to 128
[  505.615821][ T9326] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  505.638480][ T9326] ext4 filesystem being mounted at /196/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  505.670551][    C1] vkms_vblank_simulate: vblank timer overrun
[  505.922608][ T9331] ubi: mtd0 is already attached to ubi31
[  507.266565][ T9357] netlink: 32 bytes leftover after parsing attributes in process `syz.7.768'.
[  508.662846][ T5875] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  509.450440][ T9402] loop6: detected capacity change from 0 to 1024
[  509.845286][ T9402] EXT4-fs: Ignoring removed bh option
[  509.978034][ T9402] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  510.218418][ T9402] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  510.403282][ T9412] loop4: detected capacity change from 0 to 256
[  510.422907][ T9412] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  510.463037][ T8368] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  510.488995][ T9412] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  510.998292][ T9428] loop3: detected capacity change from 0 to 2048
[  511.059747][ T9428] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  511.092573][ T9428] ext4 filesystem being mounted at /205/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  511.196802][ T5949] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  511.211205][ T9438] netlink: 'syz.6.803': attribute type 1 has an invalid length.
[  511.249425][ T5875] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  511.319204][ T5920] hid-generic 0005:0007:0008.000D: unknown main item tag 0x0
[  511.350553][ T5920] hid-generic 0005:0007:0008.000D: hidraw0: BLUETOOTH HID v0.08 Device [syz0] on aa:aa:aa:aa:aa:aa
[  511.382395][ T5949] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  511.411668][ T5949] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  511.436846][ T5949] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  511.446284][ T5949] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  511.507449][ T9430] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  511.550218][ T5949] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  511.629909][ T9444] fido_id[9444]: Failed to open report descriptor at '/sys/devices/virtual/bluetooth/hci2/hci2:200/report_descriptor': No such file or directory
[  511.800224][ T5949] usb 5-1: USB disconnect, device number 9
[  511.888521][ T5920] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  512.081457][ T5920] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  512.093544][ T5920] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  512.167810][ T5920] usb 7-1: config 0 descriptor??
[  512.196386][ T5920] cp210x 7-1:0.0: cp210x converter detected
[  512.607715][ T5920] cp210x 7-1:0.0: failed to get vendor val 0x000e size 3: -32
[  512.714526][ T9456] wlan0 speed is unknown, defaulting to 1000
[  512.845302][ T5920] usb 7-1: cp210x converter now attached to ttyUSB0
[  512.946758][    T9] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  513.064405][ T2153] usb 7-1: USB disconnect, device number 11
[  513.107540][ T2153] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  513.131815][    T9] usb 5-1: config 0 has no interfaces?
[  513.141640][    T9] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  513.157236][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  513.166262][    T9] usb 5-1: Product: syz
[  513.179299][    T9] usb 5-1: Manufacturer: syz
[  513.195172][   T43] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  513.196831][    T9] usb 5-1: SerialNumber: syz
[  513.210946][ T2153] cp210x 7-1:0.0: device disconnected
[  513.230588][    T9] usb 5-1: config 0 descriptor??
[  513.259441][   T43] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  513.483769][ T2153] usb 5-1: USB disconnect, device number 10
[  513.486655][ T9460] loop3: detected capacity change from 0 to 32768
[  513.542541][ T9460] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  513.703644][ T9460] XFS (loop3): Ending clean mount
[  513.770098][ T9460] XFS (loop3): Quotacheck needed: Please wait.
[  513.861706][ T9460] XFS (loop3): Quotacheck: Done.
[  514.046593][ T9480] loop5: detected capacity change from 0 to 2048
[  514.067400][ T5875] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  514.223648][ T9487] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  514.447301][ T5949] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  514.671270][ T5949] usb 5-1: Using ep0 maxpacket: 8
[  514.778104][ T5949] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  514.826381][ T5949] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  515.182280][   T43] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  515.218671][ T5949] pvrusb2: Hardware description: Terratec Grabster AV400
[  515.232277][ T5949] pvrusb2: **********
[  515.236439][ T5949] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  515.274257][ T5949] pvrusb2: Important functionality might not be entirely working.
[  515.308255][ T5949] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  515.354929][ T5949] pvrusb2: **********
[  515.427021][   T43] usb 6-1: Using ep0 maxpacket: 8
[  515.448097][   T43] usb 6-1: config index 0 descriptor too short (expected 30, got 18)
[  515.481954][   T43] usb 6-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  515.499414][   T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  515.515277][ T2345] pvrusb2: Invalid write control endpoint
[  515.516861][   T43] usb 6-1: Product: syz
[  515.526091][   T43] usb 6-1: Manufacturer: syz
[  515.536178][   T43] usb 6-1: SerialNumber: syz
[  515.567929][   T43] usb 6-1: config 0 descriptor??
[  515.640306][   T43] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  515.657332][   T43] usb 6-1: setting power ON
[  515.695306][   T43] dvb-usb: bulk message failed: -22 (2/0)
[  515.699198][ T2153] usb 5-1: USB disconnect, device number 11
[  515.743496][ T2345] pvrusb2: Invalid write control endpoint
[  515.761257][   T43] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  515.792133][ T2345] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  515.803258][   T43] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  515.825480][ T2345] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  515.845517][   T43] usb 6-1: media controller created
[  515.854956][ T2345] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  515.887936][ T2345] pvrusb2: Device being rendered inoperable
[  515.899661][ T2345] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  515.905296][   T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  515.907997][ T2345] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  515.937217][ T2345] pvrusb2: Attached sub-driver cx25840
[  515.943272][ T2345] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  515.955772][ T2345] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  516.001785][   T43] usb 6-1: selecting invalid altsetting 6
[  516.025913][   T43] usb 6-1: digital interface selection failed (-22)
[  516.037001][   T43] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  516.072595][   T43] usb 6-1: setting power OFF
[  516.078476][   T43] dvb-usb: bulk message failed: -22 (2/0)
[  516.086573][   T43] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  516.097749][   T43] (NULL device *): no alternate interface
[  516.143720][   T43] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  516.175682][   T43] usb 6-1: USB disconnect, device number 12
[  516.300303][    T9] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  516.397463][ T9510] loop6: detected capacity change from 0 to 32768
[  516.466745][    T9] usb 4-1: Using ep0 maxpacket: 8
[  516.482750][    T9] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  516.492651][ T9510] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  516.495377][    T9] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  516.514579][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  516.525253][    T9] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  516.538752][    T9] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  516.552650][    T9] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  516.565760][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  516.819365][    T9] usb 4-1: GET_CAPABILITIES returned 0
[  516.825129][    T9] usbtmc 4-1:16.0: can't read capabilities
[  516.890598][ T5963] kernel read not supported for file /sequencer (pid: 5963 comm: kworker/1:8)
[  516.922847][ T8368] ocfs2: Unmounting device (7,6) on (node local)
[  517.081044][ T9514] usb 4-1: usbtmc_ioctl_clear_in_halt returned -32
[  517.118852][ T5963] usb 4-1: USB disconnect, device number 11
[  517.316338][ T9540] input: syz1 as /devices/virtual/input/input11
[  517.943819][ T9551] IPVS: rr: SCTP 172.20.20.187:0 - no destination available
[  518.054109][ T9558] sg_read: process 772 (syz.4.848) changed security contexts after opening file descriptor, this is not allowed.
[  519.460546][ T9577] loop4: detected capacity change from 0 to 256
[  519.541573][ T9577] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  519.617780][   T30] kauditd_printk_skb: 92 callbacks suppressed
[  519.617802][   T30] audit: type=1800 audit(1758737011.652:202): pid=9577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.854" name="file2" dev="loop4" ino=1048644 res=0 errno=0
[  520.626843][ T5920] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  520.807648][ T5920] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  520.820639][ T5920] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  520.832463][ T5920] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  520.844427][ T5920] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  520.857744][ T5920] usb 7-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  520.867326][ T5920] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  520.875361][ T5920] usb 7-1: Product: syz
[  520.879925][ T5920] usb 7-1: Manufacturer: syz
[  520.886414][ T5920] usb 7-1: SerialNumber: syz
[  520.902542][ T5920] usb 7-1: config 0 descriptor??
[  521.135818][ T5920] adutux 7-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  521.374165][ T2153] usb 7-1: USB disconnect, device number 12
[  521.985731][ T9597] loop6: detected capacity change from 0 to 1024
[  522.041382][ T9597] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  522.232731][ T9601] EXT4-fs error (device loop6): ext4_xattr_inode_iget:437: comm syz.6.863: inode #1030059105: comm syz.6.863: iget: illegal inode #
[  522.282346][ T9601] EXT4-fs error (device loop6): ext4_xattr_inode_iget:442: comm syz.6.863: error while reading EA inode 1030059105 err=-117
[  522.428998][ T8368] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.560970][ T5920] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[  523.592325][ T5920] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  524.511021][ T9622] loop3: detected capacity change from 0 to 16
[  524.708288][ T9622] erofs (device loop3): mounted with root inode @ nid 36.
[  524.867089][ T9628] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  526.369824][ T9666] loop7: detected capacity change from 0 to 512
[  526.371348][ T9668] netlink: 8 bytes leftover after parsing attributes in process `syz.4.888'.
[  526.406073][ T9666] msdos: Unknown parameter 'ti	'
[  526.434086][ T9664] loop6: detected capacity change from 0 to 1024
[  526.459000][ T9664] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  526.659794][ T6368] hfsplus: b-tree write err: -5, ino 4
[  527.918529][ T9656] loop3: detected capacity change from 0 to 32768
[  527.983821][ T9691] loop6: detected capacity change from 0 to 512
[  528.043503][ T9656] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  528.090943][ T9691] EXT4-fs: Ignoring removed nobh option
[  528.168420][ T9691] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.896: iget: bad i_size value: 38620345925642
[  528.190764][ T9691] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.896: couldn't read orphan inode 15 (err -117)
[  528.242553][ T9691] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  528.412045][ T9706] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.896: bg 0: block 5: invalid block bitmap
[  528.540580][ T5875] ocfs2: Unmounting device (7,3) on (node local)
[  528.554509][ T9706] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 16 with error 28
[  528.732371][ T9706] EXT4-fs (loop6): This should not happen!! Data will be lost
[  528.732371][ T9706] 
[  528.794677][ T9706] EXT4-fs (loop6): Total free blocks count 0
[  528.812085][ T9706] EXT4-fs (loop6): Free/Dirty block details
[  528.858362][ T9706] EXT4-fs (loop6): free_blocks=0
[  528.863482][ T9706] EXT4-fs (loop6): dirty_blocks=268
[  528.906098][ T9706] EXT4-fs (loop6): Block reservation details
[  528.938030][ T9706] EXT4-fs (loop6): i_reserved_data_blocks=268
[  528.996921][ T5963] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  529.008095][   T36] EXT4-fs (loop6): Delayed block allocation failed for inode 18 at logical offset 16 with max blocks 248 with error 28
[  529.188851][ T5963] usb 6-1: Using ep0 maxpacket: 32
[  529.209622][ T5963] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  529.240989][ T5963] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  529.285429][ T5963] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  529.349074][ T5963] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  529.379734][ T5963] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  529.416848][ T5963] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024
[  529.472536][ T5963] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  529.503963][ T5963] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  529.754460][ T5963] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  529.905396][ T5963] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  530.086582][ T5963] usb 6-1: config 0 descriptor??
[  530.126271][ T9713] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  530.289090][ T9728] netlink: 'syz.6.910': attribute type 1 has an invalid length.
[  530.309425][ T9728] netlink: 136 bytes leftover after parsing attributes in process `syz.6.910'.
[  530.329466][ T9728] netlink: 'syz.6.910': attribute type 2 has an invalid length.
[  530.337855][ T9728] netlink: 'syz.6.910': attribute type 1 has an invalid length.
[  530.394131][ T5963] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 13 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  530.622694][ T9719] loop3: detected capacity change from 0 to 40427
[  530.627285][    C1] usblp0: nonzero read bulk status received: -71
[  530.663815][ T9719] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  530.672530][ T9719] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  531.184065][ T9719] F2FS-fs (loop3): invalid crc value
[  531.206949][ T5920] usb 6-1: USB disconnect, device number 13
[  531.490282][ T5920] usblp0: removed
[  531.600405][ T9719] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  531.654064][ T9719] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  531.677189][ T9719] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  532.013076][ T9748] loop5: detected capacity change from 0 to 512
[  532.066453][ T9748] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.916: bad orphan inode 11862016
[  532.104509][ T9748] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  532.117856][ T9748] ext4 filesystem being mounted at /98/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  532.157833][ T9749] wlan0 speed is unknown, defaulting to 1000
[  532.588279][ T9762] loop7: detected capacity change from 0 to 512
[  532.686426][ T8366] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  532.701391][ T9762] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  532.727391][ T9762] ext4 filesystem being mounted at /56/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  532.821968][ T8595] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  533.005845][ T9770] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  533.117438][ T5870] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  533.305056][ T5870] usb 6-1: Using ep0 maxpacket: 16
[  533.321317][ T5870] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  533.354422][ T5870] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  533.381074][ T5870] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  533.414842][ T5870] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  533.430945][ T5870] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  533.471213][ T5870] usb 6-1: config 0 descriptor??
[  533.585365][   T43] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[  533.612485][ T9781] loop3: detected capacity change from 0 to 1024
[  533.636926][   T43] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  533.667882][ T9781] EXT4-fs: Ignoring removed nomblk_io_submit option
[  533.750803][ T9781] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  533.816931][ T9786] loop6: detected capacity change from 0 to 8
[  533.846606][ T9781] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  533.868469][ T9786] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  533.950566][ T5870] HID 045e:07da: Invalid code 65791 type 1
[  533.972831][ T9786] netlink: 76 bytes leftover after parsing attributes in process `syz.6.927'.
[  534.058663][ T5870] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0011/input/input12
[  534.157507][ T5870] microsoft 0003:045E:07DA.0011: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  534.196257][ T5875] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  534.421337][ T5870] usb 6-1: USB disconnect, device number 14
[  534.465946][ T9794] fido_id[9794]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[  535.086452][   T10] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  535.328655][   T10] usb 4-1: Using ep0 maxpacket: 8
[  535.511421][   T10] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  535.530880][   T10] usb 4-1: config 0 has no interface number 0
[  535.549853][   T10] usb 4-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  535.566084][   T10] usb 4-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  535.619158][   T10] usb 4-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  535.648337][   T10] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  535.706115][   T10] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  535.737899][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  536.056237][   T10] usb 4-1: config 0 descriptor??
[  536.338238][   T10] ldusb 4-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  536.706870][   T10] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  536.878671][   T10] usb 7-1: Using ep0 maxpacket: 8
[  536.897867][   T10] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  536.917377][   T10] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  536.946741][   T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  536.957337][   T10] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  536.969629][   T10] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  536.983524][   T10] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  536.999046][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  537.081132][ T5949] usb 4-1: USB disconnect, device number 12
[  537.105206][ T9839] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  537.116741][ T5949] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[  537.249918][   T10] usb 7-1: usb_control_msg returned -32
[  537.272500][   T10] usbtmc 7-1:16.0: can't read capabilities
[  537.429913][ T9837] loop4: detected capacity change from 0 to 32768
[  537.450527][ T9837] bcachefs (/dev/loop4): error validating superblock: Invalid superblock section replicas: invalid device 1 in entry (unknown data_type 122): 119/246 [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 5 5 6 7 8 9 9 10 11 14 24 27 31 35 43 47 47 51 56 65 80 89 96 102 128 132 172 173 174 179 205 222 235 245]
[  537.450527][ T9837] replicas (size 64):
[  537.450527][ T9837] (unknown data_type 122): 119/246 [43 0 222 65 89 132 205 31 174 173 5 172 235 128 0 0 0 0 0 0 0 0 0 0 1 8 0 0 0 179 245 51 102 0 0 0 0 0 0 14 96 0 0 0 0 0 0 0 0 0 0 0 0 5 0 0 0 9 0 0 0 9 0 0 0 0 0 0 0 7 0 0 0 0 0 0 0 24 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 80 0 0 0 10 0 0 0 0 0 0 0 0 0 0 0 56 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 
[  537.450751][ T9837] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[  538.062750][ T9857] usbtmc 7-1:16.0: usb_control_msg returned -32
[  538.265102][ T5920] usb 7-1: USB disconnect, device number 13
[  539.580803][ T5920] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  539.684508][ T5920] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  540.665276][ T9898] loop5: detected capacity change from 0 to 128
[  540.693576][ T9898] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  540.759200][ T9898] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  540.826986][ T8490] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  541.003604][ T9907] netlink: 24 bytes leftover after parsing attributes in process `syz.3.967'.
[  541.022013][ T9907] netlink: 40 bytes leftover after parsing attributes in process `syz.3.967'.
[  541.208164][ T9912] loop4: detected capacity change from 0 to 512
[  541.232688][ T9912] EXT4-fs: Ignoring removed orlov option
[  541.265404][ T9912] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  541.350991][ T9912] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  541.397506][ T9912] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.969: corrupted in-inode xattr: e_value size too large
[  541.441325][ T9912] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.969: couldn't read orphan inode 15 (err -117)
[  541.459731][ T9912] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  541.613038][ T5862] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  541.833247][ T9929] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  542.890249][ T9946] loop6: detected capacity change from 0 to 128
[  542.894239][ T9910] loop5: detected capacity change from 0 to 32768
[  542.978565][ T9946] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  543.086989][ T9946] ext4 filesystem being mounted at /115/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  543.550579][ T9954] ubi: mtd0 is already attached to ubi31
[  544.287176][   T13] ERROR: (device loop5): dbAlloc: the hint is outside the map
[  544.287176][   T13] 
[  544.310076][   T13] ERROR: (device loop5): remounting filesystem as read-only
[  544.318083][   T13] kworker/u8:1: attempt to access beyond end of device
[  544.318083][   T13] loop5: rw=1, sector=2621792, nr_sectors = 16 limit=32768
[  544.334962][   T13] ERROR: (device loop5): dbAlloc: the hint is outside the map
[  544.334962][   T13] 
[  544.350620][  T112] blkno = 5002c, nblocks = 1
[  544.355387][  T112] ERROR: (device loop5): dbUpdatePMap: blocks are outside the map
[  544.355387][  T112] 
[  544.366225][   T13] ERROR: (device loop5): dbAlloc: the hint is outside the map
[  544.366225][   T13] 
[  544.377088][   T13] kworker/u8:1: attempt to access beyond end of device
[  544.377088][   T13] loop5: rw=2049, sector=2621808, nr_sectors = 8 limit=32768
[  544.391607][  T112] blkno = 5002d, nblocks = 1
[  544.396562][  T112] ERROR: (device loop5): dbUpdatePMap: blocks are outside the map
[  544.396562][  T112] 
[  544.397412][ T9960] netlink: 64 bytes leftover after parsing attributes in process `syz.3.985'.
[  544.408259][   T13] ERROR: (device loop5): dbAlloc: the hint is outside the map
[  544.408259][   T13] 
[  544.427044][   T13] kworker/u8:1: attempt to access beyond end of device
[  544.427044][   T13] loop5: rw=2049, sector=2621816, nr_sectors = 8 limit=32768
[  544.460410][   T13] ERROR: (device loop5): dbAlloc: the hint is outside the map
[  544.460410][   T13] 
[  544.483229][  T112] blkno = 5002e, nblocks = 1
[  544.488154][  T112] ERROR: (device loop5): dbUpdatePMap: blocks are outside the map
[  544.488154][  T112] 
[  544.535986][  T112] blkno = 5002f, nblocks = 1
[  544.556512][  T112] ERROR: (device loop5): dbUpdatePMap: blocks are outside the map
[  544.556512][  T112] 
[  544.581578][  T112] ==================================================================
[  544.589712][  T112] BUG: KASAN: slab-use-after-free in jfs_lazycommit+0x74b/0xa90
[  544.597362][  T112] Read of size 4 at addr ffff88807a005094 by task jfsCommit/112
[  544.605209][  T112] 
[  544.607799][  T112] CPU: 1 UID: 0 PID: 112 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  544.607818][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  544.607827][  T112] Call Trace:
[  544.607835][  T112]  <TASK>
[  544.607841][  T112]  dump_stack_lvl+0x189/0x250
[  544.607860][  T112]  ? __kasan_check_byte+0x12/0x40
[  544.607879][  T112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  544.607895][  T112]  ? lock_release+0x4b/0x3e0
[  544.607916][  T112]  ? __virt_addr_valid+0x4a5/0x5c0
[  544.607933][  T112]  print_report+0xca/0x240
[  544.607954][  T112]  ? jfs_lazycommit+0x74b/0xa90
[  544.607969][  T112]  kasan_report+0x118/0x150
[  544.607985][  T112]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  544.608008][  T112]  ? jfs_lazycommit+0x74b/0xa90
[  544.608026][  T112]  jfs_lazycommit+0x74b/0xa90
[  544.608045][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  544.608062][  T112]  ? __pfx_default_wake_function+0x10/0x10
[  544.608081][  T112]  ? __kthread_parkme+0x7b/0x200
[  544.608094][  T112]  ? __kthread_parkme+0x1a1/0x200
[  544.608109][  T112]  kthread+0x711/0x8a0
[  544.608126][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  544.608142][  T112]  ? __pfx_kthread+0x10/0x10
[  544.608158][  T112]  ? _raw_spin_unlock_irq+0x23/0x50
[  544.608171][  T112]  ? lockdep_hardirqs_on+0x9c/0x150
[  544.608185][  T112]  ? __pfx_kthread+0x10/0x10
[  544.608200][  T112]  ret_from_fork+0x4bc/0x870
[  544.608220][  T112]  ? __pfx_ret_from_fork+0x10/0x10
[  544.608241][  T112]  ? __switch_to_asm+0x39/0x70
[  544.608257][  T112]  ? __switch_to_asm+0x33/0x70
[  544.608273][  T112]  ? __pfx_kthread+0x10/0x10
[  544.608288][  T112]  ret_from_fork_asm+0x1a/0x30
[  544.608311][  T112]  </TASK>
[  544.608316][  T112] 
[  544.782225][  T112] Allocated by task 9910:
[  544.786550][  T112]  kasan_save_track+0x3e/0x80
[  544.791325][  T112]  __kasan_kmalloc+0x93/0xb0
[  544.796003][  T112]  __kmalloc_cache_noprof+0x3d5/0x6f0
[  544.801382][  T112]  jfs_fill_super+0xc2/0xd80
[  544.806150][  T112]  get_tree_bdev_flags+0x40e/0x4d0
[  544.811347][  T112]  vfs_get_tree+0x92/0x2b0
[  544.816035][  T112]  do_new_mount+0x302/0x9e0
[  544.827706][  T112]  __se_sys_mount+0x313/0x410
[  544.832580][  T112]  do_syscall_64+0xfa/0xfa0
[  544.837102][  T112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.843005][  T112] 
[  544.845341][  T112] Freed by task 8366:
[  544.849625][  T112]  kasan_save_track+0x3e/0x80
[  544.854667][  T112]  __kasan_save_free_info+0x46/0x50
[  544.860401][  T112]  __kasan_slab_free+0x5c/0x80
[  544.865252][  T112]  kfree+0x19a/0x6d0
[  544.869157][  T112]  generic_shutdown_super+0x135/0x2c0
[  544.874649][  T112]  kill_block_super+0x44/0x90
[  544.879329][  T112]  deactivate_locked_super+0xbc/0x130
[  544.884721][  T112]  cleanup_mnt+0x425/0x4c0
[  544.889138][  T112]  task_work_run+0x1d4/0x260
[  544.893942][  T112]  exit_to_user_mode_loop+0xe9/0x130
[  544.899229][  T112]  do_syscall_64+0x2bd/0xfa0
[  544.903831][  T112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.909826][  T112] 
[  544.912164][  T112] The buggy address belongs to the object at ffff88807a005000
[  544.912164][  T112]  which belongs to the cache kmalloc-256 of size 256
[  544.926389][  T112] The buggy address is located 148 bytes inside of
[  544.926389][  T112]  freed 256-byte region [ffff88807a005000, ffff88807a005100)
[  544.940392][  T112] 
[  544.942809][  T112] The buggy address belongs to the physical page:
[  544.949228][  T112] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7a004
[  544.958355][  T112] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  544.967151][  T112] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  544.975046][  T112] page_type: f5(slab)
[  544.979126][  T112] raw: 00fff00000000040 ffff88813fe26b40 ffffea0000cf7f00 dead000000000003
[  544.987727][  T112] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  544.996406][  T112] head: 00fff00000000040 ffff88813fe26b40 ffffea0000cf7f00 dead000000000003
[  545.005248][  T112] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[  545.014027][  T112] head: 00fff00000000001 ffffea0001e80101 00000000ffffffff 00000000ffffffff
[  545.023400][  T112] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  545.032248][  T112] page dumped because: kasan: bad access detected
[  545.038760][  T112] page_owner tracks the page as allocated
[  545.044500][  T112] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5875, tgid 5875 (syz-executor), ts 89421294092, free_ts 89213760858
[  545.066321][  T112]  post_alloc_hook+0x240/0x2a0
[  545.071108][  T112]  get_page_from_freelist+0x2365/0x2440
[  545.077096][  T112]  __alloc_frozen_pages_noprof+0x181/0x370
[  545.090634][  T112]  alloc_pages_mpol+0x232/0x4a0
[  545.095489][  T112]  allocate_slab+0x96/0x3a0
[  545.099998][  T112]  ___slab_alloc+0xe94/0x1920
[  545.105029][  T112]  __slab_alloc+0x65/0x100
[  545.109445][  T112]  __kmalloc_noprof+0x471/0x7f0
[  545.114339][  T112]  __register_sysctl_table+0xba1/0x1340
[  545.120063][  T112]  __devinet_sysctl_register+0x37f/0x470
[  545.125800][  T112]  devinet_sysctl_register+0x187/0x200
[  545.131274][  T112]  inetdev_init+0x2c1/0x500
[  545.135961][  T112]  inetdev_event+0x301/0x15b0
[  545.140671][  T112]  notifier_call_chain+0x1b6/0x3e0
[  545.145955][  T112]  register_netdevice+0x1608/0x1ae0
[  545.151161][  T112]  veth_newlink+0x5d4/0xa60
[  545.155672][  T112] page last free pid 5875 tgid 5875 stack trace:
[  545.162383][  T112]  __free_frozen_pages+0xbc4/0xd30
[  545.167796][  T112]  __slab_free+0x2e7/0x390
[  545.172242][  T112]  qlist_free_all+0x97/0x140
[  545.176855][  T112]  kasan_quarantine_reduce+0x148/0x160
[  545.182792][  T112]  __kasan_slab_alloc+0x22/0x80
[  545.187744][  T112]  __kmalloc_cache_noprof+0x36f/0x6f0
[  545.193207][  T112]  netdevice_event+0x3a1/0x8c0
[  545.198000][  T112]  notifier_call_chain+0x1b6/0x3e0
[  545.203113][  T112]  __netdev_upper_dev_link+0x3c3/0x590
[  545.208635][  T112]  netdev_master_upper_dev_link+0xb0/0x100
[  545.214465][  T112]  hsr_add_port+0x693/0x980
[  545.218972][  T112]  hsr_dev_finalize+0x6c4/0xaa0
[  545.223827][  T112]  hsr_newlink+0x7d7/0x940
[  545.228454][  T112]  rtnl_newlink_create+0x310/0xb00
[  545.233703][  T112]  rtnl_newlink+0x16e4/0x1c80
[  545.238488][  T112]  rtnetlink_rcv_msg+0x7cf/0xb70
[  545.243554][  T112] 
[  545.245889][  T112] Memory state around the buggy address:
[  545.251589][  T112]  ffff88807a004f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  545.259934][  T112]  ffff88807a005000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  545.268090][  T112] >ffff88807a005080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  545.276240][  T112]                          ^
[  545.281009][  T112]  ffff88807a005100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  545.289251][  T112]  ffff88807a005180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  545.297485][  T112] ==================================================================
[  545.305550][  T112] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  545.312745][  T112] CPU: 1 UID: 0 PID: 112 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  545.321860][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  545.332015][  T112] Call Trace:
[  545.335412][  T112]  <TASK>
[  545.338440][  T112]  dump_stack_lvl+0x99/0x250
[  545.343137][  T112]  ? __asan_memcpy+0x40/0x70
[  545.347785][  T112]  ? __pfx_dump_stack_lvl+0x10/0x10
[  545.352987][  T112]  ? __pfx__printk+0x10/0x10
[  545.357680][  T112]  vpanic+0x237/0x6d0
[  545.361754][  T112]  ? __pfx_vpanic+0x10/0x10
[  545.366267][  T112]  panic+0xb9/0xc0
[  545.370084][  T112]  ? __pfx_panic+0x10/0x10
[  545.374502][  T112]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  545.380500][  T112]  ? jfs_lazycommit+0x74b/0xa90
[  545.385358][  T112]  check_panic_on_warn+0x89/0xb0
[  545.390311][  T112]  ? jfs_lazycommit+0x74b/0xa90
[  545.395258][  T112]  end_report+0x78/0x160
[  545.399590][  T112]  kasan_report+0x129/0x150
[  545.404184][  T112]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  545.409752][  T112]  ? jfs_lazycommit+0x74b/0xa90
[  545.414615][  T112]  jfs_lazycommit+0x74b/0xa90
[  545.419564][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  545.424796][  T112]  ? __pfx_default_wake_function+0x10/0x10
[  545.430794][  T112]  ? __kthread_parkme+0x7b/0x200
[  545.435744][  T112]  ? __kthread_parkme+0x1a1/0x200
[  545.440770][  T112]  kthread+0x711/0x8a0
[  545.445023][  T112]  ? __pfx_jfs_lazycommit+0x10/0x10
[  545.450225][  T112]  ? __pfx_kthread+0x10/0x10
[  545.455427][  T112]  ? _raw_spin_unlock_irq+0x23/0x50
[  545.460635][  T112]  ? lockdep_hardirqs_on+0x9c/0x150
[  545.465936][  T112]  ? __pfx_kthread+0x10/0x10
[  545.470529][  T112]  ret_from_fork+0x4bc/0x870
[  545.475126][  T112]  ? __pfx_ret_from_fork+0x10/0x10
[  545.480247][  T112]  ? __switch_to_asm+0x39/0x70
[  545.485103][  T112]  ? __switch_to_asm+0x33/0x70
[  545.489871][  T112]  ? __pfx_kthread+0x10/0x10
[  545.494556][  T112]  ret_from_fork_asm+0x1a/0x30
[  545.499328][  T112]  </TASK>
[  545.502689][  T112] Kernel Offset: disabled
[  545.507009][  T112] Rebooting in 86400 seconds..