last executing test programs:

13.256207257s ago: executing program 4 (id=837):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000009c0)='cachefiles_ondemand_cread\x00'}, 0x10)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
recvmsg(r4, &(0x7f0000000e80)={0x0, 0x0, 0x0}, 0x40010000)

12.259464318s ago: executing program 4 (id=845):
syz_usb_connect(0x0, 0x3f, &(0x7f0000000280)={{0x12, 0x1, 0x0, 0x3d, 0x52, 0x4a, 0x20, 0x2639, 0x101, 0x76ea, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x2, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x6, 0x0, 0x1, 0xb3, 0xe8, 0xc7, 0x0, [], [{{0x9, 0x5, 0xb}}]}}, {{0x9, 0x4, 0x0, 0x0, 0x1, 0xa2, 0xe, 0x73, 0x0, [@uac_as], [{{0x9, 0x5, 0xb}}]}}]}}]}}, 0x0)

9.688113858s ago: executing program 4 (id=854):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
recvmmsg(r0, &(0x7f00000061c0)=[{{0x0, 0x300, &(0x7f0000000280)=[{&(0x7f0000000180)=""/153, 0x99}], 0x1}}], 0xffffff1f, 0x102, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x61)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x303, 0x36}, "b1d65ab71f5ef2fe", "9e8ecc7bb5352776725e1047711330ff2bb17b550800", "dc5d3f00", "46b0dc72b7b1d30e"}, 0x38)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)

5.061017487s ago: executing program 3 (id=877):
r0 = socket$rds(0x15, 0x5, 0x0)
ppoll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0, 0x0, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000ec0)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

4.875098192s ago: executing program 2 (id=878):
socket$kcm(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'ccm_base(cbc-des3_ede-asm,ghash-ce-sync)\x00'}, 0x58)
mq_open(&(0x7f0000000080)=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x41, 0x0, 0x0)
memfd_create(&(0x7f0000000000)='rootmode', 0x4)
munmap(&(0x7f0000001000/0x1000)=nil, 0x1000)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62581)
writev(r1, &(0x7f0000000c00)=[{&(0x7f0000001200)="f6a807fd0c052868c21184a1c49e8b99c0ca7598565401418f", 0x19}], 0x1)
r2 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
mq_timedsend(r2, &(0x7f0000000380)="5cd7e11f0b98c28ba3346eecbba7180f68456e89d26928a06c2146e9b081a7ecd20ee46f887c5b7c4b9d59638c36d8036ed82c352dc5aeef5694246f118432f8d2467aa8fac3b82113b0b514b782fb33bcd362943978b24c83ea02b4a4f105c6c54a258f2fbf00f2f40852b22c51e4c2efe8ccd9075ef4955ffbde8902e478aa2829bdbd4f4f244189eff0aed3d3fed80f2ea6cfe958a51d419546bda0849c78215b4cee279d6be6292e1261a00e2a48636a612ad58ed112561d7f9b6a028d15c11066d6ec00c2c0363965695c7f915e3c93ebb1bcce00cf215791cc59a91d497ee96d4e4e78e8c79cd4e7e2182e37e55bac9945683007b8936eb863436f54e6c72daf2b3a5c130f895bee516ca1d49167ef5dd83ec7c03936a9d3f18bce9c56330b36a02667dc2a27dbf3d091fc80e7093a3bd477367f51a0a5534582ab2846abd0fbed11f18d05f606c5e09ad649a48cbb96b20ffe4549c4c8bbbf694f320dc0da927a3bb5251276e315ff1a7c34e29592d9666bba7f852d1aa561ffd8ad01b708a4fc626d04355cbbf5187b3d92e9afcf7b6d3343e20179ca72d67dc4bf8423a7ac515b276f41ba795ed05270a1f4c864056e4e49e34e937ca0692f0ac4284f28c38e4cf56bf56a5e491f7eca50bc7ccd8bb092e7c4a97c814e8482627a39acc87a0d58ef96d289129e3e7ad24021b67a7ae66a220816514399c771bbe2243c7e32d7449a5ee926992565d63655df56deb08c346177cba0cf6e8a927354fe9bc425a1e0ed7554d2dcd63a77a78413848d4092519dbf3a1043b4d119693a356fa3ee20a137ef7414926bf007605553d3917f96654b705fcfadfbb708d166a57c6edba14bd18ae87d32b57666825f9b522e6464e363569234bdcdc681c16907f1790262e3c736cb22877d3297d8db1cd9e43ed2c2115d5bc9802a079cae35652f29777530eb65f6b12fdf295978f77b57853be6c90e74f32cbc2e02c25736663feef4352e4e3cd857e52ecdbb14ccb3101b02caec408bcbf048e84c04f67478e6398bdb00b6284e996d302158813b896752976365fe0dd867d0d03fc3174a617d0268a183d508324464a439d59c04468f9da8086616adb407a5348f67634c16f0bdb49d8cf622ad040639ca0a24d291918776e170e0bc97ac64a92fe495f003fdf2db8f0a3a645b0ff725cd00504e96e109e85750a9ef82e2cdf5ae605c461d8183bdb9f2795bf9bbbefe6759dd62ce95d9461a690b0bc1925123404502d892a688cf8acbc08d7d6e278e5ec201a972412c4e79986219d77075cd00ddbf1e87ecd4d14fc34f1754618f61c4dee552c221c6dc8674763529be6cee48798c86b756e9ff769cef21ebd742bc487ff639ccf919545fefadd369f2fc472ea5691584bcb5186538f175e886e660638997df234761a7be1fe2b8a2190b43ade617055e3014a3f38bd53fc752c5a122af640b13c68271b6eb67249baee5cdd44399c4536e522bf5fdd10b181250c4b25ab820c8e47c6e478450a09f2f528abb2d845d7f590c94cfd106b245a94aa3240124b6a67e77d846b11351b69ea8bf9688e2748b1414e12df2ae92161b0833cce4b53c9dfb320ff21b6a44fbc9294891dbaedcfe93ba7b2707de60dd9e688b9be8ca155d20e71b20278bfa9ec123f8a7c7fd3619162f4cf0b188d72e69db66d4603313f2196b6a369b33afe7015d476a96458acf30fc682858fe5eb25c73e355cbd827d9e6ba4ee3daf28255a8a4083d0ae8fe2b46fb7b37272678f6f1702fdf068185ee68fb87da77954c3f69b1edfd11bffc0f4dbfd6d7aa84d96ad2f8359d26dd935de46cfa6d01ffc86c8480c7637ae6cb4b01bab89f05273f7c81dcb289e9104dd46f711c1835899cfc60fa9dc9a9ce3006016f576efead9f390c5f74e33d680dc5d1f16ffacddfde1a167a8a663b4c8633a9e6195c1cb945951a43e294328c280328bd1c4743a06399bb4f979b3030cb2c5ab0d09be93d18490102f452b5ad3f6e850a9ceb07c3760c4147976f30d9cd124ffc76265b8be60995e6f0f9f716931823fe879d99a10abafb5f8ac631a7519576d6255daff62d6ba5ffc4a147f81320a87716d13363c0f00380b32857a36bce61b5441aa36870f17c3703ca3fb35a3f579475149a40fee96cbe700d9e250972c2394b4b2a8fe9aecfca76cce364811ed529464a4edfae97d6c141ae29ac95e947e4e3975d22ea9fae41c8465ab4b2c464561aa84cd9913279c80a58f3fe94098a87d7550aab7123e2c15e266089f27868a92d7651b650b8454f0d5afb42c73eda75e4facf0da630e0b79d39cb47604cb61b9d04c34055f37be818262ef7e0975654b21a184eb875ea8002f25350f8afa8c8f754ec89dc489c8cbd22d7132c997a1ad96ef1ba092057e46b9993e7804b8a28422739ac4185b2547d79db6ca1a82c042b794c2cb726c22e2b6e7b6d454dc885c840c8f4f1f695ee919f4f24f6a6da249f1db094415e598e1b9cf26d018bb57dd66ca59e06311475decbc876cd716fa484269d716e68c4d293d140b21822de2d70e67fda76ea0b17340c116e33b21a3d519e49ac910b0aba160c8750857ca495c7bd89e0779344b67ed22f58dff8c0e08d41cfc5cf82a3a8a811da78edfc0511624eeb56ebdad4d0be70e55c983f383e80d8fb2a2022b07aec33388e9fababd4e3e6fa97792bb1a81b171f969261066ebaa22c03bcd7d02e7101367ccb4f09736de7a3b54b18708749abc18457fa1e0037f5028bc3e8a7106ffa8ae5d9fe8bea14a64dd0d51f9ae14ba7e6191a2932a3845ee17e425cc994e9af060470ca65494b6f19afc673765ac95c9f469aa0fd9821b17de03df3f98941474d8f927cb1760fa6e026a083a5f1fd4c75c08050872ca331f88ca79b17056ed6e15b8ef06ff6411ec7a72b69c84f98c47992488ef8038a20dcad451cead0b87c04248edc2a310e8502099d958bbee36eb0f21ee732e9af6a25fad1f4ca4781be868998368d35f52782cdae3b4114b54736e3ebb036505d8dded405baa54a9ca1d5677a6d697e89cfb7a9c1f7e4f22916dfce78e78f8e6c4109e437276c79ef75cbd25af6b72016077bbd3535a0da876400cb8656d7e0c8779315d82dd9cfaea934b3fdbfa34c7788ac52440838b46b6b3d5124b3746fe5e3b4f401b5d6371a16ee4765d144cfa8489f3772bd44e2ba18a6e69bc61e176363bed125b1f3784c1dad97f64368f4ed0d3b5928d97fb6ac185b7a280d968ae40161ea46f768118b9133f50c0a78ca54dcde3a125af0947f49438303bbf49b6f8e4b7eceed98f4bd1432bedf1013c1445215cea4da0a7c7007a1fbcb6800c94ebe194468f624a75ad6dbb17ed464085555082b2be669a913493453fb07da125c9299f036730ed5e5f6f94f05cadda736dc6755bf11d2da56ad0f081995aabb1cd37b49b5ccb2faffb066654a1c7c574bf62180777bdeeb4c1eceaaca1ad74562e6cd4b40d9de48ec61ddedc88b68392fb3ce7ff0acfe983f9406cdf335fe242472b3cc75f58325e8a4f9ddfdcf885756df7b2d1fb25ef14f3aac80a86c3fff72d44b5b0e42ecb6e3f1947236a4398cff071809ea96383d240da104921543a0eaef99fe42d0eaefb136fd3478b3f7ab3132d23709e1d9b3b871ab4e1f3eadfd28365b2096dbeeda44854eb34d69043f0a893e12f2444762505c5acc5edca83473c23352c29d644cc4bd9633777cdf106f2fe5bac70de822f4cf975b020601073a4ee1b0c743ebd880f4a4c2446afe1c30233ac55afec2a7995f8841ddfece68c7138aad71aae18a575ad29ee543c6b9401fdd19df408b9568afa3854c7c052cc171f0f37542c35fa9d3a866e05850cc6de4b37c8781ed938f2345c99dfedbc5c60d88d33995f69a3a14fb813a5db388f3db1c75c459e7ad3bc87272c48c5df4995fc3b2558c2c4d671a0d0777608c5606ed928191af1d731be3bd1ac90d850203931cf037c465e7e759c19fc43661bb289642dd077a85565aee8821e7ed23dc8fe526d3ede019f4caa6b8101f640e5646c76dcededbbea9f2eb6ce97a6c8168a3c95a64c3e5bc9480fdf4510fc7d19542ae1c5c2c415310641f37bf410e07c411d1192cb1301f73b327c4a3657bd056e41888f30bb8d86a22c378a87e38066daa7ca208b2f3f380bbcc1e6752f1bf12bbdce22e887c265192f8559d06e60c15785a63451003e8e56c4361215ab1855b82ca9d1cd9deecd6a8de27a36ebb6aac5e06d4eaef9556d38989724b937ba612a22e6247e50c6f4c48491d1516e518d05b6f25d1417654e65ea12dbd8e41e3a9eabbe03b2e3477796b36c5d7224ea6ee3cd339d25a6ff70ad5f9d185a63147b4b6d1120c9d355ca57ced26b5d4c25b852ddc63b7d28a9f6dfa54cc85f06f4579bc0a1345864bd2682e7627617c5f63802a91237c11ca92a19b875ea28eb4f8806fbcd245fafc23e1a2210287665367bc85dcad5e2c173105476253b07338b939f6e308230d8ae3d8e55e75e4e11378f88c3f391fcffa921df07077c512837811f7e98e944cfa5643dd16987c44fa2632d4ee2fa4cbecc8ea0f282ccd1ae6f67c455d142b53f825dcb5039f64275cb9bfa9637b6560c5b66ccb4da06b0e6cd79bcf99cb2fe9b23cf03212ca504961e46d252cdcd4f1c696c6a71ae80358dd9f59ef39880412cc0cbd9601277a3a946ea51bdbaf557df293214c139da52f721b13d3f050c0544803872d1ac26e8481f70dc23ea54ca293cf96ba776f6112884a4f614a512711ba37db356cc690124e64ded97fbd69d1b2983a833b7e9ec209b66a6ebc13b52c2e3ead8558a227b014b6fb138cac090960e30a3a63c0c6bdc70e9052c7b9b4d9b16d8cf4cf833b9d9615491e1cb7f503277fad7e9e6f9548f069bec0fa0d17fa8da385095c59f23193eb1cda524d527a098ed641d267a844169069e1f04b5ce61efd2d0a47e86ddb21aa084e5f89c65b726cd9047aa604dff7b29dd83257861d3830d93043f61fa414da821772a17e22dc33f7bd507a1c4109739f4a085a6450181828bffdb7eee965f217b4527e9907fbb27801f823822bbff0f070b8f7883369c83cff73b70b619a1e7a1aa7db3f55ab1b8c109f6555ea2a94993c24868a5812e018e0d88c86462b58a6be861c929d66a1967d632a55d1f6f74e99b9bbec9d492b04704813a0ec69f8f23ea78f6e24233813a656dd4859f7c96dcd26994a3f65065ff860189589194d3c6cb67f8c3e781f67e0c05574abe210d15432613d41d690ad24a600ecf4ab709450e3771ee28c2f3e0c67ffe8a62a145bd8ad97474e9deb30f74359cdfbacd215458e4f77731824458f5df85ba5955aa0eb568297513e4b51387a5e881858f03edc11512680af552049a80909a21d25d16ba607ee797820100d55cdbf17683c488e7aac265119022851ebcad2d4e0e13874c87dd2912dd7677ba05c4adee47f9953ec1d574eead6948aa0dec5783835ee13e6d7c4f2919b4d9fdbefafb7ce98b9c618f87851eed88832c8dbe563e58447e0478a2f5fa9233797a4dd64e93f9c1229490e39de316a78180dee4312077dcbe38e67e3b628aa662e69c561ca50058bab73723bdd0efcc0d768c12b1dd468ae86bddd9146765354d4a75067c20fc1ea51129b33f0d91013e9a244c3f5aa16df506498a34d213ab496ae8fb0fc5d2628e885b6a0a832a82594b80a1795093d", 0xfd1, 0x0, 0x0)
mq_timedsend(r2, 0x0, 0x0, 0x0, 0x0)
mq_unlink(&(0x7f0000000340)='eth0\x00')

4.347439925s ago: executing program 1 (id=881):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000040)={[{0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc, 0x12, 0x0, 0x0, 0x0, 0x1ff}, {0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}], 0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.151356981s ago: executing program 3 (id=882):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r1=>0x0})
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140), 0x4)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
recvmmsg(r0, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

3.944042478s ago: executing program 3 (id=883):
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2010410, &(0x7f0000000040)=ANY=[], 0x0, 0x661, &(0x7f0000000cc0)="$eJzs3c1vHGcdB/DvrB3HG0LqpkkbUKVajQQIi8SO5YK5EBAgHypUlQNnK3EaK5u02C5yK0TN+7WH/gHl4AMSJyTukcqFC9x69bESEpdeMKdFMztrr1/jTROv3X4+0ew8zz7PPPN7fjOzs7tWtAG+sOYmMvwwReYmXl0t6xvr062N9en73XKSs0nWkuEkjSTFf9vt9kfJzaTYGqbYtd7jg8XZ1z/+dOOTTm24Xqr+jcO2O5q1esl4kqF6/aTGu/WZxyu2ZngzydV6DQN3Jkl7h5//43ynZWRHx+Z+W48eT5DAU1V07pt7jCXn6gu9fB/QuSt27tmn2tqgAwAAAIBj8MxmNrNaXBh0HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBarG3//n9RL41ueTxF9/f/R+rnUpdPlpf66/7wacUBAAAAAAAAAMfopc1sZjUXuvV2Uf3N/+Wqcql6/FLeznIWspRrWc18VrKSpUwlGesZaGR1fmVlaeoIW97Yd8sbjwj0bL1uPpl5AwAAAAAAAMDnzG8yt/33fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAmKZKizqpZL3fJYGsNJRpOMlP3Wkn91y6fZw0EHAAAAAJ9d81EdntnMZlZzoVtvF9Vn/uerz/2jeTsPspLFrKSVhdyuvgvofOpvbKxPtzbWp++Xy95xv/+fvuKsRkznu4f993yl6tHMnSxWz1zLrbyZVm6nUW1ZulLH0x11V1y/LmMqvlc7YmS363U58/fr9R7v9TXZg/T5ZcpYlZEzWxmZrGMrs/Fs98jsf4T6PDq79zSVxlawl3btadckHivn5+p1OZ8/HJTzgdiRidFUte7Z9/zhOU++/re//Oxu68G9u3eWJ07OlI5mqF63q8fm3nNiuicTL3yeM9GrsV24vPXkXH6cn2Yi43ktS1nMLzKflSxkPD+sSvP1+Vz0XPIHZOrmjtprZ/cEMLqjNlKfoUOPEdPL1bYXspif5M3czkJeqf7dyFS+nZnMZLbnCF8+/AhXV33jgKu+/eV9c3n1G3WhvGf98Sj3rmNT5vXZbl6L7HjNHavaep/ZztLFI2Spz9fG4a/W12C5j9/2noIDtzsTUz2ZeO7wTPypmtJy68G9pbvzbx1tdxffrwvldfT7E3WXKM+Xi+XBqmo7z46y7bl926aqtktbbY09bZe32jpX6tqBV+pI/R5u70g3qrYX9m2brtqu9LTt934LgBPv3DfPjTT/3fxn88Pm75p3m6+O/uDsd86+OJIzfz/z3eHJoa81Xiz+mg/zq+3P/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwONbfufde/Ot1sLSjsJaq91uv7dv0+kudH/O7Bh3+pXzySM7nz8h+emzUBRH7fy/drtdP1OckOAPKbRrJyWeQRQG/MIEPHXXV+6/dX35nXe/tXh//o2FNxYezM7MzE7Ozrwyff3OYmthsvO4e6vRwQQLPFHbN/1BRwIAAAAAAAAAAAAc1XH8d4JBzxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA43eYmMvwwRaYmr02W9Y316Va5dMvbPYeTNJIUv0yKj5Kb6SwZ6xmuOGg/HyzOvv7xpxufbI813O3f6N2uLvyov1ms1UvGkwzV664/9zfWnvFudYN9bMXWxMqEXe0mDgbt/wEAAP//OoMPCg==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
syz_emit_vhci(&(0x7f0000000400)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0xa}, @l2cap_cid_signaling={{0x6}, [@l2cap_move_chan_cfm_rsp={{0x11, 0x0, 0x2}, {0x5dcd}}]}}, 0xf)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f0000000080)={0x1000})
syz_emit_vhci(&(0x7f0000000440)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x0, 0x0, 0xe}, @l2cap_cid_signaling={{0xa}, [@l2cap_conf_rsp={{0x5, 0xa7, 0x6}, {0x6, 0x8}}]}}, 0x13)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
eventfd(0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x4, 0x0, 0x0, 0x81})
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000000200)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0xffffffd4, 0x0, 0x0, 0x20}}, &(0x7f0000000240)='GPL\x00', 0x1, 0x473, &(0x7f0000000280)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffffffffff60}, 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$clear(0x11, 0xfffffffffffffffd)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r2, &(0x7f0000000340)={0x2020}, 0xd6e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(r3, 0x4010744d, 0x20000000)

3.848670646s ago: executing program 2 (id=884):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x90)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter}, 0x40)
r1 = socket$netlink(0x10, 0x3, 0x4)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000240)=0x3, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000240)={0x0, 0x4, &(0x7f0000006800)={&(0x7f0000000080)={0x44, r3, 0x615, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x44}, 0x5}, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000007c0)={&(0x7f00000006c0)={0xd4, 0x0, 0x1, 0x3, 0x0, 0x0, {0x3, 0x0, 0x7}, [@CTA_LABELS_MASK={0xc, 0x17, [0xfffffffa, 0xeec5]}, @CTA_LABELS={0x8, 0x16, 0x1, 0x0, [0x7f]}, @CTA_LABELS={0x2c, 0x16, 0x1, 0x0, [0xffffff81, 0x0, 0x1f, 0x1000, 0x6, 0x3, 0xfffffff8, 0x0, 0x4, 0x127]}, @CTA_NAT_SRC={0x80, 0x6, 0x0, 0x1, [@CTA_NAT_V4_MINIP={0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @rand_addr=' \x01\x00'}, @CTA_NAT_V6_MINIP={0x14, 0x4, @local}, @CTA_NAT_V6_MINIP={0x14, 0x4, @mcast2}, @CTA_NAT_V6_MAXIP={0x14, 0x5, @private0={0xfc, 0x0, '\x00', 0x1}}, @CTA_NAT_V4_MINIP={0x8, 0x1, @multicast2}, @CTA_NAT_V4_MINIP={0x8, 0x1, @remote}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MAX={0x6, 0x2, 0x4e24}]}, @CTA_NAT_V4_MAXIP={0x8, 0x2, @broadcast}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x4040040}, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000380)={<r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'batadv0\x00', <r8=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'batadv_slave_0\x00', <r9=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r7, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=ANY=[@ANYBLOB='\r]\x00\x00', @ANYRES16, @ANYBLOB="310300000000000000000900000008000300", @ANYRES32=r8, @ANYBLOB="08000600", @ANYRES32=r9, @ANYBLOB], 0x24}}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000180)={r6})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f00000004c0)={<r10=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000200)={r10, 0x3, r5, 0x5})
r11 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
mount(&(0x7f0000000740)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000780)='./file0\x00', &(0x7f00000007c0)='hfsplus\x00', 0x0, &(0x7f0000001080)='\x00\x00\x84\xc5\x9bI\xf1\xfb\xa4\xfc\x1dA\xcc\xbd\x98#')
ioctl$TCSETAW(r11, 0x5407, &(0x7f00000001c0)={0x6, 0x7, 0x8, 0x40, 0x1, "d266e606eeb9b286"})
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_unlink_exit\x00', r12}, 0x10)
unlink(&(0x7f0000000140)='./cgroup\x00')
getsockopt$inet6_int(r4, 0x29, 0x11, 0x0, &(0x7f0000000100))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)

3.840917336s ago: executing program 1 (id=885):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x20, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_OIF={0x8, 0x5, r3}]}, 0x20}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000003c0)=ANY=[@ANYBLOB="200000001000370400"/20, @ANYRES32=r3, @ANYBLOB="0002"], 0x20}}, 0x0)

3.407958492s ago: executing program 1 (id=887):
socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x84, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080), 0xb, 0x0)
close(0xffffffffffffffff)
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0xd, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0xa0}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)

3.070464599s ago: executing program 3 (id=889):
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f00000000c0), 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_vhci(&(0x7f0000000080)=ANY=[], 0x7)

2.831483379s ago: executing program 2 (id=891):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x300000a, &(0x7f0000000680)={[{@nodatacow}, {@thread_pool={'thread_pool', 0x3d, 0x3}}, {@nodiscard}, {@datacow}, {@ref_verify}, {@clear_cache}, {@nobarrier}, {@thread_pool={'thread_pool', 0x3d, 0x8}}, {@nodiscard}, {@enospc_debug}, {@ssd_spread}, {@nossd}]}, 0x3, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
r0 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0)
r1 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r2, 0x0, 0x0, 0x1001f0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xfea7}], 0x1, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, 0x0)

2.591320789s ago: executing program 0 (id=892):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0xfffffffffffffd04, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[], 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f00000004c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x50, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_IPV6_DST={0x14, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @TCA_FLOWER_KEY_ETH_TYPE={0x6}]}}]}, 0x50}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.589489018s ago: executing program 4 (id=893):
r0 = socket$rds(0x15, 0x5, 0x0)
ppoll(&(0x7f00000001c0)=[{r0}], 0x1, 0x0, 0x0, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000ec0)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

2.530601663s ago: executing program 0 (id=894):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffff3a)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000640)=0x1)
syz_usb_connect$hid(0x0, 0x0, 0x0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x31, &(0x7f0000000280)=@string={0x31, 0x3, "a144d0c128fc6bec2d77346482a6c64fafd9947650154a8caea9f71b93dee7195b75df3da89fe767c10b18c5e8c72d"}}]})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.376091356s ago: executing program 3 (id=895):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000040)={[{0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc, 0x12, 0x0, 0x0, 0x0, 0x1ff}, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}], 0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.698478932s ago: executing program 0 (id=896):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r1=>0x0})
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140), 0x4)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000080)=0xf3e, 0x62)
sendto$packet(r0, &(0x7f00000000c0)="3f033608260812002c001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)
recvmmsg(r0, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

1.650579885s ago: executing program 4 (id=897):
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_usb_connect(0x0, 0x52, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448cb, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r1, 0x0, 0x0)

1.532227935s ago: executing program 0 (id=898):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
open(&(0x7f0000000180)='./bus\x00', 0x10b67e, 0x0)
r0 = open(&(0x7f0000000400)='./bus\x00', 0x16543e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x11, 0xffffffffffffffff, 0x0)
ftruncate(r0, 0x7fff)
pipe(&(0x7f0000002900))
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

1.4742345s ago: executing program 2 (id=899):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000280)={r1, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x26}, 0x9c)

1.442825222s ago: executing program 1 (id=900):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000400)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d50e44155790748b7226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9b2382a759d67b1cd03b076bf90286b63eb7aaea4cbb1280955e9a59cd8e5e8ac68c27da3d542aece1ba7920e8f39b270458224e74afa52db1ac07f7cce47d5e8ce5b2806ff7171c64a689a0ba35e934506a46a10b9a579dc43630831e2c5400853b58e020c9cb65e44d4957b00ed35a858d44b25d5b8dad1be42", 0x118}, {&(0x7f0000000f00)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df28a3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6edafd6c8461de7afec966f9c023ffe15c3c1caec8ff3ef304ed0ffedd061941d9d022b25a4b9632856295fee3a314f6c1", 0xf5}], 0x2}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000001080)="63c3b174ab06077f6ee67ac1310d86586b13d2c9e203a9da866b81e20e9fe5c43219396d489c1459ce9cd14fa3b43a0b9b6004118a35444790d7", 0x3a}, {&(0x7f00000003c0)="03d54d843173f8be883a57d9e39cc6c79c415ac50f3e1e9c9373002a5b1918", 0x1f}], 0x2}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000040)="610cb4f6db2105b873df3f7652cc642b85afb69fc18178429903bb6e1ecd18186c48", 0x22}, {&(0x7f0000000180)="6fe279d51047ff146af40b78b8d7ae53db8648c2090d72bcfeaf6fabbbfbe8dbc8b8f4cb22ac43d5a0fa87533bb375454751b8dd8aae4808a37a7649b3", 0x3d}, {&(0x7f00000001c0)="6d5edb4b883e266ba8c38aa9d13a78431c9d2cb6d8f4e1e80bb8a936aa105f46c914c46487522bc58054c4b0a523eeda0c76b595b36a515b6d30e34705733bb34bda2f89e92b2a98d2edbcffad9c5ccde0d723423cf07e4ffdbd568d3e263fb3b4086af3f2db1933785e59538bfd61f138ffac9eef7c8b34e4ce506220f43af449d3a72f48d9febe830b04cb3c99425de34cac503014ce74562667d8d6888edcc42fbbb6", 0xa4}, {&(0x7f00000002c0)="07030357fa3f85cd282cb9ab7e0a6d90d11f30e1bc20889d43e59a72354107b7849bc3c72e1485cca17aa5f4264f117b820688c6e25503bb54b2f6557d8b906aa997860941de528c25ca5ec78456babac034dc8cd2", 0x55}], 0x4}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000700)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5700d368744361ae9fce3a4ff6bb3bf10f3485e399c8b59df5b02c5f2702522", 0x3c}, {&(0x7f0000000740)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc487553859348d48e6fc49d81c71590cd542e796cc2669e2c691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b95e269169f5f7b51dd5319b8016623d1863d7d77ceefde94faf2e36c3920581691a79a6678db1e5e7fa1ca703ee7aa87272e9c4a1bde5fbc390c7ccb9d3c1020e80bd0659e82d861dc6fe4c62639134c54e708601eae992", 0xd2}, {&(0x7f0000000940)="5be3b011e12323e4ab88c0472fd012198c3c61bb81e71ba62134303d2db9740143b0374a0d0be875789932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19645f7a1dcf1449fd34eecae5f52f", 0x54}], 0x3}}], 0x4, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

1.311911373s ago: executing program 3 (id=901):
syz_mount_image$udf(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x4080, &(0x7f0000000240)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRESDEC], 0x2, 0xc2d, &(0x7f0000001900)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8000c61)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000001b40)="a7b9ee54169c1547bdef4b3d02ef6476385655ea58c6f32e3cef411f181811f75275e948d158e1a47da9fa3546ba6d3c59be185021db39195f48263d9cf58d4d4d2eb3021c9fa08341a9479fe379069152c53f2b2fe84661d5183fec85cfe6fd448d4d5787587fd0ef486550d26c35d21c2427a520cc092cea855e5637827e70def7a6e49e0c7cf80092a5707d0a8182d75cc13716728d377881ee4cc435d84912e0366dca185ef52e9464f9bed85b30db8fe600b05589d281e6bb4443c86dd3b58cc1bd5c43de0a58b1188a896d6244813cc2e61734c930ec9271150f879a26e6703e48510d8a56730387c67fe58a91fd3726bcd9ddcbb5db9b1dbc2839f72e7342047178b18339572acf41498bb4eae49a102aec19fac4d4e61bea7385642f7c8c4c27b5883764567f9d17939cd7fbeec36057c85ef6697a8bf4aad4c4a371d28fed2fc82e7fcbfba3d9de1e136b5a01eac5154454054ff966de6075c2445ef4d4cc859981aa623e1714b801aa6b3cf8e7cb8301da359b3d75daae6e1fc359a033bb3e4b285bd48e0ccc98f645b9f896981900407044874e1d3145282891a5c1b3eb53b0a4a154d8176aaf5f2bebf19a6bd5ab73e58bbd4bbe57d25ca60d5005a5053201d1a5b2115049e176931d594ced7692d0e34f98bdcf685a56a076e834417881436e00df27c8d6bc6be587238afbec60f8b1573cef3bec2a404e991f3b0c9455d4247232457d1e831384a5f1638a4dd4c68815dc59731feeea1389d5393203fde844623201b806d6665c7ebad86061d5032ad20f8d8cffd0fa44d9fe29bac04bf04e3701e62477b5f0d5050a0bf01239afa5c86e2a60d1a55c23701213f03edbb1599cc33e45a4e14fd9387cb549bf244b8cafe75180372dd012a2beb1e2309ddbe27eb34537ab2169dc5b1d17b884dd1a8441ba1db54a698e84930727499a369fe1f4853096bc14bf2fbae36a01df1b3bf606766d1703f07f4629307fe8c35c04f3b57b06b10e2a3e91782a742d4a25ff0afe8f386fa78164f403fc51f2d2159e4ddc502b623fe664d7224e44f6788ff4d0a5796115159af2432e9903c169b67857a786d15334ab039b7f75ae220c45ab5df7f31800c2624b81585b7e2548a918a5936d8e71fda85b4c580a12fb191a31b2754fc572ce165e0082642b16a8b2e38e80451214527fb585d6d63550769a29bc04129c03e1a0efe704784c10628aea33de1f99faa21b30110e55ad231b2af5ac1e70a95a301766b408b509027174ac83f10567ef97cbcaa70e90811239f9fbd24cf83e39e17fe60c4d2dac04e84c0b9a503d5ef693687df9de95f1ec5fdf8aa530eeec0ff631d7038eaeb83687789ce659448d81cf059aea8221184a6bc4373a8ef3f0e1607c4902eb185d306c964e5ade8c9c05089dc71dec9a946bf21286e3d52b6d5ca8670ff57ce401304a283395247d90cbc575c6dd35c905d96ddd9c0414f2442826915111eb851ab3540e165010084462e138f569dba448f4b7198d683e503cf7cc5348d2358d4c8a7c5c8832919d189b2f39fbe5230c601876a0633acb6f80ff3f93cd4fa411e2caa64bbf9bee4990bb87f42595d9680399e42813ff0f3792b8e98c2fbae64788b021036f58df1f29b0309674e56fe1156ad8759e7f927f9266c0920fa3a6374a425d2a4733d3321cb6efd254eb17581ebf3d97f1d3097b9d2f9bef8ced0cf28530c8103926686f3390f1460b0f8044f8775bd3054ccdabc4c4af9f183ca8340448e747a6b5edd42a9c02c959a41f02d1e10e861a9014fc42e66e97225a2513e42fa192f47a6906c12a716797c9d9e7e6e04b851f390b919594bc44bbef0eb4b1c93671d052801ba352526423ca3b60b265d9541814e04978ece4462df9662c971a0956666ab869b37cdd302b6b207a84c419702d2eacf2b22d36217d2a7f27cecaceeff80ac09cc3b5aa432e4dc45334ef0f51a9b78f0649521dd3767df0578d4b43fccea66d9ea9906045d987c5f942a1cb53b6e4a8a592f7c78f97f6499af7bd1cbb031fc5a593e4e57617e57adb88c1dd87e64b467036fe56deba59646468804928cbcff3a3763f4acc009a43b916a05abebd579612c963a857fa14c589466aeb0856f752349a5c90794726cc2a463d42e319f3ad2c0e0c1be8d6a6d2cc07b92e19216acd72f2d54feb9100ef1700430f2c3724685615b85c486b2578911e6d59e86b787d99136599562e3d1126ff1d8d6dac5f4571fc03cf9c670ee299911efb28aef7a17c4e818aab641993fb98892d8f393b9525c55be4ec26a85022aaceed4d0552ac3cbe77a3fcffb3f385013ba76af40cfd05c5e946fb541ad2df0789fd26a1babfd4682b8b123c5121394c4464d1640cf7aa9576e3a9170f151184bffe53854782c040c131c374bb03aab26e5e80f6cf8f46a4d377b3c5bcf75da52e0c9c23d494d62bbdf27c7493c167fe4da95c27db07855b5fcb7a86e7e2cb6a37a4ca169d77c0c3f9fa1d3d69f5dbf41edf8a87e976e49b5aee9f1ded5d176ca4688916ed25cae2fedf70d4edfff18b45501fed2ae56aa28ec4dcd89df27447c9544852a0949ce706fe6758eb69700879405f343923425dc205b193d671156fe76434229934700dfecd28418710b37b9fa516b8c3f3e363bc18ac05892d782b3a1c220aa341575036c37bb6ff8f3603f6530c8611e441d17abb5eec0d68a54e37ad77bc7428a057184e6ac5907b8544e1dd163b820338c04c71b80ca37eb854559aca3b1d75ab2673a60f15388999d59e2f2c82313a34ee77e3afedf3e2d174815e568bb76b52fc4e16a6018a102c4db57fb553b3dbde29499069f964eb4fb2414a78039579b115bca4a5014be0246d358a5aafbe4309b88a8891138604ed9911dae3a94d8e0ac980d0068597c9e6d8492b4fd45c5d5cc839dd99c938516772d56d1cefe0ce5baaed5ac5761c570815a287129fe9b35d008f5ef97c1d75b0daf4819656866dbd9fee3c4cd76000b853b1ca7e27d0c6427c28e7a3cf1454186da9b9c7808536e6b9b3a7a9acf5a02ebb3a66544672f9570fac7f2ea02e90ada45ddfbf8404aaf7a76ad1ea9cfe3468c2dca459d702e524a427b4b578a82a0da43f098c0edcff51b94bf7d5d29f9e174282e5d406d0423b070a5fccb7655a3468c3eb357e2e6ef9ac9174e362e179e30d1bec526388bc303c424a6bc1d36918b54bdb216f1388440ab45ccdbb1b9d37931712ae85fa3f0e27f966bcb4175c65e36c890fa2317f83cbe94efd4c1730b75bf791d1b3399433dd413496c37df56f14e5e64f2469338919bbb5512d8a9f4fb51c3295f7f66629bb7667e0ad58e7c140ba6c9eb017aa7757faad9b6371f869cfba7f0980cd6b09188d8d593a35776d5cbc3ae06b4d9aa9405c98bb90ce05e05dbdc9a7f266f0d8747d8f80479f6ae8f71082b9f5da0ee05e0e13d7190a9f9927e4bc13f8a84708baac1c64c10e13a34f2710c6f30b72f2227150f63c895ca6ac4956c14f01c0620dd2f7fd5fff18c9515fa4ef7848279372ca8616cc469c5e2abccf724662703f7368f060f1cb86c71bba93a9c68b2814498aac10fc3c59aef9936117a3734b49917b6d68703ad3f18c2ee14dcbfba66681ce087bf43db0320313980b41dd666dfbaf993cf12fe9a438b94e1c881e8b9081f4e83520d3a94224949b3a02ff485cd2aa24afb518da5291ff95362a70a87ce65f1b692b8e7d54f6ca141c5df3216201df8cc122685f927ba99e29570ed73489e99412f1031b50b7880b0f3dc8a963e31df561f3e23678b5cbdab888c0c29ac6ce43059c9ea87f8a7e2222a3a8380e70bc0790f48fba7a8ea87b139a6665e6f6f6f8f3c4c2c667541aa53796b94eef1b09141f0a91a1c9506611d64686e87915b57ca3f2002ed304b7b3ea61719f373ff1f926445df440bb097b5476f05a18aa45538c5e253349a3bf136aababafcc3bfd4025b92749fdee021f6ff3a3c4059488513f070f5116737203e81e0e36ad71e19bbfe14f7119f5ee48163ab0d613ff6f92fc1d6a13f6c0250bb2a4444fc8d2cc5fa9098aec5e8d00b50b4d8a4352112e77e0ca534f6d69a4ae1a31697fcf764c1bd08087f361c080dab74ddc77ec4b50ddd9d8531fba890c7b5162eb41b576be7f578fe67230359ed72f797051c31e986e23ec9332ec95e860d1afeeea7e102daff15e8460e83af71cd3394d1f8f091d586b02edf989340eb2fbe0066f7e74835033293b2f23238ffa108531628f4bb3c5a4ee1071ff87190d033d365f5df7a436c3435ce825e48671a8c57052fe4552c81330e3f71b25771d73fcbdf814c4c6a9149b72c88370b48606761e9ed23e8cf37cae16cdf64744c46f71b405d2d78b86b13f1fd9a37617617b3146a1a977f7f767067dad9cd5c5608e79abf04a7bf0d083c7a4322eb053ced23ecd5898527fdd5ce56238e5f1ef17597e99d3d4ce7e96e81a9e44dc9c4bf27a15d7d0019d7fc8100d31baf674598b1b94b44a729ce58cce08c1f85874d8290370ee7bc3a95ef3a02b392997c5d0d8da2fc2cd246d4348243bc6e5c3eb2a1e8a42576bd0dd2c96da7fdbd956b34e1379c65baf216f95df7bd3617f7433d337090ab83bf96708964136458ce7ab2e9f38d82e9445ad4115b887258927ca62d296c300d1252b3baad362ebdc72a307a91451fd7fc3bb4de2bda2eb5d85c4a18bb8da62a4ee0bbdba6ed661d91d9d15ec1dbfc40db9dc52acfe0d50e01e5d581b0af65a2d1b87542f79b16df3dd5b2902c3edd17de09a711e3cc4fbbe68a6501ad77fd3c39a8fce7c2ea9fbedd6eec3be797eee9a949692a596832f5f26e8115e0bfd429e675d20be9ef86cb5b84e9f3410894c8441e2383eaa5f7f4aafe5bc6fc6cc6bc74ae22ee1aa391bb7b87d808bce48c0b64d900907fc2a1797b7977bdb25657314df52e52312778b344f6899444ff4c127e11df9fc1762723c99d68d0661563d47fb714c6eb7cff21c0981ae259af44b6db1b7e7602628a975c185835e18a82af1b3de1c65024cb9111e0f2b338185ad7ee153db2c0957c2d41669c0dae261718c89e113b9e5ab9b749294769c6cbf49e118725cf0e3aa0584fcac9826714e2254596da1f79a0f7f4f68376b5b584155b725c0be1772d69992d864ccd2c8333fcfc23362844f1fbc17e3e0c4c4179577e8876139e318a1727e5e8a74ca35971dc0d8208a0f53ad5125a66aac81d0bf031475f3e4d1fdbed10f2bd0b01a65562bf5fc38daa045280d1c1f75454be971bcb5433ab2b2a84e6b4a680c4b53c99ca15909cd6d65ed5f63fd89a6afd45abe3948e35de9cd3db1bc68d09a5a145a26c4c2c560e60a0a481d69b1f362a99b15a0afe4e0fe1b7779c74b90e2aab195886f0f170fab888c5f52413b925d5e8dda754e5ff62740a0c8327dfc482eb675d9f07d5c0eeab5abe4301987657c39a03d1093fc1ec08f8c462a0fa765cb7fa624fa424921099d272936ec302b4cd0fea0e368019b825a7ec098a61aca0a011e59137ae3606b917a5eb30b35df0de024c6b3038a101620263a7d41db846c7d9e793966f4441ba7b9797a8f1b7476918afaa5d69d2acd891da38d6f82fe85b7772aed1e9cc9225d836ab1af6a54d3730736d40c906d57166541e676c2708f1dcabd34564412b7e15ba43c42382bcbc5d1b73635ef9b7204e91cbe89e59b05bad19c5da1a5041b88c6aa6674b670ce6b9da7ab06a5fe9f906a8992cd4e6d63287506dcea9112c1a854933180c8116d79f9553ebd9f2017a8b3a4f709d8", 0xfffffc49}, {&(0x7f00000007c0)="c300ef54a1441a3ab82cfd81e5968d7dab3700d29b560a01181e21caf0156cdd8fdd850c05488d785e7f623490558a6574f292acf931822fc6d19ff772b3896478299296471d0084a637d1b6b546fd8b86cbd7f5cebe8c74e93c33ca75f6b9f04195533ce49ec9fbcbc1ae0fd55221d83ce75a52d95035ff51bffe773cb39ae8e0ac4e1846", 0x83}, {&(0x7f00000001c0)="2267989cf3f5a6ed59def9cce212df5be195341cfc891436279ba74705973ff2f1a6362158ca578734a6b242a6bcb87df5cf82cd229bccadf5005dee780f56", 0x3f}], 0x3, 0x8000, 0x8, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000200)='./file0\x00', 0x3200014, &(0x7f0000000280)=ANY=[@ANYRES64=0x0, @ANYRES32, @ANYRESOCT], 0x1, 0x600, &(0x7f00000002c0)="$eJzs3U9oHNcdB/DvrFey5IKjJHZiSqAihrRU1NYflFa9xC2l6BBKSA89C1uOhddKkJSihFLU/9ceci2kB916KvRuaM/NLVcdA4VechL0oDKzs9LKWikr29Gu7M/HvH3v7Zt5781v/ml2MRvgubU4lebDFFmcenuzrO9sz7V2tucu1s2tJGW5kTTbWYrVpPmX5FbaKSNd3RXHjfPJysK7n3+580W71qxTtXzjcBePY6tOmUxyoc6POmGYvb1j+7t9bH/9KvYjUwbseplvPVGH8HTsHdE5Mv/Xz+rHnu/A+VG075tHTCSXkozVfwekvjo0znZ2T5/7LwAAAM+DF3azm81cHvQ8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Dypf/+/qFOjU55M0fn9/9H6vdTlc6Y4VHs4sHkAAAAAAAAAwNPzrd3sZjOXO/W9ovrO//WqcqV6/UY+zHqWs5Yb2cxSNrKRtcwkmejqaHRzaWNjbaaPNWd7rjl7NtsLAAAAAAAAAM+o32bx4Pt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYBkVyoZ1V6UqnPJFGM8lYktFyua3ks075PHs46AkAAADAGXhhN7vZzOVOfa+onvlfqZ77x/JhVrORlWykleXcqT4LaD/1N3a251o723MPynS03x/991TTqHpM+7OH3iNfq5YYz92sVO/cyO28n1bupFGtWbrWmU/vef2mnFPxVlvR58zu1Hm5/J/rfDhMVBEZ2Y/IdD23MhovnhyJU+6dR0eaSWP/k58rp4j5W32Od6nOy+3541DHfLY++j4rz5mTI5F8+x9/+8W91ur9e3fXp4Znkx5THYmtZh2Jua7z8NXnKhLTVSSu7tcX89P8PFOZzDtZy0p+maVsZDmT+UlVWqqP5/J14uRI3TpUe+erZjJa75f2VfR0c3q9WvdyVvKzvJ87Wc6b1b/ZzOT7mc98Frr28NU+zvrG6c7669+pC+NJ/lTnw6GM64tdce2+5k5Ubd3vHETppeOjVDzmtbH5zbpQjvG7Oh8Oj0ZipisSL598vPx1r3xdb63eX7u39EGf471R52Uo/zBUd4nyeHmp3FlV7fDRUba93LNtpmq7st/WONJ2db+t55m61hl/oVr6lZ49zVZtr/Zsm6varnW19fp7C4Chd+m7l0bH/zP+7/FPx38/fm/87bEfX/zBxddGM/KvkR82py+80Xit+Hs+za8Pnv8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHt/7Rx/eXWq3ltQEXivqHfIZlPgpffyFjQzENhd57B3jG3dx48MHN9Y8+/t7Kg6X3lt9bXh2Zn1+YXph/c+7m3ZXW8nT7ddCzBL4OBzf9Qc8EAAAAAAAAAAAA6NdZ/HeCQW8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcL4tTqX5MEVmpm9Ml/Wd7blWmTrlgyWbSRpJil8lxT+TW2mnTHR1Vxw3zicrC+9+/uXOFwd9NTvLN05ar6eRR9/YqlMmk1yo8ydwqL/bT9xfsb+FZcCudwIHg/b/AAAA///SZQzG")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r4 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
renameat2(r4, &(0x7f00000004c0)='./bus\x00', r3, &(0x7f0000000500)='./file0\x00', 0x0)

1.276672036s ago: executing program 1 (id=902):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@debug}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x1881c00, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
r0 = open(0x0, 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x6000, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')

1.114630959s ago: executing program 0 (id=903):
socket(0x22, 0x2, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
getdents64(r3, &(0x7f00000001c0)=""/147, 0x93)
flistxattr(0xffffffffffffffff, &(0x7f0000000280)=""/193, 0xc1)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1c, 0x3, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000ff030000000000950000004b0a00000c01222441acc95e18f4ecc582d259013342cc092a7981"], &(0x7f0000000600)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

954.697122ms ago: executing program 1 (id=904):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
recvmmsg(r0, &(0x7f00000061c0)=[{{0x0, 0x300, &(0x7f0000000280)=[{&(0x7f0000000180)=""/153, 0x99}], 0x1}}], 0xffffff1f, 0x102, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x61)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x303, 0x36}, "b1d65ab71f5ef2fe", "9e8ecc7bb5352776725e1047711330ff2bb17b550800", "dc5d3f00", "46b0dc72b7b1d30e"}, 0x38)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)

915.244705ms ago: executing program 2 (id=905):
r0 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r0)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0xfffffffffffffd04, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[], 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f00000004c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newtfilter={0x50, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_IPV6_DST={0x14, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @TCA_FLOWER_KEY_ETH_TYPE={0x6}]}}]}, 0x50}}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

863.054569ms ago: executing program 2 (id=906):
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
r1 = io_uring_setup(0x4d63, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
getpid()
openat$vimc1(0xffffff9c, 0x0, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f00000000c0)={@remote, 0xc}, 0x20)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000500))
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="92001fdb", @ANYRES16=r2, @ANYBLOB="270e00000000fc"], 0x14}, 0x1, 0x40030000000000}, 0x0)
ioctl$VIDIOC_QUERYCAP(0xffffffffffffffff, 0x80685600, 0x0)
openat$vnet(0xffffff9c, 0x0, 0x2, 0x0)

419.672026ms ago: executing program 4 (id=907):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0xffffffffffffff3a)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f000049c000/0x18000)=nil, &(0x7f0000000400)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000640)=0x1)
syz_usb_connect$hid(0x0, 0x0, 0x0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x31, &(0x7f0000000280)=@string={0x31, 0x3, "a144d0c128fc6bec2d77346482a6c64fafd9947650154a8caea9f71b93dee7195b75df3da89fe767c10b18c5e8c72d"}}]})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

0s ago: executing program 0 (id=908):
pipe2$9p(&(0x7f0000000240), 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x15)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
syz_mount_image$jfs(&(0x7f0000000700), &(0x7f0000000300)='./bus\x00', 0x2000002, &(0x7f0000000100)=ANY=[], 0xfe, 0x60a1, &(0x7f00000076c0)="$eJzs3c1vHGcdB/Df7K7XL6Wt1UNVKoTclLdSmtcSAgWaHuDAhQPKFSVy3SrCBZQElFYRceULB/4IEBJHhDhy4g/ogSs3/gAiJUignhg03ueJZye7WQfHO2vP5yM5s795ZtbP5LuzL56ZfQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiB98/0fnioi4+ss0Yz3iM9GP6EWsVvVGRKxurOflBxHxUuw1x4sRsbQcUa2/98/zEW9GxCfPRdx/cGezmn3+gP343p/+/vsfP/PDv/1x6cx//nyr/9a05W7f/s2//3L3cNsMAAAAXVOWZVmkj/kvp8/3vbY7BQDMRX79L5M8/zjUw9p2LEJ/1Oq9Yrg/YyH6o55jvb1Sn9N+f9TqR+u6crK79SIidurrVO8ZHI4HgGNmJz5tuwu0SP6dNoiIZ9ruBLDQirY7wJG4/+DOZpHyLeqvBxuj9nwuyFj+O8XD6zumTWdpnmMyr8fXbvTjhSn9WZ1THxZJzr/XzP/qqD0fWzvq/OdlWv7D0aVPnZPz7zfzbzg5+fcm5t9VOf/BE+Xflz8AAAAAACyw/Pf/9ZaP/y4fflMO5HHHfzcOdheXn3afAAAAAAAAAOCwDjv+30PG/wMAAICFVX1Wr/z2uf15076LrZp/pYh4trE80DHpYpm1tvsBAAAAAAAAAAAAAF0yGJ3De6WIWIqIZ9fWyrKsfuqa9ZM67PrHXde3H7qs7Sd5AAAY+eS5xrX8RcRKRFxJ3/W3tLa2VpYrq2vlWrm6nN/PDpdXytXa59o8reYtDw/whngwLKs7W6mtVzfr8/Ks9ub9Vb9rWPYP0LH5aDFwAIiI0avRfa9IJ0xZPh9tv8vheLD/nzz2fw6i7ccpAAAAcPTKsiyL9HXeL6dj/r22OwUAzEV+/W8eF1Cr1Wq1Wn3y6rpysrv1IiJ26utU7xkMxw8Ax8xOfNp2F2iR/DttEBEvtd0JYKEVbXeAI3H/wZ3NIuVb1F8P0vju+VyQsfx3ir318vqTprM0zzGZ1+NrN/rxwpT+vDinPiySnH+vmf/VUfswLTeWTzE99wPmXzT+jDg30/KvtnO9hf60Leffb+bfcNT7/7zsRm9i/l2V8x88Uf59+QMAAAAAwALLf/9fd/w3bzIAAAAAAAAAHDv3H9zZzNe95uP/n5uwnOs/T6acfyH/Tsr59xr5f6WxXL92+947+/n/68GdzT/c+udn8/Sg+S/nG0V6ZBXpEVGk31QM0vQwW/eo3aX+cLStozveiIhy6b24HtuxFWfHlu2l/4/99nNj7VVPl8baz4+1Dx5pvzDWvpS+d6Bcze2nYzN+Ftvx7l571bY8Y/tXZrSXM9pz/n37fyfl/Ae1nyr/tdReNKaVex/3Htnv69NJv+fy9c//+uzRb85Mu9F/uG111fadaqE/e/8nzwzjFze3bpy+fe3WrRvnIk3G5p6PNHnKcv5L6efh8/+ro/b8vF/fX+99PHzi/BfFbgym5v9q7Xa1va/NuW9tyPkP00/O/93UPnn/P875T9//X2+hPwAAAAAAAAAAAAAAAPA4ZVnuXSJ6OSIuput/2ro2EwCYr/z6XyZ5vlqtVqvV6pNX15WTvV0vIuKv9XWq9wy/mnRnAMAi+29E/KPtTtAa+XdY/r6/wf438gIdcfPDj35ybXt768bNiJW2OwMAAAAAAAAA/F/y+J8btfGfvxAR643lxsZ/fSc2Djv+5yDfeDjA6FMe6HuK3d6w36sNN/5KPH7871Px+PG/BzN+39KM9uGM9llnZc06Z2PihR41Of9XauOdV/m/3Bh+vQvjvzbHvO+CnP+p2uO5yv/LjeXq+Ze/O87598byP3Prg5+fufnhR29c/+Da+1vvb/30wrlzZy9cvHjp0qUz713f3jo7+rfFHh+tnH8e+zrnTzfk/HPm8u+WnP8XUy3/bsn5fynV8u+WnH9+vyf/bsn5588+8u+WnP9rqZZ/t+T8v5pq+XdLzv/1VMu/W3L+X0u1/Lsl5/9Gqg+Wf//I+8V85PxPp9r+3y05/zOpln+35PzzES75d0vOP5/ZIP9uyfmfT7X8uyXnfyHV8u+WnP+bqZZ/t+T8v55q+XdLzv9iquXfLTn/b6Ra/t2S87+Uavl3S87/m6mWf7fk/L+Vavl3S87/rVTLv1ty/t9Otfy7Jef/nVRPyN/B/hMs5//dVNv/uyXn/3aq5d8t+9//74Ybx+VGROwsQDdO9I22n5kAAAAAAAAAAAAAgKY5na0NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/I8dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWHv3mLkqu87gJ9d79prE4ITCDXUkLVxjDELu77gS1oXhxBCIZdyS0Mv2K53bTbxZfHaDVAkOyJpkOKoUZW2vLS5CLW8VLGqPKQVjXjoRZEqhfYhfYlSVcoDqkhEIlVKo5at5sz//9+Z2bns4tn1zDmfjwQ/vHNmzpkz/5nd75rvDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPWPTB6e+MJBlWeWf/F/rs+wdlf9eO7o+/9r7r/QRAgAAAJfr//J/v3lN+sLBRVypZpt/vvl735qbm5vLPrnqT4a/MjeXLhjNsuE1WZZfFl36z8cHarcJns9GBgZr/jzYYferOlw+1OHy4Q6Xr+5w+ZoOl490uHzBCVhgbfX3MfmNbcn/c331lGbXZcP5ZVuaXOv5gTWDg/F3ObmB/Dpzw8ey6exENpVN1G1f3XYg3/6VTZV93Z/FfQ3W7GtjZYX89Lmj8RgGwjneUrev+duMfvyBbPRnP33u6F+efeOGZrPjaai7vepxbttcOc7Pha9Uj3UgW5POSTzOwZrj3NjkMVlVd5wD+fUq/914nG8u8jhXzR/mimp8zEeywfy/X8vP01Dtr/XSedoYvvbzW7IsuzB/2I3bLNhXNpitq/vK4PzjM1JdkZXbqCyld2dDS1qnmxaxTitzckv9Om18TsTHf1O43lCLY6h9mH782dULHvelrtOocq9bPVca12C3nyu9sgbjungtv9MvNF2DW8L9f25r6zXYdO00WYPpfteswc1pDa5tfsyDq1flx5wehIH8OvNrcEfd9qvyPQ3k8/Wt7dfg+NmTM+Ozzzx7x/TJI8enjk+d2rVjx8SuPXv27ds3fmz6xNRE9d9v61z3g3XZYHoObA7nLj4Hbm3Ytnapzn29e8/DkTbPw/UN23b7eTjUeOcGVuYJuXBNV58bj1ZO+sjFwazFcyx/fLZf/vMw3e+a5+FQzfeCpt9TmjwPhxbxPKxsM7N9cT+zDNX80+wYlut7wfqaNdj480jjGuz2zyO9sgZHwrr4wfbW3ws2huN9YWypP4+sWrAG090Nrz2Vr6Sf90f25aPZuryxcsFVq7Nzs1Nn7nz6yNmzZ3ZkYayIa2vWSuN6XVdzn7IF63Vwyev14PTNL9zY5Ovrw7kauaPyr5GWj1Vlm913tn+s8u9uzc9n3Vd3ZmF02Uqfz2bfzSvnM2XJNuezss3nxi//Z/GUS2tef4dbvP7G3P9WdX/ppp5fNTxUff6uSmdnuO71uP6hGspfuwbyfb85vrjX4+Hwz0q/Hl/X5vV4Q8O23X49Hm68c/H1eKDTbzsuT+PjORLWyYmJ9q/HlW027Fzqmhxq+3p8S5gD4fzfFpJCykU1a6fVuk37GhoaDvdrKO6hfp3uqtt+OGSzyr5e3vn21um2W6q3tSrdu3krtU5HG7bt9jpNr1et1ulAp9++vT2Nj+dIWBfX7Wq/TivbvLr78l87U0qsee1c3WkNDq9aXTnm4bQIq6/3c2vjGrwzO5qdzk5kk/mlq/P1VE2kY3ctbg2uDv+s9GvlhjZrcFvDtt1eg+n7WKu1NzC08M53QePjORLWxYt3tV+DlW3u3dvdn123ha+kbWp+dm38/Vqr33nd2HCalvN3XpXj/Ie97X83W9nmxL6l5sz25+n28JWrmpynxudvq+fUZLYy52lDOM439rU+T5XjqWzzlf2LXE8Hsyw7/9Q9+e97w9+v/M2573+r7u9dmv2dzvmn7vnJ1cf+aSnHD0D/e6s61lW/19X8zdRi/v4fAAAA6Asx9w+Gmcj/AAAAUBgx98f/KzyR/wEAAKAwYu4fCjMpSf7fcO8b02+dz1Izfy6Il6fT8EB1u9hxnQh/Hp2bV/n6PS9N/fffnV/cvgezLPvfB/6g6fYbHojHVTUajvPSh+q/vvCK5xe1/8OPzW9X21//Wrj9eH8WuwyaVXAnsix75Zov5fsZffxiPl994HA+H77wwvOVbd7cX/1zvP7r11a3//NQ/j147Ejd9V8P5+FHYU482Px8xOt98+JtG/d+Yn5/8XoDm9+Z3+0Xn6jebnyfnC8/X90+nudWx//3X3z5m5Xtn35f8+M/P9j8+F8Ot/tSmP9zU3X72seg8ud4vc+H44/7i9e78xvfaXr8l75Q3X7mvjemK0/nw/eFdRr2vy38eUvl8hpPDxypu1/Zh6vbxf1PfP+P8svj7c3c1/z4Rw5drDsfjevj1X+r3s54w/bx63E/0d827L9yO7XrM+7/5T88XHeeO+3/0sOv31S53cb9396w3cxT2/P9z99e/Ts2/cXnv9R0f/F4Dv71TN39OfhQeB6H/b/4RFiP4fJfXKreXuO7Kxx+qP71J27/tfXn6+5PdP/Pqvu/dPfxfK4ZWbvuqndc/c4L762cuyx77ZHq7XXa//Gvnq47/q9fXz0f8fLY0W/cfytx/2c+M3bq9Oy56cmas5q/d85HqscTj/ea8Nra+OdDp88+OXVmdGJ0IstGi/sWem/bN8L8SXVcWOr1tz8WHs8b/+yVdVv/9Yvx6//+aPXrFx+sft+6NWz35fD19eHxu9z9v7jp+vz5PfBq/sfhbG7h+wVfjo1b/mvfojYM97/x54K43mfe82R+HiqX5d834vO6/vjr3/94EX44Wb2db4fzOhfemXnz9fP7q90+vjfCxUeqz/fL3X98mYuP61+Fx/ujP6refjyueH9/GH6O+c6G+te7uD6+fX6w8fbzd/G4EF5PsgvVy+NW8XxffPP6pocX34cku3BD/uc/Trdzw5LuZiuzz8yOn5g+de7p8bNTs2fHZ5959tDJ0+dOnT2Uv5fnoU91uv7869O6/PVpcmrP7ix/tTpdHcvsSh//zGN3Z1m2dXLq2JFzx84+NjN15vjR2dmjU5OzW48cOzb1mU7Xn548sGPn/l17d44dn548sG///l37x6ZPna4cRvWgOtgz8emxU2cO5VeZPbB7/4677to9MXby9OTUgb0TE2PnOl0//940Vrn274+dmTpx5Oz0yamx2elnpw7s2L9nz86O7wZ4cubY7Oj4mXOnxs/NTp0Zr96X0bP5lyvf+zpdn2Ka/Y/qz7ONBqpvxJd9/PY96f1ZK176bMubqm7S8Aaib4T3ovnuu2b2LebPMfcPh5mUJP8DAABAGcTcvzrMRP4HAACAwoi5f02YifwPAAAAhRFz/0iYSUnyv/6//n9R+/9vndf/b7V//X/9/yIrWP9/6f31DvT/O9D/1/+/rP7/0cm9Ez3Z/59r/N7ajP4/y6HX+v8x96/NslLmfwAAACiDmPvXhZnI/wAAAFAYMfdfFWYi/wMAAEBhxNz/jjCTkuR//X/9f/1//X/9/+b71//vT/r/7en/d6D/r/9fzP6/z//nium1/n/M/VeHmZQk/wMAAEAZxNz/zjAT+R8AAAAKI+b+a8JM5H8AAAAojJj714eZlCT/6//r/+v/6//r/zffv/5/f3ob/fuf11bEe7f/v3apN9WU/n8H+v/6//r/+v90Va/1/2Puf1eYSUnyPwAAAJRBzP3vDjOR/wEAAKAwYu6/NsxE/gcAAIDCiLn/ujCTkuR//X/9f/1//X/9/+b71//vT2X9/P/Vi7x9/f/W8g31//X/9f/1/+mqXuv/x9z/njCTkuR/AAAAKIOY+68PM5H/AQAAoDBi7v+lMBP5HwAAAAoj5v4NYSYlyf/6//r/+v/6//r/zfev/9+flrH/nzcSe7X/v1j6/x3o/+v/6//r/9NVvdb/j7n/hjCTkuR/AAAAKIOY+28MM5H/AQAAoDBi7v/lMBP5HwAAAAoj5v6NYSYlyf/6/13t/99WW8zS/9f/b1gf+v/6//r/K6Csn/+/WPr/Hej/6//r/+v/01W91v+Puf+mMJOS5H8AAAAog5j7bw4zkf8BAACgMGLuf2+YifwPAAAAhRFz/2iY2epwQUnyv/6/z//X/9f/1/9vvn/9//6k/9+e/n8Hy93/r/7gqf+/TK708ev/6/+zUK/1/2Pu3xRmUpL8DwAAAGUQc//mMBP5HwAAAAoj5v5bwkzkfwAAACiMmPu3hJmUJP/3af9/sPUd0v/P9P/1/zvsX/9f/7/Ierf/3+w7xUL6/wXv//v8/2V1pY9/Gfv/361Z7i3p/9OLeq3/H3P/+8JMSpL/AQAAoAxi7t8aZiL/AwAAQGHE3H9rmIn8DwAAAIURc/+2MJOS5P8+7f+3uUP6/5n+//L3/7d/tXpF/X/9f/3/ntO7/f/F0f/X/9f/79/j9/n/+v8s1Gv9/5j7bwszKUn+BwAAgDKIuX97mIn8DwAAAIURc//tYSbyPwAAABRGzP1jYSYlyf/6//r/+v8+/1//v/n+9f/7k/5/e/r/Hej/6/+3PP6rO+5f/1//n4V6rf8fc/8dYSYlyf8AAABQBjH33xlmIv8DAABAYcTcPx5mIv8DAABAYcTcPxFmUpL8v9L9/5ozrP+v/6//r/+v/6//33X6/+1duf5/s++UC+n/6//38/Hr/+v/s1Cv9f9j7t8RZvqJriT5HwAAAMog5v6dYSbyPwAAABRGzP27wkzkfwAAACiMmPt3h5mUJP/7/H/9f/1//X/9/+b71//vD40Fe/3/9nz+fwf6//r/+v/6/3RVr/X/Y+6/K8ykJPkfAAAAyiDm/j1hJvI/AAAAFEbM/XvDTOR/AAAAKIyY+/eFmZQk/+v/6//r/+v/6/8337/+f3/S/2+vLP3/SP9/aa50f77fj1//X/+fhXqt/x9z//4wk5LkfwAAACiDmPvfH2Yi/wMAAEBhxNz/K2Em8j8AAAAURsz9vxpmUpL8r/+v/6//f2X7/xf0//X/9f+7Sv+/vbL0/5fn8/9H9P870P/X/9f/p1Gv9f9j7j8QZlKS/A8AAABlEHP/r4WZyP8AAABQGDH33x1mIv8DAABAYcTcfzDMpCT5X/9f/1//3+f/6/8337/+f3/S/2+vd/v/8ZnVy/1/n//f6fr6//r/+v806rX+f8z9HwgzKUn+BwAAgDKIuf+eMJOF+X9w5Y4KAAAA6KaY+z8YZuLv/wEAAKAwYu6/N8ykJPlf/1//v2X/v/Jg6//r/+v/J/r//UH/v73e7f9X9fbn/+v/d7q+/r/+v/4/jXqt/x9z/4fCTEqS/wEAAKAMYu6/L8xE/gcAAIDCiLn/w2Em8j8AAAAURsz994eZlCT/6//r//v8/xXr/09k+v+F7/83vobW0v9fGfr/7en/d6D/r/+v/6//T1f1Wv8/5v5fDzMpSf4HAACAMoi5/4EwE/kfAAAACiPm/gfDTOR/AAAAKIyY+z8SZlKS/K//r/+v/+/z//X/m+/f5//3J/3/9vT/O9D/1//X/9f/p6t6rf8fc/9Hw0xKkv8BAACgDGLu/1iYifwPAAAAhRFz/8fDTOR/AAAAKIyY+38jzKQk+V//X/9f/1//X/+/+f71//uT/n97+v8d6P/r/+v/6//TVb3W/4+5/6Ewk5LkfwAAACiDmPsfDjOR/wEAAKAwYu5/JMxE/gcAAIDCiLn/0TCTkuR//X/9f/1//X/9/+b71//vT/r/7dX1/38x0npD/X/9f/1//X/9f7qg1/r/Mfc/FmZSkvwPAAAAZRBz/yfCTOR/AAAAKIyY+38zzET+BwAAgMKIuf+TYSYlyf/6//r/+v/6//r/zfev/9+f9P/b8/n/Hej/6//r/+v/01W91v+Puf/xMJOS5H8AAAAog5j7fyvMRP4HAACAwoi5/7fDTOR/AAAAKIyY+38nzKQk+V//X/9f/1//X/+/+f71//uT/n97+v8d6P/r/+v/6//TVb3W/4+5/3fDTEqS/wEAAKAMYu5/IsxE/gcAAIDCiLn/UJiJ/A8AAACFEXP/4TCTkuR//X/9f/3/Hu3//+nmf/nB9z52eIf+v/6//v+S6P+3p//fgf6//r/+v/4/XdVr/f+Y+4+EmZQk/wMAAEAZxNz/e2Em8j8AAAAURsz9R8NM5H8AAAAojJj7J8NMSpL/9f/1//X/e7T/7/P/E/1//f+l0P9vT/+/A/1//X/9f/1/umrJ/f/RljfVlf5/zP1TYSYlyf8AAABQBjH3Hwszkf8BAACgMGLuPx5mIv8DAABAYcTc/2SYSUnyv/6//r/+v/6//n/z/ev/9yf9//b0/zvQ/9f/1//X/6ereu3z/2Punw4zKUn+BwAAgDKIuf9TYSbyPwAAABRGzP2fDjOR/wEAAKAwYu4/EWZSkvyv/6//r/+/DP3/f2y+PvT/9f/1/5ef/n97+v8d6P/r/+v/6//TVd3p/89l3er/x9x/MsykJPkfAAAAyiDm/lNhJvI/AAAAFEbM/afDTOR/AAAAKIyY+2fCTEqS//X/9f/1/33+v/5/8/3r//cn/f/29P870P//f/bu4+ezuorj+DOREQwLjRsXLtz4B7hnw8oEE/8C41J3GhXsBey99967iIIi9t6wotg7FhQVFQsqLgzMOWcyz/zm3il3Zu79ntdrc0KGZ+5vavLJ5J2r/9f/6/9Z1Nre/5+7/+FxS5P9DwAAAB3k7n9E3GL/AwAAwDBy918ct9j/AAAAMIzc/ZfELU32v/5f/3/2+v8D5+j/9f/6f/3/0obt//f/wThJ+v8Z+v8G/f+x/zDp//X/LG9t/X/u/kfGLU32PwAAAHSQu/9RcYv9DwAAAMPI3f/ouMX+BwAAgGHk7n9M3NJk/+v/9f/e/6//1//vfr7+f5uG7f8X0qn/v/j68x96y9X3vOZEnq//79D/n77Pr//X/3O0tfX/ufsfG7c02f8AAADQQe7+x8Ut9j8AAAAMI3f/4+MW+x8AAACGkbv/CXFLk/2v/9f/6//1//r/3c/X/2+T/n9ap/7/ZJ6v/9f/6//1/yxrbf1/7v4nxi1N9j8AAAB0kLv/SXGL/Q8AAADDyN1/adxi/wMAAMAwcvdfFrc02f/6f/2//l//r//f/Xz9/zatqP8/qP/X/+v/9f/6/0se8rAHn6v/b2xt/X/u/ifHrdNk/wMAAEAHufufErfY/wAAADCM3P1PjVvsfwAAABhG7v6nxS1N9r/+X/+v/9f/6/93P1//v03z/f/dL5r6eu//D/p//b/+X//v/f8sYG39f+7+p8ctTfY/AAAAdJC7/xlxi/0PAAAAw8jd/8y4xf4HAACAYeTuf1bc0mT/6/9PT/+fvaL+X/+/p/8//PtS/6//PwNW9P7/k3q+/l//r//f7ufX/+v/Odra+v/c/c+OW5rsfwAAAOggd/9z4hb7HwAAAIaRu/+5cYv9DwAAAMPI3f+8uKXJ/tf/e/+//l//r//f/Xz9/zbp/6fp/2fo//X/+n/9P4taW/+fu//5cUuT/Q8AAAAd5O5/Qdxi/wMAAMAwcve/MG6x/wEAAGAYuftfFLc02f9L9P+X6f/1//s+v/5/9+8P/b/+X/9/+un/p+n/Z+j/9f/6f/0/i1pb/5+7/8VxS5P9DwAAAB3k7n9J3GL/AwAAwDBy9780brH/AQAAYBi5+18Wt8zu/1sXLvLOjiP7/wPe/6//1//v6f/1/4fo/7dJ/z9N/z9D/6//X0X/f4X+n2Gsrf/P3f/yuMW//wMAAMAwcve/Im6x/wEAAGAYuftfGbfY/wAAADCM3P2vilua7P8l3v8/cP9/nv5f/9+i/7/9B6D/1/8PYrn+/9531f/r//f3/wf3/Tzo/4+k//f+/+Pq/8+Z+54Yydr6/9z9r45bmux/AAAA6CB3/2viFvsfAAAAhpG7/7Vxi/0PAAAAw8jd/7q4pcn+1/97/7/+f539/6Xe/1/0//r/E+H9/9NOqv/f0/97/7/+X//v/f+cnLX1/7n7Xx+3NNn/AAAA0EHu/jfELfY/AAAADCN3/xvjFvsfAAAAhpG7/01xS5P9v2j/f/tX6f+L/l//v//3x2rf/6//3/l8/f826f+nef//DP2//l//r/9nUWvr/3P3vzluabL/AQAAoIPc/W+JW+x/AAAAGEbu/rfGLfY/AAAADCN3/9vilib73/v/9+6l/9f/6//1/7uer//fJv3/NP3/DP2//l//r/9nUWvr/3P3vz1uabL/AQAAoIPc/e+IW+x/AAAAGEbu/nfGLfY/AAAADCN3/7vilib7X/9/yu//vyMB1v8f+fmP0f/XT5P+/8j/X/9/iP5f/78E/f80/f8M/b/+X/+v/2dRa+v/c/e/O25psv8BAACgg9z974lb7H8AAAAYRu7+98Yt9j8AAAAMI3f/++KWJvtf/3/K/f8dRuv/7xSduff/6//1/4e/X/3/Nuj/p+n/Z+j/9f/6f/0/i1pb/5+7//K4pcn+BwAAgA5y978/brH/AQAAYBi5+6+IW+x/AAAAGEbu/g/ELU32v/5f/38G3/+v/9f/6//1/6ed/n+a/n9vb+/KiQ+g/9f/6//1/yxqbf1/7v4Pxi1N9j8AAAB0kLv/yrjF/gcAAIBh5O6/Km6x/wEAAGAYufs/FLc02f/6f/2//l//r//f/Xz9/zb17v+zlj82/f8M/b/+X/+v/2dRa+v/c/d/OG5psv8BAACgg9z9V8ct9j8AAAAMI3f/R+IW+x8AAACGkbv/mrilyf4/ov/PqFX/r/8/jf3/bSfR/x+Mb9P/L9f/X7Tj+fp//f8Ievf/8/T/M+526K8E/b/+X/+v/2cZa+v/c/d/NG65cN8wBAAAADYrd//H4pYm//4PAAAAHeTu/3jcYv8DAADAMHL3fyJuabL/vf9f/+/9/z37f+//1/+PSv8/Tf8/w/v/9f/6f/0/i1pb/5+7/5NxS5P9DwAAAB3k7v9U3GL/AwAAwDBy9386brH/AQAAYBi5+z8TtzTZ//p//b/+X/+v/9/9fP3/Nun/p+n/Z+j/9f/6f/0/i1pb/5+7/7NxS5P9DwAAAB3k7v9c3GL/AwAAwDBy938+brH/AQAAYBi5+78QtzTZ//p//b/+X/+v/9/9fP3/Nun/p+n/Z+j/9f/6f/0/i1pb/5+7/4txS5P9DwAAAB3k7v9S3GL/AwAAwDBy9385brH/AQAAYBi5+78StzTZ//p//b/+X/+v/9/9fP3/Nun/p+n/Z+j/9f/6f/0/i1pb/5+7/6txS5P9DwAAAB3k7r82brH/AQAAYBi5+78Wt9j/AAAAMIzc/V+PW5rsf/2//l//P2r/f5djPl//r/8f2Vr6/wsuuN91+n/9v/5f/6//1/93t7b+P3f/N+KWYw6/W+9/HD9MAAAAYEVy938zbmny7/8AAADQQe7+b8Ut9j8AAAAMI3f/t+OWJvtf/6//1/+P2v8f+fz76v/1/02spf/3/v+T+/z6f/3/lj+//l//z9HW1v/n7r8ubmmy/wEAAKCD3P3fiVvsfwAAABhG7v7vxi32PwAAAAwjd//1cUuT/a//n+r/76z/1/8P0//v6f/1/01suv8/T/+v/z+b/f+FZ7Cfv3GBz3uU/GtZ/6//Z0XW1v/n7v9e3NJk/wMAAEAHufu/H7fY/wAAADCM3P0/iFvsfwAAABhG7v4fxi1N9r/+3/v/9f/6f/3/7ufr/7dp0/2/9//r/73/f9OfX/+v/+doa+v/c/f/KG5psv8BAACgg9z9P45b7H8AAAAYRu7+n8Qt9j8AAAAMI3f/T+OWJvtf/6//1//r//X/u5+v/98m/f80/f8M/b/+X/+v/2dRa+v/c/f/LG5psv8BAACgg9z9P49b7H8AAAAYRu7+X8Qt9j8AAAAMI3f/L+OWJvtf/6//1//r//X/u5+v/98m/f80/f8M/b/+X/+v/2dRa+v/c/f/Km5psv8BAACgg9z9N8Qt9j8AAAAMI3f/r+MW+x8AAACGkbv/N3FLk/3fsv8/oP8/gf7/hpsOfVPj/v/wr67+X/9/Jvr/A/r/U6L/n6b/n6H/1//PfP6DE18/fP9/zvTXz/X/M1/OoNbW/+fu/23c0mT/AwAAQAe5+38Xt9j/AAAAMIzc/TfGLfY/AAAADCN3/+/jlib7v2X/7/3/3v/v/f/6/xX3/97/f2r0/9POZv9/83E8Vv+v/9/y5x++/5/h/f/ssrb+P3f/H+KWJvsfAAAAOsjdf1PcYv8DAADAMHL3/zFusf8BAABgGLn7/xS3NNn/+n/9v/5f/6//3/18/f826f+nef//DP2//l//r/9nUWvr/3P3/zluabL/AQAAoIPc/TfHLfY/AAAADCN3/1/iFvsfAAAAhpG7/69xS5P9r/9fSf8fH0L/r//X/59I/3+P8y+79gEPuupy/T+H6f+n6f9nLNf/P/A++n/9v/5f/8+Z6v/PO97+P3f/3+KWJvsfAAAAOsjdf0vcYv8DAADAMHL3/z1usf8BAABgGLn7/xG3NNn/+v+V9P/xNfp//f+q+/9zj/x+z37/7/3/+v+j6f+n6f9nHG//f/tfHN7/fxT9v/5f/89+Z6j/P2bvv/+/c/f/M25psv8BAACgg9z9/4pb7H8AAAAYRu7+W+MW+x8AAACGkbv/33FLk/2v/9f/6//1/9t9//9p6//v+CXV/2+T/n+a/n/Gcu//1//r//X/+n9W2P/n7v9P3NJk/wMAAEAHufv/G7fY/wAAADCM3P23xS32PwAAAAwjd///4pYm+1//r//X/+v/9f+7n6//3yb9/zT9/wz9v/5f/6//Z1Fr6/9z9/8/AAD//4wxavM=")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
ptrace$poke(0xffffffffffffffff, r1, &(0x7f0000000280), 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000100)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x810043, 0x0, 0xfc, 0x0, &(0x7f00000000c0))

kernel console output (not intermixed with test programs):

1): mounted filesystem without journal. Quota mode: writeback.
[  101.716612][ T4799] loop2: detected capacity change from 0 to 512
[  101.745307][ T4799] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #15: comm syz.2.260: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  101.756012][ T3554] EXT4-fs (loop1): unmounting filesystem.
[  101.811983][ T4799] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.260: couldn't read orphan inode 15 (err -117)
[  101.979605][ T4799] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  102.001655][ T4799] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038 (0x7fffffff)
[  103.297083][ T4834] loop1: detected capacity change from 0 to 1024
[  103.319080][ T4834] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869)
[  103.373834][ T4834] EXT4-fs (loop1): invalid journal inode
[  103.403153][ T4834] EXT4-fs (loop1): can't get journal size
[  103.464170][ T4834] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  103.647328][ T4834] EXT4-fs error (device loop1): __ext4_iget:5044: inode #12: block 13: comm syz.1.267: invalid block
[  103.779652][ T3554] EXT4-fs (loop1): unmounting filesystem.
[  103.907623][ T4839] loop3: detected capacity change from 0 to 64
[  103.941877][ T4839] hfs: unable to parse mount options
[  105.220714][ T4828] loop4: detected capacity change from 0 to 32768
[  105.639441][ T4127] EXT4-fs (loop2): unmounting filesystem.
[  105.835771][ T4851] find_entry called with index = 0
[  105.841039][ T4851] find_entry called with index = 0
[  105.851866][ T4852] find_entry called with index >= next_index
[  105.857918][ T4852] find_entry called with index >= next_index
[  105.863947][ T4852] find_entry called with index >= next_index
[  105.869952][ T4852] find_entry called with index >= next_index
[  105.876036][ T4852] find_entry called with index >= next_index
[  106.274730][ T3570] Bluetooth: hci2: SCO packet for unknown connection handle 0
[  106.465634][ T4861] loop2: detected capacity change from 0 to 1024
[  107.404141][ T4847] loop3: detected capacity change from 0 to 32768
[  108.934299][ T4877] sched: RT throttling activated
[  112.398226][ T4897] loop2: detected capacity change from 0 to 512
[  112.536286][ T4897] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #15: comm syz.2.283: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  112.603628][ T4897] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz.2.283: couldn't read orphan inode 15 (err -117)
[  112.639328][ T4897] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  112.686103][ T4897] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038 (0x7fffffff)
[  113.736688][ T4895] loop3: detected capacity change from 0 to 32768
[  113.773017][ T4895] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.282 (4895)
[  113.836733][ T4895] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  113.882089][ T4895] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  113.909260][ T4895] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  113.949395][ T4895] BTRFS info (device loop3): use zstd compression, level 3
[  113.974686][ T4895] BTRFS info (device loop3): using free space tree
[  114.213908][ T4912] loop1: detected capacity change from 0 to 32768
[  114.270305][ T4930] loop0: detected capacity change from 0 to 4096
[  114.285504][ T4930] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512)
[  114.294674][ T4895] BTRFS info (device loop3): enabling ssd optimizations
[  114.306218][ T4895] BTRFS info (device loop3): checking UUID tree
[  114.628101][ T4940] find_entry called with index = 0
[  114.633574][ T4940] find_entry called with index = 0
[  114.661699][ T4940] find_entry called with index >= next_index
[  114.667786][ T4940] find_entry called with index >= next_index
[  114.673844][ T4940] find_entry called with index >= next_index
[  114.679875][ T4940] find_entry called with index >= next_index
[  114.685933][ T4940] find_entry called with index >= next_index
[  114.984758][ T3562] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  115.277899][ T4127] EXT4-fs (loop2): unmounting filesystem.
[  115.634682][ T3570] Bluetooth: hci1: SCO packet for unknown connection handle 0
[  115.638427][ T4951] loop0: detected capacity change from 0 to 1024
[  116.085159][ T3601] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  116.511098][ T3601] usb 2-1: Using ep0 maxpacket: 8
[  117.381238][ T3601] usb 2-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[  117.403295][ T3601] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.435499][ T3601] usb 2-1: config 0 descriptor??
[  117.466283][ T4944] loop3: detected capacity change from 0 to 32768
[  117.486847][ T3601] usb 2-1: bad CDC descriptors
[  117.544492][ T3601] usb 2-1: bad CDC descriptors
[  117.569890][ T3601] cdc_acm 2-1:0.0: Control and data interfaces are not separated!
[  117.629028][ T3601] cdc_acm 2-1:0.0: This needs exactly 3 endpoints
[  117.631089][ T4982] loop0: detected capacity change from 0 to 64
[  117.635964][ T3601] cdc_acm: probe of 2-1:0.0 failed with error -22
[  117.686573][ T3601] usb 2-1: USB disconnect, device number 2
[  117.687804][ T4982] hfs: unable to parse mount options
[  117.705922][ T4944] XFS (loop3): Mounting V5 Filesystem
[  118.632175][ T4944] XFS (loop3): Ending clean mount
[  118.695354][ T4944] XFS (loop3): Quotacheck needed: Please wait.
[  118.759362][ T4944] XFS (loop3): Quotacheck: Done.
[  118.840312][ T3562] XFS (loop3): Unmounting Filesystem
[  118.860728][ T4992] loop1: detected capacity change from 0 to 512
[  119.062227][ T4992] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #15: comm syz.1.302: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  119.154111][ T4998] loop4: detected capacity change from 0 to 128
[  119.181762][ T4992] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.302: couldn't read orphan inode 15 (err -117)
[  119.222455][ T4992] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  119.259822][ T4998] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  119.279546][ T4998] ext4 filesystem being mounted at /43/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  119.281095][ T4992] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038 (0x7fffffff)
[  119.341890][   T26] audit: type=1800 audit(1721442607.206:10): pid=4998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.304" name="bus" dev="loop4" ino=13 res=0 errno=0
[  119.485247][ T3553] EXT4-fs (loop4): unmounting filesystem.
[  123.787793][ T4405] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  124.065459][ T3554] EXT4-fs (loop1): unmounting filesystem.
[  124.131104][ T4405] usb 3-1: Using ep0 maxpacket: 8
[  124.281411][ T4405] usb 3-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[  124.294282][ T4405] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.309182][ T4405] usb 3-1: config 0 descriptor??
[  124.359384][ T4405] usb 3-1: bad CDC descriptors
[  124.369208][ T4405] usb 3-1: bad CDC descriptors
[  124.384993][ T4405] cdc_acm 3-1:0.0: Control and data interfaces are not separated!
[  124.412339][ T4405] cdc_acm 3-1:0.0: This needs exactly 3 endpoints
[  124.433412][ T4405] cdc_acm: probe of 3-1:0.0 failed with error -22
[  124.562192][ T4405] usb 3-1: USB disconnect, device number 2
[  124.657926][ T5109] loop0: detected capacity change from 0 to 1024
[  124.723979][ T5104] device syzkaller0 entered promiscuous mode
[  125.053505][ T5101] loop3: detected capacity change from 0 to 32768
[  125.099040][ T5101] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.316 (5101)
[  125.200484][ T5101] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  125.222892][ T5101] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  125.252831][ T5101] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  125.263137][ T5101] BTRFS info (device loop3): use zstd compression, level 3
[  125.270560][ T5101] BTRFS info (device loop3): using free space tree
[  125.302795][ T5101] BTRFS info (device loop3): enabling ssd optimizations
[  125.312059][ T5101] BTRFS info (device loop3): checking UUID tree
[  125.422212][ T3562] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  127.966064][ T5155] loop1: detected capacity change from 0 to 512
[  128.174946][ T5155] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #15: comm syz.1.325: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  128.295941][ T5155] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.325: couldn't read orphan inode 15 (err -117)
[  128.341430][ T5155] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  128.373969][ T5155] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038 (0x7fffffff)
[  128.929218][ T5154] loop4: detected capacity change from 0 to 32768
[  128.968634][ T5154] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.324 (5154)
[  129.040131][ T5154] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  129.076829][ T5154] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  129.106299][ T5154] BTRFS info (device loop4): using free space tree
[  129.331482][ T5154] BTRFS info (device loop4): enabling ssd optimizations
[  129.477905][ T3553] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  130.190047][ T3554] EXT4-fs (loop1): unmounting filesystem.
[  130.216226][ T5199] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  130.415753][ T5211] device syzkaller0 entered promiscuous mode
[  130.481110][ T5199] usb 5-1: Using ep0 maxpacket: 8
[  131.355042][ T5199] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  131.383173][ T5199] usb 5-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  131.393208][ T5199] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.404313][ T5199] usb 5-1: config 0 descriptor??
[  131.452191][ T5199] gspca_main: vc032x-2.14.0 probing 046d:0892
[  132.633691][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  132.640033][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  133.011084][ T5199] gspca_vc032x: reg_w err -71
[  133.015882][ T5199] vc032x: probe of 5-1:0.0 failed with error -71
[  133.024217][ T5199] usb 5-1: USB disconnect, device number 3
[  133.805059][ T5245] loop4: detected capacity change from 0 to 512
[  133.856205][ T5245] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #15: comm syz.4.347: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  133.905347][ T5245] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.347: couldn't read orphan inode 15 (err -117)
[  133.950240][ T5245] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  133.971512][ T5245] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038 (0x7fffffff)
[  134.281811][ T5233] loop2: detected capacity change from 0 to 32768
[  134.316425][ T5233] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.341 (5233)
[  134.413479][ T5237] loop0: detected capacity change from 0 to 32768
[  134.420320][ T5233] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  134.446377][ T5237] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.343 (5237)
[  134.466005][ T5233] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  134.502599][ T5233] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  134.533699][ T5237] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  134.547258][ T5233] BTRFS info (device loop2): use zstd compression, level 3
[  134.560423][ T5233] BTRFS info (device loop2): using free space tree
[  134.569722][ T5237] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  134.590644][ T5237] BTRFS info (device loop0): using free space tree
[  134.832375][ T5233] BTRFS info (device loop2): enabling ssd optimizations
[  134.843353][ T5237] BTRFS info (device loop0): enabling ssd optimizations
[  134.863694][ T5233] BTRFS info (device loop2): checking UUID tree
[  135.035142][ T5266] loop1: detected capacity change from 0 to 4096
[  135.078965][ T5266] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[  135.116676][ T3552] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  135.131970][ T4127] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  137.209656][ T3553] EXT4-fs (loop4): unmounting filesystem.
[  137.389664][ T5296] loop2: detected capacity change from 0 to 32768
[  138.256601][ T5313] find_entry called with index >= next_index
[  138.262770][ T5313] find_entry called with index >= next_index
[  138.268779][ T5313] find_entry called with index >= next_index
[  138.274814][ T5313] find_entry called with index >= next_index
[  138.281223][ T5313] find_entry called with index >= next_index
[  138.452022][ T5304] loop1: detected capacity change from 0 to 32768
[  138.495181][ T5304] XFS: attr2 mount option is deprecated.
[  138.608125][ T5304] XFS (loop1): Mounting V5 Filesystem
[  138.690497][ T5304] XFS (loop1): Ending clean mount
[  138.693916][ T5314] device syzkaller0 entered promiscuous mode
[  139.131744][ T5304] syz.1.353 (5304) used greatest stack depth: 19240 bytes left
[  139.360615][ T3554] XFS (loop1): Unmounting Filesystem
[  139.783815][ T5198] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  140.073402][ T5198] usb 3-1: Using ep0 maxpacket: 8
[  140.211339][ T5198] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  140.238556][ T5198] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  140.273578][ T5198] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.340419][ T5198] usb 3-1: config 0 descriptor??
[  140.393907][ T5198] gspca_main: vc032x-2.14.0 probing 046d:0892
[  140.635358][ T5350] loop1: detected capacity change from 0 to 4096
[  140.658658][ T5350] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[  140.892122][ T5346] loop3: detected capacity change from 0 to 32768
[  141.047191][ T3704] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by udevd (3704)
[  141.092660][ T5346] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  141.107457][ T5346] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  141.130555][ T5346] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  141.297099][ T5346] BTRFS info (device loop3): use zstd compression, level 3
[  141.403919][ T5346] BTRFS info (device loop3): using free space tree
[  141.903538][ T5346] BTRFS info (device loop3): enabling ssd optimizations
[  141.918962][ T5346] BTRFS info (device loop3): checking UUID tree
[  141.981095][ T5198] gspca_vc032x: reg_w err -71
[  141.985845][ T5198] vc032x: probe of 3-1:0.0 failed with error -71
[  142.009599][ T5198] usb 3-1: USB disconnect, device number 3
[  142.061285][ T3562] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  142.324436][ T5377] loop3: detected capacity change from 0 to 512
[  142.344507][ T5377] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #15: comm syz.3.364: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  142.363138][ T5377] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.364: couldn't read orphan inode 15 (err -117)
[  142.379757][ T5377] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  142.388729][ T5377] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038 (0x7fffffff)
[  143.184571][ T5383] loop2: detected capacity change from 0 to 32768
[  143.256315][ T5383] XFS (loop2): Mounting V5 Filesystem
[  143.327755][ T5383] XFS (loop2): Ending clean mount
[  143.335542][ T5383] XFS (loop2): Quotacheck needed: Please wait.
[  143.548216][ T5383] XFS (loop2): Quotacheck: Done.
[  143.617182][ T4127] XFS (loop2): Unmounting Filesystem
[  143.908386][ T3562] EXT4-fs (loop3): unmounting filesystem.
[  145.837399][ T5436] device syzkaller0 entered promiscuous mode
[  146.465911][  T155] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  146.607693][ T5443] loop2: detected capacity change from 0 to 32768
[  146.690769][ T5443] XFS (loop2): Mounting V5 Filesystem
[  146.706396][ T5454] loop3: detected capacity change from 0 to 512
[  146.727774][ T5454] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #15: comm syz.3.381: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  146.748048][ T5454] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.381: couldn't read orphan inode 15 (err -117)
[  146.751764][  T155] usb 2-1: Using ep0 maxpacket: 16
[  146.769203][ T5454] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  146.778803][ T5454] ext4 filesystem being mounted at /82/file0 supports timestamps until 2038 (0x7fffffff)
[  146.793490][ T5443] XFS (loop2): Ending clean mount
[  146.899160][ T5443] XFS (loop2): Quotacheck needed: Please wait.
[  146.954768][ T5443] XFS (loop2): Quotacheck: Done.
[  147.039106][ T4127] XFS (loop2): Unmounting Filesystem
[  147.231250][  T155] usb 2-1: New USB device found, idVendor=14aa, idProduct=022b, bcdDevice=8e.53
[  147.255615][  T155] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.277313][  T155] usb 2-1: Product: syz
[  147.287174][  T155] usb 2-1: Manufacturer: syz
[  147.298228][  T155] usb 2-1: SerialNumber: syz
[  147.317900][  T155] usb 2-1: config 0 descriptor??
[  147.382950][  T155] dvb-usb: found a 'WideView WT-220U PenType Receiver (based on ZL353)' in warm state.
[  147.400383][  T155] dvb-usb: bulk message failed: -22 (2/0)
[  147.409060][  T155] dvb-usb: will use the device's hardware PID filter (table count: 15).
[  147.443355][  T155] dvbdev: DVB: registering new adapter (WideView WT-220U PenType Receiver (based on ZL353))
[  147.475806][  T155] usb 2-1: media controller created
[  147.513543][  T155] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  147.557585][  T155] usb 2-1: DVB: registering adapter 1 frontend 0 (WideView USB DVB-T)...
[  147.599994][  T155] dvbdev: dvb_create_media_entity: media entity 'WideView USB DVB-T' registered.
[  147.803379][  T155] rc_core: IR keymap rc-dtt200u not found
[  147.809520][  T155] Registered IR keymap rc-empty
[  147.869564][  T155] rc rc0: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0
[  147.899699][  T155] input: WideView WT-220U PenType Receiver (based on ZL353) as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0/input5
[  147.953314][  T155] dvb-usb: schedule remote query interval to 300 msecs.
[  147.976280][  T155] dvb-usb: WideView WT-220U PenType Receiver (based on ZL353) successfully initialized and connected.
[  148.029513][  T155] usb 2-1: USB disconnect, device number 3
[  148.194195][  T155] dvb-usb: WideView WT-220U PenType Receiver (base successfully deinitialized and disconnected.
[  148.337477][ T3562] EXT4-fs (loop3): unmounting filesystem.
[  148.841584][ T5476] fuse: Unknown parameter 'grou00000000000000000000'
[  149.487437][ T5492] loop1: detected capacity change from 0 to 1024
[  149.704980][ T5492] EXT4-fs: Ignoring removed nobh option
[  150.273566][ T5492] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  150.331908][ T5492] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  150.398897][ T5492] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  150.422966][ T5508] loop3: detected capacity change from 0 to 512
[  150.515321][ T5508] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  150.561845][ T5508] ext4 filesystem being mounted at /85/bus supports timestamps until 2038 (0x7fffffff)
[  150.580596][ T3554] EXT4-fs (loop1): unmounting filesystem.
[  150.769500][ T3562] EXT4-fs (loop3): unmounting filesystem.
[  150.771086][ T5514] loop1: detected capacity change from 0 to 512
[  150.822899][ T5514] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #15: comm syz.1.394: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  150.996022][ T5506] loop2: detected capacity change from 0 to 32768
[  151.013852][ T5514] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz.1.394: couldn't read orphan inode 15 (err -117)
[  151.043815][ T5514] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  151.056720][ T5514] ext4 filesystem being mounted at /89/file0 supports timestamps until 2038 (0x7fffffff)
[  151.084301][ T5506] XFS (loop2): Mounting V5 Filesystem
[  151.227390][ T5506] XFS (loop2): Ending clean mount
[  151.254240][ T5506] XFS (loop2): Quotacheck needed: Please wait.
[  151.313931][ T5506] XFS (loop2): Quotacheck: Done.
[  151.427314][ T4127] XFS (loop2): Unmounting Filesystem
[  151.505478][ T5515] loop0: detected capacity change from 0 to 32768
[  151.549368][ T5515] MetaData crosses page boundary!!
[  151.625080][ T5515] lblock = 631800, size  = 28672
[  151.630265][ T5515] CPU: 0 PID: 5515 Comm: syz.0.395 Not tainted 6.1.100-syzkaller #0
[  151.638262][ T5515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  151.648320][ T5515] Call Trace:
[  151.651604][ T5515]  <TASK>
[  151.654540][ T5515]  dump_stack_lvl+0x1e3/0x2cb
[  151.659252][ T5515]  ? nf_tcp_handle_invalid+0x642/0x642
[  151.664722][ T5515]  ? panic+0x764/0x764
[  151.668816][ T5515]  __get_metapage+0xb61/0x1040
[  151.673604][ T5515]  dtSearch+0x57e/0x2500
[  151.677899][ T5515]  jfs_lookup+0x17b/0x400
[  151.682240][ T5515]  ? jfs_get_parent+0xa0/0xa0
[  151.686950][ T5515]  ? apparmor_path_rmdir+0x30/0x30
[  151.692068][ T5515]  ? make_kgid+0x6f0/0x6f0
[  151.696585][ T5515]  ? generic_permission+0x21c/0x4f0
[  151.701801][ T5515]  ? inode_permission+0xf7/0x450
[  151.706746][ T5515]  ? bpf_lsm_inode_create+0x5/0x10
[  151.711858][ T5515]  ? security_inode_create+0xb4/0x100
[  151.717238][ T5515]  ? jfs_get_parent+0xa0/0xa0
[  151.721927][ T5515]  path_openat+0x10fb/0x2e60
[  151.726560][ T5515]  ? do_filp_open+0x480/0x480
[  151.731267][ T5515]  do_filp_open+0x230/0x480
[  151.735780][ T5515]  ? vfs_tmpfile+0x4a0/0x4a0
[  151.740487][ T5515]  ? _raw_spin_unlock+0x24/0x40
[  151.745349][ T5515]  ? alloc_fd+0x59c/0x640
[  151.749690][ T5515]  do_sys_openat2+0x13b/0x4f0
[  151.754384][ T5515]  ? do_sys_open+0x220/0x220
[  151.758998][ T5515]  __x64_sys_openat+0x243/0x290
[  151.763864][ T5515]  ? __ia32_sys_open+0x270/0x270
[  151.768821][ T5515]  ? syscall_enter_from_user_mode+0x2e/0x230
[  151.774808][ T5515]  ? lockdep_hardirqs_on+0x94/0x130
[  151.780010][ T5515]  ? syscall_enter_from_user_mode+0x2e/0x230
[  151.786001][ T5515]  do_syscall_64+0x3b/0xb0
[  151.790427][ T5515]  ? clear_bhb_loop+0x45/0xa0
[  151.795115][ T5515]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  151.801016][ T5515] RIP: 0033:0x7f5465775b59
[  151.805442][ T5515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.825056][ T5515] RSP: 002b:00007f5466586048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  151.833484][ T5515] RAX: ffffffffffffffda RBX: 00007f5465905f60 RCX: 00007f5465775b59
[  151.841455][ T5515] RDX: 000000000000275a RSI: 0000000020000040 RDI: ffffffffffffff9c
[  151.849424][ T5515] RBP: 00007f54657e4e5d R08: 0000000000000000 R09: 0000000000000000
[  151.857396][ T5515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  151.865365][ T5515] R13: 000000000000000b R14: 00007f5465905f60 R15: 00007ffe7b5e4a78
[  151.873355][ T5515]  </TASK>
[  151.876483][    C0] vkms_vblank_simulate: vblank timer overrun
[  151.926750][ T5515] bread failed!
[  151.930843][ T5515] jfs_lookup: dtSearch returned -5
[  151.968283][ T5515] MetaData crosses page boundary!!
[  151.986468][ T5515] lblock = 631800, size  = 28672
[  152.012095][ T5515] CPU: 1 PID: 5515 Comm: syz.0.395 Not tainted 6.1.100-syzkaller #0
[  152.020114][ T5515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  152.030179][ T5515] Call Trace:
[  152.033478][ T5515]  <TASK>
[  152.036410][ T5515]  dump_stack_lvl+0x1e3/0x2cb
[  152.041115][ T5515]  ? nf_tcp_handle_invalid+0x642/0x642
[  152.046588][ T5515]  ? panic+0x764/0x764
[  152.050676][ T5515]  __get_metapage+0xb61/0x1040
[  152.055470][ T5515]  dtSearch+0x57e/0x2500
[  152.059757][ T5515]  jfs_lookup+0x17b/0x400
[  152.064096][ T5515]  ? jfs_get_parent+0xa0/0xa0
[  152.068797][ T5515]  ? apparmor_path_rmdir+0x30/0x30
[  152.073925][ T5515]  ? make_kgid+0x6f0/0x6f0
[  152.078361][ T5515]  ? generic_permission+0x21c/0x4f0
[  152.083580][ T5515]  ? inode_permission+0xf7/0x450
[  152.088531][ T5515]  ? bpf_lsm_inode_create+0x5/0x10
[  152.093652][ T5515]  ? security_inode_create+0xb4/0x100
[  152.099034][ T5515]  ? jfs_get_parent+0xa0/0xa0
[  152.103720][ T5515]  path_openat+0x10fb/0x2e60
[  152.108354][ T5515]  ? do_filp_open+0x480/0x480
[  152.113069][ T5515]  do_filp_open+0x230/0x480
[  152.117593][ T5515]  ? vfs_tmpfile+0x4a0/0x4a0
[  152.122221][ T5515]  ? _raw_spin_unlock+0x24/0x40
[  152.127083][ T5515]  ? alloc_fd+0x59c/0x640
[  152.131433][ T5515]  do_sys_openat2+0x13b/0x4f0
[  152.136140][ T5515]  ? do_sys_open+0x220/0x220
[  152.140746][ T5515]  ? blkcg_maybe_throttle_current+0x1ac/0xa30
[  152.146840][ T5515]  __x64_sys_openat+0x243/0x290
[  152.151709][ T5515]  ? __ia32_sys_open+0x270/0x270
[  152.156665][ T5515]  ? syscall_enter_from_user_mode+0x2e/0x230
[  152.162655][ T5515]  ? lockdep_hardirqs_on+0x94/0x130
[  152.167953][ T5515]  ? syscall_enter_from_user_mode+0x2e/0x230
[  152.173952][ T5515]  do_syscall_64+0x3b/0xb0
[  152.178379][ T5515]  ? clear_bhb_loop+0x45/0xa0
[  152.183070][ T5515]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  152.188979][ T5515] RIP: 0033:0x7f5465775b59
[  152.193404][ T5515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.213044][ T5515] RSP: 002b:00007f5466586048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  152.221473][ T5515] RAX: ffffffffffffffda RBX: 00007f5465905f60 RCX: 00007f5465775b59
[  152.229454][ T5515] RDX: 000000000000275a RSI: 0000000020000000 RDI: ffffffffffffff9c
[  152.237428][ T5515] RBP: 00007f54657e4e5d R08: 0000000000000000 R09: 0000000000000000
[  152.245411][ T5515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.253388][ T5515] R13: 000000000000000b R14: 00007f5465905f60 R15: 00007ffe7b5e4a78
[  152.261401][ T5515]  </TASK>
[  152.558056][ T5515] bread failed!
[  152.561776][ T5515] jfs_lookup: dtSearch returned -5
[  152.645347][ T5540] device syzkaller0 entered promiscuous mode
[  152.662497][ T5515] netlink: 28 bytes leftover after parsing attributes in process `syz.0.395'.
[  152.750439][ T5546] MetaData crosses page boundary!!
[  152.779708][ T5546] lblock = 631800, size  = 28672
[  152.818839][ T5546] CPU: 0 PID: 5546 Comm: syz.0.395 Not tainted 6.1.100-syzkaller #0
[  152.826862][ T5546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  152.836930][ T5546] Call Trace:
[  152.840216][ T5546]  <TASK>
[  152.843153][ T5546]  dump_stack_lvl+0x1e3/0x2cb
[  152.847854][ T5546]  ? nf_tcp_handle_invalid+0x642/0x642
[  152.853333][ T5546]  ? panic+0x764/0x764
[  152.857460][ T5546]  __get_metapage+0xb61/0x1040
[  152.862251][ T5546]  dtSearch+0x57e/0x2500
[  152.866538][ T5546]  jfs_lookup+0x17b/0x400
[  152.870878][ T5546]  ? jfs_get_parent+0xa0/0xa0
[  152.875597][ T5546]  ? d_hash_and_lookup+0x1b0/0x1b0
[  152.880730][ T5546]  ? __d_lookup+0x6d6/0x790
[  152.885243][ T5546]  ? try_to_unlazy+0x35c/0x5b0
[  152.890032][ T5546]  ? jfs_get_parent+0xa0/0xa0
[  152.894720][ T5546]  path_openat+0x10fb/0x2e60
[  152.899349][ T5546]  ? do_filp_open+0x480/0x480
[  152.904057][ T5546]  do_filp_open+0x230/0x480
[  152.908576][ T5546]  ? vfs_tmpfile+0x4a0/0x4a0
[  152.913204][ T5546]  ? _raw_spin_unlock+0x24/0x40
[  152.918413][ T5546]  ? alloc_fd+0x59c/0x640
[  152.922763][ T5546]  do_sys_openat2+0x13b/0x4f0
[  152.927488][ T5546]  ? do_sys_open+0x220/0x220
[  152.932122][ T5546]  __x64_sys_open+0x221/0x270
[  152.936823][ T5546]  ? do_sys_openat2+0x4f0/0x4f0
[  152.941697][ T5546]  ? syscall_enter_from_user_mode+0x2e/0x230
[  152.947689][ T5546]  ? lockdep_hardirqs_on+0x94/0x130
[  152.952898][ T5546]  ? syscall_enter_from_user_mode+0x2e/0x230
[  152.958894][ T5546]  do_syscall_64+0x3b/0xb0
[  152.963322][ T5546]  ? clear_bhb_loop+0x45/0xa0
[  152.968015][ T5546]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  152.973933][ T5546] RIP: 0033:0x7f5465775b59
[  152.978362][ T5546] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.997979][ T5546] RSP: 002b:00007f5466565048 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  153.006418][ T5546] RAX: ffffffffffffffda RBX: 00007f5465906038 RCX: 00007f5465775b59
[  153.014402][ T5546] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000680
[  153.022382][ T5546] RBP: 00007f54657e4e5d R08: 0000000000000000 R09: 0000000000000000
[  153.030371][ T5546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  153.038346][ T5546] R13: 000000000000006e R14: 00007f5465906038 R15: 00007ffe7b5e4a78
[  153.046342][ T5546]  </TASK>
[  153.049397][    C0] vkms_vblank_simulate: vblank timer overrun
[  153.090135][ T5546] bread failed!
[  153.095180][ T5546] jfs_lookup: dtSearch returned -5
[  153.104699][ T3554] EXT4-fs (loop1): unmounting filesystem.
[  154.401824][ T5561] fuse: Unknown parameter 'grou00000000000000000000'
[  155.660285][ T5576] loop4: detected capacity change from 0 to 1024
[  155.682529][ T5576] EXT4-fs: Ignoring removed nobh option
[  155.707568][ T5576] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  155.754044][ T5576] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  155.866603][ T5576] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  155.920672][ T3553] EXT4-fs (loop4): unmounting filesystem.
[  156.065151][ T5581] loop4: detected capacity change from 0 to 512
[  156.155322][ T5581] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  156.230806][ T5581] ext4 filesystem being mounted at /63/bus supports timestamps until 2038 (0x7fffffff)
[  156.560074][ T3553] EXT4-fs (loop4): unmounting filesystem.
[  156.654648][ T5595] loop4: detected capacity change from 0 to 512
[  156.696037][ T5595] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #15: comm syz.4.411: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  156.726935][ T5595] EXT4-fs error (device loop4): ext4_orphan_get:1401: comm syz.4.411: couldn't read orphan inode 15 (err -117)
[  156.773364][ T5595] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  156.803470][ T5595] ext4 filesystem being mounted at /64/file0 supports timestamps until 2038 (0x7fffffff)
[  156.831199][ T5198] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  157.091196][ T5198] usb 2-1: Using ep0 maxpacket: 8
[  157.242342][ T5198] usb 2-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[  157.307831][ T5198] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.355691][ T5198] usb 2-1: config 0 descriptor??
[  157.434293][ T5198] usb 2-1: bad CDC descriptors
[  157.440585][ T5198] usb 2-1: bad CDC descriptors
[  157.451677][ T5198] cdc_acm 2-1:0.0: Control and data interfaces are not separated!
[  157.459499][ T5198] cdc_acm 2-1:0.0: This needs exactly 3 endpoints
[  157.511050][ T5198] cdc_acm: probe of 2-1:0.0 failed with error -22
[  158.866048][ T3553] EXT4-fs (loop4): unmounting filesystem.
[  159.002623][ T5612] fuse: Unknown parameter 'grou00000000000000000000'
[  159.287370][ T5198] usb 2-1: USB disconnect, device number 4
[  159.400672][ T5619] loop0: detected capacity change from 0 to 1024
[  161.204982][ T5649] loop0: detected capacity change from 0 to 512
[  161.259910][ T5643] loop1: detected capacity change from 0 to 4096
[  161.270911][ T5649] EXT4-fs error (device loop0): ext4_ext_check_inode:520: inode #15: comm syz.0.425: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  161.290337][ T5649] EXT4-fs error (device loop0): ext4_orphan_get:1401: comm syz.0.425: couldn't read orphan inode 15 (err -117)
[  161.302817][ T5649] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  161.316125][ T5649] ext4 filesystem being mounted at /92/file0 supports timestamps until 2038 (0x7fffffff)
[  161.334855][ T5643] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[  161.917422][ T5661] loop1: detected capacity change from 0 to 1024
[  161.944567][ T5661] EXT4-fs: Ignoring removed orlov option
[  161.953745][ T5663] fuse: Unknown parameter 'group_i00000000000000000000'
[  161.966331][ T5661] EXT4-fs: Ignoring removed nomblk_io_submit option
[  162.026921][ T5661] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8803c118, mo2=0002]
[  162.046067][ T5661] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  162.115624][ T5661] overlayfs: './file1' not a directory
[  162.218432][ T3554] EXT4-fs (loop1): unmounting filesystem.
[  162.228837][ T5653] loop4: detected capacity change from 0 to 32768
[  162.291962][ T5653] MetaData crosses page boundary!!
[  162.311881][ T5653] lblock = 631800, size  = 28672
[  162.325864][ T5653] CPU: 1 PID: 5653 Comm: syz.4.427 Not tainted 6.1.100-syzkaller #0
[  162.333883][ T5653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  162.343951][ T5653] Call Trace:
[  162.347242][ T5653]  <TASK>
[  162.350179][ T5653]  dump_stack_lvl+0x1e3/0x2cb
[  162.354884][ T5653]  ? nf_tcp_handle_invalid+0x642/0x642
[  162.360362][ T5653]  ? panic+0x764/0x764
[  162.364455][ T5653]  __get_metapage+0xb61/0x1040
[  162.369244][ T5653]  dtSearch+0x57e/0x2500
[  162.373545][ T5653]  jfs_lookup+0x17b/0x400
[  162.377900][ T5653]  ? jfs_get_parent+0xa0/0xa0
[  162.382618][ T5653]  ? apparmor_path_rmdir+0x30/0x30
[  162.387742][ T5653]  ? make_kgid+0x6f0/0x6f0
[  162.392191][ T5653]  ? generic_permission+0x21c/0x4f0
[  162.397411][ T5653]  ? inode_permission+0xf7/0x450
[  162.402364][ T5653]  ? bpf_lsm_inode_create+0x5/0x10
[  162.407486][ T5653]  ? security_inode_create+0xb4/0x100
[  162.412879][ T5653]  ? jfs_get_parent+0xa0/0xa0
[  162.417567][ T5653]  path_openat+0x10fb/0x2e60
[  162.422202][ T5653]  ? do_filp_open+0x480/0x480
[  162.426913][ T5653]  do_filp_open+0x230/0x480
[  162.431429][ T5653]  ? vfs_tmpfile+0x4a0/0x4a0
[  162.436061][ T5653]  ? _raw_spin_unlock+0x24/0x40
[  162.440927][ T5653]  ? alloc_fd+0x59c/0x640
[  162.445270][ T5653]  do_sys_openat2+0x13b/0x4f0
[  162.449968][ T5653]  ? do_sys_open+0x220/0x220
[  162.454591][ T5653]  __x64_sys_openat+0x243/0x290
[  162.459548][ T5653]  ? __ia32_sys_open+0x270/0x270
[  162.464506][ T5653]  ? syscall_enter_from_user_mode+0x2e/0x230
[  162.470612][ T5653]  ? lockdep_hardirqs_on+0x94/0x130
[  162.476871][ T5653]  ? syscall_enter_from_user_mode+0x2e/0x230
[  162.482869][ T5653]  do_syscall_64+0x3b/0xb0
[  162.487302][ T5653]  ? clear_bhb_loop+0x45/0xa0
[  162.491995][ T5653]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  162.497899][ T5653] RIP: 0033:0x7efcf2775b59
[  162.502321][ T5653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.522020][ T5653] RSP: 002b:00007efcf34c5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  162.530444][ T5653] RAX: ffffffffffffffda RBX: 00007efcf2905f60 RCX: 00007efcf2775b59
[  162.538422][ T5653] RDX: 000000000000275a RSI: 0000000020000040 RDI: ffffffffffffff9c
[  162.546398][ T5653] RBP: 00007efcf27e4e5d R08: 0000000000000000 R09: 0000000000000000
[  162.554376][ T5653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  162.562354][ T5653] R13: 000000000000000b R14: 00007efcf2905f60 R15: 00007fffa52db0d8
[  162.570348][ T5653]  </TASK>
[  162.573382][    C1] vkms_vblank_simulate: vblank timer overrun
[  162.599050][ T5653] bread failed!
[  162.602729][ T5653] jfs_lookup: dtSearch returned -5
[  162.608366][ T5670] MetaData crosses page boundary!!
[  162.615268][ T5670] lblock = 631800, size  = 28672
[  162.620344][ T5670] CPU: 1 PID: 5670 Comm: syz.4.427 Not tainted 6.1.100-syzkaller #0
[  162.628330][ T5670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  162.638392][ T5670] Call Trace:
[  162.641677][ T5670]  <TASK>
[  162.644608][ T5670]  dump_stack_lvl+0x1e3/0x2cb
[  162.649306][ T5670]  ? nf_tcp_handle_invalid+0x642/0x642
[  162.654783][ T5670]  ? panic+0x764/0x764
[  162.658881][ T5670]  __get_metapage+0xb61/0x1040
[  162.663673][ T5670]  dtSearch+0x57e/0x2500
[  162.667974][ T5670]  jfs_lookup+0x17b/0x400
[  162.672319][ T5670]  ? jfs_get_parent+0xa0/0xa0
[  162.677023][ T5670]  ? apparmor_path_rmdir+0x30/0x30
[  162.682148][ T5670]  ? make_kgid+0x6f0/0x6f0
[  162.686579][ T5670]  ? generic_permission+0x21c/0x4f0
[  162.691796][ T5670]  ? inode_permission+0xf7/0x450
[  162.696751][ T5670]  ? bpf_lsm_inode_create+0x5/0x10
[  162.701874][ T5670]  ? security_inode_create+0xb4/0x100
[  162.707263][ T5670]  ? jfs_get_parent+0xa0/0xa0
[  162.711955][ T5670]  path_openat+0x10fb/0x2e60
[  162.716590][ T5670]  ? do_filp_open+0x480/0x480
[  162.721297][ T5670]  do_filp_open+0x230/0x480
[  162.725816][ T5670]  ? vfs_tmpfile+0x4a0/0x4a0
[  162.730445][ T5670]  ? _raw_spin_unlock+0x24/0x40
[  162.735310][ T5670]  ? alloc_fd+0x59c/0x640
[  162.739660][ T5670]  do_sys_openat2+0x13b/0x4f0
[  162.744451][ T5670]  ? do_sys_open+0x220/0x220
[  162.749158][ T5670]  __x64_sys_openat+0x243/0x290
[  162.754029][ T5670]  ? __ia32_sys_open+0x270/0x270
[  162.758988][ T5670]  ? syscall_enter_from_user_mode+0x2e/0x230
[  162.764985][ T5670]  ? lockdep_hardirqs_on+0x94/0x130
[  162.770201][ T5670]  ? syscall_enter_from_user_mode+0x2e/0x230
[  162.776198][ T5670]  do_syscall_64+0x3b/0xb0
[  162.780631][ T5670]  ? clear_bhb_loop+0x45/0xa0
[  162.785323][ T5670]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  162.791227][ T5670] RIP: 0033:0x7efcf2775b59
[  162.795649][ T5670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  162.815260][ T5670] RSP: 002b:00007efcf34a4048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  162.823684][ T5670] RAX: ffffffffffffffda RBX: 00007efcf2906038 RCX: 00007efcf2775b59
[  162.831662][ T5670] RDX: 000000000000275a RSI: 0000000020000000 RDI: ffffffffffffff9c
[  162.839640][ T5670] RBP: 00007efcf27e4e5d R08: 0000000000000000 R09: 0000000000000000
[  162.847621][ T5670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  162.855596][ T5670] R13: 000000000000006e R14: 00007efcf2906038 R15: 00007fffa52db0d8
[  162.863592][ T5670]  </TASK>
[  162.866689][    C1] vkms_vblank_simulate: vblank timer overrun
[  162.897300][ T3552] EXT4-fs (loop0): unmounting filesystem.
[  162.911426][ T5670] bread failed!
[  162.915079][ T5670] jfs_lookup: dtSearch returned -5
[  162.949603][ T5653] netlink: 28 bytes leftover after parsing attributes in process `syz.4.427'.
[  163.245245][ T5653] MetaData crosses page boundary!!
[  163.251336][ T5653] lblock = 631800, size  = 28672
[  163.277148][ T5653] CPU: 1 PID: 5653 Comm: syz.4.427 Not tainted 6.1.100-syzkaller #0
[  163.285427][ T5653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  163.295495][ T5653] Call Trace:
[  163.298786][ T5653]  <TASK>
[  163.301723][ T5653]  dump_stack_lvl+0x1e3/0x2cb
[  163.306423][ T5653]  ? nf_tcp_handle_invalid+0x642/0x642
[  163.311897][ T5653]  ? panic+0x764/0x764
[  163.315986][ T5653]  __get_metapage+0xb61/0x1040
[  163.320771][ T5653]  dtSearch+0x57e/0x2500
[  163.325066][ T5653]  jfs_lookup+0x17b/0x400
[  163.329406][ T5653]  ? jfs_get_parent+0xa0/0xa0
[  163.334114][ T5653]  ? d_hash_and_lookup+0x1b0/0x1b0
[  163.339238][ T5653]  ? __d_lookup+0x6d6/0x790
[  163.343763][ T5653]  ? try_to_unlazy+0x35c/0x5b0
[  163.348565][ T5653]  ? jfs_get_parent+0xa0/0xa0
[  163.353264][ T5653]  path_openat+0x10fb/0x2e60
[  163.357899][ T5653]  ? do_filp_open+0x480/0x480
[  163.362602][ T5653]  ? __sched_text_start+0x8/0x8
[  163.367499][ T5653]  do_filp_open+0x230/0x480
[  163.372020][ T5653]  ? vfs_tmpfile+0x4a0/0x4a0
[  163.376618][ T5653]  ? preempt_schedule_common+0xa6/0xd0
[  163.382203][ T5653]  ? _raw_spin_unlock+0x36/0x40
[  163.387074][ T5653]  ? alloc_fd+0x59c/0x640
[  163.391422][ T5653]  do_sys_openat2+0x13b/0x4f0
[  163.396118][ T5653]  ? do_sys_open+0x220/0x220
[  163.400746][ T5653]  __x64_sys_open+0x221/0x270
[  163.405453][ T5653]  ? do_sys_openat2+0x4f0/0x4f0
[  163.410323][ T5653]  ? syscall_enter_from_user_mode+0x2e/0x230
[  163.416317][ T5653]  ? lockdep_hardirqs_on+0x94/0x130
[  163.421540][ T5653]  ? syscall_enter_from_user_mode+0x2e/0x230
[  163.427547][ T5653]  do_syscall_64+0x3b/0xb0
[  163.431978][ T5653]  ? clear_bhb_loop+0x45/0xa0
[  163.436674][ T5653]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  163.442666][ T5653] RIP: 0033:0x7efcf2775b59
[  163.447084][ T5653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.466694][ T5653] RSP: 002b:00007efcf34c5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  163.475123][ T5653] RAX: ffffffffffffffda RBX: 00007efcf2905f60 RCX: 00007efcf2775b59
[  163.483103][ T5653] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000680
[  163.491272][ T5653] RBP: 00007efcf27e4e5d R08: 0000000000000000 R09: 0000000000000000
[  163.499252][ T5653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  163.507237][ T5653] R13: 000000000000000b R14: 00007efcf2905f60 R15: 00007fffa52db0d8
[  163.515337][ T5653]  </TASK>
[  163.518530][    C1] vkms_vblank_simulate: vblank timer overrun
[  163.712938][ T5684] loop1: detected capacity change from 0 to 512
[  163.721139][ T5653] bread failed!
[  163.727749][ T5653] jfs_lookup: dtSearch returned -5
[  163.759150][ T5684] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  163.773496][ T5684] ext4 filesystem being mounted at /99/bus supports timestamps until 2038 (0x7fffffff)
[  163.963486][ T3554] EXT4-fs (loop1): unmounting filesystem.
[  164.109988][ T5692] loop3: detected capacity change from 0 to 1024
[  164.335563][ T5697] loop1: detected capacity change from 0 to 4096
[  164.411623][ T5697] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[  164.927953][ T5712] loop1: detected capacity change from 0 to 1024
[  164.937687][ T5698] device syzkaller0 entered promiscuous mode
[  164.952722][ T5712] EXT4-fs: Ignoring removed orlov option
[  164.958391][ T5712] EXT4-fs: Ignoring removed nomblk_io_submit option
[  165.042359][ T5712] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8803c118, mo2=0002]
[  165.052031][ T5712] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  165.098418][ T5712] overlayfs: './file1' not a directory
[  165.195098][ T5717] loop3: detected capacity change from 0 to 512
[  165.254123][ T3554] EXT4-fs (loop1): unmounting filesystem.
[  165.269324][ T5717] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #15: comm syz.3.442: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  165.403130][ T5717] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.442: couldn't read orphan inode 15 (err -117)
[  165.419174][ T5720] fuse: Unknown parameter 'group_i00000000000000000000'
[  165.432766][ T5717] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  165.456818][ T5717] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038 (0x7fffffff)
[  167.235452][ T3562] EXT4-fs (loop3): unmounting filesystem.
[  169.504084][ T5749] loop2: detected capacity change from 0 to 1024
[  169.550641][ T3560] Bluetooth: Unexpected start frame (len 10)
[  170.561059][ T3555] Bluetooth: hci3: command 0x0406 tx timeout
[  170.561217][ T3559] Bluetooth: hci0: command 0x0406 tx timeout
[  170.567170][ T3555] Bluetooth: hci2: command 0x0406 tx timeout
[  170.567198][ T3555] Bluetooth: hci1: command 0x0406 tx timeout
[  170.595891][ T5747] loop0: detected capacity change from 0 to 4096
[  170.651742][ T5747] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512)
[  170.676374][ T5762] fuse: Unknown parameter 'group_i00000000000000000000'
[  170.860960][ T4399] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  171.141057][ T4399] usb 2-1: Using ep0 maxpacket: 8
[  171.271151][ T4399] usb 2-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[  171.280222][ T4399] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  171.344914][ T4399] usb 2-1: config 0 descriptor??
[  171.387855][ T4399] usb 2-1: bad CDC descriptors
[  171.406111][ T4399] usb 2-1: bad CDC descriptors
[  171.426918][ T4399] cdc_acm 2-1:0.0: Control and data interfaces are not separated!
[  171.463096][ T4399] cdc_acm 2-1:0.0: This needs exactly 3 endpoints
[  171.479057][ T4399] cdc_acm: probe of 2-1:0.0 failed with error -22
[  171.793555][ T3555] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  171.803390][ T3555] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  171.812557][ T3555] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  171.821861][ T3555] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  171.829703][ T3555] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  171.837375][ T3555] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  172.154726][ T5780] chnl_net:caif_netlink_parms(): no params data found
[  172.407571][ T5778] loop3: detected capacity change from 0 to 32768
[  172.614314][ T5778] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.461 (5778)
[  173.169879][ T5778] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  173.228112][ T5778] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  173.248537][ T5780] bridge0: port 1(bridge_slave_0) entered blocking state
[  173.293054][ T5780] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.301494][ T5778] BTRFS info (device loop3): using free space tree
[  173.333910][ T5198] usb 2-1: USB disconnect, device number 5
[  173.382993][ T5780] device bridge_slave_0 entered promiscuous mode
[  173.439211][ T5798] loop1: detected capacity change from 0 to 4096
[  173.447109][ T5798] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[  173.483178][ T5807] loop0: detected capacity change from 0 to 1024
[  173.933070][ T3555] Bluetooth: hci4: command tx timeout
[  173.943069][ T5780] bridge0: port 2(bridge_slave_1) entered blocking state
[  173.987829][ T5780] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.252785][ T5778] BTRFS info (device loop3): enabling ssd optimizations
[  174.399270][ T5780] device bridge_slave_1 entered promiscuous mode
[  174.792252][ T3562] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  174.993857][ T5836] fuse: Unknown parameter 'group_id00000000000000000000'
[  175.033955][ T5780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  175.087309][  T102] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.119581][ T5780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  175.137221][  T155] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  175.158909][ T5780] team0: Port device team_slave_0 added
[  175.166895][ T5780] team0: Port device team_slave_1 added
[  175.218282][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_0
[  175.241806][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.270208][ T5780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  175.299018][  T102] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.319563][ T5780] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.328047][ T5780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.356485][ T5780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  175.401176][  T155] usb 3-1: Using ep0 maxpacket: 32
[  175.433277][  T102] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.457502][ T5780] device hsr_slave_0 entered promiscuous mode
[  175.470665][ T5780] device hsr_slave_1 entered promiscuous mode
[  175.478661][ T5780] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  175.486905][ T5780] Cannot create hsr debugfs directory
[  175.507459][  T102] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.531398][  T155] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  175.546175][  T155] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.577990][  T155] usb 3-1: config 0 descriptor??
[  175.633400][  T155] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  175.842279][  T155] gspca_vc032x: reg_r err -71
[  175.847174][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  175.871816][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  175.877167][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  175.885440][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  175.904159][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  175.920915][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  175.936159][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  175.942476][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  175.962845][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  175.984295][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  175.989672][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  175.991381][ T3555] Bluetooth: hci4: command tx timeout
[  176.001286][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  176.006658][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  176.024758][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  176.030061][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  176.197638][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  176.204010][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  176.209395][  T155] gspca_vc032x: I2c Bus Busy Wait 00
[  176.215474][  T155] gspca_vc032x: Unknown sensor...
[  176.220549][  T155] vc032x: probe of 3-1:0.0 failed with error -22
[  176.228854][  T155] usb 3-1: USB disconnect, device number 4
[  177.950111][ T5868] loop2: detected capacity change from 0 to 4096
[  178.015589][ T5868] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[  178.071794][ T3555] Bluetooth: hci4: command tx timeout
[  178.116445][ T5877] loop3: detected capacity change from 0 to 1024
[  178.847620][ T5884] fuse: Unknown parameter 'group_id00000000000000000000'
[  178.887998][ T5780] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  178.998605][ T5780] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  179.034755][ T5780] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  179.168011][ T5780] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  179.293823][ T5871] loop1: detected capacity change from 0 to 32768
[  179.379652][  T102] device hsr_slave_0 left promiscuous mode
[  179.405732][ T5871] XFS (loop1): Mounting V5 Filesystem
[  179.414220][  T102] device hsr_slave_1 left promiscuous mode
[  179.430476][  T102] batman_adv: batadv0: Removing interface: batadv_slave_0
[  179.455896][  T102] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  179.480465][  T102] batman_adv: batadv0: Removing interface: batadv_slave_1
[  179.489994][ T5871] XFS (loop1): Ending clean mount
[  179.496831][ T5871] XFS (loop1): Quotacheck needed: Please wait.
[  179.504273][  T102] device bridge_slave_1 left promiscuous mode
[  179.518552][  T102] bridge0: port 2(bridge_slave_1) entered disabled state
[  179.545498][  T102] device bridge_slave_0 left promiscuous mode
[  179.551407][ T5871] XFS (loop1): Quotacheck: Done.
[  179.568741][  T102] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.677400][  T102] device veth1_macvtap left promiscuous mode
[  179.696797][  T102] device veth0_macvtap left promiscuous mode
[  179.717607][  T102] device veth1_vlan left promiscuous mode
[  179.732082][  T102] device veth0_vlan left promiscuous mode
[  179.878977][ T5893] loop0: detected capacity change from 0 to 32768
[  180.151947][ T3555] Bluetooth: hci4: command tx timeout
[  181.213475][ T5921] find_entry called with index = 0
[  181.218648][ T5921] find_entry called with index = 0
[  181.228903][ T5916] find_entry called with index >= next_index
[  181.234957][ T5916] find_entry called with index >= next_index
[  181.241003][ T5916] find_entry called with index >= next_index
[  181.246995][ T5916] find_entry called with index >= next_index
[  181.253120][ T5916] find_entry called with index >= next_index
[  182.571770][  T102] team0 (unregistering): Port device team_slave_1 removed
[  182.652776][  T102] team0 (unregistering): Port device team_slave_0 removed
[  182.686635][  T102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  182.745961][  T102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  182.749040][ T5941] loop0: detected capacity change from 0 to 4096
[  182.782007][ T5941] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512)
[  182.959448][ T5944] fuse: Unknown parameter 'group_id00000000000000000000'
[  183.237221][  T102] bond0 (unregistering): Released all slaves
[  183.331345][ T3554] XFS (loop1): Unmounting Filesystem
[  183.454864][ T5780] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.510732][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  183.521644][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  183.556137][ T5780] 8021q: adding VLAN 0 to HW filter on device team0
[  183.586530][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  183.605620][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  183.624650][ T4399] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.631812][ T4399] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.691506][ T5196] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  183.700466][ T5196] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  183.710167][ T5196] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  183.710207][ T3554] syz-executor (3554) used greatest stack depth: 18544 bytes left
[  183.747203][ T5196] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.754334][ T5196] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.772968][ T5196] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  183.789505][ T5196] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  183.830052][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  183.847775][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  183.865431][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  183.883246][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  183.901818][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  183.924897][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  183.956043][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  183.966240][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  183.983551][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  184.004528][ T5780] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  184.501799][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  184.501897][ T3559] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  184.509263][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  184.536193][ T3569] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  184.544036][ T3569] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  184.561470][ T3569] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  184.580566][ T3569] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  184.587892][ T3569] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  184.834288][ T5780] 8021q: adding VLAN 0 to HW filter on device batadv0
[  185.813608][ T5977] loop3: detected capacity change from 0 to 4096
[  185.848284][ T5958] loop0: detected capacity change from 0 to 32768
[  185.898894][ T5977] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  186.130111][ T5984] find_entry called with index = 0
[  186.135369][ T5984] find_entry called with index = 0
[  186.141614][ T5984] find_entry called with index >= next_index
[  186.147608][ T5984] find_entry called with index >= next_index
[  186.153640][ T5984] find_entry called with index >= next_index
[  186.159615][ T5984] find_entry called with index >= next_index
[  186.165638][ T5984] find_entry called with index >= next_index
[  186.342966][ T5961] chnl_net:caif_netlink_parms(): no params data found
[  186.681185][ T3555] Bluetooth: hci1: command tx timeout
[  187.551756][ T5961] bridge0: port 1(bridge_slave_0) entered blocking state
[  187.586799][ T5961] bridge0: port 1(bridge_slave_0) entered disabled state
[  187.649446][ T5961] device bridge_slave_0 entered promiscuous mode
[  187.683275][ T3996] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  187.697431][ T3996] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  187.725726][ T5961] bridge0: port 2(bridge_slave_1) entered blocking state
[  187.746907][ T5961] bridge0: port 2(bridge_slave_1) entered disabled state
[  187.767391][ T5961] device bridge_slave_1 entered promiscuous mode
[  187.796837][ T3997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  187.809718][ T3997] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  187.835595][ T5780] device veth0_vlan entered promiscuous mode
[  187.866173][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  187.881643][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  187.923835][ T5780] device veth1_vlan entered promiscuous mode
[  187.957879][ T5961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.987735][ T3997] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  188.020760][ T3997] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  188.047388][ T5961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  188.069742][ T5780] device veth0_macvtap entered promiscuous mode
[  188.089372][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  188.104798][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  188.127495][ T5780] device veth1_macvtap entered promiscuous mode
[  188.142425][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  188.153099][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  188.212476][ T5961] team0: Port device team_slave_0 added
[  188.221756][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  188.234468][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.252882][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_0
[  188.262342][ T5961] team0: Port device team_slave_1 added
[  188.274976][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  188.301395][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  188.328529][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.377455][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.417567][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.430666][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.441305][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.455329][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.466668][ T5780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  188.478663][ T5780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  188.492483][ T5780] batman_adv: batadv0: Interface activated: batadv_slave_1
[  188.532920][ T5199] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  188.550104][ T5199] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  188.590923][ T5961] batman_adv: batadv0: Adding interface: batadv_slave_0
[  188.603687][ T5961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.689943][ T5961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  188.711382][ T3555] Bluetooth: hci1: command tx timeout
[  188.743562][ T5780] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  188.757966][ T5780] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  188.767784][ T5780] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  188.781013][ T5780] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  188.796740][ T5961] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.813520][ T5961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.840262][ T5961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.979600][ T5961] device hsr_slave_0 entered promiscuous mode
[  189.000244][ T5961] device hsr_slave_1 entered promiscuous mode
[  189.020168][ T5961] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  189.047031][ T5961] Cannot create hsr debugfs directory
[  189.103207][ T4241] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.123376][ T4241] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.171649][ T3996] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  189.204714][ T4241] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  189.216817][ T4241] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  189.316600][ T3997] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  189.560498][ T6019] syz.3.512 sent an empty control message without MSG_MORE.
[  190.425252][ T5961] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.546583][ T5961] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.618635][ T6023] loop0: detected capacity change from 0 to 4096
[  190.651953][ T6023] ntfs3: loop0: Different NTFS' sector size (2048) and media sector size (512)
[  190.703313][ T5961] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.791319][ T3555] Bluetooth: hci1: command tx timeout
[  190.918702][ T6024] device syzkaller0 entered promiscuous mode
[  190.969090][ T5961] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.405334][ T6031] loop3: detected capacity change from 0 to 32768
[  191.618011][ T6031] find_entry called with index >= next_index
[  191.625479][ T6031] find_entry called with index >= next_index
[  191.632091][ T6031] find_entry called with index >= next_index
[  191.638092][ T6031] find_entry called with index >= next_index
[  191.644149][ T6031] find_entry called with index >= next_index
[  191.872913][ T6039] loop0: detected capacity change from 0 to 32768
[  191.940646][ T6039] XFS: noikeep mount option is deprecated.
[  191.993507][ T6039] XFS (loop0): Mounting V5 Filesystem
[  192.872426][ T3555] Bluetooth: hci1: command tx timeout
[  192.890491][ T6039] XFS (loop0): Ending clean mount
[  192.899287][ T6039] XFS (loop0): Quotacheck needed: Please wait.
[  193.033136][ T6039] XFS (loop0): Quotacheck: Done.
[  193.282106][ T3552] XFS (loop0): Unmounting Filesystem
[  194.142398][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  194.431471][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  195.872271][ T3569] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  195.885748][ T3569] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  195.893514][ T3569] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  195.902053][ T3569] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  195.909978][ T3569] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  195.917490][ T3569] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  195.943260][ T6083] loop4: detected capacity change from 0 to 1024
[  196.006807][ T6084] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  196.762537][ T6084] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  198.002690][ T3569] Bluetooth: hci0: command tx timeout
[  198.326227][ T5961] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  198.647059][ T5961] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  198.714835][ T5961] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  198.755025][ T5961] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  199.324598][ T6153] loop2: detected capacity change from 0 to 32768
[  199.467599][ T6153] XFS (loop2): Mounting V5 Filesystem
[  199.636573][ T6153] XFS (loop2): Ending clean mount
[  199.664196][ T6153] XFS (loop2): Quotacheck needed: Please wait.
[  199.676544][ T5961] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.748776][ T6153] XFS (loop2): Quotacheck: Done.
[  199.785292][  T102] device hsr_slave_0 left promiscuous mode
[  199.816493][  T102] device hsr_slave_1 left promiscuous mode
[  199.846232][  T102] batman_adv: batadv0: Removing interface: batadv_slave_0
[  199.847799][ T4127] XFS (loop2): Unmounting Filesystem
[  199.859662][  T102] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  199.878325][  T102] batman_adv: batadv0: Removing interface: batadv_slave_1
[  199.891340][  T102] device bridge_slave_1 left promiscuous mode
[  199.901190][  T102] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.942123][  T102] device bridge_slave_0 left promiscuous mode
[  199.955470][  T102] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.055296][  T102] device veth1_macvtap left promiscuous mode
[  200.071396][ T3555] Bluetooth: hci0: command tx timeout
[  200.100240][  T102] device veth0_macvtap left promiscuous mode
[  200.131986][  T102] device veth1_vlan left promiscuous mode
[  200.137876][  T102] device veth0_vlan left promiscuous mode
[  200.799742][  T102] team0 (unregistering): Port device team_slave_1 removed
[  200.829893][  T102] team0 (unregistering): Port device team_slave_0 removed
[  200.858560][  T102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  200.888515][  T102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  201.162236][  T102] bond0 (unregistering): Released all slaves
[  201.245882][ T5961] 8021q: adding VLAN 0 to HW filter on device team0
[  201.255356][ T6075] chnl_net:caif_netlink_parms(): no params data found
[  201.296584][ T3555] Bluetooth: hci5: command 0x0406 tx timeout
[  201.344878][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  201.361617][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  201.384392][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  201.397282][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  201.417521][ T3556] bridge0: port 1(bridge_slave_0) entered blocking state
[  201.424684][ T3556] bridge0: port 1(bridge_slave_0) entered forwarding state
[  201.433619][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  202.082540][ T3997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  202.116820][ T6199] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  202.127821][ T6199] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  202.137642][ T3997] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  202.151284][ T3555] Bluetooth: hci0: command tx timeout
[  202.158090][ T3997] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.165263][ T3997] bridge0: port 2(bridge_slave_1) entered forwarding state
[  202.181367][ T6075] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.189786][ T6075] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.344068][ T6075] device bridge_slave_0 entered promiscuous mode
[  202.373953][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  202.398003][ T6075] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.421670][ T6075] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.421703][ T6202] loop4: detected capacity change from 0 to 4096
[  202.464113][ T6075] device bridge_slave_1 entered promiscuous mode
[  202.489464][ T6202] ntfs3: loop4: Different NTFS' sector size (2048) and media sector size (512)
[  202.542979][ T3997] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  202.581442][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  202.602733][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  202.632534][ T6075] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  202.673913][ T6075] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  202.705591][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  202.719687][ T6208] loop2: detected capacity change from 0 to 1024
[  202.733105][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  202.757785][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  202.810181][ T6210] netlink: 'syz.3.543': attribute type 29 has an invalid length.
[  202.859661][ T6210] netlink: 'syz.3.543': attribute type 29 has an invalid length.
[  202.876325][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  202.895333][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  202.919849][ T6207] can: request_module (can-proto-0) failed.
[  202.923462][ T5961] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  202.938087][ T5961] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  202.951756][ T6075] team0: Port device team_slave_0 added
[  202.963667][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  202.973658][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  203.014640][ T6075] team0: Port device team_slave_1 added
[  203.067775][ T6075] batman_adv: batadv0: Adding interface: batadv_slave_0
[  203.091833][ T6075] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.170448][ T6075] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  203.201986][ T6075] batman_adv: batadv0: Adding interface: batadv_slave_1
[  203.227252][ T6075] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.314580][ T6075] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  203.438928][ T6075] device hsr_slave_0 entered promiscuous mode
[  203.467152][ T6075] device hsr_slave_1 entered promiscuous mode
[  203.483520][ T6075] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  203.504801][ T6075] Cannot create hsr debugfs directory
[  203.621767][ T6225] loop3: detected capacity change from 0 to 1024
[  203.674912][ T5199] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  203.686496][ T6225] EXT4-fs: Ignoring removed orlov option
[  203.702317][ T6225] EXT4-fs: Ignoring removed nomblk_io_submit option
[  203.705328][ T5199] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  203.741116][ T5961] 8021q: adding VLAN 0 to HW filter on device batadv0
[  203.768913][ T6225] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8803c118, mo2=0002]
[  203.796695][ T6225] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  203.877367][ T6225] overlayfs: failed to resolve './file0': -2
[  203.902242][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  203.911812][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  203.935872][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  203.944882][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  203.956674][ T5961] device veth0_vlan entered promiscuous mode
[  203.987873][ T5199] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  204.013020][ T5199] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  204.073565][ T3562] EXT4-fs (loop3): unmounting filesystem.
[  204.127327][ T6075] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.179096][ T5961] device veth1_vlan entered promiscuous mode
[  204.233521][ T3555] Bluetooth: hci0: command tx timeout
[  204.275285][ T5961] device veth0_macvtap entered promiscuous mode
[  204.310355][ T5961] device veth1_macvtap entered promiscuous mode
[  204.368083][ T5961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.399927][ T5961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.442122][ T5961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  204.494040][ T5961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.524012][ T6235] loop3: detected capacity change from 0 to 512
[  204.546169][ T6235] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  204.546613][ T5961] batman_adv: batadv0: Interface activated: batadv_slave_0
[  204.595861][ T6075] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.609598][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  204.618814][ T6235] ext4 filesystem being mounted at /132/bus supports timestamps until 2038 (0x7fffffff)
[  204.619502][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  204.641700][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  204.651332][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  204.659874][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  204.668104][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  204.677199][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  204.688447][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  204.715659][ T5961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.781501][ T5961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  204.805659][ T5961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  204.816584][ T5961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.627568][ T5961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  205.648480][ T5961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.698927][ T5961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  205.730592][ T5961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  205.772994][ T5961] batman_adv: batadv0: Interface activated: batadv_slave_1
[  205.811162][ T3562] EXT4-fs (loop3): unmounting filesystem.
[  205.843017][ T6075] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  205.898315][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  205.947367][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  206.027293][ T6249] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  206.842351][ T6249] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  206.916994][ T6075] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.982539][ T5961] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  207.009373][ T5961] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  207.033803][ T5961] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  207.056478][ T5961] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  207.297188][ T4228] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  207.329170][ T4228] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  207.383115][ T6075] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  207.394349][ T4212] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  207.429696][ T4164] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  207.432527][ T4212] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  207.440347][ T6075] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  207.492700][ T6075] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  207.509082][ T3598] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  207.548175][ T6075] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  208.448631][ T3569] Bluetooth: latency 2018 > 499
[  208.473249][ T6075] 8021q: adding VLAN 0 to HW filter on device bond0
[  208.540388][ T6255] loop4: detected capacity change from 0 to 32768
[  208.561593][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  208.570930][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  208.571241][ T6255] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.553 (6255)
[  209.297145][ T6075] 8021q: adding VLAN 0 to HW filter on device team0
[  209.311430][ T6255] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  209.341046][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  209.350643][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  209.359571][ T6255] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  209.369481][ T4399] bridge0: port 1(bridge_slave_0) entered blocking state
[  209.376638][ T4399] bridge0: port 1(bridge_slave_0) entered forwarding state
[  209.384510][ T6255] BTRFS info (device loop4): using free space tree
[  209.416581][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  209.425935][ T6280] Illegal XDP return value 4294967282 on prog  (id 79) dev N/A, expect packet loss!
[  209.451708][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  209.500217][ T4399] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  209.546091][ T6263] loop2: detected capacity change from 0 to 32768
[  209.559606][ T4399] bridge0: port 2(bridge_slave_1) entered blocking state
[  209.566786][ T4399] bridge0: port 2(bridge_slave_1) entered forwarding state
[  209.592161][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  209.621766][ T3556] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  209.644385][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  209.669183][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  209.719907][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  209.721971][ T6263] XFS (loop2): Mounting V5 Filesystem
[  209.740610][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  209.748868][ T6255] BTRFS info (device loop4): enabling ssd optimizations
[  209.761928][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  209.770087][ T6290] loop3: detected capacity change from 0 to 4096
[  209.777220][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  209.806191][ T6290] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  209.820242][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  209.844627][ T6075] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  209.876831][ T6263] XFS (loop2): Ending clean mount
[  209.913514][ T6263] XFS (loop2): Quotacheck needed: Please wait.
[  209.922698][ T6075] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  209.924961][ T5780] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  209.940886][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  209.966405][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  209.997382][ T6263] XFS (loop2): Quotacheck: Done.
[  210.223846][ T4127] XFS (loop2): Unmounting Filesystem
[  210.357936][ T6317] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  210.374262][ T6317] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  210.481898][ T3569] Bluetooth: hci3: command 0x0406 tx timeout
[  213.047403][ T6344] fuse: Bad value for 'fd'
[  213.081235][ T6075] 8021q: adding VLAN 0 to HW filter on device batadv0
[  213.089044][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  213.107542][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  213.188135][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  213.204696][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  213.258155][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  213.267840][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  213.279819][ T6075] device veth0_vlan entered promiscuous mode
[  213.308339][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  213.316463][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  213.369168][ T6075] device veth1_vlan entered promiscuous mode
[  213.426670][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  213.442343][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  213.450264][ T6357] loop2: detected capacity change from 0 to 4096
[  213.460359][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  213.469349][ T5198] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  213.481053][ T6357] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[  217.179603][ T6075] device veth0_macvtap entered promiscuous mode
[  217.203820][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  217.319490][ T6365] QAT: Device 0 not found
[  217.326115][ T6075] device veth1_macvtap entered promiscuous mode
[  217.344698][ T6075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.362126][    T7] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  217.396241][ T6075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.397493][    T7] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  217.443966][ T6075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.454781][ T6075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.465900][ T6075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.502394][ T6075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.520799][ T6075] batman_adv: batadv0: Interface activated: batadv_slave_0
[  217.546948][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  217.653128][ T6367] loop1: detected capacity change from 0 to 4096
[  217.662768][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  217.694165][ T6367] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[  218.517567][ T6372] loop3: detected capacity change from 0 to 32768
[  218.524473][ T6372] XFS: noikeep mount option is deprecated.
[  218.626643][ T6367] ntfs3: loop1: Failed to load $MFT.
[  218.673048][ T3569] Bluetooth: hci5: unexpected event for opcode 0x0c1a
[  218.683243][ T6075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.719772][ T6372] XFS (loop3): Mounting V5 Filesystem
[  218.778001][ T6372] XFS (loop3): Ending clean mount
[  218.788551][ T6075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.793630][ T6372] XFS (loop3): Quotacheck needed: Please wait.
[  218.804143][ T6075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.811682][ T6364] loop4: detected capacity change from 0 to 32768
[  218.837472][ T6075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.848488][ T6075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.857532][ T6372] XFS (loop3): Quotacheck: Done.
[  218.878636][ T6364] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.577 (6364)
[  218.886759][ T6075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.904311][ T6075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.915019][ T6075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.924972][ T6075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  218.930864][ T6364] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  218.947891][ T6075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  218.952393][ T6364] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  218.968910][ T6364] BTRFS info (device loop4): using free space tree
[  219.057970][ T6075] batman_adv: batadv0: Interface activated: batadv_slave_1
[  219.070141][ T3562] XFS (loop3): Unmounting Filesystem
[  219.080026][ T4164] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  219.092178][ T4164] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  219.110557][ T6075] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  219.126858][ T6075] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  219.137295][ T6075] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  219.146276][ T6075] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  219.319786][ T6364] BTRFS info (device loop4): enabling ssd optimizations
[  219.339914][  T102] device hsr_slave_0 left promiscuous mode
[  219.377574][   T26] audit: type=1800 audit(1721442707.236:11): pid=6364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.577" name="bus" dev="loop4" ino=263 res=0 errno=0
[  219.445384][  T102] device hsr_slave_1 left promiscuous mode
[  219.612131][  T102] batman_adv: batadv0: Removing interface: batadv_slave_0
[  220.082094][  T102] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  220.121165][  T102] batman_adv: batadv0: Removing interface: batadv_slave_1
[  220.148229][ T5780] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  220.150303][  T102] device bridge_slave_1 left promiscuous mode
[  220.174491][  T102] bridge0: port 2(bridge_slave_1) entered disabled state
[  220.194603][  T102] device bridge_slave_0 left promiscuous mode
[  220.206680][  T102] bridge0: port 1(bridge_slave_0) entered disabled state
[  220.319700][  T102] device veth1_macvtap left promiscuous mode
[  220.326066][  T102] device veth0_macvtap left promiscuous mode
[  220.332677][  T102] device veth1_vlan left promiscuous mode
[  220.338645][  T102] device veth0_vlan left promiscuous mode
[  220.689444][  T102] team0 (unregistering): Port device team_slave_1 removed
[  220.743333][  T102] team0 (unregistering): Port device team_slave_0 removed
[  220.791413][  T102] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  220.841041][  T102] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  221.719167][  T102] bond0 (unregistering): Released all slaves
[  221.986002][ T2466] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.055439][ T2466] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.081534][ T4236] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  222.110301][ T4236] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.131185][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  222.157967][  T153] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  222.367362][ T6421] infiniband syz1: set active
[  222.374578][ T6421] infiniband syz1: added veth0_vlan
[  222.388392][ T6421] rdma_rxe: unable to create cq
[  222.724101][ T3569] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  222.752104][ T6421] infiniband syz1: Couldn't create ib_mad CQ
[  222.941204][ T3569] Bluetooth: hci5: Injecting HCI hardware error event
[  222.952180][ T3555] Bluetooth: hci5: hardware error 0x00
[  223.131472][ T6421] infiniband syz1: Couldn't open port 1
[  224.045478][ T6421] RDS/IB: syz1: added
[  224.075631][ T6421] smc: adding ib device syz1 with port count 1
[  224.113634][ T6432] loop3: detected capacity change from 0 to 32768
[  224.141389][ T6421] smc:    ib device syz1 port 1 has pnetid 
[  224.285087][ T6428] loop2: detected capacity change from 0 to 32768
[  224.294085][ T6428] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.588 (6428)
[  224.337628][ T6428] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  224.373619][ T6428] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  224.391079][ T6428] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  224.511317][ T6428] BTRFS info (device loop2): use zstd compression, level 3
[  224.566820][ T6428] BTRFS info (device loop2): using free space tree
[  225.084637][ T6428] BTRFS error (device loop2): open_ctree failed
[  225.173474][ T6360] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by udevd (6360)
[  225.271103][ T3555] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  226.028123][ T6506] MPTCP: kernel_bind error, err=-22
[  228.528732][ T6532] xt_bpf: check failed: parse error
[  229.008211][ T6534] fuse: Invalid rootmode
[  229.079202][ T6536] loop4: detected capacity change from 0 to 164
[  229.206520][ T6536] loop4: detected capacity change from 164 to 0
[  229.421090][ T6520] loop2: detected capacity change from 0 to 32768
[  230.575417][ T6524] loop0: detected capacity change from 0 to 32768
[  230.676315][ T6558] MPTCP: kernel_bind error, err=-22
[  230.699193][ T6488] I/O error, dev loop0, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  230.931754][ T6555] loop2: detected capacity change from 0 to 8192
[  231.032630][ T6555] ntfs3: Unknown parameter '€'
[  231.629233][ T6488] I/O error, dev loop2, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  232.356380][ T6580] fuse: Bad value for 'rootmode'
[  233.638707][ T6592] netlink: 68 bytes leftover after parsing attributes in process `syz.2.630'.
[  233.645985][ T6570] loop3: detected capacity change from 0 to 32768
[  234.005382][ T6570] find_entry called with index >= next_index
[  234.011458][ T6570] find_entry called with index >= next_index
[  234.017442][ T6570] find_entry called with index >= next_index
[  234.024070][ T6570] find_entry called with index >= next_index
[  234.030058][ T6570] find_entry called with index >= next_index
[  234.362006][ T6594] loop1: detected capacity change from 0 to 32768
[  234.401095][ T6594] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  234.421102][ T6594] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  234.457693][ T6594] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  234.527558][ T6594] BTRFS info (device loop1): use zstd compression, level 3
[  234.634023][ T6594] BTRFS info (device loop1): using free space tree
[  235.367960][ T6594] BTRFS info (device loop1): enabling ssd optimizations
[  235.394312][ T6594] BTRFS info (device loop1): checking UUID tree
[  235.579569][ T5961] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  235.597435][ T6619] loop2: detected capacity change from 0 to 8192
[  235.637894][ T6619] ntfs3: Unknown parameter '€'
[  236.211095][ T3555] Bluetooth: hci3: SCO packet for unknown connection handle 0
[  236.809091][ T6639] capability: warning: `syz.1.638' uses deprecated v2 capabilities in a way that may be insecure
[  237.749499][ T6641] netlink: 12 bytes leftover after parsing attributes in process `syz.1.638'.
[  238.073245][ T6658] IPVS: stopping backup sync thread 6659 ...
[  238.080319][ T6659] IPVS: sync thread started: state = BACKUP, mcast_ifn = hsr0, syncid = 0, id = 0
[  238.086070][ T6650] loop2: detected capacity change from 0 to 4096
[  238.149251][ T6650] ntfs3: loop2: Different NTFS' sector size (2048) and media sector size (512)
[  238.161187][    T7] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  238.401043][    T7] usb 2-1: Using ep0 maxpacket: 16
[  239.211281][    T7] usb 2-1: too many configurations: 143, using maximum allowed: 8
[  239.424052][ T6675] xt_bpf: check failed: parse error
[  240.535777][ T6672] loop0: detected capacity change from 0 to 8192
[  240.551177][    T7] usb 2-1: unable to read config index 0 descriptor/start: -71
[  240.560750][    T7] usb 2-1: can't read configurations, error -71
[  240.586693][ T6672] ntfs3: Unknown parameter '€'
[  241.410248][ T6488] I/O error, dev loop0, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  242.289708][ T6704] loop0: detected capacity change from 0 to 512
[  242.350724][ T6699] loop3: detected capacity change from 0 to 4096
[  242.365182][ T6699] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  242.389554][ T6704] EXT4-fs (loop0): 1 truncate cleaned up
[  242.449130][ T6704] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  242.651161][ T3599] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  242.941145][ T3599] usb 5-1: Using ep0 maxpacket: 8
[  243.081211][ T3599] usb 5-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[  243.142597][ T3599] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  243.284737][ T3599] usb 5-1: config 0 descriptor??
[  243.365869][ T3599] usb 5-1: bad CDC descriptors
[  243.372500][ T3599] usb 5-1: bad CDC descriptors
[  243.389808][ T3599] cdc_acm 5-1:0.0: Control and data interfaces are not separated!
[  243.422193][ T3599] cdc_acm 5-1:0.0: This needs exactly 3 endpoints
[  243.444235][ T3599] cdc_acm: probe of 5-1:0.0 failed with error -22
[  246.290378][ T6732] loop1: detected capacity change from 0 to 32768
[  246.297591][ T6732] XFS: noikeep mount option is deprecated.
[  246.410692][ T5196] usb 5-1: USB disconnect, device number 4
[  246.415714][ T6732] XFS (loop1): Mounting V5 Filesystem
[  246.511424][ T6732] XFS (loop1): Ending clean mount
[  246.518966][ T6732] XFS (loop1): Quotacheck needed: Please wait.
[  246.563811][ T6732] XFS (loop1): Quotacheck: Done.
[  246.742854][ T6749] fuse: Unknown parameter 'use00000000000000000000'
[  246.801455][ T5961] XFS (loop1): Unmounting Filesystem
[  247.963912][ T6806] loop2: detected capacity change from 0 to 1024
[  250.105619][ T6075] EXT4-fs (loop0): unmounting filesystem.
[  250.231940][ T6826] loop4: detected capacity change from 0 to 128
[  250.873664][ T6840] QAT: Device 0 not found
[  250.940315][ T6844] fuse: Unknown parameter 'use00000000000000000000'
[  251.031981][  T153] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  251.047113][  T153] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  251.230208][ T6851] MPTCP: kernel_bind error, err=-22
[  252.818386][ T6915] loop2: detected capacity change from 0 to 1024
[  253.527683][ T6928] device bond0 entered promiscuous mode
[  253.538124][ T6928] device bond_slave_0 entered promiscuous mode
[  253.548009][ T6928] device bond_slave_1 entered promiscuous mode
[  254.462818][ T6940] fuse: Unknown parameter 'use00000000000000000000'
[  254.496290][ T6933] netlink: 'syz.3.697': attribute type 29 has an invalid length.
[  254.528079][ T6933] netlink: 'syz.3.697': attribute type 29 has an invalid length.
[  254.546888][ T6946] MPTCP: kernel_bind error, err=-22
[  254.610396][ T6941] can: request_module (can-proto-0) failed.
[  254.812355][ T6950] loop3: detected capacity change from 0 to 512
[  254.901137][ T6950] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #15: comm syz.3.701: pblk 0 bad header/extent: invalid eh_entries - magic f30a, entries 24833, max 4(4), depth 0(0)
[  254.965965][ T6950] EXT4-fs error (device loop3): ext4_orphan_get:1401: comm syz.3.701: couldn't read orphan inode 15 (err -117)
[  254.978475][ T6950] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  254.995223][ T6950] ext4 filesystem being mounted at /170/file0 supports timestamps until 2038 (0x7fffffff)
[  255.522767][ T1245] ieee802154 phy0 wpan0: encryption failed: -22
[  255.529630][ T1245] ieee802154 phy1 wpan1: encryption failed: -22
[  256.015320][ T6966] loop1: detected capacity change from 0 to 65536
[  256.853454][ T6966] XFS (loop1): Mounting V5 Filesystem
[  256.952056][ T6966] XFS (loop1): Ending clean mount
[  256.958500][ T6966] XFS (loop1): Quotacheck needed: Please wait.
[  257.362554][ T3555] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  257.373159][ T3555] Bluetooth: hci1: Injecting HCI hardware error event
[  257.384467][ T3555] Bluetooth: hci1: hardware error 0x00
[  257.935309][ T6966] XFS (loop1): Quotacheck: Done.
[  258.230667][ T6998] fuse: Unknown parameter 'user_i00000000000000000000'
[  258.283541][ T7000] MPTCP: kernel_bind error, err=-22
[  259.197853][ T5961] XFS (loop1): Unmounting Filesystem
[  259.604216][ T3562] EXT4-fs (loop3): unmounting filesystem.
[  260.172131][ T3555] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  261.031155][ T3559] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  261.039776][ T3559] Bluetooth: hci0: Injecting HCI hardware error event
[  261.048944][ T3555] Bluetooth: hci0: hardware error 0x00
[  261.669872][ T7035] fuse: Unknown parameter 'user_i00000000000000000000'
[  261.890269][ T7036] MPTCP: kernel_bind error, err=-22
[  262.194510][ T7020] loop4: detected capacity change from 0 to 8192
[  262.261841][ T7020] ntfs3: Unknown parameter '€'
[  263.373886][ T3555] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  263.439238][   T26] audit: type=1326 audit(1721442751.296:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7046 comm="syz.1.718" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f68aef75b59 code=0x0
[  263.460814][    C0] vkms_vblank_simulate: vblank timer overrun
[  263.550142][ T7044] netlink: 4 bytes leftover after parsing attributes in process `syz.4.731'.
[  263.686482][ T7057] device syz_tun entered promiscuous mode
[  263.709170][ T7057] device syz_tun left promiscuous mode
[  266.113189][ T7082] MPTCP: kernel_bind error, err=-22
[  267.002079][   T52] block nbd1: Attempted send on invalid socket
[  267.013777][   T52] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  267.034235][ T7084] hfsplus: unable to find HFS+ superblock
[  267.068368][ T7085] loop3: detected capacity change from 0 to 32768
[  267.075487][ T7085] XFS: noikeep mount option is deprecated.
[  267.168929][ T7085] XFS (loop3): Mounting V5 Filesystem
[  267.286298][ T7085] XFS (loop3): Ending clean mount
[  267.296872][ T7085] XFS (loop3): Quotacheck needed: Please wait.
[  267.375492][ T7085] XFS (loop3): Quotacheck: Done.
[  267.528280][ T7077] loop4: detected capacity change from 0 to 32768
[  267.571188][ T7077] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.740 (7077)
[  267.604357][ T3562] XFS (loop3): Unmounting Filesystem
[  267.620193][ T7077] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  267.630679][ T7077] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  267.647190][ T7077] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  267.659401][ T7077] BTRFS info (device loop4): use zstd compression, level 3
[  267.701109][ T7077] BTRFS info (device loop4): using free space tree
[  268.035573][ T7077] BTRFS info (device loop4): enabling ssd optimizations
[  268.066833][ T7077] BTRFS info (device loop4): checking UUID tree
[  268.210576][ T5780] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  268.531372][ T7119] loop3: detected capacity change from 0 to 32768
[  268.540683][ T7119] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.744 (7119)
[  268.569997][ T7119] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  268.594198][ T7119] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  268.610450][ T7119] BTRFS info (device loop3): setting nodatacow, compression disabled
[  268.619884][ T7119] BTRFS info (device loop3): enabling auto defrag
[  268.635565][ T7119] BTRFS info (device loop3): doing ref verification
[  268.642680][ T7119] BTRFS info (device loop3): using free space tree
[  268.886950][ T3562] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  269.255238][ T7155] loop0: detected capacity change from 0 to 128
[  272.426996][ T7182] loop0: detected capacity change from 0 to 32768
[  272.434154][ T7182] XFS: noikeep mount option is deprecated.
[  272.629739][ T7182] XFS (loop0): Mounting V5 Filesystem
[  272.962099][ T7251] xt_bpf: check failed: parse error
[  273.118498][ T7182] XFS (loop0): Ending clean mount
[  273.126063][ T7182] XFS (loop0): Quotacheck needed: Please wait.
[  273.191101][ T3555] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  273.199815][ T3555] Bluetooth: hci4: Injecting HCI hardware error event
[  273.208619][ T3559] Bluetooth: hci4: hardware error 0x00
[  273.339107][ T7182] XFS (loop0): Quotacheck: Done.
[  273.593378][ T6075] XFS (loop0): Unmounting Filesystem
[  274.856134][ T3555] Bluetooth: hci3: unexpected event for opcode 0x0c1a
[  275.501273][ T3599] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  275.603635][ T7296] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  275.671531][ T3559] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  275.776278][ T3599] usb 1-1: Using ep0 maxpacket: 32
[  275.901182][ T3599] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  275.928245][ T3599] usb 1-1: config 7 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.952065][ T3599] usb 1-1: config 7 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.980986][ T3599] usb 1-1: config 7 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  276.014526][ T3599] usb 1-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  276.031010][ T3599] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.136369][ T7303] loop4: detected capacity change from 0 to 32768
[  277.229246][ T7314] loop3: detected capacity change from 0 to 32768
[  277.236401][ T7314] XFS: noikeep mount option is deprecated.
[  277.344599][ T3599] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0
[  277.394846][ T7313] find_entry called with index >= next_index
[  277.402570][ T7313] find_entry called with index >= next_index
[  277.408577][ T7313] find_entry called with index >= next_index
[  277.414616][ T7313] find_entry called with index >= next_index
[  277.420595][ T7313] find_entry called with index >= next_index
[  277.602055][ T3599] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0
[  277.685634][ T3599] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0
[  277.714316][ T3599] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0
[  277.733319][ T3599] ntrig 0003:1B96:000A.0003: unknown main item tag 0x0
[  277.777332][ T3599] ntrig 0003:1B96:000A.0003: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.0-1/input0
[  277.854730][ T7314] XFS (loop3): Mounting V5 Filesystem
[  277.924807][ T3599] usb 1-1: USB disconnect, device number 4
[  278.032221][ T7314] XFS (loop3): Ending clean mount
[  278.039363][ T7314] XFS (loop3): Quotacheck needed: Please wait.
[  278.084970][ T7314] XFS (loop3): Quotacheck: Done.
[  278.292313][ T3562] XFS (loop3): Unmounting Filesystem
[  278.727190][ T7324] loop2: detected capacity change from 0 to 32768
[  278.743915][ T7324] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.775 (7324)
[  278.794843][ T7324] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  278.816492][ T7324] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  278.871159][ T3559] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  278.880860][ T7324] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  278.881702][ T3559] Bluetooth: hci3: Injecting HCI hardware error event
[  278.961903][ T3555] Bluetooth: hci3: hardware error 0x00
[  279.009681][ T7324] BTRFS info (device loop2): use zstd compression, level 3
[  279.106183][ T7324] BTRFS info (device loop2): using free space tree
[  279.868678][ T7339] loop4: detected capacity change from 0 to 8192
[  279.892232][ T7339] ntfs3: Unknown parameter '€'
[  279.962724][ T6488] I/O error, dev loop4, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  279.978686][ T7357] netlink: 12 bytes leftover after parsing attributes in process `syz.3.781'.
[  280.057794][ T7359] xt_bpf: check failed: parse error
[  281.561980][ T7324] BTRFS error (device loop2): open_ctree failed
[  281.591046][ T3555] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  281.841055][ T4399] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  281.926000][ T7368] loop0: detected capacity change from 0 to 32768
[  281.956522][ T7368] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.783 (7368)
[  282.009183][ T7368] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  282.019583][ T7368] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  282.038760][ T7368] BTRFS info (device loop0): setting nodatacow, compression disabled
[  282.047281][ T7368] BTRFS info (device loop0): force clearing of disk cache
[  282.071549][ T7368] BTRFS info (device loop0): setting datacow
[  282.086388][ T7368] BTRFS info (device loop0): doing ref verification
[  282.106275][ T7368] BTRFS info (device loop0): turning off barriers
[  282.131062][ T4399] usb 4-1: Using ep0 maxpacket: 16
[  282.133661][ T7368] BTRFS info (device loop0): enabling ssd optimizations
[  282.171314][ T4399] usb 4-1: too many configurations: 143, using maximum allowed: 8
[  282.183640][ T7368] BTRFS info (device loop0): using spread ssd allocation scheme
[  282.211729][ T7368] BTRFS info (device loop0): not using ssd optimizations
[  282.233479][ T7368] BTRFS info (device loop0): not using spread ssd allocation scheme
[  282.261469][ T7368] BTRFS info (device loop0): using free space tree
[  282.311295][ T4399] usb 4-1: unable to read config index 0 descriptor/start: -61
[  282.318891][ T4399] usb 4-1: can't read configurations, error -61
[  282.448299][ T7368] BTRFS info (device loop0): rebuilding free space tree
[  282.481036][ T4399] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  282.658053][ T7374] loop2: detected capacity change from 0 to 40427
[  282.704865][ T7374] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  282.741080][ T4399] usb 4-1: Using ep0 maxpacket: 16
[  282.747642][ T7374] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  282.785752][ T7374] F2FS-fs (loop2): invalid crc value
[  282.791625][ T4399] usb 4-1: too many configurations: 143, using maximum allowed: 8
[  282.803626][ T6075] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  282.850856][ T7374] F2FS-fs (loop2): Found nat_bits in checkpoint
[  282.891176][ T4399] usb 4-1: unable to read config index 0 descriptor/start: -71
[  282.898857][ T4399] usb 4-1: can't read configurations, error -71
[  282.958703][ T4399] usb usb4-port1: attempt power cycle
[  283.120873][ T7385] loop4: detected capacity change from 0 to 32768
[  283.836727][ T7405] fuse: Bad value for 'fd'
[  283.865439][ T7374] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  283.891302][ T7374] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  284.341698][ T7413] F2FS-fs (loop2): do_checkpoint failed err:-5, stop checkpoint
[  284.822046][ T7420] find_entry called with index >= next_index
[  284.828111][ T7420] find_entry called with index >= next_index
[  284.834225][ T7420] find_entry called with index >= next_index
[  284.840207][ T7420] find_entry called with index >= next_index
[  284.846262][ T7420] find_entry called with index >= next_index
[  286.291117][ T3996] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  286.551201][ T3996] usb 1-1: Using ep0 maxpacket: 8
[  287.511280][ T3996] usb 1-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[  287.546937][ T3996] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.637488][ T3996] usb 1-1: config 0 descriptor??
[  287.786101][ T3996] usb 1-1: bad CDC descriptors
[  287.792184][ T3996] usb 1-1: bad CDC descriptors
[  288.629158][ T3996] cdc_acm 1-1:0.0: Control and data interfaces are not separated!
[  288.660908][ T3996] cdc_acm 1-1:0.0: This needs exactly 3 endpoints
[  288.693983][ T3996] cdc_acm: probe of 1-1:0.0 failed with error -22
[  288.714862][ T3996] usb 1-1: USB disconnect, device number 5
[  288.964804][ T7480] loop4: detected capacity change from 0 to 1024
[  289.634673][ T7486] fuse: Bad value for 'fd'
[  289.779480][ T7477] loop0: detected capacity change from 0 to 32768
[  289.931220][ T7477] XFS: ikeep mount option is deprecated.
[  289.939412][ T7477] XFS: noikeep mount option is deprecated.
[  290.409584][ T7477] XFS (loop0): Mounting V5 Filesystem
[  291.303628][ T7477] XFS (loop0): Ending clean mount
[  291.352328][ T7477] XFS (loop0): Quotacheck needed: Please wait.
[  291.435180][ T7477] XFS (loop0): Quotacheck: Done.
[  291.642266][ T6075] XFS (loop0): Unmounting Filesystem
[  291.781258][ T3600] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  292.041016][ T3600] usb 4-1: Using ep0 maxpacket: 8
[  292.070381][ T7525] loop4: detected capacity change from 0 to 32768
[  292.107918][ T7525] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.822 (7525)
[  292.161214][ T3600] usb 4-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[  292.180472][ T3600] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.221819][ T3600] usb 4-1: config 0 descriptor??
[  292.261355][ T7525] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  292.302331][ T7525] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  292.329502][ T3600] usb 4-1: bad CDC descriptors
[  292.335246][ T3600] usb 4-1: bad CDC descriptors
[  292.379451][ T3600] cdc_acm 4-1:0.0: Control and data interfaces are not separated!
[  292.392891][ T7525] BTRFS info (device loop4): using free space tree
[  292.425538][ T3600] cdc_acm 4-1:0.0: This needs exactly 3 endpoints
[  292.451245][ T3600] cdc_acm: probe of 4-1:0.0 failed with error -22
[  292.689095][ T7525] BTRFS info (device loop4): enabling ssd optimizations
[  293.745128][ T5780] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  293.946691][ T7530] loop2: detected capacity change from 0 to 40427
[  294.024427][ T7530] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  294.068622][ T7530] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  294.123790][ T7530] F2FS-fs (loop2): invalid crc value
[  294.154634][ T7530] F2FS-fs (loop2): Found nat_bits in checkpoint
[  294.264376][ T6314] usb 4-1: USB disconnect, device number 5
[  294.344020][ T7530] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  294.361798][ T7530] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  295.687707][ T7573] loop0: detected capacity change from 0 to 32768
[  295.704274][ T7573] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.832 (7573)
[  295.769874][ T7569] loop1: detected capacity change from 0 to 32768
[  295.788667][ T7573] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  295.846303][ T7569] BTRFS warning: duplicate device /dev/loop1 devid 1 generation 8 scanned by syz.1.829 (7569)
[  295.846591][ T7573] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  295.896701][ T6369] BTRFS warning: duplicate device /dev/loop1 devid 1 generation 8 scanned by udevd (6369)
[  295.940814][ T7573] BTRFS info (device loop0): setting nodatacow, compression disabled
[  295.980491][ T7573] BTRFS info (device loop0): setting datacow
[  296.021205][ T7573] BTRFS info (device loop0): doing ref verification
[  296.027844][ T7573] BTRFS info (device loop0): force clearing of disk cache
[  296.168720][ T7573] BTRFS info (device loop0): turning off barriers
[  296.184710][ T7573] BTRFS info (device loop0): enabling ssd optimizations
[  296.258414][ T7573] BTRFS info (device loop0): using spread ssd allocation scheme
[  296.269959][ T7573] BTRFS info (device loop0): not using ssd optimizations
[  296.293304][ T7573] BTRFS info (device loop0): not using spread ssd allocation scheme
[  296.309844][ T7573] BTRFS info (device loop0): using free space tree
[  296.549107][ T7573] BTRFS info (device loop0): rebuilding free space tree
[  296.640541][ T3600] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  296.666360][   T26] audit: type=1800 audit(1721442784.526:13): pid=7573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.832" name="bus" dev="loop0" ino=263 res=0 errno=0
[  296.692421][ T3600] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  296.716612][ T3600] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  296.844744][ T6075] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  297.313228][ T3596] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  297.611218][ T3596] usb 5-1: Using ep0 maxpacket: 32
[  297.802057][ T3596] usb 5-1: config 0 has an invalid interface number: 6 but max is 1
[  297.836769][ T3596] usb 5-1: config 0 has no interface number 1
[  297.851732][ T3596] usb 5-1: config 0 interface 6 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  297.878200][ T3596] usb 5-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[  298.063675][ T3596] usb 5-1: New USB device found, idVendor=2639, idProduct=0101, bcdDevice=76.ea
[  298.079925][ T3596] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.098686][ T3596] usb 5-1: Product: syz
[  298.138042][ T3596] usb 5-1: Manufacturer: syz
[  298.179787][ T3596] usb 5-1: SerialNumber: syz
[  298.244778][ T3596] usb 5-1: config 0 descriptor??
[  298.353510][ T3596] ftdi_sio 5-1:0.6: FTDI USB Serial Device converter detected
[  298.476518][ T3596] ftdi_sio ttyUSB0: unknown device type: 0x76ea
[  298.733307][ T3596] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  298.824285][ T3596] ftdi_sio ttyUSB1: unknown device type: 0x76ea
[  298.905228][ T3596] usb 5-1: USB disconnect, device number 5
[  298.956068][ T3596] ftdi_sio 5-1:0.6: device disconnected
[  298.995089][ T3596] ftdi_sio 5-1:0.0: device disconnected
[  299.105800][ T7661] xt_bpf: check failed: parse error
[  299.329853][ T7646] loop1: detected capacity change from 0 to 32768
[  299.475530][ T7646] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.849 (7646)
[  299.823683][ T7646] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  299.861185][ T7646] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  299.881294][ T7646] BTRFS info (device loop1): setting nodatacow, compression disabled
[  299.902883][ T7646] BTRFS info (device loop1): force clearing of disk cache
[  299.933637][ T7646] BTRFS info (device loop1): setting datacow
[  299.946361][ T7646] BTRFS info (device loop1): doing ref verification
[  299.961023][ T7646] BTRFS info (device loop1): turning off barriers
[  299.977813][ T7646] BTRFS info (device loop1): enabling ssd optimizations
[  300.003586][ T7646] BTRFS info (device loop1): using spread ssd allocation scheme
[  300.033665][ T7646] BTRFS info (device loop1): not using ssd optimizations
[  300.040742][ T7646] BTRFS info (device loop1): not using spread ssd allocation scheme
[  300.106530][ T7646] BTRFS info (device loop1): using free space tree
[  300.268130][ T7646] BTRFS info (device loop1): rebuilding free space tree
[  300.425116][ T7659] loop0: detected capacity change from 0 to 32768
[  300.468392][ T7659] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by syz.0.853 (7659)
[  300.535269][ T5961] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  300.542175][ T6360] BTRFS warning: duplicate device /dev/loop0 devid 1 generation 8 scanned by udevd (6360)
[  301.010077][ T7704] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  302.755093][ T7711] loop2: detected capacity change from 0 to 32768
[  302.777326][ T7711] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.863 (7711)
[  302.855304][ T7711] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  302.892044][ T7711] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  302.923752][ T7711] BTRFS info (device loop2): using free space tree
[  303.301081][ T7711] BTRFS info (device loop2): enabling ssd optimizations
[  303.520019][ T4127] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  303.942135][ T7731] loop0: detected capacity change from 0 to 32768
[  303.958604][ T7731] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.869 (7731)
[  304.024335][ T7731] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  304.051357][ T7757] loop2: detected capacity change from 0 to 1024
[  304.058415][ T7757] EXT4-fs: Ignoring removed orlov option
[  304.069064][ T7731] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  304.119371][ T7731] BTRFS info (device loop0): setting nodatacow, compression disabled
[  304.127704][ T7757] EXT4-fs: Ignoring removed nomblk_io_submit option
[  304.141153][ T7731] BTRFS info (device loop0): setting datacow
[  304.161029][ T7731] BTRFS info (device loop0): doing ref verification
[  304.173227][ T7731] BTRFS info (device loop0): force clearing of disk cache
[  304.180408][ T7731] BTRFS info (device loop0): turning off barriers
[  304.219220][ T7731] BTRFS info (device loop0): enabling ssd optimizations
[  304.227277][ T7757] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8803c118, mo2=0002]
[  304.227312][ T7731] BTRFS info (device loop0): using spread ssd allocation scheme
[  304.243395][ T7731] BTRFS info (device loop0): not using ssd optimizations
[  304.250431][ T7731] BTRFS info (device loop0): not using spread ssd allocation scheme
[  304.258608][ T7731] BTRFS info (device loop0): using free space tree
[  304.266415][ T7757] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  304.408190][ T4127] EXT4-fs (loop2): unmounting filesystem.
[  304.513482][ T7731] BTRFS info (device loop0): rebuilding free space tree
[  304.622636][   T26] audit: type=1800 audit(1721442792.486:14): pid=7731 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.869" name="bus" dev="loop0" ino=263 res=0 errno=0
[  304.788794][ T6075] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  305.158202][ T7798] loop0: detected capacity change from 0 to 2048
[  305.253829][ T7798] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  305.372995][ T7805] loop3: detected capacity change from 0 to 1024
[  305.432793][ T6075] EXT4-fs (loop0): unmounting filesystem.
[  305.442604][ T7807] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  305.478543][ T7809] MPTCP: kernel_bind error, err=-22
[  306.109770][ T7818] loop0: detected capacity change from 0 to 1024
[  306.142164][ T7818] EXT4-fs: Ignoring removed orlov option
[  306.153726][ T7818] EXT4-fs: Ignoring removed nomblk_io_submit option
[  306.218874][ T7818] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8803c118, mo2=0002]
[  306.234068][ T7818] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  306.472841][ T6075] EXT4-fs (loop0): unmounting filesystem.
[  306.961956][ T7825] loop2: detected capacity change from 0 to 32768
[  306.980739][ T7825] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.891 (7825)
[  307.029988][ T7825] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  307.071607][ T7825] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  307.096556][ T7825] BTRFS info (device loop2): setting nodatacow, compression disabled
[  307.130491][ T7825] BTRFS info (device loop2): setting datacow
[  307.138346][ T7825] BTRFS info (device loop2): doing ref verification
[  307.151072][ T7825] BTRFS info (device loop2): force clearing of disk cache
[  307.168422][ T7825] BTRFS info (device loop2): turning off barriers
[  307.175112][ T7825] BTRFS info (device loop2): enabling ssd optimizations
[  307.195878][ T7825] BTRFS info (device loop2): using spread ssd allocation scheme
[  307.218029][ T7825] BTRFS info (device loop2): not using ssd optimizations
[  307.240359][ T7825] BTRFS info (device loop2): not using spread ssd allocation scheme
[  307.264174][ T7825] BTRFS info (device loop2): using free space tree
[  307.482323][ T7825] BTRFS info (device loop2): rebuilding free space tree
[  307.650569][   T26] audit: type=1800 audit(1721442795.506:15): pid=7825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.891" name="bus" dev="loop2" ino=263 res=0 errno=0
[  307.707520][ T7864] loop0: detected capacity change from 0 to 512
[  307.808642][ T4127] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  307.825920][ T7864] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  307.851345][ T7864] ext4 filesystem being mounted at /70/bus supports timestamps until 2038 (0x7fffffff)
[  307.997884][ T7874] loop1: detected capacity change from 0 to 1024
[  308.018071][ T7874] EXT4-fs: Ignoring removed orlov option
[  308.029891][ T7876] loop3: detected capacity change from 0 to 2048
[  308.041256][ T7874] EXT4-fs: Ignoring removed nomblk_io_submit option
[  308.075732][ T7876] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  308.112591][ T7874] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=8803c118, mo2=0002]
[  308.134538][ T6075] EXT4-fs (loop0): unmounting filesystem.
[  308.162374][ T7874] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  308.299660][ T5961] EXT4-fs (loop1): unmounting filesystem.
[  309.356548][ T7888] ==================================================================
[  309.364646][ T7888] BUG: KASAN: null-ptr-deref in udf_bread+0x29f/0x4b0
[  309.371426][ T7888] Write of size 8 at addr 0000000000000000 by task syz.3.901/7888
[  309.379218][ T7888] 
[  309.381528][ T7888] CPU: 1 PID: 7888 Comm: syz.3.901 Not tainted 6.1.100-syzkaller #0
[  309.389501][ T7888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  309.399553][ T7888] Call Trace:
[  309.402820][ T7888]  <TASK>
[  309.405736][ T7888]  dump_stack_lvl+0x1e3/0x2cb
[  309.410407][ T7888]  ? nf_tcp_handle_invalid+0x642/0x642
[  309.415857][ T7888]  ? panic+0x764/0x764
[  309.419911][ T7888]  ? _printk+0xd1/0x111
[  309.424055][ T7888]  ? _raw_spin_lock_irqsave+0xac/0x120
[  309.429499][ T7888]  print_report+0xe6/0x4f0
[  309.433898][ T7888]  ? __virt_addr_valid+0x54/0x530
[  309.438906][ T7888]  ? udf_bread+0x29f/0x4b0
[  309.443311][ T7888]  kasan_report+0x136/0x160
[  309.447797][ T7888]  ? udf_bread+0x29f/0x4b0
[  309.452205][ T7888]  kasan_check_range+0x27f/0x290
[  309.457126][ T7888]  udf_bread+0x29f/0x4b0
[  309.461367][ T7888]  ? udf_add_aext+0x370/0x370
[  309.466048][ T7888]  ? __mark_inode_dirty+0x430/0xf80
[  309.471232][ T7888]  ? udf_write_aext+0x515/0x7a0
[  309.476066][ T7888]  udf_add_entry+0x1d1e/0x3350
[  309.480816][ T7888]  ? udf_add_nondir+0x5d0/0x5d0
[  309.485650][ T7888]  ? do_raw_spin_unlock+0x137/0x8a0
[  309.490836][ T7888]  ? __mark_inode_dirty+0x843/0xf80
[  309.496026][ T7888]  udf_add_nondir+0x132/0x5d0
[  309.500693][ T7888]  ? udf_find_entry+0x14d0/0x14d0
[  309.505706][ T7888]  ? __mark_inode_dirty+0x430/0xf80
[  309.510888][ T7888]  ? udf_lookup+0x370/0x370
[  309.515372][ T7888]  path_openat+0x12f1/0x2e60
[  309.519948][ T7888]  ? do_filp_open+0x480/0x480
[  309.524611][ T7888]  do_filp_open+0x230/0x480
[  309.529093][ T7888]  ? vfs_tmpfile+0x4a0/0x4a0
[  309.533672][ T7888]  ? _raw_spin_unlock+0x24/0x40
[  309.538501][ T7888]  ? alloc_fd+0x59c/0x640
[  309.542814][ T7888]  do_sys_openat2+0x13b/0x4f0
[  309.547474][ T7888]  ? do_sys_open+0x220/0x220
[  309.552045][ T7888]  ? blkcg_maybe_throttle_current+0x1ac/0xa30
[  309.558098][ T7888]  __x64_sys_openat+0x243/0x290
[  309.562941][ T7888]  ? __ia32_sys_open+0x270/0x270
[  309.567901][ T7888]  ? syscall_enter_from_user_mode+0x2e/0x230
[  309.573892][ T7888]  ? lockdep_hardirqs_on+0x94/0x130
[  309.579102][ T7888]  ? syscall_enter_from_user_mode+0x2e/0x230
[  309.585074][ T7888]  do_syscall_64+0x3b/0xb0
[  309.589488][ T7888]  ? clear_bhb_loop+0x45/0xa0
[  309.594157][ T7888]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  309.600045][ T7888] RIP: 0033:0x7fe154975b59
[  309.604449][ T7888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.624046][ T7888] RSP: 002b:00007fe1547bd048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  309.632450][ T7888] RAX: ffffffffffffffda RBX: 00007fe154b06110 RCX: 00007fe154975b59
[  309.640407][ T7888] RDX: 000000000000275a RSI: 0000000020000280 RDI: ffffffffffffff9c
[  309.648365][ T7888] RBP: 00007fe1549e4e5d R08: 0000000000000000 R09: 0000000000000000
[  309.656320][ T7888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  309.664278][ T7888] R13: 000000000000006e R14: 00007fe154b06110 R15: 00007ffd6fbbef38
[  309.672242][ T7888]  </TASK>
[  309.675254][ T7888] ==================================================================
[  309.987557][ T7876] syz.3.901: attempt to access beyond end of device
[  309.987557][ T7876] loop3: rw=2049, sector=2356, nr_sectors = 1 limit=2048
[  310.013310][ T7876] Buffer I/O error on dev loop3, logical block 2356, lost async page write
[  310.027747][ T7876] syz.3.901: attempt to access beyond end of device
[  310.027747][ T7876] loop3: rw=2049, sector=2357, nr_sectors = 1 limit=2048
[  310.048323][ T7888] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  310.055624][ T7888] CPU: 0 PID: 7888 Comm: syz.3.901 Not tainted 6.1.100-syzkaller #0
[  310.063607][ T7888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  310.073664][ T7888] Call Trace:
[  310.076938][ T7888]  <TASK>
[  310.079865][ T7888]  dump_stack_lvl+0x1e3/0x2cb
[  310.084554][ T7888]  ? nf_tcp_handle_invalid+0x642/0x642
[  310.090021][ T7888]  ? panic+0x764/0x764
[  310.094094][ T7888]  ? preempt_schedule_common+0xa6/0xd0
[  310.099646][ T7888]  ? vscnprintf+0x59/0x80
[  310.103986][ T7888]  panic+0x318/0x764
[  310.107889][ T7888]  ? check_panic_on_warn+0x1d/0xa0
[  310.113011][ T7888]  ? memcpy_page_flushcache+0xfc/0xfc
[  310.118387][ T7888]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  310.124376][ T7888]  ? _raw_spin_unlock+0x40/0x40
[  310.129230][ T7888]  ? print_report+0xe6/0x4f0
[  310.133831][ T7888]  check_panic_on_warn+0x7e/0xa0
[  310.138780][ T7888]  ? udf_bread+0x29f/0x4b0
[  310.143217][ T7888]  end_report+0x66/0x110
[  310.147470][ T7888]  kasan_report+0x143/0x160
[  310.151991][ T7888]  ? udf_bread+0x29f/0x4b0
[  310.156424][ T7888]  kasan_check_range+0x27f/0x290
[  310.160409][ T7898] loop0: detected capacity change from 0 to 32768
[  310.167762][ T7888]  udf_bread+0x29f/0x4b0
[  310.172032][ T7888]  ? udf_add_aext+0x370/0x370
[  310.176733][ T7888]  ? __mark_inode_dirty+0x430/0xf80
[  310.181945][ T7888]  ? udf_write_aext+0x515/0x7a0
[  310.186851][ T7888]  udf_add_entry+0x1d1e/0x3350
[  310.191635][ T7888]  ? udf_add_nondir+0x5d0/0x5d0
[  310.196501][ T7888]  ? do_raw_spin_unlock+0x137/0x8a0
[  310.201705][ T7888]  ? __mark_inode_dirty+0x843/0xf80
[  310.206924][ T7888]  udf_add_nondir+0x132/0x5d0
[  310.211641][ T7888]  ? udf_find_entry+0x14d0/0x14d0
[  310.216682][ T7888]  ? __mark_inode_dirty+0x430/0xf80
[  310.221895][ T7888]  ? udf_lookup+0x370/0x370
[  310.226425][ T7888]  path_openat+0x12f1/0x2e60
[  310.231041][ T7888]  ? do_filp_open+0x480/0x480
[  310.235736][ T7888]  do_filp_open+0x230/0x480
[  310.240246][ T7888]  ? vfs_tmpfile+0x4a0/0x4a0
[  310.244850][ T7888]  ? _raw_spin_unlock+0x24/0x40
[  310.249708][ T7888]  ? alloc_fd+0x59c/0x640
[  310.254044][ T7888]  do_sys_openat2+0x13b/0x4f0
[  310.258735][ T7888]  ? do_sys_open+0x220/0x220
[  310.263334][ T7888]  ? blkcg_maybe_throttle_current+0x1ac/0xa30
[  310.269416][ T7888]  __x64_sys_openat+0x243/0x290
[  310.274276][ T7888]  ? __ia32_sys_open+0x270/0x270
[  310.279229][ T7888]  ? syscall_enter_from_user_mode+0x2e/0x230
[  310.285220][ T7888]  ? lockdep_hardirqs_on+0x94/0x130
[  310.290423][ T7888]  ? syscall_enter_from_user_mode+0x2e/0x230
[  310.291054][ T7876] Buffer I/O error on dev loop3, logical block 2357, lost async page write
[  310.291102][ T7876] syz.3.901: attempt to access beyond end of device
[  310.291102][ T7876] loop3: rw=2049, sector=2358, nr_sectors = 1 limit=2048
[  310.291121][ T7876] Buffer I/O error on dev loop3, logical block 2358, lost async page write
[  310.291147][ T7876] syz.3.901: attempt to access beyond end of device
[  310.291147][ T7876] loop3: rw=2049, sector=2359, nr_sectors = 1 limit=2048
[  310.291164][ T7876] Buffer I/O error on dev loop3, logical block 2359, lost async page write
[  310.291189][ T7876] syz.3.901: attempt to access beyond end of device
[  310.291189][ T7876] loop3: rw=2049, sector=2360, nr_sectors = 1 limit=2048
[  310.291206][ T7876] Buffer I/O error on dev loop3, logical block 2360, lost async page write
[  310.291231][ T7876] syz.3.901: attempt to access beyond end of device
[  310.291231][ T7876] loop3: rw=2049, sector=2361, nr_sectors = 1 limit=2048
[  310.291248][ T7876] Buffer I/O error on dev loop3, logical block 2361, lost async page write
[  310.291273][ T7876] syz.3.901: attempt to access beyond end of device
[  310.291273][ T7876] loop3: rw=2049, sector=2363, nr_sectors = 1 limit=2048
[  310.291290][ T7876] Buffer I/O error on dev loop3, logical block 2363, lost async page write
[  310.291315][ T7876] syz.3.901: attempt to access beyond end of device
[  310.291315][ T7876] loop3: rw=2049, sector=2364, nr_sectors = 1 limit=2048
[  310.291332][ T7876] Buffer I/O error on dev loop3, logical block 2364, lost async page write
[  310.291389][ T7876] syz.3.901: attempt to access beyond end of device
[  310.291389][ T7876] loop3: rw=2049, sector=2372, nr_sectors = 1 limit=2048
[  310.291407][ T7876] Buffer I/O error on dev loop3, logical block 2372, lost async page write
[  310.291432][ T7876] syz.3.901: attempt to access beyond end of device
[  310.291432][ T7876] loop3: rw=2049, sector=2373, nr_sectors = 1 limit=2048
[  310.291449][ T7876] Buffer I/O error on dev loop3, logical block 2373, lost async page write
[  310.480893][ T7888]  do_syscall_64+0x3b/0xb0
[  310.485313][ T7888]  ? clear_bhb_loop+0x45/0xa0
[  310.489981][ T7888]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  310.495864][ T7888] RIP: 0033:0x7fe154975b59
[  310.500264][ T7888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.519858][ T7888] RSP: 002b:00007fe1547bd048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  310.528283][ T7888] RAX: ffffffffffffffda RBX: 00007fe154b06110 RCX: 00007fe154975b59
[  310.536240][ T7888] RDX: 000000000000275a RSI: 0000000020000280 RDI: ffffffffffffff9c
[  310.544199][ T7888] RBP: 00007fe1549e4e5d R08: 0000000000000000 R09: 0000000000000000
[  310.552157][ T7888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  310.560110][ T7888] R13: 000000000000006e R14: 00007fe154b06110 R15: 00007ffd6fbbef38
[  310.568075][ T7888]  </TASK>
[  310.571303][ T7888] Kernel Offset: disabled
[  310.575611][ T7888] Rebooting in 86400 seconds..