last executing test programs:

2m6.843129781s ago: executing program 0 (id=69):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x3a)
r3 = dup(r2)
bind$unix(r3, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)

2m6.668380804s ago: executing program 0 (id=71):
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x101a02, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)={0x8000203d})

2m6.455697977s ago: executing program 0 (id=73):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000500), 0x1, 0x5505, &(0x7f00000079c0)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000003})
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

2m4.478070587s ago: executing program 0 (id=77):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x438, &(0x7f0000000d80)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0")
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x200001, &(0x7f0000000100)={[{@delalloc}, {@journal_async_commit}, {@journal_ioprio}, {@nobarrier}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@data_ordered}]}, 0x81, 0x4bc, &(0x7f0000000a00)="$eJzs3c1vG2UaAPDHdvPZ7PZjV6u2K20rdaXuhxrnQ6smu3vhBBwqISpxAamExA0lThzFTmmiHlK49cABgUBCHLjzF3ChJyokxBnuiAMqghIkQEIYeWyn+XKwaGJLmd9Pmuadead+3jfW82b8zowngNQ6V/snEzEUEZ9GxLH66tYdztV/rD+4NV1bMlGtXvkmk+xXW2/u2vx/RyNiLSL6I+LpxyNeyOyMW15ZnZsqFgtLjfV8ZX4xX15ZvXh9fmq2MFtYGJ24NDk5MTI+Nrlvfb3z2kt3Ln/wZO/7P7x6/97rH31Ya9ZQo25zP/ZTves9cWLTtiMR8f+DCNYFuUZ/BrrdEH6X2vv3p4g4n+T/scgl7yaQBtVqtfpzta9V9VoVOLSyyTFwJjscEfVyNjs8XD+G/3MMZoulcuXf10rLCzP1Y+Xj0ZO9dr1YGGl8VjgePZna+mhSfrg+tm19PCI5Bn4jN5CsD0+XijOdHeqAbY5uy//vc/X8B1LCR35Irz3zP9u5dgCd5+8/pJf8h/SS/5BeO/P/l660A+i8dv7+5zrQDqDzHP9Desl/SC/5D+kl/yGVnrp8ubZUm/e/z9xYWZ4r3bg4UyjPDc8vTw9Pl5YWh2dLpdnknp3533q9Yqm0OPqfWL6ZrxTKlXx5ZfXqfGl5oXI1ua//aqGnI70C2nHi7N3PMxGx9t+BZKnpbdTJVTjcqtVMdPseZKA7nNaH9DL1B+nlMz6wy1f0btHfqmJx/9sCdIZv94D0unD6Uc7/VQ+4dcBBMv8P6WX+H9LL/D9g/h/Sx/w/pNdQi+d//WHTs7tGIuKPEfFZrqev+awv4DDIfpVpHP9fOPb3oe21vZkfk1MEvRHx8jtX3ro5Vaksjda2f7uxvfJ2Y/tYN9oPtKuZp808BgDSa/3Brenm0sm4Xz9WvwhhZ/wjjbnJ/uQc5eB6Zsu1Cpl9unZh7XZEnNotfqbxvPP6mY/B9dyO+CcbPzP1l0jaeyR5bnpn4p/eFP9vm+KfeeTfCqTD3dr4M7Jb/mWTnI6N/Ns6/gzt07UTrce/7Mb4l2sx/p1tM8aL777yZcv4tyPO7Bq/Ga8/ibU9fq1tF9qMf/+5Z/7Sqq76Xv11dovfVCvlK/OL+fLK6sXke+RmCwujE5cmJydGxscm88kcdb45U73T/059cm+v/g+2iL9X/2vb/tlm/3/668fPntsj/j/O7/7+n9wj/kBE/KvN+N+NffF8q7pa/JkW/c/uEb+2bbzN+OU3n+hrc1cAoAPKK6tzU8ViYUlBQUFho9DtkQk4aA+TvtstAQAAAAAAAAAAANrV+jLgvn27nLjbfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAx+DQAA//+iodfy")
mount$bind(&(0x7f0000000040)='./file1\x00', &(0x7f00000000c0)='./file1\x00', 0x0, 0x3002, 0x0)
syz_mount_image$fuse(&(0x7f0000002180), &(0x7f0000002080)='./file1\x00', 0x80b0, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0)

2m3.052855939s ago: executing program 0 (id=84):
socket$inet_sctp(0x2, 0x1, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400"], 0x48)
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f00000002c0)={{0x2, 0x4e21, @broadcast}, {}, 0x8, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x39}}, 'lo\x00'})
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

2m1.907726216s ago: executing program 0 (id=90):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2a, &(0x7f0000000100)=r2, 0x4)
sendmsg$unix(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000200)="c3ff", 0x2}], 0x1, 0x0, 0x0, 0x40000}, 0x20004011)
recvmsg$unix(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000400)="3304", 0x2}], 0x1}, 0x2404c140)

2m1.571438691s ago: executing program 32 (id=90):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2a, &(0x7f0000000100)=r2, 0x4)
sendmsg$unix(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000200)="c3ff", 0x2}], 0x1, 0x0, 0x0, 0x40000}, 0x20004011)
recvmsg$unix(r0, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x10002)
sendmsg$inet(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000400)="3304", 0x2}], 0x1}, 0x2404c140)

1m32.653972991s ago: executing program 3 (id=244):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xaece, 0xfffffffffffffffe)
read$FUSE(r4, &(0x7f0000002200)={0x2020}, 0x5cd)

1m32.409997425s ago: executing program 3 (id=246):
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r0, 0x5607, 0x2c)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$TIOCL_BLANKSCREEN(r1, 0x541c, &(0x7f0000000000))

1m31.463881669s ago: executing program 3 (id=251):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r2, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x9)

1m31.139170734s ago: executing program 3 (id=255):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000000), 0xfe, 0x264, &(0x7f0000000700)="$eJzs3TtoJHUcB/Df7MM1JkjURhAfICIaCLEQBBttFAISgoigQkTEShIhJthlrWwstFZJZRPE7nJXHteEaw6uzd2lyDVXXLjiwhV3xR6zs3tsNhvy2Mccmc8HNjP/nf9rYL7/TIqZBFBYkxHxUUSUI2IqIqoRkXRWeCP7TLaK62NbCxGNxuf3kma9rJxptxuPiHpEfBBRaR9b3fx698H2p2//vlJ969/Nr8ZGdX6d9nZ3Ptv/Z+63C7PvrZZa3020tp3nMUhJj+8qScSLwxjsKZFU8p4BJzH/y/830ty/FBFvNvNfjVIrsn8sP3OlGu/+fVTbP+9ef2WUcwUGr9Gopr8D6w2gcErNe+CkNB0R2X6pND2d3cPfLCfx49Lyz1M/LK0sfp/3SgUMQFLP/u7d+eRS7eJ4V/7vlLP8n8j7Q54pMBRp/r+Y37iV7u+X854NMBKvZps0/1Pfrr0T8g+FI/9QXPIPxSX/cA6cMbvyD8Ul/1Bc8g/nWLW9U+95WP6huOQfiqsr/7k8jwvkozP/AECxNGp5P4EM5CXv9QcAAAAAAAAAAAAAAAAAADhsfWxrof0Z1ZhX/4rY+zgiKgfHrzWPlpv/jzji2ebP5+4nabUnkqxZX755vc8O+vTfgJ++nqudrv7ztwc7/mlde204/f56sHjku+3WFiPqaeWZSuXw9Z+0rr9jHdn/C8c0rH53sgEGJekqf/jlaMfv9mgj3/FntyMup+vPTK/1rxQvN7e915+Jzlcsn9FPD/vsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJF5HAAA//+4Vmsn")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x50)

1m30.274073397s ago: executing program 3 (id=258):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r0}, 0x18)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10)

1m29.530495859s ago: executing program 3 (id=261):
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x3ac6, &(0x7f00000001c0)={0x0, 0xfffffffd, 0x10100, 0x4, 0x37c}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)=ANY=[], 0xc48}, 0x0, 0xe3d08660d3cd4684})
io_uring_enter(r0, 0x92, 0x0, 0x0, 0x0, 0x0)

1m29.085689575s ago: executing program 33 (id=261):
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r0 = syz_io_uring_setup(0x3ac6, &(0x7f00000001c0)={0x0, 0xfffffffd, 0x10100, 0x4, 0x37c}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)=ANY=[], 0xc48}, 0x0, 0xe3d08660d3cd4684})
io_uring_enter(r0, 0x92, 0x0, 0x0, 0x0, 0x0)

1m27.146706885s ago: executing program 2 (id=279):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r1, &(0x7f0000000340)=ANY=[], 0xff2e)
ioctl$TCXONC(r1, 0x540a, 0x2)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000100))

1m26.83396108s ago: executing program 2 (id=280):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000003c0)={'syz0\x00', {0x9, 0x0, 0x1, 0x400}, 0x36, [0x40000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9f1, 0x0, 0xfffffffe, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x8, 0x0, 0x0, 0x40000, 0x687, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, 0x80000001, 0x0, 0x2, 0x51, 0xfffffffc, 0xfffffff8, 0x0, 0x0, 0x1, 0x0, 0x80, 0x0, 0x4, 0x3, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x6], [0x2, 0x0, 0x0, 0xfffffffd, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x9, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0xfffffffd, 0x2000000, 0x40, 0x1, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x8000, 0x0, 0x3, 0xfffffffd, 0x0, 0x1, 0x0, 0x7, 0x40, 0x0, 0x2], [0x8, 0x0, 0x0, 0x0, 0x0, 0xbd8f, 0x2, 0x1, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xfffffffc, 0x6, 0x0, 0x0, 0x0, 0x7fe, 0xa, 0x0, 0x0, 0x800000, 0x40004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xffffffff, 0xfffffffe, 0x3, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x1, 0x7ff, 0x0, 0x5, 0x4, 0x2000000, 0x0, 0x4], [0x4, 0xfffffffc, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x401, 0x5, 0x0, 0x3, 0x5, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0xffd, 0x6d, 0x5, 0x0, 0x0, 0x0, 0x80, 0x4, 0xfffffffc, 0x3, 0x0, 0x0, 0x8f3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3]}, 0x45c)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r0, &(0x7f00000000c0)="8f2a0a65bd8c2c2b0304000e0580a7b6070d63e286a5cefe", 0x5ac)

1m26.680730712s ago: executing program 2 (id=281):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.throttle.io_serviced_recursive\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
ioctl$SIOCSIFHWADDR(r0, 0x8b26, &(0x7f0000000080)={'wlan1\x00', @random="0020008d0006"})

1m26.561544174s ago: executing program 2 (id=282):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x0, &(0x7f0000000140), 0xc1, 0x7c1, &(0x7f0000000f80)="$eJzs3ctrW1caAPDvyq/YyYw9MDCTWRkGZgwh8jjjSWZgFhlmMQw0EGjXTYysmNSyFSw5xMaQhFLoptCWLgrtJus+0l23fWzb/6KLkpC2jmlKF63Kla9sOZYcO7WkgH8/uL7n3IfP+XTu40j3IAVwZI2nf3IRJyPi9SRiNFueRMRAPdUfcX5zu0fra4V0SqJWe/7bpL7NxvpaIZr2SR3PMn+MiM9eiTiVSxcc21FuZWV1fqZUKi5l+cnqwrXJysrq6asLM3PFueLi2anp6TPn/nHu7OHF+v2Xqyfuv/G/v354/seX/3D3tc+TOB8nsnXNcRyW8RjPXpOB9CXc4b+HXViPJb2uAE8lPTX7Ns/yOBmj0VdPtTHczZoBAJ1yMyJqAMARk7j/A8AR0/gcYGN9rdCYevuJRHc9+M/mo8mN7Nnmo634+7Nndsfqz0FHNpIdT0aSiBg7hPLHI+Ldj198P52iQ88hAVq5dTsiLo+N777+J7vGLBzU3/ZaWRuqz8YfW+z6B93zSdr/+eeO/t/WKI9G/yda9H+GWpy7T+PJ53/u3iEU01ba//t309i27f5frrHJWF+W+029zzeQXLlaKqbXtt9GxEQMDKX5qfqmrUdBTTz86WG78pv7f9+9+dJ7afnpfHuL3L3+oZ37zM5UZ35t3A0Pbkf8qb9V/MlW+ydt+r8X91nG///16jvt1qXxp/E2pt3xd1btTsRfWrb/dlsme45PnKwfDpONg6KFj756e6Rd+dvtP1Sfp+U33gt0Q9r+I3vHP5Y0j9esHLyML+6MftpuXfPx3zr+1sf/YPJCPT2YLbsxU60uTUUMJs/tXn5me99GvrF9Gv/En1uf/+2O/1w2NvbyVm5v/fe/+SD7Vy3jr7vVLv7OSuOfPVD775GoZfs8turuo/m+duXvr/2n66mJbMl+rn9PqGkj8eTGAwAAAAAAAAAAAAAAAAAAAAAAAIBDkIuIE5Hk8lvpXC6f3/wN79/HSK5UrlRPXSkvL85G/beyx2Ig1/iqy9Gm70Odyr4Pv5E/81j+7xHxu4h4a2i4ns8XyqXZXgcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJnjO3///2Y6y+c313091OvaAQAdc6zXFQAAus79HwCOnv3d/3/O5sMdrQsA0B0Hfv9fSzpTEQCga/Z9/7/c2XoAAN3j+T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAddvHChXSq/bC+Vkjzs9dXlufL10/PFivz+YXlQr5QXrqWnyuX50rFfKG80PYf3dqclcrla9OxuHxjslqsVCcrK6uXFsrLi9VLVxdm5oqXigNdiwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9q+ysjo/UyoVlyT2TAz3pvTBZyH2Von+6HKhuYjoYBG1vs3z4dl4efuj9wdA81ViuEdXJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBn3y8BAAD//zdDIAY=")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x165142, 0x110)
fallocate(r0, 0x10, 0x0, 0x2000)

1m26.108842601s ago: executing program 2 (id=284):
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f00000000c0)='.\x00', 0x4000000e)
r1 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000180)={0xa0, 0xfffffffffffffff5, 0x0, {{0x3, 0x1, 0x5, 0x6, 0x5, 0x1, {0x5, 0x180, 0xff, 0x1, 0x2, 0xd615, 0x5, 0x800001, 0xfffffffd, 0x8000, 0x0, 0xee00, 0x0, 0x3fa, 0x1}}, {0x0, 0x1f}}}, 0xa0)
r2 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
write$P9_RREADDIR(r2, &(0x7f0000000140)={0xb, 0x29, 0x2, {0x5}}, 0xb)

1m23.603584729s ago: executing program 2 (id=296):
syz_mount_image$nilfs2(&(0x7f0000000380), &(0x7f0000000a40)='./file0\x00', 0x0, &(0x7f0000000a80), 0xf, 0xa02, &(0x7f0000001ec0)="$eJzs3U9sXEcdAOB5a68d16mzhgKmoYmBAqmgTrCtKrmkMZRrpN7KsQppiHBTlHBpVakpUsUNRap67IGqh1wQFeLSA1JEVUQvQZQ7CoVKVVGgFQipoNYo9sx6d+zH/rG99vp9n/Tz+L2ZfTPPu943fp6dCUBl1Va/Li7OFCG89PqLj/zkD698twghHG2WaLSUW9uqhxCKtsevuxUzPv7w2XObpUWYX/2atsPZ283HToYQrobZcCM0wsL7j829ubT08vWbj16efuH02zt0+gAAUCln3/jH7x94761vTP/nF0fOhPHm/tQ/b8TtydjvPxH793n/v2hJi5btZCwrNxIj//thJCs3mtUzWlJfPTtOvaTcWIf6Rlr2bXaeALAfrN/XK2pzbdu12tzc2nX/jlvjY8XcpYvLT1zZpYYCANvmXw+HEM4IIYQQokqxcmi3eyAAQNXl44U3uJqPLNia5tEOdFf/7aXa5o+HbTDo17/6h6v+V5/3jsP22a+vpnRe6fcojWPIxxGOZI/r9fe/lh1ntMd2lo0rHJbxhmXtzH+ue1VZ+3t9HndLWfvz8bB7VVn783G6e1VZ+8cH3I5+lbX/wIDb0a+y9k80v9uvV7jtcd/q1/V3iyNZfuv1M39PH5b3eACg3UfG/wkhhBCVi+d2uwMCAOw5+fw4K1HKz+fjyfPzeXjy/HxeoDx/vEP+gQ75AMBGC7+68PNrxfr/+bc6Hi6Nu7grppM9ticfrdFr/Vsd97TV+odl3BIA1fbUTxe/89aZpZG1+X/Xr2WfZPP/prl6r8XtNO7yYLbdnPt3tr2eWkm5gztxUgDA/5Wuv2Xz/94dt2dCvXji4vL5E3F7Kqa/G6+P39n/zQG3GwDoX7fz/8+E9vn/Dzb312ut/YJD6/uL1n5BI9s/X7J/IW5Px/T74xOr++fOPbX8ve0+eQCoqDe+dfC1D357Kazd/1///3e6/59u4zfiWLsPYoHUT0j3Bzbc/z/WXs9UWbkT7eUOlZU72V6ukZWrx8jn3cjHB05kj0vjFNK4h9TfSeMap8vak02QMZaVG41xd9aeqaw9G873RHt78nloUv2NbH8+7iGVmw4AsNGVp5/5wePLy+cv+8Y3vqngN8+FEDbL2u13JmCnHf/Rkz88fuXpZx68+OTjF85fOH9pYXH+1KmHFucXHzq+el//eOvdfQBgP1jv9O92SwAAAAAAAAAAAAAAgDKD+KTxbp8jANDu7w+HEM6ILEb2QBuEECk+2gNtEGKfxcpKvuIvAMBg9bre/lY1jxbn80/rHqT04IN/nL4Tqdjtpfb+kvWL2U6Dfv2rf7jqf/X57a2/ub5I1+9/tfYDzPZX761fnjzZWv+9o13Wn5//sf7q/3NW/9dCd/Wv/Cyrv8+pcd/J6r+ry/o3nP/J/ur/S6z/nrh97Mvd1t/+/Kf1dtJyOBPZ+UyW1P/Xevv5p7X9ej7/Az2cdIt34/kDQBXVdrsBOyT1ElI/OvVDWtfnCy3r7IWsfLf9/1p2nHy9vn6l46Z+0BfjdurupHUD8/UOe21/Wp9wKjtu0WW/tuz1Myz/VSpr/3Y9jzutrP35epB7VVn7xwbcjn6VtT//vdyrytrf559VA1fW/okBt2NYHY5p2fUwXX+mYl7abmTbk5s8F/u1bwEAw+7bp2/ef+3rozfy9fnTdT39GTgZ/6a+npXL+wsTWd+xyMp/KaY/jukrMf1NTN/Jjrez/20DgGp6z+f/hBBCiMpF1T//5/4CVVb113/Vz7/a7/6e/07S6yO/j5+Mdsivt+SPbJI/1uHx41l+/nwd6JB/T3bclSjlf6ZD/mc75H+uQ/5Mh/xDHfLv7ZB/uEP+FzrkH+mQf7RDPgDD6fMx9f4OANWRj/tz/QeA/S9NrOP6DwDV8amYll3/7+uQDwAMn0/H1PUdACqk2Hymx63O2wMMjzS/dPo9j8uBhPtj+pWYfjWmab2UPpdfAfaA//7713+7VqzP93c4y+92Pvmi1v7Ju3z9nwe6bE/++b1e57NvdFnPTtU/vcX6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABis2urXxcWZIoSXXn/xkX+e+tO7RQjhaLNEo6Xc2la9ZXu27TghvFaspR9/+Oy51vSTmBZhPhShaO4PZ283a5oMIVwNs+FGaISF9x+be3Np6eXrNx+9PP3C6bd38EcAAAAA+97/AgAA//87+jkE")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

1m23.249621614s ago: executing program 34 (id=296):
syz_mount_image$nilfs2(&(0x7f0000000380), &(0x7f0000000a40)='./file0\x00', 0x0, &(0x7f0000000a80), 0xf, 0xa02, &(0x7f0000001ec0)="$eJzs3U9sXEcdAOB5a68d16mzhgKmoYmBAqmgTrCtKrmkMZRrpN7KsQppiHBTlHBpVakpUsUNRap67IGqh1wQFeLSA1JEVUQvQZQ7CoVKVVGgFQipoNYo9sx6d+zH/rG99vp9n/Tz+L2ZfTPPu943fp6dCUBl1Va/Li7OFCG89PqLj/zkD698twghHG2WaLSUW9uqhxCKtsevuxUzPv7w2XObpUWYX/2atsPZ283HToYQrobZcCM0wsL7j829ubT08vWbj16efuH02zt0+gAAUCln3/jH7x94761vTP/nF0fOhPHm/tQ/b8TtydjvPxH793n/v2hJi5btZCwrNxIj//thJCs3mtUzWlJfPTtOvaTcWIf6Rlr2bXaeALAfrN/XK2pzbdu12tzc2nX/jlvjY8XcpYvLT1zZpYYCANvmXw+HEM4IIYQQokqxcmi3eyAAQNXl44U3uJqPLNia5tEOdFf/7aXa5o+HbTDo17/6h6v+V5/3jsP22a+vpnRe6fcojWPIxxGOZI/r9fe/lh1ntMd2lo0rHJbxhmXtzH+ue1VZ+3t9HndLWfvz8bB7VVn783G6e1VZ+8cH3I5+lbX/wIDb0a+y9k80v9uvV7jtcd/q1/V3iyNZfuv1M39PH5b3eACg3UfG/wkhhBCVi+d2uwMCAOw5+fw4K1HKz+fjyfPzeXjy/HxeoDx/vEP+gQ75AMBGC7+68PNrxfr/+bc6Hi6Nu7grppM9ticfrdFr/Vsd97TV+odl3BIA1fbUTxe/89aZpZG1+X/Xr2WfZPP/prl6r8XtNO7yYLbdnPt3tr2eWkm5gztxUgDA/5Wuv2Xz/94dt2dCvXji4vL5E3F7Kqa/G6+P39n/zQG3GwDoX7fz/8+E9vn/Dzb312ut/YJD6/uL1n5BI9s/X7J/IW5Px/T74xOr++fOPbX8ve0+eQCoqDe+dfC1D357Kazd/1///3e6/59u4zfiWLsPYoHUT0j3Bzbc/z/WXs9UWbkT7eUOlZU72V6ukZWrx8jn3cjHB05kj0vjFNK4h9TfSeMap8vak02QMZaVG41xd9aeqaw9G873RHt78nloUv2NbH8+7iGVmw4AsNGVp5/5wePLy+cv+8Y3vqngN8+FEDbL2u13JmCnHf/Rkz88fuXpZx68+OTjF85fOH9pYXH+1KmHFucXHzq+el//eOvdfQBgP1jv9O92SwAAAAAAAAAAAAAAgDKD+KTxbp8jANDu7w+HEM6ILEb2QBuEECk+2gNtEGKfxcpKvuIvAMBg9bre/lY1jxbn80/rHqT04IN/nL4Tqdjtpfb+kvWL2U6Dfv2rf7jqf/X57a2/ub5I1+9/tfYDzPZX761fnjzZWv+9o13Wn5//sf7q/3NW/9dCd/Wv/Cyrv8+pcd/J6r+ry/o3nP/J/ur/S6z/nrh97Mvd1t/+/Kf1dtJyOBPZ+UyW1P/Xevv5p7X9ej7/Az2cdIt34/kDQBXVdrsBOyT1ElI/OvVDWtfnCy3r7IWsfLf9/1p2nHy9vn6l46Z+0BfjdurupHUD8/UOe21/Wp9wKjtu0WW/tuz1Myz/VSpr/3Y9jzutrP35epB7VVn7xwbcjn6VtT//vdyrytrf559VA1fW/okBt2NYHY5p2fUwXX+mYl7abmTbk5s8F/u1bwEAw+7bp2/ef+3rozfy9fnTdT39GTgZ/6a+npXL+wsTWd+xyMp/KaY/jukrMf1NTN/Jjrez/20DgGp6z+f/hBBCiMpF1T//5/4CVVb113/Vz7/a7/6e/07S6yO/j5+Mdsivt+SPbJI/1uHx41l+/nwd6JB/T3bclSjlf6ZD/mc75H+uQ/5Mh/xDHfLv7ZB/uEP+FzrkH+mQf7RDPgDD6fMx9f4OANWRj/tz/QeA/S9NrOP6DwDV8amYll3/7+uQDwAMn0/H1PUdACqk2Hymx63O2wMMjzS/dPo9j8uBhPtj+pWYfjWmab2UPpdfAfaA//7713+7VqzP93c4y+92Pvmi1v7Ju3z9nwe6bE/++b1e57NvdFnPTtU/vcX6AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABis2urXxcWZIoSXXn/xkX+e+tO7RQjhaLNEo6Xc2la9ZXu27TghvFaspR9/+Oy51vSTmBZhPhShaO4PZ283a5oMIVwNs+FGaISF9x+be3Np6eXrNx+9PP3C6bd38EcAAAAA+97/AgAA//87+jkE")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

54.54811324s ago: executing program 4 (id=548):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000200))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x80002, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000700))
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000a00)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2, 0x6}}, 0x20)

54.441671262s ago: executing program 4 (id=543):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x1000000, &(0x7f0000000080)={[{@discard}, {@journal_dev={'journal_dev', 0x3d, 0x9b}}, {@nobarrier}]}, 0x1, 0x7b9, &(0x7f00000007c0)="$eJzs3d9rHNUeAPDvbJLmR3tvcuFy7+1b4EJvoHRzU2Or4EPFBxEsFPTZNmy2oWaTLdlNaULAFhF8EVR8EPSlz/6ob776A3zS/8IHaamaFis+SGR2Z5M02c2vJtloPh+YzDkzsznnO+fMzNmdYTeAQ2sw/ZOLOB4RbycR/dnyJCK6aqnOiHP17R4uLvRERCGJpaWXfkpq2zxYXCjEqtekjmaZ/0TEV29EnMytL7cyNz85VioVZ7L8cHXq6nBlbv7UlamxieJEcfrMyOjo6bNPnj2ze7H+8t38sbvvPP+/T8/99vq/b7/1dRLn4li2bnUcu2UwBrN90pXuwkc8t9uFtVnS7gqwI+mh2VE/yuN49EdHLdVC737WDADYK69FxBIAcMgkrv8AcMg0Pgd4sLhQaEzt/URif917NiJ66vE/zKb6ms7snl1P7T5o34PkkTsjSUQM7EL5gxHx4eevnOjI8mk93EsD9sONmxFxaWBw/fk/WffMwnb9f6OVS9212eCaxYft+gPt9EU6/nmq2fgvtzz+iSbjn+76sfuvxy1/8+M/d+dxy9hIOv57pv5s25rx3/JDawMdWe5vtTFfV3L5SqmYntv+HhFD0dWd5kdqmzYfuQ3d//1+q/Kz8d/H6fTzu69+lJafzle2yN3p7H70NeNj1c5vHjfwzL2b0Zcl18SfLLd/0mL8e2GLZbzw9JsftFqXxp/G25jWx7+3lm5FnGja/ittmWz4fOJwrTsMNzpFE599/35fq/JXt386peWn892PtLl7N6PWAZJkZR/U1yzHP5Csfl6zsv0yvr3V/2WrdZvH37T/jx1JXq6lj2TLro9VqzMjEUeSF9cvP73y2ka+sX0a/9B/mx//9WKb9//0PeGlLcbfeffHT3Ye/95K4x/fuP+vaf+ebPHKks0Stx9OdrQqf2vtP1pLDWVL0vbfLK6t1GtnvRkAAAAAAAAAAAAAAAAAAAAAAAAAti8XEcciyeWX07lcPl//De9/Rl+uVK5UT14uz06PR+23sgeiK9f4qsv+Vd+HOpJ9H34jf3pN/omI+EdEvNfdW8vnC+XSeLuDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM0Ra//5/6obvdtQMA9kxPuysAAOw7138AOHy2d/3v3bN6AAD7x/t/ADh8tnz9v7S39QAA9o/3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyxC+fPp9PSr4sLhTQ/fm1udrJ87dR4sTKZn5ot5Avlmav5iXJ5olTMF8pTLf/RjfqsVC5fHY3p2evD1WKlOlyZm784VZ6drl68MjU2UbxY7Nq3yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg6ypz85NjpVJx5i+RuLES2C7/5962xtV3MHbvqkRnHIhqHOhEdxyIauwwsfos0duGMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn8MfAQAA//94WBdi")
mkdir(&(0x7f0000000000)='./control\x00', 0x81)
r0 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000400)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8)
rmdir(&(0x7f0000000100)='./control\x00')

54.222390725s ago: executing program 4 (id=544):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file0\x00', 0x0, &(0x7f0000000240), 0x1, 0x5599, &(0x7f0000005680)="$eJzs3X1oVecdB/BzTaKhFpPV1alY6RSqdGVTW5DNUeNLZjvfkhq0NTXGaWudrViZW9qJCwliOi2NSh2jrjhkRVtWApO+iFPXoUM2psikszLnim44ahZ1gh2Tjdx7n+u955rk1nVNXz6fknvuc3/nec5zD+eP+731OTcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAKIoSm289OevImvqxM8fNeeA/j7y669ljk5aNPnL25/N3TCuqWv1U3fSGlrq5UzqaKxfPP3p1/aEoSqT6pfsvnHzfA4/OWTizNAxYX53alpd3ecjk4+lUo2/Oi539cv8WRVFUEhugKL2tLMpqJ+IHiFblD9it6k1X3lxWM/XtxssXJg6vHbU3/63TqbS3J9Bb0tfVmWvXUkXysU9sj0w769JL5Fyiqf7xC+4jeRMAwAcypiq5yXwcTX/EzbQb4/VYuyLWbo21wyeE1uzGjUiN27ered4er/fSPCtSUaFfl/OM1dPnP9OuivePtWNR4wPMM3fXdKQp7WqeK2P13ponAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMfJu5PmXZgy/cXLfSfV7hiy4a+z+mxcv+9UbfVLd+2sPrHujf61ddMbWurmTulorlw8/+jV9YeiqDzZL5Hqnnhj08Kn+tbNfHDzQ2srZ0w49FpRetywLc7aOfpjePLVsij6VlblTBj23IAoqsotJJvRj/MLy5JP7g8FAAAAPk2GJB/7ZNqpOFiS004k02Qi+V+QCovVm668uaxm6tuNly9MHF47au+Nj1fVxXgV1x0v0y6/9pfICsYh/sbHu1YPu67KG6d78RHjef7YtHdmnBlRf27rlfNNTWsv7h534K73tkw93/zNd/av6Hf/cyPy8n959/k/nDn5HwAAgP+F/B8fp3s95f+3ZlfOaPvDvT/6/biv/31o9cZ3m/YmVg09vmLkd+ZNPPXa869fzcv/t+ccMi//hxmH/N8nurH8DwAAAB9n/+/8X5E3Tvd6yv/PHDwxdM+ogzWN0furyv6VOLhk36nnvtZ8ec29216oPDvrsf55+X9MYfm/OHva4cXfhQkvL4uiMYWfVAAAACBH+P/u175aCHk99c1BPK+/PP7FnRdLZxYvKf7yrl3bnl5TevcdA5fWLn5l9EtDnjg8/9nVefm/orD8X/LRvF0AAACgAIs23L100D/mjd+2pH32rVePVg66Z/vRO25un7G6Zv2kFbec/kpe/q8qLP/36523AwAAAFzHsfmPLFrxt9071v16xOQxpe9PGTn7e3WX9hwe++9RNR0vjP/GW3n5v76w/H9Tepte+ZDqdCj8K4QtZVFU2vlkZarwm6h1YqYAAAAAfEhCTm/44eylDZuf2fbPizV3vtJ8y8utf374C+V3bpz2s+9vOT63adO+vPy/svv7/4c7HYT1/zn3/8tb/59VSN31b4IbAwAAAPBZlL+eP9weP/XLBV39/n6h6/8fe3r4o1u/+5Olv7itfHfitpNPfumJ5ocrfzpwYHvL6JHNRYNL8vJ/Y2H5vyh7+2H+/h8AAADcgE/a7/89lDdO93q6//+0BesOL2gf+/kDLe3Pjxn02znFDy7Y+af2m/c/Oax9/7nzLcPy8n9rYfk/bPtnv70D4fw0l0XR4M4n6bsJ7grTXR4rtJVkFVInPtZjTuiRLrT1yyokrYz1GFcWRV/sfNIYK3wuFFpjhY4B6cL2WOFIKKSvh0zh1VjhQLjStg5ITzdeeD0U0gss2sIKiv6ZJRGxHpe66tFZuG6Pk5mDAwAAfKaE8JzOsiW5zSgeZdsSPe1wU0879Olph6KediiO7RDfsavXo/rcQnj9L6dXv/f48l/WTmi4Z+7kPcOOP37f2bE/+PbaX83uv6XxxKUpTXn5f3th+T+cir6pTVfr/6Ow/j/9u4aZ9f/1oVAeK7SFQlX8jgFV4RipsLshHKO8Kt2jY3CmAAAAAJ9q4XuBol6eBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBf9u49Sq6qThTw7nd30uk0OI6AykSdJEZMdydBlICLPERUjHQYZFTGPEg65NEkIQ8kwYWBsBwUdQLBxDvDXQS4WYCixDgEERgSlcC9RHnNMAzyFLiBUSFc3nCZ3NV9aleqzulKV0wa0tzv+6NrV/3289Sja59zah8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPj/w+BDv7LgilOeuWnkC3936imNC59+bsxlB3/kiPqb5h48/PUtd8+6fcrxZ10w5eSJO1YeO+Mrd7/591tDaO8uV5EUr/j5RVOX1U6Z9KWLv3zOsZ8/auum2ly9uXgY2PWnMnfn/Njqk4NCuKEihOp0YGRjEqjJ3W+M9b2vMYQDwq5AvkTHgKREuuFwW0MI68KuQL6qGxtCaCwInHTvL2/9blfikoYQhoYQ6tJtPFyXtNGQDgyrTQID0oEF1UnglZ2JfODnlUkA9lp8M+Rf9BvaizM091yuxOuvZp917O2VHl5VTDSXzven8X3cqQK16Qfa9+ppy1RHn8i8PTZ7t/WDd1tmO6/ytBV+kcp9Q9m5K1QXKmd2zJq+tHNJfKQytLRUlaqpj57nh5//+ow9Sfeb12HsQPM+eR1W7dh+59mNn7pu9aD1r64ce+WWve3mQwWbtDDd1+pC7jXXb57HaJzPk37w9st8SxriS1cI4V9vqNv26hcuf/nTa7ZcPem8v13zzIjTW9veuO+F6yctWLXg+v/+i8z8v3n38//4co63lUW5Y6tvNCVz8/hIY0w815TMzQEAAKDf6A97Tac+NOvF4b/5xD9PvvHR7YOO/5tFqw/+de2Wdz34VOX4Z285ecT81zLz/yHlHf+Ph/wbC0e7OYRx3YmVg0M4qPvxJHBN7M6pg0P4QHeqvTgwPhXYHMLB3YkR+apSJepjiSGpwPamXGBcKrA1BtpTgfUxsCoVOD8GNqQCM2JgcyowIQbCnOJxfKQpN46yAw0xMC3ZiBviWQgvNMXWUtvqd/mqAAAA9pHc7LCm+G7BuQ57myFOLzc09JYhnoFdMkNdqob0DDY/rSpZQ3VvNVT2VkN+3Ct2P/xMzRW91Zw5DaOiOMPSb/7h/rFfXDW3euj22sNemnfczN8d8/41O1s++uPanT8cd9fahsz8v2338/+6HjpSkTn+H8Lk7r8xd2Uu0pmPT2svygAAAADshdETP/ZPl733l9fdcuLnfzv4jiOv2PjDqbVjv/XK0nt+uGLCudt+dEFm/j+uvPP/4z6RqoLMYVvcDTFvcAhtxYGk2qOygeSo98BcAAAAAPqD/PH4/LHwObnb5BTt9Hw6m799D/PHA//jesw//pC/fmzDf8z99k8nTjli7TmPzd9+1+EfrWn7m+cf/tIF86Z947JvZub/7eWd/z+g+DbpxNbYi9WDQ6gvCNwee9kV6DYkBh47pjiQG//WuAEujFXlTkzIV3VhLDEtBtpSgXWlStydL3FQcSD3ZOUbX5kfx5xciYIAAAAAvOXi7oB4XD6e/3/fgg/PPmpb3aG3rKr46V/uuKZz4vVtNc+M/VXT61/4whNff63xzMz8f9qenf/fPQ/OnN7fOTCE1uoQqtI/DNg2IFkYMAYaK3KJWwYkdVWlqzp3QAhHdw0sXdXjufX/q9NrDN7bkFQVAwd98Ornh3UlrmwIobUwcP8pl3+sK7EkFcg3/sWGEP6qa7Tpxq+vTxqvSTe+tj6EQwsC+apOrQ+hq7HadFW/rMtdxyBd1XV1IbyrIJCv6oi6EJYFAPqp+K90ZuGDi5ctnze9s7NjUR8m4j78hjBrTmdHy4wFnTPrSvRpZqrPRcsYnZsdU8nlkFLiEkWr7lk7tJx0/neCbYV9ye3Hz5w4mLsfvwvVdI9zdE3R3THpIX/4Q9kmQsE3qbdryAMKK9n1JGbqj/lrw8BQv3Rxx6KWs6YvWbJoVPK33Oyjk79xUMm2GpXeVgN66tt+8PIYXlhJ65LTF7YuXrZ85JzTp5/WcVrH/NFtYw5vO3LMqCM+3to1qrbkby9DHd5T1amh7rz8rR/qIdUFlbwVnxoSEhL9LfE/zjj95DuOnPOpE+5d+oGj1oybcPaNh89qXXPb9ZPWT3ts8I9GXZKZ/y/c/fw/furET/7c+gyljv83x8P8yeO7DvNPi4F15R7/by51ND9/YsCQVGBFDKxwmB8AAIB3hrg7Mu52jHutH6q74qrDL3329C2jJn7tzOaRv57wwXEHfvqML99x3H/+3/d/7xN//N+Z+f+K8n7/v4/W/88vXf+5Usv8j4gl2kqt/59e5j+//v+KUuv/p5f5z6//v+5tWP9/aT6Q2iQvWP8fAAB4J3jr1v/vdXn/9AUCMhl6Xd4/fYGATIZel/Ev9wIBe7z+/5PHXPv0B97/TPvPrr/j8ekXn3HOx9fUD9uxrL7l9m//+y9u/MqpgzLz/1Xlzf8t3A8AAAD7j2uPffLfjr3q+7ec3Pjsj2sWzT7/5vNuahz2WsWsjfMnDJh8zez/ysz/15U3/3/r1/8Lpc7/H1Iq0F5qYUDr/wEAANBPlVr/b/tP6i+9sHHHuk0bXv/ske9+/Tt3fOdrry34wQ8+89H3zV48adyEmzPz/w3lzf/jaReVRbljb95oSta0C+k17Z5ryv9kAAAAAPqHytDSUlNm3qKVUcf/+W3GpUB3ly504nE//WT70HffPufaKa3/cN99Ha2H3NnUsH7+zi+d8PTyp05YeWVm/r+5vPl/0e8yqnZsv/Psxk9d98bqQetfXTn2yi27jv8DAAAAfafc/RIAAAAAAAAAAAAAAMDb770Lxoy/t+Xxd1+0evn5zdddcfmbm1q3fPUfL6na/uHZf7hg7uiGzO//w+TucqV+/x+v+xd/X/AXRbljq72v/5e7f9LxP1nWvWThtqYQPlQYmHfevANC7tr8wwsDt351xHu6EuelS9z8yISnuhJT04HPjDzw5a7E0anAtLhI4sHpQLyq4suDUoG4vOJ96UDcHhvSgdpc4FuDknFUpLfVM43JtqpIb6sHG0MYXBDIb6sbGpM2KtIDvCQVyA/wjHQgDvALuUBlulc/GZj0KgYaY9HLBia9AgBgvxW/BdaEWXM6O9riV/h4e0h18W1UtGTZudlqq8psPi5NtuqetUPLSVelv4vuutZ4TajrGsKozNfVwiwV3aPcN7X0sun+osSQe1vtra82XW3pETUkI2qZsaBzZk2vAx/Te5bR1b1mGZWZ7BRmqezepGXUUkZfyhhRmdumjC7H+5WhpaUqlWtsDDaHIr29Isr9vX5Pa/6VekV0+cSXb/rD41ubPn3Ye9pPO/+eyvff+6sDr3jxQ688dN1hm/7bR9b++urM/L+5vPl/XeG4Xs5dDGBFvLLeUYNDmFbmiAAAAOCdb/b8Ry6+4FcXbX+sfdhTC1ovuvWBZT9YXt10zfnHPnjzmS+d8r2pexu/9skTfvvAb3+0cdj4WxaOGfDEWVdedtw9d92xetvxb95w2P8ZOePRzPx/SHnz/7hjLHcoONnbsTle/3/l4BC6L63fnASuicM9dXAIH+hOtccSyQX1PxdLtCWBa+IOkxGxxLT24qrqY2BDKrC9KRfYnApsjYHcXoqrQ25XzkVNIXysOzW5uMTCWKI5FTghBoakAi0x0JYKDIqBcanAHwflAu2pwJ0xEOYUb6ufDcptKwAAgD2Rm2fVFN8N6XnehureMlT0lmFAbxkqe8tQ11uGUqOI9zfGDDWFx+NzGeJDNelaG1K1ZDLEi+Hvcb8yGcLdxTnTBTNN588kaS7OGTN8+x8f/OT0lx6+YemP3hh+4rmf/PH3tm16be4Tp40cPO3VsfNGfPuPmfl/W3nz/wHFt0nrW+P8f9f1/5LA7bF7q+Op40Ni4LFjigO5HQNb42T3wnxV7bkSuUn7hbHEuBgYkgosjIFxqcC0ybnAuvcUB3Iz7XzjK/ONz8mVKAgAAADAWy7uIIi7aeL8/9K/mz353O+0dqyc9dWnps0Y+ukDL33fpcfcNOk3c9cedOCpd14zLzP/H1fe/D+2N7CwsfNjb54cFMINFbt6kw+MbEwCcT9GY/x5/PsaQzigYAdHvkTHgKREbarhcFtD8gv12nRVNzYkawzE+yfd+8tbv9uVuKQhhKEFe1/ybTxcl7TRkA4Mq00CA9KBBdVJIO75yQd+XpkEYK/l9wrGF1TuVJe85p7LlXj9vVOuCZoeXmYfaA/5evrNVV+pSz+Q26eat2dPW6Y6+kTm7bHZu60/vtuavdsKv0jlvqHs3BWqC5UzO2ZNX9q5JD5S+EvWjD56nnv6Jevu0vvgdbjiz+9t7+rSHWhLfXy09Vyu59dhRayuasf2O89u/NR1qwetf3Xl2Cu3lN2NEuIm/cuvjR/2UMHm7Wt1Ifea63efJ+0+T/rjv4EhnrYQwqbnvlF/5okn/tsB/7Rw0/cf/a/mV7/1zTs2blzW1HJz1ZpJF3722sz8v728+X916rbba3FjLh4cwocLNu62uPknDk4+BwsCyafku7KB5JD7E00lPzkBAABgX8vv7sjvL5iTu01OCE/Pk7P52/cwf9xfMa7H/OX2+4TP3/0vf7vid6u/uGX9AxW/+f3GK04YM3XhYwvvu3jiP/+v31/16I2Z+f+03c//61PddPzf8X/6iOP/Pdrfd0XXpx9YsVe7ojPV0Scc/+/R/v5uc/y/R47/O/7fE8f/e+H4f4/296ct8y1poS9dIYSnn/2XC//hgmUnPfTqu4+4+IE/PTjx7IobOv9j+kPPdLzx0Vdm3XpoZv6/sLz5v/X/el60L7/+37RS6/8tLLX+3wrr/wEAAH2qxEJz6XleZvW+TIb06n2ZDL0uENjrEoPW/9vj9f82nFz9+1/P/ffvf+6+pw+vnHr/f46eP++m4UcdM+KqNU+t+NcX2lsy8/8V5c3/48thYGHr/WX9vyGTS1S1KgYWWhgQAACA/VGpHQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8vcaceedL33lh+2G3Lrlt5cnj/3r1qV//7NEH/+zKnZ/YHL7x4vKX7ply/FkXTDl54o6Vx874yt1v/v3WEOZ0l6tIilf8/KKpy2qnTPrSxV8+59jPH7V1U12u3prc7XuLcsdW32gKYV3BI40x8VxT151dgZOO/8my6q7EtqYQPlQYmHfevAO6EuubQhheGLj1qyPe05U4L13i5kcmPNWVmJoOfGbkgS93JY7OBSrS3b10UNLdinR3vzsohMEFgXx35w4qrirfxnG5QGW6jasakzZioDEW/UFj0kYMdMYSc+pDaK0OoSpd1f+sS6qqSlf1i7qkqqp0VefUhXB0CKE6XdUjtUlV1emR31WbVBUDB33w6ueHdSXW1YbQWhi4/5TLP9aVOCMVyDd+Ym0If9X1kkk3vrEmabwm3fglNSEcGkKoTZd4sTopUZsu8Xh1CO8qCOQbn10dwrLAO0L88JlZ+ODiZcvnTe/s7FjUh4naXFsNYdaczo6WGQs6Z9al+lRKRUF657nZeGWZY3/4+a/P6Lpddc/aoeWkq3Plarq7PLqm6O6YfdX7ij7qfezXgMJKdj0fmfpj/towMNQvXdyxqOWs6UuWLBqV/C03++jkb1UummyrUftqW5Xrz91WwwsraV1y+sLWxcuWj5xz+vTTOk7rmD+6bczhbUeOGXXEx1u7RtWW/N0XQ708G6/q46EeUl1QyVvxASAhIdHfEpVFn25t+/u/7MwX/V0drQl13R/QmWlFYZaK7lHui0GP3318Xw46MyXJjGhUZuKQyTK69yxjMpOJXVkakizd3+syk8PCmiq7N2m8XxlaWkr+p2suvlu4+f7Uw+YtV9x05aYBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+H/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuBQAAP//CAsM0g==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1d)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x20008})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)

53.312649189s ago: executing program 4 (id=556):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000001480)={[{@noload}]}, 0x1, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x1480, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
close(r0)

52.463864662s ago: executing program 4 (id=552):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x469, &(0x7f0000000100)="$eJzs3M9vFFUcAPDv7G5BfnZF/AGiomgk/mhpQeXgRRMTD5qY6AGPtRSCLNTQmghpbDEELyZKwt2YeDHxL/DkiagnE694NyTEcAE9rRl2dtlud8u2u91t3c8nGfpe9+2+73dm3s6bGaYBDKz96T9JxPaIuB4RwxGRq2+wpbKk7e7cmpv859bcZBLl8vt/J+nb4vatuclq0yT7ua1SKaQflLuURLFJvzPnL5yeKJWmzmX10dkzn4zOnL/w8qkzEyenTk6dHT969MjhsddeHX+lK3mmMd3e+/n0vj1vf3jl3cljVz769cdKvOXy1WuHFuXRHUMRMVdbJ42e625nfbejrpwU+hgIK7I5IgrZ3no9hiN/aWftteF464u+BgesqXK5XB5v/fJCGfgfS6LfEQD9UT3Qp+e/1aVHU4914eYblROgNO872VJ5pRAXszZDDee33bQ/Io4t/PttukTD9RQAgLXwczr/eanJ/K8Y8Uhdu53ZvaFiRDwYEbsi4qGI2B0RD0el7aMR8dgK+9/fUF86/8ndWF1m7Unnf69n97YWz/9qd8GK+ay2427+Q8mJU6WpQ9k6ORhDm9P6WNNPTyIW0p9/fN2q//r5X7qk/VfnglkcNwqbF7/n+MTsRMeJZ25ejNhbaJZ/EoV7WcSeiNi7yj5OvfDDvsW/yddK989/GV24z1T+LuL5yvZfiIb8q5Ll70+OPhClqUOj1b1iqd9+v/xeq/47yr8L0u2/ten+X8u/mNTfr51Z8hGb7tfH5T+/bHlOs9r9f1PywaLOP5uYnT03FrEpeWfp7+sucFfr1fZp/gcPNB//u+Lemng8ItKd+ImIeDIinspifzoinomIA8vk/8ubz368+vzXVpr//Iq2/8oL+dPXfmrVf3vb/0i1cjeodr7/2g2wk3UHAAAAG0UuIrZHkhuplXO5kZHK/5ffHVtzpemZ2RdPTH969njlGYFiDOWqV7qG666HjmXXhqv18aw+n9UPZ9eNr+a33K2PTE6Xjvc7eRhw21qM/9Rf+X5HB6w5z2vB4DL+YXCtfvz75oCN7j6jONerOIDecxSHwdVs/M/3IQ6g9xz/YXDVxv83bTSue9yr8eFNYONx/IfBZfzDQOrkuf51UYjvI5Zvk6yXUFdU+KqTtxd6EGHk1seK6mFhPB/RxzAK7f5Vizhfnu+4035/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHfwEAAP//qO7n/A==")
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000200)={'vxcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0x0, {0x0, 0x0, 0x1}, 0x2}, 0x18)
sendmsg$can_j1939(r0, &(0x7f00000002c0)={&(0x7f00000000c0)={0x1d, 0x0, 0x0, {0x0, 0x1ee}}, 0x18, &(0x7f00000004c0)={&(0x7f0000000140)='\x00', 0x8}}, 0x0)

52.091974328s ago: executing program 4 (id=557):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioprio_set$uid(0x3, 0x0, 0x0)

51.710700144s ago: executing program 35 (id=557):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioprio_set$uid(0x3, 0x0, 0x0)

40.80383033s ago: executing program 1 (id=625):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000180)=0x4, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004d00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)

40.230709248s ago: executing program 1 (id=627):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000047c0)=ANY=[@ANYBLOB="140000003a00010100000000000204000a"], 0x14}}, 0x0)
recvmmsg(r0, &(0x7f0000003700)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000280)=""/4085, 0xff5}], 0x1}}], 0x4000000000001a3, 0x140, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)

40.021034351s ago: executing program 1 (id=628):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
r2 = syz_io_uring_setup(0x238, &(0x7f00000002c0)={0x0, 0x232, 0x10100, 0x4, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f0000000340)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x51)
write$cgroup_pid(r1, &(0x7f0000000280), 0x12)

39.928260763s ago: executing program 1 (id=629):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000000), 0xfe, 0x264, &(0x7f0000000700)="$eJzs3TtoJHUcB/Df7MM1JkjURhAfICIaCLEQBBttFAISgoigQkTEShIhJthlrWwstFZJZRPE7nJXHteEaw6uzd2lyDVXXLjiwhV3xR6zs3tsNhvy2Mccmc8HNjP/nf9rYL7/TIqZBFBYkxHxUUSUI2IqIqoRkXRWeCP7TLaK62NbCxGNxuf3kma9rJxptxuPiHpEfBBRaR9b3fx698H2p2//vlJ969/Nr8ZGdX6d9nZ3Ptv/Z+63C7PvrZZa3020tp3nMUhJj+8qScSLwxjsKZFU8p4BJzH/y/830ty/FBFvNvNfjVIrsn8sP3OlGu/+fVTbP+9ef2WUcwUGr9Gopr8D6w2gcErNe+CkNB0R2X6pND2d3cPfLCfx49Lyz1M/LK0sfp/3SgUMQFLP/u7d+eRS7eJ4V/7vlLP8n8j7Q54pMBRp/r+Y37iV7u+X854NMBKvZps0/1Pfrr0T8g+FI/9QXPIPxSX/cA6cMbvyD8Ul/1Bc8g/nWLW9U+95WP6huOQfiqsr/7k8jwvkozP/AECxNGp5P4EM5CXv9QcAAAAAAAAAAAAAAAAAADhsfWxrof0Z1ZhX/4rY+zgiKgfHrzWPlpv/jzji2ebP5+4nabUnkqxZX755vc8O+vTfgJ++nqudrv7ztwc7/mlde204/f56sHjku+3WFiPqaeWZSuXw9Z+0rr9jHdn/C8c0rH53sgEGJekqf/jlaMfv9mgj3/FntyMup+vPTK/1rxQvN7e915+Jzlcsn9FPD/vsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJF5HAAA//+4Vmsn")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x50)

39.396242401s ago: executing program 1 (id=632):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, 0x0)
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000a00)={0x28, 0x7, r1, 0x0, &(0x7f00000a0000)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1000})

37.427912251s ago: executing program 1 (id=638):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x1000002, &(0x7f0000000bc0)=ANY=[], 0x1, 0x369, &(0x7f00000041c0)="$eJzs3U1oY9UXAPCTvjRpB/7/dicKQnQnaJnOTje2SAcGu1EJfizE4HRU0iq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQrsbcPDKy8vHa5J22sEqxd8Pmt7ce8875708kteQ3D63EO3Lk3Flf/96TE1VorrwyELcqMRsZNGzG6NqY/oAgLPhRkrxeyocM6RyyiUBAKes8/r/QkQ0Yrboef3Lo+Ynr/4AcOZ1//6fPmrO1GEDr5xKSQDAKRt5///eA8O1zk+1d7da+lQAAHBWPfH0M48uLkc83mhMRay9udncbMZDg/HFK/FSrMZKnI+ZuBlRXCjkN5XO7cVLy0vnG43GTvw0G82ImOgGNosrhcWsE1+P+f5I/2ojpZRd/GR5ab7RERG7O538sVbZbE7GuW7+78/FyuDCY7ZXRHRuLi0vXWh0N9Bc68XvROwN3rfI65+Lmfj2+f5mUup9gnF56er8RPfOIH6zWY/L/aNw6DsgAAAAAAAAAAAAAAAAAAAAAABwW+YafbP99XNS/rtYKWdubsx4Z32cIr67PtBesT5QqqdI6bfXHmi+lcWB9YGG1+fZtJAgAAAAAAAAAAAAAAAAAAAA9G1s1aK1urqyvrG13S43dtY3tiYiIu95+euPvpiO0Tm3aFSLFPWIfopGN+12u5Wy3uSURYyGZ3nyXs8Hn/YrLs+p9/dibBn18UP7kTf+d8+P7w6G7s56W/5zMDmL8TuYlcp4eCjp2v+Lkk5yoPqNC+We+mj2aymlUs8b5fCrz45uMCoR1ZM/cNvtiTh8TsobX11/8c7e0W99ngr33T/z5LV33v+l3VrNM0fnEaytb9xM7ValN/lkhyU/1L2eShSNSvlMqB4Vvnewp5V99+tTd739zfGyp3LPq/n5PDQnK3bn4+HwWtHIy8wbtcHZMj0In+zuxOrK5JiT/1aN23hM73jvsw9T+uHnY6co5NVPDD9rTFX+xqcgAAAAAAAAAAAAAAAAAACgq/Rd8a7ul30nj4p68LHTrwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/jmD//9fauztxlDPcRp/7IyJqq+sb0TU/u3dBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+6vAAAA//+Vx1Xq")
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x401)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

37.181477575s ago: executing program 36 (id=638):
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000100)='./bus\x00', 0x1000002, &(0x7f0000000bc0)=ANY=[], 0x1, 0x369, &(0x7f00000041c0)="$eJzs3U1oY9UXAPCTvjRpB/7/dicKQnQnaJnOTje2SAcGu1EJfizE4HRU0iq0WGwX09aF4lJwqSt3CrpwIS5FUMSdC7eOIKPiQrsbcPDKy8vHa5J22sEqxd8Pmt7ce8875708kteQ3D63EO3Lk3Flf/96TE1VorrwyELcqMRsZNGzG6NqY/oAgLPhRkrxeyocM6RyyiUBAKes8/r/QkQ0Yrboef3Lo+Ynr/4AcOZ1//6fPmrO1GEDr5xKSQDAKRt5///eA8O1zk+1d7da+lQAAHBWPfH0M48uLkc83mhMRay9udncbMZDg/HFK/FSrMZKnI+ZuBlRXCjkN5XO7cVLy0vnG43GTvw0G82ImOgGNosrhcWsE1+P+f5I/2ojpZRd/GR5ab7RERG7O538sVbZbE7GuW7+78/FyuDCY7ZXRHRuLi0vXWh0N9Bc68XvROwN3rfI65+Lmfj2+f5mUup9gnF56er8RPfOIH6zWY/L/aNw6DsgAAAAAAAAAAAAAAAAAAAAAABwW+YafbP99XNS/rtYKWdubsx4Z32cIr67PtBesT5QqqdI6bfXHmi+lcWB9YGG1+fZtJAgAAAAAAAAAAAAAAAAAAAA9G1s1aK1urqyvrG13S43dtY3tiYiIu95+euPvpiO0Tm3aFSLFPWIfopGN+12u5Wy3uSURYyGZ3nyXs8Hn/YrLs+p9/dibBn18UP7kTf+d8+P7w6G7s56W/5zMDmL8TuYlcp4eCjp2v+Lkk5yoPqNC+We+mj2aymlUs8b5fCrz45uMCoR1ZM/cNvtiTh8TsobX11/8c7e0W99ngr33T/z5LV33v+l3VrNM0fnEaytb9xM7ValN/lkhyU/1L2eShSNSvlMqB4Vvnewp5V99+tTd739zfGyp3LPq/n5PDQnK3bn4+HwWtHIy8wbtcHZMj0In+zuxOrK5JiT/1aN23hM73jvsw9T+uHnY6co5NVPDD9rTFX+xqcgAAAAAAAAAAAAAAAAAACgq/Rd8a7ul30nj4p68LHTrwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/jmD//9fauztxlDPcRp/7IyJqq+sb0TU/u3dBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+6vAAAA//+Vx1Xq")
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000000)='.\x00', 0x401)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x0)

4.122623207s ago: executing program 5 (id=812):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
ptrace(0x10, r0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000140)={0x0, 0x0, 0x1}, &(0x7f0000000180)=[{}])

3.538325036s ago: executing program 6 (id=809):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x9f)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

3.196878731s ago: executing program 5 (id=814):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)

3.090469623s ago: executing program 6 (id=815):
syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file1\x00', 0x810801, &(0x7f0000000140)=ANY=[], 0x4, 0x208, &(0x7f0000000640)="$eJzslb9rFEEUx78zu7e5BAlaaGFzFgEjmL3dPZU0FrEXhETU8jBjiE5y4XJFEhASbGysxX/EIpWFnVbWFioIFqa0EhyZ2dnb2dzuheX8UeR9IJPvzOybee/tu7cgCOLU8uXzj08vbi2uXAVwBnOYsuvfvPwZ7jz/8ZXXsPLt5uzTw+PnMQBK5XP/hPsDAG+WPGA/PVYp1xqYA3AWwAq40Zq74Lhi9T0whJmvKrcWYHhglx9vqWE0vWkrpGAPe3L10boUkR5iPSR66ACq4P/RAcMqgKa9gjn+be/uPelKoJ8KKTLRUNk9I1t1xbj8Gf+WOG46KdDv6/7zZwd6Htr1yMlfDI7Y6g4Ylq1exBTCMGzZqYid+C/6+fle+tpS9utE0pwsEXXFuYWSLV3h482npdDR/jE3fqm/EmBQKMF/l9Uyof2ob8Vbo1bBCeeIyX1mx1eYWxIXjg7fjVp9/a/pnUyYxgXA3Xqpy+bDjJS3S63OF1YuVfxksgqsLIm0fzAfuOz0J9/5KrQHG1vt7d29hfWN7ppYE5tJ0rkRXYui60nb9OZ0HNP/mqY/zTjnNyqeDViAne5g0I93gEE/Hs6TdHQ67vLr3ndjw03/45j/qVT2eTFhZx9KVryD2T9u/ms171U6TxAEQRAEQRAEQRAEQRAEUYsWGN7PDqeqHD+5Y7Z/BwAA//81gVqd")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x0)
getdents64(r0, 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

3.077255673s ago: executing program 5 (id=816):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000001006f9595d6538c6dc80804fa586226a23d71aafd23663ae6610952721f71faa0f9bbbf412166404116aa2b81a0443a169f41457a94c3cc54fe08aab15e489617968f5436df3a99f504fa0088e8b1448974a9b93c6085171af52ad83dc1a0d9db61bc4258ff449644dd8c597ebbcbc361f54e298ca8e5d80a5f64c515683dc72d205fc8529a6f849ee1806cc8d60ce55bbc50c1742c19f75d4d0081b6e6ccfb837bb993d2e941da721d6d88c6ecc94d80a1e22bd8e625"], 0x3, 0x174, &(0x7f0000000240)="$eJzsmD9PwkAYxp9rESJxcMZBE0lEI6UtalxMJPEDmOCfsEGkErSIQgdh85MYv4CLu/GjKJMLo3NN2wNOouKgJsbnN7z3vNe317u3ydOkIIT8W3pPL48XvcaKDmAGaSTk/LM+qtGU+tVssTl3vZ28K9+WdlL3/fH1BADf//rzYwAeCjo8mfv+27vTctyDNtT70LAs9SEEDKnL0HAgtQOBktQnim4G9YZxXHcd46jpVgNhBsEKgh2E/Pj++lcCVWV/Qrne7nRPK67rtH5QTOpfv6BhS9mf+r4GvTGV/lnQYEmdh0BR6k0kBr2JWqKcPxUbra//8vkpKCj+mhj5k38jsKT4U0zxj5zXOM+1O91svVGpOTXnzLbzG+aaaa7budCIoviJ/02H/pRU1p/6oDYu4riseF7LiuIwt6P4nuPGQ//TkFmMciHnVMLvwaxYCIaMLnNCCCGEEEIIIYQQQgj5duYhwr+gE7B3w+rXAAAA//9nP3XZ")
r0 = open(&(0x7f0000000000)='./file1\x00', 0x4000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
preadv2(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x2, 0x0, 0x0, 0x0)

2.618349s ago: executing program 6 (id=817):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000012c0)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4739}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@norecovery}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x60840, 0x8)
io_setup(0x2e, &(0x7f0000000200)=<r1=>0x0)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f00000002c0)='./file1\x00', 0x82000804)
io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0xf00f, 0x4000000, 0x0, 0x0, r0}])

2.466246682s ago: executing program 8 (id=818):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xc000, &(0x7f0000000380), 0x2, 0x24d, &(0x7f0000000440)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==")
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000140)=@v1={0x0, @aes128, 0x0, @desc3})
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

2.339156944s ago: executing program 5 (id=819):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x6, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='kmem_cache_free\x00', r0}, 0x18)
utimes(&(0x7f0000001ac0)='./file1\x00', 0x0)

2.212456797s ago: executing program 7 (id=820):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x20044e, &(0x7f0000000340)={[{@minixdf}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@stripe}, {@noblock_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
open(&(0x7f0000001b80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x62842, 0x21)
mknod$loop(&(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, 0x1)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x175)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2b1245d, 0x0, 0xfd, 0x0, &(0x7f00000000c0))

2.032099899s ago: executing program 6 (id=821):
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(0xffffffffffffffff, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @my=0x0, 0x0, 0x0, 0x420005e, 0x0, 0x9, 0x5, 0x200000})
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000440)={@hyper})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @host, 0x0, 0x0, 0x20005e})

1.875248951s ago: executing program 8 (id=822):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

1.765186483s ago: executing program 5 (id=823):
socket$netlink(0x10, 0x3, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000580), 0x42, 0x0)
syz_usb_connect$uac1(0x2, 0xdc, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r0, @ANYRES16=r1], 0x0)

1.602984335s ago: executing program 7 (id=824):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x18)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000020000000000000000700b8d4000000000000", @ANYRES32=0x1], 0x48)
r3 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x8916, &(0x7f0000000000)={r2})

1.602797706s ago: executing program 6 (id=825):
syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000011620140480b05101e8c00000001090212000100000000090401"], 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, 0x0, 0x4000000)
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000a40)={&(0x7f0000000140)=[{0x18, 0x4000, 0x22, &(0x7f00000001c0)="0000006f456583a47c064da3340297b36e93fc6a777b65dd50f7779fa3ac768633c9"}, {0x2, 0x201, 0x0, 0x0}], 0x2})

1.510560407s ago: executing program 8 (id=826):
syz_mount_image$erofs(&(0x7f0000000200), &(0x7f0000000100)='./file1\x00', 0x810801, &(0x7f0000000140)=ANY=[], 0x4, 0x208, &(0x7f0000000640)="$eJzslb9rFEEUx78zu7e5BAlaaGFzFgEjmL3dPZU0FrEXhETU8jBjiE5y4XJFEhASbGysxX/EIpWFnVbWFioIFqa0EhyZ2dnb2dzuheX8UeR9IJPvzOybee/tu7cgCOLU8uXzj08vbi2uXAVwBnOYsuvfvPwZ7jz/8ZXXsPLt5uzTw+PnMQBK5XP/hPsDAG+WPGA/PVYp1xqYA3AWwAq40Zq74Lhi9T0whJmvKrcWYHhglx9vqWE0vWkrpGAPe3L10boUkR5iPSR66ACq4P/RAcMqgKa9gjn+be/uPelKoJ8KKTLRUNk9I1t1xbj8Gf+WOG46KdDv6/7zZwd6Htr1yMlfDI7Y6g4Ylq1exBTCMGzZqYid+C/6+fle+tpS9utE0pwsEXXFuYWSLV3h482npdDR/jE3fqm/EmBQKMF/l9Uyof2ob8Vbo1bBCeeIyX1mx1eYWxIXjg7fjVp9/a/pnUyYxgXA3Xqpy+bDjJS3S63OF1YuVfxksgqsLIm0fzAfuOz0J9/5KrQHG1vt7d29hfWN7ppYE5tJ0rkRXYui60nb9OZ0HNP/mqY/zTjnNyqeDViAne5g0I93gEE/Hs6TdHQ67vLr3ndjw03/45j/qVT2eTFhZx9KVryD2T9u/ms171U6TxAEQRAEQRAEQRAEQRAEUYsWGN7PDqeqHD+5Y7Z/BwAA//81gVqd")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42, 0x0)
getdents64(r0, 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)

1.479244757s ago: executing program 7 (id=827):
r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
bind$llc(r0, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
sendfile(r0, r1, 0x0, 0xffffffff000)
recvmmsg(r0, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000240)=""/76, 0x4c}], 0x1}, 0x1}], 0x1, 0x2002, 0x0)

1.32561224s ago: executing program 8 (id=828):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000200009500"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'hsr0\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r1, r3, 0x25, 0x0, @val=@netfilter}, 0x40)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r3}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)

1.059247344s ago: executing program 8 (id=829):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x4000, &(0x7f00000000c0)=ANY=[], 0x1, 0x6014, &(0x7f000000a280)="$eJzs3U9vHGcdB/Df/vHacdo0qlAVIg5uyp+W0vxPoPxrygEJOICEeiaR61YpKaAkIFpFxJUPiAvwEuDSC4e+BV5AXwPiBRAp6akHyqCxn8cZb9Zeu4ln1n4+H2kz85tnx/tMvjueWc/MTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8eMf/vxcLyKu/i5NOB7xVAwi+hFH6nop6pEr+fnDiDgR683xXEQM5iPq+df/eSbiYkR8fCzi/oM7y/Xk87vsx6Wzt29+9pMf/OuPf1k78c6bv/hwvP1nX7jw0Z/uRhz/6asffXb3ySw7AAAAlKKqqqqXPuafTJ/v+113CgBoRd7+V0merla3Vv9oxvqjVu9P/ef+Xp7/1NGu+6s+pHVTNdndZhERq8156n0Gh+MB4IBZjU+77gIdkn/RhhFxtOtOADOt13UH2Bf3H9xZ7qV8e83twdJGe/475Zb8V3ub13dsN5xm/ByTtt5fazGIZ7fpz5GW+jBLcv798fyvbrSP0vP2O/+2bJf/aOPSp+Lk/Afj+Y/Zkv9fI+LA5t+fmH+pcv7DveS/OjjA67/8AQAAAAA4/PLf/493fPx3/vEXZVd2Ov671FIfAAAAAAAAAOBJe9z7/21y/z8AAACYWfVn9drfjj2ctt13sdXT3+hFPD32fKAwS40vBwQAAAAAAAAAAAAA2jGMWEzn9c9FxNOLi1VV1Y+m8XqvHnf+g6705YeSdf1LHgAANnx8bOxa/l7EQkS8kb7rb25xcbGq5iJisToyn/dnR/ML1ZHG59o8rKfNj3axQzwcVfUPW2jM1zTt8/K09vGfV7/WqBrsomPt6DBwAIiIja3RfVukQ6aqnomu93I4GKz/h4/1n93o+n0KAAAA7L+qqqpe+jrvk+mYf7/rTgEArcjb//HjAmq1Wl1M/cnGxJnpj1q9j3VTNdndZhERq8156n0Gt+MHgANmNT7tugt0SP5FG0bEia47Acy0XtcdYF/cf3BnuZfy7TW3B0sb7flckC35r/bW58vzTxpOM36OSVvvr7UYxLPb9Oe5lvowS3L+/fH8r26051v8b+azsD/5t2W7/OvlPN5Bf7qW8x+M5z9mv9f/tqxFf2L+pcr5D/eU/0D+AAAAAAAww/Lf/487/psXGQAAAAAAAAAOnPsP7izn617z8f8vTXherznm+s9DI+ff23X+rv89THL+/fH8x07IGTTG773+MP9PHtxZ/vD2f76YhzOf/9xgVL/2XK8/GKZzfqq5t+J63IiVOPvI84db2s890j63pf38lPYLj7SP6vYjuf10LMev40a8udk+P+XEqIUp7dWU9pz/wPpfpJz/sPGo819M7b2xYe3eB/1H1vvmcNLrXPnHf7/66NrVhuGWai0Gm8vWcKz+51RrfXpo/f/k6Ch+e2vl5unfX7t9++a5SIMtU89HGjxhOf+59Mj5v/jCRnv+vd9cX+99MNpz/rNiLYaT8l9/f7/QGK+X96WW+9aFnP8oPXL+eQs0ef0/yPlPXP/Xl+/lDvoDAAAAAAAAAAAAAAAAO6mqav0S0SsRcTld/9PVtZkAQLvy9r9K8nS1Wq1Wq9WHr26qJnutWUTEP5vz1PsMf5j0wwCAWfa/iPh3152gM/IvWP6+v3r45a47A7Tq1nvv//LajRsrN2913RMAAAAAAAAA4PPK9/9catz/ef08oLH7Rm+5/+vrsXRg7//ZHw3W73WeFuj52Pn+36di5/t/D6e83tyU9tGU9vkp7QtT2ide6NGQ838+ZZzzP5kWrKT7v77YQX+6lvM/le71nPP/2tjzmvlXfz/I+fe35H/m9ru/OXPrvfdfuf7utbdX3l751bmzly9euHTxwqVLZ966fmPl7Ma/HfZ4f+X8872vnQdalpx/zlz+Zcn5fyXV8i9Lyn9zN1T+Zcnrf97fk39Zcv75s4/8y5LzfynV8i9Lzv/rqZZ/WXL+L6da/mXJ+X8j1fIvS87/lVTLvyw5/9Opln9Zcv5nUi3/suT88xEu+Zcl55/PbJB/WXL+51Mt/7Lk/C+kWv5lyflfTLX8y5Lzv5Rq+Zcl53851fIvS87/m6mWf1ly/t9KtfzLkvN/NdXyL0vO/9upln9Zcv7fSbX8y5Lz/26qd8r/nRb7RTty/t9LtfW/LDn/76da/mXJ+b+WavmX5eH3/xvZ88jibHTDiJEnP9L1byYAAAAAAAAAAAAAYFwbpxN3vYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPB/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuNkau87wd+9uq1IcH/cCcO2OZmYGF3fQOHGEwS8qekF0pC2rSkxrHXZhPf6l0ngFDZFNoSBalI7Qv6omkSJVGktgJVkZpKNEIqUvumal41QpWiVopUV4LKQUmlVIGtzpzneXZmdnZm195dz5zz+SD75505M/PMmTOz+130nQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB6Wz4y+Ud9WZblf2p/bcyyi/N/r8/25V/O7r7QKwQAAADO1zu1v//qknTCviVcqG6bf7z2X747Nzc3l3327TPv/sncXDpjc5YNrMuy2nnRP/38Z3P12wTPZiN9/XVf93e4+YEO5w92OH+ow/nDHc5f1+H8kQ7nL9gBC6wvfh9Tu7Ibav/cWOzS7LJsqHbeDS0u9Wzfuv7++Lucmr7aZeaGDmdT2dFsMhtfcJm+2n9Z9uqW/LYeyOJt9dfd1qYsy87+5OmDcQ19YR/fkDXcWE39Y/fWfdnmt3/y9MFvz7x5davZcTcsWGmWbduar/O5LJv/dVXWl61L+ySus79unZtarHOgYZ19tcvl/25e59klrjPe75Gwzh+0WeemcNoT12dZNpstuk2zZ7P+bEPTrab9PVIcEfl15A/l+7LBZR0nW5ZwnOSX+fH1jcdJ8zEZ9/+WsE8GF1lD/cPx1peGF+z3cz1O8nvdDcdqft0P5Tc6MlL/q9WGYzXf5ukbFz8GWj52LY6BdCzXHQNbOx0D/cMDtWOgf37NWxuOgYkFl+nP+mq3debG9sfA2Myxk2PTTz51+9SxA0cmj0wenxjfvXPHrp07du0aOzx1dHK8+Ht5u7SHbMj60zG4NbzWxGPw5qZt6w/Jua+v3PNgpEueB/l9/+RN+YIu7s8WOcbzbZ7bdv7Pg/R9v+55MFj3PGj5mtrieTC4hOdBvs3ZbUv7njlY96fVGlbrtXBj3TFwIb8f5rf56C2LvxZuCut6/tblfj8cWHAMxLvVF557+Snp572Ru8J+WXhcXJOfcdFwdnp68tQdTxyYmTk1kYWxJi6te6yaj5cNdfcpW3C89C/7eNn3l7+46ZoWp28M+2rktvnHarjF45Bvs3O0/WNVe3VvvT8bTt2ehbHC1np/tvpulu/PlCXaHPv5Ns/dfv4/C6ZcUvf6N9Tp9W9gaLB4/RtIe2Oo4fVv4UMzUFtZlp29fWmvf0Phz1q//l3WJa9/+b569I72x0C+zfNjyz0GBtu+/l0fZl9Yzy0hMYzU5f53a+fPFodp3WPZ8bgZHBwKx81gvMXG42bHgsvk15bf9rbxcztutl3f+Fg1/NxSwuMm31d/Ot7+uMm3eW3i/F871sd/1r12DHc6BoYGhvP1DqWDoHi9m1sfj4E7soPZiexodihdJn+U89sa3b60Y2A4/Fnr146ruuQYyPfVS9vbHwP5Nq/vWNmfnbaFU9I2dT87Nf9+YbHMf83g/PU177aVzvz5Oj+6s/3vhvJt3ty53JzRfj/dFk65qMV+an7+LHZMH8rWZj9dFdZ5dFf7303l21y2e4nH074sy96YeKP2+67w+92/Of2v3234vW+r3ym/MfHGg2MP/3A56wcA4Ny9W/t7drj4WbPu/1gv5f//AwAAAD0h5v7+MBP5HwAAAEoj5v6BMBP5HwAAAEoj5v7BMJOK5P/H79rz8jvPZOndAOeCeH7cDQ/dU2wXO96z4evNc/Py0z/8zaGXv/zM0m67P8uyXzz4/pbbP35PXFfhZFznBxtPX+Cq65Z0+489Mr9d/fsnnN1TXH+8P0s9DGJX+dWx7bXr3fzkRG2+9mBWmw/PPv9scf3F13H7MzuK7f88vGnJvsN9DZffFtZzQ5ibw3vKPLRvfj/kM17u5U3X/sOln5q/vXi5vq3vrd3Nl36vuN74HlEvXlpsH+/3Yuv/+6985+V8+ydubL3+Z/pbr/9MuN4fh/nzvcX29fv8y3Xr/4Ow/nh78XJ3fOP7Ldf/ypXF9q+E4+JrYTav/74//sA7rR6veDv77i4uF29//H921i4Xry9ef/P6R56ZaNgfzdf/2tvF9ez9wk8H6rePp8fbiR67u/H47guPb0OPPMuy7/xh1rCfsw8Vl/u7pvXH6zt5d+v139a0zpN919UuP39/Njbcr69+a3vL+xvXs++vNzbcnxfvD/vv7bHX8+s983A4HsP5//uD4vqa38v0lfsbX2/i9l/bWDxv4/WNNa3/xab1z16X77vO63/g7WL9r9y7rmH9+z4WjqcHitlp/Uf+4pKGy3/928XjceqLo8dPTJ+eOhTuzMam5/G6kfUbLrr4Pe+9JLyWNn+9/8TM45OnNo9vHs+yzT34loGrvf5vhPnfxZhd+Vso/PCnxXH3wseL71s3/6z4+sVw+mPh8YzfH7/6Z0MNx2vz4z57bzHPd/23hnUs1ZVf+Y/rWpz8nwve8/fMZ149/be//2bzzwXx/py8fKR2/17ackXtvL7XivObX69am0tP+3+/vPF5/aPB8dr8Xtivc+GdmbdeUdxe8/XH9yZ54RPF8zf+JBcvnzW9n8jGgcb7cW7rn/ej8HPM969qfP2Lx8f3nml6N+eNWV++hNnw+pDNFufHreL+fuHsFS1vL74PTzZ79XKWuajpJ6fHjk4dP/3E2Mzk9MzY9JNP7T924vTxmf219y7d/7lOl59/fm+oPb8PTe7emdWe7SeKscou9PpPPnLw0J3jNx2aPHzg9OGZR05OnjpycHr64OSh6ZsOHD48+cVOl586tHdi+54dd24fPTJ1aO9de/bs2DM6dfxEvoxiUR3sHv/86PFT+2sXmd67c8/Erl07x0ePnTg0uffO8fHR050uX/veNJpf+gujpyaPHpiZOjY5Oj311OTeiT27d2/v+O6Px04ent48dur08bHT05Onxor7snmmdnL+va/T5amG6RPh9a5JX/jp/NO37U7vj5v75pcWvapik8YfT7O3wntBxe9vnb6OuX8ozKQi+R8AAACqIOb+8Mb/82fI/wAAAFAaMfevCzOR/wEAAKA0Yu4fCTOpSP7X/9f/1//X/9f/X8P+f6b/v9L0/1ek/7/Qqvb/5+n/6//38vr1//X/6azb+v8x96/PskrmfwAAAKiCmPs3hJnI/wAAAFAaMfdfFGYi/wMAAEBpxNx/cZhJNfL/UPM/9f/1//X/6/v/cVv9/0z/X///HOn/6/+3o/+v/9/L6+/C/v96/X+6Tbf1/2Puf0+YSTXyPwAAAFRCzP3vDTNZTv7vX+lVAQAAACsp5v5Lwkz8/38AAAAojZj7N4aZVCT/+/x//X/9f5//r/+v/7+a9P/1/9vR/9f/7+X1d2H/3+f/03W6rf8fc///CzOpSP4HAACAKoi5/31hJvI/AAAAlEbM/ZeGmcj/AAAAUBox918WZlKR/K//r/+v/6//r/+v/7+a9P/1/9vR/9f/7+X16//r/9NZt/X/Y+6/PMykIvkfAAAAqiDm/ivCTOR/AAAAKI2Y+68MM5H/AQAAoDRi7r8qzKQi+V//X/9f/1//X/9f/3816f/r/7ej/6//38vr1//X/6ezbuv/x9x/dZhJRfI/AAAAVEHM/deEmcj/AAAAUBox978/zET+BwAAgNKIuX9TmElF8r/+v/5/1/f/+/X/9f8L+v/6/62sbP+/f9Fz9P8L+v+N9P/1//X/9f9pr9v6/zH3fyDMpCL5HwAAAKog5v5rw0zkfwAAACiNmPuvCzOR/wEAAKA0Yu7fHGZSkfyv/6//3/X9f5//r/8fZuX6/zN9+v9L4PP/9f8z/f9zdqH7872+fv1//X+arV9wSrf1/2Pu3xJmUpH8DwAAAFUQc//WMBP5HwAAAEoj5v7rw0zkfwAAACiNmPtvCDOpSP7X/z/H/n9TtUX/v/X69f/1//X/ff6//r/+fzv6//r/vbx+/f+l9f+HO10RpdZt/f+Y+28MM6lI/gcAAIAqiLn/pjAT+R8AAABKI+b+m8NM5H8AAAAojZj7t4WZVCT/6//7/H/9f/1//X/9/9Wk/7/k/v/CD01eAv3/gv7/ubnQ/fleX38v9f9HWlze5/+zFrqt/x9z/y1hJhXJ/wAAAFAFMfffGmYi/wMAAEBpxNx/W5iJ/A8AAAClEXP/aJhJRfK//r/+v/5/tfv/6/T/9f9XWVn7/+l11Of/6//r/+v/r3L//1uLXL5XPv+fauu2/n/M/beHmVQk/wMAAEAVxNx/R5iJ/A8AAAClEXP/WJiJ/A8AAAClEXP/eJhJRfK//r/+v/5/tfv/mf6//v8qK2v/v/nz/7Ms0//X/0/0//X/u+3z/1vR/2ctdFv/P+b+iTCTiuR/AAAAqIKY+7eHmcj/AAAAUBox9+8IM5H/AQAAoDRi7t8ZZlKR/K//r/+v/6//r/+v/7+aqtL/9/n/xfn6/wX9f/1//X/9/yrqb3Fat/X/Y+7fFWZSkfwPAAAAVRBz/+4wE/kfAAAASiPm/jvDTOR/AAAAKI2Y++8KM6lI/tf/1//X/9f/797+f+Ptr17//7/0/1eR/v/Y64MtHnf9/4L+v/5/L69f/1//n85Wtv9/yXn3/2Pu3xNmUpH8DwAAAFUQc/8Hw0zkfwAAACiNmPvvDjOR/wEAAKCntPocwijm/g+FmVQk/+v/l73/P7dO/1//v3f7/4370+f/6/+3El4+u7r/7/P/F7e6/f/1C25P/7/Rhe7P9/r69f/1/+lsZfv/C348XXb/P+b+vWEmFcn/AAAAUAUx998TZiL/AwAAQGnE3H9vmIn8DwAAAKURc/++MJOK5H/9/7L3/7vv8//7Mv1//f+C/r/+/0rohc//1/9fnM//783+f3zfDf3/7un/58eQ/j/dqNv6/zH33xdmUpH8DwAAAFUQc/+Hw0zkfwAAACiNmPs/EmYi/wMAAEBpxNz/0TCTiuR//X/9f5//r/+v/6//v5r0//X/29H/783+f6T/3z39f5//T7fqtv5/zP33h5lUJP8DAABAFcTc/7EwE/kfAAAASiPm/v8fZiL/AwAAQGnE3P9AmElF8r/+v/6//r/+v/6//v9q0v/X/29nbfv/w1nz/dD/1//X/9f/Z3WtRf9/3TL6/zH3/1KYSUXyPwAAAFRBzP0PhpnI/wAAAFAaMfd/PMxE/gcAAIDSiLn/l8NMKpL/9f/Xpv/fn65f/1//X/9f/1//fyX1aP9/RP+/4PP/9f97ef36//r/dLYW/f9sGf3/mPt/JcykIvkfAAAAqiDm/l8NM5H/AQAAoDRi7v+1MBP5HwAAAEoj5v6Hwkwqkv/1/33+v/6//n/X9v8HG/en/r/+fys92v/3+f+B/r/+fy+vX/9f/5/Ouq3/H3P/r4eZVCT/AwAAQBXE3P9wmIn8DwAAAKURc/8nwkzkfwAAACiNmPs/GWZSkfyv/6//r/+v/9+1/f+m/an/3639/39re67+v/5/O/r/+v+9vH79f/1/Ouu2/n/M/Y+EmVQk/wMAAEAVxNz/qTAT+R8AAABKI+b+3wgzkf8BAACgNGLu/80wk97M//3LvYD+v/6//r/+v/6//v9q0v9f2P/PX8MuZP9/eCkb6v8vif6//r/+v/4/7XVb/z/m/k+HmfRm/gcAAABaiLn/t8JM5H8AAAAojZj7fzvMRP4HAACA0oi5/9Ewk4rkf/1//X/9f/1//X/9/9Wk/+/z/9vR/9f/7+X16//r/9NZt/X/Y+7/TJhJRfI/AAAAVEHM/b8TZiL/AwAAQGnE3L8/zET+BwAAgNKIuf+xMJOK5H/9f/1//X/9/5Xp/8/p/+v/t6T/r//fjv6//n8vr1//X/+fzrqt/x9z/4Ewk4rkfwAAAKiCmPs/G2Yi/wMAAEBpxNx/MMxE/gcAAIDSiLn/UJhJRfK//r/+v/6//r/P/9f/X036//r/7ej/6//38vr1//X/6azb+v8x90+GmVQk/wMAAEAVxNx/OMxE/gcAAIDSiLn/SJiJ/A8AAAClEXP/42EmFcn/+v/6//r/+v/6//r/q0n/X/+/Hf1//f9eXr/+v/4/na1c//+fV6T/H3P/VJhJRfI/AAAAVEHM/Z8LM5H/AQAAoDRi7v98mIn8DwAAAKURc//RMJOK5H/9f/1//f8S9v8H9f8z/f+uof+v/9+O/r/+fy+vX/9f/5/OVq7/n61I/z/m/mNhJhXJ/wAAAFAFMfcfDzOR/wEAAKA0Yu4/EWYi/wMAAEBpxNx/MsykIvlf/1//X/+/hP1/n/9fo//fHfT/9f/b0f/X/+/l9ev/6//TWbf1/2Pu/90wk4rkfwAAAKiCmPtPhZnI/wAAAFAaMfdPh5nI/wAAAPwfe/fRo9ddxXH8MYljWxFixZ63wI4dvIO8BjZsERK9dwgQeu+9915D772X0HsLhA4BKSiZc05i5/G94/E8fu79n89nkZNxJvaNR3L00+iryzBy9983bmmy//X/+n/9v/5f/6//3yX9v/5/iv5/Pf3/yS3/vv5f/6//Z87S+v/c/feLW5rsfwAAAOggd//94xb7HwAAAIaRu/8BcYv9DwAAAMPI3f/AuKXJ/tf/6//1/4vp/w86P/2//l//f0H0//r/zb77/zPxweD9/zb6f/2//p85S+v/c/c/KG5psv8BAACgg9z9D45b7H8AAAAYRu7+h8Qt9j8AAAAMI3f/Q+OWJvtf/6//H7f/P7W2/t/7//PrOmL/f+LWX1b/f7z0//r/zb77/ybv/99G/6//1/8zZ2n9f+7+h8UtTfY/AAAAdJC7/+Fxi/0PAAAAw8jd/4i4xf4HAACAYeTuf2Tc0mT/6//1/+P2/6t7/7/+P7+uQ/T/Z+rn8f5//b/+//z0//r/NT+//l//z7yl9f+5+x8VtzTZ/wAAANBB7v5Hxy32PwAAAAwjd/9j4hb7HwAAAIaRu/+xcUuT/a//1//r//X/+v9L8P5//b/+X/+/lf5f/7/m59f/6/+Zt7T+P3f/4+KWJvsfAAAAOsjd//i4xf4HAACAYeTuf0LcYv8DAADAMHL3PzFuabL/9f/6f/2//l//r//fJf2//n+K/l//v+bn1//r/5m38/7/qqtvuYft/3P3Xx23NNn/AAAA0EHu/ifFLfY/AAAADCN3/5PjFvsfAAAAhpG7/ylxS5P9v6X/v2yj/2/a/990Qv+v/19m/39j/Cmj/9f/3966+//T+n/9/y0/vLz+/3C/E/p//b/+nzk77/9nev9zP87df03c0mT/AwAAQAe5+58at9j/AAAAMIzc/U+LW+x/AAAAGEbu/qfHLU32v/f/6/+P8/3/+fPq/w/o/73/X/+v/z/u9/+fOedj/f+BLf3/vfI3U/9/fvvu59f+/FP9/90P8fz6fzpYWv+fu/8ZcUuT/Q8AAAAd5O5/Ztxi/wMAAMAwcvc/K26x/wEAAGAYufufHbc02P+X6//rOZL+3/v/D9X/R4Cr/z/7efT/+v9t9P/H2/+fS/9/wPv/j2bf/fzan9/7/+f7/yvnfhKGt7T+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVP9/mf5f/z9N/6//n6L/1/+v+fn1/97/z7yl9f+5+18Qt9Twu/wI/5UAAADAkuTuf2Hc0uT7/wAAANBB7v4XxS32PwAAAAwjd/+L45Ym+1//r//X/+v/vf9f/79L+v/h+v8T+v9b6f/1//p//T/Tltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/9f+7pP8frv/3/v/b0P/r//X/+n+mLa3/z93/irilyf4HAACADnL3vzJusf8BAABgGLn7XxW32P8AAAAwjNz9r45bmux//b/+X/+v/9f/6/93afn9/8lDfZb+/4D+/2y76v9Pn+fX0/8v6/mPp//Pr77+nzEtoP+/x20/zt3/mrilyf4HAACADnL3vzZusf8BAABgGLn7Xxe32P8AAAAwjNz9r49bmuz/8/X/N1x58M9n+v/8DZvo/8+c99fW/+v/N/p//b/+X/9/kbz/X/+/GbD/9/7/dTy/9//r/5m3gP7/rI9z978hbmmy/wEAAKCD3P1vjFvsfwAAABhG7v43xS32PwAAAAwjd/+b45Ym+9/7//X/+n/9v/5f/79L+n/9/5QV9f+ntv2g/l//r//X/zNtaf1/7v63xC1N9j8AAAB0kLv/rXGL/Q8AAADDyN3/trjF/gcAAIBh5O5/e9zSZP/r//X/e+//76D/T/r/+Lrq//X/F0D/r//feP//ke27n1/78+v/9f/MW1r/n7v/HXFLk/0PAAAAHeTuf2fcYv8DAADAMHL3vytusf8BAABgGLn73x23NNn/+n/9/977f+//L/r/+Lrq//X/F0D/r//f6P+PbN/9/NqfX/+v/2fe0vr/3P3viVua7H8AAADoIHf/e+MW+x8AAACGkbv/fXGL/Q8AAADDyN3//rilyf7X/+v/9f/6f/2//n+X9P/6/ymXtv+/5gb9/9n23c+v/fn1//p/5i2t/8/d/4G4pcn+BwAAgA5y938wbrH/AQAAYBi5+z8Ut9j/AAAAMIzc/R+OW5rsf/3/2vv/e14fT7C0/j8/Rf+v/9f/6//1//r/81ru+//P/ZNiO/2//l//r/9n2iXr/+991X3udvPfzPT/ufs/Erc02f8AAADQQe7+a+MW+x8AAACGkbv/o3GL/Q8AAADDyN3/sbilyf7v0f+fvN2njdP/e/+//n/R/X/+oar/1//r//X/Wy23/z8c/b/+X/+v/2fa0t7/n7v/43FLk/0PAAAAHeTu/0TcYv8DAADAMHL3fzJusf8BAABgGLn7PxW3NNn/Pfr/29P/Hzj2/v+mO+n/9f/F+//1/xv9v/5/hv5f/7/m5x+6/z+x0f9zLJbW/+fu/3Tc0mT/AwAAQAe5+z8Tt9j/AAAAMIzc/Z+NW+x/AAAAGEbu/s/FDXe94/4e6ZLS/+v/vf9f/6//1//vkv7/CP3/icsP/Vz6/wP6/6PZdz+/9ucfuv/3/n+OydL6/9z9n49bfP8fAAAAhpG7/wtxi/0PAAAAw8jd/8W4xf4HAACAARz07rn7vxS3NNn/+n/9v/5f/6//1//vkv7f+/+n6P/1/2t+fv2//p95S+v/c/d/OW5psv8BAACgg9z9X4lb7H8AAAAYRu7+r8Yt9j8AAAAMI3f/1+KWJvtf/6//1//r/5fd/5/S/+v/J+n/9f8b/f+R7bufX/vz6//1/8xbWv+fu//rcUuT/Q8AAAAd5O7/Rtxi/wMAAMAwcvd/M26x/wEAAGAYufu/Fbc02f/6f/2//l//v+z+v8X7/09u9P9Hpv/X/2/0/0e2735+7c+v/9f/M29p/X/u/m/HLU32PwAAAHSQu/87cYv9DwAAAMPI3f/duMX+BwAAgGHk7v9e3NJk/4/c/099mv7/gP5f/7/R/y+h//f+/4ug/9f/b/T/R7bvfn7tz6//1/8zb2n9f+7+78ctTfY/AAAAdJC7/wdxi/0PAAAAw8jdf91mc639DwAAAGO67pa/nt78MG5psv9H7v+n6P8P6P/1/xv9v/5/x/T/+v8p+n/9/5qfX/+v/2fe0vr/3P0/ilua7H8AAADoIHf/j+MW+x8AAACGkbv/J3GL/Q8AAADDyN3/07ilyf7X/+v/9f/6f/2//n+X9P/6/yn6f/3/mp9f/6//Z97S+v/c/T+LW5rsfwAAAOggd//P4xb7HwAAAIaRu/8XcYv9DwAAAMPI3f/LuKXJ/tf/6//1//p//b/+f5f0//r/Kfp//f+an1//r/9n3tL6/9z9v4pbmux/AAAA6CB3/6/jFvsfAAAAhpG7/zdxi/0PAAAAw8jd/9u4pcn+1//r//X/+n/9v/5/l9r2/zf/b1X/P0v/r/9f8/Pr//X/zFta/5+7/3dxS5P9DwAAAB3k7v993GL/AwAAwDBy9/8hbrH/AQAAYBi5+/8YtzTZ//p//b/+X/+/jv7/Cv2//n+rxfb/3v9/KPp//f+an1//r/9n3tL6/9z918ctTfY/AAAAdJC7/09xi/0PAAAAw8jd/+e4xf4HAACAYeTuvyFuabL/9f/6/yH7/1P6//H6f+//X2X/fxf9v/5/mv5f/7/m59f/6/+Zt7T+P3f/X+KWJvsfAAAAOsjd/9e4xf4HAACAYeTu/1vcYv8DAADAMHL3/z1uabL/9f/6/yH7f+//1//r/xdD/6//n6L/1/+v+fn1//p/5i2t/8/d/4+4pcn+BwAAgA5y9/8zbrH/AQAAYBi5+/8Vt9j/AAAAMIzc/f+OW5rsf/2//l//r//X/+v/d0n/v97+/4qN/n+O/l//r//X/zNtaf1/7v7/xC1N9j8AAAB0kLv/xrhl6/6/8yV6KgAAAOA45e7/b9zi+/8AAAAwjNz9/4tbmux//b/+X/9/Qf3/af2//l//f2H0/+vt/73/f57+X/+v/9f/M21p/X/u/v8HAAD//8+aFhM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
sendfile(r0, r1, 0x0, 0xfffe82)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x0)

512.279092ms ago: executing program 7 (id=830):
unshare(0x400)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})

307.809265ms ago: executing program 7 (id=831):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0xc000, &(0x7f0000000380), 0x2, 0x24d, &(0x7f0000000440)="$eJzs3T9oJFUcB/DvzO4ac7fIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyUixAT7LJWNhZaq6SyCWJntJQ0wUYRrKKmiI2gwcJgocXK7iQSNytqNtk5Mp8PTGYm89783rDzfbvN7AZorAtJLiVpJZlL0klSHG5wb7Vc2N9dnd28lvT7T/1SDNtV+5WDfueT9JI8kmSjLPJKO1lef27nt60nHnh7qXP/h+vPzk71Ivft7mw/uffBlbc+ufzw8lff/HSlyKV0/3ZdJ68Y8792kdx2GsVuEEW77hHwX1x94+NvB7m/Pcl9w/x3UqZ68d5ZvGmjk4fe/6e+7/789Z3THCtw8vr9zuA9sNcHGqdM0k1Rzieptstyfr76DP9d61z56sLi63MvLyxdf6numQo4Kd1k+/HPZj49P5L/H1tV/oGza5D/p6+ufT/Y3muNHOzP1DMo4HTdVa0G+Z97YeXBjMs/cKbJPzSX/ENzyT80l/xDc8k/NJf8wxnWOdjojT0s/9Bc8g/NJf/QXIfzDwA0S3+m7ieQgbrUPf8AAAAAAAAAAAAAAAAAAABHrc5uXjtYplXzi/eS3ceStMfVbw1/jzi5efj33K/FoNlfiqrbRJ6/Z8ITTOijmp++vuWHeut/eXe99VeuJ703k1xst4/ef8X+/Xd8t/7L8c6LExb4n4qR/UefmW79UX+s1Vv/8lby+WD+uThu/ilzx3A9fv7pHv6K5WN67fcJTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDU/BkAAP//d4lu0g==")
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000140)=@v1={0x0, @aes128, 0x0, @desc3})
chdir(&(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

180.798477ms ago: executing program 7 (id=832):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x6, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='kmem_cache_free\x00', r0}, 0x18)
utimes(&(0x7f0000001ac0)='./file1\x00', 0x0)

131.338598ms ago: executing program 6 (id=833):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0xc)
sendmsg$nl_route(r1, &(0x7f0000002bc0)={0x0, 0x0, &(0x7f0000002b80)={&(0x7f0000002980)=@dellink={0x34, 0x11, 0x1, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0xc0, 0x1400}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'wg2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000100}, 0x40004)

1.50905ms ago: executing program 8 (id=834):
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r0 = syz_io_uring_setup(0x497, &(0x7f0000000380)={0x0, 0x607b, 0x8, 0x0, 0x284}, &(0x7f0000000280)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x3516, 0x27, 0x4, 0x0, 0x0)

0s ago: executing program 5 (id=835):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

m netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  132.774201][ T7115] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  132.821348][ T6141] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  132.994879][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  133.001218][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  133.155418][ T3430] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.163267][ T3430] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.211975][ T7369] netlink: 4 bytes leftover after parsing attributes in process `syz.1.347'.
[  133.244004][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.283667][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888066df4000: rx timeout, send abort
[  133.287614][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.498029][ T7375] loop1: detected capacity change from 0 to 512
[  133.541662][ T7375] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.568850][ T7375] ext4 filesystem being mounted at /109/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  133.784769][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888066df4400: rx timeout, send abort
[  133.793558][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888066df4000: abort rx timeout. Force session deactivation
[  133.823896][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.067932][ T7389] loop4: detected capacity change from 0 to 4096
[  134.293186][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888066df4400: abort rx timeout. Force session deactivation
[  134.354491][  T787] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  134.550118][  T787] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  134.575939][  T787] usb 6-1: config 0 has no interface number 0
[  134.582096][  T787] usb 6-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  134.606666][  T787] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.630487][  T787] usb 6-1: config 0 descriptor??
[  134.653619][  T787] usb 6-1: selecting invalid altsetting 1
[  134.666178][  T787] dvb_ttusb_budget: ttusb_init_controller: error
[  134.684677][  T787] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  134.777687][  T787] DVB: Unable to find symbol cx22700_attach()
[  134.870844][  T787] DVB: Unable to find symbol tda10046_attach()
[  134.887085][  T787] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  134.908417][  T787] usb 6-1: USB disconnect, device number 2
[  135.202455][ T7424] loop6: detected capacity change from 0 to 128
[  135.244676][ T5861] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  135.264737][ T5773] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  135.424503][ T5861] usb 5-1: Using ep0 maxpacket: 16
[  135.431818][ T5861] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.444222][ T5861] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.454010][ T5861] usb 5-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  135.464792][ T5773] usb 2-1: Using ep0 maxpacket: 16
[  135.469502][ T5861] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.476916][ T5773] usb 2-1: config 0 has no interfaces?
[  135.480948][ T5861] usb 5-1: config 0 descriptor??
[  135.493214][ T5773] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  135.513533][ T5773] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  135.521676][ T5773] usb 2-1: SerialNumber: syz
[  135.529233][ T5773] usb 2-1: config 0 descriptor??
[  135.784176][   T48] tipc: Subscription rejected, illegal request
[  135.804196][ T5773] usb 2-1: USB disconnect, device number 8
[  136.261571][ T7441] loop6: detected capacity change from 0 to 128
[  136.275879][ T7441] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  136.289773][ T7441] ext4 filesystem being mounted at /10/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.318635][ T7441] syz.6.374 (pid 7441) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  136.366337][ T7115] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  136.519533][ T5861] letsketch 0003:6161:4D15.0002: Device info: á‘”
[  136.605995][ T7453] loop1: detected capacity change from 0 to 4096
[  136.632292][ T7453] NILFS (loop1): invalid segment: Checksum error in segment payload
[  136.641028][ T7453] NILFS (loop1): trying rollback from an earlier position
[  136.670402][ T7453] NILFS (loop1): recovery complete
[  136.682134][ T7454] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  136.767087][ T5861] usb 5-1: Max retries (5) exceeded reading string descriptor 201
[  136.775727][ T5861] letsketch: probe of 0003:6161:4D15.0002 failed with error -71
[  136.790828][ T5861] usb 5-1: USB disconnect, device number 4
[  136.809974][ T5818] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  137.014832][ T5818] usb 7-1: Using ep0 maxpacket: 16
[  137.022297][ T5818] usb 7-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  137.036032][ T5818] usb 7-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  137.045960][ T5818] usb 7-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  137.059290][ T5818] usb 7-1: config 1 interface 0 has no altsetting 0
[  137.060855][ T7465] loop5: detected capacity change from 0 to 2048
[  137.073051][ T5818] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  137.082537][ T5818] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.090630][ T5818] usb 7-1: Product: syz
[  137.094920][ T5818] usb 7-1: Manufacturer: syz
[  137.099528][ T5818] usb 7-1: SerialNumber: syz
[  137.111069][ T7465] EXT4-fs (loop5): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.168640][ T2968] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  137.187075][ T2968] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1 with error 28
[  137.199926][ T2968] EXT4-fs (loop5): This should not happen!! Data will be lost
[  137.199926][ T2968] 
[  137.209588][ T2968] EXT4-fs (loop5): Total free blocks count 0
[  137.216026][ T2968] EXT4-fs (loop5): Free/Dirty block details
[  137.223773][ T2968] EXT4-fs (loop5): free_blocks=2415919104
[  137.230094][ T2968] EXT4-fs (loop5): dirty_blocks=16
[  137.235268][ T2968] EXT4-fs (loop5): Block reservation details
[  137.242295][ T2968] EXT4-fs (loop5): i_reserved_data_blocks=1
[  137.252851][ T6994] EXT4-fs (loop5): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  137.288652][ T5861] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  137.316198][ T7469] vivid-001: disconnect
[  137.324231][ T7468] vivid-001: reconnect
[  137.334816][ T5818] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  137.474680][ T5861] usb 2-1: Using ep0 maxpacket: 8
[  137.482904][ T5861] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  137.493355][ T5861] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.512172][ T5861] usb 2-1: too many endpoints for config 1 interface 0 altsetting 255: 255, using maximum allowed: 30
[  137.534623][ T5861] usb 2-1: config 1 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  137.554478][ T5861] usb 2-1: config 1 interface 0 has no altsetting 1
[  137.567009][ T5861] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  137.576310][ T5861] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.578220][ T5811] usb 7-1: USB disconnect, device number 2
[  137.592121][ T5861] usb 2-1: Product: syz
[  137.599937][ T5861] usb 2-1: Manufacturer: syz
[  137.609050][ T5811] usblp0: removed
[  137.617479][ T5861] usb 2-1: SerialNumber: syz
[  137.640343][ T5861] usb 2-1: selecting invalid altsetting 1
[  137.779663][ T7486] loop4: detected capacity change from 0 to 16
[  137.789561][ T7486] erofs: (device loop4): mounted with root inode @ nid 36.
[  137.852004][ T5861] cdc_ncm 2-1:1.0: bind() failure
[  137.878117][ T7488] loop4: detected capacity change from 0 to 256
[  137.878473][ T5861] usb 2-1: USB disconnect, device number 9
[  137.902313][ T7488] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  137.914844][ T5818] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  138.103175][ T5818] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 255, changing to 11
[  138.114529][ T5818] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 59391, setting to 1024
[  138.134435][ T5818] usb 6-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  138.164624][ T5818] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  138.173715][ T5818] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.207466][ T7480] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  138.219790][ T5818] usb 6-1: Quirk or no altest; falling back to MIDI 1.0
[  138.235612][ T5818] usb 6-1: invalid MIDI in EP 0
[  138.307496][ T5818] snd-usb-audio: probe of 6-1:27.0 failed with error -22
[  138.344506][ T5811] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  138.386597][ T7496] netlink: 4 bytes leftover after parsing attributes in process `syz.6.398'.
[  138.546151][  T787] usb 6-1: USB disconnect, device number 3
[  138.549522][ T5811] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  138.574991][ T5811] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  138.597078][ T5811] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  138.606911][ T5811] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  138.624563][ T5811] usb 5-1: Product: syz
[  138.634477][ T5811] usb 5-1: Manufacturer: syz
[  138.644482][ T5811] usb 5-1: SerialNumber: syz
[  138.883989][ T5811] usb 5-1: 0:2 : does not exist
[  138.897917][ T5811] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  138.944021][ T5811] usb 5-1: USB disconnect, device number 5
[  139.238219][ T7512] loop6: detected capacity change from 0 to 2048
[  139.252558][ T7512] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  139.853548][ T7537] loop1: detected capacity change from 0 to 128
[  139.866406][ T7537] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  139.879084][ T7537] ext4 filesystem being mounted at /124/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  139.929489][ T7537] EXT4-fs error (device loop1): dx_make_map:1328: inode #2: block 18: comm syz.1.416: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  139.953966][ T7537] EXT4-fs (loop1): Remounting filesystem read-only
[  139.983796][ T5772] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  140.033671][ T7540] netlink: 8 bytes leftover after parsing attributes in process `syz.1.417'.
[  140.101970][ T7542] tipc: Started in network mode
[  140.107982][ T7542] tipc: Node identity 7f000001, cluster identity 4711
[  140.116648][ T7542] tipc: Enabled bearer <udp:syz2>, priority 10
[  140.143854][ T7544] netlink: 'syz.5.419': attribute type 10 has an invalid length.
[  140.152140][ T7544] netlink: 40 bytes leftover after parsing attributes in process `syz.5.419'.
[  140.174936][ T7544] dummy0: entered promiscuous mode
[  140.180943][ T7544] bridge0: port 3(dummy0) entered blocking state
[  140.192696][ T7544] bridge0: port 3(dummy0) entered disabled state
[  140.200193][ T7544] dummy0: entered allmulticast mode
[  140.209740][ T7544] bridge0: port 3(dummy0) entered blocking state
[  140.216803][ T7544] bridge0: port 3(dummy0) entered forwarding state
[  140.319270][   T27] audit: type=1326 audit(1750350209.813:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7549 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  140.348397][   T27] audit: type=1326 audit(1750350209.813:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7549 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  140.377884][   T27] audit: type=1326 audit(1750350209.813:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7549 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  140.414525][   T27] audit: type=1326 audit(1750350209.813:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7549 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  140.443013][   T27] audit: type=1326 audit(1750350209.813:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7549 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  140.466521][   T27] audit: type=1326 audit(1750350209.813:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7549 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  140.489678][   T27] audit: type=1326 audit(1750350209.813:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7549 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  140.515947][   T27] audit: type=1326 audit(1750350209.813:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7549 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  140.544521][   T27] audit: type=1326 audit(1750350209.823:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7549 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  140.578914][   T27] audit: type=1326 audit(1750350209.823:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7549 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  140.757776][ T7558] loop5: detected capacity change from 0 to 2048
[  140.763295][ T7562] input: syz1 as /devices/virtual/input/input11
[  140.801571][ T7558] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.010696][ T6994] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.237430][    T8] tipc: Node number set to 2130706433
[  141.312496][ T7569] loop6: detected capacity change from 0 to 32768
[  141.568678][ T7586] loop5: detected capacity change from 0 to 1024
[  141.608290][ T7586] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.801688][ T6994] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.810972][ T7583] loop4: detected capacity change from 0 to 32768
[  141.841452][ T7583] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  141.919934][ T7583] XFS (loop4): Ending clean mount
[  141.946670][ T7583] XFS (loop4): Quotacheck needed: Please wait.
[  142.018824][ T7583] XFS (loop4): Quotacheck: Done.
[  142.183042][ T6141] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  142.424628][ T5811] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  142.617518][ T5811] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.634260][ T5811] usb 7-1: New USB device found, idVendor=0079, idProduct=0006, bcdDevice= 0.00
[  142.654254][ T5811] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.681320][ T5811] usb 7-1: config 0 descriptor??
[  142.755955][ T7629] loop5: detected capacity change from 0 to 1024
[  142.768826][ T7629] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  142.780763][ T7629] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  142.801578][ T7629] JBD2: no valid journal superblock found
[  142.808716][ T7629] EXT4-fs (loop5): Could not load journal inode
[  143.131732][ T5811] dragonrise 0003:0079:0006.0003: hidraw0: USB HID v0.00 Device [HID 0079:0006] on usb-dummy_hcd.6-1/input0
[  143.159202][ T5811] dragonrise 0003:0079:0006.0003: no inputs found
[  143.166741][ T5811] dragonrise 0003:0079:0006.0003: force feedback init failed
[  143.375459][ T5811] usb 7-1: USB disconnect, device number 3
[  143.626115][ T7662] loop5: detected capacity change from 0 to 512
[  143.633596][ T7662] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  143.650306][ T7662] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.663006][ T7662] ext4 filesystem being mounted at /37/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.776233][ T6994] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.017668][ T7697] loop5: detected capacity change from 0 to 2048
[  145.079306][ T7697] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  145.096270][ T7686] loop1: detected capacity change from 0 to 40427
[  145.127735][ T7686] F2FS-fs (loop1): invalid crc value
[  145.196457][ T7686] F2FS-fs (loop1): Found nat_bits in checkpoint
[  145.279220][ T7686] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  145.308855][ T6994] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.357778][ T7707] netlink: 12 bytes leftover after parsing attributes in process `syz.6.477'.
[  145.394439][ T7707] netlink: 12 bytes leftover after parsing attributes in process `syz.6.477'.
[  145.801858][ T7713] syz.1.474: attempt to access beyond end of device
[  145.801858][ T7713] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  145.821685][ T7713] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  146.015904][   T48] Bluetooth: hci4: Frame reassembly failed (-84)
[  146.316124][ T7736] loop1: detected capacity change from 0 to 512
[  146.357069][ T7736] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.369749][ T7736] ext4 filesystem being mounted at /143/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  146.424806][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.843567][ T7760] Set syz0 is full, maxelem 0 reached
[  146.936675][ T7764] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input12
[  147.021912][ T7768] loop1: detected capacity change from 0 to 1024
[  147.289603][ T7769] loop4: detected capacity change from 0 to 32768
[  147.318249][ T7769] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  147.368773][ T7769] XFS (loop4): Ending clean mount
[  147.379667][ T7769] XFS (loop4): Quotacheck needed: Please wait.
[  147.428815][ T7769] XFS (loop4): Quotacheck: Done.
[  147.480516][   T27] kauditd_printk_skb: 8 callbacks suppressed
[  147.480530][   T27] audit: type=1800 audit(1750350216.973:37): pid=7769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.500" name="file2" dev="loop4" ino=9287 res=0 errno=0
[  147.545278][   T27] audit: type=1804 audit(1750350217.023:38): pid=7769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.500" name="/newroot/96/file0/file2" dev="loop4" ino=9287 res=1 errno=0
[  147.583737][   T27] audit: type=1800 audit(1750350217.023:39): pid=7769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.500" name="file2" dev="loop4" ino=9287 res=0 errno=0
[  147.659830][ T6141] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  147.683349][ T7793] netlink: 8 bytes leftover after parsing attributes in process `syz.1.508'.
[  147.753300][ T7791] loop6: detected capacity change from 0 to 8192
[  147.779171][ T7795] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  147.795473][ T7795] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  147.849865][ T7791] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  147.866218][ T7791] REISERFS (device loop6): found reiserfs format "3.6" with non-standard journal
[  147.876869][ T7791] REISERFS (device loop6): using ordered data mode
[  147.886035][ T7791] reiserfs: using flush barriers
[  147.911468][ T7791] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  147.938710][ T7791] REISERFS (device loop6): checking transaction log (loop6)
[  147.999404][ T7800] loop4: detected capacity change from 0 to 256
[  148.008257][ T7798] loop1: detected capacity change from 0 to 1024
[  148.014645][ T5771] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  148.047595][ T7800] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  148.048470][ T7798] EXT4-fs: Ignoring removed oldalloc option
[  148.088724][ T7798] EXT4-fs: Ignoring removed orlov option
[  148.115366][ T7798] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  148.117038][ T7791] REISERFS (device loop6): Using tea hash to sort names
[  148.148190][ T7791] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage.
[  148.164704][ T7800] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[  148.185513][ T7798] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.214334][ T7800] exFAT-fs (loop4): error, failed to bmap (inode : ffff88805dd01b60 iblock : 8, err : -5)
[  148.258861][ T7800] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[  148.268239][ T7800] exFAT-fs (loop4): error, invalid access to FAT free cluster (entry 0x00000008)
[  148.319403][ T7798] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4036: comm syz.1.511: Allocating blocks 305-513 which overlap fs metadata
[  148.365200][ T7791] REISERFS warning (device loop6): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 1) not found (pos 2)
[  148.452657][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.724440][  T787] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  148.800560][ T7821] loop6: detected capacity change from 0 to 16
[  148.819232][ T7821] erofs: (device loop6): mounted with root inode @ nid 36.
[  148.959563][  T787] usb 5-1: config 0 has an invalid interface number: 120 but max is 0
[  148.969235][  T787] usb 5-1: config 0 has no interface number 0
[  148.982943][  T787] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  149.004161][  T787] usb 5-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[  149.028218][  T787] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.041549][  T787] usb 5-1: config 0 descriptor??
[  149.057517][  T787] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.120/input/input13
[  149.147893][   T27] audit: type=1326 audit(1750350218.644:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  149.171870][   T27] audit: type=1326 audit(1750350218.644:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  149.195635][   T27] audit: type=1326 audit(1750350218.644:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  149.220591][   T27] audit: type=1326 audit(1750350218.714:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  149.248203][   T27] audit: type=1326 audit(1750350218.744:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  149.304287][   T27] audit: type=1326 audit(1750350218.804:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  149.327290][ T5808] usb 5-1: USB disconnect, device number 6
[  149.329921][   T27] audit: type=1326 audit(1750350218.804:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.1.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb57eb8e929 code=0x7ffc0000
[  149.437674][ T7841] netlink: 'syz.1.526': attribute type 4 has an invalid length.
[  149.648490][    C1] vcan0: j1939_tp_rxtimer: 0xffff888066df4800: rx timeout, send abort
[  149.658399][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888066df4800: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  150.540641][ T7864] loop4: detected capacity change from 0 to 32768
[  150.551238][ T7864] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  150.559787][ T7864] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  150.587066][ T7864] XFS (loop4): Ending clean mount
[  150.594202][ T7864] XFS (loop4): Quotacheck needed: Please wait.
[  150.628397][ T7864] XFS (loop4): Quotacheck: Done.
[  150.674296][ T6141] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  150.683319][  T787] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  150.862776][  T787] usb 2-1: Using ep0 maxpacket: 32
[  150.869417][  T787] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  150.877819][  T787] usb 2-1: config 0 has no interface number 0
[  150.884235][  T787] usb 2-1: config 0 interface 184 has no altsetting 0
[  150.894664][  T787] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  150.903784][  T787] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.911778][  T787] usb 2-1: Product: syz
[  150.915991][  T787] usb 2-1: Manufacturer: syz
[  150.920567][  T787] usb 2-1: SerialNumber: syz
[  150.928415][  T787] usb 2-1: config 0 descriptor??
[  150.936310][  T787] smsc75xx v1.0.0
[  151.232976][ T7881] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  151.338425][ T7886] loop4: detected capacity change from 0 to 2048
[  151.368564][ T7886] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.425501][ T7886] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  151.510197][ T6141] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.522718][ T5811] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  151.562000][  T787] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  151.577378][  T787] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  151.630792][ T7887] loop6: detected capacity change from 0 to 32768
[  151.647400][ T7887] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  151.703869][ T7887] XFS (loop6): Ending clean mount
[  151.712391][ T5811] usb 6-1: Using ep0 maxpacket: 16
[  151.720641][ T5811] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.740199][ T7887] XFS (loop6): Quotacheck needed: Please wait.
[  151.747034][ T5811] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  151.771039][ T5811] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.791545][  T787] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  151.799772][ T7887] XFS (loop6): Quotacheck: Done.
[  151.818587][ T5811] usb 6-1: config 0 descriptor??
[  151.822359][  T787] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  151.842382][  T787] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  151.862476][  T787] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  151.872065][  T787] smsc75xx: probe of 2-1:0.184 failed with error -71
[  151.902512][  T787] usb 2-1: USB disconnect, device number 10
[  151.930719][ T7115] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  152.028757][ T7894] loop4: detected capacity change from 0 to 32768
[  152.056873][ T7894] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 scanned by syz.4.544 (7894)
[  152.099334][ T7894] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  152.109686][ T7894] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  152.128369][ T7894] BTRFS info (device loop4): using free space tree
[  152.233944][ T7894] BTRFS info (device loop4): enabling ssd optimizations
[  152.241150][ T7894] BTRFS info (device loop4): auto enabling async discard
[  152.304392][ T5811] input: HID 05ac:8241 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:05AC:8241.0004/input/input14
[  152.391857][ T6141] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  152.417621][ T5811] appleir 0003:05AC:8241.0004: input,hiddev0,hidraw0: USB HID v0.05 Device [HID 05ac:8241] on usb-dummy_hcd.5-1/input0
[  152.503083][ T7922] netlink: 'syz.1.547': attribute type 1 has an invalid length.
[  152.530534][ T7922] netlink: 168864 bytes leftover after parsing attributes in process `syz.1.547'.
[  152.596357][ T5811] usb 6-1: USB disconnect, device number 4
[  152.733127][ T7925] input: syz0 as /devices/virtual/input/input15
[  152.920843][ T7929] loop4: detected capacity change from 0 to 1024
[  152.945538][ T7929] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  152.979849][ T7929] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  153.023437][ T7929] EXT4-fs (loop4): corrupt root inode, run e2fsck
[  153.045734][ T7929] EXT4-fs (loop4): mount failed
[  153.529244][ T7927] loop1: detected capacity change from 0 to 32768
[  153.544943][ T7927] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  153.578063][ T7938] block nbd6: NBD_DISCONNECT
[  153.600000][ T7938] block nbd6: Send disconnect failed -22
[  153.606615][ T7927] XFS (loop1): Ending clean mount
[  153.625854][ T7935] block nbd6: Disconnected due to user request.
[  153.643442][ T7927] XFS (loop1): Quotacheck needed: Please wait.
[  153.661401][ T7935] block nbd6: shutting down sockets
[  153.761495][ T7927] XFS (loop1): Quotacheck: Done.
[  153.767890][   T48] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  153.811484][   T48] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.957739][ T5772] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  153.975558][   T48] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  153.986328][   T48] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.072173][ T7937] loop5: detected capacity change from 0 to 40427
[  154.090446][ T7937] F2FS-fs (loop5): build fault injection attr: rate: 690, type: 0x7ffff
[  154.101817][ T7937] F2FS-fs (loop5): heap/no_heap options were deprecated
[  154.108847][ T7937] F2FS-fs (loop5): Image doesn't support compression
[  154.120384][ T7937] F2FS-fs (loop5): invalid crc value
[  154.143877][   T48] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  154.183118][ T7937] F2FS-fs (loop5): Found nat_bits in checkpoint
[  154.203865][   T48] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.317632][   T48] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  154.348904][   T48] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.351255][ T7937] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  154.491700][   T27] kauditd_printk_skb: 80 callbacks suppressed
[  154.491713][   T27] audit: type=1326 audit(1750350223.987:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7955 comm="syz.6.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6be98e929 code=0x7ffc0000
[  154.539701][ T7956] loop6: detected capacity change from 0 to 512
[  154.572192][ T7956] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  154.577092][ T7937] F2FS-fs (loop5): inject dquot initialize in f2fs_dquot_initialize of f2fs_rename2+0x747/0x21b0
[  154.590913][   T27] audit: type=1326 audit(1750350224.017:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7955 comm="syz.6.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6be98e929 code=0x7ffc0000
[  154.651005][ T7956] EXT4-fs (loop6): 1 truncate cleaned up
[  154.662598][ T7956] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.675610][   T27] audit: type=1326 audit(1750350224.027:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7955 comm="syz.6.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fd6be98e929 code=0x7ffc0000
[  154.711507][ T5771] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  154.717613][   T27] audit: type=1326 audit(1750350224.027:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7955 comm="syz.6.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd6be98e963 code=0x7ffc0000
[  154.736836][ T5771] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  154.759839][ T6994] syz-executor: attempt to access beyond end of device
[  154.759839][ T6994] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  154.777093][ T5771] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  154.790411][ T6994] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  154.797925][ T5771] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  154.798558][   T27] audit: type=1326 audit(1750350224.027:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7955 comm="syz.6.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fd6be98d3df code=0x7ffc0000
[  154.832549][ T6994] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  154.839817][ T5771] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  154.849872][ T5771] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  154.866679][ T5086] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  154.876824][ T5086] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  154.893381][ T5086] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  154.900934][   T27] audit: type=1326 audit(1750350224.027:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7955 comm="syz.6.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fd6be98e9b7 code=0x7ffc0000
[  154.923605][   T27] audit: type=1326 audit(1750350224.027:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7955 comm="syz.6.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd6be98d290 code=0x7ffc0000
[  154.925572][ T5771] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  154.946123][   T27] audit: type=1326 audit(1750350224.027:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7955 comm="syz.6.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd6be98e52b code=0x7ffc0000
[  154.946169][   T27] audit: type=1326 audit(1750350224.057:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7955 comm="syz.6.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd6be98d58a code=0x7ffc0000
[  154.946201][   T27] audit: type=1326 audit(1750350224.057:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7955 comm="syz.6.561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fd6be98d58a code=0x7ffc0000
[  154.955118][ T5771] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  155.029196][ T5771] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  155.109777][ T7115] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.343004][ T7972] input: syz1 as /devices/virtual/input/input16
[  155.349318][ T7972] input: failed to attach handler leds to device input16, error: -6
[  155.798302][ T7961] chnl_net:caif_netlink_parms(): no params data found
[  155.976766][ T7989] netlink: 'syz.1.574': attribute type 7 has an invalid length.
[  156.087088][ T7961] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.094504][ T7961] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.102194][ T7961] bridge_slave_0: entered allmulticast mode
[  156.109552][ T7961] bridge_slave_0: entered promiscuous mode
[  156.117932][ T7993] netlink: 'syz.6.575': attribute type 4 has an invalid length.
[  156.186499][ T7977] loop5: detected capacity change from 0 to 32768
[  156.219278][ T7977] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  156.230433][ T7961] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.237722][ T7961] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.246028][ T7961] bridge_slave_1: entered allmulticast mode
[  156.253620][ T7961] bridge_slave_1: entered promiscuous mode
[  156.259074][ T7977] XFS (loop5): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  156.320635][ T7961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.364867][ T7977] XFS (loop5): Starting recovery (logdev: internal)
[  156.374327][ T7961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  156.388975][ T7977] XFS (loop5): Ending recovery (logdev: internal)
[  156.445116][ T7961] team0: Port device team_slave_0 added
[  156.450364][    T8] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  156.455489][ T7961] team0: Port device team_slave_1 added
[  156.469029][   T48] hsr_slave_0: left promiscuous mode
[  156.477450][   T48] hsr_slave_1: left promiscuous mode
[  156.486034][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  156.493982][   T48] batman_adv: batadv0: Removing interface: batadv_slave_0
[  156.504227][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  156.511464][ T6994] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  156.512568][   T48] batman_adv: batadv0: Removing interface: batadv_slave_1
[  156.528669][   T48] bridge_slave_1: left allmulticast mode
[  156.534533][   T48] bridge_slave_1: left promiscuous mode
[  156.540482][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.558228][   T48] bridge_slave_0: left allmulticast mode
[  156.565662][   T48] bridge_slave_0: left promiscuous mode
[  156.574655][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.664076][   T48] veth1_macvtap: left promiscuous mode
[  156.669664][   T48] veth0_macvtap: left promiscuous mode
[  156.680460][   T48] veth1_vlan: left promiscuous mode
[  156.690334][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.701537][    T8] usb 2-1: New USB device found, idVendor=5543, idProduct=0003, bcdDevice= 0.00
[  156.708499][   T48] veth0_vlan: left promiscuous mode
[  156.711116][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.736752][    T8] usb 2-1: config 0 descriptor??
[  157.132228][ T5771] Bluetooth: hci0: command tx timeout
[  157.228132][    T8] uclogic 0003:5543:0003.0005: unknown main item tag 0x0
[  157.264384][    T8] uclogic 0003:5543:0003.0005: item fetching failed at offset 1/5
[  157.292910][    T8] uclogic 0003:5543:0003.0005: parse failed
[  157.299340][    T8] uclogic: probe of 0003:5543:0003.0005 failed with error -22
[  157.328982][ T8015] netlink: 4 bytes leftover after parsing attributes in process `syz.6.581'.
[  157.489245][  T787] usb 2-1: USB disconnect, device number 11
[  157.937010][   T48] team0 (unregistering): Port device team_slave_1 removed
[  158.005068][   T48] team0 (unregistering): Port device team_slave_0 removed
[  158.118562][   T48] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  158.150600][ T8020] loop6: detected capacity change from 0 to 40427
[  158.169008][ T8020] F2FS-fs (loop6): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  158.176754][ T8020] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  158.188199][ T8020] F2FS-fs (loop6): invalid crc value
[  158.208087][ T8020] F2FS-fs (loop6): Found nat_bits in checkpoint
[  158.216431][   T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  158.284448][ T8020] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  158.292724][ T8020] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e4
[  158.334476][ T7115] syz-executor: attempt to access beyond end of device
[  158.334476][ T7115] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  158.350282][ T7115] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  159.056507][   T48] bond0 (unregistering): Released all slaves
[  159.145741][    T8] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  159.201798][ T8038] loop6: detected capacity change from 0 to 32768
[  159.215787][ T8038] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 scanned by syz.6.586 (8038)
[  159.220987][ T5771] Bluetooth: hci0: command tx timeout
[  159.240169][ T7961] batman_adv: batadv0: Adding interface: batadv_slave_0
[  159.247115][ T7961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.280303][ T7961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  159.292704][ T8038] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  159.303395][ T8038] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm
[  159.314252][ T7961] batman_adv: batadv0: Adding interface: batadv_slave_1
[  159.321651][ T8038] BTRFS info (device loop6): enabling auto defrag
[  159.328087][ T8038] BTRFS info (device loop6): use no compression
[  159.328551][ T7961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  159.334675][ T8038] BTRFS info (device loop6): force clearing of disk cache
[  159.360491][ T7961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  159.379422][    T8] usb 6-1: Using ep0 maxpacket: 16
[  159.395482][ T8038] BTRFS info (device loop6): max_inline at 4096
[  159.402490][ T8038] BTRFS info (device loop6): disabling free space tree
[  159.409908][    T8] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  159.419000][    T8] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  159.438120][    T8] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  159.450299][    T8] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  159.463343][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.474976][    T8] usb 6-1: Product: syz
[  159.479369][    T8] usb 6-1: Manufacturer: syz
[  159.484080][ T7961] hsr_slave_0: entered promiscuous mode
[  159.484125][    T8] usb 6-1: SerialNumber: syz
[  159.507982][ T7961] hsr_slave_1: entered promiscuous mode
[  159.522180][ T7961] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  159.531015][ T7961] Cannot create hsr debugfs directory
[  159.594549][ T8038] BTRFS info (device loop6): enabling ssd optimizations
[  159.601857][ T8038] BTRFS info (device loop6): auto enabling async discard
[  159.616279][ T8038] BTRFS info (device loop6): rebuilding free space tree
[  159.645289][ T8038] BTRFS info (device loop6): disabling free space tree
[  159.653988][ T8038] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  159.669657][ T8038] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  159.805043][ T7115] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  159.888662][ T7961] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  159.909169][ T7961] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  159.945848][ T7961] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  159.965300][    T8] usb 6-1: 0:2 : does not exist
[  159.981827][ T7961] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  160.162776][ T7961] 8021q: adding VLAN 0 to HW filter on device bond0
[  160.201475][ T7961] 8021q: adding VLAN 0 to HW filter on device team0
[  160.221389][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.228608][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[  160.263291][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.270513][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[  160.586702][    T8] usb 6-1: 1:0: failed to get current value for ch 0 (-22)
[  160.659789][    T8] usb 6-1: USB disconnect, device number 5
[  160.667783][ T7961] 8021q: adding VLAN 0 to HW filter on device batadv0
[  160.893362][ T7961] veth0_vlan: entered promiscuous mode
[  160.907288][ T7961] veth1_vlan: entered promiscuous mode
[  160.935876][ T7961] veth0_macvtap: entered promiscuous mode
[  160.945715][ T7961] veth1_macvtap: entered promiscuous mode
[  160.964060][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.975103][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.985366][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  160.996230][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.006058][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  161.016523][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.027873][ T7961] batman_adv: batadv0: Interface activated: batadv_slave_0
[  161.045411][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.057086][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.067086][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.077511][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.087339][ T7961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  161.097921][ T7961] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  161.109420][ T7961] batman_adv: batadv0: Interface activated: batadv_slave_1
[  161.133833][ T7961] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  161.146160][ T7961] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  161.154995][ T7961] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  161.164438][ T7961] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  161.288307][ T5771] Bluetooth: hci0: command tx timeout
[  161.307616][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  161.315807][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  161.382109][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  161.392667][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  161.471509][ T8096] loop5: detected capacity change from 0 to 1024
[  161.534193][ T8100] loop1: detected capacity change from 0 to 128
[  161.543710][ T8100] EXT4-fs: Ignoring removed nobh option
[  161.548826][ T8096] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.562602][ T8096] ext4 filesystem being mounted at /62/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.583223][ T8100] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  161.595421][ T8101] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  161.630732][ T8100] ext4 filesystem being mounted at /179/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  161.671304][ T8096] EXT4-fs error (device loop5): ext4_map_blocks:718: inode #15: block 3: comm syz.5.599: lblock 3 mapped to illegal pblock 3 (length 13)
[  161.736433][ T8096] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  161.766339][ T8096] EXT4-fs (loop5): This should not happen!! Data will be lost
[  161.766339][ T8096] 
[  161.791952][ T5772] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  161.804475][ T8108] EXT4-fs error (device loop5): ext4_map_blocks:608: inode #15: block 3: comm syz.5.599: lblock 3 mapped to illegal pblock 3 (length 1)
[  161.872261][  T967] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  161.895942][ T6994] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.077479][  T967] usb 7-1: Using ep0 maxpacket: 8
[  162.100446][  T967] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  162.135935][  T967] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  162.169168][  T967] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  162.192486][  T967] usb 7-1: config 0 descriptor??
[  162.334450][ T8119] kvm: kvm [8118]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x3531202020202020
[  162.420017][  T967] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  162.783248][ T8122] loop1: detected capacity change from 0 to 32768
[  162.790825][ T8122] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.607 (8122)
[  162.806684][ T8122] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  162.817593][ T8122] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  162.826254][ T8122] BTRFS info (device loop1): use zlib compression, level 3
[  162.833551][ T8122] BTRFS info (device loop1): turning on sync discard
[  162.840387][ T8122] BTRFS info (device loop1): doing ref verification
[  162.850381][ T8122] BTRFS info (device loop1): disabling tree log
[  162.859867][    T9] usb 7-1: USB disconnect, device number 4
[  162.872632][ T8122] BTRFS info (device loop1): enabling tree log
[  162.880965][ T8122] BTRFS info (device loop1): enabling ssd optimizations
[  162.890834][ T8122] BTRFS info (device loop1): using spread ssd allocation scheme
[  162.899127][ T8122] BTRFS info (device loop1): not using ssd optimizations
[  162.906347][ T8122] BTRFS info (device loop1): not using spread ssd allocation scheme
[  162.915573][ T8122] BTRFS info (device loop1): using free space tree
[  162.967181][   T27] kauditd_printk_skb: 19 callbacks suppressed
[  162.967195][   T27] audit: type=1800 audit(1750350232.471:156): pid=8122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.607" name="bus" dev="loop1" ino=263 res=0 errno=0
[  163.065714][ T5772] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  163.376933][ T5771] Bluetooth: hci0: command tx timeout
[  164.224235][ T8161] netlink: 'syz.5.616': attribute type 1 has an invalid length.
[  164.238706][ T8164] loop6: detected capacity change from 0 to 1024
[  164.250884][ T8161] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  164.258286][ T8161] IPv6: NLM_F_CREATE should be set when creating new route
[  164.265506][ T8161] IPv6: NLM_F_CREATE should be set when creating new route
[  164.300207][ T8161] netlink: 'syz.5.616': attribute type 1 has an invalid length.
[  164.302088][ T8164] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  164.330284][ T8161] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  164.337702][ T8164] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.348608][ T8158] loop7: detected capacity change from 0 to 32768
[  164.372994][ T8158] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop7 scanned by syz.7.614 (8158)
[  164.414012][ T8158] BTRFS info (device loop7): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  164.435618][ T8164] EXT4-fs error (device loop6): ext4_map_blocks:718: inode #15: block 3: comm syz.6.615: lblock 3 mapped to illegal pblock 3 (length 13)
[  164.450293][ T8158] BTRFS info (device loop7): using sha256 (sha256-avx2) checksum algorithm
[  164.467628][ T8158] BTRFS info (device loop7): enabling auto defrag
[  164.473080][ T8164] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  164.474340][ T8158] BTRFS info (device loop7): use no compression
[  164.486753][ T8164] EXT4-fs (loop6): This should not happen!! Data will be lost
[  164.486753][ T8164] 
[  164.509054][ T8158] BTRFS info (device loop7): force clearing of disk cache
[  164.517531][ T8158] BTRFS info (device loop7): max_inline at 4096
[  164.523817][ T8158] BTRFS info (device loop7): disabling free space tree
[  164.531945][ T8164] EXT4-fs error (device loop6): ext4_map_blocks:608: inode #15: block 3: comm syz.6.615: lblock 3 mapped to illegal pblock 3 (length 1)
[  164.591961][ T8158] BTRFS info (device loop7): enabling ssd optimizations
[  164.613025][ T7115] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.646593][ T8158] BTRFS info (device loop7): auto enabling async discard
[  164.676658][ T8158] BTRFS info (device loop7): rebuilding free space tree
[  164.743947][ T8158] BTRFS info (device loop7): disabling free space tree
[  164.770319][ T8158] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  164.796177][ T8158] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  164.927035][ T7961] BTRFS info (device loop7): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  165.105664][ T5861] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  165.330723][ T5861] usb 7-1: Using ep0 maxpacket: 16
[  165.367891][ T5861] usb 7-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  165.387748][ T5861] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.402018][ T8207] tmpfs: Unknown parameter ',9–  *X„âA�x²'¦à%CYš…àÍkòà"kZI2*ºàØý0`‡¬)4žú%x†b„8ìéÉ™›óÀóœ@AMUÈ	ƒ°áíÕ.ÚÊœ9d'
[  165.430738][ T5861] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  165.456301][ T5861] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  165.465382][ T5861] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.468420][ T8208] loop7: detected capacity change from 0 to 512
[  165.483123][ T5861] usb 7-1: Product: syz
[  165.487916][ T5861] usb 7-1: Manufacturer: syz
[  165.495455][ T5861] usb 7-1: SerialNumber: syz
[  165.522978][ T8208] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a80ec118, mo2=0002]
[  165.541983][ T8208] System zones: 0-2, 18-18, 34-35
[  165.552306][ T8208] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-ff7f-000000000000 r/w without journal. Quota mode: writeback.
[  165.565209][ T8208] ext4 filesystem being mounted at /3/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  165.651971][   T27] audit: type=1800 audit(1750350235.152:157): pid=8208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.624" name="file1" dev="loop7" ino=15 res=0 errno=0
[  165.807108][ T7961] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-ff7f-000000000000.
[  165.858615][ T8217] loop1: detected capacity change from 0 to 128
[  165.900820][ T8217] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  165.944770][ T5861] usb 7-1: 0:2 : does not exist
[  165.970515][ T8217] ext4 filesystem being mounted at /191/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  166.125445][ T8217] loop1: detected capacity change from 128 to 64
[  166.154552][ T8217] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5896: Out of memory
[  166.185569][ T8217] EXT4-fs error (device loop1): __ext4_new_inode:1349: inode #13: comm syz.1.629: mark_inode_dirty error
[  166.213433][ T8217] EXT4-fs error (device loop1) in __ext4_new_inode:1351: Out of memory
[  166.228526][ T8217] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5896: Out of memory
[  166.242435][ T8217] EXT4-fs error (device loop1): ext4_evict_inode:252: inode #13: comm syz.1.629: mark_inode_dirty error
[  166.260258][ T8217] EXT4-fs warning (device loop1): ext4_evict_inode:255: couldn't mark inode dirty (err -12)
[  166.321717][ T5772] EXT4-fs error (device loop1): htree_dirblock_to_tree:1112: inode #2: block 4: comm syz-executor: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[  166.374139][ T5772] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5896: Out of memory
[  166.390672][ T5772] EXT4-fs error (device loop1): ext4_dirty_inode:6100: inode #2: comm syz-executor: mark_inode_dirty error
[  166.428863][ T5772] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5896: Out of memory
[  166.448103][ T5772] EXT4-fs error (device loop1): __ext4_unlink:3328: inode #2: comm syz-executor: mark_inode_dirty error
[  166.577593][ T5861] usb 7-1: 1:0: failed to get current value for ch 0 (-22)
[  166.617641][ T5861] usb 7-1: USB disconnect, device number 5
[  166.638128][ T8223] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.647738][ T8223] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.017333][ T8229] loop5: detected capacity change from 0 to 32768
[  167.029162][ T8229] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 scanned by syz.5.634 (8229)
[  167.053737][ T8229] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  167.064578][ T8229] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  167.076276][ T8229] BTRFS info (device loop5): enabling auto defrag
[  167.082756][ T8229] BTRFS info (device loop5): use no compression
[  167.089377][ T8229] BTRFS info (device loop5): force clearing of disk cache
[  167.096666][ T8229] BTRFS info (device loop5): max_inline at 4096
[  167.103016][ T8229] BTRFS info (device loop5): disabling free space tree
[  167.174053][ T8229] BTRFS info (device loop5): enabling ssd optimizations
[  167.182091][ T8229] BTRFS info (device loop5): auto enabling async discard
[  167.187241][ T8223] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  167.191037][ T8229] BTRFS info (device loop5): rebuilding free space tree
[  167.213538][ T8229] BTRFS info (device loop5): disabling free space tree
[  167.220613][ T8229] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  167.230687][ T8229] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  167.255160][ T8223] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  167.406478][ T6994] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  167.755559][ T8223] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  167.767993][ T8223] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  167.777182][ T8223] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  167.786089][ T8223] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  168.186725][ T5772] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  168.372685][   T48] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.599029][   T48] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.805222][   T48] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  168.942148][   T48] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  169.197401][ T5086] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  169.207821][ T5086] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  169.215950][ T5086] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  169.225971][ T5086] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  169.234787][ T5086] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  169.251001][ T5086] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  169.271734][   T48] tipc: Disabling bearer <udp:syz2>
[  169.305374][   T48] tipc: Left network mode
[  169.340672][ T8263] loop7: detected capacity change from 0 to 32768
[  169.365841][ T8263] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 scanned by syz.7.648 (8263)
[  169.400157][ T8263] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  169.415688][ T8263] BTRFS info (device loop7): using sha256 (sha256-avx2) checksum algorithm
[  169.453646][ T8263] BTRFS info (device loop7): force clearing of disk cache
[  169.463037][ T8263] BTRFS info (device loop7): enabling auto defrag
[  169.488037][ T8263] BTRFS info (device loop7): max_inline at 0
[  169.495632][ T8263] BTRFS info (device loop7): enabling disk space caching
[  169.502755][ T8263] BTRFS info (device loop7): disk space caching is enabled
[  169.643961][ T8263] BTRFS info (device loop7): enabling ssd optimizations
[  169.665435][ T8263] BTRFS info (device loop7): rebuilding free space tree
[  169.672060][ T8292] loop5: detected capacity change from 0 to 1024
[  169.708825][ T8292] EXT4-fs: Ignoring removed bh option
[  169.724963][ T8295] loop6: detected capacity change from 0 to 8
[  169.725938][ T8263] BTRFS info (device loop7): disabling free space tree
[  169.733133][ T8295] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  169.738121][ T8263] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  169.754631][ T8263] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  169.769090][ T8292] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  169.850649][ T8295] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  169.966160][ T8266] chnl_net:caif_netlink_parms(): no params data found
[  169.980239][ T6994] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  170.050842][ T8301] ptrace attach of "./syz-executor exec"[8302] was attempted by "./syz-executor exec"[8301]
[  170.077648][ T7961] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  170.289750][ T8266] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.298030][ T8266] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.305312][ T8266] bridge_slave_0: entered allmulticast mode
[  170.312579][ T8266] bridge_slave_0: entered promiscuous mode
[  170.347085][ T8266] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.354344][ T8266] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.361538][ T8266] bridge_slave_1: entered allmulticast mode
[  170.369387][ T8266] bridge_slave_1: entered promiscuous mode
[  170.429417][ T8266] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  170.442640][ T8266] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  170.491422][ T8266] team0: Port device team_slave_0 added
[  170.517539][ T8266] team0: Port device team_slave_1 added
[  170.540606][ T8266] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.547774][ T8266] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.574571][ T8266] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  170.587345][ T8266] batman_adv: batadv0: Adding interface: batadv_slave_1
[  170.594366][ T8266] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.620371][ T8266] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  170.684503][ T8266] hsr_slave_0: entered promiscuous mode
[  170.690768][ T8266] hsr_slave_1: entered promiscuous mode
[  170.701684][ T8266] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  170.709505][ T8266] Cannot create hsr debugfs directory
[  170.734858][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  170.742315][   T48] batman_adv: batadv0: Removing interface: batadv_slave_0
[  170.750349][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  170.757831][   T48] batman_adv: batadv0: Removing interface: batadv_slave_1
[  170.766810][   T48] bridge_slave_1: left allmulticast mode
[  170.772451][   T48] bridge_slave_1: left promiscuous mode
[  170.778487][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.787020][   T48] bridge_slave_0: left allmulticast mode
[  170.792653][   T48] bridge_slave_0: left promiscuous mode
[  170.799722][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[  170.827543][   T48] veth1_macvtap: left promiscuous mode
[  170.833187][   T48] veth0_macvtap: left promiscuous mode
[  170.840192][   T48] veth1_vlan: left promiscuous mode
[  170.846100][   T48] veth0_vlan: left promiscuous mode
[  170.953788][   T48] bond1 (unregistering): (slave geneve2): Releasing active interface
[  171.090212][   T48] bond1 (unregistering): Released all slaves
[  171.362918][ T5086] Bluetooth: hci1: command tx timeout
[  171.499506][   T48] team0 (unregistering): Port device team_slave_1 removed
[  171.545884][   T48] team0 (unregistering): Port device team_slave_0 removed
[  171.591439][   T48] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  171.600349][   T48] bond_slave_1 (unregistering): left promiscuous mode
[  171.646652][   T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  171.655847][   T48] bond_slave_0 (unregistering): left promiscuous mode
[  172.159382][   T48] bond0 (unregistering): Released all slaves
[  172.480988][ T8266] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  172.493499][ T8266] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  172.503110][ T8266] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  172.512411][ T8266] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  172.604191][ T8266] 8021q: adding VLAN 0 to HW filter on device bond0
[  172.626119][ T8266] 8021q: adding VLAN 0 to HW filter on device team0
[  172.638980][ T3430] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.646104][ T3430] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.662185][ T3430] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.669328][ T3430] bridge0: port 2(bridge_slave_1) entered forwarding state
[  172.856076][ T8266] 8021q: adding VLAN 0 to HW filter on device batadv0
[  173.060646][ T8266] veth0_vlan: entered promiscuous mode
[  173.074356][ T8266] veth1_vlan: entered promiscuous mode
[  173.103198][ T8266] veth0_macvtap: entered promiscuous mode
[  173.111423][ T8266] veth1_macvtap: entered promiscuous mode
[  173.132992][ T8266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.143552][ T8266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.154032][ T8266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  173.166919][ T8266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.178635][ T8266] batman_adv: batadv0: Interface activated: batadv_slave_0
[  173.196327][ T8266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.207041][ T8266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.217065][ T8266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  173.229374][ T8266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  173.240745][ T8266] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.252032][ T8266] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.260734][ T8266] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.269604][ T8266] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.278476][ T8266] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.363943][ T1131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.373171][ T1131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.396338][ T3430] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.407380][ T3430] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.441867][ T5086] Bluetooth: hci1: command tx timeout
[  173.518330][ T8327] loop5: detected capacity change from 0 to 512
[  173.526220][ T8325] netlink: 28 bytes leftover after parsing attributes in process `syz.6.657'.
[  173.530231][ T8327] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  173.553548][ T8327] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c0a8, mo2=0002]
[  173.562469][ T8327] System zones: 1-12
[  173.568664][ T8327] EXT4-fs error (device loop5): ext4_xattr_inode_iget:440: inode #11: comm syz.5.658: missing EA_INODE flag
[  173.583379][ T8327] EXT4-fs (loop5): Remounting filesystem read-only
[  173.590037][ T8327] EXT4-fs (loop5): 1 orphan inode deleted
[  173.597215][ T8327] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.651103][ T6994] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.848834][   T27] audit: type=1326 audit(1750350243.346:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.5.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e178e929 code=0x7ffc0000
[  173.911682][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  173.921659][   T27] audit: type=1326 audit(1750350243.346:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.5.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e178e929 code=0x7ffc0000
[  174.071200][  T787] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  174.099063][   T27] audit: type=1326 audit(1750350243.346:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.5.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f62e178e929 code=0x7ffc0000
[  174.181306][   T27] audit: type=1326 audit(1750350243.396:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.5.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e178e929 code=0x7ffc0000
[  174.261292][   T27] audit: type=1326 audit(1750350243.396:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.5.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e178e929 code=0x7ffc0000
[  174.313932][  T787] usb 8-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  174.324903][  T787] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.351272][  T787] usb 8-1: Product: syz
[  174.355624][   T27] audit: type=1326 audit(1750350243.576:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.5.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f62e178e929 code=0x7ffc0000
[  174.380998][  T787] usb 8-1: Manufacturer: syz
[  174.391673][  T787] usb 8-1: SerialNumber: syz
[  174.422197][  T787] usb 8-1: config 0 descriptor??
[  174.441141][   T27] audit: type=1326 audit(1750350243.576:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.5.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e178e929 code=0x7ffc0000
[  174.512733][ T8346] tmpfs: Unknown parameter ',9…;Ð /üÙÿõ¦Ã.ÙXÿê‹+cVÐYàx9z-UûÏ�;ü¶åc a¼V¸”[IYLåð37•6™é–‰`ôƒ®4Lt�_éð…æC¾߶Îv—Ö¼ÅAÜ'
[  174.540941][   T27] audit: type=1326 audit(1750350243.576:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.5.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e178e929 code=0x7ffc0000
[  174.618250][   T27] audit: type=1326 audit(1750350243.586:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.5.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f62e178e929 code=0x7ffc0000
[  174.640981][    T0] NOHZ tick-stop error: local softirq work is pending, handler #c2!!!
[  174.661032][   T27] audit: type=1326 audit(1750350243.637:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8340 comm="syz.5.650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f62e172ab19 code=0x7ffc0000
[  174.843667][ T8343] loop6: detected capacity change from 0 to 32768
[  174.850445][  T787] usb 8-1: Firmware: major: 22, minor: 220, hardware type: UNKNOWN (68)
[  174.867233][ T8343] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop6 scanned by syz.6.653 (8343)
[  174.905949][ T8343] BTRFS info (device loop6): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  174.931208][ T8343] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm
[  174.950773][ T8343] BTRFS info (device loop6): using free space tree
[  175.017791][ T8343] BTRFS info (device loop6): enabling ssd optimizations
[  175.048155][ T8343] BTRFS info (device loop6): auto enabling async discard
[  175.061279][  T787] usb 8-1: no permanent extended address found, random address set
[  175.078323][  T787] usb 8-1: atusb_probe: initialization failed, error = -524
[  175.094192][  T787] atusb: probe of 8-1:0.0 failed with error -524
[  175.286459][   T23] usb 8-1: USB disconnect, device number 2
[  175.349445][ T7115] BTRFS info (device loop6): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  175.530640][ T5086] Bluetooth: hci1: command tx timeout
[  175.717923][ T8371] loop6: detected capacity change from 0 to 16
[  175.738359][ T8371] erofs: (device loop6): mounted with root inode @ nid 36.
[  176.053874][ T8378] loop7: detected capacity change from 0 to 8192
[  176.069039][ T8382] netlink: 96 bytes leftover after parsing attributes in process `syz.5.666'.
[  176.088317][ T8378] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  176.124610][ T8378] REISERFS (device loop7): found reiserfs format "3.6" with non-standard journal
[  176.164212][ T8378] REISERFS (device loop7): using ordered data mode
[  176.192679][ T8378] reiserfs: using flush barriers
[  176.223305][ T8378] REISERFS (device loop7): journal params: device loop7, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  176.258005][ T8378] REISERFS (device loop7): checking transaction log (loop7)
[  176.452427][ T8378] REISERFS (device loop7): Using tea hash to sort names
[  176.479154][ T8378] REISERFS (device loop7): Created .reiserfs_priv - reserved for xattr storage.
[  176.637270][ T8378] REISERFS warning (device loop7): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 1) not found (pos 2)
[  176.742739][ T8381] loop8: detected capacity change from 0 to 32768
[  176.871525][ T8386] loop5: detected capacity change from 0 to 32768
[  176.881497][ T8386] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop5 scanned by syz.5.669 (8386)
[  176.898602][ T8386] BTRFS info (device loop5): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  176.907385][ T8381] XFS (loop8): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  176.910857][ T8386] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  176.947554][ T8386] BTRFS info (device loop5): using free space tree
[  176.966477][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  176.995246][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  177.007219][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[  177.091662][ T8381] XFS (loop8): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  177.116643][ T8386] BTRFS info (device loop5): enabling ssd optimizations
[  177.144279][ T8386] BTRFS info (device loop5): auto enabling async discard
[  177.260500][ T8381] XFS (loop8): Starting recovery (logdev: internal)
[  177.334446][ T8381] XFS (loop8): Ending recovery (logdev: internal)
[  177.369269][ T8417] loop7: detected capacity change from 0 to 1024
[  177.384652][ T8417] EXT4-fs: Ignoring removed oldalloc option
[  177.390924][ T8417] EXT4-fs: Ignoring removed orlov option
[  177.416398][ T8417] EXT4-fs (loop7): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  177.459340][ T8417] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  177.531700][ T8266] XFS (loop8): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  177.553927][ T6994] BTRFS info (device loop5): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  177.556614][ T8417] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4036: comm syz.7.671: Allocating blocks 305-513 which overlap fs metadata
[  177.600363][ T5086] Bluetooth: hci1: command tx timeout
[  177.774253][ T7961] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.973220][ T8421] netlink: 8 bytes leftover after parsing attributes in process `syz.7.674'.
[  178.000166][ T8421] netlink: 'syz.7.674': attribute type 30 has an invalid length.
[  178.040301][ T8421] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  178.049083][ T8421] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  178.058308][ T8421] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  178.067112][ T8421] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  178.103885][ T8421] netlink: 8 bytes leftover after parsing attributes in process `syz.7.674'.
[  178.113880][ T8425] loop8: detected capacity change from 0 to 128
[  178.113909][ T8421] netlink: 'syz.7.674': attribute type 30 has an invalid length.
[  178.149931][ T8425] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[  178.210854][ T8431] netlink: 12 bytes leftover after parsing attributes in process `syz.5.672'.
[  178.238071][ T8431] netlink: 'syz.5.672': attribute type 15 has an invalid length.
[  178.270767][ T8431] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  178.279652][ T8431] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  178.288379][ T8431] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  178.297341][ T8431] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  178.318472][ T8431] vxlan0: entered promiscuous mode
[  178.783522][ T8446] loop8: detected capacity change from 0 to 8192
[  178.809650][ T8446] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  178.829640][ T8446] REISERFS (device loop8): found reiserfs format "3.6" with non-standard journal
[  178.844651][ T8446] REISERFS (device loop8): using ordered data mode
[  178.858102][ T8446] reiserfs: using flush barriers
[  178.870368][ T8446] REISERFS (device loop8): journal params: device loop8, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  178.904063][ T8446] REISERFS (device loop8): checking transaction log (loop8)
[  179.056217][ T8446] REISERFS (device loop8): Using tea hash to sort names
[  179.063736][ T8446] REISERFS (device loop8): Created .reiserfs_priv - reserved for xattr storage.
[  179.136130][ T8446] REISERFS warning (device loop8): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 1) not found (pos 2)
[  179.993075][ T8455] loop6: detected capacity change from 0 to 32768
[  180.051468][ T8459] loop8: detected capacity change from 0 to 32768
[  180.060048][ T8459] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop8 scanned by syz.8.684 (8459)
[  180.090201][ T8455] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  180.104999][ T8459] BTRFS info (device loop8): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  180.143499][ T8459] BTRFS info (device loop8): using blake2b (blake2b-256-generic) checksum algorithm
[  180.155351][ T8459] BTRFS info (device loop8): using free space tree
[  180.197257][ T8459] BTRFS info (device loop8): enabling ssd optimizations
[  180.206176][ T8459] BTRFS info (device loop8): auto enabling async discard
[  180.313877][ T8455] XFS (loop6): Ending clean mount
[  180.345054][ T8455] XFS (loop6): Quotacheck needed: Please wait.
[  180.386384][ T8455] XFS (loop6): Quotacheck: Done.
[  180.472206][   T27] kauditd_printk_skb: 400 callbacks suppressed
[  180.472219][   T27] audit: type=1800 audit(1750350249.980:568): pid=8455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.692" name="file2" dev="loop6" ino=9287 res=0 errno=0
[  180.536088][ T8266] BTRFS info (device loop8): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  180.546483][   T27] audit: type=1804 audit(1750350250.050:569): pid=8455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.692" name="/newroot/95/file0/file2" dev="loop6" ino=9287 res=1 errno=0
[  180.618233][   T27] audit: type=1800 audit(1750350250.050:570): pid=8455 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.692" name="file2" dev="loop6" ino=9287 res=0 errno=0
[  180.677443][ T7115] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  181.501331][ T8508] loop5: detected capacity change from 0 to 8192
[  181.524980][ T8508] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  181.538369][ T8508] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal
[  181.547711][ T8508] REISERFS (device loop5): using ordered data mode
[  181.554371][ T8508] reiserfs: using flush barriers
[  181.563710][ T8508] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  181.580617][ T8508] REISERFS (device loop5): checking transaction log (loop5)
[  181.785739][ T8508] REISERFS (device loop5): Using tea hash to sort names
[  181.793415][ T8508] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[  181.969707][ T8508] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 1) not found (pos 2)
[  182.255991][ T8517] loop6: detected capacity change from 0 to 1024
[  182.303902][ T8517] EXT4-fs: Ignoring removed oldalloc option
[  182.336259][ T8517] EXT4-fs: Ignoring removed orlov option
[  182.359201][ T8517] EXT4-fs (loop6): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  182.417420][ T8517] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.649979][ T8517] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4036: comm syz.6.689: Allocating blocks 497-513 which overlap fs metadata
[  182.836559][ T7115] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.869293][ T8531] netlink: 'syz.8.702': attribute type 10 has an invalid length.
[  182.892028][ T8520] loop5: detected capacity change from 0 to 32768
[  182.898730][ T8531] netlink: 40 bytes leftover after parsing attributes in process `syz.8.702'.
[  182.926831][ T8531] dummy0: entered promiscuous mode
[  182.939957][ T8531] bridge0: port 3(dummy0) entered blocking state
[  182.953435][ T8531] bridge0: port 3(dummy0) entered disabled state
[  182.961859][ T8535] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input17
[  182.961997][ T8520] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  182.988043][ T8531] dummy0: entered allmulticast mode
[  182.995805][ T8531] bridge0: port 3(dummy0) entered blocking state
[  183.002330][ T8531] bridge0: port 3(dummy0) entered forwarding state
[  183.152848][ T8520] XFS (loop5): Ending clean mount
[  183.185109][ T8520] XFS (loop5): Quotacheck needed: Please wait.
[  183.246253][ T8520] XFS (loop5): Quotacheck: Done.
[  183.341919][   T27] audit: type=1800 audit(1750350252.851:571): pid=8520 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.699" name="file2" dev="loop5" ino=9287 res=0 errno=0
[  183.392856][   T27] audit: type=1804 audit(1750350252.901:572): pid=8520 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.699" name="/newroot/91/file0/file2" dev="loop5" ino=9287 res=1 errno=0
[  183.451463][   T27] audit: type=1800 audit(1750350252.901:573): pid=8520 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.699" name="file2" dev="loop5" ino=9287 res=0 errno=0
[  183.692255][ T6994] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  183.699692][ T8555] loop7: detected capacity change from 0 to 8192
[  183.719555][ T8555] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  183.733491][ T8555] REISERFS (device loop7): found reiserfs format "3.6" with non-standard journal
[  183.743233][ T8555] REISERFS (device loop7): using ordered data mode
[  183.750092][ T8555] reiserfs: using flush barriers
[  183.776755][ T8555] REISERFS (device loop7): journal params: device loop7, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  183.817859][ T8555] REISERFS (device loop7): checking transaction log (loop7)
[  184.006082][ T8555] REISERFS (device loop7): Using tea hash to sort names
[  184.027483][ T8555] REISERFS (device loop7): Created .reiserfs_priv - reserved for xattr storage.
[  184.126294][ T8555] REISERFS warning (device loop7): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 1) not found (pos 2)
[  184.647736][ T8573] netlink: 'syz.5.714': attribute type 4 has an invalid length.
[  185.746924][ T8594] loop5: detected capacity change from 0 to 8192
[  185.748294][ T8580] loop7: detected capacity change from 0 to 32768
[  185.759312][ T8594] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  185.774083][ T8594] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal
[  185.789756][ T8594] REISERFS (device loop5): using ordered data mode
[  185.815462][ T8594] reiserfs: using flush barriers
[  185.832902][ T8580] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  185.843311][ T8594] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  185.885521][ T8594] REISERFS (device loop5): checking transaction log (loop5)
[  186.025286][ T8580] XFS (loop7): Ending clean mount
[  186.036696][ T8580] XFS (loop7): Quotacheck needed: Please wait.
[  186.102681][ T8594] REISERFS (device loop5): Using tea hash to sort names
[  186.118347][ T8594] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[  186.128096][ T8580] XFS (loop7): Quotacheck: Done.
[  186.185157][   T27] audit: type=1800 audit(1750350255.693:574): pid=8580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.716" name="file2" dev="loop7" ino=9287 res=0 errno=0
[  186.241614][   T27] audit: type=1804 audit(1750350255.753:575): pid=8580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.716" name="/newroot/23/file0/file2" dev="loop7" ino=9287 res=1 errno=0
[  186.293606][ T8594] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 1) not found (pos 2)
[  186.315455][   T27] audit: type=1800 audit(1750350255.753:576): pid=8580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.716" name="file2" dev="loop7" ino=9287 res=0 errno=0
[  186.399543][ T7961] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  186.790856][ T8620] loop7: detected capacity change from 0 to 512
[  186.812841][ T8620] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.825862][ T8620] ext4 filesystem being mounted at /24/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  186.909005][ T7961] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.054815][    T9] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  187.234707][    T9] usb 6-1: Using ep0 maxpacket: 8
[  187.241153][    T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  187.251074][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  187.260873][    T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 4915, setting to 1024
[  187.272017][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  187.282172][    T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  187.295481][    T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  187.304648][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.529257][    T9] usb 6-1: GET_CAPABILITIES returned 0
[  187.534937][    T9] usbtmc 6-1:16.0: can't read capabilities
[  187.747419][  T787] usb 6-1: USB disconnect, device number 6
[  188.842098][ T8650] loop8: detected capacity change from 0 to 8192
[  188.852142][ T8650] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  188.868996][ T5825] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  188.877985][ T8650] REISERFS (device loop8): found reiserfs format "3.6" with non-standard journal
[  188.888770][ T8650] REISERFS (device loop8): using ordered data mode
[  188.895444][ T8650] reiserfs: using flush barriers
[  188.903826][ T8650] REISERFS (device loop8): journal params: device loop8, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  188.921785][ T8650] REISERFS (device loop8): checking transaction log (loop8)
[  189.025631][ T8650] REISERFS (device loop8): Using tea hash to sort names
[  189.035462][ T8650] REISERFS (device loop8): Created .reiserfs_priv - reserved for xattr storage.
[  189.073847][ T5825] usb 7-1: Using ep0 maxpacket: 16
[  189.086144][ T5825] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.105902][ T5825] usb 7-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  189.125348][ T5825] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.167407][ T8655] loop7: detected capacity change from 0 to 512
[  189.178038][ T5825] usb 7-1: config 0 descriptor??
[  189.211957][ T8650] REISERFS warning (device loop8): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 1) not found (pos 2)
[  189.229333][ T8655] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  189.279401][ T8655] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.324236][ T8655] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  189.522805][ T7961] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.607315][ T5825] input: HID 05ac:8241 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/0003:05AC:8241.0006/input/input18
[  189.745334][ T5825] appleir 0003:05AC:8241.0006: input,hiddev0,hidraw0: USB HID v0.05 Device [HID 05ac:8241] on usb-dummy_hcd.6-1/input0
[  189.833580][ T5825] usb 7-1: USB disconnect, device number 6
[  190.169451][ T8660] loop8: detected capacity change from 0 to 32768
[  190.182856][ T8660] (syz.8.737,8660,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  190.197908][ T8660] (syz.8.737,8660,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  190.224379][ T8660] JBD2: Ignoring recovery information on journal
[  190.252416][ T8660] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  190.390848][ T8266] ocfs2: Unmounting device (7,8) on (node local)
[  190.433314][  T787] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  190.625032][  T787] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  190.663464][  T787] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  190.683120][  T787] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  190.698466][  T787] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.723461][ T8664] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  190.737863][ T8676] loop8: detected capacity change from 0 to 256
[  190.745698][  T787] usb 6-1: Quirk or no altest; falling back to MIDI 1.0
[  190.752861][ T8676] exFAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  190.752907][ T8676] exFAT-fs (loop8): Medium has reported failures. Some data may be lost.
[  190.810494][ T8676] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x43c9847d, utbl_chksum : 0xe619d30d)
[  191.097398][    T9] usb 6-1: USB disconnect, device number 7
[  191.285082][ T8684] loop8: detected capacity change from 0 to 8192
[  191.297067][ T8684] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  191.312813][ T8684] REISERFS (device loop8): found reiserfs format "3.6" with non-standard journal
[  191.331980][ T8684] REISERFS (device loop8): using ordered data mode
[  191.340591][ T8684] reiserfs: using flush barriers
[  191.353057][ T8684] REISERFS (device loop8): journal params: device loop8, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  191.367096][ T8682] loop7: detected capacity change from 0 to 32768
[  191.379700][ T8684] REISERFS (device loop8): checking transaction log (loop8)
[  191.394602][ T8682] (syz.7.753,8682,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  191.420281][ T8682] (syz.7.753,8682,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  191.470391][ T8682] JBD2: Ignoring recovery information on journal
[  191.507890][ T8684] REISERFS (device loop8): Using tea hash to sort names
[  191.536555][ T8684] REISERFS (device loop8): Created .reiserfs_priv - reserved for xattr storage.
[  191.589344][ T8682] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  191.736996][ T8684] REISERFS warning (device loop8): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 1) not found (pos 2)
[  191.973017][ T7961] ocfs2: Unmounting device (7,7) on (node local)
[  192.422099][   T23] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  192.643860][   T23] usb 8-1: Using ep0 maxpacket: 16
[  192.655160][   T23] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.680991][   T23] usb 8-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  192.701130][   T23] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.722461][   T23] usb 8-1: config 0 descriptor??
[  192.786054][ T8703] loop8: detected capacity change from 0 to 32768
[  192.794662][ T8703] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 scanned by syz.8.749 (8703)
[  192.813756][ T8703] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  192.813848][ T8703] BTRFS info (device loop8): using sha256 (sha256-avx2) checksum algorithm
[  192.813951][ T8703] BTRFS info (device loop8): force clearing of disk cache
[  192.813979][ T8703] BTRFS info (device loop8): enabling auto defrag
[  192.814059][ T8703] BTRFS info (device loop8): max_inline at 0
[  192.814079][ T8703] BTRFS info (device loop8): enabling disk space caching
[  192.814092][ T8703] BTRFS info (device loop8): disk space caching is enabled
[  192.906208][ T8703] BTRFS info (device loop8): enabling ssd optimizations
[  192.916594][ T8703] BTRFS info (device loop8): rebuilding free space tree
[  192.938669][ T8703] BTRFS info (device loop8): disabling free space tree
[  192.953222][ T8703] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  192.966685][ T8703] BTRFS info (device loop8): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  193.120815][ T8266] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  193.149011][   T23] input: HID 05ac:8241 as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/0003:05AC:8241.0007/input/input19
[  193.258361][   T23] appleir 0003:05AC:8241.0007: input,hiddev0,hidraw0: USB HID v0.05 Device [HID 05ac:8241] on usb-dummy_hcd.7-1/input0
[  193.326616][ T8730] loop5: detected capacity change from 0 to 128
[  193.346088][ T8730] EXT4-fs: Ignoring removed nobh option
[  193.393768][ T8730] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  193.400857][   T23] usb 8-1: USB disconnect, device number 3
[  193.433049][ T8730] ext4 filesystem being mounted at /107/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  193.526059][ T6994] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  193.697335][ T8737] loop5: detected capacity change from 0 to 8192
[  193.714448][ T8737] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  193.731467][ T8737] REISERFS (device loop5): found reiserfs format "3.6" with non-standard journal
[  193.751116][ T8737] REISERFS (device loop5): using ordered data mode
[  193.759168][ T8737] reiserfs: using flush barriers
[  193.782024][ T8737] REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  193.798803][ T8737] REISERFS (device loop5): checking transaction log (loop5)
[  193.873042][ T8737] REISERFS (device loop5): Using tea hash to sort names
[  193.883258][ T8737] REISERFS (device loop5): Created .reiserfs_priv - reserved for xattr storage.
[  193.931974][ T5818] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  193.955612][ T8737] REISERFS warning (device loop5): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 1) not found (pos 2)
[  194.149164][ T5818] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  194.171016][ T5818] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  194.190459][ T5818] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  194.212167][ T5818] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.249758][ T8740] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  194.264236][ T5818] usb 7-1: Quirk or no altest; falling back to MIDI 1.0
[  194.273424][ T8749] loop5: detected capacity change from 0 to 2048
[  194.286909][ T8749] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  194.294813][ T8749] UDF-fs: Scanning with blocksize 512 failed
[  194.304935][ T8749] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  194.318773][ T8752] netlink: 12 bytes leftover after parsing attributes in process `syz.8.765'.
[  194.328327][ T8752] netlink: 'syz.8.765': attribute type 15 has an invalid length.
[  194.351818][ T8752] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  194.360574][ T8752] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  194.369379][ T8752] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  194.378621][ T8752] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  194.388009][ T8752] vxlan0: entered promiscuous mode
[  194.405159][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  194.411578][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  194.563901][  T787] usb 7-1: USB disconnect, device number 7
[  194.879678][ T8756] loop5: detected capacity change from 0 to 32768
[  194.886918][ T8754] loop7: detected capacity change from 0 to 32768
[  194.889513][ T8756] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.766 (8756)
[  194.912172][ T8756] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  194.930849][ T8756] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  194.939523][   T27] audit: type=1800 audit(1750350264.447:577): pid=8754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.774" name="file1" dev="loop7" ino=4 res=0 errno=0
[  194.961003][ T8756] BTRFS info (device loop5): force clearing of disk cache
[  194.968175][ T8756] BTRFS info (device loop5): enabling auto defrag
[  194.975119][ T8756] BTRFS info (device loop5): max_inline at 0
[  194.981190][ T8756] BTRFS info (device loop5): enabling disk space caching
[  194.988909][ T8756] BTRFS info (device loop5): disk space caching is enabled
[  195.027812][ T8756] BTRFS info (device loop5): enabling ssd optimizations
[  195.038770][ T8756] BTRFS info (device loop5): rebuilding free space tree
[  195.055274][ T8756] BTRFS info (device loop5): disabling free space tree
[  195.066610][ T8756] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  195.076334][ T8756] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  195.188216][ T6994] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  195.193286][ T8773] loop8: detected capacity change from 0 to 128
[  195.208531][ T8773] EXT4-fs: Ignoring removed nobh option
[  195.218646][ T8773] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  195.231129][ T8773] ext4 filesystem being mounted at /32/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  195.316788][ T8266] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  195.686077][ T8788] loop5: detected capacity change from 0 to 16
[  195.686315][ T8782] loop6: detected capacity change from 0 to 8192
[  195.696191][ T8788] erofs: (device loop5): mounted with root inode @ nid 36.
[  195.719468][ T8788] syz.5.773: attempt to access beyond end of device
[  195.719468][ T8788] loop5: rw=0, sector=14546590680, nr_sectors = 16 limit=16
[  195.735022][ T8782] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  195.742637][ T8788] erofs: (device loop5): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  195.748220][   T23] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  195.767988][ T8788] syz.5.773: attempt to access beyond end of device
[  195.767988][ T8788] loop5: rw=0, sector=296, nr_sectors = 8 limit=16
[  195.781609][ T8782] REISERFS (device loop6): found reiserfs format "3.6" with non-standard journal
[  195.799619][ T8782] REISERFS (device loop6): using ordered data mode
[  195.807554][ T8782] reiserfs: using flush barriers
[  195.819605][ T8788] erofs: (device loop5): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  195.840306][ T8782] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  195.856994][ T8788] erofs: (device loop5): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  195.880653][ T8782] REISERFS (device loop6): checking transaction log (loop6)
[  195.970307][   T23] usb 9-1: Using ep0 maxpacket: 16
[  195.980647][   T23] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.010424][   T23] usb 9-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  196.019504][   T23] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.037574][   T23] usb 9-1: config 0 descriptor??
[  196.085018][ T8782] REISERFS (device loop6): Using tea hash to sort names
[  196.099305][ T8782] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage.
[  196.254914][ T8782] REISERFS warning (device loop6): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 1) not found (pos 2)
[  196.471824][   T23] input: HID 05ac:8241 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:05AC:8241.0008/input/input20
[  196.568863][   T23] appleir 0003:05AC:8241.0008: input,hiddev0,hidraw0: USB HID v0.05 Device [HID 05ac:8241] on usb-dummy_hcd.8-1/input0
[  196.628177][ T8790] syz.5.773 (8790): drop_caches: 2
[  196.796249][   T23] usb 9-1: USB disconnect, device number 2
[  197.044637][ T8802] netlink: 12 bytes leftover after parsing attributes in process `syz.7.778'.
[  197.055178][ T8802] netlink: 'syz.7.778': attribute type 15 has an invalid length.
[  197.076712][ T8802] vxlan2: entered promiscuous mode
[  197.166259][ T8798] loop6: detected capacity change from 0 to 32768
[  197.185948][   T27] audit: type=1800 audit(1750350266.698:578): pid=8798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.777" name="file1" dev="loop6" ino=4 res=0 errno=0
[  197.544908][ T8806] loop6: detected capacity change from 0 to 32768
[  197.552989][ T8806] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 scanned by syz.6.779 (8806)
[  197.567224][ T8806] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  197.577508][ T8806] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm
[  197.586244][ T8806] BTRFS info (device loop6): force clearing of disk cache
[  197.594404][ T8806] BTRFS info (device loop6): enabling auto defrag
[  197.601705][ T8806] BTRFS info (device loop6): max_inline at 0
[  197.607704][ T8806] BTRFS info (device loop6): enabling disk space caching
[  197.614815][ T8806] BTRFS info (device loop6): disk space caching is enabled
[  197.638740][ T8806] BTRFS info (device loop6): enabling ssd optimizations
[  197.647072][ T8806] BTRFS info (device loop6): rebuilding free space tree
[  197.659821][ T8806] BTRFS info (device loop6): disabling free space tree
[  197.666913][ T8806] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  197.677625][ T8806] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  197.755846][ T7115] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  197.992472][ T8833] loop8: detected capacity change from 0 to 16
[  198.013604][ T8833] erofs: (device loop8): mounted with root inode @ nid 36.
[  198.044509][ T8833] syz.8.784: attempt to access beyond end of device
[  198.044509][ T8833] loop8: rw=0, sector=14546590680, nr_sectors = 16 limit=16
[  198.097768][ T8834] erofs: (device loop8): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  198.137807][ T8834] syz.8.784: attempt to access beyond end of device
[  198.137807][ T8834] loop8: rw=0, sector=296, nr_sectors = 8 limit=16
[  198.166957][ T8837] loop6: detected capacity change from 0 to 128
[  198.178826][ T8834] erofs: (device loop8): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  198.184737][ T8837] EXT4-fs: Ignoring removed nobh option
[  198.219203][ T8834] erofs: (device loop8): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  198.240211][ T5818] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  198.377352][ T8842] netlink: 1343 bytes leftover after parsing attributes in process `syz.5.787'.
[  198.389946][ T8833] syz.8.784 (8833): drop_caches: 2
[  198.415637][ T8837] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  198.437465][ T8837] ext4 filesystem being mounted at /116/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  198.450974][ T5818] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  198.469231][ T5818] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  198.492077][ T5818] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  198.510426][ T5818] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.548086][ T8831] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  198.564816][ T5818] usb 8-1: Quirk or no altest; falling back to MIDI 1.0
[  198.578395][ T7115] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  198.639525][ T8850] hsr0: entered promiscuous mode
[  198.645238][ T8850] netlink: 4 bytes leftover after parsing attributes in process `syz.6.792'.
[  198.654668][ T8850] hsr_slave_0: left promiscuous mode
[  198.660719][ T8850] hsr_slave_1: left promiscuous mode
[  198.692661][ T8850] hsr0 (unregistering): left promiscuous mode
[  198.818195][   T23] usb 8-1: USB disconnect, device number 4
[  198.841209][   T28] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  198.989963][ T8858] netlink: 12 bytes leftover after parsing attributes in process `syz.6.794'.
[  199.022864][ T8858] netlink: 'syz.6.794': attribute type 15 has an invalid length.
[  199.043926][ T8858] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  199.052866][ T8858] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  199.061646][ T8858] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  199.070432][ T8858] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  199.082182][   T28] usb 9-1: Using ep0 maxpacket: 16
[  199.089785][ T8858] vxlan0: entered promiscuous mode
[  199.097018][   T28] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  199.108307][   T28] usb 9-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  199.127482][   T28] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.138123][   T28] usb 9-1: config 0 descriptor??
[  199.572686][   T28] input: HID 05ac:8241 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:05AC:8241.0009/input/input21
[  199.693209][   T28] appleir 0003:05AC:8241.0009: input,hiddev0,hidraw0: USB HID v0.05 Device [HID 05ac:8241] on usb-dummy_hcd.8-1/input0
[  199.892460][   T28] usb 9-1: USB disconnect, device number 3
[  200.436328][ T8873] netlink: 4 bytes leftover after parsing attributes in process `syz.5.797'.
[  200.489819][   T27] audit: type=1326 audit(1750350269.930:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8867 comm="syz.6.806" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd6be98e929 code=0x0
[  200.745010][ T8871] loop7: detected capacity change from 0 to 40427
[  200.757991][ T8871] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  200.765827][ T8871] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  200.777182][ T8871] F2FS-fs (loop7): invalid crc value
[  200.797043][ T8871] F2FS-fs (loop7): Found nat_bits in checkpoint
[  200.844696][ T8871] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  200.852110][ T8871] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  200.902369][ T8871] F2FS-fs (loop7): Stopped filesystem due to reason: 0
[  201.169040][ T8885] loop7: detected capacity change from 0 to 16
[  201.179879][ T8885] erofs: (device loop7): mounted with root inode @ nid 36.
[  201.194161][ T8885] syz.7.800: attempt to access beyond end of device
[  201.194161][ T8885] loop7: rw=0, sector=14546590680, nr_sectors = 16 limit=16
[  201.212048][ T8885] erofs: (device loop7): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  201.221654][ T8885] syz.7.800: attempt to access beyond end of device
[  201.221654][ T8885] loop7: rw=0, sector=296, nr_sectors = 8 limit=16
[  201.234696][ T8885] erofs: (device loop7): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  201.243444][ T8885] erofs: (device loop7): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  201.542233][ T8885] syz.7.800 (8885): drop_caches: 2
[  201.657055][ T8892] loop7: detected capacity change from 0 to 128
[  201.678283][ T8892] EXT4-fs: Ignoring removed nobh option
[  201.705405][ T8892] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  201.735219][ T8892] ext4 filesystem being mounted at /43/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  201.740322][ T8891] loop8: detected capacity change from 0 to 4096
[  201.763741][   T27] audit: type=1326 audit(1750350271.270:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8888 comm="syz.5.812" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f62e178e929 code=0x0
[  201.814861][ T7961] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  201.925188][ T8901] loop6: detected capacity change from 0 to 512
[  201.947287][ T8901] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  201.992141][ T8901] EXT4-fs (loop6): 1 truncate cleaned up
[  202.006263][ T8901] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.190247][ T7115] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.286105][ T8909] netlink: 'syz.6.809': attribute type 1 has an invalid length.
[  202.341354][ T8909] 8021q: adding VLAN 0 to HW filter on device bond1
[  202.409785][ T8913] bond1: (slave geneve2): making interface the new active one
[  202.439032][ T8913] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  202.687683][ T8919] loop5: detected capacity change from 0 to 16
[  202.711614][ T8921] loop6: detected capacity change from 0 to 16
[  202.719034][ T8919] erofs: (device loop5): mounted with root inode @ nid 36.
[  202.735029][ T8921] erofs: (device loop6): mounted with root inode @ nid 36.
[  202.752967][   T27] audit: type=1800 audit(1750350272.271:581): pid=8919 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.816" name="file1" dev="loop5" ino=86 res=0 errno=0
[  202.827783][ T8921] syz.6.815: attempt to access beyond end of device
[  202.827783][ T8921] loop6: rw=0, sector=14546590680, nr_sectors = 16 limit=16
[  202.864242][ T8921] erofs: (device loop6): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  202.897113][ T8921] syz.6.815: attempt to access beyond end of device
[  202.897113][ T8921] loop6: rw=0, sector=296, nr_sectors = 8 limit=16
[  202.930031][ T8921] erofs: (device loop6): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  202.939741][ T8922] syz.6.815 (8922): drop_caches: 2
[  202.952141][ T8921] erofs: (device loop6): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  202.992384][ T8915] loop7: detected capacity change from 0 to 32768
[  203.058733][   T27] audit: type=1800 audit(1750350272.581:582): pid=8915 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.813" name="file1" dev="loop7" ino=4 res=0 errno=0
[  203.216357][ T8926] loop6: detected capacity change from 0 to 512
[  203.299604][ T8926] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.340225][ T8926] ext4 filesystem being mounted at /125/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  203.468574][   T27] audit: type=1326 audit(1750350272.981:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8929 comm="syz.5.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e178e929 code=0x7ffc0000
[  203.474024][ T8932] loop8: detected capacity change from 0 to 128
[  203.501633][   T27] audit: type=1326 audit(1750350272.981:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8929 comm="syz.5.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62e178e929 code=0x7ffc0000
[  203.525424][ T8930] loop5: detected capacity change from 0 to 512
[  203.526755][   T27] audit: type=1326 audit(1750350273.021:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8929 comm="syz.5.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f62e178e929 code=0x7ffc0000
[  203.542887][ T8930] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  203.554905][   T27] audit: type=1326 audit(1750350273.021:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8929 comm="syz.5.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f62e178e963 code=0x7ffc0000
[  203.586226][   T27] audit: type=1326 audit(1750350273.021:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8929 comm="syz.5.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f62e178d3df code=0x7ffc0000
[  203.609548][   T27] audit: type=1326 audit(1750350273.021:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8929 comm="syz.5.819" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f62e178e9b7 code=0x7ffc0000
[  203.610090][ T8932] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  203.670081][ T8932] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  203.693860][ T7115] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.703334][ T8930] EXT4-fs (loop5): 1 truncate cleaned up
[  203.715689][ T8930] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.835855][ T8937] loop7: detected capacity change from 0 to 512
[  203.848712][ T8266] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  203.850325][ T8937] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  203.890906][ T8937] EXT4-fs (loop7): 1 truncate cleaned up
[  203.927571][ T8937] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.973027][ T6994] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.113778][ T7961] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  204.245839][ T8950] loop8: detected capacity change from 0 to 16
[  204.253818][ T8950] erofs: (device loop8): mounted with root inode @ nid 36.
[  204.270874][ T8950] syz.8.826: attempt to access beyond end of device
[  204.270874][ T8950] loop8: rw=0, sector=14546590680, nr_sectors = 16 limit=16
[  204.288559][ T8950] erofs: (device loop8): z_erofs_do_map_blocks: invalid logical cluster 0 at nid 36
[  204.300577][ T8950] syz.8.826: attempt to access beyond end of device
[  204.300577][ T8950] loop8: rw=0, sector=296, nr_sectors = 8 limit=16
[  204.321730][ T8950] erofs: (device loop8): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  204.330562][ T8950] erofs: (device loop8): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  204.354318][ T8950] syz.8.826 (8950): drop_caches: 2
[  204.431450][   T28] usb 6-1: new full-speed USB device number 8 using dummy_hcd
[  204.439356][   T23] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[  204.471199][ T8956] netlink: 4 bytes leftover after parsing attributes in process `syz.8.828'.
[  204.496877][ T8956] hsr_slave_0: left promiscuous mode
[  204.515029][ T8956] hsr_slave_1: left promiscuous mode
[  204.629486][   T23] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  204.637859][   T28] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  204.648210][   T23] usb 7-1: config 0 has no interface number 0
[  204.656401][   T28] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  204.675994][   T23] usb 7-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  204.685069][   T23] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.696394][   T28] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  204.705453][   T28] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.718673][   T23] usb 7-1: config 0 descriptor??
[  204.724155][   T28] usb 6-1: Product: syz
[  204.733264][   T23] usb 7-1: selecting invalid altsetting 1
[  204.739323][   T28] usb 6-1: Manufacturer: syz
[  204.743930][   T28] usb 6-1: SerialNumber: syz
[  204.755960][   T23] dvb_ttusb_budget: ttusb_init_controller: error
[  204.762331][   T23] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  204.862401][   T23] DVB: Unable to find symbol cx22700_attach()
[  204.958477][   T23] DVB: Unable to find symbol tda10046_attach()
[  204.964717][   T23] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  204.985292][   T28] usb 6-1: 0:2 : does not exist
[  205.005847][   T28] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  205.015174][   T23] usb 7-1: USB disconnect, device number 8
[  205.053976][   T28] usb 6-1: USB disconnect, device number 8
[  205.215291][ T8958] loop8: detected capacity change from 0 to 32768
[  205.447665][ T8965] loop7: detected capacity change from 0 to 128
[  205.460013][ T8965] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  205.474562][ T8965] ext4 filesystem being mounted at /51/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  205.537223][ T7961] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  205.657812][   T27] kauditd_printk_skb: 25 callbacks suppressed
[  205.657826][   T27] audit: type=1326 audit(1750350275.182:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.7.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1e358e929 code=0x7ffc0000
[  205.707888][ T8970] loop7: detected capacity change from 0 to 512
[  205.719994][   T27] audit: type=1326 audit(1750350275.182:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.7.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1e358e929 code=0x7ffc0000
[  205.743208][   T27] audit: type=1326 audit(1750350275.212:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.7.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fb1e358e929 code=0x7ffc0000
[  205.772701][  T112] ==================================================================
[  205.780802][  T112] BUG: KASAN: slab-use-after-free in jfs_lazycommit+0x753/0xa60
[  205.788463][  T112] Read of size 4 at addr ffff888024dcda94 by task jfsCommit/112
[  205.788640][   T27] audit: type=1326 audit(1750350275.212:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.7.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb1e358e963 code=0x7ffc0000
[  205.796077][  T112] 
[  205.796098][  T112] CPU: 0 PID: 112 Comm: jfsCommit Not tainted 6.6.94-syzkaller #0
[  205.796113][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  205.796130][  T112] Call Trace:
[  205.796137][  T112]  <TASK>
[  205.796148][  T112]  dump_stack_lvl+0x16c/0x230
[  205.819134][   T27] audit: type=1326 audit(1750350275.212:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.7.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb1e358d3df code=0x7ffc0000
[  205.820398][  T112]  ? __lock_acquire+0x7c80/0x7c80
[  205.820422][  T112]  ? show_regs_print_info+0x20/0x20
[  205.856244][   T27] audit: type=1326 audit(1750350275.212:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.7.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fb1e358e9b7 code=0x7ffc0000
[  205.871029][  T112]  ? load_image+0x3b0/0x3b0
[  205.871058][  T112]  ? __virt_addr_valid+0x469/0x540
[  205.871079][  T112]  print_report+0xac/0x230
[  205.871098][  T112]  ? jfs_lazycommit+0x753/0xa60
[  205.871116][  T112]  kasan_report+0x117/0x150
[  205.871134][  T112]  ? _raw_spin_lock_irqsave+0xb4/0xf0
[  205.871158][  T112]  ? jfs_lazycommit+0x753/0xa60
[  205.871178][  T112]  jfs_lazycommit+0x753/0xa60
[  205.871197][  T112]  ? txFreelock+0x5a0/0x5a0
[  205.871213][  T112]  ? do_task_dead+0xd0/0xd0
[  205.871227][  T112]  ? __kthread_parkme+0x7a/0x1c0
[  205.871249][  T112]  kthread+0x2fa/0x390
[  205.871261][  T112]  ? txFreelock+0x5a0/0x5a0
[  205.898355][   T27] audit: type=1326 audit(1750350275.232:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.7.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb1e358d290 code=0x7ffc0000
[  205.903463][  T112]  ? kthread_blkcg+0xd0/0xd0
[  205.903485][  T112]  ret_from_fork+0x48/0x80
[  205.918546][   T27] audit: type=1326 audit(1750350275.232:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.7.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb1e358e52b code=0x7ffc0000
[  205.922298][  T112]  ? kthread_blkcg+0xd0/0xd0
[  205.922320][  T112]  ret_from_fork_asm+0x11/0x20
[  205.941025][   T27] audit: type=1326 audit(1750350275.352:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.7.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb1e358d58a code=0x7ffc0000
[  205.941745][  T112]  </TASK>
[  205.953042][   T27] audit: type=1326 audit(1750350275.352:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8969 comm="syz.7.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb1e358d58a code=0x7ffc0000
[  205.955611][  T112] 
[  205.955625][  T112] Allocated by task 8958:
[  205.955642][  T112]  kasan_set_track+0x4e/0x70
[  205.955664][  T112]  __kasan_kmalloc+0x8f/0xa0
[  205.955680][  T112]  jfs_fill_super+0xd6/0xac0
[  205.955697][  T112]  mount_bdev+0x22b/0x2d0
[  205.955712][  T112]  legacy_get_tree+0xea/0x180
[  205.955731][  T112]  vfs_get_tree+0x8c/0x280
[  205.955746][  T112]  do_new_mount+0x24b/0xa40
[  205.955761][  T112]  __se_sys_mount+0x2da/0x3c0
[  205.955777][  T112]  do_syscall_64+0x55/0xb0
[  205.955796][  T112]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  206.035718][ T8970] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  206.048710][  T112] 
[  206.048717][  T112] Freed by task 8266:
[  206.048725][  T112]  kasan_set_track+0x4e/0x70
[  206.048748][  T112]  kasan_save_free_info+0x2e/0x50
[  206.048768][  T112]  ____kasan_slab_free+0x126/0x1e0
[  206.048783][  T112]  slab_free_freelist_hook+0x130/0x1b0
[  206.048797][  T112]  __kmem_cache_free+0xba/0x1f0
[  206.048808][  T112]  generic_shutdown_super+0x134/0x2b0
[  206.048823][  T112]  kill_block_super+0x44/0x90
[  206.048837][  T112]  deactivate_locked_super+0x97/0x100
[  206.048851][  T112]  cleanup_mnt+0x429/0x4c0
[  206.048865][  T112]  task_work_run+0x1ce/0x250
[  206.048882][  T112]  exit_to_user_mode_loop+0xe6/0x110
[  206.048900][  T112]  exit_to_user_mode_prepare+0xb1/0x140
[  206.203364][  T112]  syscall_exit_to_user_mode+0x1a/0x50
[  206.208834][  T112]  do_syscall_64+0x61/0xb0
[  206.213260][  T112]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  206.219161][  T112] 
[  206.221486][  T112] Last potentially related work creation:
[  206.227197][  T112]  kasan_save_stack+0x3e/0x60
[  206.231880][  T112]  __kasan_record_aux_stack+0xaf/0xc0
[  206.237264][  T112]  call_rcu+0x14f/0x920
[  206.241434][  T112]  vlan_device_event+0x254/0x1cf0
[  206.246467][  T112]  notifier_call_chain+0x197/0x390
[  206.251593][  T112]  __dev_notify_flags+0x18e/0x2e0
[  206.256628][  T112]  dev_change_flags+0xe8/0x1a0
[  206.259456][ T8970] EXT4-fs (loop7): 1 truncate cleaned up
[  206.261383][  T112]  do_setlink+0xc74/0x3fb0
[  206.261403][  T112]  rtnl_newlink+0x10af/0x2020
[  206.261416][  T112]  rtnetlink_rcv_msg+0x7c7/0xf10
[  206.268478][ T8970] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  206.271415][  T112]  netlink_rcv_skb+0x216/0x480
[  206.271440][  T112]  netlink_unicast+0x750/0x8c0
[  206.271459][  T112]  netlink_sendmsg+0x8c1/0xbe0
[  206.307686][  T112]  ____sys_sendmsg+0x5bf/0x950
[  206.312455][  T112]  ___sys_sendmsg+0x220/0x290
[  206.317137][  T112]  __se_sys_sendmsg+0x1a5/0x270
[  206.321992][  T112]  do_syscall_64+0x55/0xb0
[  206.326418][  T112]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  206.332326][  T112] 
[  206.334649][  T112] Second to last potentially related work creation:
[  206.341236][  T112]  kasan_save_stack+0x3e/0x60
[  206.345929][  T112]  __kasan_record_aux_stack+0xaf/0xc0
[  206.351303][  T112]  call_rcu+0x14f/0x920
[  206.355460][  T112]  fib_release_info+0x688/0x740
[  206.360301][  T112]  fib_table_flush+0x9a7/0x11b0
[  206.365156][  T112]  fib_disable_ip+0xfd/0x170
[  206.369738][  T112]  fib_netdev_event+0x31f/0x490
[  206.374566][  T112]  notifier_call_chain+0x197/0x390
[  206.379659][  T112]  dev_close_many+0x297/0x400
[  206.384316][  T112]  unregister_netdevice_many_notify+0x4c1/0x1810
[  206.390631][  T112]  default_device_exit_batch+0x9cb/0xa60
[  206.396261][  T112]  cleanup_net+0x77f/0xb90
[  206.400656][  T112]  process_scheduled_works+0xa45/0x15b0
[  206.406179][  T112]  worker_thread+0xa55/0xfc0
[  206.410753][  T112]  kthread+0x2fa/0x390
[  206.414807][  T112]  ret_from_fork+0x48/0x80
[  206.419212][  T112]  ret_from_fork_asm+0x11/0x20
[  206.423989][  T112] 
[  206.426324][  T112] The buggy address belongs to the object at ffff888024dcda00
[  206.426324][  T112]  which belongs to the cache kmalloc-256 of size 256
[  206.440452][  T112] The buggy address is located 148 bytes inside of
[  206.440452][  T112]  freed 256-byte region [ffff888024dcda00, ffff888024dcdb00)
[  206.454228][  T112] 
[  206.456551][  T112] The buggy address belongs to the physical page:
[  206.462947][  T112] page:ffffea0000937300 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24dcc
[  206.473077][  T112] head:ffffea0000937300 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  206.481987][  T112] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  206.489966][  T112] page_type: 0xffffffff()
[  206.494292][  T112] raw: 00fff00000000840 ffff888017841b40 ffffea0000c0ac00 dead000000000004
[  206.502861][  T112] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  206.511421][  T112] page dumped because: kasan: bad access detected
[  206.517821][  T112] page_owner tracks the page as allocated
[  206.523513][  T112] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5772, tgid 5772 (syz-executor), ts 70858173251, free_ts 70857326093
[  206.544852][  T112]  post_alloc_hook+0x1cd/0x210
[  206.549615][  T112]  get_page_from_freelist+0x195c/0x19f0
[  206.555148][  T112]  __alloc_pages+0x1e3/0x460
[  206.559720][  T112]  alloc_slab_page+0x5d/0x170
[  206.564380][  T112]  new_slab+0x87/0x2e0
[  206.568430][  T112]  ___slab_alloc+0xc6d/0x12f0
[  206.573089][  T112]  __kmem_cache_alloc_node+0x1a2/0x260
[  206.578527][  T112]  __kmalloc+0xa4/0x240
[  206.582664][  T112]  fib_create_info+0xa61/0x2460
[  206.587496][  T112]  fib_table_insert+0xc7/0x1b50
[  206.592330][  T112]  fib_magic+0x2c5/0x390
[  206.596550][  T112]  fib_add_ifaddr+0x38d/0x5e0
[  206.601209][  T112]  fib_netdev_event+0x389/0x490
[  206.606044][  T112]  notifier_call_chain+0x197/0x390
[  206.611140][  T112]  __dev_notify_flags+0x18e/0x2e0
[  206.616151][  T112]  dev_change_flags+0xe8/0x1a0
[  206.620898][  T112] page last free stack trace:
[  206.625546][  T112]  free_unref_page_prepare+0x7ce/0x8e0
[  206.631078][  T112]  free_unref_page+0x32/0x2e0
[  206.635739][  T112]  __unfreeze_partials+0x1cf/0x210
[  206.640834][  T112]  put_cpu_partial+0x17c/0x250
[  206.645580][  T112]  __slab_free+0x31d/0x410
[  206.649977][  T112]  qlist_free_all+0x75/0xe0
[  206.654460][  T112]  kasan_quarantine_reduce+0x143/0x160
[  206.659898][  T112]  __kasan_slab_alloc+0x22/0x80
[  206.664732][  T112]  slab_post_alloc_hook+0x6e/0x4d0
[  206.669823][  T112]  __kmem_cache_alloc_node+0x13e/0x260
[  206.675261][  T112]  kmalloc_trace+0x2a/0xe0
[  206.679658][  T112]  netdevice_event+0x3a2/0x890
[  206.684403][  T112]  notifier_call_chain+0x197/0x390
[  206.689495][  T112]  dev_set_mac_address+0x377/0x4b0
[  206.694592][  T112]  dev_set_mac_address_user+0x31/0x50
[  206.699952][  T112]  do_setlink+0x871/0x3fb0
[  206.704348][  T112] 
[  206.706651][  T112] Memory state around the buggy address:
[  206.712257][  T112]  ffff888024dcd980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  206.720298][  T112]  ffff888024dcda00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  206.728338][  T112] >ffff888024dcda80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  206.736392][  T112]                          ^
[  206.740964][  T112]  ffff888024dcdb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  206.749009][  T112]  ffff888024dcdb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  206.757055][  T112] ==================================================================
[  206.765119][  T112] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  206.772311][  T112] CPU: 0 PID: 112 Comm: jfsCommit Not tainted 6.6.94-syzkaller #0
[  206.780105][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  206.790153][  T112] Call Trace:
[  206.793423][  T112]  <TASK>
[  206.796343][  T112]  dump_stack_lvl+0x16c/0x230
[  206.801016][  T112]  ? show_regs_print_info+0x20/0x20
[  206.806201][  T112]  ? load_image+0x3b0/0x3b0
[  206.810693][  T112]  panic+0x2c0/0x710
[  206.814575][  T112]  ? bpf_jit_dump+0xd0/0xd0
[  206.819063][  T112]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  206.824942][  T112]  ? _raw_spin_unlock+0x40/0x40
[  206.829777][  T112]  ? print_memory_metadata+0x314/0x400
[  206.835223][  T112]  ? jfs_lazycommit+0x753/0xa60
[  206.840057][  T112]  check_panic_on_warn+0x84/0xa0
[  206.844978][  T112]  ? jfs_lazycommit+0x753/0xa60
[  206.849828][  T112]  end_report+0x6f/0x140
[  206.854070][  T112]  kasan_report+0x128/0x150
[  206.858568][  T112]  ? _raw_spin_lock_irqsave+0xb4/0xf0
[  206.863942][  T112]  ? jfs_lazycommit+0x753/0xa60
[  206.868792][  T112]  jfs_lazycommit+0x753/0xa60
[  206.873462][  T112]  ? txFreelock+0x5a0/0x5a0
[  206.877953][  T112]  ? do_task_dead+0xd0/0xd0
[  206.882444][  T112]  ? __kthread_parkme+0x7a/0x1c0
[  206.887375][  T112]  kthread+0x2fa/0x390
[  206.891449][  T112]  ? txFreelock+0x5a0/0x5a0
[  206.895954][  T112]  ? kthread_blkcg+0xd0/0xd0
[  206.900547][  T112]  ret_from_fork+0x48/0x80
[  206.904950][  T112]  ? kthread_blkcg+0xd0/0xd0
[  206.909526][  T112]  ret_from_fork_asm+0x11/0x20
[  206.914284][  T112]  </TASK>
[  206.917546][  T112] Kernel Offset: disabled
[  206.921854][  T112] Rebooting in 86400 seconds..