last executing test programs:

9.447602489s ago: executing program 4 (id=681):
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000240)=0x9, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x11f, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x87, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x51, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, [{0x18, 0x0, '\x00\x00'}, {0x18, 0x7, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e3406"}]}}}}}}, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
epoll_create1(0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r3, &(0x7f0000000040)="05000000010000", 0x7)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff})
close_range(r4, 0xffffffffffffffff, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000180)=[{0x0}], 0x1)
r5 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1e, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000040), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r6, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4)

8.399467611s ago: executing program 4 (id=682):
semop(0x0, &(0x7f0000000180)=[{0x0, 0xffff}, {0x1, 0xffff, 0x1800}], 0x2)

8.268875455s ago: executing program 4 (id=684):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r2, r1, &(0x7f00000000c0)=0x58, 0x9)
write(r2, 0x0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000740)={{r3}, &(0x7f0000000400), &(0x7f0000000440)='%+9llu \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000017007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000006800010000000000000000000a0000000000000014000880100008800c000200000000000000000008000500", @ANYRES32=r5, @ANYBLOB="0600070009"], 0x3c}}, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000001280)='./file1\x00', 0x40942, 0x0)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000280)={0x0, 0x0, 0xe705, 0x2})
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@bloom_filter={0x1e, 0x3, 0x5, 0x7, 0x8001, r3, 0x87fc, '\x00', r5, r1, 0x0, 0x4, 0x4, 0xe, @value=r6, @void, @void, @value}, 0x50)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}, {&(0x7f0000000a00)=""/242, 0xf2}, {&(0x7f0000001140)=""/4055, 0xfd7}, {&(0x7f00000006c0)=""/235, 0xeb}, {&(0x7f00000007c0)=""/191, 0xbf}, {&(0x7f0000000500)=""/211, 0xd3}, {&(0x7f0000000940)=""/183, 0xb7}, {&(0x7f0000000340)=""/36, 0x24}, {&(0x7f0000002140)=""/4096, 0x1000}, {&(0x7f0000004680)=""/4094, 0xffe}, {&(0x7f0000000cc0)=""/88, 0x58}], 0xb}, 0x0)

7.440761557s ago: executing program 1 (id=687):
keyctl$setperm(0x5, 0x0, 0x9290101)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000000)={[{@init_itable_val={'init_itable', 0x3d, 0x4}}, {@nombcache}]}, 0x1, 0x589, &(0x7f0000000bc0)="$eJzs3U9oHGUbAPBnJsnXr22+Ly0oqPRQVKhQukn6R6un9CoWCj0IXuKy2YaQTTZmN7UJPaT3IhYUlV7qTUGPiogH8eLRqxfFsyBaVJoeJDLZ3bRNsnGTdncl+/vBbOZ939l93jezz7szywwbQM86mj2kEU9GxIUkYui+tv6oNx6tbbdy+2rhbn8UklhdvfhrEklE3Ll9tdDYPqn/PRgRyxHxRER8MxBxPN0ct7K4NJ0vlYrz9fJwdWZuuLK4dGJqJj9ZnCzOnnrhxTNnT58ZPTn6yMZ6/ccbb13/7uVbNz7+9Mhy4d18EmMxWG+7fxyPUu1/MhBjG+pPtyNYFyXd7gC70lfP84GIeDyGoq+e9cDet7ovYhXoUcmO839/mDNgL2gcB2Tnv43lgQOE5fYef/xyrnYCksVdqS+1lv7adxPx37VzkwO/Jw+cmWTnm4fa2zV6wPK1iBjp79/8/k/q77/dG3kUHaStvj5X21Gb93+a7f83Pqlvt3H+GWx8d/qQGvPfyqb5L12f//qazH8XWozx12s/fdA0/rWIp7aMn6zHT7aIn0bE6y3Gv/nqF2ebta1+GHEsto7fkGz//fDwpalScaT2uGWMr44deWm78R9oEn9sm/FndXMtjv/zbz97utnHaBb/uWe23/9bxc+Owd9uMf7hOx+90qwtiz/RZPzbxc/qbrUY//mxoz+0uCkAAAAAAAAAALAD6dq1bEmaW19P01yudg/vY3EgLZUr1eOXyguzE7Vr3g7FQNq40mqoVk6y8mj9etxG+eSG8qmIOBwR7/TtXyvnCuXSRLcHDwAAAAAAAAAAAAAAAAAAAP8SBzfc//9HX+3+f6BH+Mlv6F3yH3rXg/mfdK0fQOf5/IfeJf+hdzXL/7tfdrgjQMc1/fwf6Gw/gM5z/A+9S/5D75L/0LvkPwAAAAAAAAAAAAAAAAAAAAAAAAAAtMWF8+ezZfXu7auFrDxxeXFhunz5xESxMp2bWSjkCuX5udxkuTxZKuYK5Zl/er1SuTw3ErMLV4arxUp1uLK4ND5TXpitjk/N5CeL40W/KAIAAAAAAAAAAAAAAAAAAACbDa4tSZqLiHRtPU1zuYj/RcShGEguTZWKIxHx/4j4vm9gX1Ye7XanAQAAAAAAAAAAAAAAAAAAYI+pLC5N50ul4vz2K2kL2+y9lYhY3lCzs9cZ/7Nzfc46u6unJ8sPFT2Jbu8mK2168wMAAAAAAAAAAAAAAAAAAB1176bfHT7xWps6BAAAAAAAAAAAAAAAAAAAAD0p/Tl7TCLi2NCzgxtb/5Os9K39jYg3b15870q+Wp0fzep/W6+vvl+vP9mF7gMta+RpI48BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAeyqLS9P5Uqk4v8uVfS28TpeHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALArfwcAAP//VB3RbA==")
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = openat$cuse(0xffffff9c, &(0x7f0000000040), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001180)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_POLL(r3, &(0x7f0000000100)={0x18, 0xfffffffffffffffe, r4}, 0x18)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f00002e0000/0x3000)=nil, 0x3000, 0x65)
keyctl$setperm(0x5, 0x0, 0x9290101) (async)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x0, &(0x7f0000000000)={[{@init_itable_val={'init_itable', 0x3d, 0x4}}, {@nombcache}]}, 0x1, 0x589, &(0x7f0000000bc0)="$eJzs3U9oHGUbAPBnJsnXr22+Ly0oqPRQVKhQukn6R6un9CoWCj0IXuKy2YaQTTZmN7UJPaT3IhYUlV7qTUGPiogH8eLRqxfFsyBaVJoeJDLZ3bRNsnGTdncl+/vBbOZ939l93jezz7szywwbQM86mj2kEU9GxIUkYui+tv6oNx6tbbdy+2rhbn8UklhdvfhrEklE3Ll9tdDYPqn/PRgRyxHxRER8MxBxPN0ct7K4NJ0vlYrz9fJwdWZuuLK4dGJqJj9ZnCzOnnrhxTNnT58ZPTn6yMZ6/ccbb13/7uVbNz7+9Mhy4d18EmMxWG+7fxyPUu1/MhBjG+pPtyNYFyXd7gC70lfP84GIeDyGoq+e9cDet7ovYhXoUcmO839/mDNgL2gcB2Tnv43lgQOE5fYef/xyrnYCksVdqS+1lv7adxPx37VzkwO/Jw+cmWTnm4fa2zV6wPK1iBjp79/8/k/q77/dG3kUHaStvj5X21Gb93+a7f83Pqlvt3H+GWx8d/qQGvPfyqb5L12f//qazH8XWozx12s/fdA0/rWIp7aMn6zHT7aIn0bE6y3Gv/nqF2ebta1+GHEsto7fkGz//fDwpalScaT2uGWMr44deWm78R9oEn9sm/FndXMtjv/zbz97utnHaBb/uWe23/9bxc+Owd9uMf7hOx+90qwtiz/RZPzbxc/qbrUY//mxoz+0uCkAAAAAAAAAALAD6dq1bEmaW19P01yudg/vY3EgLZUr1eOXyguzE7Vr3g7FQNq40mqoVk6y8mj9etxG+eSG8qmIOBwR7/TtXyvnCuXSRLcHDwAAAAAAAAAAAAAAAAAAAP8SBzfc//9HX+3+f6BH+Mlv6F3yH3rXg/mfdK0fQOf5/IfeJf+hdzXL/7tfdrgjQMc1/fwf6Gw/gM5z/A+9S/5D75L/0LvkPwAAAAAAAAAAAAAAAAAAAAAAAAAAtMWF8+ezZfXu7auFrDxxeXFhunz5xESxMp2bWSjkCuX5udxkuTxZKuYK5Zl/er1SuTw3ErMLV4arxUp1uLK4ND5TXpitjk/N5CeL40W/KAIAAAAAAAAAAAAAAAAAAACbDa4tSZqLiHRtPU1zuYj/RcShGEguTZWKIxHx/4j4vm9gX1Ye7XanAQAAAAAAAAAAAAAAAAAAYI+pLC5N50ul4vz2K2kL2+y9lYhY3lCzs9cZ/7Nzfc46u6unJ8sPFT2Jbu8mK2168wMAAAAAAAAAAAAAAAAAAB1176bfHT7xWps6BAAAAAAAAAAAAAAAAAAAAD0p/Tl7TCLi2NCzgxtb/5Os9K39jYg3b15870q+Wp0fzep/W6+vvl+vP9mF7gMta+RpI48BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAeyqLS9P5Uqk4v8uVfS28TpeHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALArfwcAAP//VB3RbA==") (async)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
getpid() (async)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)) (async)
openat$cuse(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
read$FUSE(0xffffffffffffffff, &(0x7f0000001180)={0x2020}, 0x2020) (async)
write$FUSE_POLL(r3, &(0x7f0000000100)={0x18, 0xfffffffffffffffe, r4}, 0x18) (async)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
madvise(&(0x7f00002e0000/0x3000)=nil, 0x3000, 0x65) (async)

7.370745212s ago: executing program 4 (id=689):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
fstat(r1, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000000c0)={[], [{@uid_lt}]}, 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000001900)={0xfffffffc, 0x0, 0x0, 0x0, 0x0, "d5b8436ac5b4830b5e45ceab0793262fc3fe62"})
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf9, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
finit_module(0xffffffffffffffff, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r5 = syz_open_dev$rtc(&(0x7f0000000040), 0x0, 0x0)
ioctl$RTC_SET_TIME(r5, 0x4024700a, &(0x7f0000000000)={0x16, 0x33, 0x80000010, 0x1a, 0x6, 0x0, 0x4, 0x3e})
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
close_range(r6, 0xffffffffffffffff, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000000)='/dev/audio#\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, &(0x7f0000000040)='/dev/full\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0)

6.416757023s ago: executing program 1 (id=691):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@RTM_NEWMDB={0x38, 0x54, 0x1e5, 0x0, 0x0, {0x7, r2}, [@MDBA_SET_ENTRY={0x20, 0x1, {r4, 0x1, 0x0, 0x4, {@in6_addr=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x86dd}}}]}, 0x38}}, 0x0) (fail_nth: 3)

6.016558258s ago: executing program 2 (id=695):
semop(0x0, &(0x7f0000000180)=[{0x0, 0xffff}, {0x1, 0xffff, 0x1800}], 0x2)

4.396975795s ago: executing program 1 (id=696):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, r0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
socket$inet_tcp(0x2, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)

4.221910874s ago: executing program 3 (id=699):
r0 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
listen(r0, 0xc)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r1, &(0x7f0000e5c000)={0x2, 0x4e20, @local}, 0x10)
getsockopt$inet_int(r1, 0x10d, 0xe, &(0x7f0000000240), &(0x7f0000000080)=0x4)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000400)='./bus\x00', 0x800, &(0x7f0000000840)=ANY=[], 0x1, 0x36e, &(0x7f0000000880)="$eJzs3c9rI2UYwPEnaZpMumyTgygK0ge96GVoq2c1yC6IAZfuRtwVhNntREPGpMyESERsPXkVb/4DgsseFzwsqP9AL97WixdP9iIIuog4Mr/SJJ00aTZL0/b7gTZP8r7PzPvmF88byJuD9776uFn3zLrVkayhkhEReSRSlqwkMtFFXlLsycuX/nz4/PWbt96uVKtXtlSvVm68sqmqq2s/fPJZMe72oCD75Q8OxPht/+n9Zw/+u/FRw9OGp612Ry293f61Y912bN1ueE1T9ZpjW56tjZZnu1F7O2qvO+2dnZ5are3LKzuu7XlqtXratHvaaWvH7an1odVoqWmaenklbbjnmDFDTu3u1pZVmfGEd2bMw7z94/v+Mc2uW7GWRMzikZba3Sc6LgAAsJBG6v9vkhqhLNl+QZmJ1wL5MB5eBgT1fxKH9X+wWDis/++98FPn0rv3V+P6/0E+rf5/9Zcof6j+D84+9/r/u5HrRyuiM2/3JJ0fq/7HYlgbfkX+frhijwX1f/Bq6K/ov3j/3noYUP8DAAAAAAAAAAAAAAAAAAAAAHAWPPL9ku/7peQy+Tv8CkF8Pbl23BeNceaMe/wL8Y4C/ecDzqXrN2+JEX5xL7cq4nzZrXVr0WXcnnRcl5L8Gz4fYtGGE3thowbK8qOz260txwlL4f+KiIojtmxIScpD+WF89a3qlQ2NRPnh+Xe7tUxuJcivSyPM35SSPJWev5man5eXXhzIN6UkP9+RtjiyHb+PJfmfb6i++U51JL8Y9kvz+pN9SAAAAAAAmDtT1YiXz+Xh9W+0fjdN1bT2YC0vg+vzo58P9NfX66nr81zpudzpzh0AAAAAgIvCy3/atBzHdr3e2KAok/oU4qONNOVkwpGDIDdFn6HgYRgsH9dnaWCG0x45H/+CxrTDcL2eTD3mJPirIKl3ZrKF61CTkX6vThkk85+is3HSh8D1siefu+16a8F4dKbpDATJx0bj+si1WY88Lkh2zp3U+Zmvv/17tlNk4l17B5teu29MmGkYZEZu2ZvwpP3D9yeOZzn93eL7WX5kBgAAAMCCSIr+opfc8sbpDggAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAtortukjQlOe44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAovg/AAD//5h69bA=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1000, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r5, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x400, &(0x7f00000001c0))
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000200)='./file0\x00', 0x0, 0x0, 0x2001008, 0x0)
mount$bind(&(0x7f0000000600)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
memfd_create(&(0x7f00000005c0)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x99\xd9\x89\xab\xf8P\xacYt]\xa3\xed\xfa\xd2\n\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9],t\'V|u\x86\x14s>p1\xcd\x1e\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xf5\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x13\x02\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xd6\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
dup(r6)

4.120829109s ago: executing program 4 (id=700):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x80000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = userfaultfd(0x1)
r3 = epoll_create1(0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x7d})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
madvise(&(0x7f00000ee000/0x2000)=nil, 0x2000, 0x8)
read(r2, &(0x7f0000000380)=""/167, 0xa7)
ioctl$UFFDIO_WRITEPROTECT(r2, 0xc018aa06, &(0x7f0000000080)={{&(0x7f00002ad000/0x3000)=nil, 0x3000}, 0x1})
epoll_pwait(r3, &(0x7f0000000140)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x9, 0x1f, &(0x7f0000000000)={[0x3]}, 0x8)
ptrace$poke(0x4, 0x0, &(0x7f00000000c0), 0x833)
getgid()
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000500)='./file0\x00', 0x21000e, &(0x7f0000000080), 0x1, 0x4f4, &(0x7f0000000540)="$eJzs3V9rHGsZAPBnNtljeppjctSL44FzPHiOpEW7mzS2DV60FcS7glLva0g2IWSTDdlN24QiKX4AQUQLXnnljeAHEKQfQQoFvRcVRbTVCy/UkZmdtMmy26SY3S2b3w/enXdmd+Z53t3s7Px5MxPAmfVRRNyMiLGIuBgRU8X0UlFiv12y1z1/9mApK0mk6e2/JZEU0yKvHTxGnC9mm2gPumru7q0v1uu17WK82trYqjZ39y6tbSyu1lZrm/Pzc1cXri1cWZg9lXZm7br+jT/9+Ac//+b1X3/l3u/v/OXC97J8J4vn2+04fe33pJy9Fy+MR8R2P4INwVjRnvKwEwEA4ESy7bfPRMQX8+3/qRjLt+ZyNukAAABgRKQ3JuPfSUQKAAAAjKwbeR/YpFQp+vtORqlUqbT78H4u3i7VG83Wl1caO5vL7b6y01EurazVa7NFn9rpKCfZ+Fxefzl+uWN8PiLejYgfTZ3LxytLjfrysA9+AAAAwBlxvmP//59T7f1/AAAAYMRMDzsBAAAAoO967f8nA84DAAAA6B/n/wEAAGCkfevWraykB/e/Xr67u7PeuHtpudZcr2zsLFWWGttbldVGYzW/Zt/GccurNxpbX43NnfvVVq3ZqjZ39+5sNHY2W3fWjtwCGwAAABigd7/w+HdJROx/7VxeMm9lD2M9ZtBXAEZG6XVe/Mf+5QEMXq+feWD0jQ87AWB49oedADBsRy710WWj4HDnnSPHDH7Tv5wAAIDTNfP57uf/s12A8rCTA/rqtc7/AyPF+X84u17z/P+TfuUBDF7ZFgCcecfd6qPnxTtOfP4/TY9dFgAA0FeTeUlKleJc4GSUSpVKxDv5v/qXk5W1em02Ij4dEb+dKn8qG5/L50zcHhAAAAAAAAAAAAAAAAAAAAAAAAAATihNk0gBAACAkRZR+nNS3P9rZuqTyc7jA28l/5rKhxFx76e3f3J/sdXansum//3F9NajYvrlYRzBAAAAADod7Kcf7McDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGl6/uzB0kEZZNy/fj0iprvFH4+JfDgR5Yh4+x9JjB+aL4mIsVOIv/8wIt7rFj/J0orpIovO+KWIODeY+B+kado1/vlTiA9n2eNs/XOz2/evFB/lw+7f//Gi/L96r/9KL9Z/Yz3Wf++cMMb7T39Z7Rn/YcT7493XPwfxkx7xP+62wC5vyne/s7fXK376s4iZrr8/yZFY1dbGVrW5u3dpbWNxtbZa25yfn7u6cG3hysJsdWWtXiseu8b44Qe/+m/HpP+kbXn7o0f86WPa/0lWKR9uTGeYItjT+88+266WOxaRx7/wcffP/71XxM/+Jr5U/A5kz88c1Pfb9cM+/MWTD7smVsRf7tH+4z7/C70W2uHit7//hxO+FAAYgObu3vpivV7b7nvlUZqmg4ql8gZWJt6MNFSOr5zGkS0AAOBN83Kjf9iZAAAAAAAAAAAAAAAAAAAAwNnV3I1Svy8n1hlzfzhNBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4pf8FAAD//0KX4lI=")
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, &(0x7f0000000540)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@dfltgid}, {@noextend}, {@version_9p2000}, {@access_any}]}})
setsockopt$XDP_RX_RING(0xffffffffffffffff, 0x11b, 0x2, 0x0, 0x0)

3.34720975s ago: executing program 2 (id=702):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000001e00)={'lo\x00'})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'pim6reg0\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="5000000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="43b000a13aadf600280012800b00010067656e657665000018000280"], 0x50}}, 0x0)

3.132975858s ago: executing program 3 (id=703):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket(0x2, 0x80805, 0x0)
socket$inet(0x2, 0x80001, 0x84)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000001400), 0x208e24b)
fdatasync(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5}, 0x20)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000001140)={r5, @in6={{0xa, 0x4e22, 0xd93, @private2, 0x7}}, 0x7, 0x1000, 0x5, 0x10, 0x24, 0x1, 0x4}, 0x9c)
getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r2, 0x84, 0x11, &(0x7f0000000100)=""/4096, &(0x7f0000001100)=0x1000)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
r6 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={r7, 0x9, 0x3, 0x2, 0xc10, 0x1}, 0x14)

3.05862452s ago: executing program 2 (id=704):
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="666c7573682c6e6f646f74732c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c646d61736b3d30303030303030303030303030303030303030303137372c646f74732c6e6f646f74732c71756965742c646f74732c0023c3cb4d2e3cbf18508098ee0de2af38db67d42d1bc4ab714d52f019082433fc9ca2d7174b2c4e5531c9f4c7a4d53914e100"/167], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$inet6(0xa, 0x1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6}]})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
socket(0x2, 0x80805, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f0000000440)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}, @multicast, @val={@void, {0x8100, 0x4, 0x0, 0x2}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @multicast1, @broadcast}, {0x400, 0x4e20, 0x8}}}}}, 0x0)

2.816986574s ago: executing program 3 (id=706):
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x1a, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="660a00000000000061114c00000000008500000055000000950000000000000021eaad64f57ef70fc120e12496f09716c7ded35921c3546a76b827b64cab653098b251b4c26695746c5747ed2f9ff9dcb0c21d5ae09528f9d8e00b5b2f963df2f40def339df36bdc1278385d3407063b7f77cdd2f7029879e77be996b7dc1c1e704a4a4d6a68d874e93c884e79a2f4647a969c120923a68aba06b872f207b1155b0284335d1ca86b696eb8d1da466eddf05fe2c70a46ef5064a8a3561e23a95e384cf6f2b187158738d3896417af7a2f082a877341be256ccb6b4447d90f294e40c8f2acdc7d71c90c932292a00407b964202f6549de9bb87ae81af6e46e5a5020087822765c9dab75ff0e49ed6367b7561f2040b168a08e13721227f55d3df2925d708e21c2178e77690eb823c69a8f015dd3616eb8f581d5c90466db474cecbcf3ff85082d4b16a577c276bcb020794dc7"], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x8002, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r0, 0x0, 0x0}, 0x20)

2.620865988s ago: executing program 3 (id=707):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="01000000d6000000090000000100000000000000", @ANYRES32, @ANYBLOB="000000000000000000000015ff000000000000000306912f62e70f05641a76607ce0933ac84572250196dd3866a2d3e95a346da93cf620fcc18221ce9eaa823a7b64b1a8400616256d6129f6d2e7f7a78fc54315cf494d4c04f4304da9d00bf110b1ea33054b6be8a9534ebc", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0200437e2ca4f8f1f0796cc398183499000000002bfb1b447fa64ba9a46e6470180000000000000000"], 0x50)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x4e21, 0x0, @mcast1, 0x200}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0x24, &(0x7f0000000000), 0x4)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000280)={0x42, 0x1}, 0x10)
r4 = openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000300), 0x2, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x42, 0x0, 0x0)
write$cgroup_type(r4, &(0x7f00000001c0), 0x9)
bind$tipc(r1, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000640)="3a0000000020a6829d7edfd642070000004747c0483f565abe71a830f76e6057577d3a034748c4043a777284bed2ff2267fd12153d733a1abede05b6edad1f709e764d01516966a193735951cbb62aaa61bed7d6b2064cf4b32052766c591074dba742d124cb32a27141f964ff9967a46305c421b6b8621437744db3b851f29fac6483941ff1bb24bc16b6713067843237b90cb65db0598d53dde092d0f3289d5fc00b4531faaff50f8c217d263f47b185cb9b278a22c76f75ca42d732e951790cc254fc3b2dbbf4ed808c4c3d8abb005f428db23f461aee294ce8062f28e4584c182d8ae33cbd65c1fac6897fece66355f972ff0af28fc30b5922a41f11d048bc09464570d75756", &(0x7f0000000780)="1decdc97b1550ec474ea933e04f6765bccf578a683727607d7d160fa03f6c4ac65ee311707b1375f80d7ee2df601f3da956652657a2de3b244cacf00000000aceb0f671cfdd92c6d644176f3452aa5b4ffd3a972485e8a18d6e8c596e2a3a2baf10c034f35c62050ab11c9fa882622cf080b0000000000008dbc6ba92132700641b8a0d983bab11d8f29c4c937278e10436cfded7474bbe3d6521f3589bca8a2afa3ac7275c3fb2442f16ce89fb79ff03bdc5ce1363c31cd9279b2c7627f2c058ff99da24079c6880d8a05fdc3b7c1b145a523fee0385acfdd94cd5f0c5ef48420d7015582b0950fefe87d705eb958381c94671cb79caf4422cfe24b6c9180dd759d6d67ef39442f6cc416130b9b2c6d5e62a6c7369a344fe3617c026a777992e7dc56692abcd460c51f6af5bc1a5369db", 0x8, r0, 0x4}, 0x38)
r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0)
write$nbd(r6, &(0x7f0000000240)=ANY=[@ANYBLOB="0100000000000000000000000000200082b0cfc4337965941538be02000000000000200000007400a391793ba7f40000000000fdf700"/64], 0x40)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r0, &(0x7f0000003300)="a7", &(0x7f0000000380)=""/174}, 0x20)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000540))
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
dup3(r8, r7, 0x0)
r9 = syz_io_uring_setup(0x2fe2, &(0x7f0000000440)={0x0, 0xd3ce, 0x0, 0x0, 0x8000}, &(0x7f00000002c0), &(0x7f0000000140)=<r10=>0x0)
syz_io_uring_setup(0x43b7, &(0x7f00000004c0)={0x0, 0xb504, 0xc1, 0x2000}, &(0x7f0000000180)=<r11=>0x0, &(0x7f0000000380))
syz_io_uring_submit(r11, r10, &(0x7f00000001c0)=@IORING_OP_REMOVE_BUFFERS={0x1f, 0x6, 0x0, 0xffffffe1, 0x0, 0x0, 0x0, 0x0, 0x1, {0x1}})
io_uring_enter(r9, 0x381b, 0x0, 0x0, 0x0, 0x0)
r12 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, r12, 0x0)

1.923511847s ago: executing program 0 (id=708):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r0, &(0x7f00000014c0)=ANY=[], 0x46b)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="f1", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}, {&(0x7f0000000e80)='\b', 0x1}], 0x5}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000002c0)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d1d0b90c8997e6917226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9", 0x9e}], 0x1}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000a40)="bd2f6aa36cea0e62ac00a4539dd80281164750339fcc3cd1f7bb1b74e98dbbe81e997d4847ee5d06a72e6f1c6b8a873c7ea7760f102483b578526af9775e51b84818d03da7", 0x45}, {&(0x7f0000000740)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc487553859348d48e6fc49d81c71590cd542e796cc2669e2c691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b95e269169f5f7b51dd5319b8016623d1863d7d77ceefde94faf2e36c3920581691a79a6678db1e5e7fa1ca703ee7aa87272e9c4", 0xae}], 0x2}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000b80)="1ee88f78de7d57006d8ffa3f1d92c228a43f6c86558705d98691e6344fa3745cc92c1f80fc01a77c28bb77872fc4", 0x2e}, {&(0x7f0000001bc0)="5c89eeb1aa86c6f680f09cc1c1d4bc5fc6a067d295afd3aa97af3d777b81db48f9ceb270e506af840503c6fbf20760e4cd8df9c220cd0728585229123d5c61507d", 0x41}], 0x2}}], 0x3, 0x0)

1.838796862s ago: executing program 0 (id=709):
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, 0x0, 0x0, 0x0)

1.7487907s ago: executing program 3 (id=710):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
fstat(r1, 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000000c0)={[], [{@uid_lt}]}, 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000001900)={0xfffffffc, 0x0, 0x0, 0x0, 0x0, "d5b8436ac5b4830b5e45ceab0793262fc3fe62"})
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf9, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@metacopy_on}], [], 0x2c})
finit_module(0xffffffffffffffff, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r5 = syz_open_dev$rtc(&(0x7f0000000040), 0x0, 0x0)
ioctl$RTC_SET_TIME(r5, 0x4024700a, &(0x7f0000000000)={0x16, 0x33, 0x80000010, 0x1a, 0x6, 0x0, 0x4, 0x3e})
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
close_range(r6, 0xffffffffffffffff, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, &(0x7f0000000000)='/dev/audio#\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, &(0x7f0000000040)='/dev/full\x00')
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0)

1.748374606s ago: executing program 0 (id=711):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0xf0cb2f4a0c2cfc5d, 0x0)
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000001200)={0x50, 0x0, r1}, 0x50)
read$FUSE(r0, &(0x7f0000004340)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f0000000200)={0x10, 0xffffffffffffffda, r2}, 0x10)

1.64359748s ago: executing program 2 (id=712):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x20028888}, 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x5, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key(0x0, 0x0, &(0x7f0000000100), 0x0, 0xfffffffffffffffe)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10, &(0x7f00000000c0)=0x56, 0x3)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
semop(0x0, &(0x7f0000000180)=[{0x0, 0xffff}, {0x1, 0xffff, 0x1800}], 0x2)

1.540838628s ago: executing program 1 (id=713):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
r3 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r3, 0x84, 0x7d, &(0x7f0000000280)={r2}, 0x8)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_id=r2, &(0x7f0000000140)=0x4)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000b00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000b40)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r4, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01ca67bd7000000000001200000008000300", @ANYRES32=r6, @ANYBLOB="0c00118004000500040006000a00060008021100000100000800a40003000000060036000080000006001401070000000500130101000000050019"], 0x5c}, 0x1, 0x0, 0x0, 0x2800}, 0x24000040)
sendmsg$NL80211_CMD_RADAR_DETECT(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x2c, r5, 0x1, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8890}, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, <r7=>0x0}, &(0x7f0000000040)=0x6e)
syz_mount_image$jfs(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x210004, &(0x7f00000000c0)=ANY=[@ANYBLOB='discard,resize,nodiscard,uid=', @ANYRESHEX=0x0, @ANYBLOB=',quota,iocharset=iso8859-9,usrquota,usrquota,gid=', @ANYRESHEX=r7, @ANYBLOB='\x00\x00'], 0x3, 0x62b5, &(0x7f00000069c0)="$eJzs3UuPHFfZB/Cn+jYXv3GsLKK8FkKTxFxCiK/BGAIkWcCCDQvkLbI1mUQWDiDbICey8ESzYcGHACGxRIglKz5AFmzZ8QGwZCOBskqhmjlnXNPpdo/Hma4en99Pmql6+lRNn/K/qy+uqj4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Djc1VEXPlVuuFExP9FP6IXsdLUaxGxsnYiLz+IiBdiuzmej4jhUkSz/vavZyNej4iPj0fcf3Bnvbn5/D778f0//+MPPzn2o7//aXjmv3+51X9j2nK3b//2P3+9+2TbDAAAAKWp67qu0sf8k+nzfa/rTgEAc5Ff/+sk365euHpzwfqjVqvV6iNYt9WT3W0XEbHZXqd5z+BwPAAcMZvxSdddoEPyL9ogIo513QlgoVVdd4BDcf/BnfUq5Vu1Xw/WdtrzuSB78t+sdq/vmDadZfwck3k9vraiH89N6c/KnPqwSHL+vfH8r+y0j9Jyh53/vEzLf7Rz6VNxcv798fzHpPyXt38f6fx7E/MvVc5/sL/8d2z25Q8AAAAAAAss////iY6P/y4dpPMHOIjwqOO/awfpAwAAAAAAAAAsgCcd/2+X8f8AAABgYTWf1Ru/O/7wtmnfxdbcfrmKeGZseaAw6WKZ1a77AQAAAAAAAAAAAAAlGeycw3u5ihhGxDOrq3VdNz9t4/XjetL1j7rStx9K1vWTPAAA7Pj4+Ni1/FXEckRcTt/1N1xdXa3r5ZXVerVeWcrvZ0dLy/VK63Ntnja3LY328YZ4MKqbP7bcWq9t1uflWe3jf6+5r1Hd30fH5qPDwAEgInZeje57RXrK1PWz0fW7HI4G+//Tx/7PfnT9OAUAAAAOX13XdZW+zvtkOubf67pTAMBc5Nf/8eMCarVarVarn766rZ7sbruIiM32Os17BsPxA8ARsxmfdN0FOiT/og0i4oWuOwEstKrrDnAo7j+4s16lfKv260Ea3z2fC7In/81qe728/qTpLOPnmMzr8bUV/XhuSn+en1MfFknOvzee/5Wd9lFa7qD5T8u1q3OMpuXfbOeJDvrTtZx/fzz/MYe9/8/LVvQm5l+qnP/gsfLvyx8AAAAAABZY/v//Ewt1/Hd00M2Z6VHHf9cO7V4BAAAAAAAA4HDdf3BnPV/3mo//f2HCcq7/fDrl/Cv5Fynn3xvL/6tjy/Vb8/fefpj/vx/cWf/jrX/9f57uN/+lPFOlR1aVHhFVuqdqkKZPsnWftTXsj5p7Gla9fnMPa7t//3psxNk9y/bSv0c9fDeubbef29Pe9HS43V73d9rP72kf7Lbn9S/saR+mM53qldx+Otbj53E93tlub9qWZmz/8oz2ekZ7zr9v/y9Szn/Q+mnyX03t1di0ce+j3mf2+/Z00v28de2Lvzl7+Jsz01b0d7etrdm+lzroz/a/ybFR/PLmxo3Tt6/eunXjXKTJnlvPR5p8znL+w/Sz+/z/8k57ft5v76/3Pho9dv6LYisGU/N/uTXfbO8rc+5bF3L+o/ST838ntU/e/49y/tP3/1c76A8AAAAAAAAAAAAAAAA8Sl3X25eIvhURF9P1P11dmwkAzFd+/a+TfPu86v6c70+tPuJ1tWD9mWv9ab1Y/VGrj2LdVk/2ZruIiL+112neM/x60h8DABbZpxHxz647QWfkX7D8fX/N9NSeb/kFnnY3P/jwp1evX9+4cbPrngAAAAAAAAAAB5XH/1xrjf98qq7ru2PL7Rn/9e1Ye9LxPwd5ZneA0SkDVX/OpyRt9Ub9Xmu48RejPT53e4Ti4e7co8b/Hsy4v+GM9tGM9qUZ7csz2ide6NGS83+xNd75qYg4OTb8egnjv46PeV+CnP9Lrcdzk/9XxpZr51///ijn39uT/5lb7//izM0PPnzt2vtX39t4b+NnF86dO3vh4sVLly6deffa9Y2zO7877PHhyvnnsa9z/pQh558zl39Zcv5fSrX8y5Lz/3Kq5V+WnH9+vyf/suT882cf+Zcl5/9KquVflpz/11It/7Lk/F9NtfzLkvP/eqrlX5ac/2upln9Zcv6nUy3/suT8z6R6n/mvHHa/mI+cfz7CZf8vS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzfz3V8i9Lzv8bqZZ/WXL+F1Mt/7Lk/L+ZavmXJed/KdXyL0vO/1upln9Zcv7fTrX8y5LzfyPV8i9Lzv87qZZ/WXL+3021/MuS8/9equVflpz/m6mWf1kefv//os7kS+wXpT9mzJQw0/UzEwAAAAAAAAAAAAAwbh6nE3e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwP3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb27jZHjru8APvfoswOJgZA6qSEXx4SQOLmznfiBNsWEx4anEgiFPmC7vrM5cGzHZ5dAI9lRoETCqAjRNrxoCwi1kaoKq+IFrQDlBWpVqRK0L+gbRIWK1KgKKCBVaivIVTvz//9vd29u9863d96d+Xwk++fbnZ35z+x/5/Z35+8OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS75Q2znxrKsqzxJ/9ra5a9qPHvzZNb89tee7VHCAAAAKzVL/K/n78u3XBoBQ9qWuYfX/mdry0sLCxk7x/547HPLyykOyazbGxTluX3RZd/+IGh5mWCJ7KJoeGmr4e7bH6ky/2jXe4f63L/eJf7N3W5f6LL/UsOwBKbi5/H5Cvbmf9za3FIs+uzsfy+nSWPemJo0/Bw/FlObih/zMLY8WwuO5nNZtMtyxfLDuXLf+OWxrbemsVtDTdta3tjhvz0sWNxDEPhGO9s2dbiOqMfvz6b/NlPHzv2l+eeu7Gsdj0MLesrxnn7jsY4PxFuKcY6lG1KxySOc7hpnNtLnpORlnEO5Y9r/Lt9nM+vcJwji8PcUO3P+UQ2nP/7u/lxGm3+sV46TtvDbf9za5ZlFxeH3b7Mkm1lw9mWlluGF5+fiWJGNtbRmEovzUZXNU9vWcE8bdSZna3ztP01EZ//W8LjRpcZQ/PT9OPHx5ue958vXMk8jRp7vdxrpX0O9vq10i9zMM6L7+Y7/WTpHNwZ9v+x25afg6Vzp2QOpv1umoM7us3B4fGRfMzpSRjKH7M4B3e3LD+Sb2kor8/e1nkOTp17+MzU/Mc+ftfcw0dPzJ6YPbV39+7pvfv2HThwYOr43MnZ6eLvKzza/W9LNpxeAzvCsYuvgVe3Lds8VRe+NL7k/Hulr8OJDq/DrW3L9vp1ONq+c0Mb84JcOqeL18Z7Gwd94tJwtsxrLH9+7lj76zDtd9PrcLTpdVj6PaXkdTi6gtdhY5kzd6zsPcto05+yMSz/vWBtc3Br0xxsfz/SPgd7/X6kX+bgRJgX379j+e8F28N4n9y12vcjI0vmYNrdcO5p3JLe708cyEvZvLypccc149n5+dmzdz969Ny5s7uzUDbEy5rmSvt83dK0T9mS+Tq86vl6aO6VT95UcvvWcKwm7mr8NbHsc9VY5p67Oz9X+Xe38uPZcuueLJQe2+jjWfbdvHE8x7PsC99+/MFvPvaFNyx7PBv95iem1v5ePPWlTeffsWXOv7Hvf6HYXlrVEyNjo8XrdyQdnbGW83HrUzWan7uG8m0/P7Wy8/FY+LPR5+PrO5yPt7Ut2+vz8Vj7zsXz8VC3n3asTfvzORHmycnpzufjxjLb9qx2To52PB/fGupQOP6vCZ1C6oua5s5y8zZta3R0LOzXaNxC6zzd27L8WOjNGtt6es+VzdPbby3WNZL2btFGzdPJtmV7PU/Tz76Wm6dD3X76dmXan8+JMC+u39t5njaWeeaetZ87N8d/Np07x7vNwbGR8caYx9IkzM/32cLmOAfvzo5lp7OT2Ux+73g+n4bybe26d2VzcDz82ehz5bYOc/D2tmV7PQfT97Hl5t7Q6NKd74H253MizIun7u08BxvLvHF/b9+73h5uScs0vXdt//nacj/zuqntMK3XXBkN4/z2/s4/m20sc/LAavvMzsfpznDLNSXHqf31u9xraibbmOO0LYzzuQPLH6fGeBrLfP7gCufToSzLLjxyf/7z3vD7lb89/72vtfzepex3Ohceuf8nLz7+D6sZPwCD74WibCm+1zX9Zmolv/8HAAAABkLs+4dDTfT/AAAAUBmx74//KzzR/wMAAEBlxL5/NNSkJv3/tjc+N/fChSwl8xeCeH86DA8Uy8WM63T4enJhUeP2+78y+99/f2Fl2x7OsuznD/xB6fLbHojjKkyGcV5+U+vtS3ztrhVt+8hDF9J2m/PrXwzrj/uz0mlQFsGdzrLsG9d9Jt/O5Acu5fWZB47k9cGLTz7RWOb5g8XX8fHPvqxY/s9C+PfQ8aMtj382HIcfhTr9tvLjER/31Uuv2b7/fYvbi48b2nFtvttPfbBYb/ycnM8+USwfj/Ny4//mp5/+amP5R19VPv4Lw+Xjfzqs9yuh/u8riuWbn4PG1/Fxnwzjb2yvMUPj4+7+8rdKx3/5U8XyZ95cLHck1Lj928PXO9/83Fzz8Xp06GjLfmVvKZaL25/+3h/l98f1xfW3j3/i8KWW49E+P57512I9U23Lx9vjdqK/a9t+Yz3N8zNu/+k/PNJynLtt//KDz76isd727d/ZttyZR+7It7+4vtZPbPrzT36mdHtxPIf+5kzL/hx6d3gdh+0/9cEwH8P9/3e5WF/7pysceXfr+Scu/8WtF1r2J3rrz4rtX37dibxumti85ZoXvfjaizc3jl2WfXdTsb5u2z/xF6dbxv+lG4rjEe+PGf327S8nbv/sR3edOj1/fm4mHdXHrss/O+ftxXjieK8L59b2rw+fPveh2bOT05PTWTZZ3Y/Qu2JfDvUnRbnYeemFJWfQOx4Kz+dNf/qNLbf9y6fj7f/23uL2S28rvm+9Oiz32XD71vD8rW77Sz11yw3563vomTDChaWfF7wW23f+14EVLRj2v/19QZzvZ17+ofw4NO7Lv2/E1/Uax/+DmWI9Xw/HdSF8MvOOGxa317x8/GyES+8pXu9rPn7hNBef178Kz/c7flSsP44r7u8PwvuYb21rPd/F+fH1C8Pt688/xeNiOJ9kF4v741LxeF96/obS4cXPIcku3ph//bm0nhtXtZvLmf/Y/NTJuVPnH506Nzt/bmr+Yx8//PDp86fOHc4/y/Pwh7s9fvH8tCU/P83M7rsny89Wp4uyzq72+M88dGxm//RtM7PHj54/fu6hM7NnTxybnz82OzN/29Hjx2c/2u3xczP37d5zcO/+PbtOzM3cd+Dgwb0Hd82dOt0YRjGoLvZNf2TXqbOH84fM33fPwd333nvP9K6HT8/M3rd/enrX+W6Pz7837Wo8+vd3nZ09efTc3MOzu+bnPj573+6D+/bt6fppgA+fOT4/OXX2/Kmp8/OzZ6eKfZk8l9/c+N7X7fFU0/y/F+9n2w0VH8SXvevOfenzWRu+8viyqyoWafsA0efCZ9H800vOHFjJ17HvHws1qUn/DwAAAHUQ+/7xUBP9PwAAAFRG7Ps3hZro/wEAAKAyYt8/EWpSk/6/cvn/bRdWtH35/8HL/2fy//L/bftzxfn/9/Rb/r84X8j/98Za8/fy/4H8v/y//L/8v/w/PdBv+f/Y92/Oslr2/wAAAFAHse/fEmqi/wcAAIDKiH3/NaEm+n8AAACojNj3vyjUpCb9v/y//L/8v/y//H/59leR/9+UrYD8/8aQ/++s5vn/4a4DkP+fyuqV/7/Yy/HXN/9f9FDy/5Tpt/x/7PtfHGpSk/4fAAAAKuU/y2+Off+1oSb6fwAAAKiM2PdfF2qi/wcAAIDKiH3/1lCTmvT/8v/y//L/8v/y/+Xbd/3/wST/31nN8//dyf+7/r/8v+v/01P9lv+Pff9LQk1q0v8DAABAHcS+/6WhJvp/AAAA6D+jV/aw2Pe/LNRkSf9/hRsAAAAArrrY91+ftQXBa/L7f/l/+X/5f/l/+f/y7a88/z+Syf/3D/n/zuT/u5D/l/+X/5f/p6f6Lf+f9/3ZRPbyUJOa9P8AAABQB7HvvyHURP8PAAAAlRH7/l8KNdH/AwAAQGXEvn9bqElN+n/5/0rm/xtPk/y//P+y269A/j8/WfdP/n9dr/8/GwKb8v8rJP/fmfx/F/L/8v/y//L/9FS/5f9j339jqElN+n8AAACog9j33xRqov8HAACAyoh9/y+Hmuj/AQAAoDJi37891KQm/b/8f5/n/2Ny1PX/5f8X8/+PyP8XapL/d/3/VZL/70z+vwv5f/l/+X/5f3qq3/L/se9/RahJTfp/AAAAqIPY978y1ET/DwAAAJUR+/6bQ030/wAAAFAZse+fDDWpSf8v/9/n+f8ru/6//H+18/+ruv7/zfL/8v81I//fmfx/F/L/8v/y//L/9FS/5f9j339LqElN+n8AAACog9j37wg10f8DAABAZcS+/9ZQE/0/AAAAVEbs+3eGmtSk/5f/l/+X/692/r9s+/L/8v9VJv/fmfx/F/L/8v/y//L/9FS/5f9j3/+qUJOa9P8AAABQB7Hvvy3URP8PAAAAlRH7/leHmuj/AQAAoDJi3397qElN+n/5f/l/+X/5/5rn/y/I/1eL/H9n8v9dyP/3Ij//Dvl/+X/5f6J+y//Hvv81oSY16f8BAACgDmLff0eoif4fAAAAKiP2/XeGmuj/AQAAoDJi378r1KQm/b/8v/y//L/8f83z/67/XzF9kP+fWMv25f/l/yuQ/3f9f/l/+X+Sq5X/z7Ly/H/s++8KNalJ/w8AAAB1EPv+u0NN9P8AAAAwgDaX3hr7/qlQE/0/AAAAVEbs+6dDTWrS/8v/y//L/9c6/39x1fn/mxfXK/9fkP/vL+uW/x/OXP9f/l/+v4tBy/+3/3awP/L/Y/L/VMoV5f+/Wrqqnlz/P/b9u0NNatL/AwAAQB3Evn9PqIn+HwAAACoj9v17Q030/wAAAFAZse+/J9SkJv2//P/G5f9HM/l/+f++y/+7/r/8f+X0wfX/17T9wcv/x12U/5f/H7z8f6/H7/r/8v8sdUX5/3I9yf/Hvv/eUJOa9P8AAABQB7Hv3xdqov8HAACAyoh9//5QE/0/AAAAVEbs+w+EmtSk/5f/d/1/+X/5f/n/8u3L/w8m+f/OXP+/C/l/+X/5f/l/eqrf8v+x7z8YalKT/h8AAADqIPb9rw010f8DAABAZcS+/1dCTfT/AAAAUBmx7//VUJOa9P/y//L/8v/y//L/5duX/x9M8v+dyf93If8v/y//L/9PT/Vb/j/2/feFmtSk/wcAAIA6iH3/r4Wa6P8BAACgMmLf/7pQE/0/AAAAVEbs+w+FmtSk/5f/X2H+f3Pn9cn/t45f/r98fsj/y//L/68/+f/O5P+7kP+X/69g/v9x+X+uon7L/8e+//WhJjXp/wEAAKAOYt9/f6iJ/h8AAAAqI/b9bwg10f8DAABAZcS+/42hJjXp/+X/Xf9f/l/+X/6/fPvy/4NJ/r8z+f8u5P/l/yuY/9+A6/+Phyr/zxIrzf/H91Xrnf+Pff+bQk1q0v8DAABAHcS+/82hJvp/AAAAqIzY978l1ET/DwAAAJUR+/63hprUpP+X/5f/l/+X/5f/L9++/P9gkv/vTP6/C/l/+f8Byf9/r+TxVzH/n3P9f8r02/X/Y9//66EmNen/AQAAoA5i3/9AqIn+HwAAACoj9v1vCzXR/wMAAEBlxL7/7aEmNen/e5f/H5f/byP/L//fPj/k/+X/5f/Xn/x/ZwOW///FteF2+f+C/P86jX/yc8WBH6D8f5nS/P8Pl8v/L2xqf7z8P+uh3/L/se9/R6hJTfp/AAAAqIPY978z1ET/DwAAAJUR+/53hZro/wEAAGDwLRTxgdj3/0aoSU36f9f/b4xjMb28zvn/v5b/l/+X/5f/l/9fX/L/nQ1Y/t/1/9vI//f3+Psy/+/6/1xl/Zb/j33/u0NNatL/AwAAQB3Evv/BUBP9PwAAAFRG7PvfE2qi/wcAAIDKiH3/e0NNatL/y/+7/r/8/4Dn/yezLJP/l/8nkf/vTP6/C/l/+f9+y///h/w/g63f8v+x738o1KQm/T8AAADUQez73xdqov8HAACAyoh9/2+Gmuj/AQAAoDJi3//+UJOa9P/y/4OS/5+U/5f/d/3/tv2R/5f/LyP/39nG5/9X94ZK/l/+f5DH7/r/8v8s1W/5/9j3fyDUZOXfriZWvCQAAABwVcS+/7dCTWry+38AAACog9j3/3aoif4fAAAAKiP2/b8TalKT/l/+f1Dy/67/n8n/y/+37Y/8v/x/mY3L/8czj/y/6//L/0fy//L/8v+067f8f+z7fzfUpCb9PwAAANRB7Ps/GGqi/wcAAICBUPZ/stvFvv9wqEn3/n/V/6cPAAAAuDpi338k1KQmv/+X/5f/l//v0/z/n+z45+9/551Hdsv/y//L/6/Khl7/v/Hid/1/+X/5/0T+X/6/NP+/Sf6/ztYh/z/WfONq8/+x7z8aalKT/h8AAADqIPb9vxdqov8HAACAyoh9/7FQE/0/AAAAVEbs+2dCTWrS/8v/y//L//dp/n+V1/8fCtvph/x/PB7y/616lv+PJ135/1Ibmv9/32JOXP5/tfn/8dJb5f9XnP/P37jJ//fX+OX/Xf+fpXqV/x9ZzP+3WG3+P/b9s6EmNen/AQAAoA5C3z98vKiLd+j/AQAAoDJi338i1ET/DwAAAJUR+/4PhZrUpP+X/5f/l/+vRv7f9f8Xl698/t/1/zuS/++sf/L/5eT/Xf9/kMcv/y//z1LrcP3/FqvN/8e+fy7UpCb9PwAAANRB7Ps/HGqi/wcAAIDKiH3/R0JN9P8AAABQGbHvPxlq8v/s3dmT5fVZx/HT2FPMFBeWVVZ54YXcW/4FXMC1/gFeeOONVZRV4gLuC4P7ivuGC7ivuIAibriCCmpCQvaQlSRkTwhJCElqUsw8zzOnu0//Tvf06enf+T6v10UeGTM5nXGcySfDu75N9r/+X/+v/9f/6/9Xf/7l/n/36r+u/n876P+n6f/X0P/r//X/+n82am79f+7+b4pbmux/AAAA6CB3/x1xi/0PAAAAw8jd/81xi/0PAAAAw8jd/y1xS5P9r//X/w/b/9+q/z/s8/X/3v8fmf5/mv5/jS3q/7/0vP5/bl+//l//z0Fz6/9z939r3NJk/wMAAEAHufu/LW6x/wEAAGAYufvvjFvsfwAAABhG7v674pYm+39f/7+z6Nn/Z8ar/x+p//f+/6Gfr//X/4/s+vb/97zyK5/+X//v/f+g/9f/6//Zb279f+7+b49bmux/AAAA6CB3/3fELfY/AAAADCN3/3fGLfY/AAAADCN3/3fFLU32/8ne/98dpf8vG+j/d7JF1//r//f//ND/6//1/6fP+//TOvX/dz5z0x0vPPLljx7n8/X/+n/9v/6fzZpb/5+7/7vjlib7HwAAADrI3f89cYv9DwAAAMPI3f+9cYv9DwAAAEN4/qsWtfu/L25psv9P1v8P8/5/8f6//v/yN+j/9f/6/62l/5/Wqf+/ls/X/+v/r+Hrr98G9f/6fw6aW/+fu//745Ym+x8AAAA6yN3/A3GL/Q8AAADDyN1/d9xi/wMAAMAwcvdfjFua7H/9/+n3/5/X/299/39uof+/Qv+v/58//f80/f8a+n/9v/f/9f9s1Nz6/9z998QtTfY/AAAAdJC7/wfjFvsfAAAAhpG7/4fiFvsfAAAAhpG7/4fjlib7X//v/X/9v/f/9f+rP1//v530/9P0/2vo/0/az5/T/+v/9f8sO2b///LEL9sb6f9z9/9I3NJk/wMAAEAHuft/NG6x/wEAAGAYuft/LG6x/wEAAGAYuft/PG5psv/1//p//b/+X/+/+vP1/9tJ/z9tNv3/zu7Kb9b/b33/7/1//b/+nz3m9v5/7v6fiFua7H8AAADoIHf/T8Yt9j8AAAAMI3f/T8Ut9j8AAAAMI3f/T8ctTfa//l//r//X/+v/V3/+VP//6NLXp/+fl432/zv6f+//6//1//p//T8nMbf+P3f/z8QtTfY/AAAAdJC7/964xf4HAACAYeTu/9m4ZWn/7/97UQEAAIDtkrv/5+KWJn/+v7r/v/q/1/8fzXXq/3f1//r/K//3vvKvqP+f7P9v8/5/T97/n7a+/89fUfX/+n/9/0b6/8XOKP3/hXXfX//PKnPr/3P3/3zc0mT/AwAAQAe5+38hbrH/AQAAYBi5+38xbrH/AQAAYBi5+38pbmmy/73/v1X9v/f/e/X/D5zz/v9lc3z/f3Hd+/9d/f8R6f+nef9/Df2//t/7/97/Z6Pm1v/n7v/luKXJ/gcAAIAOcvf/Stxi/wMAAMB2WP57Bw55xD93/6/GLfY/AAAADCN3/6/FLU32/+D9/62H/dP0//r/5R+vmfb/h77/r/+/olf/7/3/o9L/T9P/r6H/P41+fnew/v/+w77/HPr/u/X/zMye/v+xq99+Vv1/7v5fj1ua7H8AAADoIHf/fXGL/Q8AAADDyN3/G3GL/Q8AAADDyN3/m3FLk/1/6v3/hcM/2/v/+n/9v/5f/6//3zT9/zT9/xr7+/9X/qOh/t/7/97/1/9zzfb0/0vOqv/P3f9bcUuT/Q8AAAAd5O7/7bjF/gcAAIBh5O6/P26x/wEAAGAYufsfiFua7P/B3/8/lP5f/7/846X/1/+v+nz9/3bS/0/T/6/h/X/9/1n0//ETQP/PiObW/+fu/524pcn+BwAAgA5y9/9u3GL/AwAAwDBy9/9e3GL/AwAAwDBy9/9+3NJk/+v/T7f/z2/X/+v/F/p//b/+/7po2//vrPqd6KBD+v+nbr/4NXu/Rf+v/x+y/3/uVL9+7//r/zloFv3/pav/6TJ3/x/ELU32PwAAAHSQu/8P4xb7HwAAAIaRu/+P4hb7HwAAAIaRu/+P45Ym+3+p/8/kQv/v/X/9v/5f/6//31pt+/8j8v7/tJfi36/+f9T+/3S/fv2//p+DZtH/L/117v4/iVua7H8AAADoIHf/n8Yt9j8AAAAMI3f/n8Ut9j8AAAAMI3f/n8ctTfa/9/979P83LvT/+n/9v/6/B/3/NP3/Gt7/1//r//X/bNTc+v/c/Q/GLU32PwAAAHSQu/8v4hb7HwAAAIaRu/8v4xb7HwAAAIaRu/+v4pYm+1//f0j/vxir//f+v/5/of/X/zeh/5921v3/qt8vl12X/v+hiS9gVf9/6Ub9/5b3/+eP+P31//p/Nm9u/X/u/r+OW5rsfwAAAOggd/9DcYv9DwAAAMPI3f9w3GL/AwAAwDBy9/9N3NJk/+v/e7z/r//X/y/0//r/JvT/01b3/zcc/Cbv/3v/f6D+3/v/+n/Oztz6/9z9fxu3NNn/AAAA0EHu/kfiFvsfAAAAhpG7/+/iFvsfAAAAhpG7/9G4pcn+1//r//X/+n/9/+rP1/9vp9Pr/xcD9/8r6P/1//p//b/+nw2YW/+fu//v45Ym+x8AAAA6yN3/D3GL/Q8AAADDyN3/j3GL/Q8AAADDyN3/T3FLk/1/Vv3/bfp//b/+X/+v/68fVf3/5nj/f5r+fw39v/5f/6//Z6Pm1v/n7v/nuKXJ/gcAAIAOcvc/FrfY/wAAADCM3P3/ErfY/wAAADCM3P3/Grc02f/e/9f/7+3/F4uZ9//5/6T6f/3/CP3/+YX+f+P0/9P0/2vo/8fs/29YDNT/Xzj0++v/maO59f+5+/8tbmmy/wEAAKCD3P3/HrfY/wAAADCM3P3/EbfY/wAAADCM3P3/Gbc02f/6f/2/9//H6f8ff3H1z0f9/2z7//pR1f9vjv5/mv5/Df3/mP2/9//1/5yZufX/ufsfj1ua7H8AAADoIHf/E/v/DNX+BwAAgGE8cfkfzy/+K26x/wEAAGAYufv/O25psv/1//p//f84/b/3/6/Q//d2Rv3/zqY+X/+v/9f/b+/Xr//X/3PQ3Pr/3P3/E7c02f8AAADQQe7+J+MW+x8AAACGkbv/qbjF/gcAAIBh5O7/37ilyf7X/+v/9f/b2f+f1/8P3//nV6b/P565vP9/yy1f/bT+X/+v/9f/6//1/93Nrf/P3f9/cUuT/Q8AAAAd5O7//7jF/gcAAIBh5O5/Vdxi/wMAAMAwcve/Om5psv8P9v/nFlcK1StW9f/RqOn/l+j/9379+v/VPz+8/6//9/7/6ZtL/+/9/2v7+ufW/9+l/9f/n1b/f/PB76//Z0Rz6/9z9z8dtzTZ/wAAANBB7v7XxC32PwAAAMzYqr8T+3C5+18bt9j/AAAAMIzc/c/ELU32v/f/9f/6f/2//n/156/r/5P+f170/9P0/2t4/1//3+j9//j9r36dqv7/i/T/bM7c+v/c/a+LW5rsfwAAAOggd//r4xb7HwAAAIaRu/8NcYv9DwAAAMPI3f/GuKXJ/tf/b7T/313+Nv2//n/fzw/9/2D9v/f/50n/P03/v4b+X//fqP/fz/v/nIa59f+5+98UtzTZ/wAAANBB7v43xy1H2v8XTumrAgAAADYpd/9b4hZ//g8AAADDyN3/1rilyf6fa/9/93b2/3vo/+fS/3+9/n/f5+v/9f8j0//n7+ir6f/X0P8ft59/afkv9P/6f/0/+82t/8/d/2zc0mT/AwAAQAe5+98Wt9j/AAAAMIzc/W+PW+x/AAAAGEbu/nfELU32/1z7/y19/3+POfb/O4uO/b/3/y//9c6O/l//34L+f5r+f43N9v/3NOj/99D/6//1/+w3t/4/d/8745Ym+x8AAAC21dd+5Tc+e9R/bu7+d8Ut9j8AAAAMI3f/u+MW+x8AAACGkbv/ubilyf7X//fq/3u+/6//9/6//r8T/f80/f8a3v/X/+v/9f9s1Nz6/9z974lblobf7rH/XQIAAABzkrv/vXFLkz//BwAAgA5y978vbjmw/y8d8e9qBwAAAOYmd//zcUuTP/8/cf+/2NH/n2b/v9D/6//1//p//f9x6P+nnbD/v7Sj/9f/T9D/6//1/yy7MMP+P3f/++OWJvsfAAAABrXnv1HI3f+BuMX+BwAAgGHk7v9g3GL/AwAAwDBy938obmmy/73/P/P+/5re/79Q/5P+v3n/f+/5lZ+v/9f/j0z/f6gvidvp/f9LX6z/P5az7ue3/evX/+v/OWhu/X/u/g/HLU32PwAAAHSQu/8jcYv9DwAAAMPI3f/RuMX+BwAAgGHk7v9Y3NJk/+v/R+z/vf+v/5/+/HH6/y+76eKTX/cNDz+o/+eq69n/58+FLen/Lzvh+//b1v8f5/Pvu/yP+n/9v/7/2P3/zXH1/6wyt/4/d//H45Ym+x8AAAA6yN3/Qtxi/wMAAMAwcvd/Im6x/wEAAGAYuftfjFua7P+t6v+/Qv8/cv+fP9Zn0P9f3L7+P5vi7v2/9//1/wd5/3+a/n8N/b/+X//v/X82am79f+7+T8YtTfY/AAAAdJC7/1Nxi/0PAAAAw8jd/+m4xf4HAACAYeTufyluabL/t6r/9/7/0P1/upb+Pz/f+//6/4X+vz39/5Ldg9+k/19D/6//1//r/9moufX/ufs/E7c02f8AAADQQe7+l+MW+x8AAACGkbv/s3GL/Q8AAADDyN3/ubilyf7X/+v/R+j/T/j+/9n0/6/8cqP/1//r/zdO/z9N/7+G/l//377/v13/z0bNrf/P3f+FAAAA//9/pV3V")

739.557022ms ago: executing program 0 (id=714):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0xf0cb2f4a0c2cfc5d, 0x0) (fail_nth: 1)
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000001200)={0x50, 0x0, r1}, 0x50)
read$FUSE(r0, &(0x7f0000004340)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f0000000200)={0x10, 0xffffffffffffffda, r2}, 0x10)

702.599446ms ago: executing program 2 (id=715):
r0 = gettid()
r1 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_NET_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
r4 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
r5 = add_key$keyring(&(0x7f0000000380), &(0x7f00000003c0)={'syz', 0x3}, 0x0, 0x0, r4)
add_key(&(0x7f00000002c0)='rxrpc\x00', 0x0, &(0x7f00000005c0)="630d29a8e6517e7908a1b804c8ad036b9e18953122a05cca140c9c87e183258cd23b02b6431b49f5", 0x28, r5)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@empty, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x20, 0x0, 0x0, r3}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @private}, 0x0, 0x33}, 0x0, @in=@broadcast}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pwritev(r1, &(0x7f00000007c0)=[{&(0x7f0000000040)="7a9181885c", 0x5}, {&(0x7f0000000440)="a19fc7173dda005fc38008ee672ddd8b65ba2278d4b98832bf0ef4dfcbf672b30a73cf060d64e299441d52b29f2eea4ccacbfa96a154adc0377de9cb6d2acbef50f0c5831b235a8a2073d5193dbc7a552a463741cdafaf6474369a3197af4544d6e25386f0338e054de2dc72b245e2a00f8f601fc6dd0814e8890496dddc7937096618fefd7c6c87d28d55fb311c7a89e80c", 0x92}, {&(0x7f0000000500)="76c1e30478f8ee5394360a2e5ba3cce2d1e809516eae275a2746269d1ca5c7c02722fbdf5b3d8a2811c35b7c8aac668e60310a2b2f6c4139bc7ea11be1830e51a6e30522cf5852a8ddaad1759b43bd4276f3e6d289fb3b9f14970bdb0d7c737cc5e452c65b3c71a971e0d2c97fd0365ad00dd88aa3f3b3266b881c185bddb8850076bea30a714864f0b600145eac91c4bf", 0x91}, {&(0x7f0000000640)="88b792885eaedc616320dfd752cee04973bb30aae10c21b7442260146ebef9733612f3b65efcebf9052d68f97efa02ebec2b812cfacc0655f7ff53d7965705468cd58bcf201beb9f13b74cd45433f31ed7856737cd05031bec347b020e46", 0x5e}, {&(0x7f0000000100)="478d80c67acc1a3f15778c5debfbb6a276", 0x11}, {&(0x7f00000006c0)="a49fd412056cb865ee289fdcb4003d8c726feebab933cf8c581b6421de27a621c6539875e54143d7e5522307dc0ef5ba206bd3a1509d6127365c1e4e4f1bc3434dead6c692d73f3d66bafe94e6b5a666fa01e5fac4858fc59372b70c3885fdb8ec75efaa975585e484e1a9a034523484debdab86e8c59c09efd692528aa01bb0a0bbec08e3ef97be90ab0b70b944b835c8b996c551a328839ba77227d1973080e917a1cefd07b556a247f1a176873b4671130a90bf200ae773388bf5bf6ef082f09e8bc11c6a43faddbe83f3db93ae098631c17870d30c5fc816143a6ba18242d3", 0xe1}], 0x6, 0xd3, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000080), 0x6)
sendmsg$sock(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000680)="490454cc5bb6fff252cba0a2cb8d8779458274ba739d86b71e76849c92d7deb9f4afe04705b0e0ae29c2706048d6a26aedd58a0746daa3544be619bb33393c7f98b4efe93fecdf136b0d385f0b6bb5f2cc1650ea270495317b7002bd6741a071c17aa96e1324d48e84f2101e4dbace9a69af2555bd1934f12003ca9a1c7b65acda4bd19183ab05b711ab26b5dfe219e3be13c576d709bc005c98414e70dd916f9ca99e9e7b7900210e75eb587b5e", 0xae}, {&(0x7f0000000940)="507f627fbc5712cf60b360c6717116a83d37404e607789318b99f639dac995f1fbc2105701764213daef1ec7d8aaec594c664b559e72e7bb723d8658315546ec55664e6fbba8a63111a12fe789dd7e2ebb8921271c3a337bac3cc57a817401cb3a76d9c017a607e8c395d54055651b57f88bfab581734b8f5ef22f38c80be7832cde247e2de662d6d47744598e50944ff59ebe3326d7091a9e6c17aac71cf910f5889ad42c6a8cd4af26108866001d8408b2f384bbdf7cddeab42e0db5067d16305851d28341af9479750b8036f331cab26b64ff4162f09cf4fde716178d6c915ca349572ca38b6ff6cee1e1f8c9f73e", 0xf0}, {&(0x7f00000003c0)="61376c4626295aaea4f4266b00c80f2d2491208378e493fb82e112e2ee9344", 0x1f}, {0x0, 0x5d}, {&(0x7f0000000740)="b9673e6885e3e3d3e007c2ce16e62e7b4ed466a277641bf672759022f1676db4c1fd014651a7504d980b4e4f322afbac6e519ed051a98df584398d0ee4eb01780835150931633ef501a78fcc0e7de6095b9bffb318889f62107f6af4760d461cee542669d30fb7b3f0757dc3047d6f0b2348e0ff7e2f6061b65ae64b9a6089824ebf9ef465f0e377", 0x88}], 0x5}, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "00009200000000000000000000000058b200"})
write(r7, &(0x7f00000001c0)='u', 0x1)
r8 = syz_open_pts(r7, 0x0)
r9 = dup(r8)
ioctl$TCSETS2(r7, 0x402c542b, &(0x7f0000000000)={0x0, 0x1, 0x3, 0xfffffffa, 0x0, "cd3165308dad42c22d6f78e986730fcfe6cf9a"})
r10 = socket$kcm(0xa, 0x3, 0x87)
sendmsg$kcm(r10, &(0x7f0000000080)={&(0x7f0000000200)=@l2tp6={0xa, 0x0, 0x0, @local, 0x3}, 0x80, 0x0}, 0x0)
read$FUSE(r9, &(0x7f0000005ac0)={0x2020}, 0x2020)

505.642905ms ago: executing program 2 (id=716):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x300000a, &(0x7f0000000580)={[{@nodatacow}, {@thread_pool={'thread_pool', 0x3d, 0x3}}, {@noautodefrag}, {@datacow}, {@ref_verify}, {@clear_cache}, {@nobarrier}, {@thread_pool={'thread_pool', 0x3d, 0x8}}, {@nodiscard}, {@enospc_debug}, {@ssd_spread}, {@nossd}], [{@obj_user}, {@obj_type={'obj_type', 0x3d, ':{/:-&&!-&,*%'}}, {@smackfstransmute={'smackfstransmute', 0x3d, 'thread_pool'}}, {@seclabel}, {@appraise}]}, 0x3, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000007680)='./bus\x00', 0x141a42, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_setup(0x2, &(0x7f0000000640))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="8c0000000001010400000000ffffff8802000000240001801400018008000100ac1414bb08000200ac1414bb0c00028005000100000000002400028014000180080001000000004008000200ac1414bb0c0002800500010000000000080007400000000028000680080002007f0000010800010000000000"], 0x8c}, 0x1, 0x600000000000000}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r4, 0x2007ff3)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x2)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
syz_emit_ethernet(0xb6, &(0x7f0000000200)={@empty, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00c000", 0x80, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96489269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x19, 0x1, "020000000400000126000400"}, {0x18, 0x1, "0033e4756e00"}, {0x18, 0x1, "45976e75e433"}]}}}}}}, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r5}, 0x2c, {'rootmode', 0x3d, 0x8000}})
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0xf0cb2f4a0c2cfc5d, 0x0)
read$FUSE(r5, &(0x7f0000006380)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000001200)={0x50, 0x0, r6}, 0x50)

372.988891ms ago: executing program 0 (id=717):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1/file3\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000200)='./file1/file4/file5\x00', 0x81c0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x10, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
landlock_restrict_self(r0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file2\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0xffffffffffffff9c, &(0x7f0000000440)='./file0/file3\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
linkat(0xffffffffffffff9c, &(0x7f0000000500)='./file1/file4/file5\x00', 0xffffffffffffff9c, &(0x7f0000000540)='./file1/file4/file7/file5\x00', 0x0) (fail_nth: 10)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file1/file4/file7/file6\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000600)='./file1/file4/file5\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file1/file4/file7/file6\x00', 0x2)

178.288421ms ago: executing program 3 (id=718):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
io_setup(0x1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, 0x0, 0x162e02, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = dup(r1)
fallocate(r2, 0x10, 0x0, 0x400)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc020582c, 0x0)
io_submit(0x0, 0x6, &(0x7f0000001d00)=[&(0x7f0000001840)={0x0, 0x0, 0x0, 0x5, 0x1eaf, r0, &(0x7f0000001800)="a07c1dbe60085bb8faa2857a808053d2126486c65a9b9a124f", 0x19, 0x7, 0x0, 0x2}, 0x0, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x8, 0x6, 0xffffffffffffffff, &(0x7f0000001a40)="e4f11ad2c91fdd0fc5766f331a5a597d8f3f8a121224b923f8d39cce5a9e3f94085951b5de70a0cddb1606aa0ad40c7a1a8cf10b3bd0dab3d7961df543ac1b30e4dc5912e8ae51e1435ec8ee42d6ed51c55417daf4b804543743758e39793e3312d5b78f1379959470724019240119e86e2baf859d1793363ae45444fa58b4680d3349add66fe969866480b4ace29b79e8b8874810eed097ebb25f84f468fcf98f136ca6e1", 0xa5, 0x7f, 0x0, 0x1, r3}, &(0x7f0000001bc0)={0x0, 0x0, 0x0, 0x7, 0x0, r0, &(0x7f0000001b40)="7477c63445a0ae4a3094ee66538898df534adc932fa397409c220e4445d17506b29fac11d9132fc61588fb638c08790f9c51f2e6c28a55fbe402ca12f8c5dc15065cb4593db324f4f4b245aa04f1a7aa1d2ce9", 0x53, 0x8000, 0x0, 0x2, r0}, &(0x7f0000001c40)={0x0, 0x0, 0x0, 0x7, 0x2, r0, &(0x7f0000001c00), 0x0, 0x4, 0x0, 0x2}, &(0x7f0000001cc0)={0x0, 0x0, 0x0, 0x8, 0x6, r0, &(0x7f0000001c80)="4f8071d8423b075413b97eca4a84dbc2a77b8cfd8fbf59372d6a45e6114dca3920b35346fc1f0cc3f5132523bef79002a061343f5ec79654d0d28c18998207", 0x3f, 0x6, 0x0, 0x1}])
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f0000000300)='#', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x1, &(0x7f00000001c0)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/vmallocinfo\x00', 0x0, 0x0)
lseek(r8, 0x10001, 0x0)
getsockopt$inet6_int(r4, 0x29, 0x18, 0x0, &(0x7f00000001c0))
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)

149.454324ms ago: executing program 1 (id=719):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0xfff0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
write$binfmt_elf32(r0, &(0x7f00000014c0)=ANY=[], 0x46b)
sendmmsg$inet(r0, &(0x7f0000000f40)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000006c0)="ed", 0x1}, {&(0x7f0000000200)="b5", 0x1}, {&(0x7f0000000340)='.', 0x1}, {&(0x7f0000000140)='U', 0x1}, {&(0x7f0000000180)="f3", 0x1}], 0x5}}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)="f1", 0x1}, {&(0x7f0000000c80)='a', 0x1}, {&(0x7f0000000b40)='M', 0x1}, {&(0x7f0000000d80)='o', 0x1}, {&(0x7f0000000e80)='\b', 0x1}], 0x5}, 0x70040000}, {{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000380)="bb", 0x1}, {&(0x7f00000007c0)="a1", 0x1}, {&(0x7f0000000800)='s', 0x1}, {&(0x7f00000009c0)}], 0x4}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000440)="88", 0x1}, {&(0x7f0000000840)="e5", 0x1}, {&(0x7f0000001040)="96", 0x1}], 0x3}}], 0x4, 0x4048841)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r1, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000002c0)="316f825a3d29f96a2093a917017b4cd300000000bee70035ed313e19d6dd1fb41a20baf7f7343067fd40cdd4b16742e94b62f4eb1c5d9faab7f3028100ae8180db94b9de7456ae62b0e6fe7766a0842912179154a96fa88e161d4adf77a486e10d1d1d0b90c8997e6917226fa4bb5d77e85729336ba6369a4c33ac53b45d46a92db9fda99af4429dc23db6a1706328df4e75eb173a81bd4af8b89d1870c9", 0x9e}], 0x1}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000a40)="bd2f6aa36cea0e62ac00a4539dd80281164750339fcc3cd1f7bb1b74e98dbbe81e997d4847ee5d06a72e6f1c6b8a873c7ea7760f102483b578526af9775e51b84818d03da7", 0x45}, {&(0x7f0000000740)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc487553859348d48e6fc49d81c71590cd542e796cc2669e2c691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b789ef34b46e461725b5e437323385b88c368f8bb5b95e269169f5f7b51dd5319b8016623d1863d7d77ceefde94faf2e36c3920581691a79a6678db1e5e7fa1ca703ee7aa87272e9c4", 0xae}], 0x2}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000b80)="1ee88f78de7d57006d8ffa3f1d92c228a43f6c86558705d98691e6344fa3745cc92c1f80fc01a77c28bb77872fc4", 0x2e}, {&(0x7f0000001bc0)="5c89eeb1aa86c6f680f09cc1c1d4bc5fc6a067d295afd3aa97af3d777b81db48f9ceb270e506af840503c6fbf20760e4cd8df9c220cd0728585229123d5c61507d", 0x41}], 0x2}}], 0x3, 0x0)

83.404639ms ago: executing program 0 (id=720):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = inotify_init1(0x0)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e22, 0x1184, @local, 0x5}, 0x1c)
ppoll(&(0x7f0000000080)=[{r2, 0x200}], 0x1, &(0x7f00000000c0), 0x0, 0x0)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs(r3, &(0x7f0000000040)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r4, 0x41009432, &(0x7f0000000180)={@id={0x40000, 0x0, @b}})

80.488288ms ago: executing program 4 (id=721):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = inotify_init1(0x0)
fcntl$setown(r1, 0x8, 0xffffffffffffffff)
fcntl$getownex(r1, 0x10, &(0x7f0000000140)={0x0, <r2=>0x0})
r3 = syz_open_procfs(r2, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(r3, 0x40305839, 0x0)

0s ago: executing program 1 (id=722):
syz_mount_image$msdos(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="666c7573682c6e6f646f74732c646973636172642c646d61736b3d30303030303030303030303030303030303030303030322c646d61736b3d30303030303030303030303030303030303030303137372c646f74732c6e6f646f74732c71756965742c646f74732c0023c3cb4d2e3cbf18508098ee0de2af38db67d42d1bc4ab714d52f019082433fc9ca2d7174b2c4e5531c9f4c7a4d53914e100"/167], 0x1, 0x140, &(0x7f0000000000)="$eJzs27Fq21AUBuDj2m3ddvFcOgi6dDJtn6CluFAqaEnwkEwJOFnsYIgXJZMfJS8YCJ683ZAo2Imxhwy2IPq+RT/8CO4dpMMV6OjT2XAwnpyO/8+i3WhE60dkMW9EJ15FM0rTAABeknlKcZNSSm+n8e4qUkpVrwgA2DbzHwDqx/wHgPox/wGgfvYPDv/+zPPeXpa1I66nRb/ol9ey//0n733N7nWWd82Kot9c9N/KPnvav473D/33tf2b+PK57O+6X//ylf5DDLa/fQAAAKiFbraw9nzf7W7qy/To+8DK+b0VH1s72wYA8AyTi8vh8Wh0ci4IgrAIVb+ZgG1bPvRVrwQAAAAAAAAAAAAAANhkF78TVb1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWHUbAAD//0DvUik=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
socket$kcm(0x2, 0xa, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$packet(0x11, 0x2, 0x300)
socket$inet6(0xa, 0x1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6}]})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
socket(0x2, 0x80805, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xe, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r3}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f0000000440)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x40}, @multicast, @val={@void, {0x8100, 0x4, 0x0, 0x2}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @multicast1, @broadcast}, {0x400, 0x4e20, 0x8}}}}}, 0x0)

kernel console output (not intermixed with test programs):

S-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  215.940092][ T7749] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.944849][ T8124] F2FS-fs (loop1): Image doesn't support compression
[  215.958736][ T7749] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.961298][ T7749] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  215.963629][ T8124] F2FS-fs (loop1): invalid crc value
[  215.977515][ T7749] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  215.988593][ T7749] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.995759][ T7749] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.001669][ T8124] F2FS-fs (loop1): Found nat_bits in checkpoint
[  216.009903][ T7749] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.012542][ T7749] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.024888][ T8124] F2FS-fs (loop1): Start checkpoint disabled!
[  216.025704][ T7749] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.122266][ T7749] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.130808][ T7749] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.140553][ T8124] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  216.144768][ T7749] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  216.150622][ T8124] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  216.170477][ T7749] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  216.186100][ T7749] batman_adv: batadv0: Interface activated: batadv_slave_1
[  216.188839][ T8141] loop3: detected capacity change from 0 to 40427
[  216.204458][ T8141] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  216.357440][ T8141] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  216.365570][ T8141] F2FS-fs (loop3): invalid crc value
[  216.379632][ T8141] F2FS-fs (loop3): Found nat_bits in checkpoint
[  216.515247][ T8164] syz.1.263: attempt to access beyond end of device
[  216.515247][ T8164] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  216.774834][ T8141] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  216.776616][ T8141] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  216.800228][ T8167] loop2: detected capacity change from 0 to 512
[  216.819921][ T8167] EXT4-fs: Ignoring removed oldalloc option
[  216.821655][ T8167] EXT4-fs: Ignoring removed i_version option
[  216.849714][ T8167] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  216.865152][ T7749] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  216.868529][ T8167] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  216.875897][ T7749] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  216.883481][ T8167] EXT4-fs (loop2): orphan cleanup on readonly fs
[  216.886348][ T8167] EXT4-fs (loop2): 1 truncate cleaned up
[  216.890027][ T7749] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  216.897655][ T7749] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.908975][ T8167] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  217.000058][   T44] kworker/u8:3: attempt to access beyond end of device
[  217.000058][   T44] loop1: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  217.023651][   T44] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  217.047303][ T8167] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  217.047632][   T44] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  217.052060][   T44] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  217.053894][   T44] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  217.055786][   T44] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  217.088018][  T353] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.090158][  T353] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.115609][ T7204] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  217.118867][ T7204] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.686645][ T7473] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.894281][ T8175] loop4: detected capacity change from 0 to 40427
[  217.910900][ T8175] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  217.919207][ T8175] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  217.938286][ T8175] F2FS-fs (loop4): Image doesn't support compression
[  217.946718][ T8175] F2FS-fs (loop4): invalid crc value
[  217.957928][ T8175] F2FS-fs (loop4): Found nat_bits in checkpoint
[  217.995044][ T8175] F2FS-fs (loop4): Start checkpoint disabled!
[  218.003872][ T8175] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  218.011913][ T8175] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  218.227755][ T7404] syz-executor: attempt to access beyond end of device
[  218.227755][ T7404] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  218.247522][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  218.249621][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  218.844033][ T1908] kworker/u8:6: attempt to access beyond end of device
[  218.844033][ T1908] loop4: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  218.867428][ T1908] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  218.869295][ T1908] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  218.881497][ T1908] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  218.883319][ T1908] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  218.885136][ T1908] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  218.997944][ T8186] loop2: detected capacity change from 0 to 40427
[  219.063666][ T8186] F2FS-fs (loop2): Found nat_bits in checkpoint
[  219.110184][ T8186] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  219.186749][ T8202] loop4: detected capacity change from 0 to 128
[  219.208239][ T8186] netlink: 8 bytes leftover after parsing attributes in process `syz.2.276'.
[  219.239408][   T30] audit: type=1326 audit(219.210:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8201 comm="syz.4.279" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed499e8 code=0x0
[  219.261139][ T7473] syz-executor: attempt to access beyond end of device
[  219.261139][ T7473] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  219.265021][ T7473] syz-executor: attempt to access beyond end of device
[  219.265021][ T7473] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  219.371399][ T8172] loop0: detected capacity change from 0 to 131072
[  219.401564][ T8172] XFS (loop0): Mounting V5 Filesystem 22c32dcc-57bc-4919-aeb7-102e166434d7
[  219.412512][ T8193] loop3: detected capacity change from 0 to 40427
[  219.418899][ T8193] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  219.423259][ T8193] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  219.434380][ T8193] F2FS-fs (loop3): invalid crc value
[  219.447833][ T8193] F2FS-fs (loop3): Found nat_bits in checkpoint
[  219.474786][ T8172] XFS (loop0): Ending clean mount
[  219.497167][ T8193] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  219.506769][ T8193] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  219.677952][ T7514] XFS (loop0): Unmounting Filesystem 22c32dcc-57bc-4919-aeb7-102e166434d7
[  219.736008][ T8200] syz.2.276: attempt to access beyond end of device
[  219.736008][ T8200] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  219.754318][ T8200] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  220.122742][ T8217] loop1: detected capacity change from 0 to 32768
[  220.128761][ T8217] jfs_mount: dbMount failed w/rc = -22
[  220.130765][ T8217] Mount JFS Failure: -22
[  220.131966][ T8217] jfs_mount failed w/return code = -22
[  220.188493][ T8221] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  220.252765][ T7204] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.339670][ T8225] syz.3.277: attempt to access beyond end of device
[  220.339670][ T8225] loop3: rw=10241, sector=53248, nr_sectors = 8 limit=40427
[  220.600027][ T6422] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  220.652925][ T6422] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  220.662766][ T6422] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  220.665958][ T6422] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  220.673087][ T6422] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  220.675361][ T6422] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  220.813843][ T7404] syz-executor: attempt to access beyond end of device
[  220.813843][ T7404] loop3: rw=2049, sector=45096, nr_sectors = 24 limit=40427
[  220.826119][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  220.834671][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  220.838388][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  220.841373][ T7204] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.041548][ T7204] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.120820][ T7204] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  221.127046][ T8224] chnl_net:caif_netlink_parms(): no params data found
[  221.163741][ T8224] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.166785][ T8224] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.167839][ T8242] loop3: detected capacity change from 0 to 16
[  221.170953][ T8224] bridge_slave_0: entered allmulticast mode
[  221.175529][ T8242] erofs: (device loop3): mounted with root inode @ nid 36.
[  221.176018][ T8224] bridge_slave_0: entered promiscuous mode
[  221.185536][ T8224] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.187452][ T8224] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.189440][ T8224] bridge_slave_1: entered allmulticast mode
[  221.191708][ T8224] bridge_slave_1: entered promiscuous mode
[  221.208266][ T8224] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  221.212333][ T8224] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  221.243988][ T8224] team0: Port device team_slave_0 added
[  221.250415][ T8224] team0: Port device team_slave_1 added
[  221.261212][ T8233] loop1: detected capacity change from 0 to 32768
[  221.265938][ T8233] btrfs: Unknown parameter 'inode_cache'
[  221.280205][ T8224] batman_adv: batadv0: Adding interface: batadv_slave_0
[  221.282285][ T8224] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.292861][ T8224] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  221.302454][ T8224] batman_adv: batadv0: Adding interface: batadv_slave_1
[  221.304889][ T8224] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  221.313923][ T8224] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  221.366658][ T7204] bridge_slave_1: left allmulticast mode
[  221.368527][ T7204] bridge_slave_1: left promiscuous mode
[  221.370211][ T7204] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.378662][ T7204] bridge_slave_0: left allmulticast mode
[  221.381223][ T7204] bridge_slave_0: left promiscuous mode
[  221.383945][ T7204] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.473110][ T8249] loop1: detected capacity change from 0 to 40427
[  222.485241][ T8249] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  222.488384][ T8249] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  222.490844][ T8249] F2FS-fs (loop1): Image doesn't support compression
[  222.495216][ T8249] F2FS-fs (loop1): invalid crc value
[  222.501492][ T8249] F2FS-fs (loop1): Found nat_bits in checkpoint
[  222.547494][ T8249] F2FS-fs (loop1): Start checkpoint disabled!
[  222.551792][ T8249] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  222.553665][ T8249] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  222.755687][ T6422] Bluetooth: hci2: command tx timeout
[  222.790412][ T8270] random: crng reseeded on system resumption
[  223.338507][ T8270] hibernate: Hibernate image not generated by this kernel!
[  223.340541][ T8270] PM: hibernation: Image mismatch: architecture specific data
[  223.498090][ T8270] loop4: detected capacity change from 0 to 32768
[  223.922443][ T6663] kworker/u8:11: attempt to access beyond end of device
[  223.922443][ T6663] loop1: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  223.931250][ T6663] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  223.933530][ T6663] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  223.936121][ T6663] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  223.942575][ T6663] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  223.945186][ T6663] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  224.004385][   T25] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  224.064172][ T8274] loop1: detected capacity change from 0 to 128
[  224.083674][   T30] audit: type=1326 audit(224.060:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8273 comm="syz.1.295" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb31499e8 code=0x0
[  224.207454][   T25] usb 1-1: Using ep0 maxpacket: 8
[  224.210049][   T25] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  224.212013][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  224.214921][   T25] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  224.218644][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  224.221444][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  224.227976][   T25] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  224.230074][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  224.233114][   T25] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  224.236187][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  224.239664][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  224.243252][   T25] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  224.245107][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  224.248903][   T25] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  224.251659][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  224.254641][   T25] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  224.262611][   T25] usb 1-1: string descriptor 0 read error: -22
[  224.264429][   T25] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  224.266941][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.275554][   T25] adutux 1-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  224.326744][ T8277] loop4: detected capacity change from 0 to 32768
[  224.339537][ T8277] bcachefs (/dev/loop4): error reading default superblock: checksum error, type crc32c_nonzero: got 65ed50b7 should be 29d2fb78
[  224.348614][ T8277] bcachefs (/dev/loop4): error reading superblock: checksum error, type crc32c_nonzero: got 435293c7 should be a8deb8c1Unsupported superblock version 0.0: (unknown version) (min 0.9: (unknown version), max 1.12: rebalance_work_acct_fix)
[  224.359701][ T8277] bcachefs: bch2_fs_get_tree() error: invalid_sb_version
[  224.491636][   T10] usb 1-1: USB disconnect, device number 3
[  225.031531][ T7204] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  225.084851][ T7204] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  225.129856][ T7204] bond0 (unregistering): Released all slaves
[  225.159015][ T8224] hsr_slave_0: entered promiscuous mode
[  225.197765][ T8224] hsr_slave_1: entered promiscuous mode
[  225.237558][ T8224] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  225.240106][ T8224] Cannot create hsr debugfs directory
[  225.801141][ T6422] Bluetooth: hci2: command tx timeout
[  225.999808][ T8295] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  226.632958][ T8297] loop3: detected capacity change from 0 to 40427
[  226.640065][ T8297] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  226.642157][ T8297] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  226.645462][ T8297] F2FS-fs (loop3): invalid crc value
[  226.704533][ T8297] F2FS-fs (loop3): Found nat_bits in checkpoint
[  226.715525][ T8297] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  226.717447][ T8297] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  227.438443][ T8316] binder: 8307:8316 tried to acquire reference to desc 0, got 1 instead
[  227.589163][ T8315] loop1: detected capacity change from 0 to 32768
[  227.622335][ T7404] syz-executor: attempt to access beyond end of device
[  227.622335][ T7404] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  227.626168][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  227.637730][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  227.667562][ T8315] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  227.701313][ T6905] binder: release 8307:8316 transaction 5 out, still active
[  227.703527][ T6905] binder: undelivered TRANSACTION_COMPLETE
[  227.716265][ T8321] loop0: detected capacity change from 0 to 1764
[  227.819565][ T7567] ocfs2: Unmounting device (7,1) on (node local)
[  227.835913][   T25] binder: send failed reply for transaction 5, target dead
[  227.857919][ T6422] Bluetooth: hci2: command tx timeout
[  227.891337][ T8329] FAULT_INJECTION: forcing a failure.
[  227.891337][ T8329] name failslab, interval 1, probability 0, space 0, times 0
[  227.894987][ T8329] CPU: 1 UID: 0 PID: 8329 Comm: syz.0.311 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  227.897568][ T8329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  227.900275][ T8329] Call trace:
[  227.901138][ T8329]  dump_backtrace+0x1b8/0x1e4
[  227.902383][ T8329]  show_stack+0x2c/0x3c
[  227.903422][ T8329]  dump_stack_lvl+0xe4/0x150
[  227.904566][ T8329]  dump_stack+0x1c/0x28
[  227.905570][ T8329]  should_fail_ex+0x3b0/0x50c
[  227.906742][ T8329]  should_failslab+0xc8/0x130
[  227.907876][ T8329]  kmem_cache_alloc_lru_noprof+0x88/0x354
[  227.909296][ T8329]  proc_alloc_inode+0x2c/0xb8
[  227.910516][ T8329]  new_inode+0x74/0x2b4
[  227.911729][ T8329]  proc_pid_make_inode+0x30/0x144
[  227.913094][ T8329]  proc_ns_dir_lookup+0x19c/0x268
[  227.914322][ T8329]  path_openat+0xc94/0x29f8
[  227.915555][ T8329]  do_filp_open+0x1bc/0x3cc
[  227.916767][ T8329]  do_sys_openat2+0x124/0x1b8
[  227.917945][ T8329]  __arm64_sys_openat+0x1f0/0x240
[  227.919214][ T8329]  invoke_syscall+0x98/0x2b8
[  227.920541][ T8329]  el0_svc_common+0x130/0x23c
[  227.921617][ T8329]  do_el0_svc+0x48/0x58
[  227.922609][ T8329]  el0_svc+0x54/0x168
[  227.923683][ T8329]  el0t_64_sync_handler+0x84/0xfc
[  227.925000][ T8329]  el0t_64_sync+0x190/0x194
[  228.088776][ T8346] loop0: detected capacity change from 0 to 128
[  228.122939][   T30] audit: type=1326 audit(228.100:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8344 comm="syz.0.314" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff833499e8 code=0x0
[  228.182327][ T7204] hsr_slave_0: left promiscuous mode
[  228.219332][ T7204] hsr_slave_1: left promiscuous mode
[  228.275517][ T8331] loop4: detected capacity change from 0 to 32768
[  228.295178][ T8331] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  228.307723][ T7204] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  228.309833][ T7204] batman_adv: batadv0: Removing interface: batadv_slave_0
[  228.319875][ T7204] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  228.325189][ T7204] batman_adv: batadv0: Removing interface: batadv_slave_1
[  228.353554][ T7204] veth1_macvtap: left promiscuous mode
[  228.355329][ T7204] veth0_macvtap: left promiscuous mode
[  228.357054][ T7204] veth1_vlan: left promiscuous mode
[  228.362089][ T7204] veth0_vlan: left promiscuous mode
[  228.373554][ T7749] ocfs2: Unmounting device (7,4) on (node local)
[  228.491765][ T8356] loop4: detected capacity change from 0 to 128
[  229.095239][ T8361] loop3: detected capacity change from 0 to 40427
[  229.097796][ T8361] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  229.099785][ T8361] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  229.103922][ T8361] F2FS-fs (loop3): invalid crc value
[  229.112508][ T8361] F2FS-fs (loop3): Found nat_bits in checkpoint
[  229.133833][ T8361] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  229.135762][ T8361] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  230.194934][ T8373] loop1: detected capacity change from 0 to 32768
[  230.234905][ T6422] Bluetooth: hci2: command tx timeout
[  230.297341][    C1] sched: RT throttling activated
[  230.395015][ T8375] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.435591][ T7404] syz-executor: attempt to access beyond end of device
[  230.435591][ T7404] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  230.445009][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  230.448610][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  230.449166][ T8375] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.683294][ T8379] loop4: detected capacity change from 0 to 32768
[  230.731389][ T8379] read_mapping_page failed!
[  230.732909][ T8379] ERROR: (device loop4): txAbort: 
[  230.732909][ T8379] 
[  230.829481][ T8381] loop3: detected capacity change from 0 to 32768
[  230.837292][ T8381] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  230.869019][ T6905] IPVS: starting estimator thread 0...
[  230.955107][ T7404] ocfs2: Unmounting device (7,3) on (node local)
[  230.967493][ T8386] IPVS: using max 26 ests per chain, 62400 per kthread
[  231.092367][ T8393] Bluetooth: MGMT ver 1.23
[  231.921777][ T8398] FAULT_INJECTION: forcing a failure.
[  231.921777][ T8398] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  231.927013][ T8398] CPU: 0 UID: 0 PID: 8398 Comm: syz.3.326 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  231.929798][ T8398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  231.932452][ T8398] Call trace:
[  231.933362][ T8398]  dump_backtrace+0x1b8/0x1e4
[  231.934676][ T8398]  show_stack+0x2c/0x3c
[  231.935812][ T8398]  dump_stack_lvl+0xe4/0x150
[  231.937033][ T8398]  dump_stack+0x1c/0x28
[  231.938089][ T8398]  should_fail_ex+0x3b0/0x50c
[  231.939311][ T8398]  should_fail+0x14/0x24
[  231.940465][ T8398]  should_fail_usercopy+0x20/0x30
[  231.941771][ T8398]  bm_register_write+0x108/0x117c
[  231.943081][ T8398]  vfs_write+0x3c8/0xc80
[  231.944168][ T8398]  ksys_write+0x15c/0x26c
[  231.945268][ T8398]  __arm64_sys_write+0x7c/0x90
[  231.946620][ T8398]  invoke_syscall+0x98/0x2b8
[  231.947841][ T8398]  el0_svc_common+0x130/0x23c
[  231.948055][ T8394] loop1: detected capacity change from 0 to 32768
[  231.949051][ T8398]  do_el0_svc+0x48/0x58
[  231.951547][ T8394] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.325 (8394)
[  231.951689][ T8398]  el0_svc+0x54/0x168
[  231.955791][ T8398]  el0t_64_sync_handler+0x84/0xfc
[  231.957187][ T8398]  el0t_64_sync+0x190/0x194
[  231.964220][ T8394] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  231.967113][ T8394] BTRFS info (device loop1): using sha256 (sha256-ce) checksum algorithm
[  231.975907][ T8394] BTRFS info (device loop1): using free-space-tree
[  232.081487][ T8394] BTRFS info (device loop1): rebuilding free space tree
[  232.133006][ T8394] BTRFS info (device loop1): checking UUID tree
[  232.296210][ T7204] team0 (unregistering): Port device team_slave_1 removed
[  232.471350][ T7204] team0 (unregistering): Port device team_slave_0 removed
[  232.943301][ T8423] loop3: detected capacity change from 0 to 1024
[  232.985551][  T137] hfsplus: b-tree write err: -5, ino 4
[  233.204151][ T8425] loop3: detected capacity change from 0 to 40427
[  233.207579][ T8425] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  233.209468][ T8425] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  233.218056][ T8425] F2FS-fs (loop3): invalid crc value
[  233.234875][ T8425] F2FS-fs (loop3): Found nat_bits in checkpoint
[  233.245681][ T8425] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  233.247746][ T8425] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  233.991274][ T7404] syz-executor: attempt to access beyond end of device
[  233.991274][ T7404] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  233.996099][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  234.000599][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  234.118719][ T8433] FAULT_INJECTION: forcing a failure.
[  234.118719][ T8433] name failslab, interval 1, probability 0, space 0, times 0
[  234.122188][ T8433] CPU: 1 UID: 0 PID: 8433 Comm: syz.3.331 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  234.124907][ T8433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  234.127473][ T8433] Call trace:
[  234.128275][ T8433]  dump_backtrace+0x1b8/0x1e4
[  234.129520][ T8433]  show_stack+0x2c/0x3c
[  234.130622][ T8433]  dump_stack_lvl+0xe4/0x150
[  234.131823][ T8433]  dump_stack+0x1c/0x28
[  234.132976][ T8433]  should_fail_ex+0x3b0/0x50c
[  234.134121][ T8433]  should_failslab+0xc8/0x130
[  234.135449][ T8433]  kmem_cache_alloc_noprof+0x84/0x350
[  234.136920][ T8433]  skb_clone+0x1c8/0x330
[  234.137985][ T8433]  __netlink_deliver_tap+0x36c/0x6e4
[  234.139394][ T8433]  netlink_deliver_tap+0x1ac/0x1b0
[  234.140741][ T8433]  __netlink_sendskb+0x78/0xcc
[  234.142009][ T8433]  netlink_dump+0x77c/0xafc
[  234.143161][ T8433]  __netlink_dump_start+0x4d8/0x720
[  234.144502][ T8433]  genl_rcv_msg+0x6c8/0xbb0
[  234.145693][ T8433]  netlink_rcv_skb+0x214/0x3c4
[  234.146956][ T8433]  genl_rcv+0x38/0x50
[  234.148098][ T8433]  netlink_unicast+0x668/0x8a4
[  234.149390][ T8433]  netlink_sendmsg+0x7a4/0xa8c
[  234.150635][ T8433]  ____sys_sendmsg+0x56c/0x840
[  234.151873][ T8433]  __sys_sendmsg+0x26c/0x33c
[  234.153104][ T8433]  __arm64_sys_sendmsg+0x80/0x94
[  234.154333][ T8433]  invoke_syscall+0x98/0x2b8
[  234.155501][ T8433]  el0_svc_common+0x130/0x23c
[  234.156766][ T8433]  do_el0_svc+0x48/0x58
[  234.157897][ T8433]  el0_svc+0x54/0x168
[  234.158978][ T8433]  el0t_64_sync_handler+0x84/0xfc
[  234.160292][ T8433]  el0t_64_sync+0x190/0x194
[  234.211408][ T8437] loop3: detected capacity change from 0 to 128
[  234.279615][ T8439] binfmt_misc: register: failed to install interpreter file ./file0
[  234.478211][ T8441] loop3: detected capacity change from 0 to 32768
[  234.481766][ T8441] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.335 (8441)
[  234.488326][ T8441] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  234.491048][ T8441] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm
[  234.493233][ T8441] BTRFS info (device loop3): using free-space-tree
[  234.555639][ T8441] BTRFS info (device loop3): setting incompat feature flag for SIMPLE_QUOTA (0x10000)
[  235.414381][ T7567] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  235.444303][ T7404] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  235.631070][ T8468] loop0: detected capacity change from 0 to 1024
[  235.669251][ T8472] loop1: detected capacity change from 0 to 128
[  235.756057][ T6625] hfsplus: b-tree write err: -5, ino 4
[  235.839681][ T8484] FAULT_INJECTION: forcing a failure.
[  235.839681][ T8484] name failslab, interval 1, probability 0, space 0, times 0
[  235.843457][ T8484] CPU: 1 UID: 0 PID: 8484 Comm: syz.0.341 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  235.846204][ T8484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  235.848926][ T8484] Call trace:
[  235.849857][ T8484]  dump_backtrace+0x1b8/0x1e4
[  235.850974][ T8484]  show_stack+0x2c/0x3c
[  235.852014][ T8484]  dump_stack_lvl+0xe4/0x150
[  235.853336][ T8484]  dump_stack+0x1c/0x28
[  235.854447][ T8484]  should_fail_ex+0x3b0/0x50c
[  235.855683][ T8484]  should_failslab+0xc8/0x130
[  235.856908][ T8484]  kmem_cache_alloc_noprof+0x84/0x350
[  235.858414][ T8484]  vm_area_alloc+0xf8/0x1bc
[  235.859728][ T8484]  mmap_region+0x9e4/0x17d8
[  235.860875][ T8484]  do_mmap+0x7e0/0xe00
[  235.861862][ T8484]  vm_mmap_pgoff+0x1a0/0x38c
[  235.863036][ T8484]  ksys_mmap_pgoff+0xd0/0x5c8
[  235.864179][ T8484]  __arm64_sys_mmap+0xf8/0x110
[  235.865454][ T8484]  invoke_syscall+0x98/0x2b8
[  235.866638][ T8484]  el0_svc_common+0x130/0x23c
[  235.867878][ T8484]  do_el0_svc+0x48/0x58
[  235.869026][ T8484]  el0_svc+0x54/0x168
[  235.870074][ T8484]  el0t_64_sync_handler+0x84/0xfc
[  235.871624][ T8484]  el0t_64_sync+0x190/0x194
[  235.966469][ T8481] loop3: detected capacity change from 0 to 40427
[  235.969142][ T8481] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  235.971157][ T8481] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  235.974745][ T8481] F2FS-fs (loop3): invalid crc value
[  236.025296][ T8481] F2FS-fs (loop3): Found nat_bits in checkpoint
[  236.037291][ T8481] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  236.039451][ T8481] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  236.783503][ T7404] syz-executor: attempt to access beyond end of device
[  236.783503][ T7404] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  236.800656][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  236.807542][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  236.867164][ T8224] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  236.883367][ T8224] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  236.894153][ T8224] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  236.931822][ T8224] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  237.070595][ T8498] loop0: detected capacity change from 0 to 40427
[  237.083075][ T8224] 8021q: adding VLAN 0 to HW filter on device bond0
[  237.103827][ T8498] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  237.105951][ T8498] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  237.110447][ T8498] F2FS-fs (loop0): Unrecognized mount option "0x0000000000000000ÿÿ" or missing value
[  237.131707][ T8224] 8021q: adding VLAN 0 to HW filter on device team0
[  237.146620][  T353] bridge0: port 1(bridge_slave_0) entered blocking state
[  237.148773][  T353] bridge0: port 1(bridge_slave_0) entered forwarding state
[  237.290398][ T6663] bridge0: port 2(bridge_slave_1) entered blocking state
[  237.292383][ T6663] bridge0: port 2(bridge_slave_1) entered forwarding state
[  237.496482][ T8526] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  238.076077][ T8529] loop1: detected capacity change from 0 to 128
[  238.133916][ T8224] 8021q: adding VLAN 0 to HW filter on device batadv0
[  238.137454][   T30] audit: type=1326 audit(238.110:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8527 comm="syz.1.348" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb31499e8 code=0x0
[  238.174926][ T8224] veth0_vlan: entered promiscuous mode
[  238.210511][ T8224] veth1_vlan: entered promiscuous mode
[  238.245763][ T8541] loop3: detected capacity change from 0 to 1024
[  238.277976][ T8224] veth0_macvtap: entered promiscuous mode
[  238.295201][ T8224] veth1_macvtap: entered promiscuous mode
[  238.334832][ T6663] hfsplus: b-tree write err: -5, ino 4
[  238.343148][ T8224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.353728][ T8224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.359676][ T8224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.366043][ T8224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.375440][ T8224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.383043][ T8224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.391823][ T8224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  238.401779][ T8224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.411542][ T8548] FAULT_INJECTION: forcing a failure.
[  238.411542][ T8548] name failslab, interval 1, probability 0, space 0, times 0
[  238.431843][ T8224] batman_adv: batadv0: Interface activated: batadv_slave_0
[  238.435489][ T8548] CPU: 0 UID: 0 PID: 8548 Comm: syz.3.351 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  238.438278][ T8548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  238.441045][ T8548] Call trace:
[  238.441871][ T8548]  dump_backtrace+0x1b8/0x1e4
[  238.443174][ T8548]  show_stack+0x2c/0x3c
[  238.444345][ T8548]  dump_stack_lvl+0xe4/0x150
[  238.445506][ T8548]  dump_stack+0x1c/0x28
[  238.446564][ T8548]  should_fail_ex+0x3b0/0x50c
[  238.447667][ T8548]  should_failslab+0xc8/0x130
[  238.448966][ T8548]  kmem_cache_alloc_noprof+0x84/0x350
[  238.450290][ T8548]  vm_area_alloc+0xf8/0x1bc
[  238.451500][ T8548]  mmap_region+0x9e4/0x17d8
[  238.452635][ T8548]  do_mmap+0x7e0/0xe00
[  238.453664][ T8548]  vm_mmap_pgoff+0x1a0/0x38c
[  238.454859][ T8548]  ksys_mmap_pgoff+0xd0/0x5c8
[  238.455986][ T8548]  __arm64_sys_mmap+0xf8/0x110
[  238.457277][ T8548]  invoke_syscall+0x98/0x2b8
[  238.458408][ T8548]  el0_svc_common+0x130/0x23c
[  238.459474][ T8548]  do_el0_svc+0x48/0x58
[  238.460404][ T8548]  el0_svc+0x54/0x168
[  238.461389][ T8548]  el0t_64_sync_handler+0x84/0xfc
[  238.462733][ T8548]  el0t_64_sync+0x190/0x194
[  238.466215][ T8224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.469440][ T8224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.471993][ T8224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.474853][ T8224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.479323][ T8224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.482262][ T8224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.485030][ T8224] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  238.488737][ T8224] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  238.492436][ T8224] batman_adv: batadv0: Interface activated: batadv_slave_1
[  238.515719][ T8224] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  238.525072][ T8224] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  238.535565][ T8224] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  238.545278][ T8224] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  238.640458][  T137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.647981][  T137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  238.677244][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  238.685262][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  239.048665][ T8572] netlink: 'syz.2.284': attribute type 13 has an invalid length.
[  239.050269][ T8568] loop3: detected capacity change from 0 to 40427
[  239.055008][ T8568] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  239.057021][ T8568] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  239.070821][ T8568] F2FS-fs (loop3): invalid crc value
[  239.114560][ T8568] F2FS-fs (loop3): Found nat_bits in checkpoint
[  239.131311][ T8568] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  239.133253][ T8568] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  239.141251][ T8576] netlink: 32 bytes leftover after parsing attributes in process `syz.2.284'.
[  239.256465][ T8585] loop4: detected capacity change from 0 to 512
[  239.762883][ T8585] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.901857][ T7404] syz-executor: attempt to access beyond end of device
[  239.901857][ T7404] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  239.928609][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  239.937986][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  240.268654][ T8612] loop1: detected capacity change from 0 to 1024
[  240.302037][ T8612] hfsplus: invalid gid specified
[  240.303834][ T8612] hfsplus: unable to parse mount options
[  240.379503][ T8617] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  240.866005][ T7749] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.928116][ T8621] cgroup: Invalid name
[  241.013070][ T8627] loop0: detected capacity change from 0 to 128
[  241.204646][   T30] audit: type=1326 audit(241.110:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8625 comm="syz.0.366" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff833499e8 code=0x0
[  241.245611][ T8631] loop2: detected capacity change from 0 to 40427
[  241.254621][ T8631] F2FS-fs (loop2): Invalid log blocks per segment (4278190089)
[  241.256456][ T8631] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  241.262443][ T8631] F2FS-fs (loop2): invalid crc value
[  241.280783][ T8631] F2FS-fs (loop2): Found nat_bits in checkpoint
[  241.295949][ T8631] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  241.298005][ T8631] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  242.055321][ T8224] syz-executor: attempt to access beyond end of device
[  242.055321][ T8224] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  242.062498][ T8224] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  242.072026][ T8224] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  242.093088][ T8629] loop3: detected capacity change from 0 to 40427
[  242.098643][ T8629] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  242.100735][ T8629] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  242.105457][ T8629] F2FS-fs (loop3): Image doesn't support compression
[  242.118709][ T8629] F2FS-fs (loop3): invalid crc value
[  242.126197][ T8629] F2FS-fs (loop3): Found nat_bits in checkpoint
[  242.169319][ T8634] loop4: detected capacity change from 0 to 40427
[  242.187632][ T8634] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  242.189560][ T8634] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  242.195363][ T8634] F2FS-fs (loop4): Image doesn't support compression
[  242.211380][ T8634] F2FS-fs (loop4): invalid crc value
[  242.214596][ T8629] F2FS-fs (loop3): Start checkpoint disabled!
[  242.217921][ T8634] F2FS-fs (loop4): Found nat_bits in checkpoint
[  242.240578][ T8629] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  242.242973][ T8634] F2FS-fs (loop4): Start checkpoint disabled!
[  242.246688][ T8629] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  242.276669][ T8634] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  242.283780][ T8634] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  242.461517][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  242.469232][ T8657] syz.3.367: attempt to access beyond end of device
[  242.469232][ T8657] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  242.505968][ T8658] syz.4.361: attempt to access beyond end of device
[  242.505968][ T8658] loop4: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  242.671730][   T13] kworker/u8:1: attempt to access beyond end of device
[  242.671730][   T13] loop4: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  242.672572][ T8662] devtmpfs: Bad value for 'mpol'
[  242.676289][   T13] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  242.680500][   T13] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  242.683037][   T13] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  242.685484][   T13] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  242.688041][   T13] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  242.719385][   T43] kworker/u8:2: attempt to access beyond end of device
[  242.719385][   T43] loop3: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  242.738103][   T43] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  242.744726][   T43] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  242.746693][   T43] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  242.749577][   T43] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  242.751542][   T43] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  244.527696][ T8680] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  244.602881][ T8675] loop4: detected capacity change from 0 to 1024
[  244.766141][ T8687] loop0: detected capacity change from 0 to 128
[  244.802306][ T6625] hfsplus: b-tree write err: -5, ino 4
[  244.849408][   T30] audit: type=1326 audit(244.790:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8686 comm="syz.0.380" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff833499e8 code=0x0
[  244.885893][ T8685] loop3: detected capacity change from 0 to 40427
[  244.890182][ T8685] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  244.892250][ T8685] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  244.896193][ T8685] F2FS-fs (loop3): invalid crc value
[  244.913827][ T8685] F2FS-fs (loop3): Found nat_bits in checkpoint
[  244.929025][ T8685] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  244.930950][ T8685] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  245.664534][ T7404] syz-executor: attempt to access beyond end of device
[  245.664534][ T7404] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  245.674392][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  245.687696][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  245.738412][ T8701] loop2: detected capacity change from 0 to 32768
[  245.787630][ T8701] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  245.859733][ T8701] XFS (loop2): Ending clean mount
[  245.874375][ T8701] XFS (loop2): Quotacheck needed: Please wait.
[  245.997198][ T8703] loop4: detected capacity change from 0 to 40427
[  246.011325][ T8703] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  246.013228][ T8703] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  246.021277][ T8703] F2FS-fs (loop4): Image doesn't support compression
[  246.032259][ T8703] F2FS-fs (loop4): invalid crc value
[  246.051599][ T8703] F2FS-fs (loop4): Found nat_bits in checkpoint
[  246.054430][ T8701] XFS (loop2): Quotacheck: Done.
[  247.700629][ T8730] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  247.746944][ T8703] F2FS-fs (loop4): Start checkpoint disabled!
[  247.754142][ T8703] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  247.760596][ T8703] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  247.958722][ T8739] loop0: detected capacity change from 0 to 1024
[  247.987016][ T8741] loop3: detected capacity change from 0 to 4096
[  248.001608][ T8743] Process accounting resumed
[  248.014601][ T8741] ntfs3: loop3: Different NTFS sector size (1024) and media sector size (512).
[  248.020957][ T8745] syz.4.385: attempt to access beyond end of device
[  248.020957][ T8745] loop4: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  248.084557][  T137] hfsplus: b-tree write err: -5, ino 4
[  248.232250][ T8749] process 'syz.1.396' launched './file1' with NULL argv: empty string added
[  248.238719][ T8224] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  248.403354][ T6625] kworker/u8:10: attempt to access beyond end of device
[  248.403354][ T6625] loop4: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  248.410008][ T6625] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  248.413266][ T6625] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  248.415748][ T6625] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  248.427651][ T6625] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  248.429568][ T6625] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  248.523323][ T8754] loop0: detected capacity change from 0 to 40427
[  248.526869][ T8754] F2FS-fs (loop0): Invalid log blocks per segment (4278190089)
[  248.529090][ T8754] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  248.536520][ T8758] loop3: detected capacity change from 0 to 128
[  248.558671][ T8754] F2FS-fs (loop0): invalid crc value
[  248.579867][ T8754] F2FS-fs (loop0): Found nat_bits in checkpoint
[  248.602453][   T30] audit: type=1326 audit(248.580:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8757 comm="syz.3.400" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cb499e8 code=0x0
[  248.652337][ T8754] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  248.654312][ T8754] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  248.819569][ T2339] ieee802154 phy0 wpan0: encryption failed: -22
[  248.822642][ T2339] ieee802154 phy1 wpan1: encryption failed: -22
[  249.373773][ T7514] syz-executor: attempt to access beyond end of device
[  249.373773][ T7514] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  249.380531][ T7514] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  249.383426][ T7514] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  249.536689][ T8779] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  250.001556][ T8780] loop4: detected capacity change from 0 to 256
[  250.082048][ T8780] Invalid option length (1048381) for dns_resolver key
[  250.100539][ T8780] Invalid option length (1048381) for dns_resolver key
[  250.131547][ T8783] loop1: detected capacity change from 0 to 1024
[  250.217748][ T1925] hfsplus: b-tree write err: -5, ino 4
[  250.296039][ T8791] fuse: Unknown parameter '00000000000000000000004'
[  250.490537][ T8795] netlink: 24 bytes leftover after parsing attributes in process `syz.3.410'.
[  251.027819][ T8795] netlink: 'syz.3.410': attribute type 16 has an invalid length.
[  251.030183][ T8791] loop1: detected capacity change from 0 to 4096
[  251.033115][ T8795] netlink: 'syz.3.410': attribute type 3 has an invalid length.
[  251.039004][ T8795] netlink: 64066 bytes leftover after parsing attributes in process `syz.3.410'.
[  251.156885][ T8802] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  251.246466][ T8804] netlink: 72 bytes leftover after parsing attributes in process `syz.3.413'.
[  251.401622][ T8792] loop4: detected capacity change from 0 to 40427
[  251.407669][ T8792] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  251.410414][ T8792] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  251.419399][ T8810] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  251.422244][ T8810] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  251.448875][ T8792] F2FS-fs (loop4): Image doesn't support compression
[  251.468727][ T8792] F2FS-fs (loop4): invalid crc value
[  251.482538][ T8792] F2FS-fs (loop4): Found nat_bits in checkpoint
[  251.521465][ T8792] F2FS-fs (loop4): Start checkpoint disabled!
[  251.531858][ T8792] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  251.538324][ T8792] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  251.707710][ T8818] loop1: detected capacity change from 0 to 1764
[  252.168330][ T8826] syz.4.409: attempt to access beyond end of device
[  252.168330][ T8826] loop4: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  252.427598][ T8818] ISOFS: Unable to identify CD-ROM format.
[  252.555394][ T1925] kworker/u8:7: attempt to access beyond end of device
[  252.555394][ T1925] loop4: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  252.565933][ T8831] loop1: detected capacity change from 0 to 256
[  252.598532][ T8831] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  252.601163][ T1925] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  252.603706][ T1925] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  252.605539][ T1925] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  252.608450][ T1925] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  252.610282][ T1925] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  252.654428][ T8831] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe622a5da, utbl_chksum : 0xe619d30d)
[  252.669370][ T8835] FAULT_INJECTION: forcing a failure.
[  252.669370][ T8835] name failslab, interval 1, probability 0, space 0, times 0
[  252.681097][ T8835] CPU: 0 UID: 0 PID: 8835 Comm: syz.3.424 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  252.683925][ T8835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  252.686774][ T8835] Call trace:
[  252.687689][ T8835]  dump_backtrace+0x1b8/0x1e4
[  252.689013][ T8835]  show_stack+0x2c/0x3c
[  252.690162][ T8835]  dump_stack_lvl+0xe4/0x150
[  252.691515][ T8835]  dump_stack+0x1c/0x28
[  252.692651][ T8835]  should_fail_ex+0x3b0/0x50c
[  252.693969][ T8835]  should_failslab+0xc8/0x130
[  252.695214][ T8835]  kmem_cache_alloc_node_noprof+0x88/0x3a4
[  252.696848][ T8835]  __alloc_skb+0x1e0/0x420
[  252.698040][ T8835]  skb_copy+0x10c/0x6b4
[  252.699137][ T8835]  tcp_send_synack+0x174/0x890
[  252.700423][ T8835]  tcp_rcv_state_process+0x117c/0x3e30
[  252.701961][ T8835]  tcp_v4_do_rcv+0x71c/0xc44
[  252.703264][ T8835]  __release_sock+0x1a8/0x3d8
[  252.704557][ T8835]  release_sock+0x68/0x1b8
[  252.705783][ T8835]  __inet_stream_connect+0x6e0/0xc48
[  252.707245][ T8835]  inet_stream_connect+0x74/0xb0
[  252.708567][ T8835]  __sys_connect+0x268/0x290
[  252.709852][ T8835]  __arm64_sys_connect+0x7c/0x94
[  252.711275][ T8835]  invoke_syscall+0x98/0x2b8
[  252.712559][ T8835]  el0_svc_common+0x130/0x23c
[  252.713776][ T8835]  do_el0_svc+0x48/0x58
[  252.714932][ T8835]  el0_svc+0x54/0x168
[  252.715992][ T8835]  el0t_64_sync_handler+0x84/0xfc
[  252.717242][ T8835]  el0t_64_sync+0x190/0x194
[  253.596469][ T8823] loop0: detected capacity change from 0 to 512
[  253.604335][ T8823] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  253.672963][ T8852] loop3: detected capacity change from 0 to 128
[  253.679410][ T8852] ext4: Unknown parameter 'uid<00000000000000000000'
[  253.697166][ T8823] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.420: bg 0: block 18: invalid block bitmap
[  255.212991][ T8823] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  255.215926][ T8823] EXT4-fs (loop0): 1 truncate cleaned up
[  255.218131][ T8823] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.225072][ T8823] EXT4-fs error (device loop0): ext4_map_blocks:609: inode #2: block 3: comm syz.0.420: lblock 0 mapped to illegal pblock 3 (length 1)
[  255.469030][ T8860] loop3: detected capacity change from 0 to 128
[  255.548214][   T30] audit: type=1326 audit(255.520:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8859 comm="syz.3.429" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cb499e8 code=0x0
[  255.565667][ T7514] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.801533][ T8862] loop1: detected capacity change from 0 to 40427
[  255.838687][ T8862] F2FS-fs (loop1): Invalid log blocks per segment (4278190089)
[  255.840778][ T8862] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  255.845234][ T8862] F2FS-fs (loop1): invalid crc value
[  255.855124][ T8862] F2FS-fs (loop1): Found nat_bits in checkpoint
[  255.872305][ T8862] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  255.874349][ T8862] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  257.648100][ T7567] syz-executor: attempt to access beyond end of device
[  257.648100][ T7567] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  257.657396][ T7567] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  257.661958][ T7567] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  258.486893][ T8893] loop1: detected capacity change from 0 to 256
[  258.489860][ T8893] vfat: Unknown parameter 'ÿÿ'
[  258.511860][ T8893] 9pnet_virtio: no channels available for device syz
[  258.523556][ T8893] Invalid option length (1147) for dns_resolver key
[  258.530845][ T8895] loop0: detected capacity change from 0 to 128
[  258.532963][ T8895] ext4: Unknown parameter 'uid<00000000000000000000'
[  260.167941][ T8912] loop0: detected capacity change from 0 to 512
[  260.233111][ T8912] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  260.319203][ T8912] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.442: bg 0: block 18: invalid block bitmap
[  260.329063][ T8912] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  260.336707][ T8912] EXT4-fs (loop0): 1 truncate cleaned up
[  260.347411][ T8912] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.395104][ T8912] EXT4-fs error (device loop0): ext4_map_blocks:609: inode #2: block 3: comm syz.0.442: lblock 0 mapped to illegal pblock 3 (length 1)
[  260.661057][ T7514] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.705163][ T8922] loop2: detected capacity change from 0 to 128
[  260.834388][   T30] audit: type=1326 audit(260.740:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8921 comm="syz.2.448" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa91499e8 code=0x0
[  260.955025][ T8924] loop1: detected capacity change from 0 to 40427
[  260.960833][ T8924] F2FS-fs (loop1): Invalid log blocks per segment (4278190089)
[  260.962877][ T8924] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  260.968238][ T8924] F2FS-fs (loop1): invalid crc value
[  261.081395][ T8924] F2FS-fs (loop1): Found nat_bits in checkpoint
[  261.093983][ T8924] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  261.096057][ T8924] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  262.817859][ T7567] syz-executor: attempt to access beyond end of device
[  262.817859][ T7567] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  262.821579][ T7567] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  262.823384][ T7567] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  263.131336][ T8942] loop1: detected capacity change from 0 to 128
[  263.133433][ T8942] ext4: Unknown parameter 'uid<00000000000000000000'
[  265.057297][ T8967] binder: 8964:8967 BC_DEAD_BINDER_DONE 0000000000000000 not found
[  265.068129][ T8967] binder: 8964:8967 got transaction to invalid handle, 1
[  265.087960][ T8967] binder: 8967:8964 cannot find target node
[  265.089643][ T8967] binder: 8964:8967 transaction call to 0:0 failed 13/29201/-22, size 0-24 line 3144
[  265.104799][ T8944] loop0: detected capacity change from 0 to 40427
[  265.107972][ T8944] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  265.109868][ T8944] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  265.112326][ T8944] F2FS-fs (loop0): Image doesn't support compression
[  265.284083][ T8968] loop4: detected capacity change from 0 to 512
[  265.285026][ T8944] F2FS-fs (loop0): invalid crc value
[  265.287502][ T8968] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  265.320389][ T8968] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.459: bg 0: block 18: invalid block bitmap
[  265.324246][ T8968] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  265.326831][ T8968] EXT4-fs (loop4): 1 truncate cleaned up
[  265.328075][ T8944] F2FS-fs (loop0): Found nat_bits in checkpoint
[  265.362863][ T8968] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.652318][ T8974] loop1: detected capacity change from 0 to 4096
[  266.653074][ T8968] EXT4-fs error (device loop4): ext4_map_blocks:609: inode #2: block 3: comm syz.4.459: lblock 0 mapped to illegal pblock 3 (length 1)
[  266.664048][ T8974] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  266.683039][ T8974] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  266.688135][ T8974] ntfs3: loop1: Failed to load $MFT (-22).
[  266.699840][ T8944] F2FS-fs (loop0): Start checkpoint disabled!
[  266.703029][ T8944] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  266.705001][ T8944] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  266.875143][ T7749] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.886760][   T27] binder: undelivered TRANSACTION_ERROR: 29201
[  266.948862][ T8981] FAULT_INJECTION: forcing a failure.
[  266.948862][ T8981] name failslab, interval 1, probability 0, space 0, times 0
[  266.952570][ T8981] CPU: 1 UID: 0 PID: 8981 Comm: syz.2.464 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  266.955237][ T8981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  266.957941][ T8981] Call trace:
[  266.958814][ T8981]  dump_backtrace+0x1b8/0x1e4
[  266.959993][ T8981]  show_stack+0x2c/0x3c
[  266.961097][ T8981]  dump_stack_lvl+0xe4/0x150
[  266.962368][ T8981]  dump_stack+0x1c/0x28
[  266.963511][ T8981]  should_fail_ex+0x3b0/0x50c
[  266.964784][ T8981]  should_failslab+0xc8/0x130
[  266.965926][ T8981]  __kmalloc_noprof+0xf4/0x498
[  266.967227][ T8981]  kernfs_fop_write_iter+0x148/0x48c
[  266.968680][ T8981]  vfs_write+0x940/0xc80
[  266.969703][ T8981]  ksys_write+0x15c/0x26c
[  266.970869][ T8981]  __arm64_sys_write+0x7c/0x90
[  266.972078][ T8981]  invoke_syscall+0x98/0x2b8
[  266.973229][ T8981]  el0_svc_common+0x130/0x23c
[  266.974498][ T8981]  do_el0_svc+0x48/0x58
[  266.975659][ T8981]  el0_svc+0x54/0x168
[  266.976788][ T8981]  el0t_64_sync_handler+0x84/0xfc
[  266.978208][ T8981]  el0t_64_sync+0x190/0x194
[  267.104065][ T8989] loop2: detected capacity change from 0 to 128
[  267.117950][ T8989] ext4: Unknown parameter 'uid<00000000000000000000'
[  267.244805][ T8987] loop0: detected capacity change from 0 to 40427
[  267.418435][ T8987] F2FS-fs (loop0): Invalid log blocks per segment (4278190089)
[  267.420508][ T8987] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  267.490601][ T8987] F2FS-fs (loop0): invalid crc value
[  268.200229][ T8987] F2FS-fs (loop0): Found nat_bits in checkpoint
[  268.215509][ T8987] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  268.217559][ T8987] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  268.399533][ T9001] loop2: detected capacity change from 0 to 256
[  268.936843][ T7514] syz-executor: attempt to access beyond end of device
[  268.936843][ T7514] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  268.957546][ T7514] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  268.963742][ T7514] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  269.121941][ T8985] loop1: detected capacity change from 0 to 40427
[  269.136008][ T8985] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[  269.144562][ T8985] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  269.154858][ T8985] F2FS-fs (loop1): Image doesn't support compression
[  269.174223][ T8985] F2FS-fs (loop1): invalid crc value
[  269.185981][ T8985] F2FS-fs (loop1): Found nat_bits in checkpoint
[  269.370252][ T8985] F2FS-fs (loop1): Start checkpoint disabled!
[  269.388484][ T8985] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  269.404832][ T8985] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  269.588256][ T8985] syz.1.465: attempt to access beyond end of device
[  269.588256][ T8985] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  269.700997][   T13] kworker/u8:1: attempt to access beyond end of device
[  269.700997][   T13] loop1: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  269.717975][   T13] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  269.719465][ T9029] loop2: detected capacity change from 0 to 64
[  269.719922][   T13] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  269.732326][ T9029] hfs: unable to locate alternate MDB
[  269.733741][ T9029] hfs: continuing without an alternate MDB
[  269.735428][   T13] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  269.737289][   T13] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  269.745806][   T13] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  269.856011][ T9033] loop4: detected capacity change from 0 to 128
[  269.873517][ T9033] ext4: Unknown parameter 'uid<00000000000000000000'
[  271.490146][ T6422] Bluetooth: hci3: command 0x0406 tx timeout
[  271.721635][ T9043] loop1: detected capacity change from 0 to 512
[  272.010916][ T9030] loop3: detected capacity change from 0 to 32768
[  272.049768][ T9043] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  272.126259][ T9030] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  272.170887][ T9043] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.473: bg 0: block 18: invalid block bitmap
[  272.176478][ T9043] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  272.190906][ T9043] EXT4-fs (loop1): 1 truncate cleaned up
[  272.192816][ T9043] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  272.199599][ T9041] EXT4-fs error (device loop1): ext4_map_blocks:609: inode #2: block 3: comm syz.1.473: lblock 0 mapped to illegal pblock 3 (length 1)
[  272.267305][ T9030] XFS (loop3): Ending clean mount
[  272.387411][ T9030] XFS (loop3): Quotacheck needed: Please wait.
[  272.463956][ T7567] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.470372][ T9030] XFS (loop3): Quotacheck: Done.
[  272.473968][ T9063] loop2: detected capacity change from 0 to 40427
[  272.476499][ T9063] F2FS-fs (loop2): Invalid log blocks per segment (4278190089)
[  272.478846][ T9063] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  272.486686][ T9063] F2FS-fs (loop2): invalid crc value
[  272.537284][ T9063] F2FS-fs (loop2): Found nat_bits in checkpoint
[  272.568042][ T9063] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  272.570013][ T9063] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  273.316826][ T8224] syz-executor: attempt to access beyond end of device
[  273.316826][ T8224] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  273.336293][ T8224] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  273.357555][ T8224] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  273.410248][ T9051] ebtables: ebtables: counters copy to user failed while replacing table
[  273.594165][ T7404] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  273.643492][ T9083] __find_get_block_slow() failed. block=144115188075855872, b_blocknr=0, b_state=0x00106019, b_size=4096, device nvme0n1p2 blocksize: 4096
[  273.648370][ T9083] grow_buffers: requested out-of-range block 144115188075855872 for device nvme0n1p2
[  273.651310][ T9083] EXT4-fs warning (device nvme0n1p2): ext4_resize_fs:2018: can't read last block, resize aborted
[  273.922040][ T9095] FAULT_INJECTION: forcing a failure.
[  273.922040][ T9095] name failslab, interval 1, probability 0, space 0, times 0
[  273.954113][ T9095] CPU: 0 UID: 0 PID: 9095 Comm: syz.4.487 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  273.956834][ T9095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  273.959575][ T9095] Call trace:
[  273.960469][ T9095]  dump_backtrace+0x1b8/0x1e4
[  273.961763][ T9095]  show_stack+0x2c/0x3c
[  273.962904][ T9095]  dump_stack_lvl+0xe4/0x150
[  273.964161][ T9095]  dump_stack+0x1c/0x28
[  273.965114][ T9095]  should_fail_ex+0x3b0/0x50c
[  273.966350][ T9095]  should_failslab+0xc8/0x130
[  273.967619][ T9095]  kmem_cache_alloc_noprof+0x84/0x350
[  273.969006][ T9095]  vm_area_alloc+0xf8/0x1bc
[  273.970052][ T9095]  mmap_region+0x9e4/0x17d8
[  273.971093][ T9095]  do_mmap+0x7e0/0xe00
[  273.972003][ T9095]  vm_mmap_pgoff+0x1a0/0x38c
[  273.973126][ T9095]  ksys_mmap_pgoff+0xd0/0x5c8
[  273.974376][ T9095]  __arm64_sys_mmap+0xf8/0x110
[  273.975629][ T9095]  invoke_syscall+0x98/0x2b8
[  273.976831][ T9095]  el0_svc_common+0x130/0x23c
[  273.978059][ T9095]  do_el0_svc+0x48/0x58
[  273.979239][ T9095]  el0_svc+0x54/0x168
[  273.980228][ T9095]  el0t_64_sync_handler+0x84/0xfc
[  273.981537][ T9095]  el0t_64_sync+0x190/0x194
[  274.266241][ T9100] loop4: detected capacity change from 0 to 128
[  274.279089][ T9100] ext4: Unknown parameter 'uid<00000000000000000000'
[  274.468664][ T9090] loop3: detected capacity change from 0 to 40427
[  274.472450][ T9090] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  274.474245][ T9090] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  274.480128][ T9090] F2FS-fs (loop3): Image doesn't support compression
[  274.489907][ T9090] F2FS-fs (loop3): invalid crc value
[  274.893365][ T9090] F2FS-fs (loop3): Found nat_bits in checkpoint
[  275.117427][ T9090] F2FS-fs (loop3): Start checkpoint disabled!
[  275.172183][ T9090] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  275.174152][ T9090] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  275.335421][ T9090] syz.3.483: attempt to access beyond end of device
[  275.335421][ T9090] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  275.574693][ T9112] loop1: detected capacity change from 0 to 40427
[  275.586655][ T9112] F2FS-fs (loop1): Invalid log blocks per segment (4278190089)
[  275.588756][ T9112] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  275.592861][ T9112] F2FS-fs (loop1): invalid crc value
[  275.605006][ T7204] kworker/u8:12: attempt to access beyond end of device
[  275.605006][ T7204] loop3: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  275.610844][ T9112] F2FS-fs (loop1): Found nat_bits in checkpoint
[  275.621868][ T9112] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  275.623845][ T9112] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  275.791958][ T9114] loop4: detected capacity change from 0 to 512
[  276.554446][ T9114] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  276.564037][ T7204] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  276.568084][ T7204] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  276.570578][ T7204] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  276.572974][ T7204] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  276.575291][ T7204] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  276.682668][ T9114] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.491: bg 0: block 18: invalid block bitmap
[  276.686401][ T9114] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  276.690819][ T9114] EXT4-fs (loop4): 1 truncate cleaned up
[  276.692699][ T9114] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.698976][ T9113] EXT4-fs error (device loop4): ext4_map_blocks:609: inode #2: block 3: comm syz.4.491: lblock 0 mapped to illegal pblock 3 (length 1)
[  276.757942][ T7567] syz-executor: attempt to access beyond end of device
[  276.757942][ T7567] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  276.772202][ T7567] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  276.780372][ T7567] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  276.988611][ T7749] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.020423][ T9165] loop2: detected capacity change from 0 to 128
[  279.023736][ T9165] ext4: Unknown parameter 'uid<00000000000000000000'
[  280.186926][ T9175] loop3: detected capacity change from 0 to 40427
[  280.262652][ T9175] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  280.264850][ T9175] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  280.275433][ T9175] F2FS-fs (loop3): invalid crc value
[  280.399260][ T9175] F2FS-fs (loop3): Found nat_bits in checkpoint
[  280.427309][ T9175] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  280.429537][ T9175] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  280.635062][ T9167] loop4: detected capacity change from 0 to 40427
[  280.644457][ T9167] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  280.649767][ T9167] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  280.661090][ T9167] F2FS-fs (loop4): Image doesn't support compression
[  280.676741][ T9167] F2FS-fs (loop4): invalid crc value
[  280.694269][ T9167] F2FS-fs (loop4): Found nat_bits in checkpoint
[  280.731726][ T9167] F2FS-fs (loop4): Start checkpoint disabled!
[  281.025476][ T9201] loop0: detected capacity change from 0 to 512
[  281.429292][ T9201] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  281.433496][ T9167] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  281.456895][ T9167] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  281.470667][ T9201] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.508: bg 0: block 18: invalid block bitmap
[  281.474508][ T9201] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  281.477175][ T9201] EXT4-fs (loop0): 1 truncate cleaned up
[  281.479300][ T9201] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.486727][ T9199] EXT4-fs error (device loop0): ext4_map_blocks:609: inode #2: block 3: comm syz.0.508: lblock 0 mapped to illegal pblock 3 (length 1)
[  281.564197][ T9167] syz.4.504: attempt to access beyond end of device
[  281.564197][ T9167] loop4: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  281.581088][ T7404] syz-executor: attempt to access beyond end of device
[  281.581088][ T7404] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  281.585129][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  281.587495][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  281.752512][ T7514] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.763051][  T137] kworker/u8:4: attempt to access beyond end of device
[  281.763051][  T137] loop4: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  281.780599][  T137] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  281.782478][  T137] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  281.784379][  T137] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  281.786182][  T137] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  281.806936][  T137] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  281.821586][ T9210] loop1: detected capacity change from 0 to 512
[  281.870453][ T6418] Bluetooth: hci4: command 0x0406 tx timeout
[  281.892003][ T9210] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  281.894554][ T9210] EXT4-fs (loop1): orphan cleanup on readonly fs
[  281.905301][ T9210] Quota error (device loop1): dq_insert_tree: Quota tree root isn't allocated!
[  281.914652][ T9210] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota
[  281.917153][ T9210] EXT4-fs error (device loop1): ext4_acquire_dquot:6848: comm syz.1.514: Failed to acquire dquot type 1
[  281.942405][ T9210] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.514: bg 0: block 40: padding at end of block bitmap is not set
[  281.958497][ T9210] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  281.971290][ T9210] EXT4-fs (loop1): 1 truncate cleaned up
[  281.973685][ T9210] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  282.155123][ T9225] loop0: detected capacity change from 0 to 1024
[  282.162238][ T7567] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.290737][ T9230] loop3: detected capacity change from 0 to 128
[  282.292759][   T43] hfsplus: b-tree write err: -5, ino 4
[  282.305679][ T9230] ext4: Unknown parameter 'uid<00000000000000000000'
[  282.464328][ T9214] loop2: detected capacity change from 0 to 32768
[  282.586673][ T9238] loop0: detected capacity change from 0 to 40427
[  282.777318][ T9238] F2FS-fs (loop0): Invalid log blocks per segment (4278190089)
[  282.779775][ T9238] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  282.890272][ T9238] F2FS-fs (loop0): invalid crc value
[  283.364071][ T9238] F2FS-fs (loop0): Found nat_bits in checkpoint
[  283.378021][ T9238] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  283.379971][ T9238] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  283.532394][ T9214] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  283.853903][ T9258] loop1: detected capacity change from 0 to 512
[  283.856885][ T9258] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  283.901045][ T9265] loop3: detected capacity change from 0 to 512
[  283.907441][ T9258] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.521: bg 0: block 18: invalid block bitmap
[  283.913474][ T9258] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  283.923163][ T9258] EXT4-fs (loop1): 1 truncate cleaned up
[  283.925111][ T9258] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.930090][ T9258] EXT4-fs error (device loop1): ext4_map_blocks:609: inode #2: block 3: comm syz.1.521: lblock 0 mapped to illegal pblock 3 (length 1)
[  284.005837][ T9265] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  284.014027][ T7567] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.063277][ T9265] EXT4-fs (loop3): 1 truncate cleaned up
[  284.065211][ T9265] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.102381][ T9214] XFS (loop2): Ending clean mount
[  284.121952][ T7514] syz-executor: attempt to access beyond end of device
[  284.121952][ T7514] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  284.124410][ T9214] XFS (loop2): Quotacheck needed: Please wait.
[  284.125880][ T7514] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  284.129421][ T7514] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  284.201878][ T9214] XFS (loop2): Quotacheck: Done.
[  284.262870][ T9270] netlink: 8 bytes leftover after parsing attributes in process `syz.1.523'.
[  284.265301][ T9270] netlink: 20 bytes leftover after parsing attributes in process `syz.1.523'.
[  284.764545][ T8224] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  284.805235][ T9275] loop1: detected capacity change from 0 to 256
[  284.851630][ T7404] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.894950][ T9259] loop4: detected capacity change from 0 to 40427
[  284.903468][ T9259] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  284.905312][ T9259] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  284.919141][ T9275] FAT-fs (loop1): Directory bread(block 64) failed
[  284.920139][ T9259] F2FS-fs (loop4): Image doesn't support compression
[  284.921601][ T9275] FAT-fs (loop1): Directory bread(block 65) failed
[  284.924437][ T9259] F2FS-fs (loop4): invalid crc value
[  284.929460][ T9259] F2FS-fs (loop4): Found nat_bits in checkpoint
[  284.944765][ T9275] FAT-fs (loop1): Directory bread(block 66) failed
[  284.946575][ T9275] FAT-fs (loop1): Directory bread(block 67) failed
[  284.953112][ T9275] FAT-fs (loop1): Directory bread(block 68) failed
[  284.954943][ T9275] FAT-fs (loop1): Directory bread(block 69) failed
[  284.960547][ T9275] FAT-fs (loop1): Directory bread(block 70) failed
[  284.975965][ T9275] FAT-fs (loop1): Directory bread(block 71) failed
[  284.986141][ T9275] FAT-fs (loop1): Directory bread(block 72) failed
[  284.988456][ T9275] FAT-fs (loop1): Directory bread(block 73) failed
[  284.993225][ T9259] F2FS-fs (loop4): Start checkpoint disabled!
[  285.016867][ T9259] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  285.025735][ T9259] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  285.033255][ T9287] loop0: detected capacity change from 0 to 128
[  285.035314][ T9287] ext4: Unknown parameter 'uid<00000000000000000000'
[  285.045963][ T9283] loop3: detected capacity change from 0 to 1024
[  285.047166][ T9288] FAULT_INJECTION: forcing a failure.
[  285.047166][ T9288] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.063532][ T9259] syz.4.522: attempt to access beyond end of device
[  285.063532][ T9259] loop4: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  285.080464][ T9288] CPU: 1 UID: 0 PID: 9288 Comm: syz.2.527 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  285.083302][ T9288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  285.086070][ T9288] Call trace:
[  285.086953][ T9288]  dump_backtrace+0x1b8/0x1e4
[  285.088235][ T9288]  show_stack+0x2c/0x3c
[  285.089328][ T9288]  dump_stack_lvl+0xe4/0x150
[  285.090568][ T9288]  dump_stack+0x1c/0x28
[  285.091585][ T9288]  should_fail_ex+0x3b0/0x50c
[  285.092747][ T9288]  should_fail+0x14/0x24
[  285.093925][ T9288]  should_fail_usercopy+0x20/0x30
[  285.095151][ T9288]  simple_read_from_buffer+0xd4/0x248
[  285.096619][ T9288]  proc_fail_nth_read+0x134/0x1a0
[  285.097917][ T9288]  vfs_read+0x230/0x984
[  285.099044][ T9288]  ksys_read+0x15c/0x26c
[  285.100207][ T9288]  __arm64_sys_read+0x7c/0x90
[  285.101406][ T9288]  invoke_syscall+0x98/0x2b8
[  285.102469][ T9288]  el0_svc_common+0x130/0x23c
[  285.103657][ T9288]  do_el0_svc+0x48/0x58
[  285.104684][ T9288]  el0_svc+0x54/0x168
[  285.105738][ T9288]  el0t_64_sync_handler+0x84/0xfc
[  285.107139][ T9288]  el0t_64_sync+0x190/0x194
[  285.213544][  T137] kworker/u8:4: attempt to access beyond end of device
[  285.213544][  T137] loop4: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  285.240443][  T137] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  285.472400][  T137] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  285.545528][  T137] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  285.596239][  T137] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  285.660825][  T137] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  285.998459][ T6625] hfsplus: b-tree write err: -5, ino 4
[  286.058328][ T9295] loop2: detected capacity change from 0 to 512
[  286.064885][ T9295] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  286.073700][ T9303] qrtr: Invalid version 0
[  286.079157][ T9295] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.533: bg 0: block 18: invalid block bitmap
[  286.082905][ T9295] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  286.085523][ T9295] EXT4-fs (loop2): 1 truncate cleaned up
[  286.088306][ T9295] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.093281][ T9295] EXT4-fs error (device loop2): ext4_map_blocks:609: inode #2: block 3: comm syz.2.533: lblock 0 mapped to illegal pblock 3 (length 1)
[  286.378246][ T9308] loop3: detected capacity change from 0 to 40427
[  286.387078][ T9311] loop0: detected capacity change from 0 to 1024
[  286.389321][ T9311] EXT4-fs: Ignoring removed orlov option
[  286.390838][ T9311] EXT4-fs: Ignoring removed nomblk_io_submit option
[  286.430727][ T9308] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  286.432770][ T9308] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  286.495032][ T9308] F2FS-fs (loop3): invalid crc value
[  286.553462][ T9308] F2FS-fs (loop3): Found nat_bits in checkpoint
[  286.598111][ T9311] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  286.818800][ T8224] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.932096][ T9308] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  286.933995][ T9308] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  287.046677][ T7514] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.389660][ T9320] loop2: detected capacity change from 0 to 1024
[  287.536263][ T9320] hfsplus: unable to parse mount options
[  287.683455][ T9329] loop0: detected capacity change from 0 to 1024
[  287.688736][ T9329] EXT4-fs: Ignoring removed orlov option
[  287.690408][ T9329] EXT4-fs: Ignoring removed nomblk_io_submit option
[  288.066083][ T9329] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.164644][ T9320] binder: 9319:9320 ERROR: BC_REGISTER_LOOPER called without request
[  288.173652][ T7404] syz-executor: attempt to access beyond end of device
[  288.173652][ T7404] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  288.191191][ T9320] binder: 9319:9320 got reply transaction with no transaction stack
[  288.201259][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  288.205391][ T9320] binder: 9319:9320 transaction reply to 0:0 failed 14/29201/-71, size 0-0 line 3045
[  288.214181][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  288.360397][ T7514] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.659495][ T9338] loop2: detected capacity change from 0 to 256
[  288.798962][ T9338] Invalid option length (4010) for dns_resolver key
[  288.807313][ T9338] Invalid option length (4010) for dns_resolver key
[  288.963100][ T9346] loop2: detected capacity change from 0 to 1024
[  288.971806][ T9349] loop1: detected capacity change from 0 to 128
[  288.981804][ T9349] ext4: Unknown parameter 'uid<00000000000000000000'
[  289.133881][   T43] hfsplus: b-tree write err: -5, ino 4
[  289.243442][ T9354] overlayfs: failed to resolve './file2': -2
[  289.893266][ T9342] loop3: detected capacity change from 0 to 40427
[  290.050674][ T9356] loop2: detected capacity change from 0 to 512
[  290.053364][ T9356] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  290.063579][ T9342] F2FS-fs (loop3): Insane cp_payload (553648128 >= 504)
[  290.065333][ T9342] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  290.073123][ T9342] F2FS-fs (loop3): Image doesn't support compression
[  290.078232][ T9342] F2FS-fs (loop3): invalid crc value
[  290.093024][ T9356] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.547: bg 0: block 18: invalid block bitmap
[  290.096625][ T9356] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  290.099656][ T9342] F2FS-fs (loop3): Found nat_bits in checkpoint
[  290.101554][ T9356] EXT4-fs (loop2): 1 truncate cleaned up
[  290.103420][ T9356] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.108452][ T9356] EXT4-fs error (device loop2): ext4_map_blocks:609: inode #2: block 3: comm syz.2.547: lblock 0 mapped to illegal pblock 3 (length 1)
[  290.857624][ T6418] Bluetooth: hci2: command tx timeout
[  290.917379][ T9368] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  291.092654][ T9342] F2FS-fs (loop3): Start checkpoint disabled!
[  291.098664][ T8224] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.127778][ T9342] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  291.129662][ T9342] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  291.164373][ T9342] syz.3.541: attempt to access beyond end of device
[  291.164373][ T9342] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  291.277973][ T6625] kworker/u8:10: attempt to access beyond end of device
[  291.277973][ T6625] loop3: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  291.298396][ T6625] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  291.301048][ T6625] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  291.316316][ T6625] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  291.328761][ T6625] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  291.330630][ T6625] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  291.335606][ T9372] loop1: detected capacity change from 0 to 40427
[  291.354771][ T9372] F2FS-fs (loop1): Invalid log blocks per segment (4278190089)
[  291.356858][ T9372] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  291.360342][ T9372] F2FS-fs (loop1): invalid crc value
[  291.393350][ T9372] F2FS-fs (loop1): Found nat_bits in checkpoint
[  291.427878][ T9372] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  291.429767][ T9372] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  291.570569][ T9347] loop0: detected capacity change from 0 to 65536
[  291.610899][ T9347] XFS (loop0): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  291.917738][ T6418] Bluetooth: hci0: command 0x0419 tx timeout
[  292.051309][ T9347] XFS (loop0): Ending clean mount
[  292.066586][ T9347] XFS (loop0): Quotacheck needed: Please wait.
[  292.116730][ T9358] loop4: detected capacity change from 0 to 32768
[  292.168305][ T7567] syz-executor: attempt to access beyond end of device
[  292.168305][ T7567] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  292.180937][ T7567] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  292.199100][ T7567] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  292.225291][ T9347] XFS (loop0): Quotacheck: Done.
[  292.229286][ T9358] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  292.242290][ T9358] XFS (loop4): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  292.261374][ T9379] loop2: detected capacity change from 0 to 32768
[  292.284197][ T7514] XFS (loop0): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  292.298359][ T9379] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  292.306351][ T9358] XFS (loop4): Ending clean mount
[  292.318351][ T9358] XFS (loop4): Quotacheck needed: Please wait.
[  292.345928][ T9409] loop3: detected capacity change from 0 to 1024
[  292.379843][ T9379] XFS (loop2): Ending clean mount
[  292.387122][ T9379] XFS (loop2): Quotacheck needed: Please wait.
[  292.423526][ T6663] hfsplus: b-tree write err: -5, ino 4
[  292.440178][ T9358] XFS (loop4): Quotacheck: Done.
[  292.606059][ T9379] XFS (loop2): Quotacheck: Done.
[  292.611044][ T9379] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  293.015358][ T6417] Bluetooth: hci2: command 0x0405 tx timeout
[  293.429442][ T7749] XFS (loop4): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  293.682176][ T9431] loop0: detected capacity change from 0 to 512
[  293.688279][ T9431] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  293.695411][ T9431] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.561: bg 0: block 18: invalid block bitmap
[  293.708080][ T9431] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  293.711793][ T9431] EXT4-fs (loop0): 1 truncate cleaned up
[  293.713686][ T9431] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  293.718568][ T9431] EXT4-fs error (device loop0): ext4_map_blocks:609: inode #2: block 3: comm syz.0.561: lblock 0 mapped to illegal pblock 3 (length 1)
[  293.772539][ T7514] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  293.972026][ T9430] loop3: detected capacity change from 0 to 32768
[  294.146754][ T8224] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  294.714515][ T9438] loop4: detected capacity change from 0 to 32768
[  294.751859][ T9433] loop1: detected capacity change from 0 to 65536
[  294.836037][ T9438] XFS (loop4): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  294.844731][ T9433] XFS (loop1): Mounting V5 Filesystem 4194cad6-cad4-4798-ac4c-c2118f686eb1
[  294.859662][ T9440] loop0: detected capacity change from 0 to 40427
[  294.869733][ T9440] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  294.871575][ T9440] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  294.902753][ T9440] F2FS-fs (loop0): Image doesn't support compression
[  294.934040][ T9440] F2FS-fs (loop0): invalid crc value
[  294.960913][ T9438] XFS (loop4): Ending clean mount
[  294.962704][ T9440] F2FS-fs (loop0): Found nat_bits in checkpoint
[  295.031680][ T9440] F2FS-fs (loop0): Start checkpoint disabled!
[  295.044532][ T9433] XFS (loop1): Ending clean mount
[  295.052657][ T9468] dccp_close: ABORT with 3 bytes unread
[  295.072250][ T9438] XFS (loop4): Metadata CRC error detected at xfs_allocbt_read_verify+0x50/0xf0, xfs_bnobt block 0x8 
[  295.075565][ T9465] loop3: detected capacity change from 0 to 40427
[  295.083876][ T9438] XFS (loop4): Unmount and run xfs_repair
[  295.085614][ T9465] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  295.087804][ T9465] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  295.090202][ T9438] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  295.090668][ T9440] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  295.093029][ T9438] 00000000: 41 42 33 42 00 00 00 20 00 00 00 00 00 00 00 ff  AB3B... ........
[  295.096224][ T9438] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 40  ...............@
[  295.098518][ T9438] 00000020: ca 7e 21 01 b8 f1 48 38 8e 2d 76 37 b9 06 20 e6  .~!...H8.-v7.. .
[  295.100801][ T9438] 00000030: 00 00 00 00 b2 ef e1 5f 00 00 00 05 00 00 00 03  ......._........
[  295.103012][ T9438] 00000040: 00 00 02 a4 00 00 0d 5c 00 00 02 a0 00 00 0d 60  .......\.......`
[  295.105339][ T9438] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  295.107789][ T9438] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  295.109931][ T9440] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  295.110283][ T9438] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  295.114727][ T9438] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x274/0x434" at daddr 0x8 len 8 error 74
[  295.131427][ T9438] XFS (loop4): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x590/0xafc (fs/xfs/xfs_trans_buf.c:296).  Shutting down filesystem.
[  295.281126][ T9465] F2FS-fs (loop3): invalid crc value
[  295.293731][ T9465] F2FS-fs (loop3): Found nat_bits in checkpoint
[  295.305929][ T9465] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  295.307898][ T9438] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  295.310244][ T9465] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  295.360587][ T9478] loop2: detected capacity change from 0 to 1024
[  295.848911][ T9484] syz.0.564: attempt to access beyond end of device
[  295.848911][ T9484] loop0: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  295.866446][ T6663] hfsplus: b-tree write err: -5, ino 4
[  295.985824][ T7404] syz-executor: attempt to access beyond end of device
[  295.985824][ T7404] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  295.993456][ T9487] loop2: detected capacity change from 0 to 128
[  295.996025][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  295.998495][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  296.033000][ T7749] XFS (loop4): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[  296.212833][ T7567] XFS (loop1): Unmounting Filesystem 4194cad6-cad4-4798-ac4c-c2118f686eb1
[  296.754945][ T9493] loop4: detected capacity change from 0 to 512
[  296.758860][ T9493] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  296.763535][ T9493] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.574: bg 0: block 18: invalid block bitmap
[  296.766902][ T9493] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  296.777228][ T9493] EXT4-fs (loop4): 1 truncate cleaned up
[  296.779555][ T9493] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  296.784709][ T9493] EXT4-fs error (device loop4): ext4_map_blocks:609: inode #2: block 3: comm syz.4.574: lblock 0 mapped to illegal pblock 3 (length 1)
[  296.819381][ T7749] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.880968][ T9505] loop4: detected capacity change from 0 to 256
[  296.997507][ T9505] Invalid option length (1048381) for dns_resolver key
[  297.299075][ T9516] FAULT_INJECTION: forcing a failure.
[  297.299075][ T9516] name failslab, interval 1, probability 0, space 0, times 0
[  297.315804][ T9516] CPU: 1 UID: 0 PID: 9516 Comm: syz.3.579 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  297.318699][ T9516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  297.321474][ T9516] Call trace:
[  297.322376][ T9516]  dump_backtrace+0x1b8/0x1e4
[  297.323767][ T9516]  show_stack+0x2c/0x3c
[  297.324959][ T9516]  dump_stack_lvl+0xe4/0x150
[  297.326195][ T9516]  dump_stack+0x1c/0x28
[  297.327385][ T9516]  should_fail_ex+0x3b0/0x50c
[  297.328543][ T9516]  should_failslab+0xc8/0x130
[  297.329787][ T9516]  __kmalloc_noprof+0xf4/0x498
[  297.331035][ T9516]  tomoyo_encode+0x270/0x4b0
[  297.332312][ T9516]  tomoyo_realpath_from_path+0x478/0x4cc
[  297.333704][ T9516]  tomoyo_path_number_perm+0x1ec/0x6a8
[  297.335066][ T9516]  tomoyo_file_ioctl+0x2c/0x3c
[  297.336375][ T9516]  security_file_ioctl+0x80/0xbc
[  297.337633][ T9516]  __arm64_sys_ioctl+0xa8/0x1c8
[  297.339015][ T9516]  invoke_syscall+0x98/0x2b8
[  297.340136][ T9516]  el0_svc_common+0x130/0x23c
[  297.341352][ T9516]  do_el0_svc+0x48/0x58
[  297.342395][ T9516]  el0_svc+0x54/0x168
[  297.343329][ T9516]  el0t_64_sync_handler+0x84/0xfc
[  297.344691][ T9516]  el0t_64_sync+0x190/0x194
[  297.384054][ T9516] ERROR: Out of memory at tomoyo_realpath_from_path.
[  297.393802][ T9518] netlink: 'syz.2.580': attribute type 1 has an invalid length.
[  297.403483][ T9518] netlink: 112860 bytes leftover after parsing attributes in process `syz.2.580'.
[  297.410160][ T9518] netlink: 'syz.2.580': attribute type 1 has an invalid length.
[  297.525486][ T9520] loop2: detected capacity change from 0 to 1024
[  297.726888][ T9522] loop3: detected capacity change from 0 to 40427
[  297.729719][ T7204] hfsplus: b-tree write err: -5, ino 4
[  297.731639][ T9522] F2FS-fs (loop3): Invalid log blocks per segment (4278190089)
[  297.733560][ T9522] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  297.736988][ T9522] F2FS-fs (loop3): invalid crc value
[  297.763124][ T9522] F2FS-fs (loop3): Found nat_bits in checkpoint
[  297.768982][ T6663] kworker/u8:11: attempt to access beyond end of device
[  297.768982][ T6663] loop0: rw=2049, sector=40960, nr_sectors = 40 limit=40427
[  297.783184][ T9522] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  297.785154][ T9522] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  297.786164][ T6663] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  297.809180][ T6663] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  297.811023][ T6663] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  297.812832][ T6663] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  297.825763][ T9505] loop4: detected capacity change from 0 to 32768
[  297.841818][ T6663] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  297.867007][ T9505] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  298.497783][ T9537] loop2: detected capacity change from 0 to 512
[  298.516685][ T9537] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  298.537092][ T9537] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.585: bg 0: block 18: invalid block bitmap
[  298.543798][ T9537] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  298.547187][ T9505] XFS (loop4): Ending clean mount
[  298.549389][ T9537] EXT4-fs (loop2): 1 truncate cleaned up
[  298.551297][ T9537] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.556115][ T9537] EXT4-fs error (device loop2): ext4_map_blocks:609: inode #2: block 3: comm syz.2.585: lblock 0 mapped to illegal pblock 3 (length 1)
[  298.578625][ T8224] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.713839][ T7404] syz-executor: attempt to access beyond end of device
[  298.713839][ T7404] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  298.728763][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  298.730506][ T7404] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  298.737140][ T9545] loop2: detected capacity change from 0 to 128
[  298.785074][ T9505] Invalid option length (75423) for dns_resolver key
[  298.804004][ T9547] Bluetooth: MGMT ver 1.23
[  298.817992][ T9547] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:0
[  298.908716][ T7749] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  299.033292][ T9553] netlink: 165 bytes leftover after parsing attributes in process `syz.4.588'.
[  299.185371][ T9563] netlink: 8 bytes leftover after parsing attributes in process `syz.3.592'.
[  299.186234][ T9564] netlink: 165 bytes leftover after parsing attributes in process `syz.4.593'.
[  299.197609][ T9564] FAULT_INJECTION: forcing a failure.
[  299.197609][ T9564] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.204754][ T9564] CPU: 1 UID: 0 PID: 9564 Comm: syz.4.593 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  299.207401][ T9564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  299.210009][ T9564] Call trace:
[  299.210920][ T9564]  dump_backtrace+0x1b8/0x1e4
[  299.212149][ T9564]  show_stack+0x2c/0x3c
[  299.212608][ T9566] loop1: detected capacity change from 0 to 1024
[  299.213250][ T9564]  dump_stack_lvl+0xe4/0x150
[  299.213299][ T9564]  dump_stack+0x1c/0x28
[  299.213311][ T9564]  should_fail_ex+0x3b0/0x50c
[  299.213325][ T9564]  should_fail+0x14/0x24
[  299.213337][ T9564]  should_fail_usercopy+0x20/0x30
[  299.213350][ T9564]  kstrtouint_from_user+0xd0/0x280
[  299.213364][ T9564]  proc_fail_nth_write+0xa8/0x1e8
[  299.213375][ T9564]  vfs_write+0x3c8/0xc80
[  299.213386][ T9564]  ksys_write+0x15c/0x26c
[  299.213396][ T9564]  __arm64_sys_write+0x7c/0x90
[  299.213407][ T9564]  invoke_syscall+0x98/0x2b8
[  299.213417][ T9564]  el0_svc_common+0x130/0x23c
[  299.213426][ T9564]  do_el0_svc+0x48/0x58
[  299.213435][ T9564]  el0_svc+0x54/0x168
[  299.213454][ T9564]  el0t_64_sync_handler+0x84/0xfc
[  299.232981][ T9564]  el0t_64_sync+0x190/0x194
[  299.280007][   T43] hfsplus: b-tree write err: -5, ino 4
[  299.487193][ T9582] loop1: detected capacity change from 0 to 64
[  299.489544][ T9582] minix: Unknown parameter '0x0000000000000003'
[  299.649721][ T9570] loop4: detected capacity change from 0 to 40427
[  299.652149][ T9570] F2FS-fs (loop4): Invalid log blocks per segment (4278190089)
[  299.654171][ T9570] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  299.662759][ T9570] F2FS-fs (loop4): invalid crc value
[  299.675076][ T9570] F2FS-fs (loop4): Found nat_bits in checkpoint
[  300.276007][   T27] atkbd serio0: keyboard reset failed on 
[  300.329804][ T9588] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  300.332816][ T9570] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  300.334689][ T9570] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  300.477870][ T9588] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.506630][ T9599] grow_buffers: requested out-of-range block 144130581238644736 for device nvme0n1p2
[  300.511562][ T9599] EXT4-fs warning (device nvme0n1p2): ext4_resize_fs:2018: can't read last block, resize aborted
[  300.739700][ T9591] loop3: detected capacity change from 0 to 512
[  300.785656][ T9591] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  300.794880][ T9602] loop0: detected capacity change from 0 to 256
[  300.812777][ T9591] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.596: bg 0: block 18: invalid block bitmap
[  300.816710][ T9602] Invalid option length (1048381) for dns_resolver key
[  300.829218][ T9591] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  300.835296][ T9591] EXT4-fs (loop3): 1 truncate cleaned up
[  300.844114][ T9602] Invalid option length (1048381) for dns_resolver key
[  300.853253][ T9591] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.885690][ T9591] EXT4-fs error (device loop3): ext4_map_blocks:609: inode #2: block 3: comm syz.3.596: lblock 0 mapped to illegal pblock 3 (length 1)
[  301.061846][ T7749] syz-executor: attempt to access beyond end of device
[  301.061846][ T7749] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  301.072345][ T7749] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  301.077084][ T7749] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  301.896482][ T9621] loop0: detected capacity change from 0 to 128
[  301.901705][ T9617] loop2: detected capacity change from 0 to 1024
[  301.991559][  T137] hfsplus: b-tree write err: -5, ino 4
[  302.145173][ T9626] loop2: detected capacity change from 0 to 128
[  302.154290][ T9626] ext4: Unknown parameter 'uid<00000000000000000000'
[  302.339117][ T6417] Bluetooth: hci1: command 0x0406 tx timeout
[  302.508072][ T7404] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.553921][ T9633] 8021q: VLANs not supported on lo
[  302.953471][ T9635] loop1: detected capacity change from 0 to 40427
[  303.498212][ T9635] F2FS-fs (loop1): Invalid log blocks per segment (4278190089)
[  303.500220][ T9635] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  303.520568][ T9635] F2FS-fs (loop1): invalid crc value
[  303.549437][ T9635] F2FS-fs (loop1): Found nat_bits in checkpoint
[  303.598780][ T9635] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  303.600704][ T9635] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  304.487858][ T7567] syz-executor: attempt to access beyond end of device
[  304.487858][ T7567] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  304.507506][ T7567] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  304.537466][ T7567] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  304.779878][ T9668] loop0: detected capacity change from 0 to 128
[  304.846079][   T30] audit: type=1326 audit(304.810:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9667 comm="syz.0.623" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff833499e8 code=0x0
[  305.330348][ T9681] loop1: detected capacity change from 0 to 512
[  305.336374][ T9681] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  305.370830][ T9681] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.626: bg 0: block 18: invalid block bitmap
[  305.397540][ T9681] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  305.424521][ T9681] EXT4-fs (loop1): 1 truncate cleaned up
[  305.440803][ T9681] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  305.461472][ T9679] loop3: detected capacity change from 0 to 32768
[  305.464677][ T9679] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.627 (9679)
[  305.470727][ T9681] EXT4-fs error (device loop1): ext4_map_blocks:609: inode #2: block 3: comm syz.1.626: lblock 0 mapped to illegal pblock 3 (length 1)
[  305.475442][ T9679] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  305.479001][ T9679] BTRFS info (device loop3): using crc32c (crc32c-generic) checksum algorithm
[  305.481334][ T9679] BTRFS info (device loop3): using free-space-tree
[  305.560568][ T9679] BTRFS info (device loop3): checking UUID tree
[  305.765156][ T9684] loop4: detected capacity change from 0 to 32768
[  305.849153][ T7404] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  305.947050][ T9717] FAULT_INJECTION: forcing a failure.
[  305.947050][ T9717] name failslab, interval 1, probability 0, space 0, times 0
[  305.951212][ T9717] CPU: 0 UID: 0 PID: 9717 Comm: syz.2.632 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  305.953862][ T9717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  305.956392][ T9717] Call trace:
[  305.957234][ T9717]  dump_backtrace+0x1b8/0x1e4
[  305.958495][ T9717]  show_stack+0x2c/0x3c
[  305.959525][ T9717]  dump_stack_lvl+0xe4/0x150
[  305.960769][ T9717]  dump_stack+0x1c/0x28
[  305.961801][ T9717]  should_fail_ex+0x3b0/0x50c
[  305.963041][ T9717]  should_failslab+0xc8/0x130
[  305.964281][ T9717]  __kmalloc_node_track_caller_noprof+0xf4/0x4d4
[  305.965990][ T9717]  krealloc_noprof+0x94/0x148
[  305.967270][ T9717]  nf_ct_ext_add+0x168/0x350
[  305.968503][ T9717]  init_conntrack+0x780/0x1034
[  305.969719][ T9717]  nf_conntrack_in+0xa80/0x1ac8
[  305.970442][ T9684] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  305.970916][ T9717]  ipv6_conntrack_local+0x28/0x38
[  305.976213][ T9717]  nf_hook_slow+0xc8/0x234
[  305.977540][ T9717]  __ip6_local_out+0x618/0x724
[  305.978823][ T9717]  ip6_local_out+0x3c/0x160
[  305.980026][ T9717]  ip6_send_skb+0x1a0/0x574
[  305.981188][ T9717]  ip6_push_pending_frames+0xd0/0x118
[  305.982605][ T9717]  l2tp_ip6_push_pending_frames+0xe4/0x150
[  305.984198][ T9717]  l2tp_ip6_sendmsg+0x1244/0x19b0
[  305.985495][ T9717]  inet_sendmsg+0x15c/0x290
[  305.986695][ T9717]  ____sys_sendmsg+0x56c/0x840
[  305.988068][ T9717]  __sys_sendmmsg+0x318/0x7e0
[  305.989358][ T9717]  __arm64_sys_sendmmsg+0xa0/0xbc
[  305.990756][ T9717]  invoke_syscall+0x98/0x2b8
[  305.992041][ T9717]  el0_svc_common+0x130/0x23c
[  305.993359][ T9717]  do_el0_svc+0x48/0x58
[  305.994404][ T9717]  el0_svc+0x54/0x168
[  305.995497][ T9717]  el0t_64_sync_handler+0x84/0xfc
[  305.996857][ T9717]  el0t_64_sync+0x190/0x194
[  305.997977][ T9684] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[  306.014969][ T9684] bcachefs (loop4): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.12: rebalance_work_acct_fix
[  306.014969][ T9684]   running recovery passes: check_allocations
[  306.269282][ T9684] invalid bkey u64s 11 type alloc_v4 0:127:0 len 0 ver 0: 
[  306.269323][ T9684]   gen 0 oldest_gen 0 data_type sb
[  306.269332][ T9684]   journal_seq       1
[  306.269339][ T9684]   need_discard      1
[  306.269347][ T9684]   need_inc_gen      1
[  306.269355][ T9684]   dirty_sectors     256
[  306.269362][ T9684]   stripe_sectors    0
[  306.269370][ T9684]   cached_sectors    0
[  306.269378][ T9684]   stripe            17327
[  306.269386][ T9684]   stripe_redundancy 0
[  306.269393][ T9684]   io_time[READ]     1
[  306.269400][ T9684]   io_time[WRITE]    1
[  306.269408][ T9684]   fragmentation     0
[  306.269416][ T9684]   bp_start          8
[  306.269423][ T9684] 
[  306.269430][ T9684]   invalid data type (got 1 should be 7): delete?, shutting down
[  307.763480][ T9684] bcachefs (loop4): inconsistency detected - emergency read only at journal seq 10
[  307.809335][ T9684] bcachefs (loop4): accounting_read... done
[  307.939377][ T9684] bcachefs (loop4): alloc_read... done
[  307.945926][ T9684] bcachefs (loop4): stripes_read... done
[  307.949271][ T9684] bcachefs (loop4): snapshots_read... done
[  308.350251][ T9684] bcachefs (loop4): check_allocations...
[  309.672973][ T9684] bcachefs (loop4): pointer to nonexistent bucket 65536:31
[  309.685103][ T9684] bcachefs (loop4): bch2_gc_mark_key(): error EIO
[  309.697481][ T9684] bcachefs (loop4): bch2_gc_btree(): error EIO
[  309.699865][ T9684] btree node read error for alloc, shutting down
[  309.707624][ T9684] bcachefs (loop4): bch2_gc_btrees(): error fsck_errors_not_fixed
[  309.713581][ T9684] bcachefs (loop4): bch2_check_allocations(): error fsck_errors_not_fixed
[  309.718008][ T9684] bcachefs (loop4): bch2_fs_recovery(): error fsck_errors_not_fixed
[  309.742642][ T9684] bcachefs (loop4): bch2_fs_start(): error starting filesystem fsck_errors_not_fixed
[  309.767561][ T9684] bcachefs (loop4): shutting down
[  309.790179][ T9746] loop2: detected capacity change from 0 to 32768
[  309.805261][ T9684] bcachefs (loop4): shutdown complete
[  309.844563][ T9750] loop0: detected capacity change from 0 to 512
[  309.904618][ T9750] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  310.212410][ T7567] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.222966][ T9750] Quota error (device loop0): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  310.226053][ T9750] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  310.263837][ T9750] EXT4-fs error (device loop0): ext4_acquire_dquot:6848: comm syz.0.640: Failed to acquire dquot type 0
[  310.268748][ T2339] ieee802154 phy0 wpan0: encryption failed: -22
[  310.270415][ T2339] ieee802154 phy1 wpan1: encryption failed: -22
[  310.309620][ T9759] loop3: detected capacity change from 0 to 128
[  310.352214][ T7514] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  310.356981][   T30] audit: type=1326 audit(310.330:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9758 comm="syz.3.643" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cb499e8 code=0x0
[  310.584247][ T9768] FAULT_INJECTION: forcing a failure.
[  310.584247][ T9768] name failslab, interval 1, probability 0, space 0, times 0
[  310.591314][ T9768] CPU: 1 UID: 0 PID: 9768 Comm: syz.2.645 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  310.594185][ T9768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  310.596773][ T9768] Call trace:
[  310.597669][ T9768]  dump_backtrace+0x1b8/0x1e4
[  310.598894][ T9768]  show_stack+0x2c/0x3c
[  310.599960][ T9768]  dump_stack_lvl+0xe4/0x150
[  310.601108][ T9768]  dump_stack+0x1c/0x28
[  310.602251][ T9768]  should_fail_ex+0x3b0/0x50c
[  310.603465][ T9768]  should_failslab+0xc8/0x130
[  310.604630][ T9768]  kmem_cache_alloc_noprof+0x84/0x350
[  310.606062][ T9768]  vm_area_alloc+0xf8/0x1bc
[  310.607293][ T9768]  mmap_region+0x9e4/0x17d8
[  310.608496][ T9768]  do_mmap+0x7e0/0xe00
[  310.609641][ T9768]  vm_mmap_pgoff+0x1a0/0x38c
[  310.610866][ T9768]  ksys_mmap_pgoff+0xd0/0x5c8
[  310.612247][ T9768]  __arm64_sys_mmap+0xf8/0x110
[  310.613616][ T9768]  invoke_syscall+0x98/0x2b8
[  310.614807][ T9768]  el0_svc_common+0x130/0x23c
[  310.616118][ T9768]  do_el0_svc+0x48/0x58
[  310.617142][ T9768]  el0_svc+0x54/0x168
[  310.618213][ T9768]  el0t_64_sync_handler+0x84/0xfc
[  310.619638][ T9768]  el0t_64_sync+0x190/0x194
[  311.856389][ T9786] FAULT_INJECTION: forcing a failure.
[  311.856389][ T9786] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.860278][ T9786] CPU: 0 UID: 0 PID: 9786 Comm: syz.0.650 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  311.862813][ T9786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  311.865329][ T9786] Call trace:
[  311.866171][ T9786]  dump_backtrace+0x1b8/0x1e4
[  311.867294][ T9786]  show_stack+0x2c/0x3c
[  311.868371][ T9786]  dump_stack_lvl+0xe4/0x150
[  311.869626][ T9786]  dump_stack+0x1c/0x28
[  311.870772][ T9786]  should_fail_ex+0x3b0/0x50c
[  311.872060][ T9786]  should_fail+0x14/0x24
[  311.873253][ T9786]  should_fail_usercopy+0x20/0x30
[  311.874618][ T9786]  bm_register_write+0x108/0x117c
[  311.876035][ T9786]  vfs_write+0x3c8/0xc80
[  311.877171][ T9786]  ksys_write+0x15c/0x26c
[  311.878350][ T9786]  __arm64_sys_write+0x7c/0x90
[  311.879677][ T9786]  invoke_syscall+0x98/0x2b8
[  311.881020][ T9786]  el0_svc_common+0x130/0x23c
[  311.882360][ T9786]  do_el0_svc+0x48/0x58
[  311.883473][ T9786]  el0_svc+0x54/0x168
[  311.884583][ T9786]  el0t_64_sync_handler+0x84/0xfc
[  311.886007][ T9786]  el0t_64_sync+0x190/0x194
[  312.063789][ T9788] loop1: detected capacity change from 0 to 512
[  312.597127][ T9788] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.708123][ T9684] bcachefs: bch2_fs_get_tree() error: fsck_errors_not_fixed
[  312.771765][ T9800] loop3: detected capacity change from 0 to 1024
[  312.797933][ T9800] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  312.874555][ T9800] netlink: 36 bytes leftover after parsing attributes in process `syz.3.654'.
[  312.970452][ T9803] loop0: detected capacity change from 0 to 512
[  312.992097][ T9803] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  313.011859][ T9808] loop4: detected capacity change from 0 to 512
[  313.013141][ T9803] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.652: bg 0: block 18: invalid block bitmap
[  313.014061][ T9808] EXT4-fs: Ignoring removed mblk_io_submit option
[  313.044045][ T9808] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  313.062728][ T9803] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  313.067206][ T9808] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=b040c118, mo2=0002]
[  313.072698][ T9808] System zones: 1-12
[  313.074437][ T9808] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #15: comm syz.4.655: corrupted in-inode xattr: e_value size too large
[  313.085449][ T9803] EXT4-fs (loop0): 1 truncate cleaned up
[  313.088525][ T9803] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  313.100730][ T9808] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.655: couldn't read orphan inode 15 (err -117)
[  313.113006][ T7404] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.128959][ T9808] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  313.135177][ T9803] EXT4-fs error (device loop0): ext4_map_blocks:609: inode #2: block 3: comm syz.0.652: lblock 0 mapped to illegal pblock 3 (length 1)
[  314.732633][ T7567] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.613836][ T9819] loop3: detected capacity change from 0 to 32768
[  315.779972][ T9842] pimreg: entered allmulticast mode
[  315.828403][ T9842] loop1: detected capacity change from 0 to 1024
[  315.844432][ T9842] EXT4-fs: Ignoring removed nobh option
[  315.856678][ T9842] EXT4-fs: Ignoring removed orlov option
[  315.894632][ T9842] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.903573][ T9819] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  315.969325][ T9842] EXT4-fs error (device loop1): __ext4_remount:6491: comm syz.1.662: Abort forced by user
[  315.995820][ T9842] EXT4-fs (loop1): Remounting filesystem read-only
[  316.057395][ T9819] XFS (loop3): Ending clean mount
[  316.132288][ T7567] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.214173][ T7514] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.224510][ T9854] FAULT_INJECTION: forcing a failure.
[  316.224510][ T9854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  316.236891][ T7749] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.237986][ T9854] CPU: 1 UID: 0 PID: 9854 Comm: syz.2.664 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  316.242682][ T9854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  316.245437][ T9854] Call trace:
[  316.246378][ T9854]  dump_backtrace+0x1b8/0x1e4
[  316.247458][ T9854]  show_stack+0x2c/0x3c
[  316.248786][ T9854]  dump_stack_lvl+0xe4/0x150
[  316.249838][ T9854]  dump_stack+0x1c/0x28
[  316.250881][ T9854]  should_fail_ex+0x3b0/0x50c
[  316.252113][ T9854]  should_fail+0x14/0x24
[  316.253076][ T9854]  should_fail_usercopy+0x20/0x30
[  316.254455][ T9854]  copy_msghdr_from_user+0xb8/0x59c
[  316.255771][ T9854]  do_recvmmsg+0x390/0xb34
[  316.256933][ T9854]  __arm64_sys_recvmmsg+0x180/0x23c
[  316.258436][ T9854]  invoke_syscall+0x98/0x2b8
[  316.259636][ T9854]  el0_svc_common+0x130/0x23c
[  316.260814][ T9854]  do_el0_svc+0x48/0x58
[  316.261955][ T9854]  el0_svc+0x54/0x168
[  316.262980][ T9854]  el0t_64_sync_handler+0x84/0xfc
[  316.264303][ T9854]  el0t_64_sync+0x190/0x194
[  316.300824][ T9859] loop0: detected capacity change from 0 to 256
[  316.302257][ T7404] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  316.315827][ T9859] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  316.338245][ T9863] loop4: detected capacity change from 0 to 128
[  316.397001][   T30] audit: type=1326 audit(316.370:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9860 comm="syz.4.665" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed499e8 code=0x0
[  317.314216][ T9866] loop3: detected capacity change from 0 to 40427
[  317.388855][ T9866] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  317.391182][ T9866] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  317.395688][ T9866] F2FS-fs (loop3): invalid crc value
[  317.404912][ T9866] F2FS-fs (loop3): Found nat_bits in checkpoint
[  317.647922][ T9866] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  317.670247][ T9866] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  318.203214][ T9907] netlink: 8 bytes leftover after parsing attributes in process `syz.4.677'.
[  318.205627][ T9907] netlink: 20 bytes leftover after parsing attributes in process `syz.4.677'.
[  318.263657][ T9911] loop4: detected capacity change from 0 to 128
[  318.288187][ T9911] ADFS-fs (loop4): unrecognised mount option "}Œ­�#&‘8OÄçz" or missing value
[  318.475906][ T9918] loop4: detected capacity change from 0 to 512
[  318.492848][ T9918] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  318.501540][ T9918] EXT4-fs (loop4): 1 truncate cleaned up
[  318.505860][ T9918] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.715570][ T7749] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.754937][ T9913] loop0: detected capacity change from 0 to 512
[  318.772528][ T9913] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  318.813257][ T9913] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.676: bg 0: block 18: invalid block bitmap
[  318.836778][ T9913] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  318.876764][ T9913] EXT4-fs (loop0): 1 truncate cleaned up
[  319.493892][ T9931] x_tables: ip_tables: REDIRECT target: used from hooks INPUT, but only usable from PREROUTING/OUTPUT
[  319.752385][ T9913] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.827816][ T9913] EXT4-fs error (device loop0): ext4_map_blocks:609: inode #2: block 3: comm syz.0.676: lblock 0 mapped to illegal pblock 3 (length 1)
[  319.870234][ T9937] netlink: 'syz.4.684': attribute type 29 has an invalid length.
[  319.939888][ T9942] loop3: detected capacity change from 0 to 128
[  319.975900][   T30] audit: type=1326 audit(319.950:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9941 comm="syz.3.685" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cb499e8 code=0x0
[  320.093900][ T9944] netlink: 'syz.4.684': attribute type 29 has an invalid length.
[  320.542278][ T9949] loop1: detected capacity change from 0 to 8
[  320.554441][ T9949] squashfs: Unknown parameter '/dev/bus/usb/00#/00#'
[  320.722930][ T9951] loop1: detected capacity change from 0 to 1024
[  320.876846][ T7514] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.883435][ T9951] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  320.951804][ T9959] netlink: 8 bytes leftover after parsing attributes in process `syz.0.690'.
[  321.074566][ T9960] Soft offlining pfn 0x133770 at process virtual address 0x202e0000
[  321.080625][ T9960] Soft offlining pfn 0x133771 at process virtual address 0x202e1000
[  321.082968][ T9960] Soft offlining pfn 0x133772 at process virtual address 0x202e2000
[  321.578365][ T6422] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  321.587293][ T6422] Bluetooth: hci0: command 0x0419 tx timeout
[  321.724214][ T9964] loop4: detected capacity change from 0 to 128
[  321.726279][ T9964] ext4: Unknown parameter 'uid<00000000000000000000'
[  321.743208][ T9959] netlink: 20 bytes leftover after parsing attributes in process `syz.0.690'.
[  321.748122][ T7567] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.244043][ T9974] input: syz0 as /devices/virtual/input/input4
[  324.018335][ T9985] loop3: detected capacity change from 0 to 128
[  324.980735][ T9994] netlink: 8 bytes leftover after parsing attributes in process `syz.2.702'.
[  324.982960][ T9994] netlink: 20 bytes leftover after parsing attributes in process `syz.2.702'.
[  325.109998][T10003] loop2: detected capacity change from 0 to 128
[  325.189484][   T30] audit: type=1326 audit(2000000002.970:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10002 comm="syz.2.704" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffa91499e8 code=0x0
[  325.201636][ T9999] loop4: detected capacity change from 0 to 512
[  325.271411][ T9999] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  325.322124][ T9999] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  325.325934][ T9999] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.700: bg 0: block 18: invalid block bitmap
[  325.337318][ T9999] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  325.474189][ T9999] EXT4-fs (loop4): 1 truncate cleaned up
[  325.483241][ T9999] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.501469][ T9999] ext2 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  325.529858][ T9999] EXT4-fs error (device loop4): ext4_map_blocks:609: inode #2: block 3: comm syz.4.700: lblock 0 mapped to illegal pblock 3 (length 1)
[  326.393863][T10025] loop3: detected capacity change from 0 to 128
[  326.395987][T10025] ext4: Unknown parameter 'uid<00000000000000000000'
[  327.495281][T10039] FAULT_INJECTION: forcing a failure.
[  327.495281][T10039] name failslab, interval 1, probability 0, space 0, times 0
[  327.517488][T10039] CPU: 1 UID: 0 PID: 10039 Comm: syz.0.714 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  327.520260][T10039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  327.522945][T10039] Call trace:
[  327.523797][T10039]  dump_backtrace+0x1b8/0x1e4
[  327.525127][T10039]  show_stack+0x2c/0x3c
[  327.526279][T10039]  dump_stack_lvl+0xe4/0x150
[  327.527633][T10039]  dump_stack+0x1c/0x28
[  327.528858][T10039]  should_fail_ex+0x3b0/0x50c
[  327.530175][T10039]  should_failslab+0xc8/0x130
[  327.531447][T10039]  kmem_cache_alloc_noprof+0x84/0x350
[  327.532876][T10039]  getname_flags+0xcc/0x4b4
[  327.534112][T10039]  __arm64_sys_statx+0x2a4/0x44c
[  327.535397][T10039]  invoke_syscall+0x98/0x2b8
[  327.536617][T10039]  el0_svc_common+0x130/0x23c
[  327.537875][T10039]  do_el0_svc+0x48/0x58
[  327.538991][T10039]  el0_svc+0x54/0x168
[  327.540087][T10039]  el0t_64_sync_handler+0x84/0xfc
[  327.541390][T10039]  el0t_64_sync+0x190/0x194
[  327.690333][T10032] loop1: detected capacity change from 0 to 32768
[  328.044687][ T7749] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.052467][T10043] loop2: detected capacity change from 0 to 32768
[  328.054697][T10043] btrfs: Unknown parameter 'obj_user'
[  328.146790][T10055] loop1: detected capacity change from 0 to 128
[  328.176036][   T30] audit: type=1326 audit(2000000005.950:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10054 comm="syz.1.722" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb31499e8 code=0x0
[  329.710067][T10059] netlink: 20 bytes leftover after parsing attributes in process `syz.2.716'.
[  329.725260][ T6496] ==================================================================
[  329.727403][ T6496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x84/0x284
[  329.729474][ T6496] Write of size 4 at addr ffff0000d5805080 by task kworker/0:4/6496
[  329.731726][ T6496] 
[  329.732328][ T6496] CPU: 0 UID: 0 PID: 6496 Comm: kworker/0:4 Not tainted 6.11.0-rc7-syzkaller-g5f5673607153 #0
[  329.734972][ T6496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  329.737782][ T6496] Workqueue: events sco_sock_timeout
[  329.739218][ T6496] Call trace:
[  329.740095][ T6496]  dump_backtrace+0x1b8/0x1e4
[  329.741364][ T6496]  show_stack+0x2c/0x3c
[  329.742514][ T6496]  dump_stack_lvl+0xe4/0x150
[  329.743807][ T6496]  print_report+0x198/0x538
[  329.745075][ T6496]  kasan_report+0xd8/0x138
[  329.746308][ T6496]  kasan_check_range+0x268/0x2a8
[  329.747588][ T6496]  __kasan_check_write+0x20/0x30
[  329.748908][ T6496]  sco_sock_timeout+0x84/0x284
[  329.750194][ T6496]  process_one_work+0x79c/0x15b8
[  329.751585][ T6496]  worker_thread+0x978/0xec4
[  329.752828][ T6496]  kthread+0x288/0x310
[  329.753927][ T6496]  ret_from_fork+0x10/0x20
[  329.755102][ T6496] 
[  329.755729][ T6496] Allocated by task 6013:
[  329.756846][ T6496]  kasan_save_track+0x40/0x78
[  329.758082][ T6496]  kasan_save_alloc_info+0x40/0x50
[  329.759465][ T6496]  __kasan_kmalloc+0xac/0xc4
[  329.760716][ T6496]  __kmalloc_cache_noprof+0x244/0x374
[  329.762219][ T6496]  syslog_print+0x10c/0x96c
[  329.763478][ T6496]  do_syslog+0x274/0x704
[  329.764773][ T6496]  __arm64_sys_syslog+0x80/0x98
[  329.765992][ T6496]  invoke_syscall+0x98/0x2b8
[  329.767221][ T6496]  el0_svc_common+0x130/0x23c
[  329.768482][ T6496]  do_el0_svc+0x48/0x58
[  329.769589][ T6496]  el0_svc+0x54/0x168
[  329.770698][ T6496]  el0t_64_sync_handler+0x84/0xfc
[  329.772023][ T6496]  el0t_64_sync+0x190/0x194
[  329.773179][ T6496] 
[  329.773732][ T6496] Freed by task 6013:
[  329.774836][ T6496]  kasan_save_track+0x40/0x78
[  329.775997][ T6496]  kasan_save_free_info+0x54/0x6c
[  329.777448][ T6496]  poison_slab_object+0x128/0x180
[  329.778822][ T6496]  __kasan_slab_free+0x3c/0x70
[  329.780068][ T6496]  kfree+0x154/0x3e0
[  329.781154][ T6496]  syslog_print+0x8e4/0x96c
[  329.782383][ T6496]  do_syslog+0x274/0x704
[  329.783579][ T6496]  __arm64_sys_syslog+0x80/0x98
[  329.784946][ T6496]  invoke_syscall+0x98/0x2b8
[  329.786205][ T6496]  el0_svc_common+0x130/0x23c
[  329.787511][ T6496]  do_el0_svc+0x48/0x58
[  329.788681][ T6496]  el0_svc+0x54/0x168
[  329.789766][ T6496]  el0t_64_sync_handler+0x84/0xfc
[  329.791202][ T6496]  el0t_64_sync+0x190/0x194
[  329.792495][ T6496] 
[  329.793140][ T6496] The buggy address belongs to the object at ffff0000d5805000
[  329.793140][ T6496]  which belongs to the cache kmalloc-2k of size 2048
[  329.796916][ T6496] The buggy address is located 128 bytes inside of
[  329.796916][ T6496]  freed 2048-byte region [ffff0000d5805000, ffff0000d5805800)
[  329.800623][ T6496] 
[  329.801221][ T6496] The buggy address belongs to the physical page:
[  329.802956][ T6496] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff0000d5800000 pfn:0x115800
[  329.805638][ T6496] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  329.807703][ T6496] flags: 0x5ffc00000000240(workingset|head|node=0|zone=2|lastcpupid=0x7ff)
[  329.810072][ T6496] page_type: 0xfdffffff(slab)
[  329.811335][ T6496] raw: 05ffc00000000240 ffff0000c0002000 fffffdffc3328a10 fffffdffc34df810
[  329.813606][ T6496] raw: ffff0000d5800000 0000000000080002 00000001fdffffff 0000000000000000
[  329.815897][ T6496] head: 05ffc00000000240 ffff0000c0002000 fffffdffc3328a10 fffffdffc34df810
[  329.818280][ T6496] head: ffff0000d5800000 0000000000080002 00000001fdffffff 0000000000000000
[  329.820699][ T6496] head: 05ffc00000000003 fffffdffc3560001 ffffffffffffffff 0000000000000000
[  329.823069][ T6496] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  329.825449][ T6496] page dumped because: kasan: bad access detected
[  329.826846][ T6496] 
[  329.827349][ T6496] Memory state around the buggy address:
[  329.828835][ T6496]  ffff0000d5804f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  329.831073][ T6496]  ffff0000d5805000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  329.833100][ T6496] >ffff0000d5805080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  329.835271][ T6496]                    ^
[  329.836377][ T6496]  ffff0000d5805100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  329.838567][ T6496]  ffff0000d5805180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  329.840714][ T6496] ==================================================================
[  329.843515][ T6496] Disabling lock debugging due to kernel taint
[  329.845831][ T6496] ------------[ cut here ]------------
[  329.847314][ T6496] refcount_t: addition on 0; use-after-free.
[  329.849824][ T6496] WARNING: CPU: 0 PID: 6496 at lib/refcount.c:25 refcount_warn_saturate+0x1a8/0x20c
[  329.852338][ T6496] Modules linked in:
[  329.853343][ T6496] CPU: 0 UID: 0 PID: 6496 Comm: kworker/0:4 Tainted: G    B              6.11.0-rc7-syzkaller-g5f5673607153 #0
[  329.856453][ T6496] Tainted: [B]=BAD_PAGE
[  329.857468][ T6496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  329.860053][ T6496] Workqueue: events sco_sock_timeout
[  329.861435][ T6496] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  329.863390][ T6496] pc : refcount_warn_saturate+0x1a8/0x20c
[  329.864948][ T6496] lr : refcount_warn_saturate+0x1a8/0x20c
[  329.866406][ T6496] sp : ffff8000aefc7ab0
[  329.867551][ T6496] x29: ffff8000aefc7ab0 x28: ffff700015df8f80 x27: ffff0000cc98a918
[  329.869535][ T6496] x26: 1fffe00018210001 x25: ffff0000c1080000 x24: dfff800000000000
[  329.871551][ T6496] x23: dfff800000000000 x22: 0000000000000000 x21: 0000000000000002
[  329.873695][ T6496] x20: ffff0000d5805080 x19: ffff8000927b7000 x18: 0000000000000008
[  329.875913][ T6496] x17: 0000000000000000 x16: ffff80008b274630 x15: ffff700011ebd1e8
[  329.878036][ T6496] x14: 1ffff00011ebd1e8 x13: 0000000000000004 x12: ffffffffffffffff
[  329.880041][ T6496] x11: 0000000000000003 x10: 0000000000ff0100 x9 : 7ddc04d36f81e900
[  329.882121][ T6496] x8 : 7ddc04d36f81e900 x7 : 0000000000000001 x6 : 0000000000000001
[  329.884156][ T6496] x5 : ffff8000aefc71f8 x4 : ffff80008f65b620 x3 : ffff800080383398
[  329.886358][ T6496] x2 : 0000000000000000 x1 : 0000000000000001 x0 : 0000000000000000
[  329.888641][ T6496] Call trace:
[  329.889570][ T6496]  refcount_warn_saturate+0x1a8/0x20c
[  329.890915][ T6496]  sco_sock_timeout+0x1c4/0x284
[  329.892196][ T6496]  process_one_work+0x79c/0x15b8
[  329.893484][ T6496]  worker_thread+0x978/0xec4
[  329.894639][ T6496]  kthread+0x288/0x310
[  329.895716][ T6496]  ret_from_fork+0x10/0x20
[  329.896943][ T6496] irq event stamp: 512367
[  329.898070][ T6496] hardirqs last  enabled at (512367): [<ffff80008b3388f8>] exit_to_kernel_mode+0xdc/0x10c
[  329.900701][ T6496] hardirqs last disabled at (512366): [<ffff8000801f8d08>] handle_softirqs+0x8bc/0xbfc
[  329.903305][ T6496] softirqs last  enabled at (512050): [<ffff8000864f81d0>] nsim_dev_trap_report_work+0x620/0x924
[  329.906038][ T6496] softirqs last disabled at (512048): [<ffff8000864f814c>] nsim_dev_trap_report_work+0x59c/0x924
[  329.908772][ T6496] ---[ end trace 0000000000000000 ]---
[  330.076825][ T6496] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000
[  330.079497][ T6496] Mem abort info:
[  330.080365][ T6496]   ESR = 0x0000000086000004
[  330.081458][ T6496]   EC = 0x21: IABT (current EL), IL = 32 bits
[  330.083036][ T6496]   SET = 0, FnV = 0
[  330.084028][ T6496]   EA = 0, S1PTW = 0
[  330.084914][ T6496]   FSC = 0x04: level 0 translation fault
[  330.086320][ T6496] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000107d9d000
[  330.088385][ T6496] [0000000000000000] pgd=0000000000000000, p4d=0000000000000000
[  330.090402][ T6496] Internal error: Oops: 0000000086000004 [#1] PREEMPT SMP
[  330.092149][ T6496] Modules linked in:
[  330.093238][ T6496] CPU: 0 UID: 0 PID: 6496 Comm: kworker/0:4 Tainted: G    B   W          6.11.0-rc7-syzkaller-g5f5673607153 #0
[  330.096111][ T6496] Tainted: [B]=BAD_PAGE, [W]=WARN
[  330.097440][ T6496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  330.100106][ T6496] Workqueue: events sco_sock_timeout
[  330.101465][ T6496] pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[  330.103366][ T6496] pc : 0x0
[  330.104138][ T6496] lr : sco_sock_timeout+0x114/0x284
[  330.105616][ T6496] sp : ffff8000aefc7ae0
[  330.106693][ T6496] x29: ffff8000aefc7ae0 x28: ffff700015df8f80 x27: ffff0000cc98a918
[  330.108662][ T6496] x26: 1fffe00018210001 x25: ffff0000c1080000 x24: dfff800000000000
[  330.110766][ T6496] x23: dfff800000000000 x22: 0000000000000000 x21: ffff0000c5072608
[  330.113052][ T6496] x20: ffff0000d5805000 x19: ffff0000d5805080 x18: 1fffe000366d31ee
[  330.115105][ T6496] x17: ffff80008b41af3c x16: ffff800080a86fd8 x15: ffff60001ab00a38
[  330.117263][ T6496] x14: 1fffe0001ab00a38 x13: 00000000000000fb x12: ffffffffffffffff
[  330.119381][ T6496] x11: ffff8000aefbffff x10: 0000000000ff0100 x9 : ffff8000970a6140
[  330.121435][ T6496] x8 : 0000000000000000 x7 : ffff800080a86878 x6 : ffff800089448624
[  330.123498][ T6496] x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff80008a578cf4
[  330.125553][ T6496] x2 : 0000000000000000 x1 : 0000000000000008 x0 : ffff0000d5805000
[  330.127629][ T6496] Call trace:
[  330.128511][ T6496]  0x0
[  330.129240][ T6496]  process_one_work+0x79c/0x15b8
[  330.130590][ T6496]  worker_thread+0x978/0xec4
[  330.131836][ T6496]  kthread+0x288/0x310
[  330.132908][ T6496]  ret_from_fork+0x10/0x20
[  330.134094][ T6496] Code: ???????? ???????? ???????? ???????? (????????) 
[  330.135964][ T6496] ---[ end trace 0000000000000000 ]---
[  330.720329][ T6496] Kernel panic - not syncing: Oops: Fatal exception
[  330.722220][ T6496] SMP: stopping secondary CPUs
[  330.723621][ T6496] Kernel Offset: disabled
[  330.724749][ T6496] CPU features: 0x10,00000207,00200128,42017203
[  330.726424][ T6496] Memory Limit: none
[  331.315144][ T6496] Rebooting in 86400 seconds..