last executing test programs:

17m44.870906485s ago: executing program 32 (id=290):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f00000008c0)="fc", 0x1, 0x24008800, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000000700)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000200)="e7", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000002c0)='\"', 0x1}], 0x1}}], 0x2, 0x880)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev}, 0x10)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10)
syz_emit_ethernet(0xbe, &(0x7f0000000140)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x25, 0x4, 0x0, 0x3c, 0x0, 0x0, 0x4de, 0x0, 0x1, 0x0, @dev, @local, {[@ra={0x94, 0x4}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@multicast2}]}, @ssrr={0x89, 0xf, 0x0, [@private, @broadcast, @broadcast]}, @timestamp_addr={0x44, 0x4c, 0x0, 0x1, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}}, {@private}, {}, {@local}, {@loopback}, {@private}, {@multicast2}, {@broadcast, 0x3}, {@broadcast}]}, @timestamp={0x44, 0x14, 0x0, 0x0, 0x0, [0x7, 0x20, 0xffffffff, 0x0]}]}}}}}}}, 0x0)
sendto$inet(r0, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd14b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee5", 0xda, 0x805, 0x0, 0x0)

13m28.737870754s ago: executing program 33 (id=545):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f0000000100)={[{@usebackuproot}, {@nodatasum}, {@compress_force}, {@nodatacow}, {@flushoncommit}, {@treelog}, {@notreelog}, {@nodiscard}]}, 0xfb, 0x50f9, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlURxcZek8ULdmxTYhQiYxPRCEFpg5R8KMIoimo+QK1ARFJAuEhxhMojoioKIFBoDVEQKSWJSBOkUM3ee2bvnLvz8GONl/5+knfOzP887zw859475wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP8Ph75y1d82iz/82/Oefu7Cicv2rrvw5WvOO/3xECZnH+/Iwh3919868fM7z71r731rbrvnyPkf7M3L5fEwUP3Tmd+5LtZ6ZGkI93aE0J0GVg5mgZ78/mCs712DIZwW5gK1ElP9WYm04fD9vhD2h7lArarv9YUwWAhc8MRDD95YTdzSF8KyEEIlbePZStZGXxo4qzcL9KeBbd1Z4FdvZGqB73ZmAThu8c1Qe9EfnKzPMDJ/uQavv54T1rE3Vzq8rpgYaZzvZ+sWuFMFvekDk8f1tJWqY0GU3h6HvNsWwbuttJ1v9rQVv0jl31DemAtVQufmqS0br5zZFR/pDGNjXY1qWqDn+alXv7TpaNKL5nUYOzByQl6HNz227M6uFZ969J6Vy1488KF9Lx1vN39U2KTF9EKrhPw1t2iex2jC58kiePuVviWN+tIVQtjy+d/7dLN4af4/0nz+H1/O8bazLnes9fWhbG4eHxmMiVeGsrk5AAAALBqLYa/ptrEHPlYoPlxJ6ivN/0fbO/4fD/nnk/lstIdCmJhN7BsO4YzZx7PAHbG5S4ZDeO9sarI+sC4JHArhnbOJFbWqkhJLYonRJPCToTwwkQQOx8BkEvhWDNycBK6LgYNJYFMMHEoC58ZAmK4fx+8P5eNoO9AXAxuyjXgwnoXwi6HYWrKtnqlVBQAAcILks8Oe+ruFcx2ON0OcXh7sa5UhnoHdMEMlqSGdwdamVQ1r6G5VQ2erGmrj3tN8+KWaO1rVXDoNo6M+w62//JvPhCZK8//x5vP/yjwd6Sgd/w9h/ezfmLszj8zU4hsm6zIAAAAAx2Hgf5//ZrN4af4/0d75/3GfSFchc3gk7obYOhzCeH0gq/YPy4HsqPdAHgAAAIDFoHY8vnYsfDq/zU7RTufT5fyTR5k/HvifmDd/76H7NzTrb2n+P9ne+f/99bdZJw7HXnxtOIQlhcAPYi+rgVmjMfDjj9cH8vEfjhvghlhVfmJCraobYokNMTCeBPY3KvHDWokz6gP5k1VrfF9tHNN5iUIAAAAATrq4OyAel4/n/7/vN2uualauNP/fcHTn/8/Og0un988MhLCqO4Su9IcBj/RnCwPGwGBHnnigP6urK63q2v4QzqkOLK3q+Xz9/+50jcEn+rKqYuCM9x149axq4pt9IawqBp783O0friZ2JYFa43/ZF8J7qqNNG//OkqzxnrTxry8J4d2FQK2qS5aEUG2sN63qoUp+HYO0qn+uhPC2QqBW1UcqIewOACxS8b/SzcUHd+6+euvGmZmpHQuYiPvw+8KW6ZmpsU3bZjZXGvRpc9LnumWMri2Pqd0r3zyTL1H02bvXD7aTrv1OcLzYVr4fv3TiYH4/fhfqmR3nmp66u2vTIX/g/eUmQuGbVKMhdy7wkPuLlcw9iaX6Y/7eMBCWXLlzasfYFzfu2rVjdfa33exrsr/xMFO2rVan26p/vr618fJouFpW4li31fJiJat2Xb591c7dV6+cvnzjpVOXTl2x+iNrxs8eXzv+0bNXVUc1nv1tMdTl81WdDPWN29sc1wkc6pndhUpOxqeGhITEYktsG1je9P/k0vx/e/P5f/zUiZ/8+foMjY7/j8TD/Nnjc4f5N8TA/naP/480OppfOzFgNAnsiYE9DvMDAADw1hAn+XFvZtwr/dMV33mxWbnS/H9Pe7//P0Hr/9eWrj+/0TL/K2KJ8Ubr/6fL/NfW/9/TaP3/dJn/2vr/+9+E9f+vrAWSTfIL6/8DAABvBSdv/f+Wy/unFwgoZWi5vH96gYBShpbL+Ld7gYCjXv//2f/8q/8OTZTm/ze3N/+3cD8AAACcOr78Z1f9TrN4af6/v735/8lf/y80Ov9/tFFgstHCgNb/AwAAYJFqtP7fyPX9FzcrV5r/H2xv/h9Pu+isyx1rfX0oW9MupGvavTJU+8kAAAAALA6dYWysp828dSujrjv2Np/KlwJtli56/k+OHN35/4fam//X/S7jpseW3dm14lOPvn7PymUvHvjQvpfmjv8DAAAAC6fd/RIAAAAAAAAAAAAAAMCb7/n/2Lu2Wbz0+/+wfvbxRr//j9f9i78veHtd7lhr6/X/8vsXfPKu3bNLFj4yFML7i4Gte7eeFvJr8y8vBh68aMU7qom9aYn7nzv3hWri4jTwiZWnv1ZNnJMENsRFEt+ZBuJVFV9bmgTi8or/ngbi9jiYBnrzwFeXZuPoSLfVTwezbdWRbqunB0MYLgRq2+rewayNjnSAtySB2gC/kAbiAP88D3SmvbprIOtVDAzGorcNZL0CAOCUFb8F9oQt0zNT4/ErfLw9s7v+NqpbsuzacrUdbTb/TL402WfvXj/YTror/S46d63xnlCpDmF16etqMUvH7ChPTC0tNt3bGwy51WpvnQ3KpY520/U2HlFfNqKxTdtmNve0HPja1lnWdLfMsro02Slm6ZzdpG3U0kZf2hhRm9umjS7H+51hbKwryfUHMTgS6rR6RbT7e/3iOn+NXgXFPFcc2ferZvWV5v8j7c3/K8VxvZZfDGBPvLLe3w1b5h8AAAAW1lfX/fob8d9nrn/4yWZ5S/P/0fbm/3EPVn4oONvbcShe/3/fcAizl9YfyQJ3xOYuGQ7hvbOpyVgiu6D++bHEeBa4I+4wWRFLbJisr2pJDBxMAj8ZygOHksDhGMj3UhwI+a6cvx8K4cOzqfX1JbbHEiNJ4NMxMJoExmJgPAksjYGJJPDy0jwwmQT+LQbCdP22untpvq0AAACORj7P6qm/G9J53sHuVhk6WmXob5Whs1WGSqsMjUYR7387ZuhJTl7pKGTqSWvtS2opZYgXwz/qfpUyhB/W50wLlpqO5x/UzjfoqM9w38e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qeze1+Kp46Mx8OOP1wfyHQOH42T3hlpVk3mJfNJ+QywxEQOjSWB7DEwkgQ3r88D+d9QH8pl2rfF9tcan8xKFAAAAAJx0cQdB3E0T5/+37fzKQLNypfn/RHvz/9jeQLGx62KtR5aGcG/HXG9qgZWDWSDuxxiMP49/12AIpxV2cNRKTPVnJXqThsP3+7JfqPemVX2vL/vxQbx/wRMPPXhjNXFLXwjLCntfam08W8na6EsDZ/Vmgf40sK07C8Q9P7XAdzuzABy32l7B+ILKT3WpGZm/XIPX31vlmqDp8Er7QOfJN99vrhZKaYdrvk+15uietqb7bzlhSm+PQ95ti/HdNuLdVvwilX9DeWMuVAmdm6e2bLxyZld8pPhL1pIFep6Lv1JtJ30CXod7jr23rVXSDownHx/j85eb/3XYEau76bFld3at+NSj96xc9uKBD+17qe1uNBB/KPzQNf86+KPC5l1olZC/5hbd58mkz5NF8d9A8u4e9bSFENa//PUbmsVL8//J9ub/3cntrF/HjblzOIQPFDbuI3Hz//Fw9jlYCGSfkm8rB7JD7v811PCTEwAAAE602u6O2v6C6fw2OyE8nSeX808eZf64v2Ji3vzt9rv/ry9a1ixemv9vaD7/X5J00/F/x/9ZII7/z+tU3xW9JH1gz3Htii5Vx4Jw/H9ep/q7zfH/eTn+7/j/fBz/b8Hx/3md6k9b6VvSdl+6Qggv/tEDTzeLl+b/29ub/1v/b/5F+2rr/21otP7f9kbr/+2x/h8AALCgGiw0l87zSqv3lTKkq/eVMrRcILDlEoPW/zvq9f9eOPPZ34QmSvP/Pe3N/+PLYaDY+mJZ/290fYOqbo6B7RYGBAAA4FTUaAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb677/uF/NjeLP/zb855+7sKJy/auu/Dla847/fEQpmcf78jCHf3X3zrx8zvPvWvvfWtuu+fI+R+s5OV68tvfrcsda319KIT9hUcGY+KVoeqducAFn7xrd3c18chQCO8vBrbu3XpaNfGtoRCWFwMPXrTiHdXE3rTE/c+d+0I1cXEa+MTK01+rJs7JAx1pd/9xadbdjrS7Ny4NYbgQqHX3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4ZwQQnda1XO9WVXd6cgf782qioEz3nfg1bOqif29IawqBp783O0fria+kARqjf9Fbwjvqb5k0sa/3ZM13pM2fktPCO8OIfSmJX7ZnZXoTUs83x3C2wqBWuOf7w5hd+AtIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kvSpkY5C+o1rj33sz7z6pU3V28/evX6wnXR3Xq5ntstreururj3Vex/71V+sZO75KNUf8/eGgbDkyp1TO8a+uHHXrh2rs7/tZl+T/e3Ko9m2Wr1YttXyYiWrdl2+fdXO3VevnL5846VTl05dsfoja8bPHl87/tGzV1VHNZ79PRFDvf3kD/XM7kIlJ+MDQEJCYrElOus+3cZP9Q/y0hf9uY72hMrsB3RpWlHM0jE7yhMx6HXHOOJj+Z7SckSrSxOHUpY182S5tj7L2tJkYq6WvizL7Pe60uSw2Fjn7CaN9zvD2FhXo+0wUn+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRg9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//7IeJCA=")
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r0, 0x0, 0x0, 0x10000)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x64942, 0x0)
sendfile(r1, r1, 0x0, 0x1000200201005)
r2 = openat(0xffffffffffffff9c, &(0x7f00000008c0)='.\x00', 0x40000, 0x0)
ioctl$BTRFS_IOC_SNAP_CREATE_V2(r2, 0x50009417, &(0x7f0000002480)={{r2}, 0x0, 0x0, @unused, @subvolid=0x3})
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x810, &(0x7f00000000c0)={[{@nossd_spread}, {}, {@flushoncommit}, {@max_inline={'max_inline', 0x3d, [0x25, 0x38]}}, {@nodatasum}, {@discard}, {@datasum}, {@discard_sync}]}, 0x1, 0x50f3, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
r4 = creat(&(0x7f0000000040)='./file1\x00', 0xd)
write$P9_RUNLINKAT(r4, &(0x7f00000000c0)={0x7, 0x4d, 0x1}, 0xfff2)
fallocate(r3, 0x10, 0x3, 0x7c27)
write$binfmt_misc(r4, 0x0, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
ioctl$FS_IOC_FIEMAP(r5, 0xc020660b, &(0x7f0000000100)={0xa, 0xffffffffffffffff, 0x0, 0x4000c, 0x20})

12m59.734624923s ago: executing program 34 (id=579):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r1, @ANYBLOB="00000000000000002400128009000100626f6e64000000001400028008000000000000000800090001"], 0x44}}, 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="2e00000010008188040f80ec59acbc0413a181000b00000000010000000000000e000a000f000000028002002d1f", 0x2e}], 0x1}, 0x0)

11m34.968291349s ago: executing program 35 (id=715):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_mount_image$squashfs(&(0x7f0000000180), &(0x7f00000001c0)='./file2\x00', 0x0, &(0x7f0000000680)=ANY=[], 0x0, 0x18a, &(0x7f0000000380)="$eJzsVb1OMkEUPbM77MJXfPmarzEmFhKFQlgWNVppZXgAH0ACKxIXf1gShZCIFe9hw2tYmPgIFhobLIyJBfZmzc7cXYdeQkzmJLvn3DP3ztxp7hwF54EN4HPSr2EXAib+4pExcABLTHp7tuQ3S3KB4lcuOU/+DfETcdDtHVd932vPTNz/B2Z9xlxEeKU4bP79aKHFLAX/+Z2/w51rA+9ilj1M+rVIHAAIwzCMvLr8mJpjArhTcha4+JiJMMmJhl8UrAIodlpnxaDbW2u2qg2v4Z24bnnTWXecDbd42PQ9R/y3aW6KcoN0xHkA0VpGaSEF4JkG7B9Mgymt0TpTay1lOOeWp2tNpTZmhtuk1lby9rGCNICLAVPcrOiaQ1ysAgaTghJX+pN3S4uFQu3Urw/BwOKyEXiyR2mMFIwMgKbvuSKglfLWIG57SJwlrhCPiMfE8ZsVv0Vc7PBCUW4AWLisdjrtUmRJlXhu4rn/kpMNOvXDmr7cog0NDQ0NDQ0NjV+GrwAAAP//ZVpfyw==")
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x2800)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
setsockopt$MRT_ADD_MFC(0xffffffffffffffff, 0x0, 0xcc, &(0x7f0000000040)={@broadcast, @multicast1, 0x1, "3dab2026179e3f9e94f795c462aef6c3ea5725a79a084ad573851312355a1302", 0x200000ff, 0x3, 0x6, 0x2}, 0x3c)
ioctl$SIOCGETSGCNT(0xffffffffffffffff, 0x89e1, &(0x7f0000000000)={@loopback, @multicast2})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0a85352, &(0x7f0000000240)={{0x9, 0x7}, 'port1\x00', 0x81, 0x120060, 0x1, 0x3, 0x5, 0x5, 0x10e6, 0x0, 0xdb3b026e8655c4c, 0x8})
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[], &(0x7f0000000040)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2400000018000900000000e60000040002000000ff0000010000000008000500ac14140bb7ab370eae949be94ecd44ff0d618d515256a1b42bd5de885b404826c2f8350c99b5bb25b87c43c3ef58fe88bcdea6d769bc42c9a8ba3dce2e72e6a155c9d0a16fbf902ea96f42e8f00282701af68274fc89469c320543416b65c439663f081fe543eff6efef244e9db9c53578ce8c4c64b7175cc4b6f4b23f9211c8f5bf1417039047"], 0x24}}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), 0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
creat(&(0x7f0000000580)='./bus\x00', 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
getegid()
rename(&(0x7f0000000080)='./bus\x00', 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file7\x00', 0x1000)

8m38.053066488s ago: executing program 36 (id=930):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000cc0)={0x30, r1, 0x1, 0x0, 0xfffffffc, {{0x2}, {@val={0x8, 0x3, r3}, @val={0xc}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x980}]]}, 0x30}}, 0x4)

7m50.084616735s ago: executing program 37 (id=994):
semget(0x3, 0x2, 0x2b2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000004600)=""/102400, 0x19000)
pipe(0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r5, &(0x7f0000000440), 0x10)
listen(r5, 0x9)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$sock_timeval(r6, 0x1, 0x43, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
writev(r6, &(0x7f00000002c0), 0x0)
unshare(0x62040200)
close_range(r4, 0xffffffffffffffff, 0x0)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_DSTOPTS(r7, 0x29, 0x3b, 0x0, 0x8)

7m39.948845603s ago: executing program 8 (id=1004):
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0xfffffffffffffffc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
getgroups(0x0, 0x0)
socket$inet(0x2, 0x2, 0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000500)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x80000)
write(r4, &(0x7f0000000040)="cb", 0xfffffdef)

7m38.170001568s ago: executing program 8 (id=1005):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x1000, 0x80000100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000180)='./file2\x00', 0x14018, &(0x7f0000000340)={[{@part={'part', 0x3d, 0x9}}, {@type={'type', 0x3d, "d710211b"}}, {}, {@uid}, {}, {@creator={'creator', 0x3d, "1eeb3907"}}, {@gid}, {@gid}, {@type={'type', 0x3d, "f606a15d"}}, {@uid}, {@creator={'creator', 0x3d, "af2afe27"}}, {@umask={'umask', 0x3d, 0x6}}], [{@appraise}, {@euid_lt}, {@obj_type={'obj_type', 0x3d, '}}@@[/-'}}]}, 0xdf, 0x6c8, &(0x7f0000000d40)="$eJzs3ctvHHcdAPDvzK7tXSMlTpu0BVXCakRBWCR+yAVziUEI+VChCg6cV4nTWNm4le2CGyEw72sP/QPKwTdOSNyDyhkuCI4Wp0qIXDj5tmgeu157d+11nHht+Hyi2fnN/N7fnZndWSuaAP5vrcxE9UkksTLz9na2vbe70NzbXZgos5sRkaXTiGqximQ9Ivk0YjmKJT6f7SzLJ4P6+Xht6ft//8/eZ8VWtVzy8mlvvZ+1IuJLw89ip1xiOiIq5brXWO+u2snt3R3YXmGiK91//kknJwvYzXbgYNRaPXZOU33g+Q5cHknxudljKmKy/JjMP+fKq0N6vqN7/k51lQMAAIARW/n3jfnTlK+X66v7sR/bl/42HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM5V+fz/pFzSdno6kvbz/8fLfVGmL7Unox4AAAAAAAAAAPQY69kz0U7c6V/ji/uxH9txpb3dSvK/+b+Rb1zPXz8XH8RmrMZG3IrtaMRWbMVGzEXEVFdD49uNra2NuSFqzvetOX94XJXhJlwbrhgAAAAAAAAA/M/7Rawc/P0fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAugiSiUqzy5Xo7PRVpNSJqETGelduJ+Gs7fUkk/XY+Of9xAAAAwJnUnqHO1f3Yj+240t5uJfk9/yv5/XItPoj12Iq12IpmrMa98h46u+tP93YXmnu7C4+y5cxDz1uM4reH/j2/lpeox/1Yy/fcirv5YO5FmtfM/DMiHrXH1Duunz/N2r5T+PGQI7tXrrPOPmr/ijBx5gk/B1MR1TTGOhGZzcdWHATXuqPQG4lvPR3U6HKxqh7tKbp7mou088vP9aKHLHlizO8MObPJcp3N5zeDfrl53moHne4MLNSJRBp5JOa7jr5Xjo95xJf/+PuPHjTXHz64vzlzLlN6kY4eEwtdkXh1iEj88MJGonp8dnp0x2y+80ZneyW+Gz+ImZiOd2Ij1uJH0YitWI2knGmjPJ6z16njI7V8aOudk0Y+Xr4vlXKgJ49pOr6TpxrxRl73SqxFEu/FvViNt/J/8zEXX4/FWIylrnf4xsBx53PLz/r0dGf9za+UiXpE/LZcj1pxUcjieq0rrt3X3Kk8r3vPQZReOv7d7b02njzl6hfKRNbHL/sdjiNzNBJzXZF4+fhI/K6VvW421x9uPGi83+fTtZWM5eu/3YxotYp9b5Z52RH365O//vzprPM7Qdd1LDteXopaeSW5FmPF0CrtvJc7V5nD8Rov/+JS5KVH8mrZ+ZwWPRVn6vcGnqnj5Xe43pbm87xX++Yt5HmvdeV1f9+KeC+ane9DAFxgk1+dHK//q/6X+if1X9Uf1N+ufXviGxOvj8fYn8e+WZ2tvJm+nvwhPomfHtz/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz27zw8cPG83m6kb/RFoZmDUgEa3HDxvtJ/kMWys2k/JJOqfqa1SJziN/Lsh4XkCiGklPVjbj59NF+yGCp6s123tELY8yUP84ba2oDTXlyTLRulpE6VRdTB09MiMGFJ4oglkZcJ6Wb9GzPFwUuBRubz16//bmh4+/tvao8e7qu6vrY4uLS7NLi28t3L6/1lydLV5HPUrgRTj43n7YhXjSNQAAAAAAAAAAANDXefx/iVHPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjcVmai+iSSmJu9NZtt7+0uNLOlnT4oWY2INI1IfhKRfBqxHMUSU13NJYP6+XhtqRIRnx20VW2XT4+p15oYahY75RLTEVEp12dwqL27Z24v6cwwi9XNduBg1P4bAAD//21q7G8=")

7m33.991724015s ago: executing program 8 (id=1008):
r0 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
ioctl$FE_SET_PROPERTY(r0, 0x40106f52, &(0x7f0000000100)={0x3, &(0x7f0000000140)})

7m30.955958933s ago: executing program 8 (id=1010):
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x8, &(0x7f0000000300), 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
rename(&(0x7f0000000000)='./file2\x00', &(0x7f00000005c0)='./file0/file0\x00')
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_clone(0x0, 0x0, 0xfffffffffffffe7b, 0x0, 0x0, 0x0)
syz_mount_image$fuse(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x40000, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000f40)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x58}, 0x0)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)

7m27.27512804s ago: executing program 8 (id=1013):
io_setup(0x1, &(0x7f0000000000))
socket$igmp6(0xa, 0x3, 0x2)
r0 = syz_open_dev$usbfs(0x0, 0x800000001fe, 0x2)
r1 = dup(r0)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x541c, &(0x7f0000000100))
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000f40)=@raw={'raw\x00', 0x8, 0x3, 0x3d0, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], [0xffffff00, 0x0, 0x0, 0xffffff00], 'vxcan1\x00', 'xfrm0\x00', {0xff}, {}, 0x88, 0x9, 0x2, 0x8}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {}, {}, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x200, 0x230, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x430)
r3 = socket$inet6(0xa, 0x3, 0x100)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
getsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000240)=0x7, &(0x7f0000000280)=0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000010, 0x0, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
preadv(r7, &(0x7f00000000c0)=[{&(0x7f0000000640)=""/4112, 0x1010}], 0x1, 0x4000, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x44004)

7m22.69893066s ago: executing program 8 (id=1018):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r4, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {0x0}], 0x2)

7m21.485480332s ago: executing program 38 (id=1018):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r4, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {0x0}], 0x2)

5m34.406457383s ago: executing program 9 (id=1163):
chdir(&(0x7f0000000080)='./file0\x00')
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, &(0x7f0000000580)={0x1})
rename(&(0x7f0000000000)='./file2\x00', &(0x7f00000005c0)='./file0/file0\x00')
ioctl$BTRFS_IOC_QGROUP_LIMIT(0xffffffffffffffff, 0x8030942b, &(0x7f0000000000)={0x0, {0x5, 0x7fff, 0x4, 0x3, 0x6a5e}})
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, &(0x7f0000000440)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})

5m30.612891677s ago: executing program 9 (id=1166):
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x2e00, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000040)=0x3, 0xac5)
syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040)=<r0=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_setup(0x8, &(0x7f0000000600)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r0, 0x0}])

5m28.546394679s ago: executing program 9 (id=1168):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000001c0), &(0x7f0000000080)=0xc)
sendmsg$netlink(r2, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000c00)}, 0xcc000)
read$msr(r1, &(0x7f0000000580)=""/245, 0xf5)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000010, 0x0, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000600)={0x26, 'hash\x00', 0x0, 0x0, 'cbcmac(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000004380)="ad56c6c5820fae9d6dcd3292ea2b74dc", 0x10)
r4 = accept4(r3, 0x0, 0x0, 0x800)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000bc0), r4)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0xc, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7020000000c7100850000009b0000008500000007000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$inet_tcp(0x2, 0x1, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x2, @in6=@mcast2, 0x6, 0x4, 0x3}]}]}, 0xfc}}, 0x0)
r7 = socket(0xa, 0x3, 0xfc)
sendto$unix(r7, 0x0, 0xffffffffffffff84, 0x48850, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e20}, 0x18)
sendmsg$key(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2, 0x0, 0x80}, 0x10}}, 0x0)

5m26.66562583s ago: executing program 9 (id=1170):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000200)='./bus\x00', 0x201c08c, &(0x7f0000001180)=ANY=[], 0x25, 0x352, &(0x7f0000000c80)="$eJzs3T9sG2UUAPDnnhOnESUekCqYDBsSqtogBphSVUWqyABFFv8WIjWFEhukWFgKQxwvoIoJxIIEE1sHGDsjBoTYGFgpEiogFrpVasQh5872OXaoMzi06u83RE/v+959z+dL7hIlX97sxMalubh869bNWFgoRXnl3ErcLkU1jkUSmZ2Y6OP5yXkA4B53O03j7zRz99mfLvYj934AuH/t3f/fOjFMVA5RfPWhWbQEAMzYlN//vzgx+97M2gIAZmjs/v/EyPC+H/OXB78TAADcv15+7fUXzq5GXKzVFiKaH7Xr7Xo8Nxw/ezmuRCPW43QsxW5E9qCQPS30Pj5/YfX86VrP79Wo9yra9Yhmp13vPSmkSxFxpdw/WDWvTwf1Sa/+zF59LSJ2OnvrR7PUrs/FYr7+L4uxHsuxFI+M1UdcWD2/XMsPUG/26zsR3Vjor9vr/1QsxU/Dx5li/9tnarVz6epIfftaJS4d4fsAAAAAAAAAAAAAAAAAAAAAAMCD5VRtoDrY/yZtdtofXtw/oTqyP049G873B+pm+wOllf7uPFeT/fsDje7P066X49j/+soBAAAAAAAAAAAAAAAAAADg3tHamo+1RmN9s7X1wUYx6BQy7/7w9XfHYz4ieplyXvpOMqyKPDlynP7EwpGTGCyRDsrTJJtTyudnk5OI/uSdtWvXBx0Xl6gMXsVo83lQGRsqlQdLnHj8ty8mVf3TC3b2MkmMnZbRoN9xYaj5cC+xEBG7B1UdHCzfZc6NNE0PKt/+fLwqShHlOHQbUwTf33z70adbJ5/Zy3ybb/rw5FNLr9z47Ks/N9Ya0c3OTKMxv9naTac4cq/XxvqxGB1KCtdPKT/PpQlXwuSgO8x0N1tba8nPf7362Cc/7pucTL5+0mLm/YPX+mZ/Zj4LShHV/kn4r1bnYtoz/8ad4ifIId+4k1+urF3f/vWPaasKXyRs1AEAAAAAAAAAAAAAAAAAAEei8Lfih/DsS7PrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACO3vD//xeC7lhmmuBOJ8aHKuubrQMXP36kLxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAfYvwEAAP//jXFraQ==")
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x214802, &(0x7f0000000980)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
open(0x0, 0x109042, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x400141042, 0x2a)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
fallocate(r0, 0x0, 0xc, 0x10001)

5m23.357900975s ago: executing program 9 (id=1175):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./control\x00', 0x480, &(0x7f0000000000), 0x1, 0x786, &(0x7f0000000f80)="$eJzs3c9rHGUfAPDvbLNJ37Tv27zwwms9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQkCLCF4EFQ+CXnq2Wm9e/XHVP8C7B2mpmhYjHiQym9102+ymmzSbbdnPByZ5npnZfOc7z8w8T3aG3QD61mj6IxNxOCI+SCIO1ecnEZGtlQYiTq6vt7qyXEinJNbWXvstqa1ze2W5EE2vSR2oVx6LiO/ejTiS2Ry3srg0ky+VivP1+nh19sJ4ZXHp6PnZ/HRxujh3fGJy8tiJZ08c371c//hx6eCND19+6suTf73z/2vvf5/EyThYX9acx24ZjdH6Psmmu/AuL8Vbux2up5JebwA7kp6a+9bP8jicpOWBXm8SANBl6Sh0DQDoM4n+HwD6TON9gNsry4XG1Nt3JPbWzRcjYv96/o37m+tLBur37PbX7oMO307uujOSRMTILsQfjYjPvn7jajpFl+5DArTy9uWIODsyuvn6n2x6ZmG7nu5gndF76hvxf8o+YHTgfr5Jxz/PtRr/ZTbGP9Fi/DPU4tzdibbn/4bM9V0I01Y6/nuh6dm21ab860b21Wv/ro35ssm586Viem37T0SMRXYorU9sEWPs1t+32i1rHv/9/tGbn6fx09931shcHxi6+zVT+Wr+QXJudvNyxOMDrfJPNto/aTP+Pd1hjFeef+/TdsvS/NN8G9Pm/Ltr7UrEky3b/84TbcmWzyeO1w6H8cZB0cJXP38y3C5+c/un0+rK8loScXX3M20tbf/hrfMfSZqf16xsP8YPVw59225Zi/wLjf+F1rU+/geT12vlwfq8S/lqdX4iYjB5dfP8Y3de26g31k/zH3ui9fm/1fGfjk7Odpj/wI1fv9h5/t2V5j+1rfbffuHa6sy+dvE7a//JWmmsPqeT61+nG/gg+w4AAAAAAAAAAAAAAAAAAAAAAAAAOpWJiIORZHIb5Uwml1v/Du//xXCmVK5Uj5wrL8xNRe27skcim2l81OWhps9Dnah/Hn6jfuye+jMR8d+I+HjoX7V6rlAuTfU6eQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACoO9Dm+/9Tvwz1eusAgK7Z3+sNAAD2nP4fAPqP/h8A+o/+HwD6j/4fAPqP/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAuO33qVDqt/bmyXEjrUxcXF2bKF49OFSszudmFQq5Qnr+Qmy6Xp0vFXKE8e7+/VyqXL0zG3MKl8WqxUh2vLC6dmS0vzFXPnJ/NTxfPFLN7khUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbE9lcWkmXyoV5xUegcJAvdUelu3ZUSHTSGKvgg52K4uHYGd2r9DDixIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAI+SfAAAA///WoyFe")
r1 = open(&(0x7f00000003c0)='./file1\x00', 0x44142, 0x191)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
sendfile(r1, r1, 0x0, 0x800000009)
r3 = syz_io_uring_setup(0x21f4, &(0x7f00000004c0)={0x0, 0xbf59, 0x80, 0x0, 0x25c}, &(0x7f0000000540), &(0x7f0000000580))
io_uring_register$IORING_UNREGISTER_EVENTFD(r3, 0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYRESHEX=r0, @ANYRESDEC], 0x0)
syz_usb_connect$uac1(0x3, 0xe1, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xcf, 0x3, 0x1, 0x7, 0x20, 0x6, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x8ae, 0x8}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xe, 0x24, 0x2, 0x1, 0x9, 0x4, 0x2b, 0x2, "d3f27c309bb8"}, @format_type_ii_discrete={0xa, 0x24, 0x2, 0x2, 0x4, 0x3, 0x2, 'm'}, @format_type_ii_discrete={0xf, 0x24, 0x2, 0x2, 0x6, 0xfffe, 0x30, "6ba955831c9f"}, @as_header={0x7, 0x24, 0x1, 0x0, 0x7, 0x4}, @format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x3, 0x3, 0x4, 0xba}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x0, 0x4, 0x31, 0x6, "0bfb8a", 'R'}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0xfd, 0x2, 0xfa, {0x7, 0x25, 0x1, 0x80, 0x2, 0x4}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0xf6, 0x1, 0x3, 0x9}, @format_type_ii_discrete={0x12, 0x24, 0x2, 0x2, 0x2, 0x7fff, 0x4, "a5bbdee98ef35dbd6c"}, @as_header={0x7, 0x24, 0x1, 0xd9, 0x7, 0x5}, @format_type_i_continuous={0xd, 0x24, 0x2, 0x1, 0x7, 0x0, 0x1, 0x8, "8963", "df3b80"}]}, {{0x9, 0x5, 0x82, 0x9, 0x400, 0x8, 0xff, 0x6, {0x7, 0x25, 0x1, 0x80, 0x5, 0xfffc}}}}}}}]}}, &(0x7f0000000440)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x201, 0x9, 0x0, 0x9, 0x20, 0x7}, 0x49, &(0x7f0000000180)={0x5, 0xf, 0x49, 0x1, [@generic={0x44, 0x10, 0xc59f3257911d6535, "6b7788c5d6975e97766a7cae909bac9f5f485d0aea13718303eeb7927477ee3b09b0fe48cdfc41fc3692fbe29c5190005af2ac84d725057b9ff89d4cd8fc82a0eb"}]}, 0x5, [{0xd5, &(0x7f0000000200)=@string={0xd5, 0x3, "12a2b1d7262d853d2ce1f14769fd8bd8b15e98bb12a47db035ef9a98508b22bad300a0fa87bb4d75ba0e6a65b82e299317ce268aa9dee81507de64ef1095c3ed47c0d6b8b0f3962c878411990d1ed92f62ac84422fde9b388980006a6561b24e8ba694ecaa77f7805431f328f2503a545ec92d885059c0c2a49fa5a4d02d5ef6b2541e5fcb5db38c4aba053a368df33b0a26ae0b45c0874a17b6253192196c7a9c7fd43e8e2ae66e180d67d6645a608891ebe955a31a4e8f02827f00741a3c24145aa657e3dfd70a85cff77cd82f978dae3e0d"}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x140a}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x44a}}, {0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x412}}, {0x4, &(0x7f0000000400)=@lang_id={0x4, 0x3, 0x1407}}]})
syz_open_dev$loop(&(0x7f00000005c0), 0x6, 0x8000)

5m22.848433625s ago: executing program 9 (id=1176):
r0 = syz_open_procfs(0x0, 0x0)
pread64(r0, &(0x7f0000000080)=""/102356, 0x18fd4, 0x1c)

5m22.342350695s ago: executing program 39 (id=1176):
r0 = syz_open_procfs(0x0, 0x0)
pread64(r0, &(0x7f0000000080)=""/102356, 0x18fd4, 0x1c)

4m53.361200313s ago: executing program 4 (id=1224):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5c5d000)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
socket$inet(0x2, 0x1, 0x0)
r4 = socket$inet(0xa, 0x801, 0x6)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r5 = gettid()
timer_create(0x9, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r5}, &(0x7f00000000c0)=<r6=>0x0)
timer_settime(r6, 0x0, &(0x7f0000000080)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
accept4(r4, 0x0, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0x27, 0x7, 0x0, &(0x7f0000000300)="0300f90ffac423", 0x0, 0x3, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

4m50.342813611s ago: executing program 4 (id=1231):
socket$alg(0x26, 0x5, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000540)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
r3 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24)
r6 = syz_open_procfs(0x0, &(0x7f0000000240)='setgroups\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1f, 0x2, &(0x7f0000000200)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12}, 0x94)
write$yama_ptrace_scope(r6, 0x0, 0x0)

4m47.64104154s ago: executing program 4 (id=1235):
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x82, &(0x7f00000000c0)={[], [], 0x3d}, 0x1, 0x464, &(0x7f0000001600)="$eJzs3M9vFFUcAPDvzLIF+VkVVH6o9Vck/qC0oHLwotHEgyYmekASD7UsBFnA0JoIIRaNwaPBeDceTfwLPOnF6Nmr3g0JMVxEL66Z2Zl2S3fbLt12K/v5JEvem3m7733nzRvevNltAANrJPsnidgaEb9l6TTPzmoUhbJyN29cmvz7xqXJJBqNt/5M8n1/3bg0WZYt37elyOxPI9LPktjbpt6pCxdPT9TrtfNFfnT6zAejUxcuPnvqzMTJ2sna2fEjRw4fGnvh+fHnehLntqytez4+t2/3a+9cfWPy6NX3fvkua+/WYn9rHL0yEiPzjmWrJ3pdWZ9ta0knG/rYELpSiYisu6r5+N8RlZjrvB3x6qd9bRywqhqNRmN7592XG8AdLImOuzYVFwjgjlT+R5/d/5avNZp6rAvXX2reAGVx3yxezT0bIi3KVG+5v+2l4WLd5Ojlf76OVVqHAABo9UM2/3mm3fxvOO5rKbc9Xw9uzlfujoh7IuLeiNgZEbsi8rL3R8QDXdY/ckt+4fwnvXZbgS1TNv97sXi2NX/+V8z+/m0MV4rctjz+anLiVL12sDgm+6O6McuPLVLHj6/8+kWnfSPF3K98ZfWXc8GiHdc2bJz/nuMT0xMri3rO9U/yW/yZhfHPPbnKUrsjYs9tfP6miDj11Lf7Ou1fOv5F9OA5U+ObiCeb/X85Fol/keeTo5uiXjs4Wp4Vrco7iCtvdqp/RfH3QNb/m9ue/7PxDyetz2unuq/jyu+fd7yn6eL8P1Zuyc7/oeTtPD1UbPtoYnr6/FjEUPL6wu3jc59W5svy17fuinis/fjPrnHZOZbFvzcispP4wYh4KCIeLtr+SEQ8GvlHtDNzMyJ+fvnx92dPhS7i7/CWnsr6//i8/o8l+r/7ROX0T993qn95/X84T+0vtizn+rfcBq7k2AEAAMD/RZp/Bz5JD8ym0/TAgeZ3+HfG5rR+bmr66RPnPjx7vPld+eGopuVK146W9dCxYm24zI/fkj9UrBt/Vbkrz28u1gaB/tnSYfxn/qj0u3XAqvN7LRhcxj8MLuMfBpfxD4NrueO/scrtANZeu/E/04d2AGvP/B8Gl/EPg8v4h8HVHP/H+t0MYG2t5Hf9EkskZnp8eIfWSVx5ItJ10Yx1kYhI8r+kv3ThajHu6rUv322m+t74Dol+XpUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB6578AAAD//6nq3AI=")

4m35.859607005s ago: executing program 4 (id=1249):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x14000, &(0x7f0000000140)=ANY=[], 0x1, 0x68b, &(0x7f0000000a40)="$eJzs3U1sHGf9B/DvbnbX3vz/Sp02SQOqRNRIBRGROLGSYi4NCKFIVKgqB8TRSpzGyiatHBc5EYLwfuDCoXeKRG5cQOIeVM7AqVcfKyFx6SmAxKKZnbXXL7F3ndhri88nmp3nmedlnuc3Mzu7s4oc4H/WtXNpPE4t1869uVzkVx7NdFYezdzpp5NMJKknjd4qtbtJ7aPkanpLPlNsrLqrPW0/HyzMvv3xpyuf9HKNainr17drt8mV+hYbH1ZLziQ5Uq2fwbr+rm/orzVyd7XVGRYBO9sPHIxbM0l3ne+eWivZ0fDXLXBg1Xr3zU0X9FRyNMlk9Tmgd1fs3bMPtYfjHgAAAADsgxd+WX6FPzbucQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBhUv39/1q11PvpM6n1//5/q9qWKn2oPR73AAAAAAAAAABgdN/8/w0bPvckT7KcY/18t1b+5v9qmTlRvv5f3s+9zGcx57OcuSxlKYu5mGSqLG+Wr63luaWlxYtDtLy02jIDLS8NOYP27icPAAAAAAAAAIdFY/QmP861td//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIKglR3qrcjnRT0+l3kgymaRV1HuY/LWfPpB+/afBXPff3dKmao/3c0wAAAAwJi88yZMs51g/362V3/lPld/7J/N+7mYpC1lKJ/O5UT4L6H3rr688mumsPJq5Uyyb+/3qP0YaRtljes8ett7z6bJGOzezUG45n+t5N53cSL1sWTjdH8/W4/pRMabaG5UhR3ajWhcz/1WaI81qN2pD15wqI1KMqBeR6aptEY3j20dixKPT31M/9hdTX33yc+J5xny5t3r9t711MZ+fjxSTvbYxEpcGzr5T20ci+fwff/edW527tydu3jt3cKY0gomBJ2gbIzEzEImXh43ErcMaiUHTZSROruav5Rv5ds7lTN7KYhbyvcxlKfM5k69nLkcyV53PxevU9pG6ui731k4jaZXHpVm9iw4/pqXM5dWy7bEs5Ft5Nzcynyvlv0u5mNdzOZczO3CETw5x1ddHe6c9+4WBh8m/SNIert0+KAZ2fPXuNHjWT5fXwfF1W9ai9OLzvx81Plslin38pFofDBsjcXEgEi9tH4nflG8r9zp3by/emntvyP29Vq2L6+hnB+ouUZwvLxYHq8ytPzuKspc2lk324tWqfnHpla2/4xZlJ1fLdrpSW9VnuM09XSrLXt6ybKYsOz1Qtu7z1tXe5y0ADryjXzzaav+9/Zf2h+2ftm+135z82sSXJ15ppfnn5lca00deq79S+0M+zA/Wvv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC7d+/+g9tznc784oZEt9v94VOK9jDRTtLfkuzUqpmd6+xNopWkTDT6idH6mRiqcmvt6Lzx+2cZc3PUVslzCVSjOsnuP7j9z263u++HaYtEc5tzfi3RrWwq6g7VfGyJf3WfX4djfmMC9tyFpTvvXbh3/8GXFu7MvTP/zvzd2cuXZ6dnL1/524WbC5356d7ruEcJ7IW1m/64RwIAAAAAAAAAAAAMaz/+W8JTdv2ffZ4qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEhdOzdRpc5PF68rj2Y6xdJPr1Ysq9WT1L6f1D5Krqa3ZGqgu9rT9vPBwuzbH3+68kkv16iWsn59XbvmbmbxsFpyJsmRaj1o8hn6u16tdzWyUm11hkXAzvYDB+P23wAAAP//+B8RmQ==")
r0 = openat(0xffffffffffffff9c, 0x0, 0x101940, 0x100)
fsopen(0x0, 0x1)
openat$rtc(0xffffffffffffff9c, 0x0, 0x400, 0x0)
ioctl$FIBMAP(r0, 0x1, 0x0)
r1 = getpid()
openat(0xffffffffffffffff, 0x0, 0x101101, 0x6)
r2 = syz_pidfd_open(r1, 0x0)
setns(r2, 0x24020000)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'batadv_slave_0\x00'})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r3 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x24020000)
mount(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x2020022, 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, 0x0, 0x0, &(0x7f0000000740))

4m32.907843148s ago: executing program 4 (id=1254):
r0 = socket(0x2a, 0x2, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000bc0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x2004c840)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000140)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000002fc0)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)

4m24.790251567s ago: executing program 4 (id=1261):
sendmsg$key(0xffffffffffffffff, 0x0, 0x20040010)
iopl(0x3)
landlock_create_ruleset(&(0x7f00000001c0)={0x0, 0xd}, 0x18, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r3, 0xc0105500, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./cgroup/pids.max\x00', 0x0, 0x11)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x1c, 0x52, 0x1, 0x70bd2a, 0x0, {0xa}, [@typed={0x8, 0x1, 0x0, 0x0, @fd=r5}]}, 0x1c}}, 0x0)
syz_emit_ethernet(0xc1, 0x0, 0x0)
syz_io_uring_setup(0x2d0c, &(0x7f0000000040)={0x0, 0x6d2a, 0x2000, 0x1, 0x16a, 0x0, r4}, 0x0, &(0x7f0000000180))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
ioctl$FITRIM(r3, 0xc0185879, 0x0)
r6 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01)
ioctl$EVIOCSMASK(r6, 0x40104593, &(0x7f00000001c0)={0x1, 0x58, 0x0})

4m24.130683576s ago: executing program 40 (id=1261):
sendmsg$key(0xffffffffffffffff, 0x0, 0x20040010)
iopl(0x3)
landlock_create_ruleset(&(0x7f00000001c0)={0x0, 0xd}, 0x18, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r3, 0xc0105500, 0x0)
r4 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./cgroup/pids.max\x00', 0x0, 0x11)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x1c, 0x52, 0x1, 0x70bd2a, 0x0, {0xa}, [@typed={0x8, 0x1, 0x0, 0x0, @fd=r5}]}, 0x1c}}, 0x0)
syz_emit_ethernet(0xc1, 0x0, 0x0)
syz_io_uring_setup(0x2d0c, &(0x7f0000000040)={0x0, 0x6d2a, 0x2000, 0x1, 0x16a, 0x0, r4}, 0x0, &(0x7f0000000180))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
ioctl$FITRIM(r3, 0xc0185879, 0x0)
r6 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01)
ioctl$EVIOCSMASK(r6, 0x40104593, &(0x7f00000001c0)={0x1, 0x58, 0x0})

3m58.495443627s ago: executing program 1 (id=1294):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x1, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x800}, 0x200, 0x0, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f0000000300)={@broadcast, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e21, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

3m54.509544772s ago: executing program 1 (id=1300):
keyctl$instantiate(0xc, 0x0, 0x0, 0x2a, 0xfffffffffffffffc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
getgroups(0x0, 0x0)

3m53.208566069s ago: executing program 1 (id=1301):
r0 = fsopen(&(0x7f00000001c0)='binder\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0xf)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sendmsg$NL80211_CMD_SET_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x0, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd, 0x0, 0xffffffffffffffff, 0x28}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0xfffc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/diskstats\x00', 0x0, 0x0)
r6 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/tcp_rmem\x00', 0x1, 0x0)
sendfile(r6, r5, 0x0, 0x7ffff000)

3m51.31444278s ago: executing program 1 (id=1303):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf5c5d000)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
socket$inet(0x2, 0x1, 0x0)
r4 = socket$inet(0xa, 0x801, 0x6)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r5 = gettid()
timer_create(0x9, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r5}, &(0x7f00000000c0))
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
listen(r4, 0x8)
accept4(r4, 0x0, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0x27, 0x7, 0x0, &(0x7f0000000300)="0300f90ffac423", 0x0, 0x3, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3m48.351665845s ago: executing program 1 (id=1305):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000c200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0x50480240, 0x0, 0x61c6, 0x7, 0xa15, 0x0, 0x0, 0x1}}, 0x50)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x4, @remote, 0x1}, 0x1c)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
mount$binder(0x0, &(0x7f00000021c0)='.\x00', &(0x7f0000002200), 0x1200850, &(0x7f0000000340)=ANY=[])

3m46.106629368s ago: executing program 1 (id=1306):
io_setup(0x9, &(0x7f0000000000))
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000a, 0x80012, r0, 0x80000000)
gettid()
timer_create(0x1, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x1fe, 0x1, 0x2000, 0x2000, &(0x7f0000006000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r3, 0xc040aed5, &(0x7f0000000040)={0x41000, 0x15000})
io_setup(0x10000, &(0x7f0000000380))

3m27.40194157s ago: executing program 41 (id=1306):
io_setup(0x9, &(0x7f0000000000))
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x100000a, 0x80012, r0, 0x80000000)
gettid()
timer_create(0x1, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x1fe, 0x1, 0x2000, 0x2000, &(0x7f0000006000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r3, 0xc040aed5, &(0x7f0000000040)={0x41000, 0x15000})
io_setup(0x10000, &(0x7f0000000380))

2m58.063693495s ago: executing program 0 (id=1355):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002340), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000004340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000006340)={0x2020, 0x0, <r1=>0x0}, 0xfffffc4e)
write$FUSE_LSEEK(r0, &(0x7f00000021c0)={0x18, 0x0, r1, {0x7}}, 0x18)
read$FUSE(r0, &(0x7f0000000100)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_IOCTL(r0, &(0x7f0000002140)={0x20, 0x0, r2, {0x0, 0x0, 0x80003ff}}, 0x20)

2m56.986371387s ago: executing program 0 (id=1358):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x8800)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})

2m56.226311871s ago: executing program 0 (id=1359):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x400008c0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000180)=@mangle={'mangle\x00', 0x1f, 0x6, 0x530, 0x120, 0x1f0, 0x0, 0x0, 0x3e0, 0x4b0, 0x4b0, 0x4b0, 0x4b0, 0x4b0, 0x6, &(0x7f0000000000), {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0x5}}}, {{@ipv6={@remote, @private2={0xfc, 0x2, '\x00', 0x1}, [0xff000000, 0xffffff00, 0xffffff00, 0xffffff00], [0x0, 0x0, 0xffffff00], 'bond_slave_1\x00', 'nicvf0\x00', {}, {}, 0x2b, 0x6, 0x1}, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@empty, @private0={0xfc, 0x0, '\x00', 0x1}, [0xff000000, 0xff, 0xffffff00, 0xff000000], [0xffff00, 0xffffff00, 0xff, 0xff], 'veth0_to_bridge\x00', 'veth1_to_team\x00', {}, {0x72a7bff1b1341d42}, 0x29, 0x2, 0x5, 0x24}, 0x0, 0xd8, 0x120, 0x0, {}, [@common=@srh={{0x30}, {0x6c, 0x9, 0xff, 0x3, 0x1, 0xc, 0x600}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@remote, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3a, 0x20, 0xfffd}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3000000013000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000010000c800c0022"], 0x30}, 0x1, 0x0, 0x0, 0x8004}, 0x0)

2m54.005267601s ago: executing program 0 (id=1363):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9rVNceAPBzb/KeiU998cfCBw/ewBPeoy0hcdU2QjVGY6KpxVYp3YyTZNS0k4wkk9KFi3QndFXoQrqQFrrLSrLo1v4J3XRp10K76KZQkKbMzJ0492aGTCXXVPl8wJzc8zvznXvmzOJ64kTt1sJKYWGlUFoqVOdurJwsfFytrC6WQ/yc7PX49CaPOIn93rl89vy7106G8N38D483Nzc3Q11/6Gi07fdff7kz1562xJk29X4797ZbPgghHNs2r7q+EML734YQhRDOJHnjSToYQjgUmmXX7nx2vbBLs3nwqHyq+GTm7sbYien1+xvd//YohC8r/3rt5uJP/+0b+/GVXRoeAAAAAAAAAAAAAAAAAIAX3OSVy1ffGRkND6PQvx5tf153Mkm7PR+7uWv+k/8fCwAAAAAAAAAAAAAAAAAAAH9RT5//L0RHOjz/P5Gkp7u033wr/zmSn6m3L0+cGxlNzn+PtpW/nmT9fKYvHO5w7nv2/Pczmfadz3/fPs6zas2vNe5QiOLh1HUcDw+H8HVy8PvxaH9cqa7UXr1RXV2a37VpvLDS8W+e3p+KTnKgf6/xH8/0n//5/0e3vZvq19d37y32UkvHv69rvW8+jXqK/9l0s3s5TbvN0fyHeIml49/fyBtsr7CvmdTj/3n/zvGfyPSf1/1/KIRQiOpzLaRWgPoepp7fbb9CWjr+f2vkpZbO5IXsdv//lon/uUz/e7X+r2U/iOgoHf+/N/IGUjWaG4BG/OOd7//zmf73Iv71+a/5/O9JOv7JYt+fqtJ4JXtd/ycz/ecV/6txMs9DUeodsB4187v9f3WkpeM/sK386fe/uKf934VM++f1/a81buv7X2v5/3/U/P5HZ+n4D3at1+v9P5Vpl/f6f7qx/+NZpeO/v5GX3jsPNX72Gv/pTP95xb+xKxloxf/pevL7vmb+V/Z/PUnH/x/NzLi9xlrjZ2P/F+28/7+Y6X8v9n/1+a/F+Y76skjH/0DXevX4f9/D5/+lTLv84x/CiL3+M0vH/2DXeo37f2Dn+M9k2uUd///l2TkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAC2A8SYdCFA+nruN4eDiEs8n18bA/mi3NF2cr1bmPVkKYSPIL4Uh0s1KdLVWKC0vV+XKxVKlU50I4l5QfCwPRSqVaKy6Wbp/f6mswulUuLddmy6VaCGEyyf93ONjqa3ahtli6HUK4sFX2z7i6fPtWaak4v7D85sjIyEiY2prD4aj8Sa28VGuO3iwNYXqr7VDUNrlG8cWtuRyIPqyuLi+VKo38S21tKtW5UqWtzUxS9kU4HNWWV5fmSrVysVK92RpvL51O0ompK+9duTS6rfx61EzHn++0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHo69cS+E0N+8ikMIhSj5JUr+pTx4VD5VfDJzd2PsxPT6/Y3HneoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAH+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhl/5RIgaiOAC/GQUtPYZVSDrbiCJaGBE8gR7Dw+hRvIR3sLCwtVgWdiew5A+EwHbf1zyYH2/ewDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgubvn7uWpbiJSnG/OIr7evn8O84dSP66n+09WzDxd0cNx3D92N7d1U/49jfKrcvTb5l36//f+GhO19znYk+E+7Y3nDM3t29z7+rkXkXIVEW3JL1POVbXsLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDLDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgWAAAAABAmL91FH0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//4w3HM8=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r1, 0x0, 0x80000, 0x7)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x14, 0xd, "ef359f413bb9386ff7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e7376b7a5ff537ed73ac58818d78c660e677df8dc905b90242b7c528a076d2f6a00400", "036c5bc6780820d1cbf7966d61fdcf335263bd9b0abdc2542ded71038259ca171ce1a311ef545032d71e14ef3dc177e9b48b001d00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
write$binfmt_script(r0, &(0x7f0000000200), 0xfea7)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

2m50.051474111s ago: executing program 0 (id=1370):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000200)=0x61ef, 0x4)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x4e22, @multicast1}, 0x10)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
recvmmsg(r3, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

2m47.946370164s ago: executing program 0 (id=1372):
io_setup(0x1, &(0x7f0000000000))
socket$igmp6(0xa, 0x3, 0x2)
r0 = syz_open_dev$usbfs(0x0, 0x800000001fe, 0x2)
r1 = dup(r0)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x541c, &(0x7f0000000100))
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000f40)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], [0xffffff00, 0x0, 0x0, 0xffffff00], 'vxcan1\x00', 'xfrm0\x00', {0xff}, {}, 0x88, 0x9, 0x2, 0x8}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {}, {}, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x20, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
r3 = socket$inet6(0xa, 0x3, 0x100)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
getsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000240)=0x7, &(0x7f0000000280)=0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000010, 0x0, 0x0)
r7 = syz_open_procfs(0x0, 0x0)
preadv(r7, &(0x7f00000000c0)=[{&(0x7f0000000640)=""/4112, 0x1010}], 0x1, 0x4000, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x44004)

2m46.520479776s ago: executing program 42 (id=1372):
io_setup(0x1, &(0x7f0000000000))
socket$igmp6(0xa, 0x3, 0x2)
r0 = syz_open_dev$usbfs(0x0, 0x800000001fe, 0x2)
r1 = dup(r0)
ioctl$TIOCL_GETMOUSEREPORTING(r1, 0x541c, &(0x7f0000000100))
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00')
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000f40)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@remote, @rand_addr=' \x01\x00', [0xffffff00, 0xffffffff, 0xffffffff, 0xffffffff], [0xffffff00, 0x0, 0x0, 0xffffff00], 'vxcan1\x00', 'xfrm0\x00', {0xff}, {}, 0x88, 0x9, 0x2, 0x8}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {}, {}, 0x0, 0x0, 0x0, 0x10}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x20, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
r3 = socket$inet6(0xa, 0x3, 0x100)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
getsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000240)=0x7, &(0x7f0000000280)=0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb4e02000)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000010, 0x0, 0x0)
r7 = syz_open_procfs(0x0, 0x0)
preadv(r7, &(0x7f00000000c0)=[{&(0x7f0000000640)=""/4112, 0x1010}], 0x1, 0x4000, 0x0)
connect$inet6(r3, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x44004)

2m3.621837924s ago: executing program 3 (id=1427):
sendmsg$key(0xffffffffffffffff, 0x0, 0x20040010)
iopl(0x3)
landlock_create_ruleset(&(0x7f00000001c0)={0x0, 0xd}, 0x18, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r3, 0xc0105500, &(0x7f0000000200)={0x2, 0x3, 0x0, 0x1000, 0x0, 0xfffffffe, 0x0})
r4 = openat(0xffffffffffffffff, &(0x7f00000002c0)='./cgroup/pids.max\x00', 0x0, 0x11)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x14, 0x52, 0x1, 0x70bd2a, 0x0, {0xa}}, 0x14}}, 0x0)
syz_emit_ethernet(0xc1, 0x0, 0x0)
syz_io_uring_setup(0x2d0c, &(0x7f0000000040)={0x0, 0x6d2a, 0x2000, 0x1, 0x16a, 0x0, r4}, 0x0, &(0x7f0000000180))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x9}, 0x94)
ioctl$FITRIM(r3, 0xc0185879, 0x0)
r6 = syz_open_dev$evdev(&(0x7f00000000c0), 0x0, 0x822b01)
ioctl$EVIOCSMASK(r6, 0x40104593, &(0x7f00000001c0)={0x1, 0x58, 0x0})

2m2.49039613s ago: executing program 3 (id=1431):
timer_create(0x2, 0x0, &(0x7f0000bbdffc)=<r0=>0x0)
timer_settime(r0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
clock_gettime(0x0, &(0x7f0000000000)={<r1=>0x0, <r2=>0x0})
timer_settime(r0, 0x1, &(0x7f0000000080)={{0x0, 0x3938700}, {r1, r2+10000000}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)

2m0.786415439s ago: executing program 3 (id=1434):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000040)='.\x00', 0xa4000061)
read(r0, &(0x7f0000002040)=""/76, 0x4c)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0)

2m0.206725103s ago: executing program 3 (id=1436):
socket$alg(0x26, 0x5, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000540)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
r3 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2, 0x2}, 0x1c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x24)
syz_open_procfs(0x0, &(0x7f0000000240)='setgroups\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x1f, 0x2, &(0x7f0000000200)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12}, 0x94)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

1m58.973308204s ago: executing program 3 (id=1438):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1m51.370667207s ago: executing program 3 (id=1447):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00')
read$FUSE(r4, &(0x7f0000003a00)={0x2020}, 0x2020)

1m35.069771416s ago: executing program 43 (id=1447):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/route\x00')
read$FUSE(r4, &(0x7f0000003a00)={0x2020}, 0x2020)

19.535519923s ago: executing program 6 (id=1585):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
syz_emit_ethernet(0x4e, &(0x7f0000000980)=ANY=[@ANYBLOB="0180c2000002aaaaaaaaaa3588a810008100000086dd60910100001011fffe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e2300109078020300000000000029aa5f4bb1005cdaa41b2795279b31ad585f7778c037859fe20d0742d581c884f4e4520bda756c5a0186e671d60af24f5933e398f4a8b6e6b0aef25ba97bbe4b98e27ae4a7c903eb429c95ffab"], 0x0)

19.521535254s ago: executing program 2 (id=1586):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f00000020c0)=""/4130, &(0x7f0000000000)=0x1022)

17.343600001s ago: executing program 2 (id=1589):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(&(0x7f0000000040))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480))
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x803, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xec)
socket$inet6(0xa, 0x1, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
getpid()
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000380)=@HCI_EVENT_PKT={0x4, @extended_inquiry_info={{0x2f, 0x1fd}, {0x2, [{@any, 0x9, 0x1, "cdaaf1", 0x3, 0x7, "8e60c15df36640acbce967e3e19d05dc5dd83ba298452e1b35c4a49ec78e56646874086553f36812819d35d5b6582eb675271ae90c090d172912fb7a10a55b9dff73f2a3e5424d2d4007e168ee80ba624185929136a7a9a4e818e91d439c8290c8d81c64a31cd3371b338be158a092d3c7aa8333083dc9581f700354ee4a14b7b5ae3ff2fb1f108b03fd189a72d141cb17c8a62ee457183a331cb1f91a43d32d1e3ad225bf38823cfe8bbb251381862fca291e50b580118c6dd0337fa73815b8ab6a9883299fea154fbb99d7ed794159fb7d59ad9193e1487e53e929784790e8fae420a0748f6da4856119e5c22d5a15"}, {@none, 0x9, 0x1, "934479", 0xe, 0x5, "a63b657443c6f8ed6b53826d51eac3616c07dfe09fe6efd8e74255f0081b4fac0747f5ce2531907337994eb30bab94b5b30e8b5d6c35569060dea2bd369c06877688358f5172452535cff4d3836726fa2094965f435c64ce98e4ff210722666285fee85395f91796a4716c9c735d52b9427c1d76d281be037f6461c931086aa052204f927578b23fde572778b3e92073d17bd9c549e3f4058af41520984cf2a186ec09e4f493b82fa9b08d94a564b2d43f5545f5fdf7367244d57047cae8fd2bc72f022a4e6b57ff599cc8624fa985026a84d0b743b2451c3702e9dd3f5348470ee2acdcb3c4d667f487d8646dbaecee"}]}}}, 0x200)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
syz_open_dev$MSR(&(0x7f0000000040), 0x7, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000019100)='net/fib_trie\x00')
pread64(r6, &(0x7f0000000080)=""/102356, 0x18fd4, 0x1c)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000000102030000000000000000000a000008300001802c0001"], 0x44}, 0x1, 0x0, 0x0, 0x14840}, 0x10)

15.967318681s ago: executing program 2 (id=1592):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6)
open$dir(0x0, 0x48000, 0x0)
ioctl$USBDEVFS_SETINTERFACE(r0, 0x80045510, 0x0)

15.078691333s ago: executing program 2 (id=1594):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000c200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0x50480240, 0x0, 0x61c6, 0x7, 0xa15, 0x0, 0x0, 0x1}}, 0x50)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x4, @remote, 0x1}, 0x1c)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
mount$binder(0x0, &(0x7f00000021c0)='.\x00', &(0x7f0000002200), 0x1200850, &(0x7f0000000340)=ANY=[])

13.471960136s ago: executing program 7 (id=1596):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
socket$inet(0x2, 0x1, 0x0)
r4 = socket$inet(0xa, 0x801, 0x6)
r5 = gettid()
timer_create(0x9, &(0x7f0000000180)={0x0, 0x1e, 0x4, @tid=r5}, &(0x7f00000000c0)=<r6=>0x0)
timer_settime(r6, 0x0, &(0x7f0000000080)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
listen(r4, 0x8)
accept4(r4, 0x0, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0x27, 0x7, 0x0, &(0x7f0000000300)="0300f90ffac423", 0x0, 0x3, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

12.646696844s ago: executing program 2 (id=1597):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x98, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x70, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x89}]}}}, {0x38, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x28, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x4}, @NFTA_BITWISE_MASK={0x8, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x10c}}, 0x0)

12.20094695s ago: executing program 7 (id=1598):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2141, 0x59)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_procfs(0x0, 0x0)
getdents64(r6, &(0x7f0000002f40)=""/4098, 0x1002)
r7 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r7, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc)
r8 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
preadv(r8, &(0x7f0000001b80)=[{&(0x7f0000000040)=""/93, 0x5d}], 0x1, 0x0, 0x0)
r9 = syz_open_dev$sndpcmp(&(0x7f0000000300), 0x1, 0x2040)
mmap$snddsp_control(&(0x7f0000ff9000/0x4000)=nil, 0x1000, 0x2000008, 0x2012, r9, 0x83000000)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
r10 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r10, 0x6, 0x0, 0x0, 0x3000000000000)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000012c0)={0x2c, r2, 0x1, 0x70bd2b, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan1\x00'}]}]}, 0x2c}}, 0x0)
ioctl$NS_GET_OWNER_UID(r0, 0xb704, &(0x7f00000000c0))

9.657195858s ago: executing program 7 (id=1600):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000180)={0x1, 0x8003}, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r2=>0x0})
sendto$packet(r1, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @broadcast}, 0x14)

9.198534524s ago: executing program 7 (id=1601):
io_setup(0x4, &(0x7f00000014c0)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000001240)='net/softnet_stat\x00')
io_submit(r0, 0x1, &(0x7f0000000280)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

8.876121963s ago: executing program 7 (id=1602):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x24008800, 0x0, 0x0)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev}, 0x10)
connect$inet(r1, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10)
syz_emit_ethernet(0xba, &(0x7f0000000140)={@broadcast, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xac, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x24, 0x4, 0x0, 0x3c, 0x0, 0x0, 0x4de, 0x0, 0x1, 0x0, @dev, @local, {[@timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@multicast2}]}, @ssrr={0x89, 0xf, 0x0, [@private, @broadcast, @broadcast]}, @timestamp_addr={0x44, 0x4c, 0x0, 0x1, 0x0, [{@initdev={0xac, 0x1e, 0x0, 0x0}}, {@private}, {}, {@local}, {@loopback}, {@private}, {@multicast2}, {@broadcast, 0x3}, {@broadcast}]}, @timestamp={0x44, 0x14, 0x0, 0x0, 0x0, [0x7, 0x20, 0xffffffff, 0x0]}]}}}}}}}, 0x0)
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101})

8.556282932s ago: executing program 7 (id=1604):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
syz_emit_ethernet(0x68, &(0x7f00000002c0)={@link_local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "b59f00", 0x32, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x1, {0x7, 0x6, "d32d62", 0x2, 0x2c, 0x0, @local, @local, [], "e20f"}}}}}}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_emit_ethernet(0xf4, 0x0, 0x0)

8.114575988s ago: executing program 6 (id=1605):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r1, 0x40047438, &(0x7f0000000040)=0x1)
close(0x3)

7.835377844s ago: executing program 6 (id=1606):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6)
open$dir(0x0, 0x48000, 0x0)
ioctl$USBDEVFS_SETINTERFACE(r0, 0x80045510, 0x0)

7.254850288s ago: executing program 6 (id=1607):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
gettid()
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000140)=ANY=[], 0x32600)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x12, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000071180a000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @cgroup_sock_addr=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={r4, r5, 0xb, 0x0, @val=@netkit={@void, @value=r5}}, 0x1c)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r6, 0x0, 0x0, 0x24000840, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, 0x0, 0x0)
ftruncate(r3, 0x7fff)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000040), 0x10000, &(0x7f00000005c0)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0x8000}})
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xe)

6.001993231s ago: executing program 6 (id=1609):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x100)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000c200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1, {0x7, 0x2b, 0x0, 0x50480240, 0x0, 0x61c6, 0x7, 0xa15, 0x0, 0x0, 0x1}}, 0x50)
r2 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e23, 0x4, @remote, 0x1}, 0x1c)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
sendmsg$AUDIT_GET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200), 0xc, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x4008994)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
mount$binder(0x0, &(0x7f00000021c0)='.\x00', &(0x7f0000002200), 0x1200850, &(0x7f0000000340)=ANY=[])
mkdirat(0xffffffffffffff9c, &(0x7f0000000900)='./file0/file0\x00', 0x62)
syz_fuse_handle_req(r0, &(0x7f000000a200)="c1fd43b601662701272af37a7deda072caa09faa11b0a4ef2825e87f09fb6bc3dfd84ddd853b18203bbf08b1af6066c78b4714a789a8f3605f5920e7afc5b0a04271cebce72a797abd5b9e4a44fdcc150e6ef0e8c3d4360e74275818df26243f28cac3d84e264fd0c77d4bccbc466e7244b247d9dcee026df89aefc958d84a55d4d6922d96ce0349fe28efd6b83d15b7b08143a721c4a677b72362a49eeb15ec5b5f8569bad585e30a62ab149e7e4c7f49af9560fd52ea5730135dc3ea3f6a9a3ae6286e99e1520a43b8813ca6aad1adbb30b2459f90699e2ba3a6335ddcace3737ed8f5f21e027ac2b224389bf0c8c005ac8d8c3ae188679d34da0a2c20a910487d3c91b18770fa5ee483a3f09b882960f12e7d2eb9015895ce80b37f74a305a50deb146b1c3430f31d28e6f827b9c7070bc880d251ddb09e0e70a0512ed2600256332c43a5deaecb01f089333fc3b6721f6ed5b41f9971b7c63f57b5afa8042f5beb1ac1274676dc5406b5828247123bb7be795baee59d779bbde227c90d0a5d863936d434f2ce7a45f9b650600f32827b92e2d828915f0411f765ed82dd012561ed29b09950b96f8e490f1448dbd5e45bdc92a2a36aa67e5e9396b6376f82aa6915eac4144a102de786563e4482f0917698bc70776f8c7aad3346e18ee295af54f3c1658f9b124116a2fdac79353b095cf667dd941c3cba141b3ac8982eed42e7db649c9d49a59378216bf4323ff4c2f2992994d4144b74866a2426e19a2dc8dbf4643f97a214fc9c448512316d76c4116c3ae600dfb98cf85472da661745b638438dbf15d8dd87a8ba35205a65ba5bf79cf941454f8c788dc2eeccea412add734798c82e9c86122a91dff778edcd309c05fdca66176e9bc4d410b0ee4627eb889443b574ce205c7f4d6d428e909952712ec3dfc89552279b2da87b010051a451377a0c51a34ebba25c3b62ba98eb6f1549b0fee6a7c5e0c7a72835388803a0a8342bb9f2733224c92a50dd25a9b335f243f2d8c68142aa1db1de2f899a56c623a32f8a74c16db56983eb83f6469316f2fc14860c075236a3ba40e8c265909b8fc6b03c6378269f6629bab81418789cd748d8b786f47ab8f13b0caa5ecd79dbea61330be6de5804f5c211cef78f555e7b2093f4a836cdb8a2cfa261be14e0f59d075f58e97ba16cb130f062a2261df244c57d6f477d761262b2e755c96bad3898894e80b23fae71fc31b2895513a11b0cf07551ca87325592dd10549b7d92da1cb07119fe970b8cc3aacc386ab64d32b308679593256d2fcd1f9e9b15ee93ef859e7268be776053182460e83fb873711226ec9aa5c35b15fbfa12ea0abfc7465b300bd8445c831ae77d2aab7d4bc3ba5f218fda9e90eacde1ac5119eb30073a6f291727cb94fc87a3d3013f3ebb1cd259067c571bd3c57eacce716e61f86bf4041bacadd6c676e17fb3cf89c4984aec78216854a60af68533fcdff12897c3e1b2c10cec019722623f477a512c4e5eef74a6d1ab7a735905373ca3a0b18c3eaa523c86238fba77e45aa07c1b96fa1e3ceb04e5f4742536b687ebf989918f6805cda9611ab9ed10ee33cda71a95be2da0d2c21d2295fdb334dc2057942382dc7d0f70300df3df84cf9a18f042c11243a347569771f9b82404e13684324fb06d867641c87d6d70ad15e90240f901d04a8b8c7fdfb8b84aefee1606f14a2a6995e6b8aaee1b372cd586a6daf28ad7d8ef644c58fa72f0b2f847eef72e18f1a4374c4fa3d604a9bfec6a1a4fefdfaa848279693208dfbc1dbb97b44c4f034090606e0ad312cdfb6a8f68dae7312b064c68813eb41992559ca63d88a8e90711c838f220a4da5bc7d82ec0af83da059bdccdb524a59ad26e43413f131e7703eb82158293a331456ce728c28923bf9ae644a331a667c2932ae1f11a9f9b893f802796ad029c40496c9bc49cdf41a40da1092b404da660e80f33a6012a407805e70f9a180105cd0401ed01a9f6edef4e2479e1579ea365d843c197279e3c79ae56a107dfaba6af80ed9a24d535d19827596ca2b14bf4b110fae4820fc8d0570a64ae08e315da0091f766bceb1fc990465ecb84a2d72efcb9a269816863b72f8d0869b20c14bd72f909fc3ebbf2ba2f98ce3fd7eb54b738692916eeb98ab9ea04ce3e740817dc9ac6561c71d3bc15358ebbb3027294f66eb890577f8a63ecd23beacd93c3b1498d5eefd8b68ebab3536653d5839713b07f79ebb2a6106c009cc535a2173cde3ccc65676bcae513145db5bf08546e8810fb4d193266d491fb9121935138a74c52149959a0c270cd6e244dd7cb140fcf6bf0e7536220f798bf32cda564ebde025a92617f3195e549a491a45446ff0ebfd3b047775af339e59a8da0db6223339325c6f493baa5f2c71b5710a975def3e3919a24a52351acc12e5a2ab6c171705bad0e6afd0ad2b6dd6feaedc9924fdba533fc958fab9a980b775eb4c93a499413073cf09826381b8054f9f09f4a0dfa63ac2f6cb22d001ff277ec7f493bc54d2d1d34a6dad62cd7bccab2ecd419c90087f6945311460b87daad605ff8519aba1d8311a5e565dd26655577aa13da31e01cacbb7e10e720a486e9cc450b8a21d23aeab42838d81dc05f5be0474ab81b806fe71b888323037f3262179e451f765e419bddf7b7a99b40bcc226986efbd3765b66e56a3500de4b18b676361510bd35b3a9c6b8c08222cf7a73c4cda972190f839c2d01a4c171a803c0a77d2769c892b2f0191d2fa01d7d5ca53573e47e93ca9b56b8f0d684d5458d505ad8383f22e19024da06bf6abf30ed663cfb33e202be17bb951e9ea30cfcf65675d2fc64aa51e07237fe8391549185fac5822daa92e73778e080b1304dd757f9035092a729b9a0122d1c07d60336f18a9e46ebeced1041de2e2e8a5de6f4a814d5179bddfcdeda88888cb9ce322a516af3be2b7cf371e9193cb40e66cd41dd94e37f14c6e6469e8fa6c57a4fa3125fb6819b84e276768a7354dd3e2692a77a4a60af85bec0325d0aae72a5f4f7bf9468f1d35147910a55af546e4e3634fe2d8efe116606bf84c0e9c4d442ec8f99fe6c1cc90b99a8d1e53322b26b66928fd01738fa70c0aff84b4f02946c6fa684bd617667857cd751a3ad3d324f9574af78eec6c8c51c25e01cb0ef129199f5a3b3b29e32a34c4ef14c810c2e69e06158f02033e15f1ec00419a91c1450338956a188fac918fb73692491baaf5976ca392c139ba0e551de260dfd6c733b572215f2af0aacc5709b0d4a3b36d23f5882c5644bb455075c5c48bd50492b395d14c36393019fa9eab8a211d71d173754663ea2af1ebdf9751006792609d4db47824d95d68583c922c04af3cdfb58f37b6f958a4b35cbd74a30a393be192fb46bfe4e722c3634c94fbf4829f25dc0b8b07cd16cf4c7e924eb02ae8d675539d32b5d9a54a43811eb98e2db317c67d5bc62901582cbb128542d6be3bc9a5b5b8a8827f2eab15e82b28b411edf67d786b76feed9e7d5ffbc86fbdb19ed80a4f5dcebd631719f8734c398938047011a251370e40d5929e9b4426081029b1339ccb08bb0dbcbb4eedd53792e43a046abc1d5c1dc8c1749052233e18e25593daee94f77f327de61867f1e791b797cc5ee43f8109cb0654d8742ece8512c322442f63dff88702ba047e8370a1b7304536ee7cf465a0a19d965fd03543b991449d6a1a98be5ec3867314c688c5c487e59a6bb05291fda479827172bf3db615c20ea022ff7b16020299220b7c45a7181c1eda48c9a5fa7624843d112c52d99d0b27e168eeadbcd3c60b3f366175decc8c91c64a0a16d3a2e38244dd8d2de806ad741e2256075efcb0466360acaa3f65611789a821c30a13d4b60e44173be9e288dda7d7aae2f8341d9a85104170631c942eef22c10e903bf70b0ed36831d536a0cd65c11a209e37a76f3f54deb326735bec5a532431a81f303af5e9d03717a93a3da18317c459aee8db08b9f0b3331d29770fe7fc4266c15a4294c9c435a38296cd880dcedb34f63037f2a8e3ada9ead3e52abd69e5779905f82a607f70e351d2167bf1b599cfb9314a37df876bd5f2acff82f1773c512ffd308179e47b26946ebcce112273e12895145ec88c701269c93f32a5ab2bc16acd57e997d140d18c2cbed2601a05ec33a63e7edbcca673f71eecab66af5287d7d5a1dad68771ed612d29ef8ab23ef0211b4bbed6f981cd24d652f355d94f6003b01cf3d803a6e36b470402c05816aa2cd747f293300bbe891854d932df7809c7809c2cc3d06c693981e7bc21e89aa3ea8f8829c85185e4ecfd2e293bfa2b88cae2c9e4722b9cfee01911a502d59360532528661eadf2150e26a2992871f562d6fed4a36867b2521b1778c4ce955f5980b9dd9ede42fc4a1394491ebf1c1fb0d794cb8c28b103d76b2e70b0337877a222d7f3cd61f353baf7bc9e23d80f8e5b4459937d75f869c179dd9b948a70b9ba37386532790bac12f2f342fc4f2afd8a45f109331d5daf3344ade893029e322e8b7f3bdb5a49987116b31b2bd6d5bab789ca061ea42f7647c88488f734150e161e5aea78639c5bf9c2fb88da321cbfd379b38cbe6e14af979f238685e2c0ff51629cd228602dbaceff8a214cdc66528cdea114691ef619a8c9a0f9cdb7e08c5bcfc2bfd29e39af38f5db4821c648cc3d976cc455a6e6498c92511b407f3349284901562a912c5af25ff792b9c6c5dfb73519336c7d4a87e49debce7a441b7a29706173e4e4e8dacee63a06ab85dd359b508bc8a0f7002832fae10a0a38efaa475846c4205aebe777334788c3e4652086e26dcdddad991b0ce5256e113bac692d442f524d7e292b86eaf0dd8380ccd78b1489dd2ef6beaf2eb9b08b50bb2a5ff3ba8df3b226baf79a0739d8a60cf815cb347399ac4adb2cea533d3f0ce160a563f8d401e5a6100578e4c8178a7e70663e135edc645cdec2f0588fc99a0cb60dd8788e02554ade370960ce562c210e826a1eba767a09b10f46ebbe6c9166e24286331d2ff025c57a10c7b64c506d0a68642171ad965a001700561fcac2e3f548fd58d32bab5f38b36e62f5546129cea35ce856052e3e480fc639640a5301dd700c8e8d0bd6ac790910fcf2b4f159cc1531aa1c9e37b541520450dde638942081201ae8a580f28cf50530190a45f45468753a122b364be7dad79044ec8b9977d583bc0ac3ec7b9fae192397ce8693310f301c18c2cab5208b369e63c5ac18d0266834e218bb71f308c2c2f2df4a6ccadb3788860a2c733a9252b877ea1c1e849a38a328310bafae9614a6e161170c6fcbe9bd8c4177de1fd18f56805c91fb382aad767891556ff8e1b5f3ab8c18b4fa3053c981c12fa2ea017bb7596158ca533d0dd95a95d0b392222609f6ea336711a9dc50393bc41fac0d429540ad70757f2086bf1bea0132a609ea0bdeea0cef93d8b2a0d59189bffec05281e97b4722291005e9ca7e755be9070f405ab0d6c9546a5ebda2e62adcc621c2b1f6b07cd1e617d50469ef2c71647a47ef98ffbc71505e188cef3e5c774c0987664b6989794d7ca186804ccc6296da3adf22feb351792f1a9cff77413703744bf4f21212920d6a8fa1800da7a38fef7160a50f5b895e7b76f3fd830fcb9a25f3b3ccfd082a1712237e4ca665085aa1c5aa413bce813f1b7ca66105de94babb7b4a05029cc3759d00191fd9bfa0f996cc703403dd6ed2b33f2743a788041f279b767efc373314edfae1bd33f7eaaa7418a59fff7e40d02e618172f6e0abe08c855348f3cba40c8592a0521ed1e41524f20abccb2bf0ebb933e59b7036eff5a66279d578e6b2fd6c4140b33adc67f7083110d815ac55b4833ec0504488265b3ff2bdacec17c91bea9d6bdd931bf056d6e9790e472d874a5a3946b200493c9874d057aa6be3a1ca4da6fbb88a9d853aaa7c8ccabc83582caa65078bbe7b04625d139ed9860080d185bd9798d613ca3014713eb9e36bdeb73f14ac3fc7b2f8f594404f56dd937c0a7e865fa98e858cb0af661cbe12f15c928c4c45a982e24cd322320a96ccd54656b2c7876a5d717e42d3df13189b95ddc2b5a928dbda9ee02c30352045d02cbd854af821300f198b1ce1ea8e45c969020e5c7670fbd9b7227cfd3c809fac1df2eb18c199b27e969f32052376b450003b7ff6332ee1d9fce1b5947b72575ec6541b992fbc76f0e03fc1bb9a0df5ee3de0f34125c311d2ddb67962cf9a8230efff82c25c896621082a587139e997e0532962e84ad697a1a2b80d997c2a268ecca8b7d1095530b332ef368270bf31a75b777a7cfe8c8d324a8c558d3c65f801deac6822842f85f10a641b71ad7e5fb05f64eb3033507dc3a2e9ec02d667ef36c551f69c438e8b6c3927733d83e94f035ef3da230b759df5f5d1964815b176478c4ed94402dc8265e589171df165094a2e4e75614fc6febb8484f28ec8c1252b2d933852573926837e1edf9da0da3f91697b290c3ee5a44fcab3b10095b78b5df3701431cab31750e211d442a77dbc5e2d4d0e67bf329f9103414abd4f3879511375c8800f52f8a17ae6887214bf8634bd99075ab073540f04ff675d32190a3d1152ceee32e30719cd883a82185f89f071c02df443cf7046dce8a6ddc472ed63945faef588acf57985c7ecffa438f5427fb851ebc6a4c577a33895a8fc4628286a48d3bbcda1b769aa3194869e148ba457932fa6f2e4640e2755940e2f5a6a67796b5f88ac10f389b409c0c57bd4bf0cbe0fac2fd2f58ec498d19c43952e4522b51931712eb4002b7b208c02c4e06df99fa8e93e4b9e8b0d7a57e63aacdafb19db0fd422f8e89d1275b49963bd82b490f9e4d24cfe9700e98c73b31fdcf7b7d30d73e9bf6bd86439dc8b63171d53ca7caa860c60777436099db544164d4e4a81a483ffd5ef2980110f461529c057c40f2ee63b71a8eb2d87919726bda25a8fa2f242d3ff7bf0726d8a11d141eb87d2733f1faf456f2eccbe4c3a856702a80ba7e36cd8ef8e064e16e61eedda4478d2edaf0445e2247a76e25b4b5c68720b87bba69b4171983d95a5a764f42fa6f23466096d9a097edf84952023a4541110456b93ea558c2059156c287fc6cde7c74abd90ec539a5f43c2a641b1a34cffa2538ba565d0b57513b8c1b3df541d02d6d5a0aa2f96200dbbf64ab7c0adb868cce23ca607db6d6dd18f956185c983a90c8b4a7ec630178376ac400c61c77fcbacb979e2e07115db8a034a00ffb136f91c0b16c6d796f524f9ce6a0b72c378c8939b56bb83ca0f3d09da2b82b4d3457b568878d019f54f9cddd514a601d4edfae582f1a2674892bacf6eaba66124c797e1ebf91e1b5f12e520404d213b12770966d5c5f3435169f8867faed0107d2cd4cf0638e4f1c488122da7516820cc3d12cdc9f663778455352d2be1d8d3cd611808304554bde601e4ec4c9aa50ec22648b12f45c8d84bdcfc85f95ba0afe254df5d8b40d53adf1d4fe1dc3744bd486e3eb14775f4f4c333f751975a4a8b5bfa497850633aff3ff98deb53d1b515a08c4c474bcce46149dfd5bece51d1dfb6eaf593f8ee037404a5ce5edc2887006059cd3743448ab977899f10540b5a5eac1b9d4346654e4eb0200858b5b92525399a87859859269d3b0fa4c2159dc807548368ff701076606378b44cee2839f05ad94f659270af868cd674b44729bbb8eb2f697101bf4fb4f96d07dabaeb5b6a1cc884423fcac3d3805bffb3c8de3e801d641436ca6b1f50aabce4c7b3b1a24eb6977d5a8c84d6cce8ec9ee93d3062a4bd78ff916fbba7ab228838bd61f25759c6ac8650adbe2b346e65681dbafbb934358ca2b1b854bf42f42404a15caf99b785f132b9a20413b2d9d353220656ae271883ca9733430db09b5e8578e9d4fff032b0ee792f429791089d93876a30100a35c420a0686c125005242551df27673e0826a1c38bc028c104e0f958ae1ffb2d5221fd1a36e598065eed6a449567b41c027b6faa461d3aeee8dfb6285661af7fdcfa484fee654b633342eb122fe72d5d68ea4cfc988cabb0df39b8cbd064d489fcbc90bf313f3a29797d479a8fc12cf5b9ead0907a2dca568bc0f40d0fa4a9c3758f9bfd1ac3662a9f04260ef0d2b86a02d23759b210f38830c4a224649186b6e4b87c6b457217c86f502521940caf1e5b2eadb72951a790c94dd74b929232947b01cefd5a1483e127b1b6d216317b581455f9cf96876af837e5f88cc38a46eb2fb6cd7fcc6fce1a264167b86723829ffffc413bb0000000000000032dd6219a95418314b1e071dd59d0e96083e02cb8778069ed54137ce98bd702dead8fc74992d7743d1450faf7de44c2d59ff2dd339b80d3449e9bda5b3a564f01aeefe300165bf3b00d811c7ae866cb1a0a1b87400c2941841cd2d6953308f1a963f1c6d4486e7e45daabf0b066ad8884f4577534d3c9f3d3f3bbe8a1a3088d9b95da1fc901573e26f5b86c7a868429b9b634c9e35dfd0534563160912a43c64bacc8ea1ced7bc1b77a28716700e501905c9e81e190241e0edbf4f894aee4047c5b5fb58a3db4afaf76790690fdc1289236fbfc5f6cff540eb82de8044d17658fb054b198cc288cc43aa5d805a51cadac3e75c8fd82ad015a04932cb6f6b53aa4e8d9d84018ff8db0f756d6b5db4e06a689b52fe8471b9230c2dd14d042c1fea45c3d2452351a4222421366610d80785f7e47474d4ad58116313813d4db3176d93c4e29e5c7562806879ddc75b9cfcf38d6aed015c0f4d52302a51215187bfe254d6065bd142cc9b9e03f32ebc9686ad0d0cb3fcf0afa320a15f37cf591600636a4ef84c756c0d42ab98bc2479f0d5d230359f622447101844430a7555a4cbc702b55a4a6ed964cf399a1a493e40555f622da1643073a786a3425d95090b9b0e20521187e9e20d35f4e061e6201e67e844d88457f751e5519dd30df9251f1ce2836e0bf61eef8fc6ed22e4887186316566278bec46af3823ed53e3e18ca5741124dc53cadb5ff0846cc1c6b9c072be6dea187e8336eb6b6b7029ef79ff3b2999938cc59aafa1618fc4556ce3c81f99414d5d79538a83ee9d8a9ad0b9e57060d4be9c53266f418455d760f423a1642e9edfccede29d21891d7421ad0f1cefe472d0ef84965575419871374727bf5f1dc72057a18ed4d7e0a2ddd6d105eb2cc3718609814c2968f27465b00fb4b4a64359629722320583a05644693e6fcadde0efc12e66a0c8e48311f0550ab8fbc1556b69bb2a5a0c03f1a59d67046d7acd5beb9f7f9ae6eb18580431624d63ffe294ea5497a65ec3891f4c70b26b7b17a9f82145e5d5156d6b3355ad249bb66168bbb745d00c40d6ef42d52a032cf62caeeaec31f4c85ac403cbb0c6756953f0ddbf79da0cfa6ccc1c40de43bc4a10a700b98322e671225e80e663d30192ff5611c44c095351bb69a4e14c11a3d5b0b53e78954699760516134f3148e71a2b0bb04b24bb1a2c2b503f56249e0a2c638ff40e7c2c7d50ef7196fc9893e18c0ac3fc5a4c0d23ee08080f984dc643854b54df4a638af29dc5df79f905c4133ce263f3b2bb55fa7d56fa82795687e6ee5c68cc13d71e44367ea8670409cf2231990cc6d06e5aae2fc3af1537b33b42775b40bba3aa417016fb9dd89f90a89196c104017a68f7527b8b958e38f9646832a7790045fe394ce41bcbd1cbcbe52cd7e56cec7b2856e448fa5d7e837798b899f05a2c2fbe6d9f1a7b193bbf7c70444d6a37810d4d19d359f9cd6b8a6ef2230b735f8bebe0ccec94e44ed95234bfa4a36a2f0ee9fd5ca73d697344d28436e0fab81e73f447bb144a70aaf96acf6ff52c4737e7a4debcd285bdb54e363d842bc9a7d180c16f010fe4078b41c4c3e565c3edd64e61f995ab0086dbdc026dc1825b8c45ed96edd8d2bd9daa699e5da333274d6bee2097c004462848cd16849f95cd2252c4c87058a821ed977ed751b77b0a8fc0966bf3a30c26d49f3185782a7d314e89f039a15ede458538f1ada8eb836a36bb5d82c402e3feebd37e7b7c667a1c82edc8720072789fa5f388039daa731ce74dbd5aa8965b7ee99f6c271035239ca1c34cdc3c57bd8510dee08f74cda37095b1b098997998fa267e0be15de474b2c737936cacccb4ba44112570bbd13f870b55f3763f77724b586d6e26c3e72b20bb13272f2ee331bcabd4a79980a8d2965c20da2a3918c855215fecce95d29bec58f522d3d6d2852c4ac080fffcb3ee7fb98591f99b7cfb7bb124cc20078030756aee8fd284df06cd5f07c13fd56e5381b19e0a3a9f412a8d27428cb6af0078e4dc8ce4836630360a5c3b98ff5e6cbac1d9d29de9838a84d4722ceea3765be3df9984cf139770f3fb986b9cc9185ab787f54be33d46c54de74d94d13f74ec70cfbe1605c00db79fa8de64cd834090a35c80759f83c8fbefcf9a276dde8a8498d084b4619578eccdda2651a475f73367bda96894bb36eb868035251694cbb745feb150555ada09909497ff1d9c8aee7a35b7c8b2fc64ff483f4fd3491ed52304e6010b9bf2af8c5b8e162a383a0bf0bf108ca78f5086132b2b1a29581f323841c2f189509898d932436e5c1e693ed91f0524da026fecaa2b7efab54aeef120be61de457171c58811e0ca8a7600e0ac249aa579d78d2e2b1d6f41a3da4676b6690ca0249251f5b48b9a3820ac5b25a52cc01bc331c24039b6f4bfab72d5838a35629259930dea936f8c60b4f1b189db1fd1b5e7e6c8a842707ad6756d098a9ab543cde3e1d1161983ea91b7322ee2a713be3bad369d8112fdc7f1ac7b5122d55dc5ae443e10db711ddd6619ffbf96068e28911b1f54388413a17958d61ca07465b54699a1351915300cb826d3bf7f4f217bba0ed3195cbd077b67167b9a03040afc237f3bb36edd9fed33d7d6e7c9493fec34be6543880b0b442d8351496f2e8d60d4d984cca743983c0afab9cdedd5a9d774a121e91230d359c27a3d7b4db38ce73db747af3ca06470901f2605c031a7c9b7d1bbb1e838d36a4d39b039e80bcddfaecca906705fe8c844e93d5aee494dc62c7b4fcb6abe09acf925ef422dc09185b53e960795c56500b43faa6e89720aeee724532f89e60e20b12cd4f832b95189bf45b96aa7af10cf8298b44278de1c67e2d71d811240a7aa2d1d6de22e5b8cef4a1f309de3b81c5a028aabdabddc9637974c2dc19b60458f0954bc751b7ae628ac602eb7c52c7fac0c1621ee7757fc5b002ad7e8fb66fc7da0896547abf01ee091c0cfe1d0fc66e6e03599bb2aa7608a72c30203af5eac3915a0b6616b6119c4a09654de2f56e53296d1f8487cd7ec36c86894bab72ec3ce61208f848432d45a27cafcfbf2a2c56b58e017c76ac7e943aff0b4acaf84dfb343d93efb29c518a9d552c36a3e44c6ea948673bc2aa71c5a873d1d301a9c8b02f19c086f922f0b3e4f7d14e8a59c017809188e2e1b4dc6b55fb8ad82b1c04460b5ff2e9b8f47d3e833599519b79ac6d9ab282db4a55654f60396d2e72bf8e2ebbc8c742913359edadfcbda00", 0x2000, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)={0x90, 0x0, 0x15, {0x1, 0x100000000000, 0x2, 0x305, 0x3fe, 0x80, {0x6, 0xe, 0x3fffc, 0xfe2b25d, 0x4, 0x0, 0x6, 0x4, 0xfffffffe, 0x4000, 0x7, 0x0, 0x0, 0x80008, 0xdffffffe}}}, 0x0, 0x0, 0x0, 0x0, 0x0})

3.544307124s ago: executing program 6 (id=1611):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x8, &(0x7f0000000300), 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
rename(&(0x7f0000000000)='./file2\x00', &(0x7f00000005c0)='./file0/file0\x00')
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, 0x0, 0x8004)

3.234658982s ago: executing program 5 (id=1612):
r0 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x80044940, &(0x7f00000022c0))
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0x2488, 0x0, 0x1, 0x3b9}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)

2.769548149s ago: executing program 5 (id=1613):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x1cb201, 0x0)
r1 = dup(r0)
writev(r1, &(0x7f00000012c0)=[{0x0}, {&(0x7f0000001040)="f6", 0x1}], 0x2)

1.89452955s ago: executing program 5 (id=1614):
syz_mount_image$msdos(&(0x7f0000000300), &(0x7f0000000040)='.\x00', 0xe0, &(0x7f00000001c0)=ANY=[], 0xfd, 0x0, &(0x7f0000000000))

1.778176207s ago: executing program 5 (id=1615):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101b01)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x6)
open$dir(0x0, 0x48000, 0x0)
ioctl$USBDEVFS_SETINTERFACE(r0, 0x80045510, 0x0)

1.683952603s ago: executing program 2 (id=1616):
syz_mount_image$ext4(&(0x7f00000009c0)='ext4\x00', &(0x7f0000000540)='./file0\x00', 0x800718, &(0x7f0000000200)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0x40000ff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x48d, &(0x7f0000000a00)="$eJzs289rHGUfAPDvTLKb9u2P5O3b931trVotQlBMmrRqD16UCiIVBT3UY0y2JXTbSBPF1mJTEU+CFPQsHkX/Am8iiHoSvHryJIWivbT1FJnJTLLZbn7QbLJp9/OBmX2emWd2nu/Or2efZzeArnUwmyUROyPit4jon88uKTA3N1/u1o1L47dvXBpPYm7u9T+TvNzNG5fGy6LldjuKzGAakX6UFDtZavrCxTNj9XrtfJEfnjn79vD0hYtPvXt27HTtdO3c6LFjR4+MPPvM6NNtiTOL6+b+D6YO7HvpzauvjJ+8+tZP32T13Vmsb4yjXQ5mgf81l2te93i7d9Zhu/J5Xz5PejtcGdasJyKyw1XJr//+6InFg9cfL37Y0coBGyp7NvUtv3p2DriPJbHWkpWGewZw7ysf9Nn333LahGbHlnH9+fkvQFnct4ppfk1vpEWZysL32/Y7GBEnZ//+Iptig/ohAAAafTL++Ylq9MX7t79+OWt79C+sSeN/+evv+Xx3MYYyEBH/jog9EfGfiNgbEf+NyMv+PyIeWGd97mz/pNfW+ZYrytp/zxVjW0vbf2XrLwZ6ityuPP5KcmqyXjtcfCaDUenL8iMr7OO7479+uty6xvZfNmX7L9uCRT2u9TZ10E2MzYxFZT1RL7p+JWJ/b6v4k4WRgCQi9kXE/oWt1jTAs7tMTD7x1YHlCq0e/wraMM4092UW3mwW/2w0xV9KGscnJ+8YnxzeFvXa4eHyrLjTz798/Npy+19X/G1wvTb/2nD8m4sMJI3jtdPt3f9dnv9pNXkjH2euFmOO743NzJwfiagmJ/J8tSibLx9d3LbMl+Wz83/wUOvrf0+xTRb/gxGRncQPRcTDEfFIUfdHI+KxiDi0Qow/vrB6/JF26PhfiZhoef9bOP+bjv+Fi2fKW+PikhUTPWd++Ha5/a/t+B/NU4PFkvz+t4pW1eltUeW7/dwAAADgXpLmv4FP0qGFdJoODc3/hn9v/CutT03PPHlq6p1zE/O/lR+ISlr2dPUX/aH1yXptJJkt3rGSHI96bbToKy77S48U/caf9WzP80PjU/WJDscO3W7HMtd/5o+eTtcO2GDbWy4drW56RYAOaB5HT5dmL78abgZwv/J/beheq1z/6WbVA9h8nv/QvVpd/5eb8sYC4P7k+Q/dy/UPXSr9vtM1ADrI8x+60qp/3u9MYlvjkurKhatbpM5tS2zVg5InIspEuiXqI7FBiU7fmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANrjnwAAAP//bA3brA==")

1.275226356s ago: executing program 5 (id=1617):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x1, 0x30e, &(0x7f0000000f00)="$eJzs3E1rE10UwPGTNEnTlHayeHhEQXrRjW6GNu7FIC2IAUttxBcQp81EQ8akZEIlIrZduXEhfggXpcvuCtov0I07V27cdSO4sAtxJDOTl7aJrWnSWPv/QZlD7j0z9+Y24dyBzPbdN0/zWVvPGmUJRpUERER2ROISlJqAfwy6cUSaLcvl4W+fzt++d/9mMpWanFFqKjl7JaGUGh17/+zFkN9tY1C24g+3vya+bP2/dXb75+yTnK1ytioUy8pQc8XPZWPOMlUmZ+d1paYt07BNlSvYZslrd5ZELFNlreLCQkUZhcxIbKFk2rYyChWVNyuqXFTlUkUZj41cQem6rkZigoOkV2dmjGSHyfNdHgx6pFRKGgMiMrSvJb3alwEBAIC+8uv/erUfrJb0ndT/oZb1/9qFzfLwnfVRv/7fiFTrf5Gm+v9R41ymygTr9X9URBr1f9HbH3S7/t9fEZ1sr3cvjjhOPYy06n+k+h8nRLX+j/mfX9fKg7VxN6D+BwAAAAAAAAAAAAAAAAAAAADgJNhxHM1xHM07DvivOtqgiETdX5B47X0eJnpk9/o3/lj/06Hx4I7QqIj1ajG9mPaOfodNEbHElHHR5If7/+CrxpFl5XZSVXH5YC35+UuLae+7JJmVnJs/IZrE9+Y7ztSN1OSE8uzOD0usOT8hmvzXOj+xNz9cPUbk0sWmfF00+TgvRbEk4/8yrpb/ckKp67dSe64/5PYDAAAAAOBfoKu6+v59sLld39/u7Y+9dm9/HZLW9we8/fV4y/19SM6F+jVrAAAAAABOF7vyPG9YllnqUbAiIj2+RJugNsPDZtUekNumT0AC7Zq6ENQu3ll6dWxdG0/4UO9YsKOhjkX+cFFaBrXbRu36yHQnZ3Y0kaO+h2fevvv++z7enTGRw5zw6nr0gJl2GkQOmmn42L6AAAAAABybRtFfe+VafwcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMApdByP4uv3HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC/xa8AAAD//46ZAFE=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
gettid()
r3 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000140)=ANY=[], 0x32600)
r4 = fsopen(&(0x7f0000000180)='v7\x00', 0x1)
fsconfig$FSCONFIG_SET_BINARY(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={0xffffffffffffffff, r5, 0xb, 0x0, @val=@netkit={@void, @value=r5}}, 0x1c)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r6, 0x0, 0x0, 0x24000840, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, 0x0, 0x0)
ftruncate(r3, 0x7fff)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000040), 0x10000, &(0x7f00000005c0)={{'fd', 0x3d, r7}, 0x2c, {'rootmode', 0x3d, 0x8000}})
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xe)

0s ago: executing program 5 (id=1618):
bpf$MAP_CREATE(0x100000000000000, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
r2 = getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x48100, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000180)=0x7d)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x6}, [@call={0x85, 0x0, 0x0, 0x4f}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r7, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x320e, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
syz_usb_connect(0x1, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x74, 0x50, 0xae, 0x8, 0x1c9e, 0x9b3c, 0xc148, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0xa, 0x80, 0x40, [{{0x9, 0x4, 0x4, 0x0, 0x0, 0x59, 0xd5, 0xb, 0x9}}]}}]}}, 0x0)

kernel console output (not intermixed with test programs):

e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.1080 (11859)
[  989.515904][T11859] BTRFS error (device loop4): open_ctree failed: -4
[  989.666003][ T5847] usb 2-1: device descriptor read/all, error -71
[  989.753194][T11310] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by udevd (11310)
[  993.257005][T11900] loop9: detected capacity change from 0 to 256
[  993.533092][T11900] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d)
[  993.611155][T11900] exFAT-fs (loop9): error, found bogus dentry(12) beyond unused empty group(11) (start_clu : 5, cur_clu : 5)
[  993.665584][T11900] exFAT-fs (loop9): Filesystem has been set read-only
[  994.932666][T11906] loop1: detected capacity change from 0 to 1024
[  995.047913][   T28] audit: type=1800 audit(1770757339.312:253): pid=11906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1089" name="file1" dev="loop1" ino=20 res=0 errno=0
[  995.181862][T11910] loop9: detected capacity change from 0 to 512
[  995.269497][T11910] EXT4-fs: Ignoring removed nobh option
[  995.293619][   T28] audit: type=1326 audit(1770757339.537:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11911 comm="syz.1.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[  995.343531][T11910] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  995.374173][T11898] loop4: detected capacity change from 0 to 32768
[  995.387575][   T28] audit: type=1326 audit(1770757339.565:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11911 comm="syz.1.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[  995.465075][T11910] EXT4-fs error (device loop9): ext4_orphan_get:1398: inode #15: comm syz.9.1095: iget: bad i_size value: 38620345925642
[  995.487706][   T28] audit: type=1326 audit(1770757339.574:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11911 comm="syz.1.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[  995.533423][T11916] loop1: detected capacity change from 0 to 256
[  995.554815][T11898] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  995.577388][T11910] EXT4-fs error (device loop9): ext4_orphan_get:1403: comm syz.9.1095: couldn't read orphan inode 15 (err -117)
[  995.590376][T11898] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  995.606919][T11898] BTRFS info (device loop4): using free space tree
[  995.615705][   T28] audit: type=1326 audit(1770757339.574:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11911 comm="syz.1.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[  995.639753][   T28] audit: type=1326 audit(1770757339.574:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11911 comm="syz.1.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[  995.646745][T11910] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  995.679344][T11916] exFAT-fs (loop1): failed to load upcase table (idx : 0x000120ea, chksum : 0x42bf8bd2, utbl_chksum : 0xe619d30d)
[  995.684571][   T28] audit: type=1326 audit(1770757339.583:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11911 comm="syz.1.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[  995.716675][   T28] audit: type=1326 audit(1770757339.583:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11911 comm="syz.1.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[  995.740288][   T28] audit: type=1326 audit(1770757339.583:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11911 comm="syz.1.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[  995.763553][   T28] audit: type=1326 audit(1770757339.583:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11911 comm="syz.1.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[  995.804241][T11916] exFAT-fs (loop1): failed to load alloc-bitmap
[  995.828212][T11910] EXT4-fs warning (device loop9): ext4_dirblock_csum_verify:406: inode #2: comm syz.9.1095: No space for directory leaf checksum. Please run e2fsck -D.
[  995.845148][T11910] EXT4-fs error (device loop9): ext4_readdir:223: inode #2: comm syz.9.1095: path /13/file1: directory fails checksum at offset 0
[  995.860359][T11916] exFAT-fs (loop1): failed to recognize exfat type
[  995.989025][T11898] BTRFS info (device loop4): enabling ssd optimizations
[  996.032457][T11898] BTRFS info (device loop4): auto enabling async discard
[  996.105846][T11285] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  998.215639][T11949] loop9: detected capacity change from 0 to 32768
[  998.244369][T11949] BTRFS error: device /dev/loop9 already registered with a higher generation, found 8 expect 11
[  998.327645][ T9748] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[ 1000.122306][T11310] BTRFS error: device /dev/loop9 already registered with a higher generation, found 8 expect 11
[ 1000.158431][ T9748] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1000.187580][ T9748] usb 7-1: New USB device found, idVendor=256c, idProduct=006e, bcdDevice= 0.00
[ 1000.196697][ T9748] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1000.275955][ T9748] usb 7-1: config 0 descriptor??
[ 1001.500799][ T9748] usb 7-1: string descriptor 0 read error: -71
[ 1001.523140][ T9748] uclogic 0003:256C:006E.000C: failed retrieving string descriptor #200: -71
[ 1001.566386][ T9748] uclogic 0003:256C:006E.000C: failed retrieving pen parameters: -71
[ 1001.597170][ T9748] uclogic 0003:256C:006E.000C: failed probing pen v2 parameters: -71
[ 1001.627213][ T9748] uclogic 0003:256C:006E.000C: failed probing parameters: -71
[ 1001.644435][ T9748] uclogic: probe of 0003:256C:006E.000C failed with error -71
[ 1001.677612][ T9748] usb 7-1: USB disconnect, device number 12
[ 1001.924695][ T7067] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1003.599391][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1003.605759][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1005.004639][T12004] loop9: detected capacity change from 0 to 128
[ 1007.923396][T12017] loop6: detected capacity change from 0 to 2048
[ 1008.034368][T12017] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1009.777365][ T5782] Bluetooth: hci3: unexpected event for opcode 0x1009
[ 1009.943936][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1014.108521][T12044] loop9: detected capacity change from 0 to 8192
[ 1016.051836][T12069] loop4: detected capacity change from 0 to 256
[ 1017.737417][T12069] FAT-fs (loop4): Unrecognized mount option "uid=þu5¬}�[9·A�A±xÛˆô�0L0x0000000000000000" or missing value
[ 1019.896553][T12076] syzkaller0: entered promiscuous mode
[ 1019.912999][T12076] syzkaller0: entered allmulticast mode
[ 1021.451503][    T8] usb 7-1: new low-speed USB device number 13 using dummy_hcd
[ 1021.689444][    T8] usb 7-1: config 0 has an invalid interface number: 4 but max is 0
[ 1021.718770][    T8] usb 7-1: config 0 has no interface number 0
[ 1021.724980][    T8] usb 7-1: New USB device found, idVendor=1c9e, idProduct=9b3c, bcdDevice=c1.48
[ 1021.771985][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1021.827077][    T8] usb 7-1: config 0 descriptor??
[ 1022.075760][    T8] usb 7-1: string descriptor 0 read error: -71
[ 1022.139197][    T8] usb 7-1: USB disconnect, device number 13
[ 1022.913557][ T5782] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[ 1024.964363][T12092] loop4: detected capacity change from 0 to 32768
[ 1025.005395][T12092] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 11
[ 1025.246790][   T27] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1025.278153][T11310] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 11
[ 1025.473267][   T27] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1025.503783][   T27] usb 10-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[ 1025.562075][   T27] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1025.737134][   T27] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1025.752825][   T27] usb 10-1: config 0 descriptor??
[ 1025.772517][   T27] usbhid 10-1:0.0: couldn't find an input interrupt endpoint
[ 1026.453415][T12130] binder: 12129:12130 ioctl c0306201 200000000180 returned -14
[ 1026.581076][T12132] loop6: detected capacity change from 0 to 1024
[ 1026.645624][T12132] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1028.768734][ T9748] usb 10-1: USB disconnect, device number 2
[ 1028.999568][T12151] loop9: detected capacity change from 0 to 512
[ 1029.045451][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1029.072229][T12151] EXT4-fs (loop9): 1 truncate cleaned up
[ 1029.135114][T12151] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1029.287711][T12151] EXT4-fs error (device loop9): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.9.1139: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[ 1029.469258][T12141] EXT4-fs error (device loop9): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 465: padding at end of block bitmap is not set
[ 1029.615550][T11285] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1030.656485][T12156] loop6: detected capacity change from 0 to 32768
[ 1031.212014][T12156] JBD2: Ignoring recovery information on journal
[ 1031.298496][T12156] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[ 1031.594653][   T28] kauditd_printk_skb: 5 callbacks suppressed
[ 1031.594668][   T28] audit: type=1804 audit(1770757373.482:268): pid=12188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.1140" name="/newroot/135/file1/bus" dev="loop6" ino=17059 res=1 errno=0
[ 1031.923368][ T8783] ocfs2: Unmounting device (7,6) on (node local)
[ 1032.833205][T12204] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1138'.
[ 1042.717659][T12260] Bluetooth: hci2: command 0x0406 tx timeout
[ 1051.596351][T12332] loop9: detected capacity change from 0 to 256
[ 1051.812016][T12332] FAT-fs (loop9): Directory bread(block 64) failed
[ 1051.840399][T12332] FAT-fs (loop9): Directory bread(block 65) failed
[ 1051.865016][T12332] FAT-fs (loop9): Directory bread(block 66) failed
[ 1051.884497][T12332] FAT-fs (loop9): Directory bread(block 67) failed
[ 1051.895413][T12332] FAT-fs (loop9): Directory bread(block 68) failed
[ 1051.914525][T12332] FAT-fs (loop9): Directory bread(block 69) failed
[ 1051.932488][T12332] FAT-fs (loop9): Directory bread(block 70) failed
[ 1051.942922][T12332] FAT-fs (loop9): Directory bread(block 71) failed
[ 1051.949739][T12332] FAT-fs (loop9): Directory bread(block 72) failed
[ 1051.993889][T12332] FAT-fs (loop9): Directory bread(block 73) failed
[ 1052.071552][T12335] loop1: detected capacity change from 0 to 4096
[ 1052.089770][T12335] EXT4-fs: Ignoring removed bh option
[ 1052.108180][T12332] bio_check_eod: 3 callbacks suppressed
[ 1052.108198][T12332] syz.9.1170: attempt to access beyond end of device
[ 1052.108198][T12332] loop9: rw=524288, sector=1192, nr_sectors = 4 limit=256
[ 1052.139435][T12332] syz.9.1170: attempt to access beyond end of device
[ 1052.139435][T12332] loop9: rw=0, sector=1192, nr_sectors = 4 limit=256
[ 1052.156559][   T28] audit: type=1800 audit(1770757392.733:269): pid=12332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.1170" name="file1" dev="loop9" ino=1048681 res=0 errno=0
[ 1052.219035][T12335] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1052.295457][T12335] EXT4-fs error (device loop1): ext4_get_first_dir_block:3604: inode #12: block 80: comm syz.1.1171: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[ 1052.364290][T12335] EXT4-fs (loop1): Remounting filesystem read-only
[ 1052.379210][   T27] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[ 1052.402315][T12346] syz.9.1170: attempt to access beyond end of device
[ 1052.402315][T12346] loop9: rw=0, sector=1192, nr_sectors = 4 limit=256
[ 1052.433104][T12332] loop9: detected capacity change from 256 to 0
[ 1052.451865][T12346] syz.9.1170: attempt to access beyond end of device
[ 1052.451865][T12346] loop9: rw=0, sector=20, nr_sectors = 4 limit=0
[ 1052.488095][T11466] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1052.525060][T12346] FAT-fs (loop9): unable to read inode block for updating (i_pos 324)
[ 1052.549186][T12346] syz.9.1170: attempt to access beyond end of device
[ 1052.549186][T12346] loop9: rw=0, sector=20, nr_sectors = 4 limit=0
[ 1052.591530][T12346] FAT-fs (loop9): unable to read inode block for updating (i_pos 324)
[ 1052.613279][   T27] usb 5-1: config 0 has an invalid interface number: 7 but max is 0
[ 1054.154478][   T27] usb 5-1: config 0 has no interface number 0
[ 1054.180621][   T27] usb 5-1: New USB device found, idVendor=0f3d, idProduct=68a3, bcdDevice=2c.18
[ 1054.198571][T11285] syz-executor: attempt to access beyond end of device
[ 1054.198571][T11285] loop9: rw=0, sector=20, nr_sectors = 4 limit=0
[ 1054.200879][   T27] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1054.220878][   T27] usb 5-1: Product: syz
[ 1054.225096][   T27] usb 5-1: Manufacturer: syz
[ 1054.240484][T11285] syz-executor: attempt to access beyond end of device
[ 1054.240484][T11285] loop9: rw=0, sector=24, nr_sectors = 4 limit=0
[ 1054.263742][   T27] usb 5-1: SerialNumber: syz
[ 1054.269855][T11285] syz-executor: attempt to access beyond end of device
[ 1054.269855][T11285] loop9: rw=0, sector=28, nr_sectors = 4 limit=0
[ 1054.288766][   T27] usb 5-1: config 0 descriptor??
[ 1054.297563][T11285] syz-executor: attempt to access beyond end of device
[ 1054.297563][T11285] loop9: rw=0, sector=32, nr_sectors = 4 limit=0
[ 1054.316352][   T27] usb 5-1: Expected 3 endpoints, found: 0
[ 1054.329918][T11285] syz-executor: attempt to access beyond end of device
[ 1054.329918][T11285] loop9: rw=0, sector=36, nr_sectors = 4 limit=0
[ 1054.416078][T11285] FAT-fs (loop9): unable to read boot sector to mark fs as dirty
[ 1054.622385][ T9748] usb 5-1: USB disconnect, device number 17
[ 1054.854385][T11011] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1055.023008][T11011] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1055.165440][T11011] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1055.505495][T11011] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1057.000344][T12367] loop1: detected capacity change from 0 to 512
[ 1057.007563][T12367] ext4: Bad value for 'inode_readahead_blks'
[ 1057.046139][T11310] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1058.927231][T12381] loop1: detected capacity change from 0 to 512
[ 1058.934911][T12381] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1059.324883][T12260] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1059.336866][T12260] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1059.346334][T12260] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1059.354618][T12260] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1059.363834][T12260] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1059.413941][T12260] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1061.873442][ T5782] Bluetooth: hci2: command tx timeout
[ 1062.583590][T12410] loop6: detected capacity change from 0 to 256
[ 1062.673479][T12410] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[ 1063.105990][T12387] chnl_net:caif_netlink_parms(): no params data found
[ 1064.109814][ T5782] Bluetooth: hci2: command tx timeout
[ 1064.920223][T12387] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1064.949958][T12387] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1064.985737][T12387] bridge_slave_0: entered allmulticast mode
[ 1065.002323][T12387] bridge_slave_0: entered promiscuous mode
[ 1065.038059][T12387] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1065.058441][T12387] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1065.065776][T12387] bridge_slave_1: entered allmulticast mode
[ 1066.587204][ T5782] Bluetooth: hci2: command tx timeout
[ 1066.616274][T12446] loop4: detected capacity change from 0 to 2048
[ 1066.624875][T12387] bridge_slave_1: entered promiscuous mode
[ 1066.662998][T12446] EXT4-fs: Ignoring removed i_version option
[ 1066.888197][T12446] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1066.929277][T12446] ext4 filesystem being mounted at /244/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1066.946962][T12387] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1067.013770][T12387] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1067.117082][T12446] fs-verity: sha512 using implementation "sha512-avx2"
[ 1067.295633][T12387] team0: Port device team_slave_0 added
[ 1067.371679][T11011] hsr_slave_0: left promiscuous mode
[ 1067.418095][T11011] hsr_slave_1: left promiscuous mode
[ 1067.471045][T12443] loop1: detected capacity change from 0 to 32768
[ 1067.479781][T12443] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11
[ 1067.507673][T11011] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1067.515191][T11011] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1067.571424][ T7067] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1067.593145][T11011] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1067.600780][T11011] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1067.694179][T11011] bridge_slave_1: left allmulticast mode
[ 1067.720179][T11011] bridge_slave_1: left promiscuous mode
[ 1067.726042][T11011] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1067.770167][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1067.776941][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1067.829736][T11310] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 11
[ 1067.854970][T11011] bridge_slave_0: left allmulticast mode
[ 1067.870085][T11011] bridge_slave_0: left promiscuous mode
[ 1067.880813][T11011] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1067.968550][T11011] veth1_macvtap: left promiscuous mode
[ 1067.977488][T11011] veth0_macvtap: left promiscuous mode
[ 1067.990272][T11011] veth1_vlan: left promiscuous mode
[ 1068.001886][T11011] veth0_vlan: left promiscuous mode
[ 1068.789511][ T5782] Bluetooth: hci2: command tx timeout
[ 1068.936472][   T27] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[ 1069.160868][   T27] usb 7-1: Using ep0 maxpacket: 16
[ 1069.168328][   T27] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1069.196232][   T27] usb 7-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1069.205355][   T27] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1069.250121][   T27] usb 7-1: config 0 descriptor??
[ 1069.490278][T12481] loop6: detected capacity change from 0 to 8
[ 1069.569184][T11310] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1069.628408][T11011] team0 (unregistering): Port device team_slave_1 removed
[ 1069.723776][T11011] team0 (unregistering): Port device team_slave_0 removed
[ 1069.810156][T11011] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1069.820953][   T27] hid (null): unknown global tag 0xc
[ 1069.832739][   T27] hid (null): unknown global tag 0xc
[ 1069.838613][   T27] hid (null): global environment stack underflow
[ 1069.845134][   T27] hid (null): unknown global tag 0xc
[ 1069.850879][   T27] hid (null): global environment stack underflow
[ 1069.860778][   T27] hid (null): unknown global tag 0xe
[ 1069.866655][   T27] hid (null): unknown global tag 0xf4
[ 1069.888223][   T27] hid (null): invalid report_size 1623667742
[ 1069.895736][   T27] hid (null): unknown global tag 0xe
[ 1069.938777][T11011] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1070.039348][ T9514] usb 7-1: USB disconnect, device number 14
[ 1070.540061][T11011] bond0 (unregistering): Released all slaves
[ 1070.726038][T12387] team0: Port device team_slave_1 added
[ 1070.776992][T12387] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1070.784317][T12387] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1070.816333][T12387] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1070.855911][T12387] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1070.871391][T12387] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1070.903697][T12387] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1074.664122][T12387] hsr_slave_0: entered promiscuous mode
[ 1074.781786][T12387] hsr_slave_1: entered promiscuous mode
[ 1075.871192][T12529] loop1: detected capacity change from 0 to 512
[ 1075.899404][T12529] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[ 1075.936043][T12529] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1075.950505][T12517] loop6: detected capacity change from 0 to 32768
[ 1075.987415][T12517] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 11
[ 1076.112798][T12529] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #16: comm syz.1.1202: invalid indirect mapped block 4294967295 (level 0)
[ 1076.195234][T12529] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #16: comm syz.1.1202: invalid indirect mapped block 4294967295 (level 1)
[ 1076.283632][T12529] EXT4-fs (loop1): 1 orphan inode deleted
[ 1076.289440][T12529] EXT4-fs (loop1): 1 truncate cleaned up
[ 1076.309749][T12529] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1076.324247][T11310] BTRFS error: device /dev/loop6 already registered with a higher generation, found 8 expect 11
[ 1076.638810][T12541] loop4: detected capacity change from 0 to 8
[ 1076.653377][T11466] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1076.731024][T12541] SQUASHFS error: Failed to read block 0x8f: -5
[ 1076.775205][   T28] audit: type=1800 audit(1770757671.742:270): pid=12541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1199" name="file1" dev="loop4" ino=5 res=0 errno=0
[ 1078.478044][T12560] loop6: detected capacity change from 0 to 1024
[ 1078.575841][T12560] EXT4-fs (loop6): can't mount with data=, fs mounted w/o journal
[ 1078.780104][T12387] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1078.858138][T12387] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1078.873850][T12387] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1078.888312][T12387] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1080.097465][T12562] loop4: detected capacity change from 0 to 32768
[ 1080.119291][T12387] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1080.144243][T12562] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 11
[ 1080.195420][T12589] loop1: detected capacity change from 0 to 2048
[ 1080.195886][T12387] 8021q: adding VLAN 0 to HW filter on device team0
[ 1080.282046][T12589] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1080.341617][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1080.348850][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1080.370695][T11310] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 11
[ 1080.435274][T11001] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1080.442510][T11001] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1080.848041][T12387] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1081.735314][T12621] loop4: detected capacity change from 0 to 512
[ 1081.840571][T12621] EXT4-fs (loop4): Test dummy encryption mode enabled
[ 1081.896149][T12621] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[ 1081.937380][T12621] EXT4-fs (loop4): group descriptors corrupted!
[ 1082.201182][T12627] loop1: detected capacity change from 0 to 512
[ 1082.209412][T12627] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1082.576261][T12621] capability: warning: `syz.4.1217' uses deprecated v2 capabilities in a way that may be insecure
[ 1083.098816][T12632] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[ 1083.136639][T12632] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[ 1083.770518][T12387] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1083.887798][T12387] veth0_vlan: entered promiscuous mode
[ 1083.943664][T12387] veth1_vlan: entered promiscuous mode
[ 1084.077305][T12387] veth0_macvtap: entered promiscuous mode
[ 1084.093621][T12387] veth1_macvtap: entered promiscuous mode
[ 1084.138644][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1084.163757][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1084.180175][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1084.215770][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1084.244266][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1084.292480][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1084.329899][T12387] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1084.370409][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1084.402793][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1084.440464][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1084.489144][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1084.720676][T12387] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1084.856257][T12387] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1084.895571][T12387] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1085.025693][T12387] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1085.557815][T12387] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1085.759974][T12387] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1085.805210][T12387] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1086.421200][T12666] netlink: 'syz.6.1228': attribute type 34 has an invalid length.
[ 1086.907774][T12664] loop1: detected capacity change from 0 to 2048
[ 1087.063785][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1087.111890][T12664]  loop1: p1 < >
[ 1087.118187][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1087.363297][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1087.394479][T11310] udevd[11310]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[ 1087.426397][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1090.031591][    T8] usb 1-1: new full-speed USB device number 22 using dummy_hcd
[ 1090.331077][    T8] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1090.578630][    T8] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1090.780301][    T8] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1090.952838][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1090.990921][    T8] usb 1-1: SerialNumber: syz
[ 1091.947511][T12698] usb 1-1: USB disconnect, device number 22
[ 1092.458303][ T9514] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[ 1094.194814][ T9514] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1094.216593][ T9514] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1094.265816][ T9514] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1094.286019][ T9514] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1094.318374][ T9514] usb 2-1: SerialNumber: syz
[ 1096.085967][ T9514] usb 2-1: USB disconnect, device number 12
[ 1096.286595][T11547] usb 1-1: new low-speed USB device number 23 using dummy_hcd
[ 1096.504702][T11547] usb 1-1: config 0 has an invalid interface number: 4 but max is 0
[ 1096.604138][T11547] usb 1-1: config 0 has no interface number 0
[ 1096.646961][T11547] usb 1-1: New USB device found, idVendor=1c9e, idProduct=9b3c, bcdDevice=c1.48
[ 1096.727163][T11547] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1096.769872][T11547] usb 1-1: config 0 descriptor??
[ 1097.007962][T11547] usb 1-1: string descriptor 0 read error: -71
[ 1097.039031][T11547] usb 1-1: USB disconnect, device number 23
[ 1097.814281][ T5844] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[ 1098.052787][ T5844] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1098.081247][ T5844] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1098.131716][ T5844] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1098.288989][ T5844] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1098.297972][ T5844] usb 7-1: SerialNumber: syz
[ 1099.207425][ T5844] usb 7-1: 0:2 : does not exist
[ 1099.212410][ T5844] usb 7-1: unit 5: unexpected type 0x09
[ 1099.341749][ T5844] usb 7-1: USB disconnect, device number 15
[ 1099.414747][T11310] udevd[11310]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1099.607210][T12755] loop4: detected capacity change from 0 to 512
[ 1099.767734][T12755] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz.4.1235: invalid indirect mapped block 2 (level 1)
[ 1099.908480][T12755] EXT4-fs (loop4): 1 truncate cleaned up
[ 1099.982134][T12755] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1101.786389][ T7067] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1102.940393][T12780] loop4: detected capacity change from 0 to 1024
[ 1104.747166][    T8] usb 2-1: new low-speed USB device number 13 using dummy_hcd
[ 1104.951516][T12783] loop0: detected capacity change from 0 to 32768
[ 1104.974561][    T8] usb 2-1: config 0 has an invalid interface number: 4 but max is 0
[ 1104.987270][    T8] usb 2-1: config 0 has no interface number 0
[ 1105.015103][    T8] usb 2-1: New USB device found, idVendor=1c9e, idProduct=9b3c, bcdDevice=c1.48
[ 1105.040017][T12783] JBD2: Ignoring recovery information on journal
[ 1105.062761][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1105.068698][ T5844] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[ 1105.117157][    T8] usb 2-1: config 0 descriptor??
[ 1105.155302][T12783] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 1105.296930][ T5844] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1105.356188][ T5844] usb 7-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1105.365569][    T8] usb 2-1: string descriptor 0 read error: -71
[ 1105.391315][ T5844] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1105.413091][    T8] usb 2-1: USB disconnect, device number 13
[ 1105.450170][ T5844] usb 7-1: config 0 descriptor??
[ 1105.469875][T12798] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1105.756454][T12387] ocfs2: Unmounting device (7,0) on (node local)
[ 1106.048602][ T5844] elan 0003:04F3:0755.000E: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.6-1/input0
[ 1106.273498][T12798] loop6: detected capacity change from 0 to 2048
[ 1106.378806][T12798] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1106.642548][T12792] infiniband syz1: set down
[ 1107.202975][T12817] No such timeout policy "syz1"
[ 1108.349867][ T5844] usb 7-1: reset full-speed USB device number 16 using dummy_hcd
[ 1108.489796][T11547] syz1: rxe_query_port: returned err = -19
[ 1108.549272][   T61] smc: removing ib device syz1
[ 1110.055003][ T9514] usb 7-1: USB disconnect, device number 16
[ 1112.753134][T12839] loop0: detected capacity change from 0 to 1024
[ 1113.010051][ T1097] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1113.427576][ T1097] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1115.040614][ T1097] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1115.424299][ T1097] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1117.707994][T12260] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1117.725167][T12260] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1117.740725][T12260] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1117.765210][T12260] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1117.798894][T12260] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1117.809774][T12260] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1118.756595][T12892] loop1: detected capacity change from 0 to 512
[ 1118.761478][T12895] loop0: detected capacity change from 0 to 4096
[ 1118.802301][T12892] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1118.809823][T12892] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[ 1118.840455][T12895] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1118.862620][T12892] EXT4-fs warning (device loop1): ext4_expand_extra_isize_ea:2853: Unable to expand inode 15. Delete some EAs or run e2fsck.
[ 1118.913208][T12892] EXT4-fs (loop1): 1 truncate cleaned up
[ 1118.946830][T12892] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1119.479049][T12875] chnl_net:caif_netlink_parms(): no params data found
[ 1119.671571][T12387] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1120.131272][ T5782] Bluetooth: hci0: command tx timeout
[ 1121.686647][T12875] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1121.750684][T12875] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1121.777071][T12875] bridge_slave_0: entered allmulticast mode
[ 1121.798259][T12875] bridge_slave_0: entered promiscuous mode
[ 1122.329748][ T5782] Bluetooth: hci0: command tx timeout
[ 1123.728757][T12875] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1123.735967][T12875] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1123.785653][T12875] bridge_slave_1: entered allmulticast mode
[ 1123.836881][T12875] bridge_slave_1: entered promiscuous mode
[ 1123.964614][T12926] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1124.075490][ T1097] hsr_slave_0: left promiscuous mode
[ 1124.145533][ T1097] hsr_slave_1: left promiscuous mode
[ 1124.188275][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1124.195761][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1124.276105][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1124.286546][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1124.321635][T11466] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1124.349057][ T1097] bridge_slave_1: left allmulticast mode
[ 1124.355034][ T1097] bridge_slave_1: left promiscuous mode
[ 1124.404986][ T1097] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1126.008430][ T5782] Bluetooth: hci0: command tx timeout
[ 1126.086040][ T1097] bridge_slave_0: left allmulticast mode
[ 1126.092407][ T1097] bridge_slave_0: left promiscuous mode
[ 1126.098191][ T1097] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1128.204367][ T1097] veth1_macvtap: left promiscuous mode
[ 1128.219150][ T1097] veth0_macvtap: left promiscuous mode
[ 1128.224883][ T1097] veth1_vlan: left promiscuous mode
[ 1128.239832][T12260] Bluetooth: hci0: command tx timeout
[ 1128.253425][ T1097] veth0_vlan: left promiscuous mode
[ 1128.426747][T12973] loop0: detected capacity change from 0 to 2048
[ 1128.482283][T12973] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[ 1128.498749][T12973] UDF-fs: Scanning with blocksize 512 failed
[ 1128.527260][T12973] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1129.543532][T12978] loop1: detected capacity change from 0 to 8
[ 1129.594837][T12978] SQUASHFS error: lzo decompression failed, data probably corrupt
[ 1129.661730][T12978] SQUASHFS error: Failed to read block 0x91: -5
[ 1129.683610][T12978] SQUASHFS error: Unable to read metadata cache entry [8f]
[ 1129.690877][T12978] SQUASHFS error: Unable to read inode 0x11f
[ 1129.879375][T12980] loop6: detected capacity change from 0 to 2048
[ 1130.019721][T12980] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1130.140889][   T28] audit: type=1800 audit(1770757721.664:271): pid=12980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1279" name="file1" dev="loop6" ino=15 res=0 errno=0
[ 1130.207527][T12260] Bluetooth: hci1: command 0x0406 tx timeout
[ 1131.162895][T10017] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[ 1131.183664][ T1097] team0 (unregistering): Port device team_slave_1 removed
[ 1131.192895][T10017] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 134 with error 28
[ 1131.213773][T10017] EXT4-fs (loop6): This should not happen!! Data will be lost
[ 1131.213773][T10017] 
[ 1131.230631][T10017] EXT4-fs (loop6): Total free blocks count 0
[ 1131.251886][T10017] EXT4-fs (loop6): Free/Dirty block details
[ 1131.259503][T10017] EXT4-fs (loop6): free_blocks=4096
[ 1131.264886][T10017] EXT4-fs (loop6): dirty_blocks=144
[ 1131.273614][T10017] EXT4-fs (loop6): Block reservation details
[ 1131.281216][T10017] EXT4-fs (loop6): i_reserved_data_blocks=9
[ 1131.367334][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1131.379226][ T1097] team0 (unregistering): Port device team_slave_0 removed
[ 1131.491005][ T1097] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1131.753701][ T1097] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1133.426638][ T1097] bond0 (unregistering): Released all slaves
[ 1133.478185][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1133.484513][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1133.735496][T12875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1133.791442][T12875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1134.068016][T12875] team0: Port device team_slave_0 added
[ 1134.125314][T12875] team0: Port device team_slave_1 added
[ 1134.182642][T13002] loop0: detected capacity change from 0 to 2048
[ 1134.242660][T13002] EXT4-fs: Ignoring removed i_version option
[ 1134.249065][T13006] loop1: detected capacity change from 0 to 256
[ 1134.310355][T12875] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1134.340356][T12875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1134.421865][T13002] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1134.472976][T13006] FAT-fs (loop1): Directory bread(block 64) failed
[ 1134.479587][T13006] FAT-fs (loop1): Directory bread(block 65) failed
[ 1134.493549][T12875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1134.527116][T13002] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1134.538457][T13006] FAT-fs (loop1): Directory bread(block 66) failed
[ 1134.545040][T13006] FAT-fs (loop1): Directory bread(block 67) failed
[ 1134.560040][T12875] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1134.560383][T13006] FAT-fs (loop1): Directory bread(block 68) failed
[ 1134.567021][T12875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1134.567048][T12875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1134.750447][T13006] FAT-fs (loop1): Directory bread(block 69) failed
[ 1134.776886][T13006] FAT-fs (loop1): Directory bread(block 70) failed
[ 1134.793719][T13006] FAT-fs (loop1): Directory bread(block 71) failed
[ 1134.800416][T13006] FAT-fs (loop1): Directory bread(block 72) failed
[ 1134.828896][T13006] FAT-fs (loop1): Directory bread(block 73) failed
[ 1134.941736][T12387] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1135.008687][T12875] hsr_slave_0: entered promiscuous mode
[ 1135.219941][ T5782] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[ 1136.562073][T12875] hsr_slave_1: entered promiscuous mode
[ 1136.584732][T12875] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1136.592460][T12875] Cannot create hsr debugfs directory
[ 1139.121302][   T28] audit: type=1326 audit(1770757728.923:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13036 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[ 1139.183004][   T28] audit: type=1326 audit(1770757728.932:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13036 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[ 1139.358006][   T28] audit: type=1326 audit(1770757728.960:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13036 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[ 1139.461452][   T28] audit: type=1326 audit(1770757728.988:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13036 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[ 1139.568088][   T28] audit: type=1326 audit(1770757728.988:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13036 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[ 1139.690062][   T28] audit: type=1326 audit(1770757729.035:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13036 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[ 1141.328640][   T28] audit: type=1326 audit(1770757729.044:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13036 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[ 1141.421772][   T28] audit: type=1326 audit(1770757729.044:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13036 comm="syz.1.1292" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac01f9bf79 code=0x7ffc0000
[ 1142.479937][ T9514] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[ 1142.760875][ T9514] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1142.798250][ T9514] usb 1-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1142.818395][ T9514] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1142.874223][ T9514] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1142.897025][ T9514] usb 1-1: config 1 has no interface number 1
[ 1142.929637][ T9514] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1142.950239][ T9514] usb 1-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[ 1142.987090][ T9514] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1143.003392][ T9514] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1143.029751][ T9514] usb 1-1: Product: syz
[ 1143.033993][ T9514] usb 1-1: Manufacturer: syz
[ 1143.050963][ T9514] usb 1-1: SerialNumber: syz
[ 1143.553437][ T9514] usb 1-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[ 1143.572612][ T9514] usb 1-1: MIDIStreaming interface descriptor not found
[ 1143.710113][ T9514] usb 1-1: USB disconnect, device number 24
[ 1144.219754][ T5782] Bluetooth: hci2: command 0x0406 tx timeout
[ 1144.330695][T11032] udevd[11032]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1148.281326][   T28] audit: type=1326 audit(1770757737.585:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13082 comm="syz.0.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab2d9bf79 code=0x7ffc0000
[ 1148.349600][   T28] audit: type=1326 audit(1770757737.585:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13082 comm="syz.0.1302" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdab2d9bf79 code=0x7ffc0000
[ 1151.614185][T12875] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1151.652304][T12698] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[ 1151.682680][T12875] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1151.763944][T12875] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1151.847388][T12875] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1151.889569][T12698] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1151.929582][T12698] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 3
[ 1152.002305][T12698] usb 7-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[ 1152.040042][T12698] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1152.102448][T12698] usb 7-1: config 0 descriptor??
[ 1152.579730][T12875] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1152.594807][T12698] usb 7-1: Direct firmware load for ar3k/AthrBT_0x00000000.dfu failed with error -2
[ 1152.670643][T12698] usb 7-1: Falling back to sysfs fallback for: ar3k/AthrBT_0x00000000.dfu
[ 1152.724734][T12875] 8021q: adding VLAN 0 to HW filter on device team0
[ 1152.792652][   T61] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1152.799923][   T61] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1152.866628][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1152.873861][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1153.110070][T12875] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1153.997087][T13149] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1307'.
[ 1155.181272][T12875] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1155.840213][T12875] veth0_vlan: entered promiscuous mode
[ 1155.872705][T12875] veth1_vlan: entered promiscuous mode
[ 1156.018553][T12875] veth0_macvtap: entered promiscuous mode
[ 1156.072450][T12875] veth1_macvtap: entered promiscuous mode
[ 1156.147763][T12875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1156.178644][T12875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1156.210680][T12875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1156.238360][T12875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1156.302624][T12875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1156.315115][T12875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1156.347707][T12875] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1156.432006][T12875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1156.452179][T12875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1156.462140][T12875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1156.499503][T12875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1156.533117][T12875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1156.548380][T12875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1156.634918][T12875] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1156.668573][T12875] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1156.698062][T12875] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1156.730122][T12875] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1156.758044][T12875] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1157.072737][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1157.080701][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1157.212380][T11009] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1157.974205][T11009] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1158.230846][T13173] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1310'.
[ 1161.952728][T13193] loop6: detected capacity change from 0 to 164
[ 1162.049907][T11310] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1162.623925][T13199] netlink: 'syz.6.1314': attribute type 7 has an invalid length.
[ 1162.717771][T13199] netlink: 'syz.6.1314': attribute type 8 has an invalid length.
[ 1163.181395][T13211] loop6: detected capacity change from 0 to 128
[ 1164.405900][T13203] loop2: detected capacity change from 0 to 32768
[ 1164.470558][T13203] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.1311 (13203)
[ 1164.536981][T13203] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1164.563376][T13203] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[ 1164.603806][T13203] BTRFS info (device loop2): using free space tree
[ 1164.862348][T13203] BTRFS info (device loop2): enabling ssd optimizations
[ 1164.873263][T13203] BTRFS info (device loop2): auto enabling async discard
[ 1165.469262][T13246] overlayfs: failed to resolve './file2': -2
[ 1167.310585][T12875] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1169.481667][T13260] loop6: detected capacity change from 0 to 1024
[ 1170.107801][T11137] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 11 /dev/loop2 scanned by udevd (11137)
[ 1170.917075][ T1097] hfsplus: b-tree write err: -5, ino 8
[ 1171.486084][T13272] loop6: detected capacity change from 0 to 1024
[ 1171.619831][ T5782] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1171.633160][ T5782] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1171.641762][ T5782] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1171.695525][ T5782] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1171.707992][ T5782] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1171.715458][ T5782] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1171.918444][T13272] hfsplus: invalid file type 0120411 for inode 2
[ 1171.956758][T13272] hfsplus: failed to load root directory
[ 1173.687847][T13275] chnl_net:caif_netlink_parms(): no params data found
[ 1173.899703][ T5782] Bluetooth: hci4: command tx timeout
[ 1173.988947][T13300] loop2: detected capacity change from 0 to 512
[ 1174.201425][T13300] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1174.238897][T13275] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1174.284457][T13300] ext4 filesystem being mounted at /4/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1174.305691][T13275] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1174.313480][T13275] bridge_slave_0: entered allmulticast mode
[ 1174.374740][T13275] bridge_slave_0: entered promiscuous mode
[ 1174.600518][T13275] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1174.621166][T13275] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1174.654777][T13275] bridge_slave_1: entered allmulticast mode
[ 1174.674841][T13275] bridge_slave_1: entered promiscuous mode
[ 1174.830573][T12875] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1174.874648][ T1097] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1175.167482][T13275] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1175.317972][ T1097] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1175.341370][T13275] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1175.512428][ T1097] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1177.057583][ T5782] Bluetooth: hci4: command tx timeout
[ 1177.088767][T13275] team0: Port device team_slave_0 added
[ 1177.766301][ T1097] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1177.810761][T13275] team0: Port device team_slave_1 added
[ 1177.821225][T13329] loop0: detected capacity change from 0 to 128
[ 1177.913661][T13275] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1177.951278][T13275] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1178.068570][T13275] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1178.170413][T13275] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1178.191389][T13318] loop2: detected capacity change from 0 to 32768
[ 1178.214692][T13275] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1178.318220][T13275] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1178.646189][ T5782] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[ 1179.576536][ T5782] Bluetooth: hci4: command tx timeout
[ 1179.801952][T13275] hsr_slave_0: entered promiscuous mode
[ 1180.132439][T13275] hsr_slave_1: entered promiscuous mode
[ 1180.169270][T13275] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1180.185474][T13275] Cannot create hsr debugfs directory
[ 1180.843678][T13352] loop0: detected capacity change from 0 to 256
[ 1180.919524][T13352] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[ 1181.061323][ T5782] Bluetooth: hci2: unexpected event for opcode 0x202d
[ 1181.800110][ T5782] Bluetooth: hci4: command tx timeout
[ 1184.109292][ T9514] usb 1-1: new low-speed USB device number 25 using dummy_hcd
[ 1184.337947][ T9514] usb 1-1: config 0 has an invalid interface number: 4 but max is 0
[ 1184.347258][ T9514] usb 1-1: config 0 has no interface number 0
[ 1184.357890][ T9514] usb 1-1: New USB device found, idVendor=1c9e, idProduct=9b3c, bcdDevice=c1.48
[ 1184.378148][ T9514] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1184.397298][ T9514] usb 1-1: config 0 descriptor??
[ 1184.648347][ T9514] usb 1-1: string descriptor 0 read error: -71
[ 1184.663520][ T9514] usb 1-1: USB disconnect, device number 25
[ 1186.136391][T13275] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1186.256022][T13275] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1186.291429][T13275] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1186.333096][T13275] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1186.391676][ T1097] hsr_slave_0: left promiscuous mode
[ 1186.425042][ T1097] hsr_slave_1: left promiscuous mode
[ 1186.431350][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1186.438905][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1186.472513][ T1097] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1186.479973][ T1097] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1186.502404][ T1097] bridge_slave_1: left allmulticast mode
[ 1186.525553][ T1097] bridge_slave_1: left promiscuous mode
[ 1186.531396][ T1097] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1186.574907][ T1097] bridge_slave_0: left allmulticast mode
[ 1186.589161][ T1097] bridge_slave_0: left promiscuous mode
[ 1186.595070][ T1097] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1186.696863][ T1097] veth1_macvtap: left promiscuous mode
[ 1186.702482][ T1097] veth0_macvtap: left promiscuous mode
[ 1186.717958][ T1097] veth1_vlan: left promiscuous mode
[ 1186.723410][ T1097] veth0_vlan: left promiscuous mode
[ 1187.114627][ T5782] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[ 1188.755705][ T1097] team0 (unregistering): Port device team_slave_1 removed
[ 1188.842427][ T1097] team0 (unregistering): Port device team_slave_0 removed
[ 1188.907489][ T1097] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1189.024542][ T1097] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1191.220626][ T1097] bond0 (unregistering): Released all slaves
[ 1191.613761][ T1191] usb 1-1: new full-speed USB device number 26 using dummy_hcd
[ 1191.652235][T13275] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1191.702090][T13275] 8021q: adding VLAN 0 to HW filter on device team0
[ 1191.717202][T11016] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1191.724431][T11016] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1191.804465][T11016] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1191.811823][T11016] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1191.831364][ T1191] usb 1-1: config 5 has an invalid interface number: 211 but max is 0
[ 1191.843678][ T1191] usb 1-1: config 5 has no interface number 0
[ 1191.853503][ T1191] usb 1-1: New USB device found, idVendor=813a, idProduct=22fe, bcdDevice=89.9c
[ 1191.883245][ T1191] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1191.891421][ T1191] usb 1-1: Product: syz
[ 1191.901891][ T1191] usb 1-1: Manufacturer: syz
[ 1191.910889][ T1191] usb 1-1: SerialNumber: syz
[ 1191.964607][ T1191] usb 1-1: bad CDC descriptors
[ 1191.977569][ T1191] usb 1-1: bad CDC descriptors
[ 1192.047807][T13275] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1192.811478][T13452] Bluetooth: MGMT ver 1.22
[ 1194.588149][ T9514] usb 1-1: USB disconnect, device number 26
[ 1194.796163][T13275] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1194.962516][T13275] veth0_vlan: entered promiscuous mode
[ 1194.997565][T13275] veth1_vlan: entered promiscuous mode
[ 1195.095256][T13275] veth0_macvtap: entered promiscuous mode
[ 1195.126673][T13275] veth1_macvtap: entered promiscuous mode
[ 1195.228676][T13275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1195.267997][T13275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1195.291283][T13275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1195.312844][T13275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1195.322767][T13275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1195.365534][T13275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1195.389031][T13275] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1195.448924][T13275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1195.472480][T13275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1195.494383][T13275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1195.520645][T13275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1195.537653][T13275] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1195.562304][T13275] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1195.596117][T13275] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1195.640414][T13275] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1195.669345][T13275] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1195.704718][T13275] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1195.731447][T13275] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1195.961190][T11016] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1195.983391][T11016] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1196.015620][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1196.038907][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1196.468223][T13481] loop2: detected capacity change from 0 to 256
[ 1198.422850][T13473] loop0: detected capacity change from 0 to 32768
[ 1198.479377][T13473] JBD2: Ignoring recovery information on journal
[ 1198.566740][T13494] loop3: detected capacity change from 0 to 2048
[ 1198.671086][T13473] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 1198.981203][T13494] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1199.013274][   T28] audit: type=1800 audit(1770757786.104:282): pid=13494 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1354" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1199.054518][T13505] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[ 1199.192224][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1199.198826][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1199.235551][   T28] audit: type=1804 audit(1770757786.300:283): pid=13507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1348" name="/newroot/41/file1/bus" dev="loop0" ino=17059 res=1 errno=0
[ 1199.621073][    T8] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1199.799076][T12387] ocfs2: Unmounting device (7,0) on (node local)
[ 1199.812335][    T8] usb 4-1: device descriptor read/64, error -71
[ 1200.134353][    T8] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[ 1200.326808][    T8] usb 4-1: device descriptor read/64, error -71
[ 1200.333697][ T1191] usb 3-1: new full-speed USB device number 20 using dummy_hcd
[ 1200.465721][    T8] usb usb4-port1: attempt power cycle
[ 1200.580715][ T1191] usb 3-1: config 5 has an invalid interface number: 211 but max is 0
[ 1200.613548][ T1191] usb 3-1: config 5 has no interface number 0
[ 1200.649753][ T1191] usb 3-1: New USB device found, idVendor=813a, idProduct=22fe, bcdDevice=89.9c
[ 1200.673959][ T1191] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1200.866418][T13530] overlayfs: conflicting lowerdir path
[ 1201.025848][ T1191] usb 3-1: Product: syz
[ 1201.030581][    T8] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 1201.102376][ T1191] usb 3-1: Manufacturer: syz
[ 1201.195309][ T1191] usb 3-1: SerialNumber: syz
[ 1201.225414][    T8] usb 4-1: device descriptor read/8, error -71
[ 1201.276596][ T1191] usb 3-1: bad CDC descriptors
[ 1201.316681][ T1191] usb 3-1: bad CDC descriptors
[ 1201.496452][T13538] netlink: 'syz.0.1359': attribute type 34 has an invalid length.
[ 1203.449248][  T787] usb 3-1: USB disconnect, device number 20
[ 1203.469881][    T8] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[ 1203.743177][    T8] usb 4-1: device not accepting address 27, error -71
[ 1203.750438][    T8] usb usb4-port1: unable to enumerate USB device
[ 1203.878437][T13275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1206.275883][T13568] binder: 13567:13568 ioctl 4018620d 0 returned -22
[ 1206.351096][T13568] loop6: detected capacity change from 0 to 512
[ 1206.401673][T13568] EXT4-fs: Ignoring removed oldalloc option
[ 1206.446131][T13568] EXT4-fs (loop6): 1 truncate cleaned up
[ 1206.518429][T13568] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1206.564715][T13552] loop0: detected capacity change from 0 to 32768
[ 1206.604085][T13552] JBD2: Ignoring recovery information on journal
[ 1206.866207][T13552] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 1207.179399][T13552] loop0: detected capacity change from 32768 to 64
[ 1207.286410][T13578] bio_check_eod: 265 callbacks suppressed
[ 1207.286429][T13578] jbd2/loop0-75: attempt to access beyond end of device
[ 1207.286429][T13578] loop0: rw=38913, sector=642, nr_sectors = 1 limit=64
[ 1207.431938][T13578] jbd2/loop0-75: attempt to access beyond end of device
[ 1207.431938][T13578] loop0: rw=38913, sector=643, nr_sectors = 1 limit=64
[ 1207.458587][T13578] jbd2/loop0-75: attempt to access beyond end of device
[ 1207.458587][T13578] loop0: rw=38913, sector=644, nr_sectors = 1 limit=64
[ 1207.497027][T13578] jbd2/loop0-75: attempt to access beyond end of device
[ 1207.497027][T13578] loop0: rw=38913, sector=645, nr_sectors = 1 limit=64
[ 1207.544008][T12387] syz-executor: attempt to access beyond end of device
[ 1207.544008][T12387] loop0: rw=0, sector=17057, nr_sectors = 1 limit=64
[ 1207.578801][T13578] jbd2/loop0-75: attempt to access beyond end of device
[ 1207.578801][T13578] loop0: rw=38913, sector=646, nr_sectors = 1 limit=64
[ 1207.579923][T12387] (syz-executor,12387,0):ocfs2_read_locked_inode:521 ERROR: status = -5
[ 1207.623445][T12387] syz-executor: attempt to access beyond end of device
[ 1207.623445][T12387] loop0: rw=0, sector=17057, nr_sectors = 1 limit=64
[ 1207.647992][T13578] jbd2/loop0-75: attempt to access beyond end of device
[ 1207.647992][T13578] loop0: rw=38913, sector=647, nr_sectors = 1 limit=64
[ 1207.680607][T13578] jbd2/loop0-75: attempt to access beyond end of device
[ 1207.680607][T13578] loop0: rw=38913, sector=648, nr_sectors = 1 limit=64
[ 1207.696822][T12387] (syz-executor,12387,0):ocfs2_read_locked_inode:521 ERROR: status = -5
[ 1207.717379][T13578] jbd2/loop0-75: attempt to access beyond end of device
[ 1207.717379][T13578] loop0: rw=38913, sector=649, nr_sectors = 1 limit=64
[ 1207.767506][T13578] Aborting journal on device loop0-75.
[ 1207.773965][T13578] Buffer I/O error on dev loop0, logical block 640, lost sync page write
[ 1207.797768][T13586] loop3: detected capacity change from 0 to 2048
[ 1207.815328][T13578] JBD2: I/O error when updating journal superblock for loop0-75.
[ 1208.112075][T13586] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1208.251596][   T28] audit: type=1800 audit(1770757794.737:284): pid=13586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1369" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1208.286072][T12387] (syz-executor,12387,0):__ocfs2_flush_truncate_log:6033 ERROR: status = -5
[ 1208.299665][T12387] (syz-executor,12387,0):ocfs2_sync_fs:404 ERROR: status = -5
[ 1208.319890][T12387] (syz-executor,12387,0):ocfs2_start_trans:379 ERROR: status = -30
[ 1208.419712][T12387] OCFS2: abort (device loop0): handle_t *ocfs2_start_trans(struct ocfs2_super *, int): Detected aborted journal
[ 1208.607926][T12387] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 1208.789701][T12387] OCFS2: File system is now read-only.
[ 1208.900373][T12387] (syz-executor,12387,1):ocfs2_shutdown_local_alloc:418 ERROR: status = -30
[ 1208.916680][T12387] (syz-executor,12387,1):__ocfs2_flush_truncate_log:6033 ERROR: status = -5
[ 1208.926181][T12387] (syz-executor,12387,1):ocfs2_truncate_log_shutdown:6322 ERROR: status = -5
[ 1208.953027][T12387] Buffer I/O error on dev loop0, logical block 17024, lost sync page write
[ 1208.974538][T12387] (syz-executor,12387,1):ocfs2_write_block:78 ERROR: status = -5
[ 1209.007303][T12387] (syz-executor,12387,1):ocfs2_update_disk_slot:199 ERROR: status = -5
[ 1209.015692][T12387] (syz-executor,12387,1):ocfs2_put_slot:517 ERROR: status = -5
[ 1209.063494][T12387] (syz-executor,12387,1):ocfs2_journal_shutdown:1107 ERROR: status = -5
[ 1209.178921][T12387] ocfs2: Unmounting device (7,0) on (node local)
[ 1209.338935][T13387] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[ 1209.520390][T13387] usb 4-1: device descriptor read/64, error -71
[ 1209.695403][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1209.841377][T13387] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 1210.054938][T13387] usb 4-1: device descriptor read/64, error -71
[ 1210.183765][T13387] usb usb4-port1: attempt power cycle
[ 1210.942300][T13387] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 1211.220356][T13387] usb 4-1: device descriptor read/8, error -71
[ 1211.283074][T13275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1213.450507][T13619] loop3: detected capacity change from 0 to 128
[ 1213.691414][T13619] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1213.785164][T13619] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1213.873396][T12260] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1213.886606][T12260] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1213.895989][T12260] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1213.908439][T12260] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1213.926291][T12260] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1213.933932][T12260] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1214.479014][T13275] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1214.606225][T13622] chnl_net:caif_netlink_parms(): no params data found
[ 1216.388750][T12260] Bluetooth: hci1: command tx timeout
[ 1216.482898][T13622] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1216.510415][T13622] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1216.523054][T13622] bridge_slave_0: entered allmulticast mode
[ 1216.574535][T13622] bridge_slave_0: entered promiscuous mode
[ 1216.601685][T13622] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1216.636070][T13622] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1216.675092][T13622] bridge_slave_1: entered allmulticast mode
[ 1216.704946][T13622] bridge_slave_1: entered promiscuous mode
[ 1216.827519][T13622] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1216.891429][T13622] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1218.004804][T13622] team0: Port device team_slave_0 added
[ 1218.018214][T13622] team0: Port device team_slave_1 added
[ 1218.163937][T13622] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1218.217820][T13622] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1218.286582][T13622] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1218.320074][T13622] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1218.327096][T13622] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1219.858180][T12260] Bluetooth: hci1: command tx timeout
[ 1219.954460][T13622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1220.223143][T13622] hsr_slave_0: entered promiscuous mode
[ 1220.260222][T13622] hsr_slave_1: entered promiscuous mode
[ 1220.296899][T13622] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1220.304562][T13622] Cannot create hsr debugfs directory
[ 1220.420696][T13675] loop6: detected capacity change from 0 to 1024
[ 1222.306386][T12260] Bluetooth: hci1: command tx timeout
[ 1222.341415][T12698] Bluetooth: Patch file not found ar3k/AthrBT_0x00000000.dfu
[ 1222.348876][T12698] Bluetooth: Loading patch file failed
[ 1222.389387][T12698] ath3k: probe of 7-1:0.0 failed with error -110
[ 1222.431200][T12698] usb 7-1: USB disconnect, device number 17
[ 1224.957669][T12260] Bluetooth: hci1: command tx timeout
[ 1224.957685][ T9748] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[ 1225.175038][ T9748] usb 3-1: config 5 has an invalid interface number: 211 but max is 0
[ 1225.201192][ T9748] usb 3-1: config 5 has no interface number 0
[ 1225.264103][ T9748] usb 3-1: New USB device found, idVendor=813a, idProduct=22fe, bcdDevice=89.9c
[ 1225.291206][ T9748] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1225.324615][ T9748] usb 3-1: Product: syz
[ 1225.328858][ T9748] usb 3-1: Manufacturer: syz
[ 1225.335963][ T9748] usb 3-1: SerialNumber: syz
[ 1225.358305][ T9748] usb 3-1: bad CDC descriptors
[ 1225.395361][ T9748] usb 3-1: bad CDC descriptors
[ 1225.449738][T13387] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[ 1225.710468][T13622] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1225.763826][T13622] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1225.855912][T13387] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1225.866333][T13387] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 3
[ 1225.875755][T13387] usb 7-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[ 1225.885061][T13387] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1225.905784][T13387] usb 7-1: config 0 descriptor??
[ 1226.161563][T13622] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1226.399877][T13622] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1226.716924][T13387] Bluetooth: Can't get version to change to load ram patch err
[ 1226.769231][T13387] Bluetooth: Loading sysconfig file failed
[ 1226.809164][T13387] ath3k: probe of 7-1:0.0 failed with error -71
[ 1226.866922][T13387] usb 7-1: USB disconnect, device number 18
[ 1227.078651][T13622] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1227.260900][T13622] 8021q: adding VLAN 0 to HW filter on device team0
[ 1227.321982][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1227.329259][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1227.734486][    T8] usb 3-1: USB disconnect, device number 21
[ 1227.749872][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1227.757066][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1231.509361][T13746] loop3: detected capacity change from 0 to 512
[ 1232.027039][T13622] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1232.111197][T13746] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1232.196706][T13746] ext4 filesystem being mounted at /9/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1233.399830][T13275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1234.594545][T13764] loop3: detected capacity change from 0 to 4096
[ 1234.616950][T13764] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1234.718530][T13764] EXT4-fs (loop3): shut down requested (1)
[ 1235.389531][T13622] veth0_vlan: entered promiscuous mode
[ 1235.421748][T13622] veth1_vlan: entered promiscuous mode
[ 1235.557115][T13622] veth0_macvtap: entered promiscuous mode
[ 1235.619321][T13275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1235.641801][T13622] veth1_macvtap: entered promiscuous mode
[ 1235.710720][T13622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1236.742109][   T28] audit: type=1326 audit(1770757820.592:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13778 comm="syz.6.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1236.812103][   T28] audit: type=1326 audit(1770757820.592:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13778 comm="syz.6.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1236.835376][T13622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1236.845283][T13622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1236.858148][T13622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1236.860228][   T28] audit: type=1326 audit(1770757820.592:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13778 comm="syz.6.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1236.868911][T13622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1236.902336][T13622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1236.912496][T13622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1236.927267][T13622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1236.952516][   T28] audit: type=1326 audit(1770757820.592:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13778 comm="syz.6.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1236.977032][T13622] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1236.999385][T13622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1237.014919][   T28] audit: type=1326 audit(1770757820.592:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13778 comm="syz.6.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1237.049220][T13622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1237.059128][T13622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1237.084703][   T28] audit: type=1326 audit(1770757820.592:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13778 comm="syz.6.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1237.107477][T12698] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[ 1237.123575][T13622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1237.133471][T13622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1237.177040][   T28] audit: type=1326 audit(1770757820.592:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13778 comm="syz.6.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1237.199619][T13622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1237.221324][T13622] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1237.241506][T13622] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1237.251500][   T28] audit: type=1326 audit(1770757820.592:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13778 comm="syz.6.1393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1237.286351][T13622] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1237.333623][T13622] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1237.350879][T13622] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1237.359878][T12698] usb 4-1: Using ep0 maxpacket: 32
[ 1237.371024][T12698] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1237.390793][T12698] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1237.411358][T13622] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1237.421056][T12698] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1237.436274][T13622] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1237.452037][T12698] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1237.499183][T12698] usb 4-1: config 0 descriptor??
[ 1237.723898][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1237.731782][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1237.817528][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1237.849158][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1238.019935][T12698] savu 0003:1E7D:2D5A.000F: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[ 1238.374052][T13003] usb 4-1: USB disconnect, device number 32
[ 1240.393335][T13815] loop3: detected capacity change from 0 to 512
[ 1240.463019][T13815] EXT4-fs (loop3): revision level too high, forcing read-only mode
[ 1240.480594][T13815] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[ 1240.523351][T13815] System zones: 0-1, 15-15, 18-18, 34-34
[ 1240.548463][T13815] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1240.592779][T13815] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=0
[ 1240.618653][T13799] loop7: detected capacity change from 0 to 32768
[ 1240.654898][T13815] EXT4-fs warning (device loop3): ext4_enable_quotas:7184: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1240.720971][T13799] BTRFS info (device loop7): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1240.742579][T13815] EXT4-fs (loop3): Cannot turn on quotas: error -22
[ 1240.753499][T13799] BTRFS info (device loop7): using sha256 (sha256-avx2) checksum algorithm
[ 1240.772575][T13815] EXT4-fs (loop3): 1 truncate cleaned up
[ 1240.784995][T13799] BTRFS info (device loop7): using free space tree
[ 1240.795325][T13815] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1240.946093][T13815] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000.
[ 1240.958572][T13799] BTRFS info (device loop7): enabling ssd optimizations
[ 1240.980590][T13799] BTRFS info (device loop7): auto enabling async discard
[ 1241.103431][T13275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1241.416800][T13847] loop6: detected capacity change from 0 to 1764
[ 1241.547783][T13848] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1241.642162][T13622] BTRFS info (device loop7): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[ 1241.777422][T13855] loop6: detected capacity change from 0 to 128
[ 1241.854893][T13855] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1241.880083][T13855] ext4 filesystem being mounted at /210/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1242.464115][ T8783] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1243.100327][T13871] netlink: 'syz.3.1408': attribute type 34 has an invalid length.
[ 1244.690650][T13879] loop6: detected capacity change from 0 to 2048
[ 1244.889469][T13879] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1244.999632][T13891] loop3: detected capacity change from 0 to 1024
[ 1245.024254][   T28] audit: type=1800 audit(1770757829.132:293): pid=13879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1407" name="file1" dev="loop6" ino=15 res=0 errno=0
[ 1245.223856][T13891] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1246.488602][ T5847] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[ 1246.632539][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1246.652805][T13275] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1246.988066][T13907] loop6: detected capacity change from 0 to 2048
[ 1247.098764][T13387] usb 8-1: new full-speed USB device number 11 using dummy_hcd
[ 1247.137729][T13907] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1247.889448][T13907] EXT4-fs error (device loop6): ext4_map_blocks:608: inode #12: block 2: comm syz.6.1416: lblock 0 mapped to illegal pblock 2 (length 1)
[ 1248.024654][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1248.060795][T13387] usb 8-1: config 5 has an invalid interface number: 211 but max is 0
[ 1248.069087][T13387] usb 8-1: config 5 has no interface number 0
[ 1248.086812][T13387] usb 8-1: New USB device found, idVendor=813a, idProduct=22fe, bcdDevice=89.9c
[ 1248.099618][T13387] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1248.111102][T13920] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1419'.
[ 1248.120134][T13387] usb 8-1: Product: syz
[ 1248.124741][T13387] usb 8-1: Manufacturer: syz
[ 1248.129394][T13387] usb 8-1: SerialNumber: syz
[ 1248.199205][T13387] usb 8-1: bad CDC descriptors
[ 1248.219322][T13387] usb 8-1: bad CDC descriptors
[ 1252.392496][ T5782] Bluetooth: hci0: command 0x0406 tx timeout
[ 1252.593268][ T9514] usb 8-1: USB disconnect, device number 11
[ 1252.864247][T13937] netlink: 'syz.2.1422': attribute type 34 has an invalid length.
[ 1263.361504][T14023] loop7: detected capacity change from 0 to 512
[ 1263.381800][T14023] ext4: Unknown parameter 'rootcontext'
[ 1265.206937][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1265.218529][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1268.780028][T14059] loop7: detected capacity change from 0 to 512
[ 1268.787400][T14059] EXT4-fs: inline encryption not supported
[ 1268.958438][T14059] EXT4-fs (loop7): 1 orphan inode deleted
[ 1268.965648][T14059] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1268.978484][   T61] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1268.978690][   T61] EXT4-fs error (device loop7): ext4_release_dquot:6985: comm kworker/u4:4: Failed to release dquot type 1
[ 1269.062662][T14059] ext4 filesystem being mounted at /15/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1270.261216][T13622] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1274.059157][T14103] syz.7.1457 uses obsolete (PF_INET,SOCK_PACKET)
[ 1275.054898][T14114] loop6: detected capacity change from 0 to 512
[ 1275.150209][T14114] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[ 1276.484547][T14114] EXT4-fs error (device loop6): ext4_validate_block_bitmap:430: comm syz.6.1458: bg 0: block 104: invalid block bitmap
[ 1276.635888][T14114] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6653: Corrupt filesystem
[ 1276.753818][T14114] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.1458: invalid indirect mapped block 1 (level 1)
[ 1276.922162][T14114] EXT4-fs (loop6): 1 truncate cleaned up
[ 1277.008101][T14114] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1277.351662][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1282.255967][T14159] loop7: detected capacity change from 0 to 512
[ 1282.433515][T14159] EXT4-fs error (device loop7): ext4_iget_extra_inode:4732: inode #15: comm syz.7.1468: corrupted in-inode xattr: invalid ea_ino
[ 1282.546657][T14159] EXT4-fs error (device loop7): ext4_orphan_get:1403: comm syz.7.1468: couldn't read orphan inode 15 (err -117)
[ 1282.586866][T14159] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1282.920052][T13622] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1283.232270][   T27] IPVS: starting estimator thread 0...
[ 1283.300736][T14168] IPVS: lblcr: FWM 3 0x00000003 - no destination available
[ 1283.350068][T14170] IPVS: using max 23 ests per chain, 55200 per kthread
[ 1283.575128][ T5782] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1283.606520][ T5782] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1283.619577][ T5782] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1283.650391][ T5782] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1283.674848][ T5782] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1283.683832][ T5782] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1283.855046][   T28] audit: type=1326 audit(1770757865.463:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14177 comm="syz.2.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1283.897452][   T28] audit: type=1326 audit(1770757865.463:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14177 comm="syz.2.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1283.969787][   T28] audit: type=1326 audit(1770757865.472:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14177 comm="syz.2.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1284.069913][   T28] audit: type=1326 audit(1770757865.472:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14177 comm="syz.2.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1284.261007][   T28] audit: type=1326 audit(1770757865.482:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14177 comm="syz.2.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1284.338546][   T28] audit: type=1326 audit(1770757865.482:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14177 comm="syz.2.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1284.425684][   T28] audit: type=1326 audit(1770757865.482:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14177 comm="syz.2.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1284.561590][   T28] audit: type=1326 audit(1770757865.482:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14177 comm="syz.2.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1284.585336][T14191] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1474'.
[ 1284.595466][   T28] audit: type=1326 audit(1770757865.482:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14177 comm="syz.2.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1284.619706][   T28] audit: type=1326 audit(1770757865.482:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14177 comm="syz.2.1465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1284.859523][T14196] loop2: detected capacity change from 0 to 2048
[ 1284.871788][T14196] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1285.327846][T14196] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1285.588917][T14172] chnl_net:caif_netlink_parms(): no params data found
[ 1285.756626][T12875] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1285.771138][T11015] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1285.937438][T12260] Bluetooth: hci2: command tx timeout
[ 1286.016771][T14210] loop6: detected capacity change from 0 to 512
[ 1286.136188][T11015] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1286.166869][T14210] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1286.324609][T14210] ext4 filesystem being mounted at /224/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1287.222931][T11015] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1287.563659][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1287.737943][T12260] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[ 1288.173101][T12260] Bluetooth: hci2: command tx timeout
[ 1288.229279][T11015] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1288.318344][T14172] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1288.350407][T14172] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1288.385461][T14172] bridge_slave_0: entered allmulticast mode
[ 1288.415739][T14172] bridge_slave_0: entered promiscuous mode
[ 1288.433892][T14172] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1288.459606][T14172] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1288.487163][T14172] bridge_slave_1: entered allmulticast mode
[ 1288.509460][T14172] bridge_slave_1: entered promiscuous mode
[ 1288.538903][T14246] bridge0: port 3(ip6gretap1) entered blocking state
[ 1288.577056][T14246] bridge0: port 3(ip6gretap1) entered disabled state
[ 1288.594224][T14246] ip6gretap1: entered allmulticast mode
[ 1288.611181][T14246] ip6gretap1: entered promiscuous mode
[ 1288.707933][T14250] loop6: detected capacity change from 0 to 1024
[ 1288.783273][T14172] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1288.810525][T14172] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1288.937397][T14172] team0: Port device team_slave_0 added
[ 1288.966864][T14250] EXT4-fs (loop6): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1289.014025][T14172] team0: Port device team_slave_1 added
[ 1289.048130][T14250] ext4 filesystem being mounted at /226/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1289.090222][T14250] EXT4-fs (loop6): shut down requested (0)
[ 1289.213020][T14263] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1489'.
[ 1289.322332][T14270] loop7: detected capacity change from 0 to 512
[ 1289.435794][T14270] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1289.476495][T14270] ext4 filesystem being mounted at /35/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1289.637586][T14263] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1289.671695][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[ 1290.395079][T12260] Bluetooth: hci2: command tx timeout
[ 1290.452123][T14263] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1290.509717][T14263] bond0 (unregistering): Released all slaves
[ 1290.684756][T14172] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1290.708239][T14172] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1291.096199][T12260] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[ 1291.131177][T13622] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1291.279405][T14172] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1291.343002][T14172] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1291.376176][T14172] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1291.460125][T14172] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1291.792630][T14172] hsr_slave_0: entered promiscuous mode
[ 1291.799411][T14287] loop2: detected capacity change from 0 to 8192
[ 1291.916506][T14172] hsr_slave_1: entered promiscuous mode
[ 1291.960551][T14172] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1292.031235][T14172] Cannot create hsr debugfs directory
[ 1292.391254][T14295] netlink: 'syz.6.1496': attribute type 34 has an invalid length.
[ 1293.323107][ T5782] Bluetooth: hci2: command tx timeout
[ 1294.664161][   T28] audit: type=1326 audit(1770757875.509:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14304 comm="syz.6.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1294.712262][   T28] audit: type=1326 audit(1770757875.509:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14304 comm="syz.6.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1294.776049][   T28] audit: type=1326 audit(1770757875.509:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14304 comm="syz.6.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1294.838024][T14313] loop6: detected capacity change from 0 to 512
[ 1294.859638][   T28] audit: type=1326 audit(1770757875.509:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14304 comm="syz.6.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1294.947475][   T28] audit: type=1326 audit(1770757875.509:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14304 comm="syz.6.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1294.998800][   T28] audit: type=1326 audit(1770757875.509:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14304 comm="syz.6.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1295.008131][T14313] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1295.022729][   T28] audit: type=1326 audit(1770757875.509:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14304 comm="syz.6.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1295.109428][   T28] audit: type=1326 audit(1770757875.509:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14304 comm="syz.6.1498" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcafc39bf79 code=0x7ffc0000
[ 1295.184635][T14313] ext4 filesystem being mounted at /231/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1296.720724][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1297.244721][T14344] loop2: detected capacity change from 0 to 128
[ 1301.403431][T14381] loop2: detected capacity change from 0 to 128
[ 1303.961665][T11015] hsr_slave_0: left promiscuous mode
[ 1304.002539][T11015] hsr_slave_1: left promiscuous mode
[ 1304.038590][T14401] loop2: detected capacity change from 0 to 128
[ 1304.045039][T11015] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1304.058173][T11015] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1304.082930][T11015] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1304.126343][T11015] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1304.316497][T11015] bridge_slave_1: left allmulticast mode
[ 1304.322208][T11015] bridge_slave_1: left promiscuous mode
[ 1304.382857][T11015] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1305.288271][T11015] bridge_slave_0: left allmulticast mode
[ 1305.294113][T11015] bridge_slave_0: left promiscuous mode
[ 1305.378631][T11015] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1305.516412][   T28] audit: type=1326 audit(1770757885.724:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14411 comm="syz.2.1515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1305.586414][   T28] audit: type=1326 audit(1770757885.724:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14411 comm="syz.2.1515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1305.672114][   T28] audit: type=1326 audit(1770757885.724:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14411 comm="syz.2.1515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1305.732418][T11015] veth1_macvtap: left promiscuous mode
[ 1305.757958][   T28] audit: type=1326 audit(1770757885.724:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14411 comm="syz.2.1515" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1305.780516][T11015] veth0_macvtap: left promiscuous mode
[ 1305.789565][T11015] veth1_vlan: left promiscuous mode
[ 1305.794934][T11015] veth0_vlan: left promiscuous mode
[ 1307.948923][ T5847] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[ 1309.211975][ T5847] usb 3-1: config 5 has an invalid interface number: 211 but max is 0
[ 1309.238910][ T5847] usb 3-1: config 5 has no interface number 0
[ 1309.267991][ T5847] usb 3-1: New USB device found, idVendor=813a, idProduct=22fe, bcdDevice=89.9c
[ 1309.285114][ T5847] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1309.293146][ T5847] usb 3-1: Product: syz
[ 1309.323499][ T5847] usb 3-1: Manufacturer: syz
[ 1309.351286][ T5847] usb 3-1: SerialNumber: syz
[ 1309.397243][ T5847] usb 3-1: bad CDC descriptors
[ 1309.403904][ T5847] usb 3-1: bad CDC descriptors
[ 1311.535685][  T787] usb 3-1: USB disconnect, device number 22
[ 1311.714795][T14453] loop2: detected capacity change from 0 to 1024
[ 1311.817705][T14453] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1311.830957][T14453] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1312.162422][T14460] EXT4-fs error (device loop2): ext4_free_blocks:6692: comm syz.2.1524: Freeing blocks not in datazone - block = 0, count = 16
[ 1312.892214][T11001] EXT4-fs error (device loop2): ext4_validate_block_bitmap:439: comm kworker/u4:13: bg 0: block 112: padding at end of block bitmap is not set
[ 1312.967934][T11001] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1313.002997][T11001] EXT4-fs (loop2): This should not happen!! Data will be lost
[ 1313.002997][T11001] 
[ 1313.037589][T11001] EXT4-fs (loop2): Total free blocks count 0
[ 1313.054524][T11001] EXT4-fs (loop2): Free/Dirty block details
[ 1313.212480][T11001] EXT4-fs (loop2): free_blocks=16
[ 1313.284107][T11001] EXT4-fs (loop2): dirty_blocks=64
[ 1313.409347][T11001] EXT4-fs (loop2): Block reservation details
[ 1313.477736][T11001] EXT4-fs (loop2): i_reserved_data_blocks=4
[ 1313.593548][   T12] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 29 with max blocks 31 with error 28
[ 1314.994419][T11015] team0 (unregistering): Port device team_slave_1 removed
[ 1315.294786][T11015] team0 (unregistering): Port device team_slave_0 removed
[ 1315.538809][T11015] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1316.954953][T11015] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1318.978130][T11015] bond0 (unregistering): Released all slaves
[ 1319.025818][T14493] loop7: detected capacity change from 0 to 512
[ 1319.220206][T14493] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1319.294776][T14493] ext4 filesystem being mounted at /44/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1319.663289][T14172] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1320.470218][T14172] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1320.500074][T14172] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1320.671726][T13622] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1320.680599][T14172] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1320.806423][T14517] loop6: detected capacity change from 0 to 1024
[ 1322.011125][ T5782] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[ 1322.692401][T14517] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1323.922819][T14538] netlink: 'syz.7.1536': attribute type 34 has an invalid length.
[ 1323.953096][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1325.399026][T14172] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1325.543670][T14172] 8021q: adding VLAN 0 to HW filter on device team0
[ 1327.293232][T10017] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1327.300461][T10017] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1327.311806][T10017] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1327.319093][T10017] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1327.726063][T11015] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1328.135052][T11015] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1328.258143][T14172] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1328.409352][T11015] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1328.632739][T11015] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1329.622651][ T5782] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[ 1330.500253][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[ 1330.514135][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[ 1332.099011][   T28] audit: type=1326 audit(1770757910.587:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14608 comm="syz.7.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe036b9bf79 code=0x7ffc0000
[ 1332.184529][   T28] audit: type=1326 audit(1770757910.596:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14608 comm="syz.7.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7fe036b9bf79 code=0x7ffc0000
[ 1332.241623][   T28] audit: type=1326 audit(1770757910.596:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14608 comm="syz.7.1543" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe036b9bf79 code=0x7ffc0000
[ 1332.777244][T14172] veth0_vlan: entered promiscuous mode
[ 1332.813414][T14172] veth1_vlan: entered promiscuous mode
[ 1332.943011][T14172] veth0_macvtap: entered promiscuous mode
[ 1332.998081][T14623] netlink: 'syz.7.1546': attribute type 34 has an invalid length.
[ 1333.115217][T14172] veth1_macvtap: entered promiscuous mode
[ 1333.164141][T14172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1333.221417][T14172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1333.263123][T14172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1333.296528][T14172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1333.306436][T14172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1333.381871][T14172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1333.391743][T14172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1333.456638][T14172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1333.500691][T14172] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1333.750156][T14172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1333.785331][T14172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1333.827877][T14172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1333.888246][T14172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1333.920088][T14172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1333.954012][T14172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1334.001419][T14172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1334.052484][T14172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1334.080169][ T5782] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[ 1334.112646][T14172] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1334.628854][T14645] loop6: detected capacity change from 0 to 512
[ 1334.749272][T14633] loop2: detected capacity change from 0 to 8192
[ 1334.817821][T14645] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[ 1334.864887][T14172] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1334.918093][T14645] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[ 1334.964222][T14172] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1334.972986][T14172] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1335.004850][T14645] EXT4-fs error (device loop6): ext4_acquire_dquot:6949: comm syz.6.1551: Failed to acquire dquot type 1
[ 1335.082003][T14172] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1335.106998][T14645] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[ 1335.200202][T14645] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[ 1335.292637][T14645] EXT4-fs error (device loop6): ext4_acquire_dquot:6949: comm syz.6.1551: Failed to acquire dquot type 1
[ 1335.358473][T14645] EXT4-fs error (device loop6): ext4_validate_block_bitmap:439: comm syz.6.1551: bg 0: block 248: padding at end of block bitmap is not set
[ 1335.448216][T14645] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6653: Corrupt filesystem
[ 1335.552459][T14645] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[ 1335.637696][T14645] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[ 1335.695693][T14645] EXT4-fs error (device loop6): ext4_acquire_dquot:6949: comm syz.6.1551: Failed to acquire dquot type 1
[ 1335.814793][T14645] EXT4-fs (loop6): 1 orphan inode deleted
[ 1335.887960][T14645] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1336.102602][T14645] ext4 filesystem being mounted at /244/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1336.498966][T14661] loop7: detected capacity change from 0 to 1024
[ 1336.622950][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1336.654037][T14661] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1336.720230][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1336.748638][T14661] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1336.749032][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1336.882617][T14661] EXT4-fs error (device loop7): ext4_map_blocks:718: inode #15: block 3: comm syz.7.1553: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1337.017239][T14661] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1337.116152][T14661] EXT4-fs (loop7): This should not happen!! Data will be lost
[ 1337.116152][T14661] 
[ 1337.243985][T14670] EXT4-fs error (device loop7): ext4_ext_remove_space:2929: inode #15: comm syz.7.1553: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1337.327650][T14670] EXT4-fs error (device loop7) in ext4_setattr:5663: Corrupt filesystem
[ 1337.342306][T14675] loop2: detected capacity change from 0 to 1024
[ 1337.359694][T14675] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1337.398873][T11001] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1337.445480][T11001] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1337.467409][T14675] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1337.563695][T11001] EXT4-fs error (device loop7): ext4_map_blocks:718: inode #15: comm kworker/u4:13: lblock 0 mapped to illegal pblock 0 (length 1)
[ 1337.597737][T11001] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[ 1337.633873][T14675] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #11: comm syz.2.1555: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[ 1337.695361][T11001] EXT4-fs (loop7): This should not happen!! Data will be lost
[ 1337.695361][T11001] 
[ 1337.767653][T13622] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[ 1337.841636][T14675] EXT4-fs (loop2): Remounting filesystem read-only
[ 1337.849547][T14675] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1338.288878][T11015] hsr_slave_0: left promiscuous mode
[ 1338.345051][T11015] hsr_slave_1: left promiscuous mode
[ 1338.351499][T11015] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1338.383874][T11015] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1338.401906][T12875] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1338.488234][T11015] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1338.536605][T11015] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1338.636073][T11015] bridge_slave_1: left allmulticast mode
[ 1338.673675][T11015] bridge_slave_1: left promiscuous mode
[ 1338.679477][T11015] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1338.752116][T11015] bridge_slave_0: left allmulticast mode
[ 1338.760643][T11015] bridge_slave_0: left promiscuous mode
[ 1338.775942][T11015] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1339.444096][ T5782] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[ 1339.551498][T11015] veth1_macvtap: left promiscuous mode
[ 1339.639365][T11015] veth0_macvtap: left promiscuous mode
[ 1339.666305][T14706] loop7: detected capacity change from 0 to 4096
[ 1339.714000][T11015] veth1_vlan: left promiscuous mode
[ 1339.760725][T11015] veth0_vlan: left promiscuous mode
[ 1339.788847][T14706] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1340.834691][T13622] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1341.164552][T14714] loop6: detected capacity change from 0 to 512
[ 1341.417808][T14714] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1341.454763][T14714] ext4 filesystem being mounted at /247/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1343.728668][T14731] loop2: detected capacity change from 0 to 1024
[ 1344.043970][   T12] hfsplus: b-tree write err: -5, ino 8
[ 1347.787835][T11015] team0 (unregistering): Port device team_slave_1 removed
[ 1348.019109][T11015] team0 (unregistering): Port device team_slave_0 removed
[ 1348.216278][T11015] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1348.359970][T11015] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1349.225789][T12260] Bluetooth: hci1: command 0x0406 tx timeout
[ 1349.814532][   T28] audit: type=1326 audit(1770757927.162:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14739 comm="syz.2.1571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1349.931741][   T28] audit: type=1326 audit(1770757927.265:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14739 comm="syz.2.1571" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff87879bf79 code=0x7ffc0000
[ 1350.030496][T11015] bond0 (unregistering): Released all slaves
[ 1350.481054][ T8783] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1350.598400][T14747] loop5: detected capacity change from 0 to 1024
[ 1350.642611][T14747] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1350.712582][T14747] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1350.736140][T14747] EXT4-fs: Ignoring removed i_version option
[ 1350.772635][T14747] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1350.822374][T14747] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1350.974392][ T5782] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[ 1350.976901][T14172] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1354.117394][   T28] audit: type=1326 audit(1770757931.184:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14775 comm="syz.5.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4173b9bf79 code=0x7ffc0000
[ 1354.217855][   T28] audit: type=1326 audit(1770757931.184:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14775 comm="syz.5.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4173b9bf79 code=0x7ffc0000
[ 1354.290814][T14784] loop2: detected capacity change from 0 to 512
[ 1354.324703][   T28] audit: type=1326 audit(1770757931.222:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14775 comm="syz.5.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f4173b9bf79 code=0x7ffc0000
[ 1354.413172][   T28] audit: type=1326 audit(1770757931.222:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14775 comm="syz.5.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4173b9bf79 code=0x7ffc0000
[ 1354.511674][   T28] audit: type=1326 audit(1770757931.222:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14775 comm="syz.5.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4173b9bf79 code=0x7ffc0000
[ 1354.674372][   T28] audit: type=1326 audit(1770757931.222:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14775 comm="syz.5.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f4173b9bf79 code=0x7ffc0000
[ 1354.720786][T14791] loop5: detected capacity change from 0 to 128
[ 1354.805782][   T28] audit: type=1326 audit(1770757931.222:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14775 comm="syz.5.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4173b9bf79 code=0x7ffc0000
[ 1354.840297][T14784] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1355.898252][T14784] ext4 filesystem being mounted at /83/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1355.909220][   T28] audit: type=1326 audit(1770757931.222:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14775 comm="syz.5.1580" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4173b9bf79 code=0x7ffc0000
[ 1358.373332][T12875] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1360.790319][ T5782] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[ 1361.276433][T14840] xt_hashlimit: size too large, truncated to 1048576
[ 1361.698287][T14848] loop7: detected capacity change from 0 to 1024
[ 1361.793078][T14848] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802c018, mo2=0002]
[ 1361.829279][T14848] System zones: 0-1, 3-8
[ 1361.894977][T14848] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1361.961654][T14848] ext4 filesystem being mounted at /68/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1362.115678][T14848] EXT4-fs error (device loop7): ext4_free_blocks:6692: comm syz.7.1591: Freeing blocks not in datazone - block = 0, count = 16
[ 1362.253065][T13622] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[ 1366.278072][T14885] loop5: detected capacity change from 0 to 1024
[ 1366.631431][T14885] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[ 1366.752986][T14894] loop7: detected capacity change from 0 to 512
[ 1366.834532][T14885] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1366.861348][T14894] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1366.935905][T14894] ext4 filesystem being mounted at /72/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1367.040644][T14885] EXT4-fs error (device loop5): ext4_map_blocks:718: inode #15: block 3: comm syz.5.1599: lblock 3 mapped to illegal pblock 3 (length 3)
[ 1368.045588][T13622] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1368.057001][T14885] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[ 1368.214302][T14852] EXT4-fs error (device loop5): ext4_validate_block_bitmap:439: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set
[ 1368.237381][T14885] EXT4-fs (loop5): This should not happen!! Data will be lost
[ 1368.237381][T14885] 
[ 1368.336122][T14903] EXT4-fs error (device loop5): ext4_ext_remove_space:2929: inode #15: comm syz.5.1599: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[ 1368.546916][T14903] EXT4-fs error (device loop5) in ext4_setattr:5663: Corrupt filesystem
[ 1368.993980][T14172] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[ 1369.180103][T14918] xt_hashlimit: size too large, truncated to 1048576
[ 1370.412863][T14936] loop6: detected capacity change from 0 to 128
[ 1371.399468][T14943] loop5: detected capacity change from 0 to 512
[ 1371.844447][T14943] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1371.888673][T14943] ext4 filesystem being mounted at /11/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1373.945340][T14172] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1374.240842][T14966] netlink: 56 bytes leftover after parsing attributes in process `syz.5.1610'.
[ 1374.930558][T14975] random: crng reseeded on system resumption
[ 1376.399228][T14997] loop5: detected capacity change from 0 to 128
[ 1376.548924][T14999] loop2: detected capacity change from 0 to 512
[ 1377.814621][T14999] ------------[ cut here ]------------
[ 1377.820726][T14999] EA inode 11 i_nlink=2
[ 1377.821009][T14999] WARNING: CPU: 1 PID: 14999 at fs/ext4/xattr.c:1059 ext4_xattr_inode_update_ref+0x53c/0x590
[ 1377.835909][T14999] Modules linked in:
[ 1377.839867][T14999] CPU: 1 PID: 14999 Comm: syz.2.1616 Not tainted syzkaller #0
[ 1377.847879][T14999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1377.858075][T14999] RIP: 0010:ext4_xattr_inode_update_ref+0x53c/0x590
[ 1377.864734][T14999] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 55 ed 98 ff 49 8b 37 48 c7 c7 a0 d4 de 8a 89 da e8 44 86 0a ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 ab fe ff ff e8 0e fb 3d 08
[ 1377.884420][T14999] RSP: 0018:ffffc9000c2472e0 EFLAGS: 00010246
[ 1377.890528][T14999] RAX: 9f1c5cd06dbced00 RBX: 0000000000000002 RCX: 0000000000080000
[ 1377.899097][T14999] RDX: ffffc9000bcc9000 RSI: 0000000000039503 RDI: 0000000000039504
[ 1377.907079][T14999] RBP: ffffc9000c2473d0 R08: ffff8880b8f28c13 R09: 1ffff110171e5182
[ 1377.915224][T14999] R10: dffffc0000000000 R11: ffffed10171e5183 R12: dffffc0000000000
[ 1377.923327][T14999] R13: ffff88807779caa8 R14: ffff88807779c8b0 R15: ffff88807779c900
[ 1377.931369][T14999] FS:  00007ff8796be6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 1377.940352][T14999] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1377.947009][T14999] CR2: 00007fcaf31f6000 CR3: 0000000040379000 CR4: 00000000003506e0
[ 1377.955043][T14999] Call Trace:
[ 1377.958324][T14999]  <TASK>
[ 1377.961268][T14999]  ? ext4_xattr_list_entries+0x3d0/0x3d0
[ 1377.966995][T14999]  ? __ext4_journal_ensure_credits+0x30/0x450
[ 1377.973117][T14999]  ext4_xattr_inode_dec_ref_all+0x9a6/0x1040
[ 1377.979143][T14999]  ? ext4_xattr_delete_inode+0xd10/0xd10
[ 1377.984818][T14999]  ? __ext4_journal_ensure_credits+0x450/0x450
[ 1377.990984][T14999]  ext4_xattr_delete_inode+0xb3e/0xd10
[ 1377.996487][T14999]  ? up_write+0x1c3/0x410
[ 1378.001531][T14999]  ? ext4_expand_extra_isize_ea+0x1e80/0x1e80
[ 1378.007719][T14999]  ext4_evict_inode+0xaaf/0xea0
[ 1378.012593][T14999]  ? _raw_spin_unlock+0x28/0x40
[ 1378.017503][T14999]  ? ext4_inode_is_fast_symlink+0x390/0x390
[ 1378.023421][T14999]  ? do_raw_spin_unlock+0x121/0x230
[ 1378.028688][T14999]  ? ext4_inode_is_fast_symlink+0x390/0x390
[ 1378.034615][T14999]  evict+0x4ca/0x8d0
[ 1378.038575][T14999]  ? proc_nr_inodes+0x230/0x230
[ 1378.043441][T14999]  ? do_raw_spin_unlock+0x121/0x230
[ 1378.048695][T14999]  ? _raw_spin_unlock+0x28/0x40
[ 1378.053558][T14999]  ? iput+0x706/0x920
[ 1378.057559][T14999]  ext4_orphan_cleanup+0xbec/0x1420
[ 1378.062822][T14999]  ? ext4_orphan_del+0xbf0/0xbf0
[ 1378.067800][T14999]  ? ext4_register_li_request+0x183/0x940
[ 1378.073562][T14999]  ? errseq_check_and_advance+0x66/0x120
[ 1378.079275][T14999]  ext4_fill_super+0x5ed3/0x6790
[ 1378.084265][T14999]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 1378.090583][T14999]  ? __might_sleep+0xe0/0xe0
[ 1378.095193][T14999]  ? read_lock_is_recursive+0x20/0x20
[ 1378.100657][T14999]  ? snprintf+0xe9/0x140
[ 1378.104948][T14999]  ? down_read_killable+0x340/0x340
[ 1378.110810][T14999]  ? setup_bdev_super+0x56b/0x660
[ 1378.115956][T14999]  get_tree_bdev+0x3f3/0x520
[ 1378.120565][T14999]  ? vfs_parse_fs_string+0x170/0x170
[ 1378.125968][T14999]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 1378.132233][T14999]  ? setup_bdev_super+0x660/0x660
[ 1378.137292][T14999]  ? apparmor_capable+0x137/0x1a0
[ 1378.142353][T14999]  ? bpf_lsm_capable+0x9/0x10
[ 1378.147119][T14999]  ? security_capable+0x89/0xb0
[ 1378.152025][T14999]  vfs_get_tree+0x8c/0x280
[ 1378.156509][T14999]  do_new_mount+0x24b/0xa40
[ 1378.161035][T14999]  __se_sys_mount+0x2e7/0x3d0
[ 1378.165826][T14999]  ? __x64_sys_mount+0xc0/0xc0
[ 1378.170603][T14999]  ? lockdep_hardirqs_on+0x98/0x150
[ 1378.175860][T14999]  ? __x64_sys_mount+0x20/0xc0
[ 1378.180662][T14999]  do_syscall_64+0x55/0xa0
[ 1378.185089][T14999]  ? clear_bhb_loop+0x40/0x90
[ 1378.189809][T14999]  ? clear_bhb_loop+0x40/0x90
[ 1378.194493][T14999]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1378.200457][T14999] RIP: 0033:0x7ff87879d20a
[ 1378.204891][T14999] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1378.225239][T14999] RSP: 002b:00007ff8796bde58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1378.233897][T14999] RAX: ffffffffffffffda RBX: 00007ff8796bdee0 RCX: 00007ff87879d20a
[ 1378.241909][T14999] RDX: 00002000000009c0 RSI: 0000200000000540 RDI: 00007ff8796bdea0
[ 1378.249895][T14999] RBP: 00002000000009c0 R08: 00007ff8796bdee0 R09: 0000000000800718
[ 1378.257901][T14999] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000540
[ 1378.265906][T14999] R13: 00007ff8796bdea0 R14: 000000000000048d R15: 0000200000000200
[ 1378.273929][T14999]  </TASK>
[ 1378.276978][T14999] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1378.284257][T14999] CPU: 1 PID: 14999 Comm: syz.2.1616 Not tainted syzkaller #0
[ 1378.291713][T14999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[ 1378.301780][T14999] Call Trace:
[ 1378.305069][T14999]  <TASK>
[ 1378.308009][T14999]  dump_stack_lvl+0x18c/0x250
[ 1378.312710][T14999]  ? show_regs_print_info+0x20/0x20
[ 1378.317927][T14999]  ? load_image+0x400/0x400
[ 1378.322446][T14999]  panic+0x2dc/0x730
[ 1378.326352][T14999]  ? bpf_jit_dump+0xd0/0xd0
[ 1378.330883][T14999]  __warn+0x2e0/0x470
[ 1378.334883][T14999]  ? ext4_xattr_inode_update_ref+0x53c/0x590
[ 1378.340885][T14999]  ? ext4_xattr_inode_update_ref+0x53c/0x590
[ 1378.346901][T14999]  report_bug+0x2be/0x4f0
[ 1378.351239][T14999]  ? ext4_xattr_inode_update_ref+0x53c/0x590
[ 1378.357247][T14999]  ? ext4_xattr_inode_update_ref+0x53c/0x590
[ 1378.363256][T14999]  ? ext4_xattr_inode_update_ref+0x53e/0x590
[ 1378.369250][T14999]  handle_bug+0xcf/0x120
[ 1378.373507][T14999]  exc_invalid_op+0x1a/0x50
[ 1378.378015][T14999]  asm_exc_invalid_op+0x1a/0x20
[ 1378.382872][T14999] RIP: 0010:ext4_xattr_inode_update_ref+0x53c/0x590
[ 1378.389472][T14999] Code: 8d 7e 50 4c 89 f8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ff e8 55 ed 98 ff 49 8b 37 48 c7 c7 a0 d4 de 8a 89 da e8 44 86 0a ff <0f> 0b 4c 8b 74 24 08 4c 8b 7c 24 10 e9 ab fe ff ff e8 0e fb 3d 08
[ 1378.409168][T14999] RSP: 0018:ffffc9000c2472e0 EFLAGS: 00010246
[ 1378.415240][T14999] RAX: 9f1c5cd06dbced00 RBX: 0000000000000002 RCX: 0000000000080000
[ 1378.423214][T14999] RDX: ffffc9000bcc9000 RSI: 0000000000039503 RDI: 0000000000039504
[ 1378.431187][T14999] RBP: ffffc9000c2473d0 R08: ffff8880b8f28c13 R09: 1ffff110171e5182
[ 1378.439178][T14999] R10: dffffc0000000000 R11: ffffed10171e5183 R12: dffffc0000000000
[ 1378.447171][T14999] R13: ffff88807779caa8 R14: ffff88807779c8b0 R15: ffff88807779c900
[ 1378.455252][T14999]  ? ext4_xattr_list_entries+0x3d0/0x3d0
[ 1378.460927][T14999]  ? __ext4_journal_ensure_credits+0x30/0x450
[ 1378.467029][T14999]  ext4_xattr_inode_dec_ref_all+0x9a6/0x1040
[ 1378.473071][T14999]  ? ext4_xattr_delete_inode+0xd10/0xd10
[ 1378.478749][T14999]  ? __ext4_journal_ensure_credits+0x450/0x450
[ 1378.484953][T14999]  ext4_xattr_delete_inode+0xb3e/0xd10
[ 1378.490455][T14999]  ? up_write+0x1c3/0x410
[ 1378.494790][T14999]  ? ext4_expand_extra_isize_ea+0x1e80/0x1e80
[ 1378.500887][T14999]  ext4_evict_inode+0xaaf/0xea0
[ 1378.505773][T14999]  ? _raw_spin_unlock+0x28/0x40
[ 1378.510639][T14999]  ? ext4_inode_is_fast_symlink+0x390/0x390
[ 1378.516541][T14999]  ? do_raw_spin_unlock+0x121/0x230
[ 1378.521754][T14999]  ? ext4_inode_is_fast_symlink+0x390/0x390
[ 1378.527673][T14999]  evict+0x4ca/0x8d0
[ 1378.531592][T14999]  ? proc_nr_inodes+0x230/0x230
[ 1378.536467][T14999]  ? do_raw_spin_unlock+0x121/0x230
[ 1378.541682][T14999]  ? _raw_spin_unlock+0x28/0x40
[ 1378.546568][T14999]  ? iput+0x706/0x920
[ 1378.550568][T14999]  ext4_orphan_cleanup+0xbec/0x1420
[ 1378.555800][T14999]  ? ext4_orphan_del+0xbf0/0xbf0
[ 1378.560747][T14999]  ? ext4_register_li_request+0x183/0x940
[ 1378.566475][T14999]  ? errseq_check_and_advance+0x66/0x120
[ 1378.572119][T14999]  ext4_fill_super+0x5ed3/0x6790
[ 1378.577079][T14999]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 1378.583325][T14999]  ? __might_sleep+0xe0/0xe0
[ 1378.587923][T14999]  ? read_lock_is_recursive+0x20/0x20
[ 1378.593292][T14999]  ? snprintf+0xe9/0x140
[ 1378.597543][T14999]  ? down_read_killable+0x340/0x340
[ 1378.602753][T14999]  ? setup_bdev_super+0x56b/0x660
[ 1378.607780][T14999]  get_tree_bdev+0x3f3/0x520
[ 1378.612376][T14999]  ? vfs_parse_fs_string+0x170/0x170
[ 1378.617667][T14999]  ? ext4_parse_test_dummy_encryption+0xb0/0xb0
[ 1378.623930][T14999]  ? setup_bdev_super+0x660/0x660
[ 1378.628958][T14999]  ? apparmor_capable+0x137/0x1a0
[ 1378.633986][T14999]  ? bpf_lsm_capable+0x9/0x10
[ 1378.638680][T14999]  ? security_capable+0x89/0xb0
[ 1378.643549][T14999]  vfs_get_tree+0x8c/0x280
[ 1378.647974][T14999]  do_new_mount+0x24b/0xa40
[ 1378.652592][T14999]  __se_sys_mount+0x2e7/0x3d0
[ 1378.657283][T14999]  ? __x64_sys_mount+0xc0/0xc0
[ 1378.662071][T14999]  ? lockdep_hardirqs_on+0x98/0x150
[ 1378.667283][T14999]  ? __x64_sys_mount+0x20/0xc0
[ 1378.672050][T14999]  do_syscall_64+0x55/0xa0
[ 1378.676476][T14999]  ? clear_bhb_loop+0x40/0x90
[ 1378.681158][T14999]  ? clear_bhb_loop+0x40/0x90
[ 1378.685839][T14999]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1378.691754][T14999] RIP: 0033:0x7ff87879d20a
[ 1378.696174][T14999] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1378.715796][T14999] RSP: 002b:00007ff8796bde58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1378.724248][T14999] RAX: ffffffffffffffda RBX: 00007ff8796bdee0 RCX: 00007ff87879d20a
[ 1378.732238][T14999] RDX: 00002000000009c0 RSI: 0000200000000540 RDI: 00007ff8796bdea0
[ 1378.740213][T14999] RBP: 00002000000009c0 R08: 00007ff8796bdee0 R09: 0000000000800718
[ 1378.748192][T14999] R10: 0000000000800718 R11: 0000000000000246 R12: 0000200000000540
[ 1378.756181][T14999] R13: 00007ff8796bdea0 R14: 000000000000048d R15: 0000200000000200
[ 1378.764182][T14999]  </TASK>
[ 1378.767779][T14999] Kernel Offset: disabled
[ 1378.772300][T14999] Rebooting in 86400 seconds..