last executing test programs:

1m42.462127447s ago: executing program 4:
r0 = socket(0x2, 0x3, 0xff)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @multicast1}, 0x10)
sendmmsg$unix(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000200)='d', 0x1}, {&(0x7f0000000180)="c5cf5a452f8e40ff496f4f89e4308a5ea3413c", 0x13}], 0x2}}, {{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000500)="7dcc2c9d4eaf588822e6a9cc8eec13d9754bb7", 0x13}, {&(0x7f0000000000)=')', 0x1}], 0x2}}], 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x3, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3}]}, &(0x7f0000000080)='GPL\x00', 0x5}, 0x90)

1m41.951192274s ago: executing program 4:
socket$l2tp(0x2, 0x2, 0x73)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x5)
ptrace$peekuser(0x3, 0x0, 0x0)
preadv(r0, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x11, &(0x7f0000000840)={0xa, 0x1c, &(0x7f0000000340)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100000000009500000000000000b7020000000000007b2af8ff00000000b509030000000000dbaaf8fff1000000bf8600000000000007080000f8ffffffbfa400000000000007090000f0ffffffc70200000800000018220000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000004608f1ff76000000bf9800000000000056080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1m40.28082242s ago: executing program 4:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
recvmmsg(r0, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/180, 0xb4}], 0x1}}, {{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000001400)=""/94, 0x5e}], 0x1}}], 0x2, 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000000c0)=0x3, 0x4)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x5)
sendto(r0, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)
dup(0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1008002, &(0x7f0000000080)={[{@grpquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid}, {@i_version}, {@data_ordered}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x6}}, {@barrier_val={'barrier', 0x3d, 0x7}}]}, 0x1, 0x5de, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSlMSoepIkxkCgtLWCI8QBXQxr8ES9erLQgUqChNVo0oSR4MTFejDHx5EH8L5TIxQMnPXnw4smQEDXEk4lrZjtTuu1sS0vbqcznkyx9894O70233763r+/NBlBZA+k/tYg9ETGVRPQmcwtl7ZEVDsw/7+5fH51KH0nU66/9kUSS5eXPT7KvPdnJXRHx0w9J9Lctr3d69vK5scnJiUvZ8dDM+amh6dnLB86eHzszcWbiwsgLI0ePHD5ydPjguq7rSkHeiWvvvt/7yeib33z1TzL87a+jSRyLl7MnLr6OjTIQA43vSbK8qOfoRldWkrbs52TxS5y0l9gg1iR//Toi4onojba49+L1xsevlNo4YFPVk4g6UFGJ+IeKyscB+Xv7pe+Da6WMSoCtcOf4/ATA8vhvn58bjK7G3MDOu0ksntZJImJ9M3PNdkXErZuj107fHL0WmzQPBxSbuxoRTxbFf9KI/77oir5G/Nea4j8dF5zMvqb5r66z/qVTxeIfts58/HetGP/RIv7fWhT/b6+z/oF7yXe6m+K/e72XBAAAAAAAAJV143hEPF/09//awvqfKFj/0xMRxzag/oElx8v//l+7vQHVAAXuHI94qXD9by1f/dvXlqUeaawH6EhOn52cOBgRj0b0R3TsSI+HV6jjwKf9X7YqG8jW/+WPtP5b2VrArB2323c0nzM+NjP2oNcNRNy5GvFU4frfZKH/Twr6//T3wdR91tH/7PWTrcpWj39gs9S/jthX2P/fu2tFsvL9OYYa44GhfFSw3NMffvZdq/rXG/9uMQEPLu3/d64c/33J4vv1TK+9jkOz7fVWZesd/3cmrzduOdOZ5X0wNjNzaTiiMznRluY25Y+svc3wMMrjIY+XNP73P7Py/F/R+L87IuaW/N/Jn817inOP/9vzW6v2GP9DedL4H19T/7/2xMj1vu9b1X9//f/hRl+/P8sx/wfzvsjDtLM5vyAc24uKtrq9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAwqEXErkhqgwvpWm1wMKInIh6LnbXJi9Mzz52++N6F8bSs8fn/tfyTfnvnj5P88//7Fh2PLDk+FBG7I+Lztu7G8eCpi5PjZV88AAAAAAAAAAAAAAAAAAAAbBM9Bfv///5xvuz3trJbB2y69rIbAJSmIP5/LqMdwNbT/0N1iX+oLvEP1SX+obrEP1SX+IfqEv9QXeIfAAAAAAAeKrv33vgliYi5F7sbj1RnVtZRasuAzVYruwFAadziB6rL0h+oLu/xgWSV8q6WJ6125kqmTj3AyQAAAAAAAAAAAABQOfv22P8PVWX/P1SX/f9QXfn+/70ltwPYet7jA7HKTv7C/f+rngUAAAAAAAAAAAAAbKTp2cvnxiYnJy5JvLE9mrGViXq9fiX9Kdgu7fmfJ/Kl8NulPUsS+V6/+zurvN9JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs/8CAAD//wZJJhA=")
syz_emit_ethernet(0x1c6, &(0x7f0000000680)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60e0d2550190210020010000000000000000000000000000ff020000000000000000000000000001000000006400000073"], 0x0)

1m35.836832163s ago: executing program 4:
prlimit64(0x0, 0x9, &(0x7f0000000140)={0x6, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_route(0x10, 0x3, 0x0)
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file1\x00', 0x2000006, &(0x7f0000000880)=ANY=[@ANYBLOB="766f6c756d653d30303030303030303030303030303030303036322c756d61736b3d30303030303030303030303034303030303030303030302c646d6f64653d30303030303030303030303030303030303137373737372c6769643d666f726765742c766f6c756d653d30303030303030303030303030303030313031392c616e63686f723d30303030303030303030303030303030323034382c66696c657365743d30303030303030303030303030303030303030362c6d6f64653d30303030303030303030303030303030303035343334352c6c617374626c6f636b3d30303030303030303030303030303030303030302c0038859abf9acafe05417ea6879a2a113f2bcbd06e1baf0c917665d29112311ca4dc1edb5719a885070eb14d47ba4c5c4e0c66c8273a990a3d84f6331580df748422ee02555c99b3588780e5e4f00a8d6b473effecd7a0f2ff1e03252e14533319dba4d7b10772002ba0eb4b86380df0c33ae1d9b87a19e7c814e3ac2ba39b51b83f5442b5e0abff35ca24d1528baa0d57048c6d947c6dce85ac09b4bdcabbe23511b5da52656c6c4a05f8333cd8b4c1e2a7a2b06d77997437ab"], 0x1, 0xc32, &(0x7f0000000e00)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3ibO34+enp2autxdaV6XZjfK51tV3WfSZSrP3153LdolpfvbfefHeN9ztrsc9HirG/65XtrsXeW5v8mV7ZpfbJsuwnIsV//v3Gsr11rD9157inyrJ/FSm+/k9blz1yp+zpsux3I8WPvt7olT1Ulu09H/XTd8q+eHW22INRAQAAAAAAAAAAAAAAAAAA4EkzmIr400jx3zeWb8/lz+v/D/a9rbzzzb71/je5Va3zP1yt/7/d63tZ/796rsDSdp8KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACPpxRFvB0p5i6upZWh8n1X/UJn5uatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lx9d/377TLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6NjfeVqQ3e86ffJW2z/UAU8ZeR4oXv/TT9cCiiiN2fi4/57uy1g1UnjlWdmBgdqzoy3WnNLJY7L/VORBHR6KvU7J2jBzAWu9KMWCqbXzb4WNm98bnWfOvKdLtxqTW/2FnszM5cSt3Wlv1pRBFnU8RyRKwO3X24wSjizUjxncNr6Z+HIgZ65+GLF8e/euLU9u0o9rCPO1C2szEYsVx81Jht0WE2GIoi/jFS/Oy9o/EvQxG16P7EFyJeL/MHEe9Ed7xT+cU4E/GB0/rYqEUR/1uO/7m19N5QeT3oXVcufK3xlZlrs31le9eVR/7+8CDt8/tJPYr4UXXFX0v/6r9rAAAAAAAAAAAAAAAAgH2kiF+NFC+/fzRV84NvzynuzFxvXG5dme5O6+vN/evNmV5fX19vpG42c07mXMq5nHMl52rOKHL9nM0y6+vrk/n9Us7lnCs5V3PGQK6fs5lzMudSzuWcKzlXc0Yt18/ZzDmZcynncs6VnKs5Y5/M3QMAAAAAAAAAAAAAAAAAAB4vRfVPim9/Yy2tD1XrSw/09q1YD/Sx938BAAD//0zW978=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000040)='./file1\x00', 0x2810880, &(0x7f0000000000)=ANY=[], 0x8b, 0x2a7, &(0x7f0000000180)="$eJzs3U9P1EAYx/HftMuyCGIVjInxYFCiJwN4MV5IDPE1eNGo7JoQNxAVE/Ui8Wx8Ad69+AJ8EZ6MiWc9efIFcKuZ2Vl2yrZbWEIr8ftJFsp2/jzTdtt5miwVgP/WnbWfn27+ti8jxYol3ZYiu+qyGpLO60Lr5eb2xna30x7VUCy15F5GcjXNUJn1zU5eVVvP1fAS+1dDM+F7OB5pmqa/6g4CdWr533Heykia9J/OOCx8ku3E0k7dQdTM7GpXrzRbdxwAgHqZ3vU98tf5GT9/jyJp0V/2w+v/j9M1x3s017Rbdwg1C67/LstKjd2/Z9yqQb7nUji7PupniYftx04em+odWZkJpslmlcPJooslmnqy0e3cWN/qtiO906oXFJuXtKq2z1m9kmgXcrrLaurgrY0w7cYwYcewUhD/XF6n4/dYznw138wDk+ij2nvzv0ZqbPcugmRvT92dGMS/VNTc1rP7rlavVMEoz7pOLmY37MhRxkUZifyWSmNlbxAk2TibubWa2lerN7rlop58O3O5tVZKas3bWp+DWoOjubjmcTMfzD2zoD/6orVg/h/Zrb2o4U9mfiOupD8y+uPJzQ0brmQSvrVzKbfNaLzxYCzv9Vi3NPvi9Zunj7rdzvOqF2wMlXfKQm+hfxD8K/GMt2DPsftXNarpvXnkTdfSoQoPjzRc6J86D9Bg/yRd2mktZyVUbLDTi8u8rTIgVM2ePEwv/wvylSWXItkfyYh5elo2bQtaXM7JDSb3Cp4KWjL+/nxxBjRdnMEdNOe6cl26GrxZknMlOidNjRzrSWLW9F0Puf8PAAAAAAAAAAAAAAAAAABw0lTxbY2gO/6jDwAAAAAAAAAAAAAAAAAAAAAAYyh+/m9Lx/j838z3AHj+L1CPvwEAAP//pAVz+Q==")
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000640)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
writev(r1, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r3, 0x0, r4, 0x0, 0xf3a, 0x0)
splice(r0, 0x0, r4, 0x0, 0x80, 0x0)
write(r4, &(0x7f0000003300)="ac", 0x1)
write(r2, 0x0, 0x0)
r5 = open(&(0x7f00000004c0)='.\x00', 0x0, 0x0)
renameat2(r5, &(0x7f0000000300)='./file0\x00', r5, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r6, &(0x7f0000000140)="d0b4163e96457321d877d01a88fb", 0xe, 0x0, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x8481, 0x0)
r7 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r7)
getsockopt$bt_BT_SECURITY(r7, 0x112, 0x4, &(0x7f0000000440), 0x2)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r9)
sendmsg$NFC_CMD_LLC_GET_PARAMS(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000000f0000000900140073797a320000000008000100", @ANYRES32=0x0, @ANYBLOB="f982a94b2f1223898d9f0e8ffd1d2e1e14886b5aba93b4aae07524fadf29fa5234e4aa43c4c41c7c7733b217c89ecb2ac93b452377b97a285c727579e0a2a8476503df07f1bf7f85e8c81e9856d4a05deb9d8d7a5b68f06128760947d293c93f916561c030770576bde6432514ec21196b8bd48e41edd5947c7a37535706e515a0bafaeee6bef7877ce58e3eac26dca35e20e495498e299adc7b1271d2ce453b561a2c38677058e917ac0af5d662d9e2991d660831502fea52bee7c1f49242bdc70725a38b1c222ac0750f33534183ebdd290e653200ef3bd356efe63f4cc887a0a1b0d539528ff3a49e2ffe0bbeb3c50e26ba59d0d2cd65943a6336779c"], 0x28}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r11, 0x1, 0x1a, &(0x7f0000000080)={0x2, &(0x7f0000000000)=[{0x30, 0x0, 0x0, 0xfffff010}, {0x16}]}, 0x10)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="10000200040000000000000008000000"], 0x10}}, 0x0)

1m30.513751686s ago: executing program 4:
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x2a, 0x4, 0x0, 0x0, 0xa8, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x1, [{@private=0xa010100}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x8, [{@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @rr={0x7, 0xf, 0x0, [@dev, @multicast1, @private]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
write$cgroup_int(r3, &(0x7f0000000540)=0x4, 0x12)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000961f1b70b2564900000000140000001400000002000000000000000100000d00000006000000"], &(0x7f0000000f40)=""/4096, 0x2e, 0x1000, 0x1}, 0x20)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000280)={0x7e, 0x0, &(0x7f00000003c0)=[@exit_looper, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x58, 0x18, &(0x7f00000000c0)={@fda={0x66646185, 0x6, 0x1, 0x21}, @fda={0x66646185, 0x0, 0x2, 0x14}, @fd={0x66642a85, 0x0, r2}}, &(0x7f0000000180)={0x0, 0x20, 0x40}}}, @clear_death={0x400c630f, 0x2}, @acquire_done={0x40106309, 0x1}], 0xc5, 0x0, &(0x7f0000000440)="7a4bcdd1e59c4cbbe7c5e0df95fddfae78b373d4c42cc8fd1d053354d664b23d64ba791008332355ba28ba536db85200002855f17c0282f76d9827c734846f4961eb58f4ee5d74e18103111f97a7fdeeee2909dfd5f72d4fa09084a7d24c4d69b1f849cee71c46a504d6a0108e7e9e52e7dccb2962c81552de4b1cceb25caec90380d54e4b494ad9ba7ec6566d679259b6fa598b65d76a7522b770843f34d80adda40a554fa9ad43356f06de1214bed18b8b7d5bbdfda5155125345c453e8d88d3a61e09fa"})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

34.906980673s ago: executing program 4:
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
recvmmsg(r0, &(0x7f0000001840)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/180, 0xb4}], 0x1}}], 0x1, 0x0, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000000c0)=0x3, 0x4)
ioctl$int_in(r0, 0x5452, &(0x7f0000000100)=0x5)
sendto(r0, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)
dup(0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1008002, &(0x7f0000000080)={[{@grpquota}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid}, {@i_version}, {@data_ordered}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x6}}, {@barrier_val={'barrier', 0x3d, 0x7}}]}, 0x1, 0x5de, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSlMSoepIkxkCgtLWCI8QBXQxr8ES9erLQgUqChNVo0oSR4MTFejDHx5EH8L5TIxQMnPXnw4smQEDXEk4lrZjtTuu1sS0vbqcznkyx9894O70233763r+/NBlBZA+k/tYg9ETGVRPQmcwtl7ZEVDsw/7+5fH51KH0nU66/9kUSS5eXPT7KvPdnJXRHx0w9J9Lctr3d69vK5scnJiUvZ8dDM+amh6dnLB86eHzszcWbiwsgLI0ePHD5ydPjguq7rSkHeiWvvvt/7yeib33z1TzL87a+jSRyLl7MnLr6OjTIQA43vSbK8qOfoRldWkrbs52TxS5y0l9gg1iR//Toi4onojba49+L1xsevlNo4YFPVk4g6UFGJ+IeKyscB+Xv7pe+Da6WMSoCtcOf4/ATA8vhvn58bjK7G3MDOu0ksntZJImJ9M3PNdkXErZuj107fHL0WmzQPBxSbuxoRTxbFf9KI/77oir5G/Nea4j8dF5zMvqb5r66z/qVTxeIfts58/HetGP/RIv7fWhT/b6+z/oF7yXe6m+K/e72XBAAAAAAAAJV143hEPF/09//awvqfKFj/0xMRxzag/oElx8v//l+7vQHVAAXuHI94qXD9by1f/dvXlqUeaawH6EhOn52cOBgRj0b0R3TsSI+HV6jjwKf9X7YqG8jW/+WPtP5b2VrArB2323c0nzM+NjP2oNcNRNy5GvFU4frfZKH/Twr6//T3wdR91tH/7PWTrcpWj39gs9S/jthX2P/fu2tFsvL9OYYa44GhfFSw3NMffvZdq/rXG/9uMQEPLu3/d64c/33J4vv1TK+9jkOz7fVWZesd/3cmrzduOdOZ5X0wNjNzaTiiMznRluY25Y+svc3wMMrjIY+XNP73P7Py/F/R+L87IuaW/N/Jn817inOP/9vzW6v2GP9DedL4H19T/7/2xMj1vu9b1X9//f/hRl+/P8sx/wfzvsjDtLM5vyAc24uKtrq9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAwqEXErkhqgwvpWm1wMKInIh6LnbXJi9Mzz52++N6F8bSs8fn/tfyTfnvnj5P88//7Fh2PLDk+FBG7I+Lztu7G8eCpi5PjZV88AAAAAAAAAAAAAAAAAAAAbBM9Bfv///5xvuz3trJbB2y69rIbAJSmIP5/LqMdwNbT/0N1iX+oLvEP1SX+obrEP1SX+IfqEv9QXeIfAAAAAAAeKrv33vgliYi5F7sbj1RnVtZRasuAzVYruwFAadziB6rL0h+oLu/xgWSV8q6WJ6125kqmTj3AyQAAAAAAAAAAAABQOfv22P8PVWX/P1SX/f9QXfn+/70ltwPYet7jA7HKTv7C/f+rngUAAAAAAAAAAAAAbKTp2cvnxiYnJy5JvLE9mrGViXq9fiX9Kdgu7fmfJ/Kl8NulPUsS+V6/+zurvN9JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs/8CAAD//wZJJhA=")
syz_emit_ethernet(0x1c6, &(0x7f0000000680)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000086dd60e0d2550190210020010000000000000000000000000000ff020000000000000000000000000001000000006400000073"], 0x0)

13.259670575s ago: executing program 3:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000ff0000000000000000004700000000000000a60000001000000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x10400, 0x0)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_CAP_X2APIC_API(r4, 0x4068aea3, &(0x7f00000004c0)={0x81, 0x0, 0x2})
ioctl$KVM_SET_IRQCHIP(r4, 0x4020aea5, &(0x7f0000000280)={0x0, 0xff00, @ioapic={0x0, 0x0, 0x0, 0x0, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}})
mprotect(&(0x7f0000ff7000/0x1000)=nil, 0x1000, 0x2000003)
unshare(0x22020600)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000100000000000000000000b7080000000000007b8af8ff00000000b7080000fffeffff7b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000082000000b705000008000000000000000500000095"], &(0x7f0000000300)='GPL\x00', 0x9, 0xff6, &(0x7f0000001e00)=""/4086}, 0x90)
ioctl$PPPIOCATTACH(r1, 0x4004743d, &(0x7f0000000080)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000800)='ext4_ext_show_extent\x00', r0}, 0xa)
syz_mount_image$ext4(&(0x7f0000000000)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000000540)=""/239, 0xef)
getdents64(r5, 0x0, 0x110)
ioctl$DRM_IOCTL_ADD_CTX(r5, 0xc0086420, &(0x7f00000007c0))
r6 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000003c0)=0xffffffffffffffff, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0x14, &(0x7f0000000200)=ANY=[@ANYBLOB="05c5010078a355fa1857000006000000000000000000000018400000ffffffff0000000000000000005e8000080000005210100000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70202000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a5000000"], &(0x7f00000000c0)='GPL\x00', 0xade, 0xd4, &(0x7f0000000500)=""/212, 0x40f00, 0x24, '\x00', 0x0, 0x25, r6, 0x8, &(0x7f0000000600)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000000640)={0x3, 0x5, 0x7, 0x100}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000680)=[r2, r2], &(0x7f00000006c0)=[{0x5, 0x4, 0xf}, {0x5, 0x2, 0x10, 0xc}], 0x10, 0x800}, 0x90)

12.866012641s ago: executing program 2:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/uevent_helper', 0x202, 0x0)
bpf$BPF_PROG_QUERY(0x1d, &(0x7f0000000040)={@cgroup, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22000406, &(0x7f0000000180)={[{@dioread_lock}, {@noblock_validity}, {@abort}, {@auto_da_alloc}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x485, &(0x7f0000000dc0)="$eJzs3M9vFFUcAPDvTH8gP1sQf/BDWUVjI9rSgsrBgxpNuJiY6EGPtVSCFDC0JkKIoDF4NP4F6tHExJMXT3ox6knjVe/GhBguoAetmdkZut3dlu222wX380m2fW/mzb73nZnXfTOvswH0rEpE/JtEbImIXyNiKCKS+gKV6q/rVy9M/XX1wlQS8/Mv/5nk5a5dvTBVFi2321xkRtKI9IMk9jSpd/bc+ZOTMzPTZ4v82Nypt8Zmz51//MSpyePTx6dPTxw5cvjQ+FNPTjyxJnFmcV3b/e6ZvbuOvvbxi1Pz8foPX2Tt3VKsr42janjVdVaiEvOFhaWD+c+HV/3ut5atNemkv4sNYUX6IiI7XAN5/x+Kvlg4eEPxwvtdbRzQUdln0/aGpX3F7/TG5xfwf5To49Cjyk/87Pq3fK3n+KPbrjyb/ZzO479evKpr+iPNrmWHq1fsfR2qf0tEvHrp70+yVzS9DwEAsLa+ycY/jzUb/6Vxd025bcUcynBEHIiIHRFxZ0TsjIi7IvKy90TEvSusv1KXbxz//LyxrcBalI3/ni7mthaP/9KiRHIjtzWPfyB548TM9MFin4zEwIYsP75MHd8+/8tHS62r1Iz/sldWfzkWLNrxR/+Gxdscm5ybXEXIi1x5L2J3f7P4kxszAdke2BURu9t4/2yfnXj0871ZetvmxvU3j38ZazDPNP9ZxCPV438p6uIvJdWalpqfHLsjZqYPjpVnRaMff7r8Um1+oCZdH/96z51lx39T0/O/iL/sBuV87ezK67j824dLXtM0Hv8kWjn/B5NX8vRgseydybm5s+MRg8WCRcsnFrYt82X5LP6R/c37/46Ifz4tttsTEdlJfF9E3B8R+4q2PxARD0bE/mXi//65h95cfg+1ef6vgSz+Y8sd/4jhpHa+vo1E38nvvl6q/tb+/h3OUyPFklb+/rXawNXsOwAAALhdpPkcdJKOlumam1M7Y1M6c2Z27kAl3j59rDpXPRwDaXmna6jmfuh4cW+4zE/U5Q9FxPb8P4025vnRqTMzW7sZOJA/q7Oo/0eajo5W1/3eqX96AW4dK5pzqn068Muv1r4xwLryvCb0Lv0fepf+D71L/4fe1az/X4y43oWmAOvM5z/0Lv0fepf+D71L/4ee1PhIfPl1K+086b+Q2HF0VZv3UKKvQ+8ctV/a0YFEpF3fde0n0puWeSY63ox9RWJDRLS61cWOHtP68wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD2918AAAD//ypP4wc=")
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000380)=""/115, 0x73}, {&(0x7f00000016c0)=""/4110, 0x100e}, {&(0x7f0000000680)=""/23, 0x17}, {&(0x7f0000000540)=""/164, 0xa4}], 0x4}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000000)='ext4_fallocate_exit\x00', r0}, 0x10)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x4c37e, 0x0)
fallocate(r4, 0x0, 0x0, 0x9000f4)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)

11.474158518s ago: executing program 2:
r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000001500), 0x2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000001540)={0x3})
quotactl_fd$Q_QUOTAOFF(r0, 0xffffffff80000302, 0xee00, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x2010880, &(0x7f00000068c0)=ANY=[], 0x5, 0x6130, &(0x7f0000000780)="$eJzs3b2PHGcdB/Dfvt5LiHNKEQULoYsTXkKIX4MxBEhSQEGTArlFti6XyMIBZBvkRBY+dA0FFX8BCIkSIUpEwR+QgpaOiopINhIoFYPm7nl8s+td75nz7ezd8/lI65nfPLO7z9x3Z1+8M/sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDf/c73znUi4spP04K1iE9FL6IbsVLX6xGxsr6W1+9HxPOx0xzPRcRgKaK+/s4/z0S8FhEfnYi4d//ORr34/D778e0//O2333/q7b/+fnDmP3+81Xt92nq3b//y33+6e7BtBgAAgNJUVVV10sf8k+nzfbftTgEAc5Ff/6skL1+YuntIt/+rf7z950XYPrVarVar51g3VZPdbRYRsdW8Tv2ewdfxAHDEbMUnbXeBFsm/aP2IeKrtTgALrdN2BzgU9+7f2eikfDvN14P13fZ8LMhI/ludB+d3TJvOMn6MybweX9vRi2en9GdlTn1YJDn/7nj+V3bbh2m9w85/XqblP9w99ak4Of/eeP5jjk/+3Yn5lyrn33+s/HvyBwAAAACABZb//3+t5e9/lw6+KfvyqO9/1+fUBwAAAAAAAAB40g46/t8Dxv8DAACAhVV/Vq/9+sTesmm/xVYvv9yJeHpsfaAw6WSZ1bb7AQAAAAAAAAAAAAAl6e8ew3u5EzGIiKdXV6uqqi9N4/XjOuj1j7rStx9K1vaTPAAA7ProxNi5/J2I5Yi4nH7rb7C6ulpVyyur1Wq1spTfzw6XlquVxufaPK2XLQ338Ya4P6zqG1tuXK9p1uflWe3jt1ff17Dq7aNjT8gg/TWnNLcUNgAku69G97wiHTNV9cy0Nx8wwv5//Nj/2Y+2H6cAAADA4auqquqkn/M+mb7z77bdKQBgLvLr//j3AodSRxzu7avVarVarX5k3VRNdrdZRMRW8zr1ewbD8QPAEbMVn7TdBVok/6L1I+L5tjsBLLRO2x3gUNy7f2ejk/LtNF8P0vju+ViQkfy3OjvXy9efNJ1l/BiTeT2+tqMXz07pz3Nz6sMiyfl3x/O/sts+TOsddv7zMi3/ejvXWuhP23L+vfH8xxyf/LsT8y9Vzr//WPn35A8AAAAAAAss////mu9/8yYDAAAAAAAAwJFz7/6djXzea/7+/zMT1nP+5/GU8+/Iv0g5/+5Y/l8cW6/XmP/4rb38/3X/zsbvbv3z03m63/yX8kwnPbI66RHRSffU6afpQbbuYduD3rC+p0Gn2+unY36qwbtxLa7HZpwdWbeb/h577edG2uueDkbaz4+09x9qvzDSPki/O1Ct5PbTsRE/iuvxzk573bY0Y/uXZ7RXM9pz/j37f5Fy/v3Gpc5/NbV3xqbR2DWb+31zOul+3rz22V+cPeRt2Y/t6D3YtqZ6+0610J+dv8lTw/jJzc0bp29fvXXrxrlIk5Gl5yNNnrCc/2DnsrT3/P/ibnt+3m/urx//fPjQ8/6s/BfFdvSn5v9iY77e3pfn3Lc25PyH6ZLzfye1T9r/j3b+0/f/V1roDwAAAAAAAAAAAAAAADxKVVU7p4i+GREX0/k/bZ2bCQDMV379r5K8XK1Wq9Vq9fGrm6rJ3mgWEfGX5nXq9ww/m3RjAMAi+29E/L3tTtAa+Rcs/95fPX2p7c4Ac3Xzgw9/cPX69c0bN9vuCQAAAAAAAADw/8rjf643xn9+KSLWxtYbGf/1rVg/6Pif/TzzYIDRJzzQ9xTb3WGv2xhu/IXYGZ/79LTxv0/Fo8f/7s+4v8GM9uGM9qUZ7csTl+6lNfFEj4ac/wuN8c7r/E+ODb9ewviv42PelyDnf6rxeK7z/8LYes38q98sXP5b+11xO7oj+Z+59f6Pz9z84MNXr71/9b3N9zZ/eOHcubMXLl68dOnSmXevXd88u/vv4fR6AeT889jXjgMtS84/Zy7/suT8P5dq+Zcl5//5VMu/LDn//H5P/mXJ+efPPvIvS87/5VTLvyw5/y+lWv5lyfm/kmr5lyXn/+VUy78sOf9XUy3/suT8T6da/mXJ+Z9J9T7y9/Pwx0jOP3/DZf8vS84/H9kg/7Lk/M+nWv5lyflfSLX8y5Lzfy3V8i9Lzv8rqZZ/WXL+F1Mt/7Lk/L+aavmXJed/KdXyL0vO/2upln9Zcv5fT7X8y5Lzfz3V8i9Lzv8bqZZ/WXL+30y1/MuS8/9WquVflpz/G6mWf1n2fv/fjBkzZvJM289MAAAAAAAAAAAAAMC4eRxO3PY2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9iBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuNUaus74f+Jm92GuHEAMhOPkbsnaMMc6SXV/iC/+6mHBtgFIgodALtutdmwXf8NolUCSbBkokHBVVVE1ftAUUtZGqCqviBa1SmhdVL6+a9gV9U1FVQmpUBRSQkNqKZquZ8zzPzszOzuza483seT4fKfnZM2fmnDnzzOx+N/nuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLOtb5v5Uq0oivo/jX9tKoqX1f+8YXxT47I3v9RHCAAAANyo/238+4Xb0gVHlnGjpm3+7nX/+K35+fn54iPDvzv61fn5dMV4UYyuL4rGddG1f/9orXmb4NFirDbU9PehHrsf7nH9SI/rR3tcv67H9et7XD/W4/pFJ2CRDeXPYxp3tr3xx03lKS1uL0Yb123vcKtHa+uHhuLPchpqjdvMj54sZovTxUwx1bJ9uW2tsf3TW+v7encR9zXUtK8t9RXyo8+diMdQC+d4e8u+Fu4z+sFbi/Ef/+hzJ/744vN3dpo9T0PL/ZXHuXNb/Ti/EC4pj7VWrE/nJB7nUNNxbunwnAy3HGetcbv6n9uP84VlHufwwmGuqvbnfKwYavz52cZ5Gmn+sV46T1vCZf91T1EUVxYOu32bRfsqhoqNLZcMLTw/Y+WKrN9HfSm9shhZ0Trduox1Wp/T21vXaftrIj7/W8PtRpY4huan6QefX7foeV/pOo3qj3qp10r7Guz3a2VQ1mBcF882HvRjHdfg9vD4P7dj6TXYce10WIPpcTetwW291uDQuuHGMacnoda4zcIa3N2y/XBjT7XGfG5H9zU4efHM+cm5z3z2TbNnjp+aOTVzdu/u3VN79+8/ePDg5MnZ0zNT5b+v82wPvo3FUHoNbAvnLr4G3tC2bfNSnf96/16HY11eh5vatu3363Ck/cHVVucFuXhNl6+Nh+onfezqULHEa6zx/Oy68ddhetxNr8ORptdhx68pHV6HI8t4Hda3Ob9red+zjDT90+kYbtbXgk1Na7D9+5H2Ndjv70cGZQ2OhXXxr7uW/lqwJRzvYxMr/X5keNEaTA83vPfUL0nf748dbIxO6/Ku+hW3rCsuzc1cuO+R4xcvXthdhLEqXtW0VtrX68amx1QsWq9DK16vR2Zf99hdHS7fFM7V2Jvq/xpb8rmqb7Pvvu7PVeOrW+fz2XLpniKMPlvt89npq3n9fKYs2eV81rf5wuSNfy+ecmnT++/oEu+/Mfe/WO4v3dWjw6Mj5et3OJ2d0Zb349anaqTx3lVr7PuFyeW9H4+Gf1b7/fj2Lu/Hm9u27ff78Wj7g4vvx7VeP+1YdDgr0v58joV1cnqq+/txfZvNe1a6Jke6vh/fE2YtnP83hqSQclHT2llq3aZ9jYyMhsc1EvfQuk73tmw/GrJZfV9P7bm+dbrznvK+htOjW7Ba63S8bdt+r9P0frXUOq1d91Lsqv35HAvr4va93ddpfZtn9t34e+eG+Mem9851vdbg6PC6+jGPpkVYvt/Pb4hr8L7iRHGuOF1MN65d11hPtca+Ju5f3hpcF/5ZyXtl0eH5X+ka3NxlDe5s27bfazB9HVtq7dVGFj/4Pmh/PsfCunji/u5rsL7N2w/093vXneGStE3T967tP19b6mded7Wdppv5M6/6cf7Nge4/m61vc/rgSnNm9/N0b7jklg7nqf31u9RrarpYnfO0ORzn8weXPk/146lv89VDy1xPR4qiuPypBxo/7w3/feXPL333Wy3/3aXTf9O5/KkHfnjryb9dyfEDsPa9WI6N5de6pv8ytZz//g8AAACsCTH3D4WZyP8AAABQGTH3x/8rPJH/AQAAoDJi7h8JM8kk/29++/OzL14uUjN/PojXp9PwYLld7LhOhb+Pzy+oX/7AkzM/+cvLy9v3UFEUP33wNzpuv/nBeFyl8XCc197RevniG15e1v6PPbywXXN//Wvh/uPjWe4y6FTBnSqK4unbHm/sZ/yjVxvzmQePNeYHrzz2aH2bFw6Vf4+3f+5V5fZ/EMq/R04eb7n9c+E8fD/Mqfd0Ph/xdt+8+sYtBz68sL94u9q2lzce9hMfK+83/p6crzxabh/P81LH/1dffuqb9e0feX3n47881Pn4nwr3+2SY//3acvvm56D+93i7L4bjj/uLt7vvG9/pePzXvlRuf/6d5XbHwoz73xn+vv2dz882n69HasdbHlfxrnK7uP+p7/524/p4f/H+249/7OjVlvPRvj6e+efyfibbto+Xx/1Ef9G2//r9NK/PuP+nfutYy3nutf9rH3zutfX7bd//vW3bDbfdvv03Nv3hFx/vuL94PEf+7HzL4znygfA6Dvt/4mNhPYbr/+fa4y37jY59oPX9J27/tU2XWx5P9O4fl/u/9pZTjfkf4z/5/VteduvLr9xdP3dF8eyHyvvrtf9Tf3Su5fi/fseuxvMRr48d/fb9LyXu/8KnJ86em7s0O910Vhu/O+e95fGsH9uwsX68t4X31va/Hz138eMzF8anxqeKYry6v0Lvun0jzB+W48pKb7/r4fB83vV7T2/c8U9fjpf/y0Pl5VffU37dekPY7ivh8k3l8zdfu8H9P7H1jsbru/ZM+feWHnsfbNn+nweXtWF4/O3fF8T1fv7VH2+ch/p1ja8b8XV9g8f/venyfr4dzut8+M3M2+5Y2F/z9vF3I1z9UPl6v+HzF97m4vP6J+H5ft/3y/uPxxUf7/fC9zHf2dz6fhfXx7cvD7Xff+O3eFwJ7yfFlfL6uFU831dfuKPj4cXfQ1JcubPx999J93Pnih7mUuY+Mzd5evbspUcmL87MXZyc+8xnj545d+nsxaON3+V59BO9br/w/rSx8f40PbN/XzG1oSiKc8XUKrxh3Zzjr/9pecd//uET0wemdkzPnDx+6eTFh8/PXDh1Ym7uxMz03I7jJ0/OfLrX7WenD+/ec2jvgT0Tp2anDx88dGjvoYnZs+fqh1EeVA/7pz45cfbC0cZN5g7vO7T7/vv3TU2cOTc9c/jA1NTEpV63b3xtmqjf+tcnLsycPn5x9szMxNzsZ2cO7z60f/+enr8N8Mz5k3PjkxcunZ28NDdzYbJ8LOMXGxfXv/b1uj3VNPdv5fez7WrlL+Ir3n/v/vT7Weue/PySd1Vu0vYLRJ8Pv4vmH15x/uBy/h5z/2iYSSb5HwAAAHIQc/+6MBP5HwAAACoj5v71YSbyPwAAAFRGzP1jYSaZ5H/9f/3/5fX/y+v1//Pq/5//VNkrXev9/9if1//Pw0vc/7/h/ev/6/9Xr/+//P78Wj9+/X/9fxYbtP5/zP0biiLL/A8AAAA5iLl/Y5iJ/A8AAACVEXP/LWEm8j8AAABURsz9LwszyST/6/8vq/+/p1fhqvr9f5//r/9frM3+f3xy9P+zseL+/Ycfavmr/n+g/6//r/+v/6//zw0bXfKal6r/H3P/rWEmmeR/AAAAyEHM/S8PM5H/AQAAoDJi7r8tzET+BwAAgMqIuX9TmEkm+V//3+f/6//r/1e6/3+jn//fdDD6/2uDz//vrkP//+6OG+r/r7D/P6b/vxb7/6P9Pf7B7v/3PHz9f26KQfv8/5j7XxFmkkn+BwAAgBzE3P/KMBP5HwAAACoj5v5XhZnI/wAAAFAZMfffHmaSSf7X/9f/1//X/9f/77z/3p//X/5J/3+w6P935/P/e/D5/3n1//t8/IPd/+/35/+PvqP99vr/dDJo/f+Y+18dZpJJ/gcAAIAcxNx/R5iJ/A8AAACVEXP/a8JM5H8AAACojJj7N4eZZJL/9f/1//X/9f/1/zvvv3f/v6T/P1j0/7vrd/9/uO1y/f+S/r/+f+X7/x2++dX/p5NB6//H3H9nmEkm+R8AAAByEHP/XWEm8j8AAABURsz9/y/MRP4HAACAyoi5f0uYSSb5X/9f/1//P6/+/73r9P/1/6tN/787n//fg/6//r/+/zI//3+xlfT/1/e6Mypj0Pr/Mfe/Nswkk/wPAAAAOYi5/3VhJvI/AAAAVEbM/XeHmcj/AAAAUBkx94+HmWSS//X/q9X//9O/fuLuQv9f/7/H/iva/4/LQP8/c/r/3en/96D/r/+v/78q/X/yMWj9/5j7t4aZZJL/AQAAIAcx928LM5H/AQAAoDJi7r8nzET+BwAAgMqIuX97mEkm+V//v1r9/0j/X/+/2/4r2v9P9P/zpv/fQdOLVP+/B/1//f/s+//xu1/9f/pj0Pr/Mfe/Pswkk/wPAAAAOYi5f0eYifwPAAAAlRFz/xvCTOR/AAAAqIyY+3eGmWSS//X/9f/1//X/9f8771//f23S/+9O/78H/X/9/+z7/z7/n/4atP5/zP1vDDPJJP8DAABADmLu3xVmIv8DAABAZcT/f7P8/17lfwAAAKiimPsnwkwyyf/6//r/OfX/a/r/+v/6/5Wn/9+d/n8P+v/6//r/+v/01aD1/2Puf1OYSSb5HwAAAHIQc/99YSbyPwAAAFRGzP2TYSbyPwAAAFRGzP1TYSaZ5H/9f/3/nPr/Pv+/pf8/VhT6//r/1aP/353+fw/6//r/Vev/F4X+Py+pQev/x9y/O8wkk/wPAAAAOYi5f0+YifwPAAAAlRFz/94wE/kfAAAAKiPm/n1hJpnkf/1//X/9/2z7/z7/X/+/kvT/u9P/70H/X/+/av1/n//PS2zQ+v8x998fZpJJ/gcAAIAcxNy/P8xE/gcAAIDKiLn/QJiJ/A8AAACVEXP/wTCTTPK//n9F+v+/+fct+9b/1//vtv/+9P836P+Hqf8/WCra/29/WVw3/f8e9P/1//X/9f/pq0Hr/8fcfyjMJJP8DwAAADmIuf/NYSbyPwAAAFRGzP3/P8xE/gcAAIDKiLn/Z8JMMsn/+v8V6f+30f/X/++2f5//r/9fZRXt//eN/n8P+v/6//r/+v/01c3v/8c/La//H3P/4TCTTPI/AAAA5CDm/p8NM5H/AQAAoDJi7n9LmIn8DwAAAJURc/+RMJNM8r/+v/6//r/+/83p/7+laDeI/f/64tH/rxb9/+70/3vQ/9f/1//X/6evBu3z/2Puf2uYSSb5HwAAAHIQc/8DYSbyPwAAAFRGzP1vCzOR/wEAAKAyYu5/e5hJJvlf/1//X/9f/9/n/3fev/7/2qT/353+fw/6//r/+v/6//TVoPX/Y+5/R5hJJvkfAAAAchBz/zvDTOR/AAAAqIyY+98VZiL/AwAAQGXE3P/uMJNM8r/+v/6//r/+v/5/5/3r/69N+v/d6f/3oP+v/6//r/9PXw1a/z/m/p8LM8kk/wMAAEAOYu5/MMxE/gcAAIDKiLn/PWEm8j8AAABURsz97w0zyST/6//r/+v/6//r/3fev/7/2qT/353+fw8D0P+vf03T/1+bx6//r//PYoPW/4+5/31hJpnkfwAAAMhBzP0/H2Yi/wMAAEBlxNz//jAT+R8AAAAqI+b+XwgzyST/6//r/+v/6/9n0f+v30j/Pwv6/93p//fQof+/3uf/6//r/+v/c90Grf8fc/8Hwkwyyf8AAACQg5j7PxhmIv8DAABAZcTc/6EwE/kfAAAAKiPm/ofCTDLJ//r/Wfb/00PW/y/p/2fQ//f5/9nQ/+9O/7+HAfj8f/3/tXv8+v/6/yw2aP3/mPsfDjPJJP8DAABADmLu/3CYifwPAAAAlRFz/y+Gmcj/AAAAUBkx938kzCST/K//n2X/3+f/r1r/f6RlfeTU/x9rej7TutT/1/9fBfr/3en/96D/r/8/yP3/sJo3LHF7/X8G0aD1/2Pu/2iYSSb5HwAAAHIQc/8vhZnI/wAAAFAZMff/cpiJ/A8AAACVEXP/r4SZZJL/9f/1//X/ff6/z//vvH/9/7VJ/787/f8e9P/1/we5/9+D/j+DaND6/zH3/2qYSSb5HwAAAHIQc//HwkzkfwAAAKiMmPuPhpnI/wAAAFAZMfcfCzPJJP/r/7f3/+Mnqvah/18raoX+v/6//v/CutT/1/9fBf3r/7/m1qLQ/9f/1//X/9f/1//nRgxa/z/m/uNhJpnkfwAAAMhBzP2/FmYi/wMAAEBlxNx/IsxE/gcAAIDKiLl/Oswkk/yv/+/z//vV//+p/r/+f6D/35n+/+rw+f/d6f/3oP+v/6//r/9PXw1a/z/m/pkwk0zyPwAAAFRY+nFwzP0nw0zkfwAAAKiMmPtPhZnI/wAAAFAZMfd/PMwkk/yv/78K/f8N4YKK9/8L/f8V9P9HWrbX/y/p/+v/94P+f3f6/z3o/+v/6//r/9NXg9b/j7l/Nswkk/wPAAAAOYi5/xNhJvI/AAAAVEbM/Z8MM5H/AQAAoDJi7j8dZpJJ/tf/9/n/uff/a0Vxxef/6/932r/+/9qk/9+d/n8P+v/6//r/+v/01aD1/2PuPxNmkkn+BwAAgBzE3H82zET+BwAAgMqIuf9cmIn8DwAA/8fefTTZdVZ7HD522ZY0uvcb3Du+ozuEEV+BCQNmVHlMlQGTgzE5g8k5mJxzTibnnLPJOZpgDFWi3L3Wslp9tLctHXXv/a7nmSxa5eaclpqGP6pfbYBh5O6/Km5psv/1//r/7v3/5lie/3/wn9f/79P/6/934VB/f9kd+/xz9v//f6er76H/1//r/yfp//X/+n/OtrT+P3f/veKWJvsfAAAAOsjdf++4xf4HAACAYeTuv0/cYv8DAADAMHL3Xx23NNn/+n/9v/5f/3+g/79B/6//XzfP/5+m/5+h/9f/6//1/+zU0vr/3P33jVua7H8AAADoIHf//eIW+x8AAACGkbv//nGL/Q8AAADDyN3/gLilyf7X/+v/9f/6f8//3/76+v910v9P0//P0P/r//X/+n92amn9f+7+B8YtTfY/AAAAdJC7/0Fxi/0PAAAAw8jd/+C4xf4HAACAYeTuf0jc0mT/6//1//p//b/+f/vr6//X6frNbT8T9P+H6f9nzPT/m43+f8rt7ue3f3nref/noP/X/3PY0vr/3P0PjVua7H8AAADoIHf/w+IW+x8AAACGkbv/mrjF/gcAAIBh5O5/eNzSZP/r//X/+n/9v/5/++vr/9fJ8/+nXXj//3//fc8r+/b/nv8/zfP/9f/6f862tP4/d/+1cUuT/Q8AAAAd5O5/RNxi/wMAAMAwcvc/Mm6x/wEAAGAYufsfFbc02f/6/zb9/17tov/X/+v/9f+j0/9P8/z/GXs/5k7Vh/p//b/+X//PhVla/5+7/9FxS5P9DwAAAB3k7n9M3GL/AwAAwDBy9z82brH/AQAAYBi5+x8XtzTZ//r/Nv2/5//r//X/+v8W9P/T9P8zRnn+/3l+1xx3P3+hjvv96//1/xy2tP4/d//j45Ym+x8AAAA6yN3/hLjF/gcAAIBh5O5/Ytxi/wMAAMAwcvc/KW5psv/1//r/dfT/+Qr6f/2//l//P03/P03/P2OU/v88HXc/v/b3r//X/3PY0vr/3P1Pjlua7H8AAADoIHf/U+IW+x8AAACGkbv/qXGL/Q8AAADDyN3/tLilyf7X/+v/19H/r//5/yf1//p//f+R0P9P0//P0P/r//X/+n92amn9f+7+6+KWJvsfAAAAOsjd//S4xf4HAACAYeTuf0bcYv8DAADAMHL3PzNuabL/9f/6f/2/5//r/7e/vv5/nfT/0/T/M/T/+n/9v/6fnVpQ/3/GZ53cPCtuabL/AQAAoIPc/c+OW+x/AAAAGEbu/ufELfY/AAAADCN3/3Pjlib7X/+/mP5/L+cbq/8/tdls9P+bpv3/qTP+POv7Uv+v/z8C+v9p+v8Z+n/9v/5f/89OLaj/3/s4d//z4pYm+x8AAAA6yN3//LjF/gcAAIBh5O5/Qdxi/wMAAMAwcve/MG5psv/1/4vp//eM1f97/v/Z3x+d+n/P/z9M/3809P/T9P8z9P/6f/2//p+dWlr/n7v/RXHTFZef95cIAAAALEzu/hfHLU3+/h8AAAA6yN3/krjF/gcAAICVuu7Qr+Tuf2nc0mT/6/932/9fccav6f/1/2d/f+j/9f/6/4tP/z9N/z9D/6//1//r/9mppfX/uftfFrc02f8AAADQQe7+6+MW+x8AAACGkbv/5XGL/Q8AAADDyN3/irilyf7X/3v+v/5f/6//3/76+v910v9PW3b/f7p+nOj/9f9rfP9X3e3K/9nc+mnn3/+fuO1f6v8Zwx3o/0+fPn3NRe//c/e/Mm5psv8BAACgg9z9r4pb7H8AAAAYRu7+V8ct9j8AAAAMI3f/a+KWJvtf/9+0/89vdf3/Hv2//n/b6+v/10n/P23Z/b/n/+v/1/3+Pf9f/89hS3v+f+7+18YtTfY/AAAAdJC7/3Vxi/0PAAAAw8jd//q4xf4HAACAYeTuf0Pc0mT/6/+b9v+e/6//1/8fdf9/y0b/fyRW0f+fOvfrL73/v1b/r/+f0K7/v+udD3yo/9f/c9jS+v/c/W+MW5rsfwAAAOggd/+b4hb7HwAAAIaRu//NcYv9DwAAAMPI3f+WuOmyJvtf/6//1//r//X/21//iJ//f8Vms9H/78Aq+v8JS+//Pf9f/z+lXf9/Fv2//p/Dltb/5+5/a9zSZP8DAABAB7n73xa32P8AAAAwjNz9b49b7H8AAAAYRu7+d8QtTfa//l//r//X/w/f/1+7iv7f8/93RP8/Tf8/Q/+v/9f/6/85EsfV/+fuf2fc0mT/AwAAQAe5+98Vt9j/AAAAMIzc/e+OW+x/AAAAGEbu/vfELU32v/5f/6//1/+fWFz/f/LAv1+T5//r/3dE/z9N/z9D/6//1/9fp/9nl5b2/P/c/e+NW5rsfwAAAOggd//74tb/dWv/AwAAwDBy978/brH/AQAAYBi5+z8QtzTZ//p//b/+X/8//PP/9f+t6P+nLbz/3/v90v/r/9f6/gfp/z3/n51aWv+fu/+DcUuT/Q8AAAAd5O7/UNxi/wMAAMAwcvd/OG6x/wEAAGAYuftviFua7H/9v/5f/6//1//v/xnq/8eg/592NP3/Kc//1/9XP39J/KdA/6//n/t8xrS0/j93/0filib7HwAAADrI3f/RuMX+BwAAgGHk7v9Y3GL/AwAAwCpdtuXXcvd/PG5psv/1//p//b/+X/+//fX1/+uk/5+28Of/6/9X1///74GP1vb8/7P/+0v/r/9n946//9//X2z5ce7+T8QtTfY/AAAAdJC7/5Nxi/0PAAAAw8jd/6m4xf4HAACAYeTu/3Tc0mT/6//1//p//b/+f/vr6//XSf8/Tf8/Q/9/rM/PX/v71//r/zns+Pv/gx/n7v9M3NJk/wMAAEAHufs/G7fY/wAAADCM3P2fi1vsfwAAABjG3u7PuKzh/tf/6//1//p//f/219f/r5P+f5r+f4b+X/+v/9f/s1NL6/8/v/dZJzdfiFua7H8AAADoIHf/F+MW+x8AAACGkbv/S3GL/Q8AAADDyN3/5bilyf6/uP3/zZPV3RH1/ye2/WP6/7X1/6dPn75G/6//P/j13Nb/36j/p+j/p+n/Z+j/9f/6f/0/O7W0/j93/1filib7HwAAADrI3f/VuMX+BwAAgGHk7v9a3GL/AwAAwDBy9389bmmy/z3/fwH9/0n9v+f/6/83nv+v/98R/f80/f+MEfv/k7f/yz/ufv5CHff7X0D/f0n80NH/sxhL6/9z938jbmmy/wEAAKCD3P3fjFvsfwAAABhG7v5vxS32PwAAAAwjd/+345Ym+1//f3T9/62/d12e/39qs/396//1//p//f/Fpv+fpv+fMWL/fwccdz+/9ve/gP7f8/9ZnKX1/7n7vxO3NNn/AAAA0EHu/u/GLfY/AAAADCN3//fiFvsfAAAAhpG7//txS5P9r/9fwPP/B+z/Pf9/+/eH/n/R/f+l+v8x6P+n6f9n6P/1//r/HfX/+d2s/+9uaf1/7v4fxC1N9j8AAAB0kLv/h3GL/Q8AAADDyN3/o7jF/gcAAIBh5O6/MW45Y/9va7tHof/X/+v/9f/6/+2vr/9fJ/3/tNvb/5/YXFj/n/T/+n/9f9f+3/P/2be0/j93/4/jFn//DwAAAKtz+Tl+PXf/T+IW+x8AAACGkbv/p3GL/Q8AAADDyN3/s7jlpkuP6y0dKf2//l//r//X/29/ff3/Oun/p3n+/wz9/y76+bvo/8fo/zcb/T8Xbmn9f+7+n8ct/v4fAAAAhpG7/xdxi/0PAAAAw8jd/8u4xf4HAACAYeTu/1Xc0mT/6//1/xfY/++lmfr/ffr/ffr/7fT/R0P/P03/P0P/7/n/+n/P/2enltb/5+7/ddzSZP8DAABAB7n7fxO32P8AAAAwjNz9v41b7H8AAAAYRu7+38UtTfb/sfX/8Vut/199/+/5//p//b/+f1H0/9P0/zP0//p//b/+n51aWv+fu//3cUuT/Q8AAAAd5O7/Q9xi/wMAAMAwcvf/MW6x/wEAAGAYufv/FLc02f+e/6//1//r//X/219f/79O+v9p+v/t6g9K/6//1//r/9mppfX/ufv/HLc02f8AAADQQe7+v8Qt9j8AAAAMI3f/TXGL/Q8AAADDyN3/17ilyf7X/+v/9f/6/931//s/Q/X/2+n/j4b+f9px9v93/6/5l/X8/2Pv//Mt6P/1//p/dmJp/X/u/r/FLU32PwAAAHSQu//vcYv9DwAAAMPI3f+PuMX+BwAAgGHk7r85bmmy/2f6/xP1D+r/J+n/D75//f/274/x+/99F7H/P7XR/+v/Z+j/p3n+/wz9v+f/6//1/+zU0vr/3P3/jFua7H8AAADoIHf/LXGL/Q8AAADDyN3/r7jF/gcAAIBh5O7/d9zSZP97/r/+X/+v/19R/3/g69H/6/+30f9P0//P0P/r//X/+n92amn9f+7+/wQAAP//rO9Jsg==")
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000040)=""/104, 0x18)
r2 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_G_AUDOUT(0xffffffffffffffff, 0x80345631, &(0x7f0000000880))
ioctl$VIDIOC_G_ENC_INDEX(r2, 0x8818564c, &(0x7f0000000040))

10.178650029s ago: executing program 0:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000009640)=[{{&(0x7f0000000040)={0xa, 0x4e20, 0x0, @local}, 0x1c, 0x0, 0x0, &(0x7f0000001b00)=ANY=[@ANYBLOB="180000f3ff7042a7f2e33b017026badb24127151"], 0x18}}, {{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000001440)="d8", 0xff64}], 0x1}}, {{&(0x7f00000015c0)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, &(0x7f0000001a40)=[{0x0, 0x2}, {&(0x7f0000001640)="88", 0x1}], 0x2}, 0x58f0}, {{0x0, 0x0, 0x0}}], 0x4, 0xc080)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20058041, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000100), &(0x7f0000000180))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x0, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000380)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/233, 0x0})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
r4 = fspick(0xffffffffffffffff, &(0x7f00000001c0)='./file0\x00', 0x1)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000100))
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs2/custom0\x00', 0x402, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r7 = dup3(r6, r5, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000005c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r8, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000500)={0x73622a85, 0x0, 0x200000})
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000800)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000440)={@fda={0x66646185, 0x1, 0x1, 0x4}, @ptr={0x70742a85, 0x0, &(0x7f0000000900)=""/206, 0xce}, @fda}, &(0x7f0000000240)={0x0, 0x20, 0x48}}}], 0x0, 0x0, 0x0})
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
getrusage(0x1, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000780)={0x0, 0x1, 0x0, &(0x7f0000000700)=""/99, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000640))
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x20000)

10.11952755s ago: executing program 2:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600)={<r1=>0xffffffffffffffff}}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @loopback}, r1}}, 0x30)

9.32981616s ago: executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000040)='./bus\x00', 0x14444, &(0x7f0000002680)=ANY=[@ANYBLOB='iocharset=iso8859-7,noadinicb,session=00000000000000000004,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c7569643d666f726765742c756d61736b3d30303030303030303030303030303030303030303030322c756e64656c6574652c6d6f64653d30303030303037373231362c6e6f7374726963742c00bd4ab0a2011cc49eae16435fcd75980f4128edd2"], 0xfe, 0xc22, &(0x7f00000002c0)="$eJzs3UFsHNd9B+D/Gy1FSm4rJk5Uu43bTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmCIJkmpkI22YXnroIUBR9JATgdYokKKB0RRBj2zrAsnFhyKnnogWNoKiB7YIkFPAYGbfikuKsmhTpCj7+2zqNzvz3sx7M+sZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+/fOnMc+lhtwIAOEhXxr985qznPwB8rFz1//8AAAAAAAAAAAAAAHDYpSji8Ugxf2U9TVafOwYut2dv3Z4YGd252rFU1TxSlS9/Bp47e+78F54fvtDN96//oD0Zr45fvVR/ae7m/EJrcbE1XZ+YbU/NTbd2vYe91t9uqDoB9Zuv3Zq+fn2xfvbZc1s23x58r/+xk4MXh58+/VS37MTI6Oh4T5la34c++l3uNcLjaBRxOlI8890fp2ZEFLH3c3Gf785+O1Z1YqjqxMTIaNWRmXZzdqncONY9EUVEvadSo3uODuBa7EkjYrlsftngobJ74/PNhea1mVZ9rLmw1F5qz82OpU5ry/7Uo4gLKWIlItb6795dXxRRixTfPrGerkXEke55+Hw1MPje7Sj2sY+7ULaz3hexUjwC1+wQ648iXokUP3m7iKnynOWf+FzEK2V+P+LNMl+MSOUX43zEuzt8j3g01aKIvyiv/8X1NB0RGyc660frl79S/9Ls9bmest37yiP/fDhIh/zeNBBFNKs7/nr68L/ZAQAAAAAAAAAAAAAAAOBBOxZFPBkpXv6PP67GFUc1Lv3ExeE/GPzF3jHjT9xnP2XZZyNiudjdmNyjeQjxWBpL6SGPJf44G4gi/iSP//vmw24MAAAAAAAAAAAAAAAAAADAx1oRP4oUL7xzKq1E75zi7dkb9avNazOdWWG7c/9250zf2NjYqKdONnJO5lzOuZJzNedazihy/ZyNnJM5l3Ou5FzNuZYzjuT6ORs5J3Mu51zJuZpzLWfUcv2cjZyTOZdzruRczbmWMw7J3L0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8lRRTxs0jxra+tp0gR0YiYjE6u9nfLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPU38q4nuRov6HjTvrahGRqn87TpW/nI/G0TI/GY3hMl+MxqWczSprjW/e92hpX/rAh9eXivhhpOgfeOvO1cnXv6/zafOavfn1zU+/Uuvkke7Gwff6Hzt54uLw6K89ca/lHa/+0OX27K3b9YmR0dHxntW1fPRP9qwbzMctHkzXiYjF1994rTkz01qw8PFYqHUWanFI2nNQC/l+FYelPdsXGoejGZsLD/nGxIEon//vRorfeec/uw/87vP/Fzqf7jzh46d/uvn8f2H7jvbp+f94z7oX8u9G+moRA0s35/tORgwsvv7G6fbN5o3Wjdbs+TNnvjg8/MVzZ/qORgxcb8+0epb2fKoAAAAAAAAAAAAAAAAADlYq4vciRfOH66keEber8VqDF4efPv3UkThSjbfaMm7r1fGrl+ovzd2cX2gtLram6xOz7am56dZuDzdQDfeaGBndl87c17F9bv+xgZfm5l9faN/4o6Udtx8fuHRtcWmhObXz5jgWRUSjd81Q1eCJkdGq0TPt5mxVdewBvUqhLxXxX5Fi6nw9fTavy+P/to/w3zL+f3n7jvZp/N8netaVx0ypiJ9Git/+yyfis1U7j8dd5yyX+9tIMXThM7lcHC3LddvQea9AZ2RgWfb/IsU//mxr2e54yMc3yz636xP7iCiv/4lI8b0//078Rl639f0PO1//49t3tE/X/1M9645veV/BnrtOvv6nI8WLj78Vv5nXvd/7P4rY2Nj4RsSpXPjO+zn26fp/umfdYHSO+1sPrvsAAAAAAAAAAACPrL5UxN9FiqdGa+n5vG43f/9vevuO9unvf/1yz7rpA5qvaM8nFQAAAAAOib5UxI8ixY2lt+6Mod46/rtn/Ofvbs69PpK2ba3+nO+XqvcGPMg//+s1mI87ufduAwAAAAAAAAAAAAAAAAAAwKGSUhHP5/nUJ+8zn/pqpHj5f57J5dLJslx3HvjB6teBK3Ozpy/NzMxNNZea12Za9fH55lSrrPupSLH+N5/JdYtqfvXufPOdOd4HNrpzsS9EitG/75btzMXenZu8Mx94Zy72suwnIsV//8PWst15rD+9WfZsWfavI8VX/3nnsic3y54ry34nUvzgq/Vu2eNl2e77UTvvJB2oxUzr2am5mbtehQoAAAAAAAAAAAAAAAAAAAAfVF8q4s8ixf/eXInlPOw/z//fnYG/1i375td75vvf5nY1z/9gNf//vZY/zPz/gw+spwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OhIUcQbkWL+ynpa7S8/dwxcbs/euj0xMrpztWOpqnmkKl/+DDx39tz5Lzw/fKGb71//QXsyXh2/eqn+0tzN+YXW4mJruj4x256am27teg97rb956jqGqhNQv/narenr1xfrZ589t2Xz7cH3+h87OXhx+OnTT3XLToyMjo73lKn1fYCjf6DGbToaRfxVpHjmuz9O/9IfUcTez8V9vjv77VjViaGqExMjo1VHZtrN2aVy41j3RBQR9Z5Kje45OoBrsSeNiOWy+WWDh8rujc83F5rXZlr1sebCUnupPTc7ljqtLftTjyIupIiViFjrv3t3fVHEa5Hi2yfW07/2RxzpnofPXxn/8pmz925HsY993IWynfW+iJXiEbhmh1h/FPFPkeInb5+Kf+uPqEXnJz4X8UqZ3494s8wXI1KK2PhGxLs7fI94NNWiiP8vr//F9fR2f3k/6N5XLn+l/qXZ63M9Zbv3lV09H3793sd86M+Hg3TI700DUcQPqjv+evp3/10DAAAAAAAAAAAAAAAAHCJF/GqkeOGdU6kaH3xnTHF79kb9avPaTGdYX3fsX3fM9MbGxkY9dbKRczLncs6VnKs513JGkevnbOSczLmccyXnas61nHEk18/ZyDmZcznnSs7VnGs5o5br52zknMy5nHMl52rOtZxxSMbuAQAAAAAAAAAAAAAAAAAAHy1F9U+Kb31tPW30d+aXnoxOrpoP9CPv5wEAAP//N4D+uw==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000001080)={'#! ', './bus', [{0x20, 'cp932Y\xe4\x00\x01mi@\xa9\x04\xa6c\xe3\x80ox\xfc\xe0\x94R\x81a\xbb\x924\xfe\xac\\\xef\xb5E\xfb\xf1@\v2\xca\x9eQ-I\a\xb2\x84\x9b\xea\x82}lB\xdc@(th*\xe0\v\xba\xe6iP\xd8\xfb\x11\x86\x99\x94\xc12\x9fj\xefP\x9c\xc2\xc8\xb1-d\xb3\xb3\xbc \\\x11V%\x87\xd5\x16\xf1\x89|\xfc!\xa1\xda,\xbd\xd0\xedw\x8c\xee\xc3\xe5Ii\x81K\x1b{\xc6b;d+&i\xab\b\xbd\xbd\x8d|d\x8f+\xad\x83\x18\x81\x87(\x1e\x12\x1b\xfe\xc9 bW\xffx\xc0\x868\b!\xd7\x1d-\xaa\xdd\xa3\xe5\x19\xbbA\xa4p\x16\xbc`\xc7\xb4z\b\xb8H\v\x15\xbdD\x17c\xda\xbd?\'t\x10\xf6\xb1l\xb71\x011\xda\xce`\x16\xc7#\x1f\xa4\xfan&\xdaH\xd0\x88\xbf\x01\x13\x80n.\xc5N\a\xeb\xb1\xec|\xf5\xfe\xd0F\xbb\xa9(\xe5 \xb7Ws\xbdu\xca\xc0\a\xb3Z\xa9@\xff\x04\x8c\xbeN\x8c\x98\xb1\xe0\x84\xfa\xca\xc8\xbd\xb8\xfc\xc7\x8c&\xd9/uN}LI\x9dqlk\xf1\x11\xf2\xb6\xcc\xb6!B\x85\xf9i\x11\xb4\xdf\xbcB\xd0nl\xa28\xc5\xbc\xd1>\xf9\xe4\xe1B\xa9\x12\xd1\xb8\xfc'}]}, 0x13d)
r2 = socket$netlink(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x6b, 0x11, 0x9b}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f00000001c0), 0x4)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r3, &(0x7f0000003a80)=[{{&(0x7f00000000c0)=@in={0x2, 0x0, @loopback}, 0x80, 0x0}}], 0x1, 0x2c000011)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c00028005000100000009002400028014000180080001000000010908000200ac1e00010c000280050001000000000044000f800800014000000006080003400000002b080003400000000808000240000000400800014000000000fb0001400000000708000140000044f10800034000000003080007"], 0xa8}}, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000001, 0x4010, r2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/syz1\x00', 0x1ff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = syz_open_procfs(0x0, &(0x7f0000000180)='map_files\x00')
ioctl$NBD_CLEAR_QUE(r1, 0xab05)
fchdir(r6)
sendmmsg$unix(r5, &(0x7f0000000240)=[{{&(0x7f0000000080)=@abs={0x1, 0x30, 0x2}, 0x12, 0x0}}], 0x1, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000001c0)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r7, 0xc0189376, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r8=>r5, {0x2}}, './bus\x00'})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_GET_NESTED_STATE(0xffffffffffffffff, 0xc080aebe, &(0x7f0000003ac0)={{0x0, 0x0, 0x80}})

7.7475288s ago: executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f00000000c0)=""/17, 0x11}, {&(0x7f0000000b00)=""/4096, 0x1000}], 0x2, 0x400, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
openat$incfs(r1, &(0x7f0000000580)='.pending_reads\x00', 0x101000, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005800000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180300002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000b40)={&(0x7f0000000b00)='hrtimer_init\x00', r4}, 0x73)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000700), 0x4)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000940)={{r2, <r6=>0xffffffffffffffff}, &(0x7f00000008c0), &(0x7f0000000900)='%ps    \x00'}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001b00)={0x11, 0xe, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x7}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}}, @alu={0x4, 0x0, 0x9, 0xa, 0x0, 0x50, 0xfffffffffffffff0}, @alu={0x4, 0x1, 0x9, 0x6, 0x0, 0xffffffffffffffc0, 0xfffffffffffffff0}]}, &(0x7f00000003c0)='GPL\x00', 0x48000000, 0xa, &(0x7f0000000540)=""/10, 0x41000, 0x30, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f0000000740)={0x9, 0x2}, 0x8, 0x10, &(0x7f0000000780)={0x2, 0x4, 0x1, 0xce}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000980)=[r6], &(0x7f00000009c0)=[{0x5, 0x4, 0x5, 0x1}, {0x0, 0x5, 0x10, 0x4}], 0x10, 0x6d30}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='hrtimer_init\x00', r7}, 0x10)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f00000013c0), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000016c0)={'pimreg0\x00', 0x41})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r10=>0x0})
r11 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r11, 0xc0145608, &(0x7f0000000080)={0x2, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r11, 0xc058560f, &(0x7f0000000240)=@multiplanar_mmap={0x0, 0x2, 0x4, 0x0, 0xffffff7f, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "a950fd28"}, 0x0, 0x1, {0x0}})
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32=r10, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030000006000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350076657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001bc0)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000001d00000000280012800900010076657468000000001800028014000100000000009885d534ab5380189cfa4b9a887bb10170c2c677951ca4e7e6957dc20308322158d858e600011ab47fda3ccb7c00000000000000002ae5050439356b14e695fc0aa4a744228bfe8169c2e1b794f1fb140343b1bcef2287bde4dc05467fceba2097b30d653a06f5f3c64ec2c89a29c7dbb2d9c1c8270710076c9bdc88b1c4ee464a098c3ebb9f373e42056eebde06a4", @ANYRES32=0x0, @ANYBLOB="000000000000000008000300", @ANYRES32, @ANYBLOB], 0x50}}, 0x0)

7.557141293s ago: executing program 0:
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f0000000280), &(0x7f00000002c0)}, 0x20)
prlimit64(0xffffffffffffffff, 0x9, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f00000002c0)=0x81)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000c5e9abdb17bd8f26356887bcd2f78aeec77d079ed499cf32e3ac447e64f4dd0cbc510a7bc28fdd1a11905e4318e1db9ed93fbdf59ce2710d9ae7be87f82c647d98c6501b59666500000002904a5d79aed38d8a071d176f95daef0bce85efbb111f2d118175000000010100000000000000d8cce1fc88a333a08d964e29718cbba0239c0eaaecdf57c1bcfa6270d1f383eedd515713d1c48ed7e976b80cf0d9e60e1d359fa02a1cdd4ed4b27275bae516be6b4aef0cb030c23b8b05c7742ade4eaa66084820ac46c0672e253fac91bc36fde2473bf66bba7145c4d241d53d50ff7f0000000000005236b941f8f4232fc063d3f7d449e0d00f381502eb01ea1e54096eddf872dc277456edbc0519dbf7bd9308d8b2be27c894b9ce66c37d153af8872aa5356aecff710cc8247f21e2a3cf1011ff0e0e489837991a25dd89828f85d1477c25329a683ca60a192195a8b6ecde5ac6e210f85a8592f6c90535140517e8fd7052fdee8266d518ae9fdf927ca71053fc2898a00fc66d58acf7d1a13a8a519f08a4e87abf666fa9923173f6c38edf08e6ed56acee6f1ab94e0770f3e2397c63dc8c4476f6b373dc7ea47fb54a5ff3842bb201a8fd0b90eac6597a0fc9d8be2adea17e831b30b90f49f5300c58c82b2bb0081340e0426f7cb6c267d8a01fb1fdf03fb9f917553aedcf4d4ba6f48d96e71b1dd600000000952d11f20000000000000000000000000000000000000000000070993da90a2af1da51ff57855ebbf4d865b578325b7770a681f52707176b60c624d18220922e738168a4dec4ce118ee1e798c7d6e09a70d23b85a4219b21d9205b2dbcda9be3ccbb5d2c3a406fd9f5b7e2078e42a90200000000000000000000000000b532586624b8f32f13dd5ce36a919bb09156a1e1b5c7c7308b5d239c45a56a8cd7d9de49f0e3330b5f25"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
ppoll(&(0x7f00000000c0), 0x0, &(0x7f0000000180)={0x77359400}, &(0x7f00000001c0)={[0x2a]}, 0x8)
r7 = accept4$unix(0xffffffffffffffff, &(0x7f0000000300)=@abs, &(0x7f0000000540)=0x6e, 0x101800)
sendmmsg$unix(r7, 0x0, 0x0, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000007c0)={'erspan0\x00', &(0x7f0000000300)})
openat$loop_ctrl(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000280)={'netdevsim0\x00'})
r8 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'sit0\x00', <r9=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r8, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x3fc}, 0x0, r9})

7.25344947s ago: executing program 3:
ioperm(0x7fff, 0x9, 0xda8)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x11012, r0, 0x0)
r1 = syz_io_uring_setup(0x24f2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
socket$can_raw(0x1d, 0x3, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r4, 0x80, &(0x7f0000000200)=@in6={0xa, 0x0, 0x0, @mcast1}})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$P9_RLCREATE(r5, &(0x7f0000000180)={0x18, 0xf, 0x2, {{0x67626f5ac1e97c08, 0x4, 0x8}, 0x3}}, 0x18)
write$binfmt_aout(r5, &(0x7f00000002c0)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000005, 0x12, r5, 0x0)
io_uring_enter(r1, 0xa3d, 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000044c0)={0x0, 0x60}}, 0x0)
mmap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x12, r6, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x0, 0x13, r7, 0x0)

6.210620907s ago: executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f00000001c0)='./file1\x00', 0x8, &(0x7f0000000800)={[{@noflushoncommit}, {@ref_verify}, {@user_subvol_rm}, {@treelog}, {@max_inline={'max_inline', 0x3d, [0x36, 0x33, 0x39, 0x38, 0x78, 0x38, 0x6d]}}, {@max_inline={'max_inline', 0x3d, [0x33, 0x6, 0x25, 0x2d, 0x31, 0x2d, 0x74]}}, {@noflushoncommit}, {@nobarrier}, {@nossd}]}, 0x1, 0x55a3, &(0x7f0000005680)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a05, 0x1700)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x4010942a, &(0x7f0000000040)={@desc={0x1, 0x0, @desc2}})
syz_open_dev$evdev(0x0, 0x9, 0x280002)
ioctl$EVIOCSABS20(0xffffffffffffffff, 0x401845e0, &(0x7f0000000040)={0xfffffffd, 0x0, 0x0, 0x9, 0x0, 0x1})
truncate(&(0x7f0000000080)='./file1\x00', 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x90)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x0, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000440)=[0x0])
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)

5.848906256s ago: executing program 3:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r1=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000002c0)={0xc, r1})
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r0, 0x3b70, &(0x7f0000000000)={0x28, 0x0, 0x0})

5.405976758s ago: executing program 0:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/uevent_helper', 0x202, 0x0)
bpf$BPF_PROG_QUERY(0x1d, &(0x7f0000000040)={@cgroup, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x22000406, &(0x7f0000000180)={[{@dioread_lock}, {@noblock_validity}, {@abort}, {@auto_da_alloc}, {@auto_da_alloc}, {@grpjquota, 0x2e}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@grpid}], [], 0x2c}, 0x84, 0x485, &(0x7f0000000dc0)="$eJzs3M9vFFUcAPDvTH8gP1sQf/BDWUVjI9rSgsrBgxpNuJiY6EGPtVSCFDC0JkKIoDF4NP4F6tHExJMXT3ox6knjVe/GhBguoAetmdkZut3dlu222wX380m2fW/mzb73nZnXfTOvswH0rEpE/JtEbImIXyNiKCKS+gKV6q/rVy9M/XX1wlQS8/Mv/5nk5a5dvTBVFi2321xkRtKI9IMk9jSpd/bc+ZOTMzPTZ4v82Nypt8Zmz51//MSpyePTx6dPTxw5cvjQ+FNPTjyxJnFmcV3b/e6ZvbuOvvbxi1Pz8foPX2Tt3VKsr42janjVdVaiEvOFhaWD+c+HV/3ut5atNemkv4sNYUX6IiI7XAN5/x+Kvlg4eEPxwvtdbRzQUdln0/aGpX3F7/TG5xfwf5To49Cjyk/87Pq3fK3n+KPbrjyb/ZzO479evKpr+iPNrmWHq1fsfR2qf0tEvHrp70+yVzS9DwEAsLa+ycY/jzUb/6Vxd025bcUcynBEHIiIHRFxZ0TsjIi7IvKy90TEvSusv1KXbxz//LyxrcBalI3/ni7mthaP/9KiRHIjtzWPfyB548TM9MFin4zEwIYsP75MHd8+/8tHS62r1Iz/sldWfzkWLNrxR/+Gxdscm5ybXEXIi1x5L2J3f7P4kxszAdke2BURu9t4/2yfnXj0871ZetvmxvU3j38ZazDPNP9ZxCPV438p6uIvJdWalpqfHLsjZqYPjpVnRaMff7r8Um1+oCZdH/96z51lx39T0/O/iL/sBuV87ezK67j824dLXtM0Hv8kWjn/B5NX8vRgseydybm5s+MRg8WCRcsnFrYt82X5LP6R/c37/46Ifz4tttsTEdlJfF9E3B8R+4q2PxARD0bE/mXi//65h95cfg+1ef6vgSz+Y8sd/4jhpHa+vo1E38nvvl6q/tb+/h3OUyPFklb+/rXawNXsOwAAALhdpPkcdJKOlumam1M7Y1M6c2Z27kAl3j59rDpXPRwDaXmna6jmfuh4cW+4zE/U5Q9FxPb8P4025vnRqTMzW7sZOJA/q7Oo/0eajo5W1/3eqX96AW4dK5pzqn068Muv1r4xwLryvCb0Lv0fepf+D71L/4fe1az/X4y43oWmAOvM5z/0Lv0fepf+D71L/4ee1PhIfPl1K+086b+Q2HF0VZv3UKKvQ+8ctV/a0YFEpF3fde0n0puWeSY63ox9RWJDRLS61cWOHtP68wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD2918AAAD//ypP4wc=")
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000380)=""/115, 0x73}, {&(0x7f00000016c0)=""/4110, 0x100e}, {&(0x7f0000000680)=""/23, 0x17}, {&(0x7f0000000540)=""/164, 0xa4}], 0x4}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000000)='ext4_fallocate_exit\x00', r0}, 0x10)
r4 = open(&(0x7f0000000000)='./bus\x00', 0x4c37e, 0x0)
fallocate(r4, 0x0, 0x0, 0x9000f4)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)

5.042354198s ago: executing program 3:
syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xaca, &(0x7f0000001340)="$eJzs3U2sVFcdAPAz8948eEBlqGCfFAtYbetHH+XxxA+i0EBMJKUxbpo0bgillYiYWBO1aeKDlTvbNJi48iOuummqMbEbQ7py08SSNCZdVRcuJBibuKgojGHmnHkzhxnuzPDefDC/X3LfmXPPvfM/d96dO/fznABMrXL97/LyQimEi2+8cuwfD/19/uaYw80pqvW/sy25SgihFPOz2fu9N9NIr7//4qlOaSks1f+mfHjyanPezSGElbAnXArVsPPi5ZffWnrixPnjF/a+/eqhK+uz9AAAMF2+funQ8o6//vn+bddee+BI2NAcn/bPqzG/Je73H4k7/mn/vxza86WWodVcNt1sHMrz7dPNdJiuNU4lm262S/y5LH6ly3Qbwu3jz7SM67TcMMnSelwNpfJiW75cXlxsHJOH+nH9XGnx3Jmzzz4/oooCa+7fu0MIe1qGoxfa8+M2HB6DOgw41MagDhM5HBlerGu1hpEv85CG2tZRb4EAGvLrhbdYyc8s3Jn0bkd6jH/18XLH+WEtDHv97yv+3IjjB/F/c94Wh7Vzt65NabnS92hLzOfXEfL7l7p///IrHe1j8+sRlR7r2e06wqRcX+hWz5kh12NQ3eqfrxd3qy/HNH0OX2kr3d32/cn/p5PyPwY6+yA//28wGMZ7CG35yp28V23E2x9gfOX3zdXS9dEov68vL99QUL6xoHy+oHxTQfnmgnKYZr/7/k/DS6XV8135MX2/58PTebZ7YvqhPuuTn4/sN35+32+/7jR+fj8xjLM/nHzq9Beeefpy4/7/UnP9vxHX93S4UY3frUtxgnS+MD+v3rz3v9oep9xlunuz+tzTYfr66+3t05W2r75PaNnO3FKPhfb5tnabblf7dNVsuvk4bMzqm++fbMrmS/sfabuaPq/ZbHkr2XLMZfVI25VtMc3rAYNI62O3+//T+rkQKqVnz5w9/VjMp/X0TzOVDTfH7x9yvYE71+vzPwuh/fmfLc3xlXLrdmHr6vhSY7vweny/9vFLzTjt4w/EfPqd+9bMfH384qnvnn1m7RcfptrzP3rh2yfPnj39PS8GfvHV8ahGPy/SYcu41MeLfl/sGWSumT6+7yPeMAHrbt+PGzsBj575zsnnTj93+tyBgwcPLC0d/OKB5X31/fp9rXv3rVZGUFtgLa3+6I+6JgAAAAAAAAAAAECvfnD82OV33vz8u43n/1ef/0vP/6c7f9Pz/z/Jnv/Pn5NPz8Gn5wC3dSivT5M1sDqXTVeJw4ez+m7P4uzI5vtITJv9+MXn/1O4vF3XVJ/7svGVLtmsOYFb2kuZy9ogyfsL/HhML8T01wFGqDTfeXRMb9O+demDlnU9tU/R0i5FTfvAkyP93+prQ0uTRun5747tOrX8s7cNoY6svWE8sTjqZQQ6++dUtf/9r9UFH3ldDN2H2eHG+/n0rhO1rnvpvfZgA7A2RtX/Zzqxkc57pvTcH7+28eaQJrv6ePv2Mm+/FPrxl3fa8+Pe/+R6x8/77Rt2/FEv/7D7/2z2f9fz9i/rMa86WNz//OLKuy1hw85b4sczj3n8fPlTO9DbewwcL0xdi/HT0jwc8vidl7/2qyx+fkGoR//N4m/qMf4ty79rsPj/i/HTx/bIg73Gb9S4VG6vx3y2HOn6X37eOLmeLX9q2/M28b/xQqflH7CjxhsxPkyzSelntl/ZfkRzp33w/n+jlbXt/7dZ2Wyzlt+H8bmYTxvidJ9D3t9Jv/VP91ek34Ed2fuXCn7f9P872b4U06LvQ+r/N62P1fiT35Kvf5YpX+nw2d6t2xqYVO9N1fW/YQ1XGodBg82/cfT1n5hhZQzqUJsZYL5mP3Ejrn+tVlvfE1oFRhqckX/+oz5OGHX8UX/+RfL+f/N9+Lz/37w87/83L8/7/10tn49/Z247f97/b/555v3/5uX3Ze+b9w+8UFD+0YLynZ3Lm4ft9xfMv6ug/GMF5Xub5YfbpkjlDxTMv7ug/N6C8gcLyj9RUP7JgvKHCsofaSlv7QM6lX+qYP67XXoeZVqXH6ZZ/nye7z9Mj3T9p9v3f3tBOTC5fvba/qNP//ab1cbz/3PN8yHpOt6RmK/E46cfxnx+3Tu05G+WvRnzf8vKx/18B0yTvP2M/Pf94YJyYHKl+7x8v2EKlTZ2Hh3Tonaruu3nM1k+HdPPxPSzMX00posx3RfT/TFdGlL9WB9HX//9oZdKq8f7W7PyXu8nz58HamsnKoRwoMf65OcH+r2fPW/Hr193Gn/Ax8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABGplz/u7y8UArh4huvHHvqxJl9N8ccbk5Rrf+dbclVmvOF8FhMZ2L6y/ji+vsvnmpNb8S0FJZCKZSa48OTV5uRNocQVsKecClUw86Ll19+a+mJE+ePX9j79quHrqzfJwAAAAB3v/8HAAD///ZzD2Q=")
open(0x0, 0x0, 0x0)
r0 = open(&(0x7f0000000040)='./bus\x00', 0x1ed643, 0x17)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r1, &(0x7f0000000140)=0x400900, 0x12)
ftruncate(r0, 0x8000000)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_open_procfs(0x0, &(0x7f0000000b40)='net\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f0000000b00)=ANY=[@ANYBLOB="180100001c00000000f1ffffffffffff8400008807cde55461d96d04c8d150155c12570661f80dec4d972407fab75a4f10c2df497cb112aea44bb38153e974"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x928}, 0x90)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800000, &(0x7f0000000100), 0x1, 0x769, &(0x7f0000000340)="$eJzs3M9rHOUbAPBnptmmP/L9bgQP6kGEFloonSTNpT0ZL+KlUCh4rSGZhJBJtmQ3tYmFtp6F2lwUBNGzHr0Kpf4BXkQKCt4F0RoP4iUym03aptm4bTfZkn4+MNn3nXnffd5nZ/JmBvJuAC+sN8ofScRARFyIiGprfxoRB5ulQxE31tut3r82UW5JrK1d/D0pu8XqWnXzvZLW69FodolXIuJuJeLUh4/HrS8tz44XRb7Qqg815i4P1ZeWT8/MjU/n0/n8yOi54bOjo2eHR7uW6/F3zx2+/f3bKys/ftO49Xrf6STGmnlHK7euBXrI+mdSibEt++d3I1gPJR206duDcQAAsLPyPv9A696sEtU44C4NAAAA9p21/jUAAABg30ui1yMAAAAAdtfG/wFsrO3drXWw7fz2VkQMbhe/r7mGOOJQVCLiyGryyMqEZL0bPJMbNyPiztg211/Suv6e3vCWeidrpNlbd8r5Z2y7+SfdnH9im/mnb+O7E55R+/nvQfwDbea/Cx3G+PbzVytt49+MeK1vu/jJZvykTfz3Oox/a+Wj2+2OrX0ZcWLbvz/JI7F2+H6IoamZYsdfrbv/nLy3U/5HHoufJM2oyc75X+4w/w9W/5xtN5eU8U8e2/n8r8fvf6RfeU183BpHGhG3W69lfWVLjGNzP333eOTkxkb8yTaf//bn/53N/L/oMP9fvu6/2mFTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaEojYiCSNNssp2mWRRyNiJfjSFrU6o1TU7XF+cnyWMRgVNKpmSIfjojqej0p6yPN8oP6mS310Yh46efD60FnijybqBWTvU4eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACATUcjYiCSNIuINCL+qqZplvV6VAAAAEDXDfZ6AAAAAMCu8/wPAAAA+9/TPv8nXR4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsK9dOH++3NZW71+bKOuTV5YWZ2tXTk/m9dlsbnEim6gtXM6ma7XpIs8manP/9X5pRIyci8WrQ4283hiqLy1fmqstzjcuzcyNT+eX8sqeZAUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCTGmhuSZpFRNosp2mWRfwvIgajkkzNFPlwRPw/Iu5VK/1lfaTXgwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDr6kvLs+NFkS8oPJeFr2LHNpFEPC9DfcELEU/S63p09cT90P28ej0zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQC/Wl5dnxosgX6r0eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL2V/ppERLmdqB4f2Hr0YPJ3tfkaEe9/dvGTq+ONxsJIuf+Pzf2NT1v7zzzU8fpe5gAAAAD73ptP0njjOX3jOR4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBT9aXl2fGiyBeesVCJiHZt4mavswQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ7GvwEAAP//lhHByQ==")
chdir(&(0x7f0000000080)='./file0\x00')
creat(&(0x7f0000000040)='./file0\x00', 0x0)
openat(0xffffffffffffffff, &(0x7f0000000b80)='./file0\x00', 0x200000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = getpid()
process_vm_readv(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000440)='ext2\x00', &(0x7f00000000c0)='./file0\x00', 0x2, &(0x7f0000000000)={[{@noblock_validity}, {@dioread_nolock}, {@errors_remount}, {@minixdf}, {@jqfmt_vfsv0}, {@usrjquota, 0x2e}], [], 0x2c}, 0x84, 0x452, &(0x7f0000000480)="$eJzs20tvG1UUAOAz46bvklDKow/AUBARj6RJC3TBBgRSN0hIsCjLkKZVqdugJki0qmhAqCxRfwGwROIXsIINAlYgtrBHSBXqhsICDRp7nBrHDnbs1Gn9fdIk986Mfc/xzLXvzLUDGFrl/E8SsTMifomI0YgoNe9Qrv27cf3S7F/XL80mkWWv/5HkD4s/r1+are+aFP93FJXxNCL9KIn9LdpduHDxzEylMne+qE8unn1ncuHCxWdOn505NXdq7tz00aNHDk89/9z0s33Jc1ce67735w/sPfbm1Vdnj1996/sv83h3Ftsb86gZ67nNcpSXX5Nmj/f87BvLroZysmmAgdCVvK/nh2uk2v9HoxQ3D95ovPLhQIMD1lWWZdmWFWuXRwBLGXAHS2LQEQCDUf+gz69/68stHH4M3LUXaxdAed43iqW2ZVOkxT4jTde3/VSOiONLf3+aL9HyPgQAQH99nY9/nm41/kvjvob97irmhsYi4u6I2B0R90TEnoi4N6K67/0R8UCX7Zeb6ivHPz9tW1NiHcrHfy8Uc1v/Hf/VR38xVipqu6r5jyQnT1fmDhWvyXiMbMnrU6u08c3LP3/Sblvj+C9f8vbrY8Eijt83Nd2gOzGzONNLzo2ufVC9B3h5Zf7J8kxAEhF7I2LfGp5/a0ScfvKLA+22/3/+q+jDPFP2ecQTteO/FE351yWrz09Obo3K3KHJ+lmx0g8/XnmtXfs95d8H+fHf3vL8X85/LGmcr13ovo0rv37c9ppmref/5uSNanlzse69mcXF81MRm5Olleunbz62Xq/vn+c/frB1/98d8c9nxeP2R0R+Ej8YEQ9FxMNF7I9ExKMRcXCV/L976bG3157/+srzP9HV8e++UDrz7Vft2u/s+B+plsaLNZ28/3UaYC+vHQAAANwu0up34JN0YrmcphMTte/w74ntaWV+YfGpk/PvnjtR+678WIyk9Ttdow33Q6eKe8P1+nRT/XD1vnGWZdm2an1idr6yXnPqQGd2tOn/ud9Kg44OWHddzaO1+0UbcFvye00YXvo/DC/9H4aX/g/Dq1X/vxxxYwChALeYz38YXvo/DC/9H4aX/g9DqZff9a9W2H1svZ75TiuUNkYYXRci3RBhrK2QbowwaoUtEdHpzpfjVgU26HcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/vg3AAD//zLQ7Dk=")
quotactl$Q_QUOTAON(0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000029000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$int_in(r4, 0x5452, &(0x7f0000000180)=0xffffffffffffffff)
fcntl$setsig(r4, 0xa, 0x12)
ppoll(&(0x7f0000000100)=[{r5}], 0x1, 0x0, 0x0, 0x0)
dup2(r4, r5)
fcntl$setown(r5, 0x8, r3)
tkill(r3, 0x13)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)

4.096346921s ago: executing program 2:
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000480), 0x4)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x3, &(0x7f0000000480)=ANY=[], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x33, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffeaa}, 0x90)
r2 = io_uring_setup(0x168e, &(0x7f0000000000))
flock(r2, 0x1)
r3 = syz_open_dev$dri(&(0x7f0000000340), 0x3, 0x800)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000380)={0x5, 0x8000, 0xf97e, 0x0, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r3, 0xc00464b4, &(0x7f00000003c0)={r4})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/3\x00')
r6 = socket$l2tp(0x2, 0x2, 0x73)
ioctl$sock_inet_SIOCSARP(r6, 0x8953, &(0x7f0000000280)={{0x2, 0x0, @remote}, {0x0, @broadcast}, 0x0, {0x2, 0x0, @dev}, 'dvmrp1\x00'})
io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000400)=""/83, 0x53}, {&(0x7f0000000540)=""/219, 0xdb}, {&(0x7f0000000180)=""/194, 0xc2}, {&(0x7f0000000300)=""/30, 0x1e}, {&(0x7f0000000740)=""/251, 0xfb}], 0x0, 0x5}, 0x20)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r11, 0x29, 0x1b, &(0x7f0000000000)={@loopback, 0x200}, 0x20)
r12 = dup(r10)
ioctl$KVM_CREATE_VCPU(r12, 0xae41, 0x0)
r13 = socket$inet(0x2, 0x802, 0x1)
connect$inet(r13, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r13, 0x0, 0x6, &(0x7f0000001500)=0xfffffffe, 0x4)
write(r13, &(0x7f0000000080)="08008edf773c8000", 0xfd)
readv(r13, &(0x7f0000000380)=[{&(0x7f0000000100)=""/222, 0xfdef}], 0x1)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r8, 0x4068aea3, &(0x7f0000000140))
r14 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_RUN(r14, 0xae80, 0x0)
pread64(r5, &(0x7f0000000080)=""/237, 0xed, 0x0)

4.060977424s ago: executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r1=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f00000002c0)={0xc, r1})
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r0, 0x3b70, &(0x7f0000000000)={0x28, 0x0, 0x0})

3.74783217s ago: executing program 0:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600)={<r1=>0xffffffffffffffff}}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x0, 0x0, @loopback}, r1}}, 0x30)

3.497031303s ago: executing program 1:
r0 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r0, &(0x7f0000000240), 0x10) (async, rerun: 64)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) (rerun: 64)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[], 0x118) (async)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/disk', 0x169a82, 0x0)
sendfile(r2, r2, 0x0, 0x7) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
write$binfmt_script(r0, &(0x7f0000000000)={'#! ', '', [{0x20, 'cpu.stat\x00'}]}, 0xe) (async, rerun: 64)
fchmod(r0, 0x1) (rerun: 64)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r1)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x28, r3, 0x100, 0x70bd28, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz0\x00'}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x0)
setsockopt$MRT_ADD_MFC(r1, 0x0, 0xcc, &(0x7f0000000040)={@rand_addr=0x64010102, @broadcast, 0x1, "846802c6ee57523f9acadd4efe7cd30dc2fc0c442ae07d4a537865fde4116489", 0x101, 0x7, 0x0, 0xff}, 0x3c)

3.208067889s ago: executing program 0:
r0 = socket$key(0xf, 0x3, 0x2)
getresuid(&(0x7f0000000080), &(0x7f0000000180), &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000080007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x400145042, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000ffffffff00000000000000002600000000000000a40000000000020095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='rss_stat\x00', r4}, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x7800007, 0x12, r3, 0x0)
bind$x25(r3, &(0x7f0000000200), 0x12)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r6 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r5, 0x84, 0x14, &(0x7f0000000080)={r7}, &(0x7f00000000c0)=0x18)
r8 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
ftruncate(r8, 0x9)
r9 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r9, 0x28, 0x0, &(0x7f0000001680)=""/59, &(0x7f0000000000)=0x3b)
sendmsg$key(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x2, 0x4, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @loopback}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @remote}}, @sadb_sa={0x2}]}, 0x50}}, 0x0)

2.546915218s ago: executing program 1:
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$IOMMU_HWPT_ALLOC$NONE(r0, 0xc0045878, &(0x7f0000000040)={0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2.419984982s ago: executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000005600)='./bus\x00', 0x0, &(0x7f0000000100)={[{@compress_force}, {@compress_algo={'compress', 0x3d, 'zstd'}}, {@ssd}, {@noenospc_debug}]}, 0x1, 0x559d, &(0x7f0000005680)="$eJzs3X1sVWcdB/BzeynlJaFlyjLUhfkPThCpmFiEoEVgAoPRgSbDwCgO2BAGhQRhY9OOOZ0jk4Y5xoovDKQCxq6+rJiYIbqIcU4mi8OGEXnJIuICK4yoJNOZ3nufy73n0vYO5zq3z4e05z73d57nPPfk/HG/lz7nRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABBF0cHlC/627gfLv/nQdSenbLz/zAMnap57fNP4u+fsHnX4gVVXtp1uaip99fmzNyy67+GqoSf2zD8URYlUv0Sm/7xPTZ65aNa86X3CgLU3prcVFZ0dMt31WLrRO+/Jjn75P/OjKCqNDZDMbCf1z2kn4geIVhYO2KXtVWNWDdw4cdrmssmDFibrGgtfOh369PQEekrmunrx4rVUnfpdEtsj28659BJ5l2i6f/yCe1NeBADwulTWpDbZt6OZt7jZdn28HmtXx9oNsXZ4h9CQ27gc6XF7dzbPa+L1HppndToqlHU6z1g9c/6z7Zp4/1g7FjVexzzzd81Emj6dzbMuVu+peQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8ldx9/JanSzb96H1L149MHh887BdfbdryvUnt5VO+tm9D2+9bn3tPU1Ppq8+fvWHRfQ9XDT2xZ/6hKKpI9Uukuyfm7mjd8LMVU1b/fM6jzefee8euZGbcsO2Vs3PUFh58vDyKPp9TeTEMe2pAFNXkF1LN6NHCwuLUgymhAAAAwNvJ4NTvkmw7HQdL89qJVJpMpP4F6bC4vWrMqoEbJ07bXDZ50MJkXePlj1fTyXjVlxwv2664+JPICcYh/sbHu1gPu64sGKdr8RHjeX7U0AuHj3x9+Ya1jf1P7u87MDnpV1+uHXzFnNGvXDt2zG1/fWRHQf6v6Dr/hzMn/wMAAPDfkP/j43Stu/w/7Mj9Z+469dN1tZ/ZNvf4+G/UDnhX5Zo/NX/4c+uHTZ3Y69iVWwry/zV5hyzI/2HGIf+XRJeX/wEAAOCt7H+d/6sLxulad/l/2ZoRf592YdbEJ8Zd+OGZO4f88uCRaG/9iC+03P6B/bP7DWj4SUH+rywu//fKnXZ48pkw4SXlUVRZ/EkFAAAA8oT/d7/40ULI6+lPDuJ5fc75g5NuLn3w7EdmXzt029Ehu9rP/2PJ8k0XRjfPGF716acrNhTk/+ri8n/pm/NyAQAAgCI8tfgTN+2Mpk/6UPU9h/cv2P5I/bK1K5c2liWm/ntl2/X/au5dkP9risv/ZT3zcgAAAIBLOPSlbbtfm7msdXhz2fmtf3jtz49fPXz1gabKoyt/O7B0RWvt4oL8X1tc/u+X2WZWPqQ77Q9/hfBQeRT16XhQly78Jmr4ZLYAAAAAvEFCTv/nsbaRO68r+/VT339586zvfHvQ3m/NONj43Qn9b5n44IEZB56sLcj/dV3f/z/c6SCs/8+7/1/B+v+cQvquf2PdGAAAAIB3osL1/OH2+OlvLujs+/eLXf9/4xdbXzp++/yvtL97yE3LXr7tils/Nv7UH6ffmdw57q6SqVNfOl2Q/+uLy//J3O0b+f1/AAAAcBn+377/b3bBOF3r7v7/Mx+752j7X14YN2Jm49pFJ8dv/PG8Lc88trvq6nMLbu77wWeX7i3I/w3F5f+w7Z/78vaF83NveRRd1fEgczfBXWG6S2KFltKcQvrEx3rMCj0yhZaynEJKXazHqPIoen/Hg/pYYWAoNMQK7QMyha2xwrOhkLkesoXmWGFfuNI2DchMN17YEwqZBRYtYQVF/+ySiFiPVzrr0VG4ZI8XsgcHAAB4RwnhOZNlS/ObUTzKtiS626FfdzuUdLdDsrsdesV2iO/Y2fNRbX4hPH9+zRO/q/xoyWcP3XrHhOEjF667t2HsgeTcCdc/uaPvuRWnR68uyP9bi8v/4VT0Tm86W/8fhfX/me81zK7/rw2FilihJRRq4ncMqAnHSIfd9eEYFTWZHu1XZQsAAADwthY+F0j28DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgP+zde5xU1Z0g8NNNP2homhbjK2JsdW1Fh6ZBUT/BB2omGmBNo+zMuPhohEaRVhBhIq5RULObxMEoKlFnRmEVRlZx8AVkNQE1ooloNI5mRh1DMGrcjR/FiH6yxrif7lunqLrVZRcCSjvf7x9dp+p3nrceXefeW+cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/Max/9MYj/umiJ0eP2jBvwPJXDv/vH9YfumzRO//rT89ed9ve8763ftWSJZV/en7jSZO/c8PhjRtWTnghhJbOcmVJ8bLTF6/4waoLvvGtB0+76e5395y9tCpTbyYe+nb8Kc/cuTK2+tt+IawsC6EiHRhcmwQqM/drY30Da0PYKWwOZEu09UlKpBsOj9WEsDBsDmSr+lFNCLU5gXG/fGT1vI7E9TUh7B9CqE638e/VSRs16UBjVRLokw5Mq0gCH3ycyAZWlScB2GrxzZB90S9vyc9Q33W5Iq+/ym3Wsc9Xeni9YqK+eL63jt3OncpRlX6gZauetoLq2C4K3h5rvNt6wLutYDtf42nL/SKV+Yby8eZQdSif1DZ5wqz2mfGR8tDU1KtYTdvpeX5x4yUTtyTdY16HsQP12+R1+Pj5A+9c0Dhm15sf3jD59apnF2xtN4tt3u2tOmRecz3meYxG+jzpAW+/gm9JDb50hRBuP37T2799aez//dWDTw9+75tDzxrywitD627+7rR+f332/6m8ZerGgvl//SfP/+PLOd6W5+WOrX5Yl8zN4yO1MfF2XTI3BwAAgB6jJ+w1fWPEQW/Xrmt4eN+vr5h83qJ5r51+7p+rftp3wkEnnjL0+3fcOPW0gvl/Q2nH/+Mh/9rc0a4JYWRn4or+Ieze+XgSWBq7c1b/EPbpTLXkB45NBdaEsEdnYlC2qlSJ3rFEQyrwRl0mMDIVWBsDLanA4hi4JhW4MgaWpwITY2BNKnBcDIQp+eM4qC4zjpIDNTHQmmzE5fEshD/UxdZS2+qlbFUAAADbSGZ2WJl/N+dch63NEKeXy2u6yxDPwC6aoTpVQ3oGm51WFa2horsayrurITvuOZ88/IKay7qrueA0jLL8DO8deN/c1Q/8249vnHDYUwd92HrGy+tXPTp6U6+/e2fMjy8dN3/Y+IL5f/Mnz/+ru+hIWcHx/xDGdv6NucszkfZsvLUlLwMAAACwFSpeW3ryL+Z+VLbkZ+ds3P8vTxt3de8V++47YO3B9/2/hjcHHL9q/4L5/8jSzv+P+0R65WQO6+JuiKn9Q2jODyTVjigMJEe9+2YCAAAA0BNkj8dnj4VPydwmp2in59OF+Vu2MH888D+yy/yDx129rnn17adMGXHomjWbztj15WUbntpl/3deOPDk00+4f2rDPQXz/5bSzv/vk3+bdGJt7MV1/UPonRN4PPayI9CpIQbWH5MfyIx/bdwAV8WqMicmZKu6KpZojYHmVGBhsRLPZEvsnh/IPFnZxq/IjmNKpkROAAAAAD5zcXdAPC4fz/9/+tx+j/7jslsueXDJutD37OW/uOzo4QPnD+791rRnDnnkb989eWrB/L91y87/75wHF5ze3943hCEVIfRK/zBgXZ9kYcAYqC3LJH7cJ6mrV7qqy/uEMKJjYOmqNmTW/69IrzH4XE1SVQzsvu8dGxs7ErfXhDAkN/DC+EXDOxKzUoFs439VE8LeHaNNN76id9J4ZbrxG3uH8JWcQLaqib1D6GisKl3Vo9WZ6xikq1peHcLOOYFsVYdXhzA7ANBTxf+lk3IfvHD2xVMntLe3zdiOibgTvyZMntLe1jRxWvuk6iJ9mpTqc946RnMLx1TqpW9ezqxRdNeopv6lpLM/FGzObSuzI7/gzMHM/fhlqLJznMMq8+4ekh7ygfsVNhFyvkoVG3L5dh5yn9xKNj+JBfXH/FWhb+g968K2GU0XTZg5c8bQ5G+p2Yclf+NxpmRbDU1vqz5d9a2El0fR5bJSPu22asytZMjM86YPuXD2xYOnnDfh7Laz284/bPhhRxwx7NBDhw/pGFRz8rebkTZ2VXNqpB8vKnFY23CkX67IqeSz+NCQkJDoaYlVv9vj5aN3Wfq9FbcsnvHz9qPafv71nXces6Tqmy9suvSy/Z/+Hx8UzP+nf/L8P37qxA/+zPoMxY7/18fD/Mnjmw/zt8bAwlKP/9cXO5qfPTGgIRWYEwNzHOYHAADgiyHujox7M+NO6Ufm7/Yvd467b8z89Qc/ue65svV9Dv77D39fXnnZuP9yzAMNt333bwrm/3NK+/3/Nlr/P7t0/ahiy/wPiiWai63/n17mP7v+/5xi6/+nl/nPrv+/8HNY/39WNpDaJH+w/j8AAPBF8Nmt/9/t8v7pCwQUZOh2ef/0BQIKMnS7jH+pFwjY4vX/H2k4aORPVn/nN43LLpj2zn8bct/oAXs2/O6Rva6cNHXk6NEjBv9Lwfz/mtLm/xbuBwAAgB3HAROPfWrjpL2Pvfp/3rbTHj9p/fauh+3y/WVHts3ftH7i39z27jl/XTD/X1ja/P+zX/8vFDv/v6FYoKXYwoDW/wMAAKCHKrb+39Abv3X5q4uPu/+ey6eNam0dP/uKq/dbfUD1qeGl0fMb/mLGvR8VzP+Xlzb/j6ddlOfljr35sC5Z0y6k17R7uy77kwEAAADoGcpDU1NliXnzFkY99tO3+WJmKdBPSud68sH9nn/gqyNOnL+46urXynYb9vFT1888+Piv/fDVjXtdcse55+1XMP9fU9r8P+93GY+fP/DOBY1jdv3w5oc3TH696tkFm4//AwAAANtPqfslAAAAAAAAAAAAAACAz98JD//k6rcnLvnanIW/3PWnvcY+u3zDrDlNs2uvf/WH1/7qiDsfHlfw+/8wtrNcsd//x+v+xd8XfCkvd2y1+/X/MvfHjb57dueShevqQtgvNzD18qk7hcy1+Q/IDaw+fdBuHYnL0yUeeuW41zoSZ6YDJw4e8H5H4shUoDUukrhHOhCvqvh+v1QgLq/4XDoQt8fydKAqE/hev2QcZelt9WZtsq3K0tvqxdoQ+ucEsttqZW3SRll6gNenAtkBXpAOxAGelAmUp3t1d9+kVzFQG4ve2jfpFQAAO6z4LbAyTJ7S3tYcv8LH2y9X5N9GeUuWzS2stqzE5l/OLE1216im/qWke6W/i26+1nhlqO4YwtCCr6u5Wco6R7ltaulm032pyJC7W+2tvEi5tC3ddFXFR1STjKhp4rT2SZXdDvyQ7rMMq+g2y9CCyU5ulvLOTVpCLSX0pYQRlbhtSuhyvF8empp6pXJ9NQbrQ57uXhGl/l4/d52/Yq+C3DxPvtn+1BP//PzKfR7/89Nnf/BXk7596byzznj3yHOq/+E/lz39XwfuXDD/ry9t/l+dO673MxcDmBOvrDeifwitJY4IAAAAvvjOOf+V+d999No31rc0vjZtyLWr/3X2jRdX1C298i9ffOhvN42/+sytjb/58zv2eXjyhGe+dO4hy054fZ+DL2s88637/mLeuAev6nvLD+ff8YOC+X9DafP/uAcrcyg42duxJl7//4r+IXReWr8+CSyNwz2rfwj7dKZaYonkgvqjYonmJLA07jAZFEu0tuRX1TsGlqcCb9RlAmtSgbUxkNlLcUfI7Mq5ti6E4Z2psfklpscS9anAN2OgIRVoioHmVKBfDIxMBX7fLxNoSQWejIEwJX9b3dcvs60AAAC2RGaeVZl/N6TnecsrustQ1l2GPt1lKO8uQ3V3GYqNIt6/N2aoTJ28UpaTqTJda02qloIM8WL4W9yvggzhmfyc6YIFTcfzD7LnG5TlZ3jg5K/ec9WCyYPKf/XR2qWt790/ccWts49eec5Df/fEpH0X3XX93gXz/+bS5v998m+T1tfG+f/m6/8lgcdj966Lp443xMD6Y/IDmR0Da+Nk96psVS2ZEplJ+1WxxMgYaEgFpsfAyFSgdWwmsHC3/EBmpp1t/Ips41MyJXICAAAA8JmLOwjibpo4///jsmePeqxi0V3/+ur4u+6d89Y99/70nntuvXf07Zu+/twVF7970UcF8/+Rpc3/Y3t9cxu7Mvbmt/1CWFm2uTfZwODaJBD3Y9TGn8cPrA1hp5wdHNkSbX2SElWphsNjNckv1KvSVf2oJlljIN4f98tHVs/rSFxfE8L+OXtfsm38e3XSRk060FiVBPqkA9MqkkDc85MNrCpPArDVsnsF4wsqc6pLVn3X5Yq8/r4o1wRND69gH2gX+br6zdX2Up1+ILNPNWvLnraC6tguCt4ea7zbeuK7rd67LfeLVOYbysebQ9WhfFLb5Amz2mfGR3J/yVpgOz3Pub9SLSW9DV6Hcz59b7tXne5Ac+rjo7nrcl2/DstidY+fP/DOBY1jdr354Q2TX696dkHJ3Sgi/lD4maoB9bmbd3urDpnXXI/7PGnxedIT/w00eNpCCBsuPeG6kVXTr1g5+pAj93rttFOqZ7437+/vf+mBd/f9xxUTh31tQMH8v6W0+X9F6rbTH+PGvLB/CAfmbNx1cfMf3z/5HMwJJJ+SOxcGkkPur9YV/eQEAACAbS27uyO7v2BK5jY5ITw9Ty7M37KF+eP+ipFd5i+13z8adMpe9+9297hrTz3qpn/+zdh+G8e/uOSYFa1HNS49+mf/6cyaeQXz/9ZPnv/3TnXT8X/H/9lOHP/v0o6+K7p3+oE5W7UruqA6tgvH/7u0o7/bHP/vkuP/jv93xfH/bjj+36Ud/Wkr+JY03ZeuEMKwMWcMrr1r8BPvD1z96yeemvJvc1sn3PONq27Z8+Nv1y9eUL9r34L5//TS5v/W/+t60b7s+n+txdb/m15s/b851v8DAAC2qyILzaXneQWr9xVkSK/eV5Ch2wUCu11i0Pp/W7z+32NHHTl++ejFv16z95gDLus7d+6puzx504stM9+vue2D93f7xYGjCub/c0qb/8eXQ9/c1nvK+n8NY4tUdU0MTLcwIAAAADuiYjsIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HztfsN1449prj7pN8dfWjP6+w+tO6D6mldOvXTZhFsnfeX28wfNWrFkSeWfnt940uTv3HB444aVE14IYUpnubKkeNnpi1f8YNUF3/jWg6fddPe7e85eWp2ptzJzu2de7tjqh3UhLMx5pDYm3q7ruLM5MG703bMrOhLr6kLYLzcw9fKpO3UkFteFcEBuYPXpg3brSFyeLvHQK8e91pE4Mx04cfCA9zsSR2YCZenu/kO/pLtl6e7O6xdC/5xAtrvn9suvKtvGCZlAebqNf6pN2oiB2lj0xtqkjRhojyWm9A5hSEUIvdJV/aw6qapXuqr/XZ1U1Std1WXVIYwIIVSkq/p1VVJVRXrkz1QlVcXA7vvesbGxI7GoKoQhuYEXxi8a3pGYkQpkGz+lKoS9O14y6cbvq0war0w3fkNlCF8JIVSlS2yqSEpUpUtsqAhh55zA5o1YEcLswBdD/PSZlPvghbMvnjqhvb1txnZMVGXaqgmTp7S3NU2c1j6pOtWnYspy0h/P/fRjf3njJRM7bu8a1dS/lHRFplxlZ5eHVebdPWRH733sV5/cSjY/HwX1x/xVoW/oPevCthlNF02YOXPG0ORvqdmHJX97ZaLJthraU7ZVY24lQ2aeN33IhbMvHjzlvAlnt53ddv5hww874ohhhx46fEjHoJqTv9tipIs++5F+uSKnks/i/S8hIdHTEuV5n27NO/rneMEX/c0drQzVnR/QBdOK3CxlnaPcFoM+9lOO+NN8Tel2REMLJg4FWYZ1n+WQgsnE5iw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+9bW7F5X8xsulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/ZwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IFjAQAAAABh/tZh9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//y85Ijg=")
r0 = open(&(0x7f0000000100)='./bus\x00', 0x1eb142, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305828, &(0x7f00000003c0)={0x0, r0, 0x1, 0x40c007})
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000080)='./file0\x00', 0x2010050, &(0x7f0000000580)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="574ebc0e94989fcde4c7e6c29d5b7d84ea1d3b850bb44bd48bb9519bc17acbb165391925581f91c0647c1d56315d4d044e055c5842362d6e3547a65f0d1dc45f590e08b80c1182db21b765ab93d407000000a9415a11b2facb5efbeda5c99dab23a7176fd9bdcc116a308a7b3a9e3562550da7ba26451b761e0bc1c92c045eee"], 0xff, 0x2ce, &(0x7f0000000640)="$eJzs3M9LFH8cx/G3uu6uK7p7+PL98i2iN3UpgkG3e7CEUrRQqBtZEIw6W8tOu7IzGBuhduoa/REdxKM3oTp09dKtU5duHgo6JPRjYmdnddUVk9od0+cDdN7OzNvP58OM8hrBWb/17EEx7xh505XueK90iyzKhkiqVolUa5+6RCQudV0SlWaLcr7/87tT45O3r2Wy2ZEx1dHMxMW0qg6efvnw8fKZ127/zZXB1Zispe6uf0p/WPt37f/1HxP3C44WHC2VXTV1qvzejU7Zls4UnKKhesPzTMfSQunNpIh/vOyateN5uzw7W1WzNDOQmK1YjqNmqapFq6oSEalU1bxnFkpqGIYOJAT7iS2NjZkZv4wfuHm6DRPCb7uy68avVDJmj4j07To3t9SpWQEAgMNje/7Xnfnf1xVsa3u+e57X3H+w/L8a3SP/B/m+kf9tq57/Havi/lr+d8vq1vJ/hPx/ALmt/I8jq5b/E8HPr+/JneUhvyD/AwAAAAAAAAAAAAAAAAAAAADwN9jwvKTnecnGtvERC/4lvPF12PNEe3D9j7dxDQrVuIj9dC43lxOxe+s7N6+7JUOSlG/+/RCo16NXsyND6kvJK3sh6F+Yy/X4jZm8FMQWS4YlKanW/cP1ft3e3yuJ5v60JOWf1v3plv1ROXe2qd+QpLydlrLYMuPf11v988Oql69nd/T3+ecBAAAAAHAUGLqp5fO7Yex1vN6fyYv4z9f7/31gx/N1RE5Ewl07AAAAAADHhVN9VDRt26p0sIiLSPvHqq2us+tqUcxfCHP0sItk057GS6Q7Po1I86CxYBZtGuu/5y++/LlveGnl5NfwrmB4v5MAAAAAtMdW6N/7HO9jJ2cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDx04nXiYW9RgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCw+BkAAP//0b8mQA==")
r1 = open(&(0x7f0000000080)='./bus\x00', 0x105042, 0x0)
pwrite64(r1, &(0x7f0000000140)='+', 0x1, 0x4010000bffd)

1.920730181s ago: executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000740)={0x78, r1, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_SEC_KEY={0x64, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "723247a6c0b8922dadb7eca8fa93b1f4cc9829e02458208d388cd07b74d7cf56"}, @NL802154_KEY_ATTR_ID={0x20, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc}, @NL802154_KEY_ID_ATTR_INDEX={0x5}]}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "52491482bcf25ca337af363e4a4ac77c"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x8}]}]}, 0x78}}, 0x0)

1.914816447s ago: executing program 3:
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x32, 0x4, 0x0, 0x0, 0xc8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev, 0x20000}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52ae}, {@multicast2}]}, @noop, @noop, @noop, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

1.075591545s ago: executing program 1:
openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000600)={<r1=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r0, &(0x7f0000000080)={0x1, 0x10, 0xfa00, {&(0x7f0000000000), r1}}, 0x18)

0s ago: executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

block: blocknr=18446744073709551615, size=1024
[  320.615310][ T5967] infiniband syz1: set active
[  320.620258][ T5967] infiniband syz1: added vcan0
[  320.671247][ T3373] NILFS (loop3): discard dirty page: offset=0, ino=3
[  320.678201][ T3373] NILFS (loop3): discard dirty block: blocknr=42, size=1024
[  320.685815][ T3373] NILFS (loop3): discard dirty block: blocknr=43, size=1024
[  320.693951][ T3373] NILFS (loop3): discard dirty block: blocknr=44, size=1024
[  320.701581][ T3373] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  320.710708][ T3373] NILFS (loop3): discard dirty page: offset=65536, ino=3
[  320.714239][   T10] vcan0 speed is unknown, defaulting to 1000
[  320.717956][ T3373] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  320.741610][ T3373] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  320.750714][ T3373] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  320.758458][ T3373] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  320.767648][ T3373] NILFS (loop3): discard dirty page: offset=196608, ino=3
[  320.775065][ T3373] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  320.784233][ T3373] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  320.793381][ T3373] NILFS (loop3): discard dirty block: blocknr=49, size=1024
[  320.803977][ T3373] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  320.813595][ T3373] NILFS (loop3): discard dirty page: offset=229376, ino=3
[  320.821022][ T3373] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  320.836445][ T3373] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  320.847778][ T3373] NILFS (loop3): discard dirty block: blocknr=50, size=1024
[  320.855389][ T3373] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  321.016729][ T5967] RDS/IB: syz1: added
[  321.021406][ T5967] smc: adding ib device syz1 with port count 1
[  321.027789][ T5967] smc:    ib device syz1 port 1 has pnetid 
[  321.042862][ T5967] vcan0 speed is unknown, defaulting to 1000
[  321.525341][ T5967] vcan0 speed is unknown, defaulting to 1000
[  321.670637][ T5085] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer
[  321.688964][ T5085] NILFS (loop3): discard dirty page: offset=0, ino=6
[  321.691599][  T782] vcan0 speed is unknown, defaulting to 1000
[  321.696424][ T5085] NILFS (loop3): discard dirty block: blocknr=35, size=1024
[  321.709625][ T5085] NILFS (loop3): discard dirty block: blocknr=36, size=1024
[  321.717375][ T5085] NILFS (loop3): discard dirty block: blocknr=37, size=1024
[  321.726649][ T5085] NILFS (loop3): discard dirty block: blocknr=38, size=1024
[  321.815160][ T5085] NILFS (loop3): discard dirty page: offset=0, ino=5
[  321.822645][ T5085] NILFS (loop3): discard dirty block: blocknr=41, size=1024
[  321.830186][ T5085] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  321.839483][ T5085] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  321.848885][ T5085] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  321.899686][ T5085] NILFS (loop3): discard dirty page: offset=0, ino=4
[  321.907042][ T5085] NILFS (loop3): discard dirty block: blocknr=40, size=1024
[  321.914812][ T5085] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  321.924046][ T5085] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  321.933366][ T5085] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  322.269605][ T5967] vcan0 speed is unknown, defaulting to 1000
[  322.741894][ T5967] vcan0 speed is unknown, defaulting to 1000
[  323.219782][ T5967] vcan0 speed is unknown, defaulting to 1000
[  323.457941][ T5989] loop2: detected capacity change from 0 to 512
[  323.706653][ T5967] vcan0 speed is unknown, defaulting to 1000
[  323.969365][ T5989] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  324.198384][ T5989] EXT4-fs (loop2): 1 truncate cleaned up
[  324.204680][ T5989] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.251261][  T782] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  324.366564][ T5993] loop3: detected capacity change from 0 to 2048
[  324.558410][ T5993] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.571488][ T5993] ext4 filesystem being mounted at /root/syzkaller-testdir3354861071/syzkaller.2bo4Zd/47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  324.624046][  T782] usb 1-1: device descriptor read/all, error -71
[  324.676092][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.783982][ T5993] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor.3: bg 0: block 345: padding at end of block bitmap is not set
[  324.881201][ T5993] fs-verity (loop3, inode 13): Error -117 writing Merkle tree block 0
[  324.889831][ T5993] fs-verity (loop3, inode 13): Error -117 building Merkle tree
[  325.195708][ T5993] syz-executor.3 (5993) used greatest stack depth: 4152 bytes left
[  325.265409][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.634597][ T6002] loop1: detected capacity change from 0 to 4096
[  325.843161][ T6002] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  325.898801][ T6002] ntfs3: loop1: Failed to load $MFT (-2).
[  326.718347][   T50] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  326.728174][   T50] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  326.740385][   T50] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  326.760345][   T50] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  326.788729][   T50] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  326.802524][   T50] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  326.842160][ T5127] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  326.926674][ T6022] vcan0 speed is unknown, defaulting to 1000
[  327.662318][ T5127] usb 4-1: Using ep0 maxpacket: 8
[  327.805739][ T5127] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  327.818138][ T5127] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  327.829631][ T5127] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  327.842974][ T5127] usb 4-1: New USB device found, idVendor=2179, idProduct=0053, bcdDevice= 0.00
[  327.852374][ T5127] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.928560][ T5127] usb 4-1: config 0 descriptor??
[  328.323357][ T6022] chnl_net:caif_netlink_parms(): no params data found
[  328.426872][ T5127] uclogic 0003:2179:0053.0002: interface is invalid, ignoring
[  328.677889][ T6037] loop1: detected capacity change from 0 to 2048
[  328.758547][ T6037]  loop1: p4 < >
[  328.841979][ T5073] Bluetooth: hci6: command tx timeout
[  328.849151][ T6043] loop2: detected capacity change from 0 to 512
[  328.961809][ T5127] usb 4-1: USB disconnect, device number 5
[  328.965263][ T6043] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  329.069999][ T6038] input: syz1 as /devices/virtual/input/input7
[  329.149624][ T6043] EXT4-fs (loop2): 1 truncate cleaned up
[  329.155833][ T6043] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  329.307652][ T6022] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.318166][ T6022] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.333427][ T6022] bridge_slave_0: entered allmulticast mode
[  329.343269][ T6022] bridge_slave_0: entered promiscuous mode
[  329.441315][ T6022] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.449283][ T6022] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.457699][ T6022] bridge_slave_1: entered allmulticast mode
[  329.467388][ T6022] bridge_slave_1: entered promiscuous mode
[  329.622746][ T6037] loop1: detected capacity change from 0 to 1024
[  329.818575][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.938378][ T6022] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  330.032251][ T6022] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  330.314524][ T6022] team0: Port device team_slave_0 added
[  330.381538][ T6022] team0: Port device team_slave_1 added
[  330.650048][ T6022] batman_adv: batadv0: Adding interface: batadv_slave_0
[  330.663976][ T6022] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.693481][ T6022] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  330.839420][ T6022] batman_adv: batadv0: Adding interface: batadv_slave_1
[  330.847453][ T6022] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  330.882058][ T6022] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  331.071822][ T5073] Bluetooth: hci6: command 0x041b tx timeout
[  331.379351][ T6022] hsr_slave_0: entered promiscuous mode
[  331.417874][ T6022] hsr_slave_1: entered promiscuous mode
[  331.461696][ T6022] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  331.469574][ T6022] Cannot create hsr debugfs directory
[  332.416227][ T6022] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.552076][ T6082] TCP: MD5 Hash failed for 172.20.20.187.0->172.20.20.170.20002 []  L3 index 0
[  332.557716][ T6081] loop3: detected capacity change from 0 to 128
[  332.583787][ T6022] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.754077][ T6022] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  332.915406][ T6085] input: syz1 as /devices/virtual/input/input8
[  333.048477][ T6022] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  333.356744][ T6084] Bluetooth: hci6: command 0x041b tx timeout
[  333.422535][ T6022] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  333.448646][ T6089] loop1: detected capacity change from 0 to 1024
[  333.511037][ T6022] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  333.611094][ T6022] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  333.642269][ T3475] hfsplus: b-tree write err: -5, ino 4
[  333.704634][ T6022] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  334.170170][ T6076] Bluetooth: hci0: command 0x0406 tx timeout
[  334.176777][ T6076] Bluetooth: hci1: command 0x0406 tx timeout
[  334.177655][ T6084] Bluetooth: hci4: command 0x0406 tx timeout
[  334.185692][ T6076] Bluetooth: hci3: command 0x0406 tx timeout
[  334.189510][   T10] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  334.711160][   T10] usb 3-1: config 0 has an invalid interface number: 3 but max is 0
[  334.712954][ T6101] loop1: detected capacity change from 0 to 2048
[  334.719365][   T10] usb 3-1: config 0 has no interface number 0
[  334.733784][   T10] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  334.743480][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.829051][ T6022] 8021q: adding VLAN 0 to HW filter on device bond0
[  334.843039][   T10] usb 3-1: config 0 descriptor??
[  334.918854][   T10] cp210x 3-1:0.3: cp210x converter detected
[  334.994649][ T6022] 8021q: adding VLAN 0 to HW filter on device team0
[  335.017341][ T6101] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  335.030424][ T6101] ext4 filesystem being mounted at /root/syzkaller-testdir2840162671/syzkaller.Naclv6/58/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  335.135408][ T4539] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.143147][ T4539] bridge0: port 1(bridge_slave_0) entered forwarding state
[  335.260765][ T6101] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz-executor.1: bg 0: block 345: padding at end of block bitmap is not set
[  335.266643][ T4539] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.283518][ T4539] bridge0: port 2(bridge_slave_1) entered forwarding state
[  335.380147][ T6101] fs-verity (loop1, inode 13): Error -117 writing Merkle tree block 0
[  335.389257][ T6101] fs-verity (loop1, inode 13): Error -117 building Merkle tree
[  335.405814][   T10] cp210x 3-1:0.3: failed to get vendor val 0x000e size 3: -32
[  335.568601][ T4427] Bluetooth: hci6: command 0x041b tx timeout
[  335.616065][ T6108] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  335.686470][   T10] cp210x 3-1:0.3: GPIO initialisation failed: -19
[  335.740667][   T10] usb 3-1: cp210x converter now attached to ttyUSB0
[  335.804375][ T5070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.023072][ T5124] usb 3-1: USB disconnect, device number 8
[  336.090547][ T5124] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  336.106263][ T5124] cp210x 3-1:0.3: device disconnected
[  337.002601][ T6022] 8021q: adding VLAN 0 to HW filter on device batadv0
[  337.461392][ T6022] veth0_vlan: entered promiscuous mode
[  337.565713][ T6022] veth1_vlan: entered promiscuous mode
[  337.799727][ T6022] veth0_macvtap: entered promiscuous mode
[  337.827646][ T4427] Bluetooth: hci6: command 0x041b tx timeout
[  337.875990][ T6022] veth1_macvtap: entered promiscuous mode
[  337.938682][ T6022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.950541][ T6022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.960738][ T6022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  337.971410][ T6022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  337.988597][ T6022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.001712][ T6022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.011847][ T6022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.022704][ T6022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.033144][ T6022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.043971][ T6022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.059235][ T6022] batman_adv: batadv0: Interface activated: batadv_slave_0
[  338.184698][ T6022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.200710][ T6022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.212357][ T6022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.223306][ T6022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.233487][ T6022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.244334][ T6022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.254529][ T6022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.265387][ T6022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.275612][ T6022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  338.286636][ T6022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.301674][ T6022] batman_adv: batadv0: Interface activated: batadv_slave_1
[  338.468763][ T6022] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  338.478184][ T6022] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  338.487359][ T6022] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  338.496594][ T6022] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  338.877292][ T6138] loop2: detected capacity change from 0 to 128
[  339.128618][ T6140] input: syz1 as /devices/virtual/input/input9
[  340.062906][ T5073] Bluetooth: hci6: command 0x041b tx timeout
[  340.632613][ T6156] kvm: emulating exchange as write
[  341.973929][   T29] audit: type=1326 audit(1717385258.303:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f222327cee9 code=0x7ffc0000
[  341.996808][    C0] vkms_vblank_simulate: vblank timer overrun
[  342.003804][   T29] audit: type=1326 audit(1717385258.303:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f222327cee9 code=0x7ffc0000
[  342.027165][   T29] audit: type=1326 audit(1717385258.312:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7f222327cee9 code=0x7ffc0000
[  342.050097][    C0] vkms_vblank_simulate: vblank timer overrun
[  342.056895][   T29] audit: type=1326 audit(1717385258.312:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f222327cee9 code=0x7ffc0000
[  342.084406][   T29] audit: type=1326 audit(1717385258.312:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f222327cee9 code=0x7ffc0000
[  342.109029][   T29] audit: type=1326 audit(1717385258.312:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f222327cee9 code=0x7ffc0000
[  342.132360][   T29] audit: type=1326 audit(1717385258.312:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f222327cee9 code=0x7ffc0000
[  342.316655][ T4427] Bluetooth: hci6: command 0x041b tx timeout
[  342.324896][ T6168] loop2: detected capacity change from 0 to 2048
[  342.420808][ T6174] syz-executor.3: attempt to access beyond end of device
[  342.420808][ T6174] loop7: rw=4096, sector=2, nr_sectors = 2 limit=0
[  342.435900][ T6174] EXT4-fs (loop7): unable to read superblock
[  342.459735][ T6168] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  342.472570][ T6168] ext4 filesystem being mounted at /root/syzkaller-testdir1617202194/syzkaller.0DRgnD/66/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  342.615652][ T6168] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor.2: bg 0: block 345: padding at end of block bitmap is not set
[  342.683497][ T5124] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  342.709398][ T6168] fs-verity (loop2, inode 13): Error -117 writing Merkle tree block 0
[  342.718253][ T6168] fs-verity (loop2, inode 13): Error -117 building Merkle tree
[  343.047421][ T1221] ieee802154 phy0 wpan0: encryption failed: -22
[  343.054191][ T1221] ieee802154 phy1 wpan1: encryption failed: -22
[  343.122852][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.248555][ T5124] usb 2-1: config 0 has an invalid interface number: 3 but max is 0
[  343.256964][ T5124] usb 2-1: config 0 has no interface number 0
[  343.263677][ T5124] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  343.273962][ T5124] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  343.343575][ T5124] usb 2-1: config 0 descriptor??
[  343.406015][ T5124] cp210x 2-1:0.3: cp210x converter detected
[  343.762307][ T6189] loop2: detected capacity change from 0 to 764
[  343.807267][ T6189] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  343.917557][ T5124] cp210x 2-1:0.3: failed to get vendor val 0x000e size 3: -32
[  344.002027][ T4427] Bluetooth: hci4: unexpected event for opcode 0x040e
[  344.225694][ T5124] cp210x 2-1:0.3: GPIO initialisation failed: -19
[  344.275498][ T5124] usb 2-1: cp210x converter now attached to ttyUSB0
[  344.480311][ T5129] usb 2-1: USB disconnect, device number 7
[  344.492079][ T5129] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  344.501137][ T5129] cp210x 2-1:0.3: device disconnected
[  344.596720][   T34] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  344.605139][   T34] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  344.833533][ T5125] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  344.841984][ T5125] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  345.346374][ T6204] 9pnet_fd: Insufficient options for proto=fd
[  345.499391][ T6205] input: syz1 as /devices/virtual/input/input10
[  345.554638][ T6208] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.2'.
[  347.013941][ T6222] loop2: detected capacity change from 0 to 2048
[  347.057214][   T29] audit: type=1800 audit(1717385263.048:24): pid=6227 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="sda1" ino=1965 res=0 errno=0
[  347.163516][ T6222] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  347.176782][ T6222] ext4 filesystem being mounted at /root/syzkaller-testdir1617202194/syzkaller.0DRgnD/71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  347.605538][ T5073] Bluetooth: hci6: command 0x041b tx timeout
[  347.719061][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.688196][ T6253] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  348.987276][ T6257] vlan2: entered promiscuous mode
[  348.993417][ T6257] veth0_virt_wifi: entered promiscuous mode
[  349.000492][ T6257] vlan2: entered allmulticast mode
[  349.006035][ T6257] veth0_virt_wifi: entered allmulticast mode
[  349.752100][ T6263] loop1: detected capacity change from 0 to 1024
[  349.810637][ T6263] EXT4-fs: Ignoring removed i_version option
[  349.868183][ T6263] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  350.084516][ T6263] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.126213][ T6263] dccp_v6_rcv: dropped packet with invalid checksum
[  350.142992][ T6265] loop3: detected capacity change from 0 to 512
[  350.158040][ T6265] EXT4-fs: Ignoring removed mblk_io_submit option
[  350.195839][ T6269] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  350.213843][ T6265] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  350.279519][ T6265] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #13: comm syz-executor.3: attempt to clear invalid blocks 2 len 1
[  350.432890][ T6265] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1216: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  350.448148][ T6265] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor.3: invalid indirect mapped block 1819239214 (level 0)
[  350.529815][ T6265] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz-executor.3: invalid indirect mapped block 1819239214 (level 1)
[  350.570728][ T5070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.658943][ T6265] EXT4-fs (loop3): 1 truncate cleaned up
[  350.664882][ T6265] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  350.690006][ T6265] EXT4-fs error (device loop3): ext4_find_dest_de:2111: inode #2: block 13: comm syz-executor.3: bad entry in directory: rec_len % 4 != 0 - offset=108, inode=4294901777, rec_len=65535, size=1024 fake=0
[  351.043934][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.058407][ T6276] loop2: detected capacity change from 0 to 2048
[  351.206418][ T6276] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.219280][ T6276] ext4 filesystem being mounted at /root/syzkaller-testdir1617202194/syzkaller.0DRgnD/74/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  351.326755][ T6276] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor.2: bg 0: block 345: padding at end of block bitmap is not set
[  351.420404][ T6282] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  351.452257][ T6276] fs-verity (loop2, inode 13): Error -117 writing Merkle tree block 0
[  351.461440][ T6276] fs-verity (loop2, inode 13): Error -117 building Merkle tree
[  351.522025][ T6282] tap0: tun_chr_ioctl cmd 1074812118
[  351.665830][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.116932][ T6289] loop3: detected capacity change from 0 to 64
[  352.750768][ T5124] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  353.205567][ T5124] usb 1-1: config 45 has too many interfaces: 194, using maximum allowed: 32
[  353.214688][ T5124] usb 1-1: config 45 has 1 interface, different from the descriptor's value: 194
[  353.224302][ T5124] usb 1-1: config 45 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 32937, setting to 1024
[  353.236310][ T5124] usb 1-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  353.245808][ T5124] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.378795][ T6305] loop1: detected capacity change from 0 to 128
[  353.454554][ T6303] netlink: 'syz-executor.3': attribute type 11 has an invalid length.
[  353.684619][   T29] audit: type=1800 audit(1717385269.149:25): pid=6308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="sda1" ino=1967 res=0 errno=0
[  354.034533][ T5124] uclogic 0003:5543:0042.0003: No inputs registered, leaving
[  354.096395][ T5124] uclogic 0003:5543:0042.0003: hidraw0: USB HID v0.00 Device [HID 5543:0042] on usb-dummy_hcd.0-1/input0
[  354.267444][ T5124] usb 1-1: USB disconnect, device number 7
[  354.554988][ T6313] loop3: detected capacity change from 0 to 2048
[  354.780358][ T6313] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  354.793141][ T6313] ext4 filesystem being mounted at /root/syzkaller-testdir3354861071/syzkaller.2bo4Zd/64/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.379125][ T6315] loop1: detected capacity change from 0 to 40427
[  355.451869][ T6315] F2FS-fs (loop1): invalid crc value
[  355.568550][ T6315] F2FS-fs (loop1): Found nat_bits in checkpoint
[  355.586801][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.903204][ T6315] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  357.149334][ T6329] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ0
[  357.625430][ T6338] netlink: 196 bytes leftover after parsing attributes in process `syz-executor.3'.
[  358.036813][ T5129] usb 4-1: new low-speed USB device number 6 using dummy_hcd
[  358.194965][ T6345] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  358.221251][ T6345] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  358.261826][ T6345] infiniband sy: RDMA CMA: cma_listen_on_dev, error -98
[  358.366117][ T6347] loop1: detected capacity change from 0 to 512
[  358.427439][ T5129] usb 4-1: device descriptor read/64, error -71
[  358.477323][ T6347] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 0
[  358.763346][ T5129] usb 4-1: new low-speed USB device number 7 using dummy_hcd
[  359.011926][ T5129] usb 4-1: device descriptor read/64, error -71
[  359.176113][ T5129] usb usb4-port1: attempt power cycle
[  359.285751][ T6356] loop2: detected capacity change from 0 to 2048
[  359.525986][ T6356] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  359.539115][ T6356] ext4 filesystem being mounted at /root/syzkaller-testdir1617202194/syzkaller.0DRgnD/80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  359.622001][ T6358] loop0: detected capacity change from 0 to 4096
[  359.645952][ T5129] usb 4-1: new low-speed USB device number 8 using dummy_hcd
[  359.650197][ T6356] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz-executor.2: bg 0: block 345: padding at end of block bitmap is not set
[  359.802782][ T6356] fs-verity (loop2, inode 13): Error -117 writing Merkle tree block 0
[  359.811418][ T6356] fs-verity (loop2, inode 13): Error -117 building Merkle tree
[  359.814094][ T6363] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  359.847593][ T5129] usb 4-1: device descriptor read/8, error -71
[  360.025307][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.182183][ T5129] usb 4-1: new low-speed USB device number 9 using dummy_hcd
[  360.336362][ T5129] usb 4-1: device descriptor read/8, error -71
[  360.490459][ T5129] usb usb4-port1: unable to enumerate USB device
[  360.506092][ T6368] siw: device registration error -23
[  361.644265][    C1] sched: RT throttling activated
[  362.512556][ T6385] loop0: detected capacity change from 0 to 64
[  362.955817][ T5121] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  363.188650][ T6396] loop0: detected capacity change from 0 to 2048
[  363.205897][ T5121] usb 3-1: device descriptor read/64, error -71
[  363.290983][ T6396] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  363.305131][ T6396] ext4 filesystem being mounted at /root/syzkaller-testdir1471832815/syzkaller.76qk8Q/15/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  363.464100][ T6022] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.551584][ T5121] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  363.775968][ T5121] usb 3-1: device descriptor read/64, error -71
[  363.957602][ T5121] usb usb3-port1: attempt power cycle
[  364.301161][ T6408] loop0: detected capacity change from 0 to 64
[  364.429316][ T5121] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  364.481443][ T4427] Bluetooth: hci5: ACL packet for unknown connection handle 457
[  364.526703][ T5124] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  364.540179][ T5121] usb 3-1: device descriptor read/8, error -71
[  364.873856][ T5121] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  364.949804][ T5124] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  364.959413][ T5124] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.023668][ T5121] usb 3-1: device descriptor read/8, error -71
[  365.097539][ T5124] usb 2-1: config 0 descriptor??
[  365.259678][ T5121] usb usb3-port1: unable to enumerate USB device
[  365.321795][ T5124] cp210x 2-1:0.0: cp210x converter detected
[  365.735829][ T5124] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32
[  365.832437][ T5124] cp210x 2-1:0.0: failed to get vendor val 0x370c size 73: -71
[  365.840682][ T5124] cp210x 2-1:0.0: GPIO initialisation failed: -71
[  365.956128][ T5124] usb 2-1: cp210x converter now attached to ttyUSB0
[  366.026644][ T5124] usb 2-1: USB disconnect, device number 8
[  366.107019][ T5124] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  366.116243][ T5124] cp210x 2-1:0.0: device disconnected
[  367.470865][ T6418] loop2: detected capacity change from 0 to 32768
[  367.508923][ T6418] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (6418)
[  367.528827][ T6418] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  367.539929][ T6418] BTRFS info (device loop2): using sha256 (sha256-generic) checksum algorithm
[  367.551328][ T6418] BTRFS info (device loop2): using free-space-tree
[  367.841969][ T6438] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  368.538086][ T5087] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  368.651687][ T6445] loop3: detected capacity change from 0 to 2048
[  368.845941][ T6445] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  368.858755][ T6445] ext4 filesystem being mounted at /root/syzkaller-testdir3354861071/syzkaller.2bo4Zd/69/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  368.972264][ T6443] loop0: detected capacity change from 0 to 32768
[  368.982386][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.132019][ T6443] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  369.748064][ T6443] XFS (loop0): Ending clean mount
[  369.767860][ T6443] XFS (loop0): Quotacheck needed: Please wait.
[  369.864705][ T6443] XFS (loop0): Quotacheck: Done.
[  369.987154][   T29] audit: type=1800 audit(1717385284.166:26): pid=6443 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=9291 res=0 errno=0
[  370.074055][ T6022] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  370.335584][ T6463] loop3: detected capacity change from 0 to 4096
[  370.383327][ T6463] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  370.694996][ T6463] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  371.215600][ T5125] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  371.679283][ T5125] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  371.689695][ T5125] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  371.767888][ T5125] usb 2-1: config 0 descriptor??
[  371.845186][ T5125] cp210x 2-1:0.0: cp210x converter detected
[  371.898015][   T34] ntfs3: loop3: ino=5, ntfs3_write_inode failed, -22.
[  372.141263][ T6480] loop0: detected capacity change from 0 to 64
[  372.273964][ T5124] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  372.327614][ T5125] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32
[  372.469333][ T5125] cp210x 2-1:0.0: failed to get vendor val 0x370c size 73: -71
[  372.486089][ T5125] cp210x 2-1:0.0: GPIO initialisation failed: -71
[  372.534476][ T5125] usb 2-1: cp210x converter now attached to ttyUSB0
[  372.568430][ T5125] usb 2-1: USB disconnect, device number 9
[  372.580649][ T5125] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  372.599844][ T5125] cp210x 2-1:0.0: device disconnected
[  372.718145][ T5124] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  372.729692][ T5124] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  372.739187][ T5124] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.795247][ T5124] usb 3-1: config 0 descriptor??
[  372.996829][   T29] audit: type=1326 audit(1717385286.991:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6486 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6bb787cee9 code=0x0
[  373.043177][ T6489] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  373.292818][ T6478] bond0: Unable to set down delay as MII monitoring is disabled
[  373.603964][ T5124] keytouch 0003:0926:3333.0004: fixing up Keytouch IEC report descriptor
[  373.646721][ T6493] loop0: detected capacity change from 0 to 2048
[  373.694865][ T5124] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0004/input/input11
[  373.818131][ T6493] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  373.832710][ T6493] ext4 filesystem being mounted at /root/syzkaller-testdir1471832815/syzkaller.76qk8Q/22/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  373.967721][ T6022] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  373.979505][ T5124] keytouch 0003:0926:3333.0004: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  374.395876][ T6503] loop3: detected capacity change from 0 to 1024
[  374.456829][ T6503] hfsplus: invalid btree extent records (0 size)
[  374.463891][ T6503] hfsplus: failed to load extents file
[  374.542374][ T5124] usb 3-1: USB disconnect, device number 13
[  375.462665][ T6503] loop3: detected capacity change from 0 to 32768
[  375.516132][   T29] audit: type=1326 audit(1717385289.289:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770427cee9 code=0x7ffc0000
[  375.540246][   T29] audit: type=1326 audit(1717385289.317:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770427cee9 code=0x7ffc0000
[  375.563480][   T29] audit: type=1326 audit(1717385289.317:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770427cee9 code=0x7ffc0000
[  375.592719][   T29] audit: type=1326 audit(1717385289.354:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f770427cee9 code=0x7ffc0000
[  375.731957][ T6503] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  375.750826][   T29] audit: type=1326 audit(1717385289.464:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770427cee9 code=0x7ffc0000
[  375.774330][   T29] audit: type=1326 audit(1717385289.464:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770427cee9 code=0x7ffc0000
[  375.797678][   T29] audit: type=1326 audit(1717385289.464:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f770427cee9 code=0x7ffc0000
[  375.828315][   T29] audit: type=1326 audit(1717385289.483:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770427cee9 code=0x7ffc0000
[  375.852184][   T29] audit: type=1326 audit(1717385289.483:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f770427cee9 code=0x7ffc0000
[  375.875455][   T29] audit: type=1326 audit(1717385289.492:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6509 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f770427cee9 code=0x7ffc0000
[  376.863138][ T6531] loop2: detected capacity change from 0 to 256
[  376.903084][ T6518] ALSA: mixer_oss: invalid OSS volume '0'
[  377.266053][ T6503] XFS (loop3): Ending clean mount
[  377.282630][ T6503] XFS (loop3): Quotacheck needed: Please wait.
[  377.374515][ T6536] loop0: detected capacity change from 0 to 2048
[  377.481532][ T6536] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  377.494440][ T6536] ext4 filesystem being mounted at /root/syzkaller-testdir1471832815/syzkaller.76qk8Q/25/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  377.522133][ T6503] XFS (loop3): Quotacheck: Done.
[  377.612134][ T5124] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  377.662212][ T6022] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.675534][ T5085] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  378.071352][ T5124] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  378.081095][ T5124] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  378.104792][ T5124] usb 2-1: config 0 descriptor??
[  378.153223][ T5124] cp210x 2-1:0.0: cp210x converter detected
[  378.784903][ T5124] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32
[  378.798442][   T10] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  379.228867][   T10] usb 1-1: config 0 has an invalid interface number: 31 but max is 2
[  379.237268][   T10] usb 1-1: config 0 has an invalid interface number: 31 but max is 2
[  379.251887][   T10] usb 1-1: config 0 has an invalid interface number: 31 but max is 2
[  379.262154][   T10] usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 3
[  379.271758][   T10] usb 1-1: config 0 has no interface number 1
[  379.278120][   T10] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  379.289212][   T10] usb 1-1: too many endpoints for config 0 interface 31 altsetting 115: 243, using maximum allowed: 30
[  379.300727][   T10] usb 1-1: config 0 interface 31 altsetting 115 has 0 endpoint descriptors, different from the interface descriptor's value: 243
[  379.314601][   T10] usb 1-1: config 0 interface 31 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  379.324798][   T10] usb 1-1: config 0 interface 31 has no altsetting 1
[  379.331919][   T10] usb 1-1: config 0 interface 31 has no altsetting 2
[  379.619544][   T10] usb 1-1: New USB device found, idVendor=1163, idProduct=0200, bcdDevice=d5.25
[  379.628943][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.637505][   T10] usb 1-1: Product: syz
[  379.642065][   T10] usb 1-1: Manufacturer: syz
[  379.646903][   T10] usb 1-1: SerialNumber: syz
[  379.682008][   T10] usb 1-1: config 0 descriptor??
[  379.748982][   T10] cypress_m8 1-1:0.0: DeLorme Earthmate USB converter detected
[  379.758734][   T10] earthmate ttyUSB0: required endpoint is missing
[  379.772882][   T10] cypress_m8 1-1:0.31: DeLorme Earthmate USB converter detected
[  379.782753][   T10] earthmate ttyUSB1: required endpoint is missing
[  380.263056][ T6579] capability: warning: `syz-executor.3' uses 32-bit capabilities (legacy support in use)
[  381.205556][ T6547] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  381.261749][ T6554] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  381.386631][ T5124] cp210x 2-1:0.0: failed to get vendor val 0x370c size 73: -71
[  381.394615][ T5124] cp210x 2-1:0.0: GPIO initialisation failed: -71
[  381.443990][ T5124] usb 2-1: cp210x converter now attached to ttyUSB2
[  381.488560][ T5124] usb 2-1: USB disconnect, device number 10
[  381.502867][ T5124] cp210x ttyUSB2: cp210x converter now disconnected from ttyUSB2
[  381.512022][ T5124] cp210x 2-1:0.0: device disconnected
[  381.569915][ T5127] usb 1-1: USB disconnect, device number 8
[  381.583303][ T5127] cypress_m8 1-1:0.0: device disconnected
[  381.594309][ T5127] cypress_m8 1-1:0.31: device disconnected
[  381.885331][ T6590] loop2: detected capacity change from 0 to 2048
[  381.974316][ T6590] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.987261][ T6590] ext4 filesystem being mounted at /root/syzkaller-testdir1617202194/syzkaller.0DRgnD/92/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  382.156871][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.631202][ T4539] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  384.214869][ T4539] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  384.224773][ T4539] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.271984][ T4539] usb 1-1: config 0 descriptor??
[  384.435261][ T4539] cp210x 1-1:0.0: cp210x converter detected
[  384.899018][ T4539] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  384.977876][ T6640] loop3: detected capacity change from 0 to 2048
[  385.110526][ T6640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  385.129745][ T6640] ext4 filesystem being mounted at /root/syzkaller-testdir3354861071/syzkaller.2bo4Zd/82/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  385.206616][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  385.206959][ T4539] cp210x 1-1:0.0: failed to get vendor val 0x370c size 73: -71
[  385.223928][ T4539] cp210x 1-1:0.0: GPIO initialisation failed: -71
[  385.287164][ T4539] usb 1-1: cp210x converter now attached to ttyUSB0
[  385.311059][ T4539] usb 1-1: USB disconnect, device number 9
[  385.357314][ T4539] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  385.366365][ T4539] cp210x 1-1:0.0: device disconnected
[  385.416867][ T5127] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  385.910532][ T5127] usb 3-1: config 0 has an invalid interface number: 31 but max is 2
[  385.920774][ T5127] usb 3-1: config 0 has an invalid interface number: 31 but max is 2
[  385.929551][ T5127] usb 3-1: config 0 has an invalid interface number: 31 but max is 2
[  385.937978][ T5127] usb 3-1: config 0 has 2 interfaces, different from the descriptor's value: 3
[  385.947273][ T5127] usb 3-1: config 0 has no interface number 1
[  385.953719][ T5127] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  385.965405][ T5127] usb 3-1: too many endpoints for config 0 interface 31 altsetting 115: 243, using maximum allowed: 30
[  385.976879][ T5127] usb 3-1: config 0 interface 31 altsetting 115 has 0 endpoint descriptors, different from the interface descriptor's value: 243
[  385.990639][ T5127] usb 3-1: config 0 interface 31 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  386.000804][ T5127] usb 3-1: config 0 interface 31 has no altsetting 1
[  386.007876][ T5127] usb 3-1: config 0 interface 31 has no altsetting 2
[  386.060071][ T6654] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  386.243410][ T5127] usb 3-1: New USB device found, idVendor=1163, idProduct=0200, bcdDevice=d5.25
[  386.253512][ T5127] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.261988][ T5127] usb 3-1: Product: syz
[  386.266485][ T5127] usb 3-1: Manufacturer: syz
[  386.271393][ T5127] usb 3-1: SerialNumber: syz
[  386.322924][ T5127] usb 3-1: config 0 descriptor??
[  386.390784][ T5127] cypress_m8 3-1:0.0: DeLorme Earthmate USB converter detected
[  386.402366][ T5127] earthmate ttyUSB0: required endpoint is missing
[  386.415582][ T5127] cypress_m8 3-1:0.31: DeLorme Earthmate USB converter detected
[  386.425290][ T5127] earthmate ttyUSB1: required endpoint is missing
[  386.689217][ T6636] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  386.854974][ T5127] usb 3-1: USB disconnect, device number 14
[  386.865582][ T5127] cypress_m8 3-1:0.0: device disconnected
[  386.874803][ T5127] cypress_m8 3-1:0.31: device disconnected
[  387.997591][ T6681] loop2: detected capacity change from 0 to 2048
[  388.161509][ T6681] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  388.174374][ T6681] ext4 filesystem being mounted at /root/syzkaller-testdir1617202194/syzkaller.0DRgnD/95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  388.291743][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.661744][ T6689] loop1: detected capacity change from 0 to 128
[  388.702736][ T6689] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  389.347835][ T5124] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  389.859976][ T5124] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  389.869512][ T5124] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  390.001859][ T5124] usb 3-1: config 0 descriptor??
[  390.065975][ T5124] cp210x 3-1:0.0: cp210x converter detected
[  390.128312][   T59] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  390.617863][ T5124] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  390.751595][ T5124] cp210x 3-1:0.0: failed to get vendor val 0x370c size 73: -71
[  390.760251][ T5124] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  390.918224][ T6708] trusted_key: syz-executor.1 sent an empty control message without MSG_MORE.
[  390.934744][ T5124] usb 3-1: cp210x converter now attached to ttyUSB0
[  390.978902][ T6703] loop3: detected capacity change from 0 to 32768
[  391.013699][ T6703] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (6703)
[  391.050053][ T5124] usb 3-1: USB disconnect, device number 15
[  391.112000][ T5124] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  391.135602][ T5124] cp210x 3-1:0.0: device disconnected
[  391.223102][ T6703] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  391.242072][ T6703] BTRFS info (device loop3): using sha256 (sha256-generic) checksum algorithm
[  391.253426][ T6703] BTRFS info (device loop3): using free-space-tree
[  391.613019][   T10] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  391.822564][   T29] kauditd_printk_skb: 18 callbacks suppressed
[  391.822636][   T29] audit: type=1804 audit(1717385304.399:56): pid=6703 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.3" name="/root/syzkaller-testdir3354861071/syzkaller.2bo4Zd/89/bus/bus" dev="loop3" ino=263 res=1 errno=0
[  392.067864][   T10] usb 1-1: config 0 has an invalid interface number: 31 but max is 2
[  392.076262][   T10] usb 1-1: config 0 has an invalid interface number: 31 but max is 2
[  392.084983][   T10] usb 1-1: config 0 has an invalid interface number: 31 but max is 2
[  392.093566][   T10] usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 3
[  392.102982][   T10] usb 1-1: config 0 has no interface number 1
[  392.109319][   T10] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  392.126070][   T10] usb 1-1: too many endpoints for config 0 interface 31 altsetting 115: 243, using maximum allowed: 30
[  392.139524][   T10] usb 1-1: config 0 interface 31 altsetting 115 has 0 endpoint descriptors, different from the interface descriptor's value: 243
[  392.153356][   T10] usb 1-1: config 0 interface 31 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  392.156196][ T6735] loop1: detected capacity change from 0 to 2048
[  392.163456][   T10] usb 1-1: config 0 interface 31 has no altsetting 1
[  392.177094][   T10] usb 1-1: config 0 interface 31 has no altsetting 2
[  392.292734][ T6735] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  392.305942][ T6735] ext4 filesystem being mounted at /root/syzkaller-testdir2840162671/syzkaller.Naclv6/99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  392.352273][ T6734] loop2: detected capacity change from 0 to 512
[  392.417263][ T5085] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  392.458124][   T10] usb 1-1: New USB device found, idVendor=1163, idProduct=0200, bcdDevice=d5.25
[  392.467774][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.476044][   T10] usb 1-1: Product: syz
[  392.477168][ T5070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  392.480802][   T10] usb 1-1: Manufacturer: syz
[  392.495703][   T10] usb 1-1: SerialNumber: syz
[  392.517453][ T6734] EXT4-fs error (device loop2): ext4_orphan_get:1420: comm syz-executor.2: bad orphan inode 13
[  392.574090][   T10] usb 1-1: config 0 descriptor??
[  392.582712][ T6734] ext4_test_bit(bit=12, block=4) = 1
[  392.588591][ T6734] is_bad_inode(inode)=0
[  392.592916][ T6734] NEXT_ORPHAN(inode)=0
[  392.597191][ T6734] max_ino=32
[  392.601017][ T6734] i_nlink=1
[  392.604372][ T6734] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  392.723428][   T10] cypress_m8 1-1:0.0: DeLorme Earthmate USB converter detected
[  392.732929][   T10] earthmate ttyUSB0: required endpoint is missing
[  392.743760][   T10] cypress_m8 1-1:0.31: DeLorme Earthmate USB converter detected
[  392.753541][   T10] earthmate ttyUSB1: required endpoint is missing
[  393.044156][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.092296][ T6706] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  393.232772][   T10] usb 1-1: USB disconnect, device number 10
[  393.240838][   T10] cypress_m8 1-1:0.0: device disconnected
[  393.250055][   T10] cypress_m8 1-1:0.31: device disconnected
[  395.157216][ T6759] loop2: detected capacity change from 0 to 4096
[  395.574911][ T6762] loop3: detected capacity change from 0 to 32768
[  396.380904][ T6762] loop3: detected capacity change from 0 to 128
[  396.465016][ T6762] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  396.479207][ T6762] ext4 filesystem being mounted at /proc/6761/cgroup supports timestamps until 2038-01-19 (0x7fffffff)
[  396.495728][ T6762] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  396.662003][ T6773] loop1: detected capacity change from 0 to 256
[  396.721238][ T6773] exfat: Deprecated parameter 'namecase'
[  396.727601][ T6773] exfat: Deprecated parameter 'namecase'
[  396.733593][ T6773] exfat: Deprecated parameter 'namecase'
[  396.914115][ T6775] loop2: detected capacity change from 0 to 2048
[  396.981608][ T6769] loop0: detected capacity change from 0 to 32768
[  396.989131][ T6775] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  397.008214][ T6775] ext4 filesystem being mounted at /root/syzkaller-testdir1617202194/syzkaller.0DRgnD/101/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  397.056719][ T6769] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (6769)
[  397.076767][ T6769] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  397.087624][ T6769] BTRFS info (device loop0): using sha256 (sha256-generic) checksum algorithm
[  397.100053][ T6769] BTRFS info (device loop0): using free-space-tree
[  397.162076][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  397.350275][ T6773] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  397.720643][   T29] audit: type=1804 audit(1717385309.798:57): pid=6769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1471832815/syzkaller.76qk8Q/37/bus/bus" dev="loop0" ino=263 res=1 errno=0
[  398.225405][ T6022] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  398.434483][   T29] audit: type=1800 audit(1717385310.389:58): pid=6801 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1951 res=0 errno=0
[  398.461077][   T29] audit: type=1800 audit(1717385310.398:59): pid=6800 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1951 res=0 errno=0
[  398.565122][   T10] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  399.120561][   T10] usb 3-1: config 0 has an invalid interface number: 18 but max is 0
[  399.128969][   T10] usb 3-1: config 0 has an invalid descriptor of length 51, skipping remainder of the config
[  399.139531][   T10] usb 3-1: config 0 has no interface number 0
[  399.146130][   T10] usb 3-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4
[  399.155658][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.241407][   T10] usb 3-1: config 0 descriptor??
[  399.352704][   T10] usb 3-1: bad CDC descriptors
[  399.563781][ T6813] loop3: detected capacity change from 0 to 256
[  399.594876][ T6813] exfat: Unknown parameter 'discad'
[  399.623069][   T10] usb 3-1: USB disconnect, device number 16
[  399.984131][ T6817] Zero length message leads to an empty skb
[  400.713405][ T6821] sctp: [Deprecated]: syz-executor.3 (pid 6821) Use of int in max_burst socket option deprecated.
[  400.713405][ T6821] Use struct sctp_assoc_value instead
[  400.894354][ T6824] loop0: detected capacity change from 0 to 2048
[  401.020274][ T6824] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  401.034677][ T6824] ext4 filesystem being mounted at /root/syzkaller-testdir1471832815/syzkaller.76qk8Q/39/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  401.262112][ T6022] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.727669][ T6835] loop3: detected capacity change from 0 to 2048
[  402.777806][ T6849] loop2: detected capacity change from 0 to 512
[  402.852097][ T6849] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  402.871555][ T6849] EXT4-fs (loop2): orphan cleanup on readonly fs
[  402.891283][ T6849] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2250: inode #15: comm syz-executor.2: corrupted in-inode xattr: e_value out of bounds
[  402.909039][ T6849] EXT4-fs (loop2): Remounting filesystem read-only
[  402.916243][ T6849] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  402.933953][ T6851] loop0: detected capacity change from 0 to 512
[  402.943217][ T6847] EXT4-fs warning (device loop2): __ext4fs_dirhash:283: invalid/unsupported hash tree version 62
[  402.954844][ T6847] EXT4-fs warning (device loop2): __ext4fs_dirhash:283: invalid/unsupported hash tree version 62
[  402.965881][ T6847] EXT4-fs warning (device loop2): __ext4fs_dirhash:283: invalid/unsupported hash tree version 62
[  403.085600][ T6851] EXT4-fs warning (device loop0): read_mmp_block:115: Error -117 while reading MMP block 0
[  403.403111][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.853861][ T6851] loop0: detected capacity change from 0 to 4096
[  403.886700][ T6851] ntfs3: Unknown parameter 'D'
[  403.961601][ T6859] loop2: detected capacity change from 0 to 512
[  403.971345][ T6857] loop3: detected capacity change from 0 to 4096
[  404.062375][ T6859] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  404.070015][ T6859] UDF-fs: Scanning with blocksize 512 failed
[  404.115276][ T6857] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  404.135413][ T6859] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  404.143506][ T6859] UDF-fs: Scanning with blocksize 1024 failed
[  404.158649][ T6859] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  404.166375][ T6859] UDF-fs: Scanning with blocksize 2048 failed
[  404.254180][ T6859] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  404.333078][ T6857] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  404.352263][ T6859] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  404.972170][ T3475] ntfs3: loop3: ino=5, ntfs3_write_inode failed, -22.
[  405.324645][ T6866] loop0: detected capacity change from 0 to 2048
[  405.418159][ T6866] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  405.437822][ T6866] ext4 filesystem being mounted at /root/syzkaller-testdir1471832815/syzkaller.76qk8Q/43/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  405.571926][ T6022] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.294476][ T6877] random: crng reseeded on system resumption
[  407.194120][ T6873] loop2: detected capacity change from 0 to 4096
[  407.376160][ T6873] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  408.235168][ T6873] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  408.353149][ T6895] vcan0 speed is unknown, defaulting to 1000
[  408.916133][ T6899] loop0: detected capacity change from 0 to 256
[  409.446054][ T6899] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  409.597516][ T1221] ieee802154 phy0 wpan0: encryption failed: -22
[  409.604209][ T1221] ieee802154 phy1 wpan1: encryption failed: -22
[  410.175757][ T6906] loop1: detected capacity change from 0 to 1024
[  410.303536][ T6906] EXT4-fs: Ignoring removed orlov option
[  410.315951][ T6906] EXT4-fs: Ignoring removed nomblk_io_submit option
[  410.446863][ T6906] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  410.759618][ T6911] process 'syz-executor.1' launched './file0/file0' with NULL argv: empty string added
[  410.841768][ T6913] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  411.250002][ T6917] loop2: detected capacity change from 0 to 2048
[  411.414695][ T6917] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  411.433846][ T6917] ext4 filesystem being mounted at /root/syzkaller-testdir1617202194/syzkaller.0DRgnD/107/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  411.636231][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.823018][ T5070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.670546][   T29] audit: type=1804 audit(1717385324.492:60): pid=6938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.0" name="/root/syzkaller-testdir1471832815/syzkaller.76qk8Q/50/bus" dev="sda1" ino=1946 res=1 errno=0
[  413.792995][   T29] audit: type=1804 audit(1717385324.640:61): pid=6938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.0" name="/root/syzkaller-testdir1471832815/syzkaller.76qk8Q/50/bus" dev="sda1" ino=1946 res=1 errno=0
[  414.229099][ T6945] loop1: detected capacity change from 0 to 512
[  414.292032][ T6941] loop3: detected capacity change from 0 to 512
[  414.491258][ T6950] loop2: detected capacity change from 0 to 512
[  414.545821][ T6941] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  414.553656][ T6950] ext4: Unknown parameter 'measure'
[  414.559199][ T6941] ext4 filesystem being mounted at /root/syzkaller-testdir3354861071/syzkaller.2bo4Zd/108/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  414.660012][ T6941] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  414.671094][ T6941] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  414.684118][ T6941] EXT4-fs error (device loop3): ext4_acquire_dquot:6882: comm syz-executor.3: Failed to acquire dquot type 0
[  414.803628][ T6944] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  414.815021][ T6944] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  414.824907][ T6944] EXT4-fs error (device loop3): ext4_acquire_dquot:6882: comm syz-executor.3: Failed to acquire dquot type 0
[  414.934269][ T6950] 9p: Unknown uid 00000000004294967295
[  414.958525][ T6957] loop1: detected capacity change from 0 to 2048
[  415.226432][ T6957] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  415.240450][ T6957] ext4 filesystem being mounted at /root/syzkaller-testdir2840162671/syzkaller.Naclv6/117/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  415.293815][ T6957] fs-verity (loop1, inode 13): Unknown hash algorithm number: 0
[  415.445448][ T5070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.800016][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.938028][ T6963] netlink: 16 bytes leftover after parsing attributes in process `syz-executor.2'.
[  416.477937][   T10] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  416.610196][ T6970] loop1: detected capacity change from 0 to 1024
[  416.625899][ T6970] EXT4-fs: Ignoring removed i_version option
[  416.673191][ T6970] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  416.812709][   T10] usb 3-1: Using ep0 maxpacket: 16
[  416.828580][ T6970] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  416.975330][ T5127] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  416.986308][ T6969] dccp_v6_rcv: dropped packet with invalid checksum
[  417.023155][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  417.034584][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  417.044749][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  417.058055][   T10] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  417.067519][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.148180][   T10] usb 3-1: config 0 descriptor??
[  417.316560][ T5127] usb 1-1: device descriptor read/64, error -71
[  417.377414][ T5070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  417.388556][ T5073] Bluetooth: hci5: command 0x0406 tx timeout
[  417.663745][   T10] microsoft 0003:045E:07DA.0005: ignoring exceeding usage max
[  417.706798][ T5127] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  417.797206][   T10] HID 045e:07da: Invalid code 65791 type 1
[  417.806319][   T10] HID 045e:07da: Invalid code 768 type 1
[  417.813062][   T10] HID 045e:07da: Invalid code 769 type 1
[  417.818931][   T10] HID 045e:07da: Invalid code 770 type 1
[  417.825041][   T10] HID 045e:07da: Invalid code 771 type 1
[  417.831125][   T10] HID 045e:07da: Invalid code 772 type 1
[  417.836956][   T10] HID 045e:07da: Invalid code 773 type 1
[  417.842965][   T10] HID 045e:07da: Invalid code 774 type 1
[  417.848805][   T10] HID 045e:07da: Invalid code 775 type 1
[  417.864662][   T10] HID 045e:07da: Invalid code 776 type 1
[  417.953392][   T10] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0005/input/input12
[  418.004357][ T5127] usb 1-1: device descriptor read/64, error -71
[  418.059678][    C1] vkms_vblank_simulate: vblank timer overrun
[  418.130529][   T10] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  418.153551][ T5127] usb usb1-port1: attempt power cycle
[  418.173858][   T10] usb 3-1: USB disconnect, device number 17
[  419.327265][ T6982] loop3: detected capacity change from 0 to 40427
[  419.386293][    C1] vkms_vblank_simulate: vblank timer overrun
[  419.393907][ T6982] F2FS-fs (loop3): invalid crc value
[  419.430622][    C1] vkms_vblank_simulate: vblank timer overrun
[  419.445976][ T6982] F2FS-fs (loop3): invalid crc value
[  419.451602][ T6982] F2FS-fs (loop3): Failed to get valid F2FS checkpoint
[  419.464558][ T5127] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  419.531299][    C1] vkms_vblank_simulate: vblank timer overrun
[  420.113041][ T5127] usb 1-1: device descriptor read/8, error -71
[  420.292229][    C1] vkms_vblank_simulate: vblank timer overrun
[  420.404316][    C1] vkms_vblank_simulate: vblank timer overrun
[  420.516671][    C1] vkms_vblank_simulate: vblank timer overrun
[  420.634946][    C1] vkms_vblank_simulate: vblank timer overrun
[  420.708539][ T6997] loop0: detected capacity change from 0 to 2048
[  420.841277][ T6997] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  420.862139][ T6997] ext4 filesystem being mounted at /root/syzkaller-testdir1471832815/syzkaller.76qk8Q/55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  420.897954][ T6997] fs-verity (loop0, inode 13): Unknown hash algorithm number: 0
[  421.090958][    C1] vkms_vblank_simulate: vblank timer overrun
[  421.119714][ T6022] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.233413][    C1] vkms_vblank_simulate: vblank timer overrun
[  421.337303][    C1] vkms_vblank_simulate: vblank timer overrun
[  421.519947][    C1] vkms_vblank_simulate: vblank timer overrun
[  421.993644][ T7008] loop1: detected capacity change from 0 to 512
[  422.080237][    C1] vkms_vblank_simulate: vblank timer overrun
[  422.196010][ T7016] loop0: detected capacity change from 0 to 512
[  422.213213][ T7008] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  422.223594][ T7016] EXT4-fs: Ignoring removed nobh option
[  422.226621][ T7008] ext4 filesystem being mounted at /root/syzkaller-testdir2840162671/syzkaller.Naclv6/120/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  422.415909][ T7016] fscrypt (loop0, inode 2): Error -61 getting encryption context
[  422.425033][ T7016] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -61
[  422.433452][ T7006] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  422.444572][ T7006] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  422.454541][ T7006] EXT4-fs error (device loop1): ext4_acquire_dquot:6882: comm syz-executor.1: Failed to acquire dquot type 0
[  422.509056][ T7017] loop3: detected capacity change from 0 to 1024
[  422.509802][ T7016] EXT4-fs error (device loop0): ext4_orphan_get:1394: inode #13: comm syz-executor.0: casefold flag without casefold feature
[  422.551094][ T7017] EXT4-fs: Ignoring removed i_version option
[  422.600312][    C1] vkms_vblank_simulate: vblank timer overrun
[  422.635110][ T7017] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  422.652763][ T7016] EXT4-fs error (device loop0): ext4_orphan_get:1399: comm syz-executor.0: couldn't read orphan inode 13 (err -117)
[  422.690259][ T7017] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  422.721345][ T7008] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[  422.733053][ T7008] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  422.749742][ T7008] EXT4-fs error (device loop1): ext4_acquire_dquot:6882: comm syz-executor.1: Failed to acquire dquot type 0
[  422.773364][ T7016] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  422.827199][    C1] vkms_vblank_simulate: vblank timer overrun
[  422.839865][ T7017] dccp_v6_rcv: dropped packet with invalid checksum
[  423.212917][ T7027] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.2'.
[  423.298071][    C1] vkms_vblank_simulate: vblank timer overrun
[  423.393282][ T6022] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.424292][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.463789][ T5070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.608696][   T29] audit: type=1326 audit(1717385333.685:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f460347cee9 code=0x7ffc0000
[  423.639642][   T29] audit: type=1326 audit(1717385333.685:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f460347cee9 code=0x7ffc0000
[  423.908871][ T5124] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  424.202599][ T5124] usb 3-1: Using ep0 maxpacket: 32
[  424.550830][ T7041] loop3: detected capacity change from 0 to 2048
[  424.913530][ T7041] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  424.930292][ T7041] ext4 filesystem being mounted at /root/syzkaller-testdir3354861071/syzkaller.2bo4Zd/115/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  424.990898][ T7041] fs-verity (loop3, inode 13): Unknown hash algorithm number: 0
[  425.191012][   T29] audit: type=1326 audit(1717385335.079:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f460347cee9 code=0x7ffc0000
[  425.214544][   T29] audit: type=1326 audit(1717385335.088:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f460347a667 code=0x7ffc0000
[  425.237752][   T29] audit: type=1326 audit(1717385335.135:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4603440329 code=0x7ffc0000
[  425.261114][   T29] audit: type=1326 audit(1717385335.153:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f460347a667 code=0x7ffc0000
[  425.374596][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.449720][ T5124] usb 3-1: unable to read config index 0 descriptor/all
[  425.457060][ T5124] usb 3-1: can't read configurations, error -71
[  427.596221][ T7066] loop0: detected capacity change from 0 to 1024
[  427.662244][ T7066] EXT4-fs: Ignoring removed i_version option
[  427.738400][ T7066] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  428.041057][ T7066] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  428.162432][ T7066] dccp_v6_rcv: dropped packet with invalid checksum
[  428.547173][ T6022] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  428.720667][ T7076] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  428.735380][ T7076] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  428.813194][ T7073] loop3: detected capacity change from 0 to 1024
[  429.045952][ T5127] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  429.497283][ T7082] loop2: detected capacity change from 0 to 512
[  429.539717][ T7084] loop3: detected capacity change from 0 to 47
[  429.577433][ T7082] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz-executor.2: casefold flag without casefold feature
[  429.587019][ T7084] minix: Unknown parameter '0x000000000000000001777777777777777777777F[����L�������_E&��W n�j��$�]\��Bց�^g�Ҭ��@�b����.|�z��N�\��3h��W����9h�����Łz�
�]�W���e��A�m�����)���)^19[�4�]�q�zu�)��+�#�)0~�yB𑒽��X-O���7gGS��000000000000000'
[  429.609738][ T7082] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117)
[  429.654410][ T7082] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  430.163540][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  430.918175][ T7098] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  431.011264][ T7098] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  431.091544][ T7102] loop2: detected capacity change from 0 to 128
[  431.213193][ T7102] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  431.254083][ T7102] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  431.335576][ T7111] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  431.344862][ T7111] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  431.623614][ T5124] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  432.116571][ T7120] loop1: detected capacity change from 0 to 1024
[  432.240755][ T7120] EXT4-fs: Ignoring removed i_version option
[  432.263828][ T7120] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  432.286760][ T5124] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  432.296426][ T5124] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  432.304701][ T5124] usb 1-1: Product: syz
[  432.309296][ T5124] usb 1-1: Manufacturer: syz
[  432.314123][ T5124] usb 1-1: SerialNumber: syz
[  432.383522][ T5124] usb 1-1: config 0 descriptor??
[  432.446658][ T7120] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  432.463334][ T3475] Bluetooth: hci2: Frame reassembly failed (-84)
[  432.485514][ T5124] ch341 1-1:0.0: ch341-uart converter detected
[  432.495613][ T7120] dccp_v6_rcv: dropped packet with invalid checksum
[  432.664394][ T5124] usb 1-1: failed to receive control message: -71
[  432.671414][ T5124] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  432.740029][ T5124] usb 1-1: USB disconnect, device number 15
[  432.747903][ T5124] ch341 1-1:0.0: device disconnected
[  432.927732][ T5070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  432.969467][ T7132] 9pnet_fd: Insufficient options for proto=fd
[  433.031737][ T7131] ebt_among: dst integrity fail: 200
[  433.557948][ T7136] loop1: detected capacity change from 0 to 512
[  433.762925][ T7137] loop2: detected capacity change from 0 to 2048
[  433.929055][ T7136] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz-executor.1: casefold flag without casefold feature
[  434.060214][ T7136] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz-executor.1: couldn't read orphan inode 15 (err -117)
[  434.098977][ T7136] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  434.189594][ T7143] loop0: detected capacity change from 0 to 764
[  434.299218][ T7136] loop1: detected capacity change from 512 to 64
[  434.326842][ T7145] syz-executor.1: attempt to access beyond end of device
[  434.326842][ T7145] loop1: rw=2049, sector=510, nr_sectors = 2 limit=64
[  434.341216][ T7145] EXT4-fs warning (device loop1): ext4_end_bio:347: I/O error 10 writing to inode 18 starting block 255)
[  434.353084][ T7145] Buffer I/O error on device loop1, logical block 255
[  434.633534][ T4427] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  434.870787][ T5070] EXT4-fs warning (device loop1): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor.1: error -12 reading directory block
[  435.110205][ T5070] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  435.323500][ T7157] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'.
[  435.703262][ T3475] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.007919][ T3475] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.282219][ T7159] loop3: detected capacity change from 0 to 64
[  436.325109][ T7159] hfs: unable to parse mount options
[  436.332311][ T3475] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.417749][ T7159] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[  436.470556][ T7162] loop0: detected capacity change from 0 to 512
[  436.480966][ T7165] loop2: detected capacity change from 0 to 1024
[  436.525711][ T7162] EXT4-fs (loop0): bad geometry: block count 510 exceeds size of device (256 blocks)
[  436.525824][ T3475] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  436.579942][ T7165] EXT4-fs: Ignoring removed i_version option
[  436.613934][ T7158] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  436.653469][ T7162] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  436.662954][ T7162] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  436.689147][ T7165] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  436.842732][ T7164] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  436.886860][ T7165] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  437.029199][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  437.029288][   T29] audit: type=1800 audit(1717385346.118:80): pid=7162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1943 res=0 errno=0
[  437.068077][ T7165] dccp_v6_rcv: dropped packet with invalid checksum
[  437.093190][ T3475] bridge_slave_1: left allmulticast mode
[  437.099416][ T3475] bridge_slave_1: left promiscuous mode
[  437.106211][ T3475] bridge0: port 2(bridge_slave_1) entered disabled state
[  437.192662][ T3475] bridge_slave_0: left allmulticast mode
[  437.198670][ T3475] bridge_slave_0: left promiscuous mode
[  437.205511][ T3475] bridge0: port 1(bridge_slave_0) entered disabled state
[  437.986753][ T3475] dvmrp0 (unregistering): left allmulticast mode
[  438.131112][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.289920][ T7173] netlink: 84 bytes leftover after parsing attributes in process `syz-executor.0'.
[  438.418426][ T3475] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  438.566928][ T3475] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  438.666593][ T3475] bond0 (unregistering): (slave macvlan2): Releasing backup interface
[  438.725607][ T3475] team_slave_0: left promiscuous mode
[  438.731393][ T3475] team_slave_1: left promiscuous mode
[  438.792779][ T3475] bond0 (unregistering): Released all slaves
[  438.863169][ T5073] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  438.983336][ T5073] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  438.995202][ T5073] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  439.008778][ T5073] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  439.067364][ T5073] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  439.093430][ T5073] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  439.196441][ T7178] vcan0 speed is unknown, defaulting to 1000
[  439.699249][ T7188] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  439.847863][ T7191] netlink: set zone limit has 8 unknown bytes
[  440.714649][ T7200] loop3: detected capacity change from 0 to 256
[  440.816045][ T3475] hsr_slave_0: left promiscuous mode
[  440.873368][ T3475] hsr_slave_1: left promiscuous mode
[  440.912575][ T3475] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  440.921356][ T3475] batman_adv: batadv0: Removing interface: batadv_slave_0
[  440.991433][ T7200] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  441.021450][ T3475] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  441.029319][ T3475] batman_adv: batadv0: Removing interface: batadv_slave_1
[  441.109318][ T3475] veth1_macvtap: left promiscuous mode
[  441.115442][ T3475] veth0_macvtap: left promiscuous mode
[  441.121359][ T3475] veth1_vlan: left promiscuous mode
[  441.127000][ T3475] veth0_vlan: left promiscuous mode
[  441.298878][ T5073] Bluetooth: hci1: command tx timeout
[  442.090862][ T7206] loop2: detected capacity change from 0 to 512
[  442.177462][ T7202] loop0: detected capacity change from 0 to 4096
[  442.186498][ T7206] EXT4-fs (loop2): bad geometry: block count 510 exceeds size of device (256 blocks)
[  442.222037][ T7202] ntfs3: Unknown parameter 'sparsh:e'
[  442.323590][ T3475] team0 (unregistering): Port device team_slave_1 removed
[  442.471632][ T3475] team0 (unregistering): Port device team_slave_0 removed
[  442.516750][ T7206] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  442.776425][ T7206] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  442.821821][ T7211] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  442.968005][ T7208] loop3: detected capacity change from 0 to 1024
[  442.987355][   T29] audit: type=1800 audit(1717385351.352:81): pid=7212 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1958 res=0 errno=0
[  442.993970][ T7208] EXT4-fs: Ignoring removed i_version option
[  443.166470][ T7208] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  443.440424][ T7208] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  443.502462][ T7208] dccp_v6_rcv: dropped packet with invalid checksum
[  443.579882][ T5073] Bluetooth: hci1: command tx timeout
[  443.976472][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  444.132372][ T7178] chnl_net:caif_netlink_parms(): no params data found
[  444.722370][ T7230] loop3: detected capacity change from 0 to 256
[  445.135817][ T7229] netlink: 7 bytes leftover after parsing attributes in process `syz-executor.2'.
[  445.765051][ T7178] bridge0: port 1(bridge_slave_0) entered blocking state
[  445.774511][ T7178] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.782381][ T7178] bridge_slave_0: entered allmulticast mode
[  445.791686][ T7178] bridge_slave_0: entered promiscuous mode
[  445.805753][ T5073] Bluetooth: hci1: command tx timeout
[  445.905212][ T7178] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.913581][ T7178] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.929128][ T7178] bridge_slave_1: entered allmulticast mode
[  445.938581][ T7178] bridge_slave_1: entered promiscuous mode
[  446.304874][ T7178] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  446.435885][ T7178] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  446.726207][ T7178] team0: Port device team_slave_0 added
[  446.769639][ T7178] team0: Port device team_slave_1 added
[  446.965512][ T7178] batman_adv: batadv0: Adding interface: batadv_slave_0
[  446.972696][ T7178] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  446.999000][ T7178] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  447.227187][ T7178] batman_adv: batadv0: Adding interface: batadv_slave_1
[  447.234436][ T7178] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  447.268039][ T7249] loop3: detected capacity change from 0 to 4096
[  447.276707][ T7178] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  447.649388][ T7255] loop2: detected capacity change from 0 to 512
[  447.729936][ T7258] loop0: detected capacity change from 0 to 64
[  447.775109][ T7178] hsr_slave_0: entered promiscuous mode
[  447.776984][ T7255] EXT4-fs (loop2): bad geometry: block count 510 exceeds size of device (256 blocks)
[  447.855967][ T7178] hsr_slave_1: entered promiscuous mode
[  448.002766][ T7255] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  448.059517][ T5073] Bluetooth: hci1: command tx timeout
[  448.077657][   T29] audit: type=1800 audit(1717385356.271:82): pid=7249 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=34 res=0 errno=0
[  448.134718][ T7178] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  448.148469][ T7178] Cannot create hsr debugfs directory
[  448.180649][ T7255] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  448.600732][ T7256] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  448.740200][   T29] audit: type=1800 audit(1717385356.853:83): pid=7255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1944 res=0 errno=0
[  449.255524][ T4427] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  449.270878][ T4427] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  449.288068][ T4427] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  449.328431][ T4427] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  449.366520][ T4427] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  449.381335][ T4427] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  449.396813][ T7269] loop0: detected capacity change from 0 to 1024
[  449.442330][ T7269] EXT4-fs: Ignoring removed i_version option
[  449.451440][ T7269] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  449.640963][ T7269] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  449.788465][ T7269] dccp_v6_rcv: dropped packet with invalid checksum
[  449.893467][ T7264] vcan0 speed is unknown, defaulting to 1000
[  449.983560][   T29] audit: type=1326 audit(1717385357.979:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7273 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6bb787cee9 code=0x0
[  450.605253][ T6022] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  450.612558][   T29] audit: type=1800 audit(1717385358.459:85): pid=7280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="overlay" ino=1932 res=0 errno=0
[  450.637283][   T29] audit: type=1800 audit(1717385358.468:86): pid=7280 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="overlay" ino=1932 res=0 errno=0
[  451.273412][ T7286] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  451.522747][ T7286] loop0: detected capacity change from 0 to 1024
[  451.561312][ T3575] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.617450][ T4427] Bluetooth: hci2: command tx timeout
[  451.678564][ T7286] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  451.700094][ T3575] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  451.823683][ T7286] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  451.844637][ T7178] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  451.992345][ T3575] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.046984][ T7178] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  452.230654][ T3575] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  452.299250][ T7264] chnl_net:caif_netlink_parms(): no params data found
[  452.321831][ T7178] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  452.381415][ T7295] block device autoloading is deprecated and will be removed.
[  452.447135][ T7178] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  452.720077][ T3575] bridge_slave_1: left allmulticast mode
[  452.726012][ T3575] bridge_slave_1: left promiscuous mode
[  452.734193][ T3575] bridge0: port 2(bridge_slave_1) entered disabled state
[  452.796864][ T3575] bridge_slave_0: left allmulticast mode
[  452.810153][ T3575] bridge_slave_0: left promiscuous mode
[  452.816877][ T3575] bridge0: port 1(bridge_slave_0) entered disabled state
[  453.185823][ T6022] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  453.503349][ T3575] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  453.599824][ T3575] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  453.637095][ T3575] bond0 (unregistering): Released all slaves
[  453.782907][ T7310] loop0: detected capacity change from 0 to 512
[  453.825015][ T7310] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  453.865963][ T4427] Bluetooth: hci2: command tx timeout
[  453.998997][ T7310] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  454.012409][ T7310] ext4 filesystem being mounted at /root/syzkaller-testdir1471832815/syzkaller.76qk8Q/79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  454.118057][ T7310] EXT4-fs error (device loop0): ext4_do_update_inode:5082: inode #2: comm syz-executor.0: corrupted inode contents
[  454.144355][ T7310] EXT4-fs (loop0): Remounting filesystem read-only
[  454.329467][ T6022] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  454.367078][   T59] Quota error (device loop0): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  454.380197][   T59] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  454.391955][   T59] Quota error (device loop0): write_blk: dquota write failed
[  454.400820][   T59] Quota error (device loop0): free_dqentry: Can't write quota data block 5
[  454.629507][ T7319] loop2: detected capacity change from 0 to 512
[  454.710021][ T7319] EXT4-fs (loop2): bad geometry: block count 510 exceeds size of device (256 blocks)
[  454.792874][ T7264] bridge0: port 1(bridge_slave_0) entered blocking state
[  454.807551][ T7264] bridge0: port 1(bridge_slave_0) entered disabled state
[  454.815763][ T7264] bridge_slave_0: entered allmulticast mode
[  454.825983][ T7264] bridge_slave_0: entered promiscuous mode
[  454.960295][ T7319] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  454.961194][ T7319] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  455.006515][ T7264] bridge0: port 2(bridge_slave_1) entered blocking state
[  455.015415][ T7264] bridge0: port 2(bridge_slave_1) entered disabled state
[  455.029573][ T7264] bridge_slave_1: entered allmulticast mode
[  455.065679][ T7264] bridge_slave_1: entered promiscuous mode
[  455.096445][ T7319] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  455.308395][   T29] audit: type=1800 audit(1717385362.889:87): pid=7319 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1932 res=0 errno=0
[  455.504725][ T3575] hsr_slave_0: left promiscuous mode
[  455.548448][ T3575] hsr_slave_1: left promiscuous mode
[  455.591762][ T3575] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  455.601091][ T3575] batman_adv: batadv0: Removing interface: batadv_slave_0
[  455.643316][ T3575] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  455.651116][ T3575] batman_adv: batadv0: Removing interface: batadv_slave_1
[  455.728088][ T3575] veth1_macvtap: left promiscuous mode
[  455.734410][ T3575] veth0_macvtap: left promiscuous mode
[  455.740767][ T3575] veth1_vlan: left promiscuous mode
[  455.746342][ T3575] veth0_vlan: left promiscuous mode
[  455.811168][ T7328] loop3: detected capacity change from 0 to 1024
[  455.856933][ T7332] loop0: detected capacity change from 0 to 128
[  455.889311][ T7328] EXT4-fs: Ignoring removed i_version option
[  455.947442][ T7328] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  456.119391][ T4427] Bluetooth: hci2: command tx timeout
[  456.191676][ T3575] infiniband syz1: set down
[  456.264579][   T43] infiniband syz1: ib_query_port failed (-19)
[  456.298512][ T7328] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  456.498230][ T7328] dccp_v6_rcv: dropped packet with invalid checksum
[  456.808569][ T3575] team0 (unregistering): Port device team_slave_1 removed
[  456.873007][ T3575] team0 (unregistering): Port device team_slave_0 removed
[  456.945521][ T5085] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  457.108755][ T3878] smc: removing ib device syz1
[  457.423031][ T7326] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  457.467568][ T7264] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  457.670226][ T7264] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  458.005791][ T7178] 8021q: adding VLAN 0 to HW filter on device bond0
[  458.332643][ T7264] team0: Port device team_slave_0 added
[  458.378860][ T4427] Bluetooth: hci2: command tx timeout
[  458.466360][ T7178] 8021q: adding VLAN 0 to HW filter on device team0
[  458.560328][ T7264] team0: Port device team_slave_1 added
[  458.612602][   T10] bridge0: port 1(bridge_slave_0) entered blocking state
[  458.620286][   T10] bridge0: port 1(bridge_slave_0) entered forwarding state
[  460.368779][ T5121] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  460.642580][ T7264] batman_adv: batadv0: Adding interface: batadv_slave_0
[  460.650258][ T7264] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  460.682450][ T7264] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  460.746926][ T5121] usb 4-1: Using ep0 maxpacket: 32
[  460.763270][   T10] bridge0: port 2(bridge_slave_1) entered blocking state
[  460.771404][   T10] bridge0: port 2(bridge_slave_1) entered forwarding state
[  460.912545][ T5121] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  460.923436][ T5121] usb 4-1: config 0 has no interfaces?
[  461.145123][ T7264] batman_adv: batadv0: Adding interface: batadv_slave_1
[  461.152751][ T7264] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  461.179505][ T7264] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  461.326581][ T5121] usb 4-1: New USB device found, idVendor=0a2c, idProduct=0008, bcdDevice=d1.70
[  461.337313][ T5121] usb 4-1: New USB device strings: Mfr=20, Product=231, SerialNumber=3
[  461.350584][ T5121] usb 4-1: Product: syz
[  461.356560][ T5121] usb 4-1: Manufacturer: syz
[  461.361588][ T5121] usb 4-1: SerialNumber: syz
[  461.458358][ T5121] usb 4-1: config 0 descriptor??
[  461.762626][ T7264] hsr_slave_0: entered promiscuous mode
[  461.774575][ T5073] Bluetooth: hci6: command 0x041b tx timeout
[  461.803848][    T8] usb 4-1: USB disconnect, device number 11
[  461.830657][ T7358] loop2: detected capacity change from 0 to 2048
[  461.867410][ T7264] hsr_slave_1: entered promiscuous mode
[  461.947425][ T7264] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  461.955494][ T7264] Cannot create hsr debugfs directory
[  462.054038][ T7362] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  462.256487][   T29] audit: type=1800 audit(1717385369.332:88): pid=7358 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=18 res=0 errno=0
[  463.219735][ T7367] loop3: detected capacity change from 0 to 512
[  463.285019][ T7367] EXT4-fs (loop3): bad geometry: block count 510 exceeds size of device (256 blocks)
[  463.401536][ T7367] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  463.417421][ T7367] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  463.504649][ T7371] loop0: detected capacity change from 0 to 1024
[  463.540833][ T7373] netlink: 'syz-executor.3': attribute type 29 has an invalid length.
[  463.597038][ T7371] EXT4-fs: Ignoring removed i_version option
[  463.664898][ T7371] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  463.804549][   T29] audit: type=1800 audit(1717385370.790:89): pid=7367 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="sda1" ino=1957 res=0 errno=0
[  463.903456][ T7264] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  463.922676][ T7362] NILFS (loop2): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  463.933965][ T7362] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=4)
[  463.974896][ T7371] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  463.989981][ T7264] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  464.063012][ T7371] dccp_v6_rcv: dropped packet with invalid checksum
[  464.071346][ T7362] Remounting filesystem read-only
[  464.076762][ T3475] NILFS (loop2): discard dirty page: offset=4096, ino=6
[  464.084021][ T3475] NILFS (loop2): discard dirty block: blocknr=39, size=1024
[  464.091548][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.102002][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.111233][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.160670][ T7264] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  464.237519][ T7264] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  464.278819][ T3475] NILFS (loop2): discard dirty page: offset=0, ino=2
[  464.285788][ T3475] NILFS (loop2): discard dirty block: blocknr=18, size=1024
[  464.293409][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.302621][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.311851][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.356726][ T7379] loop3: detected capacity change from 0 to 64
[  464.457419][ T3475] NILFS (loop2): discard dirty page: offset=0, ino=3
[  464.464669][ T3475] NILFS (loop2): discard dirty block: blocknr=42, size=1024
[  464.473649][ T3475] NILFS (loop2): discard dirty block: blocknr=43, size=1024
[  464.481179][ T3475] NILFS (loop2): discard dirty block: blocknr=44, size=1024
[  464.490121][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.500892][ T3475] NILFS (loop2): discard dirty page: offset=163840, ino=3
[  464.508452][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.517747][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.523529][ T7178] 8021q: adding VLAN 0 to HW filter on device batadv0
[  464.527049][ T3475] NILFS (loop2): discard dirty block: blocknr=47, size=1024
[  464.527169][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.527312][ T3475] NILFS (loop2): discard dirty page: offset=196608, ino=3
[  464.527428][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.527545][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.527663][ T3475] NILFS (loop2): discard dirty block: blocknr=49, size=1024
[  464.527772][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.682092][ T6022] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  464.770736][ T3475] NILFS (loop2): discard dirty page: offset=0, ino=5
[  464.777919][ T3475] NILFS (loop2): discard dirty block: blocknr=41, size=1024
[  464.790015][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.800950][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  464.810149][ T3475] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  465.015911][ T5087] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer
[  465.058501][ T5087] NILFS (loop2): discard dirty page: offset=0, ino=6
[  465.065567][ T5087] NILFS (loop2): discard dirty block: blocknr=35, size=1024
[  465.074395][ T5087] NILFS (loop2): discard dirty block: blocknr=36, size=1024
[  465.082490][ T5087] NILFS (loop2): discard dirty block: blocknr=37, size=1024
[  465.090247][ T5087] NILFS (loop2): discard dirty block: blocknr=38, size=1024
[  465.259578][ T5087] NILFS (loop2): discard dirty page: offset=0, ino=4
[  465.267992][ T5087] NILFS (loop2): discard dirty block: blocknr=40, size=1024
[  465.276818][ T5087] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  465.287478][ T5087] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  465.297960][ T5087] NILFS (loop2): discard dirty block: blocknr=18446744073709551615, size=1024
[  465.486526][ T7178] veth0_vlan: entered promiscuous mode
[  465.579436][ T7178] veth1_vlan: entered promiscuous mode
[  465.827322][ T7264] 8021q: adding VLAN 0 to HW filter on device bond0
[  466.049689][ T7264] 8021q: adding VLAN 0 to HW filter on device team0
[  466.245451][ T7178] veth0_macvtap: entered promiscuous mode
[  466.292463][   T25] bridge0: port 1(bridge_slave_0) entered blocking state
[  466.300145][   T25] bridge0: port 1(bridge_slave_0) entered forwarding state
[  466.388456][ T7178] veth1_macvtap: entered promiscuous mode
[  466.470516][   T25] bridge0: port 2(bridge_slave_1) entered blocking state
[  466.478320][   T25] bridge0: port 2(bridge_slave_1) entered forwarding state
[  466.576130][ T7392] loop3: detected capacity change from 0 to 64
[  466.853361][ T7178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  466.865371][ T7178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  466.878006][ T7178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  466.894066][ T7178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  466.905664][ T7178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  466.916410][ T7178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  466.926577][ T7178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  466.937456][ T7178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  466.952636][ T7178] batman_adv: batadv0: Interface activated: batadv_slave_0
[  467.033352][ T7264] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  467.127404][ T7178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.138252][ T7178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.148405][ T7178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.159157][ T7178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.169212][ T7178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.182116][ T7178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.182810][ T7398] loop2: detected capacity change from 0 to 512
[  467.192777][ T7178] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  467.209307][ T7178] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  467.231606][ T7178] batman_adv: batadv0: Interface activated: batadv_slave_1
[  467.300341][ T7398] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  467.309675][ T7398] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  467.399760][ T7178] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  467.408926][ T7178] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  467.417956][ T7178] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  467.428814][ T7178] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  467.501358][ T7398] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  467.585471][ T7398] EXT4-fs error (device loop2): ext4_orphan_get:1394: inode #15: comm syz-executor.2: iget: bad extended attribute block 19
[  467.641852][ T7398] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz-executor.2: couldn't read orphan inode 15 (err -117)
[  467.715790][ T7398] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  468.616785][ T7407] loop3: detected capacity change from 0 to 32768
[  468.644646][ T7407] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (7407)
[  468.698801][ T7407] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  468.710206][ T7407] BTRFS info (device loop3): using sha256 (sha256-generic) checksum algorithm
[  468.723674][ T7407] BTRFS info (device loop3): using free-space-tree
[  468.856311][ T7398] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  468.919838][ T7402] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 19: invalid block bitmap
[  469.513482][ T5085] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  469.576455][ T7264] 8021q: adding VLAN 0 to HW filter on device batadv0
[  469.609063][ T5087] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  470.093842][ T7437] loop0: detected capacity change from 0 to 2048
[  470.230149][ T7440] loop2: detected capacity change from 0 to 512
[  470.298542][ T7440] EXT4-fs (loop2): bad geometry: block count 510 exceeds size of device (256 blocks)
[  470.381149][ T7442] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  470.436830][ T7440] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  470.455670][ T7440] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  470.516585][ T7445] netlink: 'syz-executor.2': attribute type 29 has an invalid length.
[  470.659667][   T29] audit: type=1800 audit(1717385377.057:90): pid=7437 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="loop0" ino=18 res=0 errno=0
[  470.685960][    C0] vkms_vblank_simulate: vblank timer overrun
[  470.692936][   T29] audit: type=1800 audit(1717385377.103:91): pid=7440 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="sda1" ino=1954 res=0 errno=0
[  472.174503][ T7451] loop2: detected capacity change from 0 to 32768
[  472.369372][ T7442] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  472.382225][ T7442] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  472.482743][ T7442] Remounting filesystem read-only
[  472.488649][ T3515] NILFS (loop0): discard dirty page: offset=4096, ino=6
[  472.496775][ T3515] NILFS (loop0): discard dirty block: blocknr=39, size=1024
[  472.504621][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  472.513922][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  472.523280][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  472.615766][ T3515] NILFS (loop0): discard dirty page: offset=0, ino=2
[  472.623063][ T3515] NILFS (loop0): discard dirty block: blocknr=18, size=1024
[  472.630676][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  472.639777][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  472.649068][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  472.804270][ T3515] NILFS (loop0): discard dirty page: offset=0, ino=3
[  472.811242][ T3515] NILFS (loop0): discard dirty block: blocknr=42, size=1024
[  472.819714][ T3515] NILFS (loop0): discard dirty block: blocknr=43, size=1024
[  472.828334][ T3515] NILFS (loop0): discard dirty block: blocknr=44, size=1024
[  472.836902][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  472.846218][ T3515] NILFS (loop0): discard dirty page: offset=163840, ino=3
[  472.854353][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  472.864005][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  472.873250][ T3515] NILFS (loop0): discard dirty block: blocknr=47, size=1024
[  472.885511][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  472.896042][ T3515] NILFS (loop0): discard dirty page: offset=196608, ino=3
[  472.903625][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  472.912837][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  472.921977][ T3515] NILFS (loop0): discard dirty block: blocknr=49, size=1024
[  472.929611][ T3515] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  473.027262][ T7264] veth0_vlan: entered promiscuous mode
[  473.149808][ T6022] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  473.168677][ T7264] veth1_vlan: entered promiscuous mode
[  473.199616][ T6022] NILFS (loop0): discard dirty page: offset=0, ino=6
[  473.206733][ T6022] NILFS (loop0): discard dirty block: blocknr=35, size=1024
[  473.219563][ T6022] NILFS (loop0): discard dirty block: blocknr=36, size=1024
[  473.228701][ T6022] NILFS (loop0): discard dirty block: blocknr=37, size=1024
[  473.236270][ T6022] NILFS (loop0): discard dirty block: blocknr=38, size=1024
[  473.347533][ T6022] NILFS (loop0): discard dirty page: offset=0, ino=5
[  473.354514][ T6022] NILFS (loop0): discard dirty block: blocknr=41, size=1024
[  473.362256][ T6022] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  473.371543][ T6022] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  473.381128][ T6022] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  473.489092][ T7264] veth0_macvtap: entered promiscuous mode
[  473.595213][ T6022] NILFS (loop0): discard dirty page: offset=0, ino=4
[  473.599289][ T7264] veth1_macvtap: entered promiscuous mode
[  473.602070][ T6022] NILFS (loop0): discard dirty block: blocknr=40, size=1024
[  473.615580][ T6022] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  473.624814][ T6022] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  473.634092][ T6022] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  473.760352][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  473.777303][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.788937][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  473.799823][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.810150][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  473.820972][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.831204][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  473.842039][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.852276][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  473.863090][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  473.886150][ T7264] batman_adv: batadv0: Interface activated: batadv_slave_0
[  473.996369][ T7465] loop3: detected capacity change from 0 to 2048
[  474.089502][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  474.106439][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  474.118377][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  474.129250][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  474.139535][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  474.151308][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  474.161549][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  474.172357][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  474.182579][ T7264] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  474.193457][ T7264] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  474.208841][ T7264] batman_adv: batadv0: Interface activated: batadv_slave_1
[  474.251182][ T7465] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  474.359100][ T7465] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  474.575454][ T7264] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  474.584848][ T7264] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  474.594084][ T7264] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  474.603263][ T7264] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  474.637868][ T7473] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'.
[  475.453474][ T7479] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  475.477697][ T7479] veth6: entered allmulticast mode
[  475.624187][ T3515] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  475.632522][ T3515] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  475.912417][ T3878] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  475.920933][ T3878] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  476.184412][ T1221] ieee802154 phy0 wpan0: encryption failed: -22
[  476.191135][ T1221] ieee802154 phy1 wpan1: encryption failed: -22
[  477.419421][ T7494] loop2: detected capacity change from 0 to 32768
[  477.468796][ T7494] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (7494)
[  477.590143][ T7494] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  477.600739][ T7494] BTRFS info (device loop2): using sha256 (sha256-generic) checksum algorithm
[  477.612116][ T7494] BTRFS info (device loop2): using free-space-tree
[  477.814674][ T7501] loop0: detected capacity change from 0 to 512
[  477.854940][ T7501] EXT4-fs (loop0): bad geometry: block count 510 exceeds size of device (256 blocks)
[  478.029799][ T7501] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  478.039262][ T7501] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  478.045885][ T7500] loop1: detected capacity change from 0 to 2048
[  478.118617][ T7501] netlink: 'syz-executor.0': attribute type 29 has an invalid length.
[  478.310407][ T7519] loop3: detected capacity change from 0 to 2048
[  478.365450][   T29] audit: type=1800 audit(1717385384.210:92): pid=7501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1947 res=0 errno=0
[  478.615462][ T7524] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  478.721377][ T5087] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  478.835005][   T29] audit: type=1800 audit(1717385384.663:93): pid=7519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.3" name="bus" dev="loop3" ino=18 res=0 errno=0
[  479.766828][   T29] audit: type=1800 audit(1717385385.503:94): pid=7538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1958 res=0 errno=0
[  479.790363][   T29] audit: type=1800 audit(1717385385.567:95): pid=7538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz-executor.0" name="bus" dev="sda1" ino=1958 res=0 errno=0
[  480.728937][ T7524] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  480.740385][ T7524] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4)
[  480.859563][ T7524] Remounting filesystem read-only
[  480.865559][ T3878] NILFS (loop3): discard dirty page: offset=4096, ino=6
[  480.877491][ T3878] NILFS (loop3): discard dirty block: blocknr=39, size=1024
[  480.887662][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  480.898273][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  480.908277][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.153085][ T7546] loop0: detected capacity change from 0 to 32768
[  481.156228][ T3878] NILFS (loop3): discard dirty page: offset=0, ino=2
[  481.166792][ T3878] NILFS (loop3): discard dirty block: blocknr=18, size=1024
[  481.174576][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.183858][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.193278][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.208824][ T7546] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (7546)
[  481.244939][ T7546] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  481.257759][ T7546] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  481.268110][ T7546] BTRFS info (device loop0): using free-space-tree
[  481.434195][ T3878] NILFS (loop3): discard dirty page: offset=0, ino=3
[  481.441320][ T3878] NILFS (loop3): discard dirty block: blocknr=42, size=1024
[  481.448898][ T3878] NILFS (loop3): discard dirty block: blocknr=43, size=1024
[  481.456538][ T3878] NILFS (loop3): discard dirty block: blocknr=44, size=1024
[  481.464141][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.473395][ T3878] NILFS (loop3): discard dirty page: offset=163840, ino=3
[  481.480758][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.489969][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.499161][ T3878] NILFS (loop3): discard dirty block: blocknr=47, size=1024
[  481.506874][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.516189][ T3878] NILFS (loop3): discard dirty page: offset=196608, ino=3
[  481.523536][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.539205][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.550327][ T3878] NILFS (loop3): discard dirty block: blocknr=49, size=1024
[  481.557987][ T3878] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.622447][ T5085] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer
[  481.667566][ T5085] NILFS (loop3): discard dirty page: offset=0, ino=6
[  481.674578][ T5085] NILFS (loop3): discard dirty block: blocknr=35, size=1024
[  481.682344][ T5085] NILFS (loop3): discard dirty block: blocknr=36, size=1024
[  481.714225][ T5085] NILFS (loop3): discard dirty block: blocknr=37, size=1024
[  481.731472][ T5085] NILFS (loop3): discard dirty block: blocknr=38, size=1024
[  481.794207][ T5085] NILFS (loop3): discard dirty page: offset=0, ino=5
[  481.801522][ T5085] NILFS (loop3): discard dirty block: blocknr=41, size=1024
[  481.809692][ T5085] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.819032][ T5085] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  481.828282][ T5085] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  482.078694][ T5085] NILFS (loop3): discard dirty page: offset=0, ino=4
[  482.085794][ T5085] NILFS (loop3): discard dirty block: blocknr=40, size=1024
[  482.100321][ T5085] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  482.109612][ T5085] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  482.119250][ T5085] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  483.177989][ T3475] =====================================================
[  483.185463][ T3475] BUG: KMSAN: uninit-value in ZSTD_compressBlock_doubleFast+0xf04d/0x19160
[  483.194527][ T3475]  ZSTD_compressBlock_doubleFast+0xf04d/0x19160
[  483.206552][ T3475]  ZSTD_buildSeqStore+0xc68/0xe00
[  483.211794][ T3475]  ZSTD_compressBlock_internal+0x5c/0x8c0
[  483.219271][ T3475]  ZSTD_compressContinue_internal+0x1ff3/0x5560
[  483.225843][ T3475]  ZSTD_compressEnd+0x69/0x960
[  483.230968][ T3475]  ZSTD_compressStream2+0x1380/0x2770
[  483.236604][ T3475]  ZSTD_endStream+0x6e/0x270
[  483.241658][ T3475]  zstd_end_stream+0x36/0x50
[  483.246540][ T3475]  zstd_compress_pages+0x1381/0x1ef0
[  483.252361][ T3475]  btrfs_compress_pages+0x34e/0x460
[  483.257767][ T3475]  compress_file_range+0xf50/0x25d0
[  483.263526][ T3475]  btrfs_work_helper+0x52f/0x18d0
[  483.268755][ T3475]  process_scheduled_works+0xa81/0x1bd0
[  483.274983][ T3475]  worker_thread+0xea5/0x1560
[  483.279886][ T3475]  kthread+0x3e2/0x540
[  483.284327][ T3475]  ret_from_fork+0x6d/0x90
[  483.288919][ T3475]  ret_from_fork_asm+0x1a/0x30
[  483.294028][ T3475] 
[  483.296442][ T3475] Uninit was stored to memory at:
[  483.301965][ T3475]  ZSTD_compressStream2+0xd3f/0x2770
[  483.313184][ T3475]  ZSTD_compressStream+0x42/0x180
[  483.318470][ T3475]  zstd_compress_stream+0x3e/0x50
[  483.325725][ T3475]  zstd_compress_pages+0xed6/0x1ef0
[  483.331183][ T3475]  btrfs_compress_pages+0x34e/0x460
[  483.336936][ T3475]  compress_file_range+0xf50/0x25d0
[  483.342356][ T3475]  btrfs_work_helper+0x52f/0x18d0
[  483.347737][ T3475]  process_scheduled_works+0xa81/0x1bd0
[  483.353482][ T3475]  worker_thread+0xea5/0x1560
[  483.358619][ T3475]  kthread+0x3e2/0x540
[  483.362878][ T3475]  ret_from_fork+0x6d/0x90
[  483.367668][ T3475]  ret_from_fork_asm+0x1a/0x30
[  483.372636][ T3475] 
[  483.375044][ T3475] Uninit was stored to memory at:
[  483.380657][ T3475]  copy_page_from_iter_atomic+0x12b7/0x2ae0
[  483.386776][ T3475]  btrfs_copy_from_user+0x176/0x4c0
[  483.392362][ T3475]  btrfs_buffered_write+0x119a/0x2ab0
[  483.397915][ T3475]  btrfs_do_write_iter+0x395/0x2270
[  483.403444][ T3475]  btrfs_file_write_iter+0x38/0x50
[  483.408740][ T3475]  __kernel_write_iter+0x64d/0xc80
[  483.414207][ T3475]  dump_user_range+0x8dc/0xee0
[  483.424818][ T3475]  elf_core_dump+0x57c7/0x5ae0
[  483.429809][ T3475]  do_coredump+0x32d5/0x4920
[  483.436317][ T3475]  get_signal+0x267e/0x2d00
[  483.441038][ T3475]  arch_do_signal_or_restart+0x53/0xcb0
[  483.446991][ T3475]  syscall_exit_to_user_mode+0x5d/0x160
[  483.452763][ T3475]  do_syscall_64+0xdc/0x1e0
[  483.457653][ T3475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.463765][ T3475] 
[  483.466341][ T3475] Uninit was created at:
[  483.470803][ T3475]  __alloc_pages+0x9d6/0xe70
[  483.475679][ T3475]  alloc_pages_mpol+0x299/0x990
[  483.480717][ T3475]  alloc_pages+0x1bf/0x1e0
[  483.485332][ T3475]  dump_user_range+0x4a/0xee0
[  483.490323][ T3475]  elf_core_dump+0x57c7/0x5ae0
[  483.495304][ T3475]  do_coredump+0x32d5/0x4920
[  483.500580][ T3475]  get_signal+0x267e/0x2d00
[  483.505279][ T3475]  arch_do_signal_or_restart+0x53/0xcb0
[  483.513380][ T3475]  syscall_exit_to_user_mode+0x5d/0x160
[  483.519666][ T3475]  do_syscall_64+0xdc/0x1e0
[  483.524383][ T3475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.536743][ T3475] 
[  483.539193][ T3475] CPU: 0 PID: 3475 Comm: kworker/u8:18 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0
[  483.550963][ T3475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  483.561334][ T3475] Workqueue: btrfs-delalloc btrfs_work_helper
[  483.567881][ T3475] =====================================================
[  483.575064][ T3475] Disabling lock debugging due to kernel taint
[  483.581341][ T3475] Kernel panic - not syncing: kmsan.panic set ...
[  483.587876][ T3475] CPU: 0 PID: 3475 Comm: kworker/u8:18 Tainted: G    B              6.9.0-syzkaller-02707-g614da38e2f7a #0
[  483.599435][ T3475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  483.609654][ T3475] Workqueue: btrfs-delalloc btrfs_work_helper
[  483.615951][ T3475] Call Trace:
[  483.619354][ T3475]  <TASK>
[  483.622392][ T3475]  dump_stack_lvl+0x216/0x2d0
2024/06/03 03:29:48 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  483.627297][ T3475]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  483.633320][ T3475]  dump_stack+0x1e/0x30
[  483.637701][ T3475]  panic+0x4e2/0xcd0
[  483.641823][ T3475]  ? kmsan_get_metadata+0xf1/0x1d0
[  483.647138][ T3475]  kmsan_report+0x2d5/0x2e0
[  483.651927][ T3475]  ? kmsan_get_metadata+0x146/0x1d0
[  483.657330][ T3475]  ? __msan_warning+0x95/0x120
[  483.662269][ T3475]  ? ZSTD_compressBlock_doubleFast+0xf04d/0x19160
[  483.668926][ T3475]  ? ZSTD_buildSeqStore+0xc68/0xe00
[  483.674323][ T3475]  ? ZSTD_compressBlock_internal+0x5c/0x8c0
[  483.680411][ T3475]  ? ZSTD_compressContinue_internal+0x1ff3/0x5560
[  483.687062][ T3475]  ? ZSTD_compressEnd+0x69/0x960
[  483.692217][ T3475]  ? ZSTD_compressStream2+0x1380/0x2770
[  483.698001][ T3475]  ? ZSTD_endStream+0x6e/0x270
[  483.702986][ T3475]  ? zstd_end_stream+0x36/0x50
[  483.707962][ T3475]  ? zstd_compress_pages+0x1381/0x1ef0
[  483.713593][ T3475]  ? btrfs_compress_pages+0x34e/0x460
[  483.719139][ T3475]  ? compress_file_range+0xf50/0x25d0
[  483.724704][ T3475]  ? btrfs_work_helper+0x52f/0x18d0
[  483.730075][ T3475]  ? process_scheduled_works+0xa81/0x1bd0
[  483.735972][ T3475]  ? worker_thread+0xea5/0x1560
[  483.740995][ T3475]  ? kthread+0x3e2/0x540
[  483.745416][ T3475]  ? ret_from_fork+0x6d/0x90
[  483.750166][ T3475]  ? ret_from_fork_asm+0x1a/0x30
[  483.755308][ T3475]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  483.761310][ T3475]  ? kmsan_get_metadata+0x146/0x1d0
[  483.766681][ T3475]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  483.772669][ T3475]  ? kmsan_get_metadata+0x146/0x1d0
[  483.778042][ T3475]  ? kmsan_metadata_is_contiguous+0x66/0x1e0
[  483.784238][ T3475]  ? kmsan_get_metadata+0x146/0x1d0
[  483.789609][ T3475]  ? kmsan_metadata_is_contiguous+0x66/0x1e0
[  483.795807][ T3475]  ? kmsan_get_metadata+0x146/0x1d0
[  483.801180][ T3475]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  483.807183][ T3475]  __msan_warning+0x95/0x120
[  483.811935][ T3475]  ZSTD_compressBlock_doubleFast+0xf04d/0x19160
[  483.818594][ T3475]  ZSTD_buildSeqStore+0xc68/0xe00
[  483.823857][ T3475]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  483.829859][ T3475]  ? kmsan_get_metadata+0x146/0x1d0
[  483.835246][ T3475]  ZSTD_compressBlock_internal+0x5c/0x8c0
[  483.841159][ T3475]  ZSTD_compressContinue_internal+0x1ff3/0x5560
[  483.847647][ T3475]  ? _raw_spin_unlock_irqrestore+0x3f/0x60
[  483.853674][ T3475]  ? __msan_memcpy+0x108/0x1c0
[  483.858640][ T3475]  ? ZSTD_compressStream2+0xd3f/0x2770
[  483.864315][ T3475]  ? zstd_compress_stream+0x3e/0x50
[  483.869733][ T3475]  ? zstd_compress_pages+0xed6/0x1ef0
[  483.875277][ T3475]  ? btrfs_compress_pages+0x34e/0x460
[  483.880839][ T3475]  ? compress_file_range+0xf50/0x25d0
[  483.886412][ T3475]  ? worker_thread+0xea5/0x1560
[  483.891444][ T3475]  ? kthread+0x3e2/0x540
[  483.895866][ T3475]  ? ret_from_fork+0x6d/0x90
[  483.900617][ T3475]  ? kmsan_get_metadata+0x146/0x1d0
[  483.905993][ T3475]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  483.912007][ T3475]  ZSTD_compressEnd+0x69/0x960
[  483.916962][ T3475]  ? kmsan_internal_memmove_metadata+0x17b/0x230
[  483.923595][ T3475]  ? kmsan_get_metadata+0x146/0x1d0
[  483.928971][ T3475]  ZSTD_compressStream2+0x1380/0x2770
[  483.934613][ T3475]  ZSTD_endStream+0x6e/0x270
[  483.939413][ T3475]  zstd_end_stream+0x36/0x50
[  483.944196][ T3475]  zstd_compress_pages+0x1381/0x1ef0
[  483.949729][ T3475]  btrfs_compress_pages+0x34e/0x460
[  483.955337][ T3475]  compress_file_range+0xf50/0x25d0
[  483.960828][ T3475]  ? __pfx_compress_file_range+0x10/0x10
[  483.966697][ T3475]  btrfs_work_helper+0x52f/0x18d0
[  483.971901][ T3475]  ? wake_up_process+0x2a/0x40
[  483.976836][ T3475]  ? kmsan_get_metadata+0x146/0x1d0
[  483.982219][ T3475]  ? __pfx_submit_compressed_extents+0x10/0x10
[  483.988583][ T3475]  ? btrfs_init_work+0xc0/0x100
[  483.993605][ T3475]  ? __pfx_btrfs_work_helper+0x10/0x10
[  483.999232][ T3475]  process_scheduled_works+0xa81/0x1bd0
[  484.004992][ T3475]  worker_thread+0xea5/0x1560
[  484.009878][ T3475]  kthread+0x3e2/0x540
[  484.014142][ T3475]  ? __pfx_worker_thread+0x10/0x10
[  484.019437][ T3475]  ? __pfx_kthread+0x10/0x10
[  484.024209][ T3475]  ret_from_fork+0x6d/0x90
[  484.028788][ T3475]  ? __pfx_kthread+0x10/0x10
[  484.033559][ T3475]  ret_from_fork_asm+0x1a/0x30
[  484.038537][ T3475]  </TASK>
[  484.041789][ T3475] Kernel Offset: disabled
[  484.046174][ T3475] Rebooting in 86400 seconds..