last executing test programs:

4m21.349015231s ago: executing program 1 (id=474):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000280)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x94)

4m20.591462104s ago: executing program 1 (id=476):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
set_mempolicy(0x2, &(0x7f0000000080)=0x51e1, 0x3ff)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendmmsg(r1, &(0x7f0000003f40)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000500)="fe", 0x33fe0}], 0x1}}], 0x1, 0x40002)
ftruncate(0xffffffffffffffff, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x1000}], 0x1}}], 0x1, 0x700, 0x0)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x578410eb)
socket$kcm(0x10, 0x2, 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x6a, &(0x7f0000000300)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x58, 0x1, 0x1, 0x9, 0x0, 0x3, [{{0x9, 0x4, 0x0, 0x1, 0x3, 0x2, 0x6, 0x0, 0x4, {{0x8, 0x24, 0x6, 0x0, 0x0, "ba8b11"}, {0x5, 0x24, 0x0, 0x7}, {0xd, 0x24, 0xf, 0x1, 0x7fff, 0x3, 0x400, 0xff}, [@mbim={0xc, 0x24, 0x1b, 0xfff, 0x1, 0x2, 0xa6, 0x6, 0x2}, @call_mgmt={0x5, 0x24, 0x1, 0x2, 0x2}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x200, 0xff, 0x7, 0x6}}], {{0x9, 0x5, 0x82, 0x2, 0x400, 0x6, 0x1, 0xf0}}, {{0x9, 0x5, 0x3, 0x2, 0x200, 0x0, 0xfc, 0xff}}}}}]}}]}}, 0x0)
process_vm_readv(0x0, &(0x7f0000008400), 0x0, &(0x7f0000008640), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
socket$kcm(0x29, 0x5, 0x0)
pipe(&(0x7f0000000040))
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(0xffffffffffffffff, &(0x7f0000000000)="240000001a005f0214f9f4070009040081000000002c00000000000008000f0001000000", 0x24)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={&(0x7f0000000300), &(0x7f0000000380)="c75f16175bb69c4013d0479f629c0ba46ff8ac8dc98098b878545ed70bb5bc1bacf36b28b91a23b1365fa8e67059f7c1fc1ade5eb855207f7066f96bdafb14234e8d9afeee1f3fd22e4b4fe5a61f4afde21805ae5206b87bb22d882df14583a3e6616fce86827ba486d004155a4450ce7bc978b14dadd17103787da46b699548"}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, 0x0, 0x0)

4m15.485343034s ago: executing program 1 (id=488):
syz_open_procfs(0x0, &(0x7f0000000580)='net/fib_trie\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x9c93, 0x0, 0x0, 0x0, &(0x7f00000000c0))
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000000), 0x0)

4m14.604236966s ago: executing program 1 (id=490):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file0\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x4431, &(0x7f00000088c0)="$eJzs3b9PHFceAPA3Az6Dz/ZhnwufdNKtdJbudHdC4OoSLAVjbAw2ceTELtKsF1jbJAtrwRKlcEE6S6kipYhSWImUjspCSu38CWlSOrWlpEgTKZIVop2dxcywGzaEhdj6fIod5v2G78zbN8Xw4lTt7vxyYX65UFosVGdvL58tvFetrCyUQ7xPWvZ/aP/6pzPduE5+rc0v92zktHLtwqU3b54N4au5b55ubGxshLre0NLwlp9//OH+7NZjU5yrU2+3dWt75e0Qwqlt46rrCSH0hRCiEML5NG0sPfaHEI6leTfvf3irsEejefSkfK74bPrB+siZqbWH6+1/9yiETyt/+9+dhe/+2TPy7X/2qHsAAAAAAAAAAAAAAAAAAF5wE9ev3XhjaDg8jkLvWrT9fd2J9Nju/diNPfOP7v+yAAAAAAAAAAAAAAAAAAAA8Af1/P3/QnSyxfv/4+lxtE39jde6P0a6Z/L1a+MXh4bT/d+jbfn/T5O+P98TTrTY9z2///v5XP3W+79v72e3muNr9jsQongwcx7Hg4MhfJ5u/H46OhJXqsu1/96urizO7dkwXljZ+Dd2789EJ93Qv8P4x2O59ru///9ft11N9fNbe3eJvdSy8e9pW+6LD6KO7v8LuXr7EX92Lxv/3iStf2uB0cYEUI//R707x38813634n88hFCI6mMtZGaA+hqmnt5uvUJWNv6HkrTM1Jn+Idvd/z/l4n8x1/5Bzf+r+S8iWsrG/09JWl+mxOHkM4l/vPP9fynX/kHEvz7+Vd//HcnGvxHr0JspkvwlO53/J3Ltt43/4d837htxOs7jUeYKWIsa6e3+Xx1Z2fj3bct//vwXd7T+u5yrv1/Pf81+m89/zen/31Hj+Y/WsvHvb1uu0/t/Mlev2/P/aLL+Y7ey8T+SpGXXzgPJZ6fxn8q13634J08lfc34P59Pfj7cSP/M+q8j2fj/uZEYby2xmnwm679o5/X/lVz7B7H+q49/Ne5ury+LbPyPti1Xj//XHXz/X83V6378Qxiy1t+1bPyPtS2X3P99O8d/Olev2/H/VzcbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgBjKXHgRDFg5nzOB4cDOFCen46HIlmSnPFmUp19t3lEMbT9EI4Gd2pVGdKleL8YnWuXCxVKtXZEC6m+adCX7RcqdaKC6V7lzbb6o/ulktLtZlyqRZCmEjT/x6ONduama8tlO6FEC5v5v0lri7du1taLM7NL706NDQ0FCY3x3AiKr9fKy/WGr03ckOY2qw7EG0ZXJJ9ZXMsR6N3qitLi6VKkn51S51KdbZU2VJnOs37OJyIaksri7OlWrlYqd5p9neQRtPj+OT1t65fHd6WfytqHMf2d1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/EaPR175JITQ2ziLQwijzR+iVuUfPSmfKz6bfrA+cmZq7eH603blAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgF3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8eoCQRRGIDfTIokXY6Rakm6tBsCISmyQfAEegwPo0fxEt7BwsLWQgTZRV13YRutvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY71E1/n97j0jxtH+MWE5X6/P8t67zz+77D3eYkdv5+au+Tn+YrvKP+mhT5mO6284m0VEbi9aetPfpss9z71x9+9Y3X9P3JVIuIqKs89eUc1EMewsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgwA4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/AgAA////gRtE")
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x3)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000480)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x80044940, &(0x7f0000001b00)={<r2=>0x0, ""/256, 0x0, <r3=>0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r4=>0x0, 0x0, <r5=>0x0})
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000000680)=ANY=[@ANYRES16=r5, @ANYRES64=r4, @ANYBLOB="12a4095a2aac12f0bfcb206d982e44066381388d27f14002d8d7431d3947f6399c7ff9f5193fc0398653e5a67bbb319f02bf4ac6f6ccd5acbfe1350cc3a6d2d48cf6c089ddf67171ffb3b15988e7b394c5daf3e12ca05e4dbdad7edd45f10cbc296a53a530d4c2d203ee650d5fff3a9b5aae78794fe84327e508172cdd72eeff5af4d6db9379bef20dde8e64b91d31a84ce8a7598bb78cc85108874811fc650f0520a5", @ANYRESOCT=r4, @ANYRESDEC=r2, @ANYRES16=r3, @ANYRESDEC=0x0, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRES8, @ANYRES16], 0x0, 0x0, &(0x7f0000000000))
io_setup(0x202, &(0x7f0000000200)=<r6=>0x0)
io_submit(r6, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x100000, 0xfeffff}])

4m10.232758956s ago: executing program 1 (id=500):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4m9.33669278s ago: executing program 1 (id=503):
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000600)="580000001400192340835980040d8c560a067f9e45ff810500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000fff5dd000008100001000b08080041491f4006040800", 0x58}], 0x1)

4m8.292221706s ago: executing program 32 (id=503):
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
r0 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000600)="580000001400192340835980040d8c560a067f9e45ff810500000000070058000b480400945f640094272d7061d328b92d0000000000008000f0fffeffe809000000fff5dd000008100001000b08080041491f4006040800", 0x58}], 0x1)

4m0.304453063s ago: executing program 3 (id=526):
syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
openat$autofs(0xffffffffffffff9c, 0x0, 0x20002, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})
creat(&(0x7f0000000040)='./file0\x00', 0x4b)
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x2200054, &(0x7f0000000000), 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_VENDOR(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01134f9b3a000000fc006700000008000300", @ANYRES32=r6, @ANYBLOB="0c00990000000000000000000800c300741300000800c400"], 0x3c}}, 0x40000)

3m59.202679153s ago: executing program 3 (id=527):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000009c0)={0x6, 0x0, 0x0, &(0x7f00000002c0)='GPL\x00', 0xdf64, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000580)={0x8, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3m58.754292761s ago: executing program 3 (id=528):
r0 = syz_open_dev$sg(0x0, 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0))
syz_open_dev$vim2m(0x0, 0x2, 0x2)
getdents(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000024c0)={0x2020}, 0x1c02)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x240008c4)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0x0, 0x9}, @queue={0xee, {0x7, 0xc9a}}}, {0x0, 0x0, 0x0, 0x0, @time={0x367f, 0xfffffffd}, {}, {0x80}, @connect={{0x40, 0x7}, {0x80, 0xf6}}}], 0x38)

3m57.845120975s ago: executing program 3 (id=531):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file0\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x4431, &(0x7f00000088c0)="$eJzs3b9PHFceAPA3Az6Dz/ZhnwufdNKtdJbudHdC4OoSLAVjbAw2ceTELtKsF1jbJAtrwRKlcEE6S6kipYhSWImUjspCSu38CWlSOrWlpEgTKZIVop2dxcywGzaEhdj6fIod5v2G78zbN8Xw4lTt7vxyYX65UFosVGdvL58tvFetrCyUQ7xPWvZ/aP/6pzPduE5+rc0v92zktHLtwqU3b54N4au5b55ubGxshLre0NLwlp9//OH+7NZjU5yrU2+3dWt75e0Qwqlt46rrCSH0hRCiEML5NG0sPfaHEI6leTfvf3irsEejefSkfK74bPrB+siZqbWH6+1/9yiETyt/+9+dhe/+2TPy7X/2qHsAAAAAAAAAAAAAAAAAAF5wE9ev3XhjaDg8jkLvWrT9fd2J9Nju/diNPfOP7v+yAAAAAAAAAAAAAAAAAAAA8Af1/P3/QnSyxfv/4+lxtE39jde6P0a6Z/L1a+MXh4bT/d+jbfn/T5O+P98TTrTY9z2///v5XP3W+79v72e3muNr9jsQongwcx7Hg4MhfJ5u/H46OhJXqsu1/96urizO7dkwXljZ+Dd2789EJ93Qv8P4x2O59ru///9ft11N9fNbe3eJvdSy8e9pW+6LD6KO7v8LuXr7EX92Lxv/3iStf2uB0cYEUI//R707x38813634n88hFCI6mMtZGaA+hqmnt5uvUJWNv6HkrTM1Jn+Idvd/z/l4n8x1/5Bzf+r+S8iWsrG/09JWl+mxOHkM4l/vPP9fynX/kHEvz7+Vd//HcnGvxHr0JspkvwlO53/J3Ltt43/4d837htxOs7jUeYKWIsa6e3+Xx1Z2fj3bct//vwXd7T+u5yrv1/Pf81+m89/zen/31Hj+Y/WsvHvb1uu0/t/Mlev2/P/aLL+Y7ey8T+SpGXXzgPJZ6fxn8q13634J08lfc34P59Pfj7cSP/M+q8j2fj/uZEYby2xmnwm679o5/X/lVz7B7H+q49/Ne5ury+LbPyPti1Xj//XHXz/X83V6378Qxiy1t+1bPyPtS2X3P99O8d/Olev2/H/VzcbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgBjKXHgRDFg5nzOB4cDOFCen46HIlmSnPFmUp19t3lEMbT9EI4Gd2pVGdKleL8YnWuXCxVKtXZEC6m+adCX7RcqdaKC6V7lzbb6o/ulktLtZlyqRZCmEjT/x6ONduama8tlO6FEC5v5v0lri7du1taLM7NL706NDQ0FCY3x3AiKr9fKy/WGr03ckOY2qw7EG0ZXJJ9ZXMsR6N3qitLi6VKkn51S51KdbZU2VJnOs37OJyIaksri7OlWrlYqd5p9neQRtPj+OT1t65fHd6WfytqHMf2d1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/EaPR175JITQ2ziLQwijzR+iVuUfPSmfKz6bfrA+cmZq7eH603blAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgF3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8eoCQRRGIDfTIokXY6Rakm6tBsCISmyQfAEegwPo0fxEt7BwsLWQgTZRV13YRutvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY71E1/n97j0jxtH+MWE5X6/P8t67zz+77D3eYkdv5+au+Tn+YrvKP+mhT5mO6284m0VEbi9aetPfpss9z71x9+9Y3X9P3JVIuIqKs89eUc1EMewsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgwA4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/AgAA////gRtE")
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x3)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000480)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x80044940, &(0x7f0000001b00)={<r2=>0x0, ""/256, 0x0, <r3=>0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r4=>0x0, 0x0, <r5=>0x0})
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000000680)=ANY=[@ANYRES16=r5, @ANYRES64=r4, @ANYBLOB="12a4095a2aac12f0bfcb206d982e44066381388d27f14002d8d7431d3947f6399c7ff9f5193fc0398653e5a67bbb319f02bf4ac6f6ccd5acbfe1350cc3a6d2d48cf6c089ddf67171ffb3b15988e7b394c5daf3e12ca05e4dbdad7edd45f10cbc296a53a530d4c2d203ee650d5fff3a9b5aae78794fe84327e508172cdd72eeff5af4d6db9379bef20dde8e64b91d31a84ce8a7598bb78cc85108874811fc650f0520a5", @ANYRESOCT=r4, @ANYRESDEC=r2, @ANYRES16=r3, @ANYRESDEC=0x0, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRES8, @ANYRES16], 0x0, 0x0, &(0x7f0000000000))
io_setup(0x202, &(0x7f0000000200)=<r6=>0x0)
io_submit(r6, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x100000, 0xfeffff}])

3m54.896272978s ago: executing program 3 (id=536):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket$unix(0x1, 0x2, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x5}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0xa, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x80, 0x0, 0x5, 0x1, 0xc}, 0xb, 0xfffffffe, 0x8, 0x5, 0x9, 0x2, 0x9, 0xd, 0x8, 0x1, {0xffff1c72, 0x3, 0x1000, 0x101, 0xfffffffe, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2001c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

3m53.098875706s ago: executing program 0 (id=538):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00'}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8b05, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, 0x0, 0x0)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, 0x0)
ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, 0x0)

3m53.008253813s ago: executing program 0 (id=539):
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000010ac054402000000000001"], 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffa}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x200)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

3m52.524486813s ago: executing program 3 (id=541):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
landlock_create_ruleset(&(0x7f0000000040)={0x501a, 0x3, 0x3}, 0x18, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r3, 0x4038ae7a, &(0x7f0000000100)={0x2, 0x40000105, 0x0, 0x0})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

3m51.825443241s ago: executing program 33 (id=541):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
landlock_create_ruleset(&(0x7f0000000040)={0x501a, 0x3, 0x3}, 0x18, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r3, 0x4038ae7a, &(0x7f0000000100)={0x2, 0x40000105, 0x0, 0x0})
ioctl$KVM_RUN(r1, 0xae80, 0x0)

3m49.936804616s ago: executing program 0 (id=543):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x80)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x78, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xc, 0xfff1}, {}, {0x5, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x48, 0x2, [@TCA_FLOW_EMATCHES={0x44, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x38, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x20, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5, 0xe, 0x2}, {0x0, 0x7, 0x2}}}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT]}]}}]}]}]}}]}, 0x78}}, 0x20040054)

3m49.52444583s ago: executing program 0 (id=544):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file0\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x4431, &(0x7f00000088c0)="$eJzs3b9PHFceAPA3Az6Dz/ZhnwufdNKtdJbudHdC4OoSLAVjbAw2ceTELtKsF1jbJAtrwRKlcEE6S6kipYhSWImUjspCSu38CWlSOrWlpEgTKZIVop2dxcywGzaEhdj6fIod5v2G78zbN8Xw4lTt7vxyYX65UFosVGdvL58tvFetrCyUQ7xPWvZ/aP/6pzPduE5+rc0v92zktHLtwqU3b54N4au5b55ubGxshLre0NLwlp9//OH+7NZjU5yrU2+3dWt75e0Qwqlt46rrCSH0hRCiEML5NG0sPfaHEI6leTfvf3irsEejefSkfK74bPrB+siZqbWH6+1/9yiETyt/+9+dhe/+2TPy7X/2qHsAAAAAAAAAAAAAAAAAAF5wE9ev3XhjaDg8jkLvWrT9fd2J9Nju/diNPfOP7v+yAAAAAAAAAAAAAAAAAAAA8Af1/P3/QnSyxfv/4+lxtE39jde6P0a6Z/L1a+MXh4bT/d+jbfn/T5O+P98TTrTY9z2///v5XP3W+79v72e3muNr9jsQongwcx7Hg4MhfJ5u/H46OhJXqsu1/96urizO7dkwXljZ+Dd2789EJ93Qv8P4x2O59ru///9ft11N9fNbe3eJvdSy8e9pW+6LD6KO7v8LuXr7EX92Lxv/3iStf2uB0cYEUI//R707x38813634n88hFCI6mMtZGaA+hqmnt5uvUJWNv6HkrTM1Jn+Idvd/z/l4n8x1/5Bzf+r+S8iWsrG/09JWl+mxOHkM4l/vPP9fynX/kHEvz7+Vd//HcnGvxHr0JspkvwlO53/J3Ltt43/4d837htxOs7jUeYKWIsa6e3+Xx1Z2fj3bct//vwXd7T+u5yrv1/Pf81+m89/zen/31Hj+Y/WsvHvb1uu0/t/Mlev2/P/aLL+Y7ey8T+SpGXXzgPJZ6fxn8q13634J08lfc34P59Pfj7cSP/M+q8j2fj/uZEYby2xmnwm679o5/X/lVz7B7H+q49/Ne5ury+LbPyPti1Xj//XHXz/X83V6378Qxiy1t+1bPyPtS2X3P99O8d/Olev2/H/VzcbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgBjKXHgRDFg5nzOB4cDOFCen46HIlmSnPFmUp19t3lEMbT9EI4Gd2pVGdKleL8YnWuXCxVKtXZEC6m+adCX7RcqdaKC6V7lzbb6o/ulktLtZlyqRZCmEjT/x6ONduama8tlO6FEC5v5v0lri7du1taLM7NL706NDQ0FCY3x3AiKr9fKy/WGr03ckOY2qw7EG0ZXJJ9ZXMsR6N3qitLi6VKkn51S51KdbZU2VJnOs37OJyIaksri7OlWrlYqd5p9neQRtPj+OT1t65fHd6WfytqHMf2d1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/EaPR175JITQ2ziLQwijzR+iVuUfPSmfKz6bfrA+cmZq7eH603blAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgF3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8eoCQRRGIDfTIokXY6Rakm6tBsCISmyQfAEegwPo0fxEt7BwsLWQgTZRV13YRutvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY71E1/n97j0jxtH+MWE5X6/P8t67zz+77D3eYkdv5+au+Tn+YrvKP+mhT5mO6284m0VEbi9aetPfpss9z71x9+9Y3X9P3JVIuIqKs89eUc1EMewsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgwA4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/AgAA////gRtE")
r0 = creat(&(0x7f0000000080)='./bus\x00', 0x3)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000480)='./bus\x00', 0x0, 0x1000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x80044940, &(0x7f0000001b00)={<r2=>0x0, ""/256, 0x0, <r3=>0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r4=>0x0, 0x0, <r5=>0x0})
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x1a4243c, &(0x7f0000000680)=ANY=[@ANYRES16=r5, @ANYRES64=r4, @ANYBLOB="12a4095a2aac12f0bfcb206d982e44066381388d27f14002d8d7431d3947f6399c7ff9f5193fc0398653e5a67bbb319f02bf4ac6f6ccd5acbfe1350cc3a6d2d48cf6c089ddf67171ffb3b15988e7b394c5daf3e12ca05e4dbdad7edd45f10cbc296a53a530d4c2d203ee650d5fff3a9b5aae78794fe84327e508172cdd72eeff5af4d6db9379bef20dde8e64b91d31a84ce8a7598bb78cc85108874811fc650f0520a5", @ANYRESOCT=r4, @ANYRESDEC=r2, @ANYRES16=r3, @ANYRESDEC=0x0, @ANYBLOB="9a7f40ad4c7145903a868b9020e1e8899ed5747db23004fc9d248900abcaa6b065cf0800930a71dcd8b8955d93c78b9d4e5e06d8d5c9ac9b75d177754d6eba23e6d2be546c0dfecdf61baf732950a5729c01fbdc11e36cb411be200a9135657acd97d21ee46aac313ebdddd9265af16558dd3e5ba4836659a6abfe08aad84276acf949bdaa34bdf7f7b2dfb2fe8b9d6d225dcecebeb6e15f649994728842bd99fc94897d24315ac2d17bf6c2acfbfa8464d80f36304f88b906b78ab359be3479db5b0e7555f04416807c2202d6551f2425440be741dbe053e0bfeb845623e722a9293843f1cf0a71119dcadf7e353af4da52aed3086d6e5a095774248be9a1b1418dec1c03a2cb0ece0840ebeaaf7b67867da45943b700e2d6dad775ae6f33e55aa86ca84c336c91e3b7d7224f7a9a10d5b45a6ce0769d875415bea136b5508e5e0a88290792da3b11b2284a3d757c301cec78b55d3fcfa073615ccb089f66c5b9a5c84f6c1bb78c3370c4687eab260711fa05525687c7709e15cddea061f70798cbf940ad929eb80f33ad8bb4fcd322dd0558f111d7d01351147976b425a27e573402490055054cf3d80bebde6a89f3086170633740f08780aac3a73f17eaeda8deb642c2887962596b4d78c0ffffb28d0e64073b0641f89cf83a69afaaea03ba6070838fdbdaccb81630a6fdaa77fc10146013b9fd79e965a320daf81c1a51f032a3f462f2740e579eb116cad80b4e233326bf94fea52184517accf608b1fbfb395942869841b9ca0f314beff6b2dc0a74d7599012274b24775f0382e72907c1f0c571b994f048c0266feb775d893fec84e5733cd66a96cd45b60f63743b17b05d99c427a2d00a27fef17cadf128059a2e227b80701755b0bc706f32255c8cd619fa995cc7649f28337361a62cff46669fa4cf095a2d148987a9fafa6e1fb9f59b5ac5ff10a4c62e0187a3c75a983f7f5211142c6c09170a13e29c2044e5568bda8055cee4722e445e83ea01307c42cbe63a5bc529e1200e5874f7500275abacd6cc0e3bf8fd38ab7bab39f54d180d60892e2e3a713a3e654c89b8e9ba4474909991844514c04b655c66ccd6f2a17e29ff69d343ebac7ac5e1510ad4ff52e6a932a97bb0d814259da6545022152dd63f06219a1d66ec2278b694876ed6195b0543b8c9289b8438e8ee57dd38bcdb045a6fc4cede28effaa0354afbd4190fcbccd9a0e91508e4399e0e30a0bfdedcc19454b6dd7c2785a6e4fe74a0ece1d683ad07d76eafec02fb0d88debfeacd3531413185da0ffa4fb9b5e6d5a916f7bb5d51efc8ab61e4953fc6b2d1e670769f3ca56d51b804ceb118278acc90422e1f51e448a27d2fe4f93c88cf7c6148474bf650902dd6dd96541044113d244cf938150ec426e7ed63e1f153bbe328f4232552b104c8dee60b0c4e4c25f2605e97cc6f4263d32e8340be2d167137682373ae4cd501fdc9c5359b40f52803a5e4c0e04a5de0412c5cbd4d05e6135a1209d4b2dff50d39e481f1d1b01ed71004fb0c18e736af8ab176f833a439a85c9132e6d2296f665771c6a284eadc08c94ffa520dcc37fd6426c152364699514b15d4df6732fff39834e8ba29688b19db27a970d9d7fbee973c76bee04fb6164963969ebde0f785606781d63726736d8b60a713d5f72207a23f6f00420fdf24d14c069f36a7e236620481cc7a63857cc1355bac8d4f9a3f32785ad4d9d81719077a816b33b98006c322ee473aa9f8f83fae86a4d421104b298a9e42357c44b773e3504b3f9eb5b29330411b776b78fdb6dd9713dd1aee0cc9c7ee8bd23a50d4c8babaf6d74bc25377009a8c57c941f80e58ac08c93a275656cbad3864df9e791305d66103ab30983b07553ede5b5d5b0aab157f805eb6c11c75dd7f297c2cc9110551131a797164dec422b13799f1c261464c765a62c201eb9c8686eee94642d59f429cd137cba0d1a8126dcdfc28ea5c201526c61164a86f480dfde0c60fdf6afd3cd64719de1d89b5a362e058054a9db73aaffac324b04e8903060e1f14ca4ac31c82183066e6d581685efbe3452a20a665166b03808220770d66051971b61d8114376e22a4511cae9fdf7bbed68bb9f45b57eee1c15775730ef1434731d7b82a7cbcd6155396263984edfcea62196189da0ba9908d7d5ef514d75a3e1d4ae42654365083873fc4ce969fa4fac51d640be8d948bb9464d1a7e494c8df98bd5a569ff7fe1aca542c34610148a8f1dc9d60ff0f761270577f286a362f32164184ffce3ad132637e9f0381e9ce76a11f296f9d1e835cdc44926104e1df4d0a282a84b9fbc23064bfcab0d221c6e3124ae8ba6022e62f170dcc2d655f73b40f83fd65f5c705bc1f9e8df13adeadff9e1fe4660a55be7dc969cfffaed607190162dcd09d0cd86a297b22142b88f0eb28dd1a45152a4f4f2dca0d96d39fa594349040f486cd486af619b7083236cf90324cddc6f1ed0f6a103c8d936d7f2f31d420ef50931838e66721bff7494617b6b4bc385f3e51b3f81cf5d6953ac7fddc0f3466682911b38bc7f082e0c18e3ae0badf7f3fd3e186ebc2bab71fa26f77bb14cd97e6761c93c8c25887c0ef1f3dc1d8d86ce0fb73190f66f4deca77977e8d6064bfeeac3fad2bc50488c144e2a1a82fcc1e1c12ac54bf3e2d468e8f53241e4a6ad9e466746a45b053452ded5caa20461881d78d8235e986ba8b77e83601655d2650bf1b64ce17c75314216b43bbd1101a2e12e57525bb7d3b136a70635bdac8af24367a24ce2fe2a72ef2b0e56ff8dc62a82946f86f9b6b1418a89b1971372dfe7d5ce2e6611befff721f04a19bce7f90b1551a4cdead136662c50513fdde6f9d4a199c3907ed8799f231f54dd8347c71d829ff8ddc5d96b5aac2fe58652c81ff7f54e2568119dff2763ef435aa420630dacc7e9414340ee8688f46c7a8ab96d860937641042b3cdf6857ff1d2d4e47cec1f23e65fe541f38cb96b132666f999002e89cd1896ca58c2e63b87382e1a6c1ee9afa56cf3ba923fa9c989e20bff313f37252632fdcff03fbdd2d334ee93baf75c1bdae30feaa81fb2ac1b63c42dda06f20ce8c9d003eb3efed7931def342fb874fce92763f6f477c7f589b75d2129419fc4cb7a8893a1d3f94533ed9fdf9f21fc254fd80aa74750833d390327a2107e761240928d35a36c5eaca61fd848116b8dd7ec8157928bc2dd87f7756aa517cf6a61d2009fd4ba0579ca3b3129cfd5403546f5ab6d0575799a008fc67da9658427636d8f806d9b8cad64aee438d0a9b45957f31a5afe3ed894add9acadfd347246099c6ff0b4ec6f19ac61557daf8739e528185ab1468ca72d6d72e4f026e371e540b774b6576df3014dcc9e91b2cd1f0403a4fcaa6627b22682bb54f92150c2917acaee1972b2b03bc2bd37fdb9e7352c654d94ef196b7229e4da5ee62b7d395ecdd5177f2563242ea49ff78151a4a816a94e89b03f41c7e6684f8be3e5802e9338e7cbd3b43f708c062f944a59f31b02ca9a177e6b681accee8785d2467d2d78636be4330febaa3f6907db07992a2de74e459f3ae8ee6adae20cbc75aabd2d5d3424de0ddcc3ddd981c3a4966c57f8fdb1c42db87395f0bc800ff8ddb4c228a7d793d8a997885494a8578f5433d3f82886ea573641bf16065efbc25718c88f7277ce04c94af560d8deb7968496f849d3fad78741272b08bf7aec3f3c777428d3b8b897333ae5afb6823af63cb7347601ee2e8d4e21b21a12e6d42f66a1aac26d296bc68a998d8ba179ed5f756c2efd8a7acc0e3f08093bb4a83d37f15b4fe07c90858058ad1ff0e21bb7bf4363079c5d452dba5972b21c8f41daf6f11a51d321d3c1d544190238036d907d965ff469ce4895eb7675f3e94a15f83b837b892a40390d87d76e9b15eda02366299d3dd93943466bceeb2f9e465adccc08e1a02c3ac01815931627ed327e0ffbe09563221a365b88c4f2449bd3634920d5bfbde7cdc92c4cb16a579f35f07dafc87ce6ce4de7bf9e8ff0e80b81cdab8f2164a25a0a6929679ce9ae0dc2ac7ed41a787446676f091597551dc2e8c054224bac6652bba5fb675c0b2c94d2faac160f11b7b96fc96415aca8a47fa03658b8afa24b6bd97f7dbeead9ae5f7ec1cb0d000055f41a5043c6c4c97212398b168b5cb9ee650726eabcc31b6712e815fdaae77885350884fb36d6d5444d5e5500a7d636d4eced14b9d411c765b36a4be06ca9be2965d6d6c06c3b6bcb38babeb2999ee71295d48926bf6e39363fabf74de5e57aa0b59f9dddeca142d0c50ab7ff198196c69c971e6ab591220f4e42d6525e2dbd99b6c57949c854e4ee0e4581f9e3e160b3f66b01f23f4d0472c0a1f307837ac8dac0a257d09ab82975148dcd764fe6359a5f21b9cbe2ae7b9b277489a8b3285b8289a84ff854508b4488ffcf68f47ec7a5c18a8c3d06e26b32f754ac74ea8e93a554147fd3b3daf1fbe924e2e389cac13a5f80f3a21dbd250d3917f7b5acfc739a63f2b3d6b3f099efb4be7a842215c89fc87bd8550d11ba2a4af0f111ab124503b26feeae3be3ee24168dd4553a226b9168edb11c3e61bc850adf995b4d6f1aace6db0b91f805c3d1789a3e6b470e5470968f429d5b05c8f76ca2981e37f5bde4ad00a09755c76774ead7d93f3f41255b1d56152e3699b133b2e0b277427c992323d1b4d8c438434e9e901ddd43788f80cb9a975e9dd1671ce16be5ff8033d5da824f00fd78b540edbcd69a2e9aff03e31af9afefb809434f52b4a1239fdd241ed3a268258addde19d1724155a1a4c877bd59b0659b7a786886f6ffcb5999d1f9c007d615020926f7165a9ddd4aaa3c7b631d30cc951e328131d99282ac06a18f88373092320ea5308f06c376e711aecda4cd1c2b639d9ea7a2613d4e9eaa9a0ef72774fdec622f7d131b45135d577897bf686b460a371083070139ea544bda15012251d6c8e7163c25412841faefba76765648ca7cd1b423403a654b6b5754588ae6c309621477db20f7c9236af1e422ebd3fb6d6a712e7a6d00d58416b7d65a53a2514bf51bedfe9207f16a4d79418600389b98ea8b9e06b8da708a86f191e567925af39a09ac9fd7902e8f8e77567baf1b75c05ba1eb7089b424801405afc982a8d79c80fada184a1ab3bab526a3b0a5e20d2dc6bcdd2c5cb7c49f735f3e8f4d36a388ca805876ae08f0e3acca5dd864c1fa1552068bf799095221480374fd2dcaeddb74be93470eff4fe278e190f0a131f32340ada9cca518af769f42943875f4c5707beee2179771da21cd66405b9973648bd047a516d1cf902fa1f0fcdcbc3f4c1f20fc22f9a7e9f4c3a52576399604c46f83ede44f542d06d54e6e8a1e693a2cfcbb16c178d1bace976133e72cc4533bd02b1c4ec2cc22097435aff5a682ca7227414895450831560fa682493f4814ce8fbdb190f8ce2b533ed9582638511bda93aeae5d0690f745b788db622864ba3fb60952f119427fbe66754c5c038c5fb2cb87c326d65862e353c14950bd1fa7c70e36323e9cf90c81f6275e59c7926acac1560a0b6bbc7a850817f2effa19d485315a219d49e293f871278294d02765cf72caa2f438de3337ed205bf68ff6ddaaa5e4b80de5fba022dfcf9cf074a319678df11eb77b3ef66e512b67ba5182265a60eaf457691e973d23cbaf6000537f886695074ebb616f9cdad9de7c6fe9ecfbd13d537d64c34a7c90ca56b50e60d6a7067e391e63561793edf6ed3c2eeb8555909a59ce73da1f096d41fb42de44494128324a9", @ANYRES8, @ANYRES16], 0x0, 0x0, &(0x7f0000000000))
io_setup(0x202, &(0x7f0000000200)=<r6=>0x0)
io_submit(r6, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0xe7030003, 0x2, 0x1, 0x0, r0, &(0x7f0000000000), 0x100000, 0xfeffff}])

3m47.256986036s ago: executing program 0 (id=548):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket$unix(0x1, 0x2, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xe}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x5}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0x2, 0xb}, {0xa, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x80, 0x0, 0x5, 0x1, 0xc}, 0xb, 0xfffffffe, 0x8, 0x5, 0x9, 0x2, 0x9, 0xd, 0x8, 0x1, {0xffff1c72, 0x3, 0x1000, 0x101, 0xfffffffe, 0x5}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2001c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

3m45.084047925s ago: executing program 0 (id=550):
openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
setxattr$incfs_metadata(0x0, 0x0, 0x0, 0x0, 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='cramfs\x00', 0x2a00000, 0x0)

3m44.368827944s ago: executing program 34 (id=550):
openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
setxattr$incfs_metadata(0x0, 0x0, 0x0, 0x0, 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000080)='cramfs\x00', 0x2a00000, 0x0)

5.343276411s ago: executing program 2 (id=1185):
ioctl$sock_netrom_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x4, 'syz1\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x3, 0x0, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default]})

4.320711585s ago: executing program 2 (id=1186):
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000340)='~', 0x1}], 0x1, 0x0, 0x0, 0x4000000}, 0xc851)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x1, 0x2, 0x9, '\x00', 0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000004c0)={0x1, 0x0, [{0x40000070, 0x0, 0x6}]})

3.945594126s ago: executing program 6 (id=1192):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@void, @val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x7, 0x3f}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x8000)

3.840743934s ago: executing program 2 (id=1193):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x4)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x0, 0x2})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x1, 0x0, &(0x7f0000000600)=""/52, 0x0, 0x10000})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/49})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback, 0x62ea450d}, {0xa, 0x4e22, 0x0, @mcast2}, 0x0, {[0x1, 0x0, 0x0, 0x0, 0x9, 0x6]}}, 0x5c)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)

3.786195509s ago: executing program 6 (id=1194):
setresgid(0x0, 0xee01, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8000, &(0x7f00000024c0)=ANY=[@ANYBLOB='quot'])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x240b42, 0x1cd)
quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000901, 0xee00, 0x0)

3.696153007s ago: executing program 2 (id=1196):
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000010ac0544020000000000010902240001000000000904000000030002"], 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffa}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x200)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

3.477950614s ago: executing program 6 (id=1198):
r0 = socket(0x28, 0x5, 0x0)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
r2 = syz_io_uring_setup(0x172, &(0x7f0000000780)={0x0, 0x4f5c, 0x10100, 0xfffffffe, 0x2a0}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
sendto$inet6(r1, 0x0, 0x62, 0x0, 0x0, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)

2.613820516s ago: executing program 6 (id=1199):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x180000c, &(0x7f00000003c0)=ANY=[@ANYBLOB='nls=ascii,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c706172743d3078303030303030303030303030303062622c6e6f626172726965722c6e6f626172726965722c63726561746f723d7fcfb5b72c706172743d3078303030303030303030303030303130312c6769643d", @ANYRESHEX=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="2c747970653d0b3cbf82440a104ab956f2ba5e36e41ccb1b040fa8b829b0b87078de654c66ac22aebaa2ef127e38e0aa2229f9cf6a850300"/71, @ANYRESDEC=0x0, @ANYRES8, @ANYRES32=0x0, @ANYRES8=0x0], 0x1, 0x6e6, &(0x7f0000001640)="$eJzs3UtoHOcdAPD/rFarXRUcOfEjLYEsMaSlorZkobTqpW4pRYdQQnroebHlWHgtB0kpsimN0se9h5x6Sg+6hR5Keje054aUkquOgUIuOemmMrMz+9Cudle2LG3T30/MzjfzPeab/7x2dhATwP+t1fkoP4kkVuff3Emn9/eWmlN7SzN5djMiKhFRiii3RpFsRJZ7Kx/im+nMvHzSbvhfvcv5cH3l7c+/2v+iNVXOh6x80lNvtEr/rN18iHpETOXjftPHtPjJ0cX3tHf72PbG1VnDNGDXisDFn56pVXhmh31223kf/zv7HFb9JMctMKGS1nWzz1zEbERUI1pX/fzsUDrb3p2+3fPuAAAAAJxU7eRVXjiIg9iJC8+jOwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPB1lb//P8mHUpGuR1K8/7+Sz4s8PYFGvwjxs5nW+Mnz7wwAAAAAAAAAPHevHsRB7MSFYvowyZ75v9b1jP8b8V5sxVpsxvXYiUZsx3ZsxmJEzHU1VNlpbG9vLmY1Iy4NqXkzPh1Q8+bxfbx1yusMAAAAAAAAABOuOiL//nT/vN/Gauf5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATIIkYqo1yoZLRXouSuWIqBbldiM+jYjK+fb2RJJBM5+cfT8AAADgmVR7J5PqGHVeeD8OYicuFNOHSXbPfyW7X67Ge7ER27Ee29GMtbiT30Ond/2l/b2l5v7e0oN06G/3x1+eqOtZi9H67WHwkl/OStTibqxnc67H7UjiMFPKW3l5f28pHT8Y3K8P0j4lP8oN6c1UV/pO+nH1kyz9x95fEconWsWnVDo2Zy7LnW5HZCHvW1rjYhGBwZHo2TqDdpPy0CUtRqn9y8+l4UsaHPMPhq/z7JFSA3+5ORdHI3EzSu0tdGV4JCK+/bePf3mvuXH/3t2t+clZpYHeH1niaCSWuiJx9WsUidEWskhcbk+vxs/iFzEfX868FZuxHr+KRmzHWr3Ib+T7c/o5NzxSn812T701qifpMVlvn78G9akePX2Kevw0SzXitWybXoj1SOJhRKzFG9nfzVhsnw06W/jyGEd9aYwzbZdr38lG7TBF7fiyfxmvydOSxvViV1y7z7lzWV73nE6UXhwYpeJaN/71qEv5W3kibeF3Q68PZ+1oJBa7IvHScftLK6R/zq4mW82N+5v3Gu+OubzX83F6HP1hoq4S6dq8GNV85S5mn0l2TC1keS+1r7C98arkT1xaSn15l9v1Wkfqz+Nh3Ok5Ur8fy7EcK1npK1np6b4rVpp3td1S7zk8zUu/aZXbD3a6v289jGbr+xAAk232u7OV2n9q/6x9VPt97V7tzepPZn4w80olpv8x/cPywtTrpVeSv8ZH8ZvO/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD0th49vt9oNtc2BydKg7OS4bUazcPiRWJDyvQkkvxVOWMUTrYePT4c2eDwxEzevaesfpqJ4jV8owvXh7ZTfqZuJLtHt1d19LYo3vI0xiKSvoCnlZ86dMWSO3OmJ2BTHk3UT6/BYoftyjr53lsbtL2mImJQ4REnjqnTOPsA5+nG9oN3b2w9evy99QeNd9beWduYXl5eWVhZfmPpxt315tpC67Orwpm8/BY4C91fJ9oqEfHq6LpDXtQKAAAAAAAAAAAAPEdn8b8Q572OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP+21fkoP4kkFheuL6TT+3tLzXQo0p2S5YgoRUTy64jk7xG3ojXEXFdzyXHL+XB95e3Pv9r/otNWuShfitg9tt54dvMh6hExlY9Pq73bo9urdJIzA7KTdmTSgF0rAgfn7b8BAAD//0+S7AE=")
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x107042, 0x189)
creat(&(0x7f0000000300)='./file2\x00', 0x20)

2.544855961s ago: executing program 5 (id=1200):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
eventfd2(0x100, 0x80001)

2.304666121s ago: executing program 5 (id=1201):
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e23, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}}, 0x4, 0x4}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x1, 0x2, 0x9, '\x00', 0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000004c0)={0x1, 0x0, [{0x40000070, 0x0, 0x6}]})

2.294969962s ago: executing program 4 (id=1202):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x28, 0x0, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@void, @val={0x8, 0x3, r1}, @val={0xc, 0x99, {0x7, 0x3f}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x10}, 0x8000)

2.06498894s ago: executing program 4 (id=1203):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x92)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r0 = open(&(0x7f00009e1000)='./file1\x00', 0x60840, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]})
close_range(r1, 0xffffffffffffffff, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

2.060843601s ago: executing program 6 (id=1211):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f10", 0x8, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000010000504000000000000", @ANYBLOB="ebffffffffffffff280012800b00010065"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

1.872781786s ago: executing program 5 (id=1204):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0x4)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000480)={0x73622a85, 0x0, 0x2})
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000380)={0xaa, 0xfea})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/236, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/49})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @loopback, 0x62ea450d}, {0xa, 0x4e22, 0x0, @mcast2}, 0x0, {[0x1, 0x0, 0x0, 0x0, 0x9, 0x6]}}, 0x5c)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)

1.840368489s ago: executing program 4 (id=1205):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, 0x0)

1.71400884s ago: executing program 4 (id=1206):
setresgid(0x0, 0xee01, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8000, &(0x7f00000024c0)=ANY=[@ANYBLOB='quot'])
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x240b42, 0x1cd)
quotactl_fd$Q_GETNEXTQUOTA(r0, 0xffffffff80000901, 0xee00, 0x0)

1.646107325s ago: executing program 5 (id=1207):
r0 = socket(0x28, 0x5, 0x0)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
r2 = syz_io_uring_setup(0x172, &(0x7f0000000780)={0x0, 0x4f5c, 0x10100, 0xfffffffe, 0x2a0}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r2, 0x567, 0x0, 0x0, 0x0, 0x0)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
sendto$inet6(r1, 0x0, 0x62, 0x0, 0x0, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)

1.500845957s ago: executing program 4 (id=1208):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
writev(r0, &(0x7f0000000100)=[{&(0x7f0000000300)="d88b9593204e", 0x6}], 0x1)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x6], 0x0, 0x0, 0x1}}, 0x40)

1.480534308s ago: executing program 5 (id=1209):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
read$FUSE(r1, &(0x7f0000000640)={0x2020}, 0x2020)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000a40)='\\\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})

1.432726543s ago: executing program 2 (id=1210):
landlock_create_ruleset(&(0x7f0000000000)={0x0, 0x3}, 0x10, 0x0)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f42607", 0x29}], 0x1)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xc}, {0xffff, 0xffff}, {0x4, 0xf}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_TARGET={0x8, 0x1, 0xa000}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x404c810}, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)
sendmmsg(r0, &(0x7f0000000000), 0x400000000000235, 0x0)

592.794542ms ago: executing program 4 (id=1212):
r0 = socket$inet6(0xa, 0x80002, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0x487, &(0x7f0000000140), &(0x7f0000000180)=0x30)
syz_io_uring_setup(0x417, 0x0, &(0x7f0000000000), &(0x7f00000001c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = syz_open_dev$dri(0x0, 0x1, 0x101001)
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000500)={0x200, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r4, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="e00000001000090500000000000000006f6d8864d22a3f2ffaa46c88bca90000002b0e13e735a3184f123dee2dd2b184b256482322de337c0004060000000000bf852c8986626691b01b2d44e4ce28715f2d28"], 0xe0}], 0x1}, 0x40040)

445.425064ms ago: executing program 5 (id=1213):
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e23, 0x7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1}}, 0x4, 0x4}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x1, 0x2, 0x9, '\x00', 0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000004c0)={0x1, 0x0, [{0x40000070, 0x0, 0x6}]})

418.901296ms ago: executing program 2 (id=1214):
socket$netlink(0x10, 0x3, 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
socket(0x2c, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f00000003c0)={[{@nodiscard}, {}, {@background_gc_on}, {@alloc_mode_reuse}, {@noquota}, {@disable_roll_forward}, {@gc_merge}, {@nouser_xattr}, {@alloc_mode_reuse}, {@user_xattr}, {@fsync_mode_strict}, {@adaptive_mode}, {@block_mode}, {@noinline_dentry}]}, 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1811e000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x183341, 0x2)
ioctl$F2FS_IOC_SET_PIN_FILE(r3, 0x4004f50d, &(0x7f0000000180)=0xfffffff9)
r4 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r4, 0x0, 0xfc01, 0x1000f4)

0s ago: executing program 6 (id=1215):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r0, 0x890b, 0x0)

kernel console output (not intermixed with test programs):

ng remainder of the config
[  311.643022][ T5777] usb 6-1: config 5 has no interface number 0
[  311.653665][ T5777] usb 6-1: config 5 interface 123 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  311.670561][ T5777] usb 6-1: config 5 interface 123 has no altsetting 0
[  311.680911][ T5777] usb 6-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  311.698129][ T5777] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.714912][ T5777] usb 6-1: Product: syz
[  311.724693][ T5777] usb 6-1: Manufacturer: syz
[  311.731504][ T5777] usb 6-1: SerialNumber: syz
[  312.083412][ T5777] comedi comedi5: Wrong number of endpoints
[  312.089509][ T5777] ni6501 6-1:5.123: driver 'ni6501' failed to auto-configure device.
[  312.141409][ T5777] usb 6-1: USB disconnect, device number 3
[  312.972013][ T8401] loop2: detected capacity change from 0 to 128
[  312.991779][ T8400] netlink: 68 bytes leftover after parsing attributes in process `syz.4.670'.
[  313.062904][ T8401] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  313.079198][ T8401] ext4 filesystem being mounted at /180/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  313.095642][ T8401] netlink: 4 bytes leftover after parsing attributes in process `syz.2.669'.
[  313.638327][ T5785] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  313.966728][ T8420] loop6: detected capacity change from 0 to 1024
[  314.049546][ T8420] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  314.090942][ T8425] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  314.197969][ T8425] tipc: Resetting bearer <eth:syzkaller0>
[  314.312052][ T7795] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.346735][ T8423] tipc: Disabling bearer <eth:syzkaller0>
[  314.669382][ T8442] loop6: detected capacity change from 0 to 4096
[  314.777758][ T8445] loop4: detected capacity change from 0 to 128
[  314.888056][ T8445] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  314.901388][ T8445] ext4 filesystem being mounted at /42/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  314.918022][ T8445] netlink: 4 bytes leftover after parsing attributes in process `syz.4.681'.
[  315.183136][  T787] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  315.536318][  T787] usb 7-1: config 5 has an invalid interface number: 123 but max is 0
[  315.564623][  T787] usb 7-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  315.622544][  T787] usb 7-1: config 5 has no interface number 0
[  315.628788][  T787] usb 7-1: config 5 interface 123 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  315.631637][ T7531] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  315.643178][  T787] usb 7-1: config 5 interface 123 has no altsetting 0
[  315.680945][  T787] usb 7-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  315.909894][  T787] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.919323][  T787] usb 7-1: Product: syz
[  315.923947][  T787] usb 7-1: Manufacturer: syz
[  315.928611][  T787] usb 7-1: SerialNumber: syz
[  316.078696][ T8456] sctp: [Deprecated]: syz.5.684 (pid 8456) Use of struct sctp_assoc_value in delayed_ack socket option.
[  316.078696][ T8456] Use struct sctp_sack_info instead
[  316.269120][  T787] comedi comedi5: Wrong number of endpoints
[  316.305241][  T787] ni6501 7-1:5.123: driver 'ni6501' failed to auto-configure device.
[  316.333426][  T787] usb 7-1: USB disconnect, device number 3
[  316.943981][ T8478] bridge0: port 3(team0) entered blocking state
[  316.951479][ T8478] bridge0: port 3(team0) entered disabled state
[  316.960034][ T8478] team0: entered allmulticast mode
[  316.965458][ T8478] team_slave_0: entered allmulticast mode
[  316.971473][ T8478] team_slave_1: entered allmulticast mode
[  316.990360][ T8478] team0: entered promiscuous mode
[  316.995648][ T8478] team_slave_0: entered promiscuous mode
[  317.004275][ T8478] team_slave_1: entered promiscuous mode
[  317.016858][ T8478] bridge0: port 3(team0) entered blocking state
[  317.023677][ T8478] bridge0: port 3(team0) entered forwarding state
[  317.660598][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  317.667732][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  317.781833][ T8480] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  317.878703][ T8480] tipc: Resetting bearer <eth:syzkaller0>
[  317.982609][ T8479] tipc: Disabling bearer <eth:syzkaller0>
[  318.172304][ T8488] loop5: detected capacity change from 0 to 128
[  318.208361][ T8488] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  318.221129][ T8488] ext4 filesystem being mounted at /31/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  318.236985][ T8488] netlink: 4 bytes leftover after parsing attributes in process `syz.5.693'.
[  318.542690][  T787] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  318.705769][ T8505] loop6: detected capacity change from 0 to 1024
[  318.860261][  T787] usb 5-1: Using ep0 maxpacket: 8
[  318.864933][ T7722] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  318.873606][  T787] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  318.896135][  T787] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  318.905519][  T787] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.937129][  T787] usb 5-1: config 0 descriptor??
[  319.092466][ T8505] pim6reg: entered allmulticast mode
[  319.129863][ T8515] pim6reg: left allmulticast mode
[  319.250628][  T787] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  319.674721][ T5794] Bluetooth: hci1: command tx timeout
[  320.213760][  T787] usb 5-1: USB disconnect, device number 5
[  320.301161][ T8524] loop5: detected capacity change from 0 to 4096
[  320.597815][  T137] hfsplus: b-tree write err: -5, ino 4
[  320.796573][ T8538] netlink: 68 bytes leftover after parsing attributes in process `syz.2.704'.
[  321.007781][  T787] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  321.244550][  T787] usb 6-1: config 5 has an invalid interface number: 123 but max is 0
[  321.258638][  T787] usb 6-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  321.272237][  T787] usb 6-1: config 5 has no interface number 0
[  321.278544][  T787] usb 6-1: config 5 interface 123 altsetting 7 has an invalid endpoint with address 0xEB, skipping
[  321.292273][  T787] usb 6-1: config 5 interface 123 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  321.305867][  T787] usb 6-1: config 5 interface 123 has no altsetting 0
[  321.316416][  T787] usb 6-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  321.326376][  T787] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.433983][  T787] usb 6-1: Product: syz
[  321.438975][  T787] usb 6-1: Manufacturer: syz
[  321.443919][  T787] usb 6-1: SerialNumber: syz
[  321.510547][ T8545] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  321.919966][  T787] comedi comedi5: Wrong number of endpoints
[  321.929960][  T787] ni6501 6-1:5.123: driver 'ni6501' failed to auto-configure device.
[  322.017097][  T787] usb 6-1: USB disconnect, device number 4
[  322.635185][ T8577] loop6: detected capacity change from 0 to 64
[  322.648926][ T8574] loop2: detected capacity change from 0 to 128
[  322.700068][ T8574] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  322.714539][ T8574] ext4 filesystem being mounted at /194/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  322.731890][ T8574] netlink: 4 bytes leftover after parsing attributes in process `syz.2.710'.
[  322.890268][  T787] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  323.030723][ T8585] loop5: detected capacity change from 0 to 1024
[  323.090932][  T787] usb 5-1: Using ep0 maxpacket: 32
[  324.372019][ T8587] syz.6.720: attempt to access beyond end of device
[  324.372019][ T8587] loop6: rw=2049, sector=65, nr_sectors = 1 limit=64
[  324.385324][ T8587] buffer_io_error: 6 callbacks suppressed
[  324.385336][ T8587] Buffer I/O error on dev loop6, logical block 65, lost async page write
[  324.400336][ T8587] syz.6.720: attempt to access beyond end of device
[  324.400336][ T8587] loop6: rw=2049, sector=66, nr_sectors = 1 limit=64
[  324.413924][ T8587] Buffer I/O error on dev loop6, logical block 66, lost async page write
[  324.422492][ T8587] syz.6.720: attempt to access beyond end of device
[  324.422492][ T8587] loop6: rw=2049, sector=67, nr_sectors = 1 limit=64
[  324.436022][ T8587] Buffer I/O error on dev loop6, logical block 67, lost async page write
[  324.444635][ T8587] syz.6.720: attempt to access beyond end of device
[  324.444635][ T8587] loop6: rw=2049, sector=68, nr_sectors = 1 limit=64
[  324.458089][ T8587] Buffer I/O error on dev loop6, logical block 68, lost async page write
[  324.466773][ T8587] syz.6.720: attempt to access beyond end of device
[  324.466773][ T8587] loop6: rw=2049, sector=72, nr_sectors = 1 limit=64
[  324.475897][ T8585] pim6reg: entered allmulticast mode
[  324.480256][ T8587] Buffer I/O error on dev loop6, logical block 72, lost async page write
[  324.495405][ T8587] syz.6.720: attempt to access beyond end of device
[  324.495405][ T8587] loop6: rw=2049, sector=73, nr_sectors = 1 limit=64
[  324.508710][ T8587] Buffer I/O error on dev loop6, logical block 73, lost async page write
[  324.517412][ T8587] syz.6.720: attempt to access beyond end of device
[  324.517412][ T8587] loop6: rw=2049, sector=76, nr_sectors = 1 limit=64
[  324.531007][ T8587] Buffer I/O error on dev loop6, logical block 76, lost async page write
[  324.539661][ T8587] syz.6.720: attempt to access beyond end of device
[  324.539661][ T8587] loop6: rw=2049, sector=77, nr_sectors = 1 limit=64
[  324.553105][ T8587] Buffer I/O error on dev loop6, logical block 77, lost async page write
[  324.563256][ T8587] syz.6.720: attempt to access beyond end of device
[  324.563256][ T8587] loop6: rw=2049, sector=78, nr_sectors = 760 limit=64
[  324.586796][ T8590] pim6reg: left allmulticast mode
[  324.606538][ T5785] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  324.710696][  T787] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  324.723065][ T7795] hfs: walked past end of dir
[  324.739682][  T787] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  324.758091][  T787] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  324.769532][  T787] usb 5-1: Product: syz
[  324.778700][  T787] usb 5-1: Manufacturer: syz
[  324.789300][  T787] usb 5-1: SerialNumber: syz
[  324.818905][  T787] usb 5-1: config 0 descriptor??
[  324.839169][ T8575] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  324.912490][ T8594] loop2: detected capacity change from 0 to 512
[  324.939143][ T8594] EXT4-fs: Ignoring removed nobh option
[  324.960984][ T8594] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.714: iget: bad i_size value: 38620345925642
[  324.984892][ T8594] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.714: couldn't read orphan inode 15 (err -117)
[  325.008234][ T8594] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  325.028837][ T3483] hfsplus: b-tree write err: -5, ino 4
[  325.346392][ T8604] netlink: 68 bytes leftover after parsing attributes in process `syz.6.715'.
[  325.665248][ T8575] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  325.692651][ T8575] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  326.063375][ T8579] EXT4-fs error (device loop2): ext4_validate_block_bitmap:430: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  326.830600][ T5777] usb 5-1: USB disconnect, device number 6
[  327.292605][ T5785] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.426882][ T8618] tipc: Started in network mode
[  327.436636][ T8618] tipc: Node identity be6f015ad313, cluster identity 4711
[  327.449902][ T8618] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  327.476927][ T8618] tipc: Resetting bearer <eth:syzkaller0>
[  327.508575][ T8617] tipc: Disabling bearer <eth:syzkaller0>
[  327.843936][ T8629] loop5: detected capacity change from 0 to 128
[  327.891118][ T8629] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  327.905162][ T8629] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  327.908730][ T8633] loop2: detected capacity change from 0 to 64
[  327.927644][ T8629] netlink: 4 bytes leftover after parsing attributes in process `syz.5.723'.
[  328.028380][ T8636] loop6: detected capacity change from 0 to 1024
[  328.191101][ T8636] pim6reg: entered allmulticast mode
[  328.225472][ T8641] pim6reg: left allmulticast mode
[  328.729306][ T8644] syz.2.724: attempt to access beyond end of device
[  328.729306][ T8644] loop2: rw=2049, sector=65, nr_sectors = 1 limit=64
[  328.743033][ T8644] Buffer I/O error on dev loop2, logical block 65, lost async page write
[  328.752215][ T8644] Buffer I/O error on dev loop2, logical block 66, lost async page write
[  329.172997][ T7722] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  329.229398][ T5785] hfs: walked past end of dir
[  329.537196][ T3436] hfsplus: b-tree write err: -5, ino 4
[  329.781363][  T787] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  329.971007][  T787] usb 6-1: Using ep0 maxpacket: 16
[  330.020368][  T787] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  330.032276][  T787] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  330.045759][  T787] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.125119][  T787] usb 6-1: config 0 descriptor??
[  330.193693][  T787] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  330.483083][ T5858] usb 6-1: USB disconnect, device number 5
[  331.723922][ T8675] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  331.796128][ T8675] tipc: Resetting bearer <eth:syzkaller0>
[  332.016636][ T8673] tipc: Disabling bearer <eth:syzkaller0>
[  332.119504][ T8683] loop5: detected capacity change from 0 to 128
[  332.161961][ T8683] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  332.176787][ T8683] ext4 filesystem being mounted at /40/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  332.193016][ T8683] netlink: 4 bytes leftover after parsing attributes in process `syz.5.735'.
[  332.288905][ T8692] loop4: detected capacity change from 0 to 1024
[  332.444517][ T8692] pim6reg: entered allmulticast mode
[  332.454360][ T8692] pim6reg: left allmulticast mode
[  332.470753][ T8697] loop6: detected capacity change from 0 to 64
[  333.075138][ T8706] bio_check_eod: 8 callbacks suppressed
[  333.075164][ T8706] syz.6.738: attempt to access beyond end of device
[  333.075164][ T8706] loop6: rw=2049, sector=65, nr_sectors = 1 limit=64
[  333.101382][ T8706] buffer_io_error: 6 callbacks suppressed
[  333.101396][ T8706] Buffer I/O error on dev loop6, logical block 65, lost async page write
[  333.116464][ T8706] syz.6.738: attempt to access beyond end of device
[  333.116464][ T8706] loop6: rw=2049, sector=66, nr_sectors = 1 limit=64
[  333.145553][ T8706] Buffer I/O error on dev loop6, logical block 66, lost async page write
[  333.154310][ T8706] syz.6.738: attempt to access beyond end of device
[  333.154310][ T8706] loop6: rw=2049, sector=67, nr_sectors = 1 limit=64
[  333.167756][ T8706] Buffer I/O error on dev loop6, logical block 67, lost async page write
[  333.176520][ T8706] syz.6.738: attempt to access beyond end of device
[  333.176520][ T8706] loop6: rw=2049, sector=68, nr_sectors = 1 limit=64
[  333.190037][ T8706] Buffer I/O error on dev loop6, logical block 68, lost async page write
[  333.204435][ T8706] syz.6.738: attempt to access beyond end of device
[  333.204435][ T8706] loop6: rw=2049, sector=72, nr_sectors = 1 limit=64
[  333.218151][ T8706] Buffer I/O error on dev loop6, logical block 72, lost async page write
[  333.227288][ T8706] syz.6.738: attempt to access beyond end of device
[  333.227288][ T8706] loop6: rw=2049, sector=73, nr_sectors = 1 limit=64
[  333.240954][ T8706] Buffer I/O error on dev loop6, logical block 73, lost async page write
[  333.249737][ T8706] syz.6.738: attempt to access beyond end of device
[  333.249737][ T8706] loop6: rw=2049, sector=76, nr_sectors = 1 limit=64
[  333.266627][ T8706] Buffer I/O error on dev loop6, logical block 76, lost async page write
[  333.275731][ T8706] syz.6.738: attempt to access beyond end of device
[  333.275731][ T8706] loop6: rw=2049, sector=77, nr_sectors = 1 limit=64
[  333.289331][ T8706] Buffer I/O error on dev loop6, logical block 77, lost async page write
[  333.305176][ T8706] syz.6.738: attempt to access beyond end of device
[  333.305176][ T8706] loop6: rw=2049, sector=78, nr_sectors = 760 limit=64
[  333.331020][ T8709] netlink: 68 bytes leftover after parsing attributes in process `syz.2.739'.
[  333.877066][ T7722] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  333.920548][ T7795] hfs: walked past end of dir
[  334.019723][  T137] hfsplus: b-tree write err: -5, ino 4
[  334.670217][ T5858] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  335.255924][ T5858] usb 5-1: Using ep0 maxpacket: 16
[  335.262334][ T8732] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  335.277414][ T5858] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  335.322677][ T8732] tipc: Resetting bearer <eth:syzkaller0>
[  335.333061][ T5858] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  335.357405][ T5858] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.409993][ T8731] tipc: Disabling bearer <eth:syzkaller0>
[  335.432631][ T5858] usb 5-1: config 0 descriptor??
[  335.457027][ T5858] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  335.814071][ T8745] loop5: detected capacity change from 0 to 128
[  335.863200][ T8745] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  335.877902][ T8745] ext4 filesystem being mounted at /43/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  336.081564][ T8745] netlink: 4 bytes leftover after parsing attributes in process `syz.5.748'.
[  336.096493][ T6649] usb 5-1: USB disconnect, device number 7
[  336.392686][ T7722] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  336.505369][ T8756] loop6: detected capacity change from 0 to 64
[  336.544744][ T8740] netlink: 68 bytes leftover after parsing attributes in process `syz.2.749'.
[  336.651432][ T8759] loop5: detected capacity change from 0 to 1024
[  336.806163][ T8759] pim6reg: entered allmulticast mode
[  336.880025][ T8759] pim6reg: left allmulticast mode
[  337.247578][ T8764] syz.6.752: attempt to access beyond end of device
[  337.247578][ T8764] loop6: rw=2049, sector=65, nr_sectors = 1 limit=64
[  337.260928][ T8764] Buffer I/O error on dev loop6, logical block 65, lost async page write
[  337.269783][ T8764] Buffer I/O error on dev loop6, logical block 66, lost async page write
[  337.828693][ T7795] hfs: walked past end of dir
[  338.108890][ T1126] hfsplus: b-tree write err: -5, ino 4
[  339.856517][ T8788] bridge0: port 3(team0) entered blocking state
[  339.867584][ T8788] bridge0: port 3(team0) entered disabled state
[  339.875336][ T8788] team0: entered allmulticast mode
[  339.881224][ T8788] team_slave_0: entered allmulticast mode
[  339.887323][ T8788] team_slave_1: entered allmulticast mode
[  339.905928][ T8788] team0: entered promiscuous mode
[  339.911438][ T8788] team_slave_0: entered promiscuous mode
[  339.918429][ T8788] team_slave_1: entered promiscuous mode
[  339.930598][ T8788] bridge0: port 3(team0) entered blocking state
[  339.937019][ T8788] bridge0: port 3(team0) entered forwarding state
[  341.451091][ T8795] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  341.924083][ T8814] loop4: detected capacity change from 0 to 128
[  342.072693][ T8814] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  342.085639][ T8814] ext4 filesystem being mounted at /57/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  342.103793][ T8814] netlink: 4 bytes leftover after parsing attributes in process `syz.4.760'.
[  342.180642][ T5858] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  342.460220][ T5858] usb 3-1: Using ep0 maxpacket: 16
[  342.469241][ T5858] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  342.490461][ T5858] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  342.499584][ T5858] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.595247][ T5858] usb 3-1: config 0 descriptor??
[  342.608149][ T7531] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  342.635240][ T5858] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  342.682966][ T8825] loop6: detected capacity change from 0 to 1024
[  342.768362][ T8825] pim6reg: entered allmulticast mode
[  342.806286][ T8825] pim6reg: left allmulticast mode
[  342.907722][ T6649] usb 3-1: USB disconnect, device number 29
[  343.058449][ T8834] loop4: detected capacity change from 0 to 64
[  343.100809][ T3483] hfsplus: b-tree write err: -5, ino 4
[  344.648351][ T8842] loop6: detected capacity change from 0 to 131072
[  344.662223][ T8834] sched: RT throttling activated
[  344.745237][ T8844] bio_check_eod: 8 callbacks suppressed
[  344.751213][ T8844] syz.4.766: attempt to access beyond end of device
[  344.751213][ T8844] loop4: rw=2049, sector=65, nr_sectors = 1 limit=64
[  344.770060][ T8844] buffer_io_error: 6 callbacks suppressed
[  344.770074][ T8844] Buffer I/O error on dev loop4, logical block 65, lost async page write
[  344.801041][ T8844] syz.4.766: attempt to access beyond end of device
[  344.801041][ T8844] loop4: rw=2049, sector=66, nr_sectors = 1 limit=64
[  344.814590][ T8844] Buffer I/O error on dev loop4, logical block 66, lost async page write
[  344.823490][ T8844] syz.4.766: attempt to access beyond end of device
[  344.823490][ T8844] loop4: rw=2049, sector=67, nr_sectors = 1 limit=64
[  344.837081][ T8844] Buffer I/O error on dev loop4, logical block 67, lost async page write
[  344.845994][ T8844] syz.4.766: attempt to access beyond end of device
[  344.845994][ T8844] loop4: rw=2049, sector=68, nr_sectors = 1 limit=64
[  344.859571][ T8844] Buffer I/O error on dev loop4, logical block 68, lost async page write
[  344.872271][ T8844] syz.4.766: attempt to access beyond end of device
[  344.872271][ T8844] loop4: rw=2049, sector=72, nr_sectors = 1 limit=64
[  344.885711][ T8844] Buffer I/O error on dev loop4, logical block 72, lost async page write
[  344.894608][ T8844] syz.4.766: attempt to access beyond end of device
[  344.894608][ T8844] loop4: rw=2049, sector=73, nr_sectors = 1 limit=64
[  344.908918][ T8844] Buffer I/O error on dev loop4, logical block 73, lost async page write
[  344.917789][ T8844] syz.4.766: attempt to access beyond end of device
[  344.917789][ T8844] loop4: rw=2049, sector=76, nr_sectors = 1 limit=64
[  344.931297][ T8844] Buffer I/O error on dev loop4, logical block 76, lost async page write
[  344.940210][ T8844] syz.4.766: attempt to access beyond end of device
[  344.940210][ T8844] loop4: rw=2049, sector=77, nr_sectors = 1 limit=64
[  344.954791][ T8844] Buffer I/O error on dev loop4, logical block 77, lost async page write
[  344.966480][ T8844] syz.4.766: attempt to access beyond end of device
[  344.966480][ T8844] loop4: rw=2049, sector=78, nr_sectors = 760 limit=64
[  345.300880][ T8842] F2FS-fs (loop6): Test dummy encryption mode enabled
[  345.321244][ T8842] F2FS-fs (loop6): invalid crc value
[  345.377195][ T8842] F2FS-fs (loop6): Found nat_bits in checkpoint
[  345.444927][ T7531] hfs: walked past end of dir
[  345.450713][ T8842] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  345.539626][ T8842] F2FS-fs (loop6): access invalid blkaddr:1281
[  345.546661][ T8842] CPU: 1 PID: 8842 Comm: syz.6.767 Not tainted 6.6.101-syzkaller #0
[  345.554812][ T8842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  345.565027][ T8842] Call Trace:
[  345.568446][ T8842]  <TASK>
[  345.571579][ T8842]  dump_stack_lvl+0x16c/0x230
[  345.576604][ T8842]  ? show_regs_print_info+0x20/0x20
[  345.581917][ T8842]  ? f2fs_get_next_page_offset+0x690/0x690
[  345.587802][ T8842]  ? __asan_memset+0x22/0x40
[  345.592463][ T8842]  ? __lookup_extent_tree+0xba0/0xba0
[  345.597906][ T8842]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  345.603336][ T8842]  f2fs_get_read_data_page+0x3a4/0x5c0
[  345.608835][ T8842]  ? f2fs_reserve_block+0x240/0x240
[  345.614164][ T8842]  ? __asan_memset+0x22/0x40
[  345.618964][ T8842]  f2fs_find_data_page+0x9f/0x3a0
[  345.624032][ T8842]  __f2fs_find_entry+0x64d/0xca0
[  345.629028][ T8842]  ? f2fs_find_target_dentry+0xbc0/0xbc0
[  345.634700][ T8842]  f2fs_lookup+0x220/0x7b0
[  345.639141][ T8842]  ? d_alloc+0x173/0x1b0
[  345.643444][ T8842]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  345.649598][ T8842]  ? __rwlock_init+0x150/0x150
[  345.654426][ T8842]  ? _raw_spin_unlock+0x28/0x40
[  345.659416][ T8842]  ? d_alloc+0x173/0x1b0
[  345.663890][ T8842]  lookup_one_qstr_excl+0x112/0x250
[  345.669151][ T8842]  filename_create+0x222/0x460
[  345.673966][ T8842]  ? kern_path_create+0x50/0x50
[  345.678867][ T8842]  ? __virt_addr_valid+0x18c/0x540
[  345.684026][ T8842]  ? __virt_addr_valid+0x469/0x540
[  345.689221][ T8842]  do_mkdirat+0xa1/0x440
[  345.693534][ T8842]  ? vfs_mkdir+0x440/0x440
[  345.697989][ T8842]  __x64_sys_mkdirat+0x89/0xa0
[  345.702772][ T8842]  do_syscall_64+0x55/0xb0
[  345.707307][ T8842]  ? clear_bhb_loop+0x40/0x90
[  345.712117][ T8842]  ? clear_bhb_loop+0x40/0x90
[  345.716827][ T8842]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  345.722751][ T8842] RIP: 0033:0x7f7026d8d457
[  345.727289][ T8842] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.747120][ T8842] RSP: 002b:00007f7027b60e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  345.755573][ T8842] RAX: ffffffffffffffda RBX: 00007f7027b60ef0 RCX: 00007f7026d8d457
[  345.763922][ T8842] RDX: 00000000000001ff RSI: 0000200000000040 RDI: 00000000ffffff9c
[  345.772189][ T8842] RBP: 00002000000002c0 R08: 00002000000000c0 R09: 0000000000000000
[  345.780216][ T8842] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000200000000040
[  345.788347][ T8842] R13: 00007f7027b60eb0 R14: 0000000000000000 R15: 0000000000000000
[  345.796485][ T8842]  </TASK>
[  345.889311][ T8855] loop4: detected capacity change from 0 to 512
[  345.942322][ T8855] EXT4-fs: Ignoring removed orlov option
[  345.953423][ T8855] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  345.976553][ T8842] F2FS-fs (loop6): access invalid blkaddr:1281
[  345.983435][ T8842] CPU: 1 PID: 8842 Comm: syz.6.767 Not tainted 6.6.101-syzkaller #0
[  345.991468][ T8842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  346.001720][ T8842] Call Trace:
[  346.005033][ T8842]  <TASK>
[  346.008070][ T8842]  dump_stack_lvl+0x16c/0x230
[  346.013326][ T8842]  ? show_regs_print_info+0x20/0x20
[  346.018563][ T8842]  ? f2fs_get_next_page_offset+0x690/0x690
[  346.024485][ T8842]  ? __asan_memset+0x22/0x40
[  346.029114][ T8842]  ? __lookup_extent_tree+0xba0/0xba0
[  346.034757][ T8842]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  346.040454][ T8842]  f2fs_get_read_data_page+0x3a4/0x5c0
[  346.045971][ T8842]  ? f2fs_reserve_block+0x240/0x240
[  346.051238][ T8842]  ? __asan_memset+0x22/0x40
[  346.055950][ T8842]  f2fs_find_data_page+0x9f/0x3a0
[  346.060998][ T8842]  __f2fs_find_entry+0x64d/0xca0
[  346.066117][ T8842]  ? f2fs_find_target_dentry+0xbc0/0xbc0
[  346.071788][ T8842]  f2fs_lookup+0x220/0x7b0
[  346.076324][ T8842]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  346.082527][ T8842]  ? d_hash_and_lookup+0x1b0/0x1b0
[  346.087814][ T8842]  ? __init_waitqueue_head+0xa9/0x150
[  346.093360][ T8842]  __lookup_slow+0x281/0x3b0
[  346.098030][ T8842]  ? lookup_one_len+0x2c0/0x2c0
[  346.103116][ T8842]  ? try_to_unlazy+0x34c/0x5a0
[  346.108193][ T8842]  ? down_read+0x1ac/0x2e0
[  346.112849][ T8842]  lookup_slow+0x53/0x70
[  346.117161][ T8842]  walk_component+0x2be/0x3f0
[  346.121994][ T8842]  ? path_lookupat+0x15c/0x440
[  346.126883][ T8842]  path_lookupat+0x169/0x440
[  346.131520][ T8842]  filename_lookup+0x1f4/0x510
[  346.136337][ T8842]  ? __virt_addr_valid+0x18c/0x540
[  346.141559][ T8842]  ? hashlen_string+0x110/0x110
[  346.146760][ T8842]  ? strncpy_from_user+0x197/0x2e0
[  346.152004][ T8842]  ? getname_flags+0x20a/0x500
[  346.156820][ T8842]  user_path_at_empty+0x42/0x60
[  346.161933][ T8842]  __se_sys_name_to_handle_at+0x115/0x510
[  346.167843][ T8842]  ? __x64_sys_name_to_handle_at+0xc0/0xc0
[  346.173796][ T8842]  ? lock_chain_count+0x20/0x20
[  346.178849][ T8842]  ? lockdep_hardirqs_on+0x98/0x150
[  346.184107][ T8842]  ? __x64_sys_name_to_handle_at+0x20/0xc0
[  346.189986][ T8842]  do_syscall_64+0x55/0xb0
[  346.194442][ T8842]  ? clear_bhb_loop+0x40/0x90
[  346.199195][ T8842]  ? clear_bhb_loop+0x40/0x90
[  346.204127][ T8842]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  346.210113][ T8842] RIP: 0033:0x7f7026d8ebe9
[  346.214587][ T8842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.234652][ T8842] RSP: 002b:00007f7027b61038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[  346.243096][ T8842] RAX: ffffffffffffffda RBX: 00007f7026fb5fa0 RCX: 00007f7026d8ebe9
[  346.251181][ T8842] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  346.259374][ T8842] RBP: 00007f7026e11e19 R08: 0000000000000000 R09: 0000000000000000
[  346.267380][ T8842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  346.275492][ T8842] R13: 00007f7026fb6038 R14: 00007f7026fb5fa0 R15: 00007fffb75db8f8
[  346.283656][ T8842]  </TASK>
[  346.400328][ T8855] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8002c119, mo2=0002]
[  346.531609][ T8855] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2244: inode #15: comm syz.4.768: corrupted in-inode xattr: e_value size too large
[  346.583655][ T8855] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.768: couldn't read orphan inode 15 (err -117)
[  346.647750][ T8855] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  347.018920][ T7531] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.295237][ T8872] netlink: 68 bytes leftover after parsing attributes in process `syz.2.771'.
[  348.021051][ T8883] loop5: detected capacity change from 0 to 128
[  348.060783][ T8879] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  348.135719][ T8883] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  348.199767][ T8883] ext4 filesystem being mounted at /48/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  348.215971][ T8883] netlink: 4 bytes leftover after parsing attributes in process `syz.5.773'.
[  348.694401][ T7722] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  348.979356][ T8900] loop5: detected capacity change from 0 to 1024
[  349.010093][ T8902] loop4: detected capacity change from 0 to 64
[  349.069705][ T8900] pim6reg: entered allmulticast mode
[  349.131220][ T8906] pim6reg: left allmulticast mode
[  349.330428][    T9] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  349.869699][ T8910] syz.4.776: attempt to access beyond end of device
[  349.869699][ T8910] loop4: rw=2049, sector=65, nr_sectors = 1 limit=64
[  349.883122][ T8910] Buffer I/O error on dev loop4, logical block 65, lost async page write
[  349.892658][ T8910] syz.4.776: attempt to access beyond end of device
[  349.892658][ T8910] loop4: rw=2049, sector=66, nr_sectors = 1 limit=64
[  349.906162][ T8910] Buffer I/O error on dev loop4, logical block 66, lost async page write
[  349.915044][ T8910] syz.4.776: attempt to access beyond end of device
[  349.915044][ T8910] loop4: rw=2049, sector=67, nr_sectors = 1 limit=64
[  349.930694][ T8910] Buffer I/O error on dev loop4, logical block 67, lost async page write
[  349.939796][ T8910] syz.4.776: attempt to access beyond end of device
[  349.939796][ T8910] loop4: rw=2049, sector=68, nr_sectors = 1 limit=64
[  349.953601][ T8910] Buffer I/O error on dev loop4, logical block 68, lost async page write
[  349.962537][ T8910] syz.4.776: attempt to access beyond end of device
[  349.962537][ T8910] loop4: rw=2049, sector=72, nr_sectors = 1 limit=64
[  349.976155][ T8910] Buffer I/O error on dev loop4, logical block 72, lost async page write
[  349.985187][ T8910] syz.4.776: attempt to access beyond end of device
[  349.985187][ T8910] loop4: rw=2049, sector=73, nr_sectors = 1 limit=64
[  349.999141][ T8910] Buffer I/O error on dev loop4, logical block 73, lost async page write
[  350.008396][ T8910] syz.4.776: attempt to access beyond end of device
[  350.008396][ T8910] loop4: rw=2049, sector=76, nr_sectors = 1 limit=64
[  350.021848][ T8910] Buffer I/O error on dev loop4, logical block 76, lost async page write
[  350.030922][ T8910] syz.4.776: attempt to access beyond end of device
[  350.030922][ T8910] loop4: rw=2049, sector=77, nr_sectors = 1 limit=64
[  350.044377][ T8910] Buffer I/O error on dev loop4, logical block 77, lost async page write
[  350.067671][ T8910] syz.4.776: attempt to access beyond end of device
[  350.067671][ T8910] loop4: rw=2049, sector=78, nr_sectors = 760 limit=64
[  350.300347][    T9] usb 3-1: Using ep0 maxpacket: 16
[  350.320687][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  350.454679][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  350.455659][ T7531] hfs: walked past end of dir
[  350.464096][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.473058][    T9] usb 3-1: config 0 descriptor??
[  350.520593][ T1126] hfsplus: b-tree write err: -5, ino 4
[  350.534553][    T9] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input11
[  350.939012][ T5143] bcm5974 3-1:0.0: could not read from device
[  350.940508][ T5777] usb 3-1: USB disconnect, device number 30
[  350.956901][ T5143] bcm5974 3-1:0.0: could not read from device
[  351.000641][ T5793] bcm5974 3-1:0.0: could not read from device
[  351.066141][ T5143] bcm5974 3-1:0.0: could not read from device
[  352.129653][ T8927] loop4: detected capacity change from 0 to 131072
[  352.372028][ T8927] F2FS-fs (loop4): Test dummy encryption mode enabled
[  352.381315][ T8927] F2FS-fs (loop4): invalid crc value
[  352.406550][ T8933] netlink: 68 bytes leftover after parsing attributes in process `syz.6.782'.
[  352.626054][ T8927] F2FS-fs (loop4): Found nat_bits in checkpoint
[  352.661487][   T27] audit: type=1800 audit(1754502890.086:10): pid=8930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.781" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  352.711000][ T8927] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  352.949741][ T8942] loop2: detected capacity change from 0 to 128
[  352.993691][ T8927] F2FS-fs (loop4): access invalid blkaddr:1281
[  353.000065][ T8927] CPU: 0 PID: 8927 Comm: syz.4.780 Not tainted 6.6.101-syzkaller #0
[  353.008198][ T8927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  353.018395][ T8927] Call Trace:
[  353.021722][ T8927]  <TASK>
[  353.024761][ T8927]  dump_stack_lvl+0x16c/0x230
[  353.029506][ T8927]  ? show_regs_print_info+0x20/0x20
[  353.034903][ T8927]  ? f2fs_get_next_page_offset+0x690/0x690
[  353.040893][ T8927]  ? __asan_memset+0x22/0x40
[  353.045518][ T8927]  ? __lookup_extent_tree+0xba0/0xba0
[  353.050935][ T8927]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  353.056431][ T8927]  f2fs_get_read_data_page+0x3a4/0x5c0
[  353.062100][ T8927]  ? f2fs_reserve_block+0x240/0x240
[  353.067604][ T8927]  ? __asan_memset+0x22/0x40
[  353.072234][ T8927]  f2fs_find_data_page+0x9f/0x3a0
[  353.077300][ T8927]  __f2fs_find_entry+0x64d/0xca0
[  353.082376][ T8927]  ? f2fs_find_target_dentry+0xbc0/0xbc0
[  353.088046][ T8927]  f2fs_lookup+0x220/0x7b0
[  353.092486][ T8927]  ? d_alloc+0x173/0x1b0
[  353.096765][ T8927]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  353.102945][ T8927]  ? __rwlock_init+0x150/0x150
[  353.107882][ T8927]  ? _raw_spin_unlock+0x28/0x40
[  353.112881][ T8927]  ? d_alloc+0x173/0x1b0
[  353.117278][ T8927]  lookup_one_qstr_excl+0x112/0x250
[  353.122537][ T8927]  filename_create+0x222/0x460
[  353.127352][ T8927]  ? kern_path_create+0x50/0x50
[  353.132336][ T8927]  ? __virt_addr_valid+0x18c/0x540
[  353.137810][ T8927]  ? __virt_addr_valid+0x469/0x540
[  353.143137][ T8927]  do_mkdirat+0xa1/0x440
[  353.147412][ T8927]  ? vfs_mkdir+0x440/0x440
[  353.151878][ T8927]  __x64_sys_mkdirat+0x89/0xa0
[  353.156686][ T8927]  do_syscall_64+0x55/0xb0
[  353.161135][ T8927]  ? clear_bhb_loop+0x40/0x90
[  353.165840][ T8927]  ? clear_bhb_loop+0x40/0x90
[  353.170544][ T8927]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  353.176475][ T8927] RIP: 0033:0x7fae0718d457
[  353.181012][ T8927] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.200654][ T8927] RSP: 002b:00007fae07f87e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  353.209099][ T8927] RAX: ffffffffffffffda RBX: 00007fae07f87ef0 RCX: 00007fae0718d457
[  353.217365][ T8927] RDX: 00000000000001ff RSI: 0000200000000040 RDI: 00000000ffffff9c
[  353.225375][ T8927] RBP: 00002000000002c0 R08: 00002000000000c0 R09: 0000000000000000
[  353.233377][ T8927] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000200000000040
[  353.241551][ T8927] R13: 00007fae07f87eb0 R14: 0000000000000000 R15: 0000000000000000
[  353.249617][ T8927]  </TASK>
[  353.252776][    C0] vkms_vblank_simulate: vblank timer overrun
[  353.374563][ T8942] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  353.394796][ T8942] ext4 filesystem being mounted at /211/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  353.409942][ T8942] netlink: 4 bytes leftover after parsing attributes in process `syz.2.783'.
[  353.546378][ T8927] F2FS-fs (loop4): access invalid blkaddr:1281
[  353.554379][ T8948] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  353.565532][ T8927] CPU: 0 PID: 8927 Comm: syz.4.780 Not tainted 6.6.101-syzkaller #0
[  353.573842][ T8927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  353.584058][ T8927] Call Trace:
[  353.587386][ T8927]  <TASK>
[  353.590342][ T8927]  dump_stack_lvl+0x16c/0x230
[  353.595073][ T8927]  ? show_regs_print_info+0x20/0x20
[  353.600296][ T8927]  ? f2fs_get_next_page_offset+0x690/0x690
[  353.606146][ T8927]  ? __asan_memset+0x22/0x40
[  353.610888][ T8927]  ? __lookup_extent_tree+0xba0/0xba0
[  353.616382][ T8927]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  353.621780][ T8927]  f2fs_get_read_data_page+0x3a4/0x5c0
[  353.627272][ T8927]  ? f2fs_reserve_block+0x240/0x240
[  353.632678][ T8927]  ? __asan_memset+0x22/0x40
[  353.637303][ T8927]  f2fs_find_data_page+0x9f/0x3a0
[  353.642368][ T8927]  __f2fs_find_entry+0x64d/0xca0
[  353.647446][ T8927]  ? f2fs_find_target_dentry+0xbc0/0xbc0
[  353.653111][ T8927]  f2fs_lookup+0x220/0x7b0
[  353.657555][ T8927]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  353.663742][ T8927]  ? d_hash_and_lookup+0x1b0/0x1b0
[  353.668892][ T8927]  ? __init_waitqueue_head+0xa9/0x150
[  353.674389][ T8927]  __lookup_slow+0x281/0x3b0
[  353.679137][ T8927]  ? lookup_one_len+0x2c0/0x2c0
[  353.684031][ T8927]  ? try_to_unlazy+0x34c/0x5a0
[  353.688822][ T8927]  ? down_read+0x1ac/0x2e0
[  353.693358][ T8927]  lookup_slow+0x53/0x70
[  353.697649][ T8927]  walk_component+0x2be/0x3f0
[  353.702350][ T8927]  ? path_lookupat+0x15c/0x440
[  353.707153][ T8927]  path_lookupat+0x169/0x440
[  353.711787][ T8927]  filename_lookup+0x1f4/0x510
[  353.716587][ T8927]  ? __virt_addr_valid+0x18c/0x540
[  353.721727][ T8927]  ? hashlen_string+0x110/0x110
[  353.726634][ T8927]  ? strncpy_from_user+0x197/0x2e0
[  353.731777][ T8927]  ? getname_flags+0x20a/0x500
[  353.736590][ T8927]  user_path_at_empty+0x42/0x60
[  353.741545][ T8927]  __se_sys_name_to_handle_at+0x115/0x510
[  353.747295][ T8927]  ? __x64_sys_name_to_handle_at+0xc0/0xc0
[  353.753124][ T8927]  ? lock_chain_count+0x20/0x20
[  353.758095][ T8927]  ? lockdep_hardirqs_on+0x98/0x150
[  353.763348][ T8927]  ? __x64_sys_name_to_handle_at+0x20/0xc0
[  353.769322][ T8927]  do_syscall_64+0x55/0xb0
[  353.773819][ T8927]  ? clear_bhb_loop+0x40/0x90
[  353.778558][ T8927]  ? clear_bhb_loop+0x40/0x90
[  353.783278][ T8927]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  353.789266][ T8927] RIP: 0033:0x7fae0718ebe9
[  353.793803][ T8927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.814149][ T8927] RSP: 002b:00007fae07f88038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[  353.822792][ T8927] RAX: ffffffffffffffda RBX: 00007fae073b5fa0 RCX: 00007fae0718ebe9
[  353.830796][ T8927] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  353.839012][ T8927] RBP: 00007fae07211e19 R08: 0000000000000000 R09: 0000000000000000
[  353.847125][ T8927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  353.855346][ T8927] R13: 00007fae073b6038 R14: 00007fae073b5fa0 R15: 00007ffc1119a198
[  353.863452][ T8927]  </TASK>
[  353.866518][    C0] vkms_vblank_simulate: vblank timer overrun
[  353.974493][ T5785] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  354.653004][ T8968] loop5: detected capacity change from 0 to 1024
[  354.688376][ T8973] loop2: detected capacity change from 0 to 64
[  354.815153][ T8968] pim6reg: entered allmulticast mode
[  354.881944][ T8974] pim6reg: left allmulticast mode
[  355.447976][ T8978] syz.2.788: attempt to access beyond end of device
[  355.447976][ T8978] loop2: rw=2049, sector=65, nr_sectors = 1 limit=64
[  355.461599][ T8978] Buffer I/O error on dev loop2, logical block 65, lost async page write
[  355.470742][ T8978] syz.2.788: attempt to access beyond end of device
[  355.470742][ T8978] loop2: rw=2049, sector=66, nr_sectors = 1 limit=64
[  355.484375][ T8978] Buffer I/O error on dev loop2, logical block 66, lost async page write
[  355.495237][ T8978] syz.2.788: attempt to access beyond end of device
[  355.495237][ T8978] loop2: rw=2049, sector=67, nr_sectors = 1 limit=64
[  355.509256][ T8978] Buffer I/O error on dev loop2, logical block 67, lost async page write
[  355.519481][ T8978] syz.2.788: attempt to access beyond end of device
[  355.519481][ T8978] loop2: rw=2049, sector=68, nr_sectors = 1 limit=64
[  355.533378][ T8978] Buffer I/O error on dev loop2, logical block 68, lost async page write
[  355.542367][ T8978] syz.2.788: attempt to access beyond end of device
[  355.542367][ T8978] loop2: rw=2049, sector=72, nr_sectors = 1 limit=64
[  355.555681][ T8978] Buffer I/O error on dev loop2, logical block 72, lost async page write
[  355.564613][ T8978] syz.2.788: attempt to access beyond end of device
[  355.564613][ T8978] loop2: rw=2049, sector=73, nr_sectors = 1 limit=64
[  355.578057][ T8978] Buffer I/O error on dev loop2, logical block 73, lost async page write
[  355.587229][ T8978] syz.2.788: attempt to access beyond end of device
[  355.587229][ T8978] loop2: rw=2049, sector=76, nr_sectors = 1 limit=64
[  355.600538][ T8978] Buffer I/O error on dev loop2, logical block 76, lost async page write
[  355.609429][ T8978] syz.2.788: attempt to access beyond end of device
[  355.609429][ T8978] loop2: rw=2049, sector=77, nr_sectors = 1 limit=64
[  355.767372][ T8978] Buffer I/O error on dev loop2, logical block 77, lost async page write
[  355.885079][   T59] hfsplus: b-tree write err: -5, ino 4
[  356.034121][ T5785] hfs: walked past end of dir
[  356.490452][    T8] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  356.690408][    T8] usb 3-1: Using ep0 maxpacket: 16
[  356.698347][    T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  356.719443][    T8] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  356.750372][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.780390][    T8] usb 3-1: config 0 descriptor??
[  356.798065][    T8] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input12
[  357.401730][ T5143] bcm5974 3-1:0.0: could not read from device
[  357.436375][ T9012] netlink: 68 bytes leftover after parsing attributes in process `syz.4.793'.
[  357.674997][ T5143] bcm5974 3-1:0.0: could not read from device
[  357.725454][    T8] usb 3-1: USB disconnect, device number 31
[  357.776158][ T5143] bcm5974 3-1:0.0: could not read from device
[  358.408735][ T9018] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  358.427474][ T9011] loop5: detected capacity change from 0 to 131072
[  358.459237][ T9011] F2FS-fs (loop5): Test dummy encryption mode enabled
[  358.573623][ T9011] F2FS-fs (loop5): invalid crc value
[  358.597826][ T9011] F2FS-fs (loop5): Found nat_bits in checkpoint
[  358.642023][ T9021] loop2: detected capacity change from 0 to 1024
[  358.661418][ T9031] loop6: detected capacity change from 0 to 64
[  358.684089][ T9011] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  358.829615][ T9011] F2FS-fs (loop5): access invalid blkaddr:1281
[  358.836411][ T9011] CPU: 1 PID: 9011 Comm: syz.5.795 Not tainted 6.6.101-syzkaller #0
[  358.844694][ T9011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  358.855001][ T9011] Call Trace:
[  358.858601][ T9011]  <TASK>
[  358.861859][ T9011]  dump_stack_lvl+0x16c/0x230
[  358.866708][ T9011]  ? show_regs_print_info+0x20/0x20
[  358.872146][ T9011]  ? f2fs_get_next_page_offset+0x690/0x690
[  358.878123][ T9011]  ? __asan_memset+0x22/0x40
[  358.882975][ T9011]  ? __lookup_extent_tree+0xba0/0xba0
[  358.888558][ T9011]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  358.894241][ T9011]  f2fs_get_read_data_page+0x3a4/0x5c0
[  358.899860][ T9011]  ? f2fs_reserve_block+0x240/0x240
[  358.905150][ T9011]  ? __asan_memset+0x22/0x40
[  358.909810][ T9011]  f2fs_find_data_page+0x9f/0x3a0
[  358.914907][ T9011]  __f2fs_find_entry+0x64d/0xca0
[  358.920048][ T9011]  ? f2fs_find_target_dentry+0xbc0/0xbc0
[  358.925953][ T9011]  f2fs_lookup+0x220/0x7b0
[  358.930435][ T9011]  ? d_alloc+0x173/0x1b0
[  358.934738][ T9011]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  358.940859][ T9011]  ? __rwlock_init+0x150/0x150
[  358.945736][ T9011]  ? _raw_spin_unlock+0x28/0x40
[  358.950934][ T9011]  ? d_alloc+0x173/0x1b0
[  358.955435][ T9011]  lookup_one_qstr_excl+0x112/0x250
[  358.960709][ T9011]  filename_create+0x222/0x460
[  358.965625][ T9011]  ? kern_path_create+0x50/0x50
[  358.970675][ T9011]  ? __virt_addr_valid+0x18c/0x540
[  358.975877][ T9011]  ? __virt_addr_valid+0x469/0x540
[  358.981478][ T9011]  do_mkdirat+0xa1/0x440
[  358.985782][ T9011]  ? vfs_mkdir+0x440/0x440
[  358.990410][ T9011]  __x64_sys_mkdirat+0x89/0xa0
[  358.995407][ T9011]  do_syscall_64+0x55/0xb0
[  359.000229][ T9011]  ? clear_bhb_loop+0x40/0x90
[  359.004974][ T9011]  ? clear_bhb_loop+0x40/0x90
[  359.009822][ T9011]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  359.016064][ T9011] RIP: 0033:0x7f1c7078d457
[  359.020595][ T9011] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  359.040433][ T9011] RSP: 002b:00007f1c71618e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  359.049536][ T9011] RAX: ffffffffffffffda RBX: 00007f1c71618ef0 RCX: 00007f1c7078d457
[  359.057576][ T9011] RDX: 00000000000001ff RSI: 0000200000000040 RDI: 00000000ffffff9c
[  359.065783][ T9011] RBP: 00002000000002c0 R08: 00002000000000c0 R09: 0000000000000000
[  359.073816][ T9011] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000200000000040
[  359.081852][ T9011] R13: 00007f1c71618eb0 R14: 0000000000000000 R15: 0000000000000000
[  359.090124][ T9011]  </TASK>
[  359.142734][ T9021] pim6reg: entered allmulticast mode
[  359.176079][ T9036] pim6reg: left allmulticast mode
[  359.544952][ T9041] syz.6.799: attempt to access beyond end of device
[  359.544952][ T9041] loop6: rw=2049, sector=65, nr_sectors = 1 limit=64
[  359.558293][ T9041] Buffer I/O error on dev loop6, logical block 65, lost async page write
[  359.567292][ T9041] syz.6.799: attempt to access beyond end of device
[  359.567292][ T9041] loop6: rw=2049, sector=66, nr_sectors = 1 limit=64
[  359.580541][ T9041] Buffer I/O error on dev loop6, logical block 66, lost async page write
[  360.034031][ T9011] F2FS-fs (loop5): access invalid blkaddr:1281
[  360.040472][ T9011] CPU: 1 PID: 9011 Comm: syz.5.795 Not tainted 6.6.101-syzkaller #0
[  360.048588][ T9011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  360.058791][ T9011] Call Trace:
[  360.062290][ T9011]  <TASK>
[  360.065447][ T9011]  dump_stack_lvl+0x16c/0x230
[  360.070373][ T9011]  ? show_regs_print_info+0x20/0x20
[  360.075726][ T9011]  ? f2fs_get_next_page_offset+0x690/0x690
[  360.081598][ T9011]  ? __asan_memset+0x22/0x40
[  360.086342][ T9011]  ? __lookup_extent_tree+0xba0/0xba0
[  360.091863][ T9011]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  360.097389][ T9011]  f2fs_get_read_data_page+0x3a4/0x5c0
[  360.103084][ T9011]  ? f2fs_reserve_block+0x240/0x240
[  360.108349][ T9011]  ? __asan_memset+0x22/0x40
[  360.113019][ T9011]  f2fs_find_data_page+0x9f/0x3a0
[  360.118273][ T9011]  __f2fs_find_entry+0x64d/0xca0
[  360.123300][ T9011]  ? f2fs_find_target_dentry+0xbc0/0xbc0
[  360.129017][ T9011]  f2fs_lookup+0x220/0x7b0
[  360.133489][ T9011]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  360.139782][ T9011]  ? d_hash_and_lookup+0x1b0/0x1b0
[  360.145047][ T9011]  ? __init_waitqueue_head+0xa9/0x150
[  360.150645][ T9011]  __lookup_slow+0x281/0x3b0
[  360.155293][ T9011]  ? lookup_one_len+0x2c0/0x2c0
[  360.157933][ T7795] hfs: walked past end of dir
[  360.160286][ T9011]  ? try_to_unlazy+0x34c/0x5a0
[  360.160358][ T9011]  ? down_read+0x1ac/0x2e0
[  360.174378][ T9011]  lookup_slow+0x53/0x70
[  360.178663][ T9011]  walk_component+0x2be/0x3f0
[  360.183535][ T9011]  ? path_lookupat+0x15c/0x440
[  360.188422][ T9011]  path_lookupat+0x169/0x440
[  360.193048][ T9011]  filename_lookup+0x1f4/0x510
[  360.197840][ T9011]  ? __virt_addr_valid+0x18c/0x540
[  360.203075][ T9011]  ? hashlen_string+0x110/0x110
[  360.208216][ T9011]  ? strncpy_from_user+0x197/0x2e0
[  360.213352][ T9011]  ? getname_flags+0x20a/0x500
[  360.218176][ T9011]  user_path_at_empty+0x42/0x60
[  360.223075][ T9011]  __se_sys_name_to_handle_at+0x115/0x510
[  360.228834][ T9011]  ? __x64_sys_name_to_handle_at+0xc0/0xc0
[  360.234774][ T9011]  ? lock_chain_count+0x20/0x20
[  360.239657][ T9011]  ? lockdep_hardirqs_on+0x98/0x150
[  360.244905][ T9011]  ? __x64_sys_name_to_handle_at+0x20/0xc0
[  360.250827][ T9011]  do_syscall_64+0x55/0xb0
[  360.255271][ T9011]  ? clear_bhb_loop+0x40/0x90
[  360.260088][ T9011]  ? clear_bhb_loop+0x40/0x90
[  360.264803][ T9011]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  360.270729][ T9011] RIP: 0033:0x7f1c7078ebe9
[  360.275166][ T9011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  360.294898][ T9011] RSP: 002b:00007f1c71619038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f
[  360.303441][ T9011] RAX: ffffffffffffffda RBX: 00007f1c709b5fa0 RCX: 00007f1c7078ebe9
[  360.311428][ T9011] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  360.319422][ T9011] RBP: 00007f1c70811e19 R08: 0000000000000000 R09: 0000000000000000
[  360.327508][ T9011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  360.335505][ T9011] R13: 00007f1c709b6038 R14: 00007f1c709b5fa0 R15: 00007fff2da88c98
[  360.343516][ T9011]  </TASK>
[  360.731038][   T42] hfsplus: b-tree write err: -5, ino 4
[  360.919157][ T9047] loop6: detected capacity change from 0 to 4096
[  361.390397][ T5777] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  361.583492][ T5777] usb 7-1: config 5 has an invalid interface number: 123 but max is 0
[  361.610478][ T5777] usb 7-1: config 5 has no interface number 0
[  361.620368][ T5859] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  361.628303][ T5777] usb 7-1: config 5 interface 123 altsetting 7 has an invalid endpoint with address 0xEB, skipping
[  361.660336][ T5777] usb 7-1: config 5 interface 123 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  361.684149][ T5777] usb 7-1: config 5 interface 123 has no altsetting 0
[  361.707096][ T5777] usb 7-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  361.740220][ T5777] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.780235][ T5777] usb 7-1: Product: syz
[  361.790302][ T5777] usb 7-1: Manufacturer: syz
[  361.805730][ T5777] usb 7-1: SerialNumber: syz
[  361.830340][ T5859] usb 5-1: Using ep0 maxpacket: 16
[  361.853847][ T5859] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  361.878934][ T5859] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  361.892085][ T5859] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.931505][ T5859] usb 5-1: config 0 descriptor??
[  361.975302][ T5859] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input13
[  362.051903][ T9078] loop2: detected capacity change from 0 to 64
[  362.212409][ T5777] comedi comedi5: Wrong number of endpoints
[  362.218624][ T5777] ni6501 7-1:5.123: driver 'ni6501' failed to auto-configure device.
[  362.288413][ T5143] bcm5974 5-1:0.0: could not read from device
[  362.294601][ T5777] usb 7-1: USB disconnect, device number 4
[  362.327049][ T9083] loop5: detected capacity change from 0 to 1024
[  362.366384][ T9083] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  362.398476][ T5143] bcm5974 5-1:0.0: could not read from device
[  362.420489][ T5143] bcm5974 5-1:0.0: could not read from device
[  362.462156][ T5859] usb 5-1: USB disconnect, device number 8
[  362.563189][ T9083] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:478: comm syz.5.809: Invalid block bitmap block 0 in block_group 0
[  362.962451][ T9088] bio_check_eod: 7 callbacks suppressed
[  362.962493][ T9088] syz.2.808: attempt to access beyond end of device
[  362.962493][ T9088] loop2: rw=2049, sector=65, nr_sectors = 1 limit=64
[  362.981708][ T9088] buffer_io_error: 6 callbacks suppressed
[  362.981754][ T9088] Buffer I/O error on dev loop2, logical block 65, lost async page write
[  362.997829][ T9088] syz.2.808: attempt to access beyond end of device
[  362.997829][ T9088] loop2: rw=2049, sector=66, nr_sectors = 1 limit=64
[  363.011417][ T9088] Buffer I/O error on dev loop2, logical block 66, lost async page write
[  363.020400][ T9088] syz.2.808: attempt to access beyond end of device
[  363.020400][ T9088] loop2: rw=2049, sector=67, nr_sectors = 1 limit=64
[  363.035984][ T9088] Buffer I/O error on dev loop2, logical block 67, lost async page write
[  363.045417][ T9088] syz.2.808: attempt to access beyond end of device
[  363.045417][ T9088] loop2: rw=2049, sector=68, nr_sectors = 1 limit=64
[  363.058834][ T9088] Buffer I/O error on dev loop2, logical block 68, lost async page write
[  363.067784][ T9088] syz.2.808: attempt to access beyond end of device
[  363.067784][ T9088] loop2: rw=2049, sector=72, nr_sectors = 1 limit=64
[  363.081372][ T9088] Buffer I/O error on dev loop2, logical block 72, lost async page write
[  363.090218][ T9088] syz.2.808: attempt to access beyond end of device
[  363.090218][ T9088] loop2: rw=2049, sector=73, nr_sectors = 1 limit=64
[  363.104761][ T9088] Buffer I/O error on dev loop2, logical block 73, lost async page write
[  363.114039][ T9088] syz.2.808: attempt to access beyond end of device
[  363.114039][ T9088] loop2: rw=2049, sector=76, nr_sectors = 1 limit=64
[  363.127586][ T9088] Buffer I/O error on dev loop2, logical block 76, lost async page write
[  363.136539][ T9088] syz.2.808: attempt to access beyond end of device
[  363.136539][ T9088] loop2: rw=2049, sector=77, nr_sectors = 1 limit=64
[  363.271909][ T9088] Buffer I/O error on dev loop2, logical block 77, lost async page write
[  363.305200][ T9083] Quota error (device loop5): write_blk: dquota write failed
[  363.323510][ T9083] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  363.351060][ T9083] EXT4-fs error (device loop5): ext4_acquire_dquot:6938: comm syz.5.809: Failed to acquire dquot type 0
[  363.373796][ T9083] EXT4-fs error (device loop5): ext4_free_blocks:6681: comm syz.5.809: Freeing blocks not in datazone - block = 0, count = 4096
[  363.466994][ T9083] EXT4-fs error (device loop5): ext4_read_inode_bitmap:140: comm syz.5.809: Invalid inode bitmap blk 0 in block_group 0
[  363.499861][ T9083] EXT4-fs error (device loop5) in ext4_free_inode:363: Corrupt filesystem
[  363.517702][ T5785] hfs: walked past end of dir
[  363.522028][ T9083] EXT4-fs (loop5): 1 orphan inode deleted
[  363.529915][ T9083] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  363.543535][ T1126] Quota error (device loop5): do_check_range: Getting block 0 out of range 1-7
[  363.595479][ T1126] EXT4-fs error (device loop5): ext4_release_dquot:6974: comm kworker/u4:6: Failed to release dquot type 0
[  363.833845][ T7722] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.852067][ T9100] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  363.994887][ T9106] loop2: detected capacity change from 0 to 1024
[  364.085498][ T9106] pim6reg: entered allmulticast mode
[  364.128526][ T9115] pim6reg: left allmulticast mode
[  364.150692][ T5859] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  364.400382][ T5859] usb 5-1: Using ep0 maxpacket: 32
[  364.421863][ T5859] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  364.433610][ T7955] hfsplus: b-tree write err: -5, ino 4
[  364.454447][ T5859] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  364.494849][ T5859] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  364.530877][ T5859] usb 5-1: Product: syz
[  364.545830][ T5859] usb 5-1: Manufacturer: syz
[  364.565958][ T5859] usb 5-1: SerialNumber: syz
[  364.584351][ T5859] usb 5-1: config 0 descriptor??
[  364.624113][ T9101] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  364.883270][ T9101] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  364.905956][ T9101] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  365.055669][    T8] usb 5-1: USB disconnect, device number 9
[  365.066370][ T9135] loop5: detected capacity change from 0 to 4096
[  365.435559][ T9145] netlink: 8 bytes leftover after parsing attributes in process `syz.6.819'.
[  365.444945][ T9145] veth1_to_hsr: entered promiscuous mode
[  366.042605][ T9145] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/nullb0": -EINTR
[  366.426873][ T9158] loop2: detected capacity change from 0 to 64
[  366.570333][ T5827] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  366.701626][    T8] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  366.864987][ T9163] syz.2.821: attempt to access beyond end of device
[  366.864987][ T9163] loop2: rw=2049, sector=65, nr_sectors = 1 limit=64
[  366.878770][ T9163] Buffer I/O error on dev loop2, logical block 65, lost async page write
[  366.889809][ T9163] syz.2.821: attempt to access beyond end of device
[  366.889809][ T9163] loop2: rw=2049, sector=66, nr_sectors = 1 limit=64
[  366.904809][ T9163] Buffer I/O error on dev loop2, logical block 66, lost async page write
[  367.090457][    T8] usb 7-1: Using ep0 maxpacket: 16
[  367.107064][    T8] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  367.119037][    T8] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  367.128606][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  367.487000][ T5827] usb 6-1: config 5 has an invalid interface number: 123 but max is 0
[  367.491678][    T8] usb 7-1: config 0 descriptor??
[  367.507131][ T5827] usb 6-1: config 5 has no interface number 0
[  367.514132][ T5827] usb 6-1: config 5 interface 123 altsetting 7 has an invalid endpoint with address 0xEB, skipping
[  367.525687][ T5827] usb 6-1: config 5 interface 123 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  367.567783][    T8] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input14
[  367.685343][ T5785] hfs: walked past end of dir
[  367.689526][ T5827] usb 6-1: config 5 interface 123 has no altsetting 0
[  367.702210][ T5827] usb 6-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  367.717767][ T5827] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  367.739353][ T5827] usb 6-1: Product: syz
[  367.743856][ T5827] usb 6-1: Manufacturer: syz
[  367.748503][ T5827] usb 6-1: SerialNumber: syz
[  367.858926][ T5143] bcm5974 7-1:0.0: could not read from device
[  367.859318][ T5859] usb 7-1: USB disconnect, device number 5
[  367.894702][ T5143] bcm5974 7-1:0.0: could not read from device
[  367.940466][ T5935] bcm5974 7-1:0.0: could not read from device
[  367.948717][ T9175] loop2: detected capacity change from 0 to 1024
[  367.956369][ T5143] bcm5974 7-1:0.0: could not read from device
[  367.969196][ T5827] comedi comedi5: Wrong number of endpoints
[  367.983986][ T5827] ni6501 6-1:5.123: driver 'ni6501' failed to auto-configure device.
[  368.070043][ T9175] pim6reg: entered allmulticast mode
[  368.096332][ T5827] usb 6-1: USB disconnect, device number 6
[  368.123107][ T9178] pim6reg: left allmulticast mode
[  369.156035][ T9182] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  369.322071][ T9183] loop4: detected capacity change from 0 to 32768
[  369.601661][ T6897] hfsplus: b-tree write err: -5, ino 4
[  370.133590][ T9218] loop5: detected capacity change from 0 to 64
[  372.361388][ T9229] ubi31: attaching mtd0
[  372.369032][ T9229] ubi31: scanning is finished
[  372.373893][ T9229] ubi31: empty MTD device detected
[  372.386809][ T9227] bio_check_eod: 7 callbacks suppressed
[  372.386827][ T9227] syz.5.831: attempt to access beyond end of device
[  372.386827][ T9227] loop5: rw=2049, sector=65, nr_sectors = 1 limit=64
[  372.406219][ T9227] buffer_io_error: 6 callbacks suppressed
[  372.406232][ T9227] Buffer I/O error on dev loop5, logical block 65, lost async page write
[  372.425397][ T9227] syz.5.831: attempt to access beyond end of device
[  372.425397][ T9227] loop5: rw=2049, sector=66, nr_sectors = 1 limit=64
[  372.439554][ T9227] Buffer I/O error on dev loop5, logical block 66, lost async page write
[  372.450077][ T9227] syz.5.831: attempt to access beyond end of device
[  372.450077][ T9227] loop5: rw=2049, sector=67, nr_sectors = 1 limit=64
[  372.463711][ T9227] Buffer I/O error on dev loop5, logical block 67, lost async page write
[  372.510653][ T9227] syz.5.831: attempt to access beyond end of device
[  372.510653][ T9227] loop5: rw=2049, sector=68, nr_sectors = 1 limit=64
[  372.524584][ T9227] Buffer I/O error on dev loop5, logical block 68, lost async page write
[  372.535718][ T9227] syz.5.831: attempt to access beyond end of device
[  372.535718][ T9227] loop5: rw=2049, sector=72, nr_sectors = 1 limit=64
[  372.549785][ T9227] Buffer I/O error on dev loop5, logical block 72, lost async page write
[  372.560219][ T9227] syz.5.831: attempt to access beyond end of device
[  372.560219][ T9227] loop5: rw=2049, sector=73, nr_sectors = 1 limit=64
[  372.574022][ T9227] Buffer I/O error on dev loop5, logical block 73, lost async page write
[  372.583884][ T9227] syz.5.831: attempt to access beyond end of device
[  372.583884][ T9227] loop5: rw=2049, sector=76, nr_sectors = 1 limit=64
[  372.597394][ T9227] Buffer I/O error on dev loop5, logical block 76, lost async page write
[  372.608382][ T9227] syz.5.831: attempt to access beyond end of device
[  372.608382][ T9227] loop5: rw=2049, sector=77, nr_sectors = 1 limit=64
[  372.622416][ T9227] Buffer I/O error on dev loop5, logical block 77, lost async page write
[  372.684996][ T5777] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  372.744092][ T9229] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  372.751868][ T9229] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  372.759234][ T9229] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  372.766649][ T9229] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  372.774528][ T9229] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  372.781717][ T9229] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  372.790533][ T9229] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1579833092
[  372.801025][ T9229] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  372.860419][ T9232] ubi31: background thread "ubi_bgt31d" started, PID 9232
[  372.924275][ T7722] hfs: walked past end of dir
[  372.940929][ T5777] usb 7-1: Using ep0 maxpacket: 32
[  372.984813][ T5777] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  373.149972][ T5777] usb 7-1: string descriptor 0 read error: -71
[  373.193194][ T5777] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  373.239571][ T5777] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  373.306831][ T5777] usb 7-1: config 0 descriptor??
[  373.341422][ T5777] usb 7-1: can't set config #0, error -71
[  373.368263][ T5777] usb 7-1: USB disconnect, device number 6
[  373.417704][ T9245] loop6: detected capacity change from 0 to 1024
[  373.526666][ T9245] pim6reg: entered allmulticast mode
[  373.532601][ T6649] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  373.570519][ T9245] pim6reg: left allmulticast mode
[  373.600990][ T9248] loop5: detected capacity change from 0 to 4096
[  373.757509][ T6649] usb 3-1: Using ep0 maxpacket: 16
[  373.774170][ T6649] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  373.800561][ T6649] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  373.836820][ T6649] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.864885][ T6649] usb 3-1: config 0 descriptor??
[  373.882457][ T3436] hfsplus: b-tree write err: -5, ino 4
[  373.894063][ T6649] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input15
[  374.011104][ T5827] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  374.360385][ T5859] usb 3-1: USB disconnect, device number 32
[  374.373075][ T5143] bcm5974 3-1:0.0: could not read from device
[  374.392429][ T5827] usb 6-1: config 5 has an invalid interface number: 123 but max is 0
[  374.430290][ T5827] usb 6-1: config 5 has no interface number 0
[  374.476544][ T5827] usb 6-1: config 5 interface 123 altsetting 7 has an invalid endpoint with address 0xEB, skipping
[  374.527915][ T5827] usb 6-1: config 5 interface 123 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  374.553058][ T5143] bcm5974 3-1:0.0: could not read from device
[  374.587362][ T5793] bcm5974 3-1:0.0: could not read from device
[  374.597925][ T9261] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  374.620309][ T5827] usb 6-1: config 5 interface 123 has no altsetting 0
[  374.665689][ T5827] usb 6-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  374.726708][ T5827] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.793008][ T5827] usb 6-1: Product: syz
[  374.840880][ T5827] usb 6-1: Manufacturer: syz
[  374.845576][ T5827] usb 6-1: SerialNumber: syz
[  375.226215][ T5827] comedi comedi5: Wrong number of endpoints
[  375.316349][ T5827] ni6501 6-1:5.123: driver 'ni6501' failed to auto-configure device.
[  375.402363][ T9256] loop6: detected capacity change from 0 to 131072
[  375.432801][ T5827] usb 6-1: USB disconnect, device number 7
[  375.453686][ T9256] F2FS-fs (loop6): Test dummy encryption mode enabled
[  375.480960][ T9256] F2FS-fs (loop6): invalid crc value
[  375.522524][ T9256] F2FS-fs (loop6): Found nat_bits in checkpoint
[  375.577369][ T9256] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  375.618231][ T9256] F2FS-fs (loop6): access invalid blkaddr:1281
[  375.626852][ T9256] CPU: 0 PID: 9256 Comm: syz.6.836 Not tainted 6.6.101-syzkaller #0
[  375.634915][ T9256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  375.645238][ T9256] Call Trace:
[  375.648574][ T9256]  <TASK>
[  375.651578][ T9256]  dump_stack_lvl+0x16c/0x230
[  375.656332][ T9256]  ? show_regs_print_info+0x20/0x20
[  375.661642][ T9256]  ? f2fs_get_next_page_offset+0x690/0x690
[  375.667525][ T9256]  ? __asan_memset+0x22/0x40
[  375.672210][ T9256]  ? __lookup_extent_tree+0xba0/0xba0
[  375.677748][ T9256]  f2fs_is_valid_blkaddr+0xef8/0x1580
[  375.683458][ T9256]  f2fs_get_read_data_page+0x3a4/0x5c0
[  375.688994][ T9256]  ? f2fs_reserve_block+0x240/0x240
[  375.694282][ T9256]  ? __asan_memset+0x22/0x40
[  375.698949][ T9256]  f2fs_find_data_page+0x9f/0x3a0
[  375.704048][ T9256]  __f2fs_find_entry+0x64d/0xca0
[  375.709175][ T9256]  ? f2fs_find_target_dentry+0xbc0/0xbc0
[  375.715030][ T9256]  f2fs_lookup+0x220/0x7b0
[  375.719568][ T9256]  ? d_alloc+0x173/0x1b0
[  375.723995][ T9256]  ? f2fs_encrypted_symlink_getattr+0x50/0x50
[  375.730091][ T9256]  ? __rwlock_init+0x150/0x150
[  375.734892][ T9256]  ? _raw_spin_unlock+0x28/0x40
[  375.739855][ T9256]  ? d_alloc+0x173/0x1b0
[  375.744125][ T9256]  lookup_one_qstr_excl+0x112/0x250
[  375.749527][ T9256]  filename_create+0x222/0x460
[  375.754412][ T9256]  ? kern_path_create+0x50/0x50
[  375.759284][ T9256]  ? __virt_addr_valid+0x18c/0x540
[  375.764516][ T9256]  ? __virt_addr_valid+0x469/0x540
[  375.769693][ T9256]  do_mkdirat+0xa1/0x440
[  375.773977][ T9256]  ? vfs_mkdir+0x440/0x440
[  375.778442][ T9256]  __x64_sys_mkdirat+0x89/0xa0
[  375.783326][ T9256]  do_syscall_64+0x55/0xb0
[  375.787768][ T9256]  ? clear_bhb_loop+0x40/0x90
[  375.792486][ T9256]  ? clear_bhb_loop+0x40/0x90
[  375.797207][ T9256]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  375.803164][ T9256] RIP: 0033:0x7f7026d8d457
[  375.807688][ T9256] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  375.827703][ T9256] RSP: 002b:00007f7027b60e68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  375.836238][ T9256] RAX: ffffffffffffffda RBX: 00007f7027b60ef0 RCX: 00007f7026d8d457
[  375.844520][ T9256] RDX: 00000000000001ff RSI: 0000200000000040 RDI: 00000000ffffff9c
[  375.852645][ T9256] RBP: 00002000000002c0 R08: 00002000000000c0 R09: 0000000000000000
[  375.860731][ T9256] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000200000000040
[  375.868910][ T9256] R13: 00007f7027b60eb0 R14: 0000000000000000 R15: 0000000000000000
[  375.877106][ T9256]  </TASK>
[  377.312905][ T9307] loop4: detected capacity change from 0 to 1024
[  378.258859][ T9309] block device autoloading is deprecated and will be removed.
[  378.324855][ T9307] pim6reg: entered allmulticast mode
[  378.409776][ T9307] pim6reg: left allmulticast mode
[  378.879242][ T9319] loop2: detected capacity change from 0 to 128
[  378.899949][ T9319] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  378.914671][ T9319] ext4 filesystem being mounted at /228/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  378.969080][ T9319] netlink: 4 bytes leftover after parsing attributes in process `syz.2.844'.
[  378.991795][ T7955] hfsplus: b-tree write err: -5, ino 4
[  379.037882][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  379.044748][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  379.128697][ T9323] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  379.140355][ T5827] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  379.380239][ T5827] usb 7-1: Using ep0 maxpacket: 16
[  379.426592][ T5827] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  379.500365][ T5827] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  379.509499][ T5827] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.592530][ T5827] usb 7-1: config 0 descriptor??
[  379.628774][ T5827] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input16
[  379.872610][ T5143] bcm5974 7-1:0.0: could not read from device
[  379.915321][ T5143] bcm5974 7-1:0.0: could not read from device
[  379.937320][ T5143] bcm5974 7-1:0.0: could not read from device
[  379.957540][ T5827] usb 7-1: USB disconnect, device number 7
[  379.986356][ T5143] bcm5974 7-1:0.0: could not read from device
[  380.021884][ T9341] loop4: detected capacity change from 0 to 4096
[  380.753153][ T9353] ubi: mtd0 is already attached to ubi31
[  381.110876][ T5103] Bluetooth: hci3: command 0x0406 tx timeout
[  381.181927][ T5858] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  381.390179][ T5858] usb 5-1: config 5 has an invalid interface number: 123 but max is 0
[  381.408962][ T5858] usb 5-1: config 5 has no interface number 0
[  381.425697][ T5858] usb 5-1: config 5 interface 123 altsetting 7 has an invalid endpoint with address 0xEB, skipping
[  381.460212][ T5858] usb 5-1: config 5 interface 123 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  381.511140][ T5858] usb 5-1: config 5 interface 123 has no altsetting 0
[  381.534755][ T5858] usb 5-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  381.550301][ T5858] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  381.568693][ T5858] usb 5-1: Product: syz
[  381.576971][ T5858] usb 5-1: Manufacturer: syz
[  381.586791][ T5858] usb 5-1: SerialNumber: syz
[  381.725404][ T5785] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  381.856961][ T5858] comedi comedi5: Wrong number of endpoints
[  381.874936][ T5858] ni6501 5-1:5.123: driver 'ni6501' failed to auto-configure device.
[  381.909366][ T5858] usb 5-1: USB disconnect, device number 10
[  382.269587][ T9377] loop6: detected capacity change from 0 to 1024
[  382.413909][ T9377] pim6reg: entered allmulticast mode
[  382.681220][ T9380] pim6reg: left allmulticast mode
[  383.720434][    T8] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  383.767855][ T3436] hfsplus: b-tree write err: -5, ino 4
[  383.935508][ T9395] netlink: 68 bytes leftover after parsing attributes in process `syz.5.858'.
[  384.578706][    T8] usb 3-1: Using ep0 maxpacket: 16
[  384.610653][    T8] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  384.630810][    T8] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  384.640025][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.660829][    T8] usb 3-1: config 0 descriptor??
[  384.727456][    T8] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input17
[  384.969861][ T9409] loop6: detected capacity change from 0 to 128
[  384.986971][ T5143] bcm5974 3-1:0.0: could not read from device
[  385.022953][ T9409] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  385.041441][ T9409] ext4 filesystem being mounted at /72/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  385.130616][    T8] usb 3-1: USB disconnect, device number 33
[  385.137456][ T5143] bcm5974 3-1:0.0: could not read from device
[  385.161581][ T9409] netlink: 4 bytes leftover after parsing attributes in process `syz.6.861'.
[  386.923088][    T8] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  387.056483][ T9437] loop2: detected capacity change from 0 to 32768
[  387.161174][    T8] usb 5-1: Using ep0 maxpacket: 16
[  387.177191][    T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  387.196595][    T8] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  387.280463][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  387.308212][    T8] usb 5-1: config 0 descriptor??
[  387.357442][    T8] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input18
[  387.469329][ T9445] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  387.509443][ T9445] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[  387.816950][ T5143] bcm5974 5-1:0.0: could not read from device
[  388.119324][ T9457] ubi: mtd0 is already attached to ubi31
[  388.602927][    T8] usb 5-1: USB disconnect, device number 11
[  388.914350][ T7795] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  388.999220][ T9465] loop4: detected capacity change from 0 to 1024
[  389.582576][ T9478] netlink: 68 bytes leftover after parsing attributes in process `syz.6.871'.
[  389.981191][ T3436] hfsplus: b-tree write err: -5, ino 4
[  390.600203][ T9492] blktrace: Concurrent blktraces are not allowed on sg0
[  390.677245][ T9486] loop5: detected capacity change from 0 to 4096
[  391.100909][ T9498] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  391.135228][ T9498] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  391.352661][ T5103] Bluetooth: hci1: command 0x0406 tx timeout
[  391.360507][    T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  391.680231][    T9] usb 5-1: Using ep0 maxpacket: 16
[  391.730869][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  391.741449][    T9] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  391.758944][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.784678][    T9] usb 5-1: config 0 descriptor??
[  391.808420][    T9] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input19
[  391.922751][ T9512] loop6: detected capacity change from 0 to 128
[  392.011301][ T9512] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  392.032559][ T9512] ext4 filesystem being mounted at /75/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  392.059566][ T9512] netlink: 4 bytes leftover after parsing attributes in process `syz.6.881'.
[  392.174132][ T5143] bcm5974 5-1:0.0: could not read from device
[  392.210968][ T5143] bcm5974 5-1:0.0: could not read from device
[  392.263173][ T5143] bcm5974 5-1:0.0: could not read from device
[  392.291418][    T9] usb 5-1: USB disconnect, device number 12
[  392.308503][ T5143] bcm5974 5-1:0.0: could not read from device
[  392.480628][ T9519] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  393.454935][ T9546] netlink: 68 bytes leftover after parsing attributes in process `syz.4.885'.
[  394.705273][ T9553] loop5: detected capacity change from 0 to 1024
[  394.921284][   T59] hfsplus: b-tree write err: -5, ino 4
[  395.103573][ T7795] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  395.163229][ T9563] loop5: detected capacity change from 0 to 1024
[  395.425094][ T9565] blktrace: Concurrent blktraces are not allowed on sg0
[  396.254756][   T59] hfsplus: b-tree write err: -5, ino 4
[  396.520753][ T9575] ubi: mtd0 is already attached to ubi31
[  397.465854][ T9587] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  397.484830][ T9587] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  397.690240][    T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  397.773333][ T9597] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  397.891476][    T9] usb 6-1: Using ep0 maxpacket: 16
[  397.916877][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  397.947781][    T9] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  397.971561][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  398.003423][    T9] usb 6-1: config 0 descriptor??
[  398.046264][    T9] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input20
[  398.364119][ T5143] bcm5974 6-1:0.0: could not read from device
[  398.424945][ T5143] bcm5974 6-1:0.0: could not read from device
[  398.432415][    T9] usb 6-1: USB disconnect, device number 8
[  398.471247][ T5143] bcm5974 6-1:0.0: could not read from device
[  398.884819][ T9632] netlink: 68 bytes leftover after parsing attributes in process `syz.2.896'.
[  399.711398][ T9639] loop4: detected capacity change from 0 to 128
[  399.771583][ T9639] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  399.784927][ T9639] ext4 filesystem being mounted at /96/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  399.881720][ T9639] netlink: 4 bytes leftover after parsing attributes in process `syz.4.899'.
[  401.404942][ T9657] blktrace: Concurrent blktraces are not allowed on sg0
[  402.488112][ T9672] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  402.545718][ T9672] tipc: Resetting bearer <eth:syzkaller0>
[  402.629167][ T9670] tipc: Disabling bearer <eth:syzkaller0>
[  403.005500][ T9686] netlink: 68 bytes leftover after parsing attributes in process `syz.5.910'.
[  403.820366][ T5877] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  403.836497][ T7531] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  404.030285][ T5877] usb 7-1: Using ep0 maxpacket: 16
[  404.041032][ T5877] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  404.058316][ T5877] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  404.087010][ T5877] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.122583][ T5877] usb 7-1: config 0 descriptor??
[  404.149776][ T5877] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input21
[  404.484181][ T5143] bcm5974 7-1:0.0: could not read from device
[  404.509731][ T5143] bcm5974 7-1:0.0: could not read from device
[  404.535776][ T5877] usb 7-1: USB disconnect, device number 8
[  404.573069][ T5143] bcm5974 7-1:0.0: could not read from device
[  405.434988][ T9736] netlink: 68 bytes leftover after parsing attributes in process `syz.2.920'.
[  406.010309][   T23] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  406.197683][ T9746] loop6: detected capacity change from 0 to 128
[  406.284637][   T23] usb 6-1: Using ep0 maxpacket: 32
[  406.292158][ T9746] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  406.310655][ T9746] ext4 filesystem being mounted at /81/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  406.336726][ T9746] netlink: 4 bytes leftover after parsing attributes in process `syz.6.922'.
[  406.351622][   T23] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  406.372856][   T23] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  406.410402][   T23] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  406.451609][   T23] usb 6-1: Product: syz
[  406.455876][   T23] usb 6-1: Manufacturer: syz
[  406.493525][   T23] usb 6-1: SerialNumber: syz
[  406.515749][   T23] usb 6-1: config 0 descriptor??
[  406.561300][ T9731] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  406.674789][ T9751] loop4: detected capacity change from 0 to 4096
[  406.832400][ T9731] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  406.884717][ T9731] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  407.220514][ T5877] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[  407.446316][ T5877] usb 5-1: config 5 has an invalid interface number: 123 but max is 0
[  407.479033][ T5877] usb 5-1: config 5 has no interface number 0
[  407.497113][ T5877] usb 5-1: config 5 interface 123 altsetting 7 has an invalid endpoint with address 0xEB, skipping
[  407.544142][ T5877] usb 5-1: config 5 interface 123 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  407.593555][ T5877] usb 5-1: config 5 interface 123 has no altsetting 0
[  407.632984][ T5877] usb 5-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  407.666103][ T5877] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  407.699994][ T5877] usb 5-1: Product: syz
[  407.714025][ T5877] usb 5-1: Manufacturer: syz
[  407.725991][ T5877] usb 5-1: SerialNumber: syz
[  407.989937][ T5877] comedi comedi5: Wrong number of endpoints
[  408.003799][ T5877] ni6501 5-1:5.123: driver 'ni6501' failed to auto-configure device.
[  408.012590][    T9] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  408.054129][ T5877] usb 5-1: USB disconnect, device number 13
[  408.210467][    T9] usb 3-1: Using ep0 maxpacket: 16
[  408.227153][ T7795] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  408.238447][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  408.266591][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  408.293737][ T5858] usb 6-1: USB disconnect, device number 9
[  408.305370][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.343199][    T9] usb 3-1: config 0 descriptor??
[  408.367293][    T9] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input22
[  408.673282][ T5143] bcm5974 3-1:0.0: could not read from device
[  408.674694][ T5858] usb 3-1: USB disconnect, device number 34
[  408.734019][ T5935] bcm5974 3-1:0.0: could not read from device
[  408.776590][ T5143] bcm5974 3-1:0.0: could not read from device
[  409.316934][ T9805] netlink: 68 bytes leftover after parsing attributes in process `syz.4.933'.
[  411.236692][ T9838] loop2: detected capacity change from 0 to 128
[  411.270315][ T9838] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  411.312888][ T9838] ext4 filesystem being mounted at /254/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  411.377705][ T9838] netlink: 4 bytes leftover after parsing attributes in process `syz.2.939'.
[  411.597628][ T5844] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  411.830752][ T5844] usb 7-1: Using ep0 maxpacket: 32
[  411.863710][ T5844] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  411.937277][ T5844] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  411.950355][ T5844] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  411.959338][ T5844] usb 7-1: Product: syz
[  411.963829][ T5844] usb 7-1: Manufacturer: syz
[  411.968697][ T5844] usb 7-1: SerialNumber: syz
[  411.972242][ T9846] loop5: detected capacity change from 0 to 4096
[  411.994681][ T5844] usb 7-1: config 0 descriptor??
[  412.009301][ T9842] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  412.470540][ T9842] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  412.515661][ T9842] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  412.644948][ T5844] usb 7-1: USB disconnect, device number 9
[  412.860731][ T5877] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[  413.062640][ T5877] usb 6-1: config 5 has an invalid interface number: 123 but max is 0
[  413.080920][ T5877] usb 6-1: config 5 has no interface number 0
[  413.097434][ T5877] usb 6-1: config 5 interface 123 altsetting 7 has an invalid endpoint with address 0xEB, skipping
[  413.110466][ T5859] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  413.119670][ T5877] usb 6-1: config 5 interface 123 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  413.152485][ T5877] usb 6-1: config 5 interface 123 has no altsetting 0
[  413.163325][ T5877] usb 6-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  413.190347][ T5877] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.198480][ T5877] usb 6-1: Product: syz
[  413.210665][ T5877] usb 6-1: Manufacturer: syz
[  413.220464][ T5877] usb 6-1: SerialNumber: syz
[  413.275356][ T5785] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  413.300324][ T5859] usb 5-1: Using ep0 maxpacket: 16
[  413.314066][ T5859] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  413.360354][ T5859] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  413.577921][ T5877] comedi comedi5: Wrong number of endpoints
[  413.583982][ T5877] ni6501 6-1:5.123: driver 'ni6501' failed to auto-configure device.
[  413.598489][ T5859] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.793057][ T9874] netlink: 68 bytes leftover after parsing attributes in process `syz.2.944'.
[  414.166254][ T5877] usb 6-1: USB disconnect, device number 10
[  414.179721][ T5859] usb 5-1: config 0 descriptor??
[  414.401354][ T5859] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input23
[  414.562091][ T5143] bcm5974 5-1:0.0: could not read from device
[  414.601887][ T5859] usb 5-1: USB disconnect, device number 14
[  415.251044][ T9897] blktrace: Concurrent blktraces are not allowed on sg0
[  416.191436][ T5844] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  416.380330][ T5844] usb 7-1: Using ep0 maxpacket: 32
[  416.403223][ T5844] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  416.434387][ T5844] usb 7-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  416.451669][ T5844] usb 7-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  416.468032][ T5844] usb 7-1: Product: syz
[  416.474736][ T5844] usb 7-1: Manufacturer: syz
[  416.479491][ T5844] usb 7-1: SerialNumber: syz
[  416.492207][ T5844] usb 7-1: config 0 descriptor??
[  416.501360][ T9909] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  416.592730][ T9919] loop4: detected capacity change from 0 to 128
[  416.915282][ T9909] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  416.944378][ T9919] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  416.959640][ T9919] ext4 filesystem being mounted at /107/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  416.977694][ T9918] netlink: 4 bytes leftover after parsing attributes in process `syz.4.953'.
[  417.031987][ T9909] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  417.138005][ T5844] usb 7-1: USB disconnect, device number 10
[  417.279779][ T9925] loop5: detected capacity change from 0 to 4096
[  417.575277][ T7531] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  417.700475][ T5844] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  417.725093][ T9933] loop4: detected capacity change from 0 to 1024
[  417.925032][ T5844] usb 6-1: config 5 has an invalid interface number: 123 but max is 0
[  417.966222][ T5844] usb 6-1: config 5 has no interface number 0
[  417.990223][ T5844] usb 6-1: config 5 interface 123 altsetting 7 has an invalid endpoint with address 0xEB, skipping
[  418.003360][ T3463] hfsplus: b-tree write err: -5, ino 4
[  418.066572][ T5844] usb 6-1: config 5 interface 123 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  418.139492][ T5844] usb 6-1: config 5 interface 123 has no altsetting 0
[  418.190882][ T5844] usb 6-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  418.211134][ T5844] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.250196][ T5844] usb 6-1: Product: syz
[  418.262620][ T5844] usb 6-1: Manufacturer: syz
[  418.267425][ T5844] usb 6-1: SerialNumber: syz
[  418.362419][ T9947] loop6: detected capacity change from 0 to 64
[  418.538554][ T5844] comedi comedi5: Wrong number of endpoints
[  418.572864][ T5844] ni6501 6-1:5.123: driver 'ni6501' failed to auto-configure device.
[  418.636601][ T5844] usb 6-1: USB disconnect, device number 11
[  418.800951][ T5858] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  419.267036][ T9957] syz.6.962: attempt to access beyond end of device
[  419.267036][ T9957] loop6: rw=2049, sector=65, nr_sectors = 1 limit=64
[  419.283263][ T9957] Buffer I/O error on dev loop6, logical block 65, lost async page write
[  419.292396][ T9957] syz.6.962: attempt to access beyond end of device
[  419.292396][ T9957] loop6: rw=2049, sector=66, nr_sectors = 1 limit=64
[  419.305804][ T9957] Buffer I/O error on dev loop6, logical block 66, lost async page write
[  419.315997][ T9957] syz.6.962: attempt to access beyond end of device
[  419.315997][ T9957] loop6: rw=2049, sector=67, nr_sectors = 1 limit=64
[  419.329638][ T9957] Buffer I/O error on dev loop6, logical block 67, lost async page write
[  419.338813][ T9957] syz.6.962: attempt to access beyond end of device
[  419.338813][ T9957] loop6: rw=2049, sector=68, nr_sectors = 1 limit=64
[  419.352553][ T9957] Buffer I/O error on dev loop6, logical block 68, lost async page write
[  419.361998][ T9957] syz.6.962: attempt to access beyond end of device
[  419.361998][ T9957] loop6: rw=2049, sector=72, nr_sectors = 1 limit=64
[  419.375406][ T9957] Buffer I/O error on dev loop6, logical block 72, lost async page write
[  419.384621][ T9957] syz.6.962: attempt to access beyond end of device
[  419.384621][ T9957] loop6: rw=2049, sector=73, nr_sectors = 1 limit=64
[  419.404673][ T9957] Buffer I/O error on dev loop6, logical block 73, lost async page write
[  419.415083][ T9957] syz.6.962: attempt to access beyond end of device
[  419.415083][ T9957] loop6: rw=2049, sector=76, nr_sectors = 1 limit=64
[  419.428690][ T9957] Buffer I/O error on dev loop6, logical block 76, lost async page write
[  419.437306][ T9957] syz.6.962: attempt to access beyond end of device
[  419.437306][ T9957] loop6: rw=2049, sector=77, nr_sectors = 1 limit=64
[  419.450853][ T9957] Buffer I/O error on dev loop6, logical block 77, lost async page write
[  419.696726][ T7795] hfs: walked past end of dir
[  419.733763][ T5858] usb 3-1: Using ep0 maxpacket: 16
[  419.775728][ T5858] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  419.810989][ T5858] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  420.614109][ T5858] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.631490][ T5858] usb 3-1: config 0 descriptor??
[  420.647125][ T5858] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input24
[  420.841311][ T9975] loop4: detected capacity change from 0 to 1024
[  420.951165][ T5143] bcm5974 3-1:0.0: could not read from device
[  420.998125][ T5143] bcm5974 3-1:0.0: could not read from device
[  421.004530][ T5877] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  421.010811][ T3436] hfsplus: b-tree write err: -5, ino 4
[  421.012414][ T5858] usb 3-1: USB disconnect, device number 35
[  421.048699][ T5143] bcm5974 3-1:0.0: could not read from device
[  421.061405][ T5788] bcm5974 3-1:0.0: could not read from device
[  421.106766][ T5143] bcm5974 3-1:0.0: could not read from device
[  421.221418][ T5877] usb 6-1: Using ep0 maxpacket: 32
[  421.230013][ T5877] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  421.258743][ T5877] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  421.280359][ T5877] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  421.306924][ T5877] usb 6-1: Product: syz
[  421.317673][ T5877] usb 6-1: Manufacturer: syz
[  421.326970][ T5877] usb 6-1: SerialNumber: syz
[  421.339941][ T5877] usb 6-1: config 0 descriptor??
[  421.377639][ T9971] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  421.531786][ T9990] loop6: detected capacity change from 0 to 128
[  421.810563][ T9971] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  421.827527][ T9990] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  421.847761][ T9990] ext4 filesystem being mounted at /92/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  421.869798][ T9984] netlink: 4 bytes leftover after parsing attributes in process `syz.6.966'.
[  421.899740][ T9971] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  422.025211][ T5859] usb 6-1: USB disconnect, device number 12
[  422.267973][ T7795] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  422.547675][T10014] loop4: detected capacity change from 0 to 4096
[  422.597464][T10017] loop6: detected capacity change from 0 to 64
[  422.913292][T10021] loop2: detected capacity change from 0 to 1024
[  422.950222][  T787] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  423.475868][T10026] syz.6.976: attempt to access beyond end of device
[  423.475868][T10026] loop6: rw=2049, sector=65, nr_sectors = 1 limit=64
[  423.489293][T10026] Buffer I/O error on dev loop6, logical block 65, lost async page write
[  423.500083][T10026] syz.6.976: attempt to access beyond end of device
[  423.500083][T10026] loop6: rw=2049, sector=66, nr_sectors = 1 limit=64
[  423.514805][T10026] Buffer I/O error on dev loop6, logical block 66, lost async page write
[  424.000677][  T787] usb 5-1: config 5 has an invalid interface number: 123 but max is 0
[  424.052802][  T787] usb 5-1: config 5 has no interface number 0
[  424.059009][  T787] usb 5-1: config 5 interface 123 altsetting 7 has an invalid endpoint with address 0xEB, skipping
[  424.083283][ T7795] hfs: walked past end of dir
[  424.134644][  T787] usb 5-1: config 5 interface 123 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  424.222253][  T787] usb 5-1: config 5 interface 123 has no altsetting 0
[  424.243701][  T787] usb 5-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  424.245994][ T7955] hfsplus: b-tree write err: -5, ino 4
[  424.273450][  T787] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.324899][  T787] usb 5-1: Product: syz
[  424.349264][  T787] usb 5-1: Manufacturer: syz
[  424.362932][  T787] usb 5-1: SerialNumber: syz
[  424.581779][T10048] blktrace: Concurrent blktraces are not allowed on sg0
[  424.700260][    T9] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  424.776190][  T787] comedi comedi5: Wrong number of endpoints
[  424.782429][  T787] ni6501 5-1:5.123: driver 'ni6501' failed to auto-configure device.
[  424.857371][  T787] usb 5-1: USB disconnect, device number 15
[  425.310361][    T9] usb 7-1: Using ep0 maxpacket: 16
[  425.322183][    T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  425.347438][    T9] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  425.373809][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.403045][    T9] usb 7-1: config 0 descriptor??
[  425.460344][    T9] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input25
[  425.817811][ T5143] bcm5974 7-1:0.0: could not read from device
[  425.819145][  T787] usb 7-1: USB disconnect, device number 11
[  425.847296][ T5935] bcm5974 7-1:0.0: could not read from device
[  426.422300][T10076] loop5: detected capacity change from 0 to 128
[  426.438297][T10074] netlink: 68 bytes leftover after parsing attributes in process `syz.4.993'.
[  427.938188][T10076] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  427.967374][T10076] ext4 filesystem being mounted at /100/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  427.984098][T10073] netlink: 4 bytes leftover after parsing attributes in process `syz.5.982'.
[  428.276498][T10086] loop6: detected capacity change from 0 to 1024
[  428.942314][ T7955] hfsplus: b-tree write err: -5, ino 4
[  429.170788][T10100] loop6: detected capacity change from 0 to 64
[  429.178735][T10097] syzkaller0: entered promiscuous mode
[  429.207227][T10097] syzkaller0: entered allmulticast mode
[  430.003138][T10107] bio_check_eod: 7 callbacks suppressed
[  430.003180][T10107] syz.6.989: attempt to access beyond end of device
[  430.003180][T10107] loop6: rw=2049, sector=65, nr_sectors = 1 limit=64
[  430.022286][T10107] buffer_io_error: 6 callbacks suppressed
[  430.022325][T10107] Buffer I/O error on dev loop6, logical block 65, lost async page write
[  430.037153][T10107] syz.6.989: attempt to access beyond end of device
[  430.037153][T10107] loop6: rw=2049, sector=66, nr_sectors = 1 limit=64
[  430.050651][T10107] Buffer I/O error on dev loop6, logical block 66, lost async page write
[  430.059622][T10107] syz.6.989: attempt to access beyond end of device
[  430.059622][T10107] loop6: rw=2049, sector=67, nr_sectors = 1 limit=64
[  430.074949][T10107] Buffer I/O error on dev loop6, logical block 67, lost async page write
[  430.084069][T10107] syz.6.989: attempt to access beyond end of device
[  430.084069][T10107] loop6: rw=2049, sector=68, nr_sectors = 1 limit=64
[  430.097583][T10107] Buffer I/O error on dev loop6, logical block 68, lost async page write
[  430.106509][T10107] syz.6.989: attempt to access beyond end of device
[  430.106509][T10107] loop6: rw=2049, sector=72, nr_sectors = 1 limit=64
[  430.120008][T10107] Buffer I/O error on dev loop6, logical block 72, lost async page write
[  430.130910][T10107] syz.6.989: attempt to access beyond end of device
[  430.130910][T10107] loop6: rw=2049, sector=73, nr_sectors = 1 limit=64
[  430.144354][T10107] Buffer I/O error on dev loop6, logical block 73, lost async page write
[  430.153274][T10107] syz.6.989: attempt to access beyond end of device
[  430.153274][T10107] loop6: rw=2049, sector=76, nr_sectors = 1 limit=64
[  430.167848][T10107] Buffer I/O error on dev loop6, logical block 76, lost async page write
[  430.176938][T10107] syz.6.989: attempt to access beyond end of device
[  430.176938][T10107] loop6: rw=2049, sector=77, nr_sectors = 1 limit=64
[  430.190261][T10107] Buffer I/O error on dev loop6, logical block 77, lost async page write
[  430.207518][T10107] syz.6.989: attempt to access beyond end of device
[  430.207518][T10107] loop6: rw=2049, sector=78, nr_sectors = 760 limit=64
[  430.528423][ T7795] hfs: walked past end of dir
[  431.539878][ T7722] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  431.725278][T10130] netlink: 68 bytes leftover after parsing attributes in process `syz.6.995'.
[  432.409585][T10135] loop4: detected capacity change from 0 to 128
[  432.973635][T10135] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  432.994702][T10135] ext4 filesystem being mounted at /122/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  433.022976][T10135] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1004'.
[  433.277827][ T7531] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  433.296266][T10139] loop2: detected capacity change from 0 to 1024
[  433.400237][  T787] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  433.620346][  T787] usb 7-1: Using ep0 maxpacket: 16
[  433.651219][  T787] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  433.694101][  T787] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  433.708980][  T787] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.745125][  T787] usb 7-1: config 0 descriptor??
[  433.820588][  T787] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input26
[  434.130956][ T3483] hfsplus: b-tree write err: -5, ino 4
[  434.268995][ T5143] bcm5974 7-1:0.0: could not read from device
[  434.271413][ T5827] usb 7-1: USB disconnect, device number 12
[  434.319574][ T5802] bcm5974 7-1:0.0: could not read from device
[  437.824643][T10176] loop6: detected capacity change from 0 to 64
[  438.557308][T10182] netlink: 68 bytes leftover after parsing attributes in process `syz.5.1006'.
[  438.930219][T10186] syz.6.1005: attempt to access beyond end of device
[  438.930219][T10186] loop6: rw=2049, sector=65, nr_sectors = 1 limit=64
[  438.943691][T10186] Buffer I/O error on dev loop6, logical block 65, lost async page write
[  438.953185][T10186] syz.6.1005: attempt to access beyond end of device
[  438.953185][T10186] loop6: rw=2049, sector=66, nr_sectors = 1 limit=64
[  438.966627][T10186] Buffer I/O error on dev loop6, logical block 66, lost async page write
[  438.979514][T10186] syz.6.1005: attempt to access beyond end of device
[  438.979514][T10186] loop6: rw=2049, sector=67, nr_sectors = 1 limit=64
[  439.008188][T10186] Buffer I/O error on dev loop6, logical block 67, lost async page write
[  439.017247][T10186] syz.6.1005: attempt to access beyond end of device
[  439.017247][T10186] loop6: rw=2049, sector=68, nr_sectors = 1 limit=64
[  439.031163][T10186] Buffer I/O error on dev loop6, logical block 68, lost async page write
[  439.039822][T10186] syz.6.1005: attempt to access beyond end of device
[  439.039822][T10186] loop6: rw=2049, sector=72, nr_sectors = 1 limit=64
[  439.053384][T10186] Buffer I/O error on dev loop6, logical block 72, lost async page write
[  439.062157][T10186] syz.6.1005: attempt to access beyond end of device
[  439.062157][T10186] loop6: rw=2049, sector=73, nr_sectors = 1 limit=64
[  439.079361][T10186] Buffer I/O error on dev loop6, logical block 73, lost async page write
[  439.088321][T10186] syz.6.1005: attempt to access beyond end of device
[  439.088321][T10186] loop6: rw=2049, sector=76, nr_sectors = 1 limit=64
[  439.102251][T10186] Buffer I/O error on dev loop6, logical block 76, lost async page write
[  439.111178][T10186] syz.6.1005: attempt to access beyond end of device
[  439.111178][T10186] loop6: rw=2049, sector=77, nr_sectors = 1 limit=64
[  439.124838][T10186] Buffer I/O error on dev loop6, logical block 77, lost async page write
[  439.137397][T10186] syz.6.1005: attempt to access beyond end of device
[  439.137397][T10186] loop6: rw=2049, sector=78, nr_sectors = 760 limit=64
[  440.296803][T10202] loop5: detected capacity change from 0 to 128
[  441.052121][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  441.149710][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  441.314271][T10202] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  441.361443][T10202] ext4 filesystem being mounted at /105/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  441.383768][T10199] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1011'.
[  441.718257][ T7722] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  442.791126][    T9] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  442.807086][T10231] loop4: detected capacity change from 0 to 64
[  443.558429][T10237] syz.4.1020: attempt to access beyond end of device
[  443.558429][T10237] loop4: rw=2049, sector=65, nr_sectors = 1 limit=64
[  443.572416][T10237] Buffer I/O error on dev loop4, logical block 65, lost async page write
[  443.586263][T10237] Buffer I/O error on dev loop4, logical block 66, lost async page write
[  443.630170][T10238] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1019'.
[  444.160250][    T9] usb 6-1: Using ep0 maxpacket: 16
[  444.201699][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  444.285204][    T9] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  444.323731][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.382205][    T9] usb 6-1: config 0 descriptor??
[  444.431038][    T9] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input27
[  444.918520][ T5143] bcm5974 6-1:0.0: could not read from device
[  445.688303][    T9] usb 6-1: USB disconnect, device number 13
[  445.707888][ T5143] bcm5974 6-1:0.0: could not read from device
[  447.229776][T10274] syzkaller0: entered promiscuous mode
[  447.249025][T10274] syzkaller0: entered allmulticast mode
[  448.373373][T10287] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1030'.
[  449.322014][  T787] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  449.540209][  T787] usb 5-1: Using ep0 maxpacket: 16
[  449.550797][  T787] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  449.585156][  T787] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  449.620284][  T787] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  449.658518][  T787] usb 5-1: config 0 descriptor??
[  449.712275][  T787] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input28
[  450.069380][ T5143] bcm5974 5-1:0.0: could not read from device
[  450.833040][ T5143] bcm5974 5-1:0.0: could not read from device
[  451.071914][T10328] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1041'.
[  451.350826][  T787] usb 5-1: USB disconnect, device number 16
[  451.732559][T10334] syzkaller0: entered promiscuous mode
[  451.738272][T10334] syzkaller0: entered allmulticast mode
[  454.470898][T10368] loop2: detected capacity change from 0 to 256
[  454.560403][T10370] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1051'.
[  454.580885][T10370] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1051'.
[  455.110212][  T787] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  455.206889][T10368] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  455.345316][   T27] audit: type=1800 audit(1754502992.766:11): pid=10368 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1053" name="file1" dev="loop2" ino=1048604 res=0 errno=0
[  455.400473][  T787] usb 6-1: Using ep0 maxpacket: 16
[  455.426861][  T787] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  455.492491][  T787] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  455.529853][  T787] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.575806][  T787] usb 6-1: config 0 descriptor??
[  455.612248][T10376] syzkaller0: entered promiscuous mode
[  455.628203][T10376] syzkaller0: entered allmulticast mode
[  455.638967][  T787] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input29
[  455.971693][ T5143] bcm5974 6-1:0.0: could not read from device
[  456.057462][ T5143] bcm5974 6-1:0.0: could not read from device
[  456.067410][  T787] usb 6-1: USB disconnect, device number 14
[  456.163673][ T5143] bcm5974 6-1:0.0: could not read from device
[  457.137276][T10407] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1062'.
[  457.315884][T10410] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1062'.
[  459.152446][ T5794] Bluetooth: Frame is too long (len 18, expected len 4)
[  459.703578][T10426] syzkaller0: entered promiscuous mode
[  459.709217][T10426] syzkaller0: entered allmulticast mode
[  460.230433][    T8] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  460.430240][    T8] usb 6-1: Using ep0 maxpacket: 16
[  460.463069][    T8] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  460.495249][    T8] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  460.505886][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  460.769158][    T8] usb 6-1: config 0 descriptor??
[  461.202875][T10447] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1073'.
[  461.934845][    T8] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input30
[  462.471654][ T5143] bcm5974 6-1:0.0: could not read from device
[  462.550319][    T8] usb 6-1: USB disconnect, device number 15
[  463.843459][T10492] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1084'.
[  465.925506][   T27] audit: type=1326 audit(1754503003.356:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10508 comm="syz.5.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c7078ebe9 code=0x7ffc0000
[  465.973683][   T27] audit: type=1326 audit(1754503003.356:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10508 comm="syz.5.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1c7078ebe9 code=0x7ffc0000
[  466.025024][   T27] audit: type=1326 audit(1754503003.386:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10508 comm="syz.5.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f1c7078ebe9 code=0x7ffc0000
[  466.071094][   T27] audit: type=1326 audit(1754503003.386:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10508 comm="syz.5.1090" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f1c7078ebe9 code=0x7ffc0000
[  466.209216][T10511] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1095'.
[  466.430248][    T8] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  466.611087][    T8] usb 6-1: Using ep0 maxpacket: 16
[  466.630992][    T8] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  466.653589][    T8] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  466.687640][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  466.726401][    T8] usb 6-1: config 0 descriptor??
[  466.772817][    T8] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input31
[  466.984690][T10529] syzkaller0: entered promiscuous mode
[  467.010368][T10529] syzkaller0: entered allmulticast mode
[  467.022481][ T5143] bcm5974 6-1:0.0: could not read from device
[  467.062638][ T5143] bcm5974 6-1:0.0: could not read from device
[  467.080917][    T8] usb 6-1: USB disconnect, device number 16
[  467.113488][ T5788] bcm5974 6-1:0.0: could not read from device
[  468.999683][T10556] syzkaller0: entered promiscuous mode
[  469.016799][T10556] syzkaller0: entered allmulticast mode
[  469.702293][ T5877] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  470.000997][ T5877] usb 7-1: Using ep0 maxpacket: 16
[  470.022229][ T5877] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  470.270151][T10575] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1115'.
[  470.599315][ T5877] usb 7-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  470.667139][ T5877] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.681384][ T5877] usb 7-1: config 0 descriptor??
[  470.695636][ T5877] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input32
[  471.004806][ T5143] bcm5974 7-1:0.0: could not read from device
[  471.019883][ T5877] usb 7-1: USB disconnect, device number 13
[  471.035447][ T5143] bcm5974 7-1:0.0: could not read from device
[  471.046898][ T5143] bcm5974 7-1:0.0: could not read from device
[  471.818074][T10597] syzkaller0: entered promiscuous mode
[  471.837707][T10597] syzkaller0: entered allmulticast mode
[  472.643738][ T5794] Bluetooth: Frame is too long (len 18, expected len 4)
[  472.700433][T10603] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1125'.
[  474.034029][T10633] loop5: detected capacity change from 0 to 64
[  474.060228][T10047] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  474.409272][T10641] netlink: 68 bytes leftover after parsing attributes in process `syz.6.1135'.
[  474.845022][T10642] bio_check_eod: 8 callbacks suppressed
[  474.845041][T10642] syz.5.1134: attempt to access beyond end of device
[  474.845041][T10642] loop5: rw=2049, sector=65, nr_sectors = 1 limit=64
[  474.881888][T10642] buffer_io_error: 6 callbacks suppressed
[  474.881905][T10642] Buffer I/O error on dev loop5, logical block 65, lost async page write
[  474.896542][T10642] syz.5.1134: attempt to access beyond end of device
[  474.896542][T10642] loop5: rw=2049, sector=66, nr_sectors = 1 limit=64
[  474.910217][T10642] Buffer I/O error on dev loop5, logical block 66, lost async page write
[  474.922589][T10642] syz.5.1134: attempt to access beyond end of device
[  474.922589][T10642] loop5: rw=2049, sector=67, nr_sectors = 1 limit=64
[  474.936251][T10642] Buffer I/O error on dev loop5, logical block 67, lost async page write
[  474.945329][T10642] syz.5.1134: attempt to access beyond end of device
[  474.945329][T10642] loop5: rw=2049, sector=68, nr_sectors = 1 limit=64
[  474.959289][T10642] Buffer I/O error on dev loop5, logical block 68, lost async page write
[  474.967987][T10642] syz.5.1134: attempt to access beyond end of device
[  474.967987][T10642] loop5: rw=2049, sector=72, nr_sectors = 1 limit=64
[  474.991675][T10642] Buffer I/O error on dev loop5, logical block 72, lost async page write
[  475.000661][T10642] syz.5.1134: attempt to access beyond end of device
[  475.000661][T10642] loop5: rw=2049, sector=73, nr_sectors = 1 limit=64
[  475.014255][T10642] Buffer I/O error on dev loop5, logical block 73, lost async page write
[  475.026536][T10642] syz.5.1134: attempt to access beyond end of device
[  475.026536][T10642] loop5: rw=2049, sector=76, nr_sectors = 1 limit=64
[  475.040465][T10642] Buffer I/O error on dev loop5, logical block 76, lost async page write
[  475.049244][T10642] syz.5.1134: attempt to access beyond end of device
[  475.049244][T10642] loop5: rw=2049, sector=77, nr_sectors = 1 limit=64
[  475.062976][T10642] Buffer I/O error on dev loop5, logical block 77, lost async page write
[  475.074848][T10642] syz.5.1134: attempt to access beyond end of device
[  475.074848][T10642] loop5: rw=2049, sector=78, nr_sectors = 760 limit=64
[  475.721296][T10047] usb 5-1: Using ep0 maxpacket: 16
[  475.741833][ T7722] hfs: walked past end of dir
[  475.785228][T10047] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  475.796604][T10047] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  475.806169][T10047] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.821192][T10047] usb 5-1: config 0 descriptor??
[  475.837412][T10047] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input33
[  476.121070][ T5143] bcm5974 5-1:0.0: could not read from device
[  476.156135][ T5143] bcm5974 5-1:0.0: could not read from device
[  476.192231][T10047] usb 5-1: USB disconnect, device number 17
[  476.233907][T10653] syzkaller0: entered promiscuous mode
[  476.239633][T10653] syzkaller0: entered allmulticast mode
[  476.813735][T10673] loop2: detected capacity change from 0 to 64
[  477.561428][T10687] syz.2.1147: attempt to access beyond end of device
[  477.561428][T10687] loop2: rw=2049, sector=65, nr_sectors = 1 limit=64
[  477.574924][T10687] Buffer I/O error on dev loop2, logical block 65, lost async page write
[  477.585058][T10687] Buffer I/O error on dev loop2, logical block 66, lost async page write
[  478.160684][ T5785] hfs: walked past end of dir
[  478.166895][T10693] syzkaller0: entered promiscuous mode
[  478.172705][T10693] syzkaller0: entered allmulticast mode
[  478.670576][ T5877] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  478.976415][ T5877] usb 6-1: Using ep0 maxpacket: 16
[  479.243162][ T5877] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  479.350566][ T5877] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  479.382882][ T5877] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.438884][ T5877] usb 6-1: config 0 descriptor??
[  479.454804][ T5877] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input34
[  479.474935][T10720] loop2: detected capacity change from 0 to 64
[  479.802237][ T5143] bcm5974 6-1:0.0: could not read from device
[  479.892223][ T5143] bcm5974 6-1:0.0: could not read from device
[  479.927310][ T5877] usb 6-1: USB disconnect, device number 17
[  479.929509][ T5788] bcm5974 6-1:0.0: could not read from device
[  479.941802][ T5143] bcm5974 6-1:0.0: could not read from device
[  480.311367][T10728] bio_check_eod: 8 callbacks suppressed
[  480.311417][T10728] syz.2.1165: attempt to access beyond end of device
[  480.311417][T10728] loop2: rw=2049, sector=65, nr_sectors = 1 limit=64
[  480.330613][T10728] buffer_io_error: 6 callbacks suppressed
[  480.330652][T10728] Buffer I/O error on dev loop2, logical block 65, lost async page write
[  480.345886][T10728] syz.2.1165: attempt to access beyond end of device
[  480.345886][T10728] loop2: rw=2049, sector=66, nr_sectors = 1 limit=64
[  480.359475][T10728] Buffer I/O error on dev loop2, logical block 66, lost async page write
[  480.368361][T10728] syz.2.1165: attempt to access beyond end of device
[  480.368361][T10728] loop2: rw=2049, sector=67, nr_sectors = 1 limit=64
[  480.382005][T10728] Buffer I/O error on dev loop2, logical block 67, lost async page write
[  480.390958][T10728] syz.2.1165: attempt to access beyond end of device
[  480.390958][T10728] loop2: rw=2049, sector=68, nr_sectors = 1 limit=64
[  480.404582][T10728] Buffer I/O error on dev loop2, logical block 68, lost async page write
[  480.415534][T10728] syz.2.1165: attempt to access beyond end of device
[  480.415534][T10728] loop2: rw=2049, sector=72, nr_sectors = 1 limit=64
[  480.429035][T10728] Buffer I/O error on dev loop2, logical block 72, lost async page write
[  480.438037][T10728] syz.2.1165: attempt to access beyond end of device
[  480.438037][T10728] loop2: rw=2049, sector=73, nr_sectors = 1 limit=64
[  480.452281][T10728] Buffer I/O error on dev loop2, logical block 73, lost async page write
[  480.461221][T10728] syz.2.1165: attempt to access beyond end of device
[  480.461221][T10728] loop2: rw=2049, sector=76, nr_sectors = 1 limit=64
[  480.474636][T10728] Buffer I/O error on dev loop2, logical block 76, lost async page write
[  480.483646][T10728] syz.2.1165: attempt to access beyond end of device
[  480.483646][T10728] loop2: rw=2049, sector=77, nr_sectors = 1 limit=64
[  480.497036][T10728] Buffer I/O error on dev loop2, logical block 77, lost async page write
[  480.514152][T10728] syz.2.1165: attempt to access beyond end of device
[  480.514152][T10728] loop2: rw=2049, sector=78, nr_sectors = 760 limit=64
[  480.854884][ T5785] hfs: walked past end of dir
[  481.168858][T10741] syzkaller0: entered promiscuous mode
[  481.175017][T10741] syzkaller0: entered allmulticast mode
[  481.675177][T10760] loop6: detected capacity change from 0 to 64
[  482.440182][T10769] syz.6.1177: attempt to access beyond end of device
[  482.440182][T10769] loop6: rw=2049, sector=65, nr_sectors = 1 limit=64
[  482.454280][T10769] Buffer I/O error on dev loop6, logical block 65, lost async page write
[  482.463483][T10769] Buffer I/O error on dev loop6, logical block 66, lost async page write
[  482.872052][T10047] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  483.023722][ T7795] hfs: walked past end of dir
[  483.111225][T10047] usb 6-1: Using ep0 maxpacket: 16
[  483.132787][T10047] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  483.160356][T10047] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  483.172981][T10047] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.216575][T10047] usb 6-1: config 0 descriptor??
[  483.236225][T10047] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input35
[  484.105094][ T5143] bcm5974 6-1:0.0: could not read from device
[  484.110645][T10047] usb 6-1: USB disconnect, device number 18
[  484.282256][T10788] binder: BINDER_SET_CONTEXT_MGR already set
[  484.294266][T10788] binder: 10787:10788 ioctl 4018620d 200000004a80 returned -16
[  484.861527][T10810] tmpfs: Unknown parameter 'quot'
[  485.180196][T10047] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  485.933768][T10821] loop6: detected capacity change from 0 to 1024
[  486.008159][T10047] usb 3-1: Using ep0 maxpacket: 16
[  486.019059][T10047] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  486.051648][T10047] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  486.077332][   T27] audit: type=1800 audit(1754503023.496:16): pid=10821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1199" name="file2" dev="loop6" ino=22 res=0 errno=0
[  486.100191][T10047] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.129807][T10047] usb 3-1: config 0 descriptor??
[  486.165433][T10047] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input36
[  486.208223][ T1126] hfsplus: b-tree write err: -5, ino 4
[  486.444260][ T5143] bcm5974 3-1:0.0: could not read from device
[  486.470616][ T5143] bcm5974 3-1:0.0: could not read from device
[  486.482125][T10047] usb 3-1: USB disconnect, device number 36
[  486.864995][T10844] tmpfs: Unknown parameter 'quot'
[  487.562284][T10853] netlink: 'syz.2.1210': attribute type 12 has an invalid length.
[  487.650881][T10853] netlink: 'syz.2.1210': attribute type 29 has an invalid length.
[  487.739754][T10853] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1210'.
[  487.835691][T10853] netlink: 39 bytes leftover after parsing attributes in process `syz.2.1210'.
[  488.472376][T10860] loop2: detected capacity change from 0 to 40427
[  488.544368][T10860] F2FS-fs (loop2): invalid crc value
[  488.562256][T10860] F2FS-fs (loop2): Found nat_bits in checkpoint
[  488.600604][T10860] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  488.947668][T10873] ------------[ cut here ]------------
[  488.953969][T10873] kernel BUG at fs/f2fs/segment.c:3481!
[  488.959630][T10873] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[  488.966037][T10873] CPU: 1 PID: 10873 Comm: syz.2.1214 Not tainted 6.6.101-syzkaller #0
[  488.974414][T10873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  488.984787][T10873] RIP: 0010:f2fs_allocate_data_block+0x3f0c/0x3f50
[  488.991355][T10873] Code: 21 fe 48 8b 54 24 30 e9 c6 eb ff ff e8 9d 67 ca fd 48 c7 c7 90 cc 2f 8d 4c 89 f6 e8 1e e7 95 00 e9 e2 eb ff ff e8 84 67 ca fd <0f> 0b e8 7d 67 ca fd 0f 0b e8 76 67 ca fd 0f 0b e8 6f 67 ca fd 0f
[  489.011025][T10873] RSP: 0018:ffffc9000c87f850 EFLAGS: 00010287
[  489.017419][T10873] RAX: ffffffff83bb2e0c RBX: 0000000000000201 RCX: 0000000000080000
[  489.025730][T10873] RDX: ffffc9000f414000 RSI: 000000000002f040 RDI: 000000000002f041
[  489.033919][T10873] RBP: 0000000000000200 R08: ffff88806c694c5f R09: 1ffff1100d8d298b
[  489.042021][T10873] R10: dffffc0000000000 R11: ffffed100d8d298c R12: 1ffff9200190ff7c
[  489.050079][T10873] R13: 0000000000000000 R14: 0000000000003401 R15: dffffc0000000000
[  489.058114][T10873] FS:  00007f6b07a2f6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  489.067118][T10873] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  489.074102][T10873] CR2: 00007f6b07a2ef98 CR3: 0000000060550000 CR4: 00000000003526e0
[  489.082123][T10873] Call Trace:
[  489.085442][T10873]  <TASK>
[  489.088513][T10873]  ? f2fs_mark_inode_dirty_sync+0x120/0x1f0
[  489.094564][T10873]  f2fs_map_blocks+0x1697/0x3c00
[  489.099746][T10873]  ? f2fs_get_block_locked+0xe0/0xe0
[  489.105161][T10873]  ? __up_read+0x280/0x670
[  489.109624][T10873]  ? up_read+0x20/0x20
[  489.113752][T10873]  ? f2fs_allocate_pinning_section+0x1af/0x590
[  489.120053][T10873]  f2fs_expand_inode_data+0x5c2/0x970
[  489.125572][T10873]  ? f2fs_insert_range+0x3d0/0x3d0
[  489.130818][T10873]  ? down_write+0x162/0x1f0
[  489.135456][T10873]  ? file_modified_flags+0x136/0x2b0
[  489.140789][T10873]  f2fs_fallocate+0x416/0x8a0
[  489.145504][T10873]  vfs_fallocate+0x58e/0x700
[  489.150145][T10873]  __x64_sys_fallocate+0xc1/0x110
[  489.155217][T10873]  do_syscall_64+0x55/0xb0
[  489.159765][T10873]  ? clear_bhb_loop+0x40/0x90
[  489.164475][T10873]  ? clear_bhb_loop+0x40/0x90
[  489.169423][T10873]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  489.175367][T10873] RIP: 0033:0x7f6b06b8ebe9
[  489.179814][T10873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  489.199567][T10873] RSP: 002b:00007f6b07a2f038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  489.208109][T10873] RAX: ffffffffffffffda RBX: 00007f6b06db6180 RCX: 00007f6b06b8ebe9
[  489.216262][T10873] RDX: 000000000000fc01 RSI: 0000000000000000 RDI: 000000000000000a
[  489.224387][T10873] RBP: 00007f6b06c11e19 R08: 0000000000000000 R09: 0000000000000000
[  489.232398][T10873] R10: 00000000001000f4 R11: 0000000000000246 R12: 0000000000000000
[  489.240404][T10873] R13: 00007f6b06db6218 R14: 00007f6b06db6180 R15: 00007ffd6814a238
[  489.248591][T10873]  </TASK>
[  489.251755][T10873] Modules linked in:
[  489.261288][T10873] ---[ end trace 0000000000000000 ]---
[  489.266961][T10873] RIP: 0010:f2fs_allocate_data_block+0x3f0c/0x3f50
[  489.274658][T10873] Code: 21 fe 48 8b 54 24 30 e9 c6 eb ff ff e8 9d 67 ca fd 48 c7 c7 90 cc 2f 8d 4c 89 f6 e8 1e e7 95 00 e9 e2 eb ff ff e8 84 67 ca fd <0f> 0b e8 7d 67 ca fd 0f 0b e8 76 67 ca fd 0f 0b e8 6f 67 ca fd 0f
[  489.295325][T10873] RSP: 0018:ffffc9000c87f850 EFLAGS: 00010287
[  489.302054][T10873] RAX: ffffffff83bb2e0c RBX: 0000000000000201 RCX: 0000000000080000
[  489.310766][T10873] RDX: ffffc9000f414000 RSI: 000000000002f040 RDI: 000000000002f041
[  489.318810][T10873] RBP: 0000000000000200 R08: ffff88806c694c5f R09: 1ffff1100d8d298b
[  489.327271][T10873] R10: dffffc0000000000 R11: ffffed100d8d298c R12: 1ffff9200190ff7c
[  489.335660][T10873] R13: 0000000000000000 R14: 0000000000003401 R15: dffffc0000000000
[  489.344169][T10873] FS:  00007f6b07a2f6c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  489.355610][T10873] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  489.362512][T10873] CR2: 00007f6b07a2ef98 CR3: 0000000060550000 CR4: 00000000003526e0
[  489.370904][T10873] Kernel panic - not syncing: Fatal exception
[  489.377654][T10873] Kernel Offset: disabled
[  489.382391][T10873] Rebooting in 86400 seconds..