last executing test programs:

6.787772031s ago: executing program 1 (id=340):
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000001bc0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000001701000003000000010000000000000018"], 0x30, 0x20000004}], 0x1, 0x40080)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)-generic\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000480)="b1", 0x1)
sendmmsg$alg(r1, &(0x7f0000001580), 0x49249249249256f, 0x40484)

6.427760557s ago: executing program 1 (id=342):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000f80)=ANY=[@ANYBLOB="05000000040000000900000044"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x18)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
pidfd_send_signal(r3, 0x2, 0x0, 0x0)

6.179851337s ago: executing program 1 (id=343):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000000000207d1e5a2d00000000000109022400010000000009040000010300000009210000000122080009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000740)={0x24, 0x0, 0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="002208000000a20100c3"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000000), 0x0, 0x880)
pread64(r1, &(0x7f0000000940)=""/30, 0x1e, 0x81)

5.260773606s ago: executing program 2 (id=347):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x437, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r2, 0x5120b, 0x101}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_LINK={0x8, 0x1, r2}, @IFLA_GRE_OKEY={0x8, 0x5, 0x3}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x48800}, 0x4000010)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)

4.970229309s ago: executing program 0 (id=349):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8108c4, &(0x7f0000000300)={[{@resv_level={'resv_level', 0x3d, 0x400}}, {@heartbeat_none}, {@inode64}, {@coherency_full}, {@err_ro}, {@localalloc={'localalloc', 0x3d, 0x1}}, {@intr}, {@localalloc}]}, 0x1, 0x442f, &(0x7f000000e480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZP3sIlNNGoI9KTSREppKbRYU21jvGwX2LbowjawNSb2gLcmnkw8GA+NJt44NfwD9ejRi8d6bqIHLyYmjZjdnQVm2A0rYUHq53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/uoXLo3XwzxHmna/6G965/2dOI62e9r75/s6vmL79w4E8J3sz8+XVtbWwtV3aGpoU2///br/ZnNx4Y4U6fabvPWdsv7IYSTW8ZV1RVCeC+EEIUQziVpo8mxN4RwLMm7cf+zm7ldGs2jJ8Wz+WdTD1aHT0+uPFxt/bdHIXxV+t+rt+d/fqFr+KeXd6l7AAAAAAAAAAAAAAAAAAAOuPFrV6+/PTgUHkeheyXa+r7ueHJs9X7s2q75vvN/LAAAAAAAAAAAAAAAAAAAAPxNbbz/n4tONHn/fyw5jrSov/Zm58dI50y8dXXswuBQsv97tCX/tSTpl3Ndob/Jvu/Z/d/PZeo33/99az871Rhfo9++EMUDqfM4HhgI4Ztk4/dT0ZG4VF6qvHKr3BVmd20YB1Y6/vXd+1PRSTb0bzf+o5n2O7///3+3XE3V85u7d4k919Lx72pZ7ttPo7bifz5Tby/iz86l499dS+vdXGCkPgFU4/959/bxH8u036n4Hw8h5KLqWHOpGaC6hqmmt1qvkJaO/6FaWmrqTD7IVvf/75n4X8i0v1/z/3L2i6jmk84O5QBKx/9ftbSeVImN+78/3v7+v5hpfz/iXx3/su//tqTjf7ie2J0qUvsk253/xzPtdyr+1+NknMej1BWwEtXTW/2/OtLS8e/Zkr/x/Be3tf67lKm/V89/jX4bz3+N6f+lqP78R3Pp+Pe2LNfu/T+Rqdfp+X+ktv5jp9LxP1JLS6+d+2o/243/ZKb9TsW/tirpacR/Yz7543A9/eum6z+y0vH/dz0x3lxiufaztv6Ltl//X860vx/rv+r4l+PO9vq8SMf/aMty1fj/0Mb3/5VMvc7HP4RBa/0dS8f/WMtytfu/Z/v4T2XqdTr+L3aycQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIADYDQ59oUoHkidx/HAQAjnk/NT4Ug0XZjNT5fKMx8uhTCWpOfCieh2qTxdKOXnFsqzxXyhVCrPhHAhyT8ZeqKlUrmSny/cvbjeVm90p1hYrEwXC5UQwniS/v9wrNHW9FxlvnA3hHBpPe8/cXnx7p3CQn52bvGNwcHBwTCxPob+qPhxpbhQqfdezw1hcr1uX7RpcLXsy+tjORp9UL63uFAo1dKvbKpTKs8USpvqTCV5X4T+qLJ4b2GmUCnmS+Xbjf7200hyHJu49u61K0Nb8m9G9ePo3g4LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgL/o8fDrX4YQuutncQhhpPFL1Kz8oyfFs/lnUw9Wh09PrjxcfdqqHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzJDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbpGKWBIAoD8JuxUDuPYbXsdrYrimjhiuAJ9BgeRo/iJbxDihRpU4RAMgthswvbJNX3NQ/mZ+Y9mAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADM8/TefbzVTUSKq81lxN/X/+Iwfyn15378/sUZZuR0nl+7h8e6Kf+ejvK7crRs8y5dr74/Y6T2fgd7Mtynvb7P9eRcU/s2NV/f9yZSriKiLfltyrmq5r0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGUHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AsAAAAACDM3zqKvg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXwEAAP//zQceng==")

4.741320198s ago: executing program 2 (id=351):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x2000494, &(0x7f0000000440)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c00484516000000000037c015c57600912233eefc80e89be5a1ef2c27ebf5171169dcfa4805d89c7e1f70d73d649ba4afab8b2194a9e8b537ad2ed68f8319883b84237da3bf9213365872b3f3"], 0x1, 0x2b9, &(0x7f0000000fc0)="$eJzs3E1rE3sUx/HTpm3SlDa5cLlwL1w96EY3QxtfgAZpQQwotSnqQpjaiYaMSZkJlYjYbMStr6O4dCeoL8BuxI17d0UQ3HQhjjiTaZM2rWmap7bfD5T5Z87/x5ymD5wEJpu3Xz4q5FwjZ5ZlOKYyLFKVLZHk71XNUO047K/HpF5VLk58//z/rTt3r6czmdl51bn0wqWUqk6dffv46atz78sTi6+n3kRlI3lv81vqy8Y/G/9u/lx4mHdHxdViqaymLpVKZXPJtnQ57xYM1Zu2ZbqW5ouu5TTUc3ZpZaWiZnF5Mr7iWK6rZrGiBaui5ZKWnYqaD8x8UQ3D0Mm4nG4jLezJrs/Pm+l9y16kox2h68abnXScdLV5Mbveg54AAMCAOXj+D2b9/ef/zGJwbGv+1/x+87/Ikef/D2O9fy6Pg2rDoz/M/6FE07OxjjWFrnKctBmv/f02Yv4HAAAAAAAAAAAAAAAAAAAAAOA42PK8hOd5ifAYfkVrN3iEj/vdJ7qjzZ//5T61iw6ru3EvJmK/WM2uZoNjUE/nJC+2WDItCfnh/z7UBOu5a5nZafUl5Z29VsuvrWYjEg3zoWSYH/JvQwvyZ/6aCfLamB+VeP31U5KQv5tfP9U0PyYXztflDUnIx/tSEluW/Wvv5J/NqF69kdmVH/f3AQAAAABwEhi6bc/rd7/ub4jJ3nqQP8T7A7teX4/If618RCUAAAAAADgyt/KkYNq25bSxiIrIEeIndRGRgWhj1+KKiAxAG71axEQkOKPtxL9ux1tKeS3sGRGRvj8th1j0+z8TAAAAgE7bGfoPEfr0vIsdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABw+rT6eWDh/j2lsHBAvO5ykZ5/gwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAA+RUAAP//ovscvw==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
chdir(&(0x7f0000000300)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x58)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./bus\x00', r0, &(0x7f00000004c0)='./file0\x00', 0x2)

4.089151286s ago: executing program 0 (id=353):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000100)={[{@nodiscard}, {@nocheckpoint_merge}, {@discard_unit_block}, {@six_active_logs}, {@flush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x1f}}, {@discard}, {@noacl}, {@fsync_mode_posix}, {@alloc_mode_def}, {@discard_unit_block}, {@two_active_logs}, {@fault_type={'fault_type', 0x3d, 0xfdffff}}]}, 0x1, 0x5517, &(0x7f0000005880)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eTuhEAiCKNj3qf7JRmzo0uDGIEIVCIcZRlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ile15f3jE9jT/LttPHreCT5d9VYumqsPWhsPRjzr8eNLwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4GTnXl7rqMIAgH9zX32oNEbJIuIDXOjGpre1tTtxoQQX/glCSG/b2FsfbRa2BDEbd5J1N6JLEUGJu/4PXbfQTd11kUUF18qZRzJJK14fnblNfj84c74ZhjnfmYGQb84kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQLL1zk7cTZuZIu6Ux24/WFtO/Z09fXJz4+58ainOmkz6yfBifSebay8RAAAADo5uVd9HxL3+5mLqOzN5/d+vzkk1/7fPFHFVz++t+6u+qv1T++Xn+89vDzRTjJMuen5lPDrxcCq9xzfL6Xbsb8/o5Xc+f/fSzR9I5/3157b6+f3Mvr51691BHh5qIlsA4N84XvVlUP0+lPphm4kBsJ/19u5UB6r6vzvTSl4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjdpaj6eqOIuI+d5OnNx5sLZc9IeX6/s3N+7OV+3MjRsb8eXONdMl+hFxfmU8OtHobKbb1WvXLy2Nx6MrzQcvR0Rbo79dTv/ShxOcHNHK/RH8T0GnfNjTks+TEbT4QwkAgH2pX7YsXroYsbmYjmWzEX98t7v+f60Wx676f+0v6//7F8/cro9Vr/+Hjc1w+i2sXv504eq162+sXF66MLow+vjNk8O3hqfOnj59diF/V7LgjQkAAAD/zaBsqa6/1y/q/87sw+v/R2txTFj/f/bN8Iv6WF31/yPtLPq1nQkAAMDB9uwrv/+WPeJ4NhjE50urq1eGxXZ7/2SxbSHVf+xQ2er1f3e27awAAACAJmytZ7vW/8/V4phw/f/p71/4MSKOVdfpRsSRcv3/+PIn43PNTmlqNfHnxG3PEQAAgHYdKVt9/b+ff//f2f7koRMRr79axOW/AZyo/u++99UP9bHq3/+fam6KU6kzV9yPvJ+L6M21nREAAAD72eGypWL/1/7m4kc/Hf1g4Pt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKb9GQAA//9wNz5R")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
mount$nfs(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x2000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8080c61)
truncate(&(0x7f0000000000)='./file1\x00', 0x100003)

4.072413327s ago: executing program 2 (id=354):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
openat$dir(0xffffffffffffff9c, 0x0, 0xea, 0x0)
prlimit64(0x0, 0x7, &(0x7f0000000000), 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f00000003c0)={<r2=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000240)={r2, 0x3, r0})

3.740419841s ago: executing program 1 (id=355):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f00000000c0)={0x16, 0x1, 0xff})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000019000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x79, &(0x7f00000001c0)=[@cr4={0x1, 0x108044}], 0x1)
ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000140)={0xb280000000000000, 0x3000, 0x0, 0x2, 0x2})

3.443131814s ago: executing program 1 (id=357):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f00000001c0)='./file1\x00', 0x4040, &(0x7f0000000580)=ANY=[], 0x4, 0xfc0, &(0x7f0000002240)="$eJzs3UFsHNUZAOA3613bwSZeA4UAJaTQikDBDglS01sQqJdKiEvvoJDQCENRQysRAXF6QFRCFAn1VHEAcaFUSpGKRFWpQj21PbVqT+0F9UKlKpWCemiR4q1iv7F3n3ey6/Hu7Nr+Punf5zdvdv5/djfOzOz6bQD2rNrq7UOTsfvoy09lH11dduf6GodWb7PYa4YQGm39LNnep3HBlcsvnezWZuHo6m3eD49dWr/vTAhhORwKn4Rm+GBx6fP3337k8IevTt/8xrlnXhnCrndI9wMAAHaji39c+tu9//zD/fNfXDx4IkytL8+Pz5uxPxOP+4/EA+X8eLkWOvtZW7SbTNabiFFL1ptI1qsneeoF+RrJdhoF6032yDfRtqzbfgIAAMBOlJ/XNkNWW+jo12oLC2vn/Vd9OjeZLTx3Zun02REVCgAAAJT2n/OrH7rdwTE9BjWINPblL7Ct3e+Db2/9PtuKWsX56lXky6/ijcHroLIo93oTQgghhBhcOB4ROyBacxVdaAAAAACI0vnCNlke7Exd61tr9pf/0sO17veHAUhef5unnRjw6//a+ac3r1Bp/i6Gn78x4vzX3P/3LviNAwBAebv1aDLfr/w4Op/HIJ1HcKLjXjMTWz3/qCXbqW+xzqJ5BXfKfINFdU5UXEdZRfVv9XkclaL60/kwx1VR/ek8neOqqP6piusoq6j+Lld+wjj+sy6qf1/FdZRVVP91FddRVlH9MxXXUVZR/bMV11FWUf3XV1xHWUX176+4jrKK6t8pH6stqr9ZcR1lFdU/v9aM/WFEUf03VFxHWUX131hxHWUV1X9TxXWMyh2xzR+HgwXrzXQ5+Bu7g0EAAACgq//t+Pn/dmVkPdepj7zGPR+r77GPMP/EGDwGw46ZwW/z6dkx2C8xTnFh7T/DzuXTXZaJbUVtDGoYVuzr9hoSQgghxjLOj+7SAwAAADAm8r8LyP/qvRXl4xObxv/+7tXbfLzePj69sYF8vNFj+5M9xqd6jAMAAAAh/Oa107e+mW3Md5f+Tf9W58PL543aFz5aCSXmMUrnI9xq/u3Oe7bd/N0nHNkps7EBAACwW2Xf+mTlvkffeWH+i4sHT7Sd/a7E8918HtB6vDbwceznnwuYTfpZfg59ojNPrWC99PrA9UXbe3ybOwoAAAB7WH7+3gxZbaHtvLsZarWFhY3z8QOhkZ0+s3TqSOzn38/y+7nG1NXlD1ZcNwAAANC/jfP97uf/+ff4HgiT2cJzZ5ZOn13rz64vb9TarwvMbSzP2q8LNJPlRwuWH4v9+P2d4btz+1aXL5z83tJTg955AAAA2CPOvnjumSeXlk59f+/8UA8hbGs7YRz2wg9+GOoPo/7NBAAADNpnn73V+MGx2d/Or7QOnmib/24l/nAo9ptxbr8/xeX55wTyvwPY9Pf6T3TmmSta7/nO9ZrJehMxppK6p9u2E1bnG+y833xRvmbndiYL8s0k+WaTfOk8BfVk/azLXIKhy0yA+XpzyfJ0HsZ6kiNL8t/VJRcAAADkFl949vnFsy+ee+DMs08+ferpU88dO3r8m8ePH3nwGw8urn6uf7H90/0AAADATrTxod9RVwIAAAAAAAAAAAAAAAAAAAB7VxVfJzbqfQQAAIC97t/nQwjLQhRE/gWDo65jp0c2BjUML1pTo69hd0fw7zCNCY+HECH89Y3R1zAGUfP7QIj+YrTnfdPVHsu0Wq3WGDzmYxitVvpN8wAAAADDdeXySyfb202Ws4HmW99ac61ZiXnzdvaBv8xfjXy1Sw93Xi+5bqDVsNdV/fqXf1zzT3Udf+/CYPOvXohvbvR7//6rdW7gxOptPfb29Zv3nsWfH1jPH0K4rd5n/o79vxDC4/1m7HQ4yX9P6C9/653k8X+io1frN/+9Sf7QZ/5L6fP/fFGGdMud7ov5D8T+4bv7zd+5i1NJtn5fAF9P9v+p0G/+ZP+bfSZM3B/zA8BetP6/eev8aAsZsPwoIT+enon9fH/zA9b00w9bPf6vJdupb7vyzu3mx0G3xP76Ud1yZ97cVuvPH5fZ2F5fss7UTvlUSVH9g3oeh62o/kbFdZRVVP9kxXWUVVR/97P3MisNV1H91z57HB9F9fd9IWLEiurfKdeVi+qfqbiOsorqn624jrKK6t/q/+OjUlT//orrKKuo/rmK6yirqP6Sl9UqV1T/fMV1lFVU/w0V11FWUf03VlxHWUX131RxHaNye2yLzofz88+5OJb3m0l/qstj2febIQAAAMBQ/Wss5/9ru3Iw8lqEEEJUHQ2//0WJmBiDGoTYyfHf1ppR1yEGEK250dcgxjJW50Vkz8p20GfFARic4c5mwbjz/O9tnv+9zfPPteTvxGdJPzfRY7zeY7zRY3wyGc+SO04VjUc3Jttt5dc1o5t6jH8p7kHR+P7k/j9Mxm/psf0DPcZv7TF+W4/x23uMAwAAsDfcHFvnhwAAALB7vfyLj1//1T1PXJ7/4uLBE2Fy07zzR2J/Kr63/lrsp/Pe5xrxPf8fxf67sf1dbP+RrO/zJwAAADB8+ffEeP8fAAAAdq/8e0qd/wMAAMDuNR9b5/8AAACwe90QW+f/AAAAsItl090Xxza/LnBXbPud1w8AGH9fju0dsT0Y2ztj+5XY5scBd8f2qxXVBwAMzs++8+Pjb2Yb8/0fS8avxOV5u8ny2pWCrNY5k/++2F4X26/1WU/6fQD95s/t7zPPsPLPbTM/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB71FZvH3roQBbCT3/91qM/mXz9z1eX3bm+xqHV2yz2miGExvr98tGN/i/jilcuv3SyvV2JbRaOhixk68vDY5fWM82EEJbDofBJaIYPFpc+f//tRw5/+Or0zW+ce+aVIT4EHfsHAAAAu9H/AwAA///f+hdH")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42002, 0x113)
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000240)="12", 0x1}], 0x1, 0xcfbc, 0x3, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r0, 0x0)
read$FUSE(r1, &(0x7f0000005240)={0x2020}, 0x2020)

3.001588852s ago: executing program 3 (id=358):
r0 = openat$binderfs(0xffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x1100})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000000200)=[@acquire, @enter_looper], 0x53, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x6c, 0x0, &(0x7f0000000240)=[@request_death, @clear_death, @reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000540)="ec77b3c70b80e11380298b97c39316bd537d241cf2cfdfc81cc4a3d9ce3b4ac7e8591123380f80ad227532b79119d0802a1bc1bbd76d0488e0be0800a96f709d5640d8fb31b5ce1e6a3e9a47f9e8e22e"})

2.955198064s ago: executing program 2 (id=359):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000180)=0x84000000)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x2001})
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}})

2.487770414s ago: executing program 3 (id=360):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{@delalloc}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0)
ftruncate(r0, 0x200c17a)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20)

2.417605897s ago: executing program 0 (id=361):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r1, 0x0, 0x8008000000010, &(0x7f00000003c0)="17000000020001000003d68c5ee17688a2003208030300ecff3f0000000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dff060115003901000000000000ea000000000000000002ffff02dfccebf6ba0008400200000000e90554062a80e605007f71174aa951f3c63e5c83f1ba2112ce68bf17a6e0", 0xb8)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x2, 0x13, 0x0, 0x0, 0x2}, 0x10}}, 0x0)

2.34989688s ago: executing program 1 (id=362):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/if_inet6\x00')
pread64(r0, &(0x7f0000000080)=""/102356, 0x18fd4, 0xc2a)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000019280), 0x42, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r1, @ANYRES16=r2], 0x0)

1.855796681s ago: executing program 2 (id=363):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0xf, 0x204031, 0xffffffffffffffff, 0xec776000)
semctl$IPC_INFO(0x0, 0x3, 0x3, &(0x7f0000000180)=""/181)

1.831228762s ago: executing program 3 (id=364):
setresgid(0xee00, 0xee01, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r1 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r1, &(0x7f0000000280)='maps\x00')

1.63326515s ago: executing program 0 (id=365):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000005c0)='mm_migrate_pages\x00', r1, 0x0, 0x7ffc}, 0xf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000005c0)='mm_migrate_pages\x00', r0, 0x0, 0x7ffc}, 0xf)
mbind(&(0x7f0000126000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x2)

1.4157175s ago: executing program 3 (id=366):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}}, &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = syz_open_dev$cec(&(0x7f0000000340), 0x0, 0x0)
ioctl$CEC_DQEVENT(r1, 0xc0506107, 0x0)
ioctl$CEC_DQEVENT(r1, 0xc0506107, &(0x7f0000000080))
ioctl$IOC_PR_PREEMPT(r1, 0x40046109, &(0x7f0000000040)={0xd0})

1.144223071s ago: executing program 3 (id=367):
syz_mount_image$nilfs2(&(0x7f00000005c0), &(0x7f0000000340)='./bus\x00', 0x8, &(0x7f00000002c0)=ANY=[], 0x1, 0xad4, &(0x7f0000001540)="$eJzs3U2MW0cBAOCxd73JtilxSkKXNLQJhbb8dNPsLuEngqRKhETUVIhLpQgOUZqWiBAkigRUlUhy4karKkic+BGnXqqCkOgFRT1xqUQjVUg9FQ4ciIKIxAECidHuznjtid1n74+fvf4+aTx+b97zzDw/P7/fmQCMrerS68LCTCWEy2+8cuzvD/9tenHM4eYU9aXXyZahWgihEocns897b2I5vnXjxdOd4kqYW3pNw+Gp68157w4hXAh7w5VQD7svX335rbknT1w8fmnf268eurYxtQcAgPHy1SuHFnb95U/377j52gNHwpY0evHN0v55PY7YFvf7j8Qd/7T/Xw3tw5WW0Goqm24yhup0+3QTHaZrzaeWTTfZJf+pLP9al+m2hPfPf6JlXKd6wyhL63E9VKqzbcPV6uzs8jF5WDqun6rMnj977tnnSyoosO7+9WAIYW9LOHqpfXi14Rtxy7Een9UaDm/AZ64x1HqsZ2MIyjqS4cjg8rrZWFZ6nQcUGttL3gABRPn1wjtcyM8srE3z0yZ7y//6E9XO88M6GPT631f+UyXnH+T/64u2OKyfzbo2pXql39G2OJxfR8jvX+r++8uvdLSPza9H1HosZ7frCKNyfaFbOScGXI7V6lb+fL3YrL4Y47QcvpSlt/5+8u90VL5joLN/5+f/BUEY7hDahmtr+axGydsfYHjl98010vXRKL+vL0/fUpC+tSB9uiD9roL0uwvSYZz99ns/CS9VVo7z82P6fs+Hp/Ns98T4A32WJz8f2W/++X2//Vpr/vn9xDDMfn/q6TOfe+bk1eX7/yvN9f92XN/T4UY9/rauxAnS+cL8vHrz3v96ez7VLtPdm5Xnng7TL73f2T5dZefK54SW7cwd5Zhpn297t+n2tE9Xz6abjmFrVt58/+SubL60/5G2q2l5TWb1rWX1mMrKkbYrO2KclwNWI62P3e7/T+vnTKhVnj177szjcTitp3+cqG1ZHH9gwOUG1q7X539mQvvzP9ua42vV1u3C9pXxleXtwuvx89rHzzXzaR8/H4fT/9w3J6aXxs+e/s65Z9a/+jDWnv/hC986de7cme+W/mZ+OoQhKMYq3nx5OIrRz5t02DIs5Vn1m8WKDEExNuGbkjdMwIbb/6PlnYDHzn771HNnnjtzfv7gwfm5uYOfn1/Yv7Rfv791777VhRJKC6ynlT/9sksCAAAAAAAAAAAA9Or7x49dfefNz767/Pz/yvN/6fn/dOdvev7/x9nz//lz8uk5+PQc4I4O6UvTZA2sTmXT1WL4YFbenVk+u7L5PhTjZj9+8fn/lF3ermsqz33Z+FqXwaw5gTvaS5nK2iDJ+wv8aIwvxfhXAUpUme48OsZF7VundT21T9HSLkVD+8CjI31vaW1I7Zik5787tuvU8mXvGEAZWX+DeJyw7DoCnf1jrNr//udKxUsvi9A9TA42v5+N7zrR6LqX3msPNgDro+z+P9N5zxSf/8NXti6GNNn1J9q3l3n7pdCPP7/TPjzs/U9udP55v32Dzr/s+g+6/89m/3c9b/+yHvPqq8v3Pz+/9m5LtmF3r/nn9U/tQO/sL/+bMf9Um0dCb/k3fpnln18Q6tF/s/zv6jH/O+q/Z3X5/y/mnxbbow/1mn91+ZpZtb0c+XnjdP0vP2+c3Mrqn9r2fJ/8v/ZCp/qvsqPG2zF/GGej0s9sv7L9iOZO++r7/40urG//v83CZpu1/D6Mz8QxaUOc7nPI+zvpt/zp/or0P7Ar+/xKwf+b/n9H2xdiXPR7SP3/3r6xfDmvHv/y0/pZj8syDdc6LNvNuq2BUfXeWF3/W4dwcsPz2Fp6HYc+HBmCMjRDY2IV8zX7iSu5/I1GY2NPaBUoNXNKX/5lHyeUnX/Zy79I3v9vvg+f9/+bp+f9/+bpef+/efp0/Ia6pef9/+bLM+//N0+/L/vcvH/gmYL0Dxek7+6c3jxsv79g/j0F6R8pSN/XTD/cNkVKf6Bg/gcL0u9tT9+Spz9UMP/HCtI/XpD+cEH6oy3prX1Ap/RPFMy/2aXnUca1/jDO8ufz/P5hfKTrP91+/zsL0oHR9dPXDhw9+Zuv15ef/59qng9J1/GOxOFaPH76QRzOr3uHluHFtDfj8F+z9GE/3wHjJG8/I/9/f6QgHRhd6T4vv28YQ5WtnUfHuKjdqm77+YyWT8b4UzH+dIwfi/FsjPfH+ECM5wZUPjbG0dd/d+ilysrx/vYsvdf7yfPngdraiQohzPdYnvz8QL/3s+ft+PVrrfmv8nEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0lSXXhcWZiohXH7jlWNPnzi7f3HM4eYU9aXXyZahWnO+EB6P8USMfxHf3Lrx4unW+HaMK2EuVEKlOT48db2Z090hhAthb7gS6mH35asvvzX35ImLxy/te/vVQ9c2bgkAAADA5vf/AAAA//9LWAnF")
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x400, 0x0, 0x0, 0x0, &(0x7f0000000000))
renameat2(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x2)
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
truncate(&(0x7f0000000080)='./file2\x00', 0x1ffd)

551.899427ms ago: executing program 2 (id=368):
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='.\x02\x00', 0x8488, &(0x7f0000000780), 0xfe, 0x10fd, &(0x7f0000001140)="$eJzs2T9rFEEYBvBnds8/3cqmXwQtLCQknF8ghcK1ttqIpDJVrlL8OH4cTWUf0msRsF9Zb/dO5UTwTm1+PzjmvYd9Z2fKmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZsmnkhxUSTtlVZKSdN3F4ipJN+V33tdVSp6eLpaPz+dPlknqb4+XZ0kZuoa2tMf3brfzdt4et48OTu5/WL5+8+rF2dnp+ThNSZfL6/1vpYzrAQAAAH7U76z5z+8HAAAAfmdvFwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6hvNnU7FVWSknTdxeIqSbel78Y/Wh8AAACwu5Iqz5tt+eoaYONhPjZlnQ/jlzLUR3m3pR8AAAD4pf7WWHz/fb3c3JzHH2S2PpcP2d3Mcni4+j8O+XyS1EmOfpr88vrty+lX+vpv7wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAPYKAAD///F61s8=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
r1 = fanotify_init(0xf00, 0x1000)
fanotify_mark(r1, 0x105, 0x5000003a, r0, 0x0)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x93)

498.427199ms ago: executing program 0 (id=369):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffb, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000200)='\x00\x00\x00\x00\x00\x00', 0x0, 0x0, 0x0, 0xffffffff, 0x0})
write$tun(r1, &(0x7f0000000400)=ANY=[], 0xa2)
readv(r1, &(0x7f0000000800)=[{&(0x7f00000015c0)=""/4096, 0x1000}], 0x1)

318.685756ms ago: executing program 0 (id=370):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x20, [0x6, 0x8, 0xfffffff1, 0x9, 0x7f, 0x3, 0x2, 0x80007f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0x7fffffff, 0x40000000, 0xffff2d37, 0x1dd2, 0x3, 0x7, 0x2, 0xffff, 0x7, 0x9, 0xffff, 0x3c5b, 0x1, 0x24, 0x3, 0xfffffffe, 0x3ff, 0x402, 0x24, 0x3, 0x3, 0x10043, 0x8, 0x4c74, 0xf, 0x8001, 0x40000004, 0x4000a, 0x9, 0x80071, 0x5, 0xfffff000, 0x104, 0x0, 0x5, 0x803c, 0x4, 0x1, 0x3, 0x3, 0x5, 0x4, 0x8, 0x0, 0x80, 0x4, 0x5, 0xa, 0x8, 0x7, 0x1, 0xfffffffe], [0x10000004, 0xfffd, 0xfff, 0x8000, 0xc, 0xfffffff5, 0x129432e6, 0x3, 0x800006, 0x0, 0x2bf, 0x8, 0x9, 0xffff7ffe, 0x3, 0x4002, 0x101, 0x5, 0x2f, 0xe, 0xfff, 0x78, 0x10000ea3, 0xa, 0xe, 0x0, 0x8, 0xfffffff8, 0x400, 0x101, 0x3, 0xfffffffd, 0xff, 0x1005, 0x7ff, 0x5f31, 0xc, 0x5ffffff, 0x6, 0x2, 0xc, 0x4, 0x9, 0x8, 0x9, 0x6, 0x5, 0x4, 0x1, 0x0, 0x6, 0x0, 0x7f, 0xb, 0xfff, 0x1000, 0x4, 0x143, 0x7, 0xb, 0x9, 0x48c93690, 0x2, 0x3], [0xfffffff9, 0x4, 0xffffffff, 0x64e, 0xfffffdfe, 0x5, 0x8d2, 0x9, 0x5, 0xfffffff7, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x2, 0x10000009, 0x3ea, 0xb, 0x5, 0x6, 0x2, 0x14, 0x87, 0x0, 0x5, 0x3ae2, 0x3b, 0xda6, 0x5, 0x80, 0x7, 0xfffffffe, 0x202, 0x0, 0xa2, 0x7, 0x53cf697b, 0x3, 0x3, 0x1, 0x7, 0x200, 0x0, 0x400002, 0x8, 0x4, 0x5, 0xf23, 0x0, 0x6, 0x8, 0x9, 0x3, 0x6, 0xd, 0x4, 0x3], [0x9, 0x7e06, 0x3, 0xb, 0x5, 0x938, 0x8, 0x3, 0xfffffffc, 0x5, 0xce7, 0x1ff, 0x6, 0x5, 0x5, 0x0, 0x101, 0x10003, 0x2006, 0x7fff, 0x8ffff, 0x6, 0x100002, 0x2, 0x1, 0x2, 0x14c, 0x5, 0x6, 0x6, 0x400007, 0xffffffa1, 0x5, 0xffffff63, 0x8, 0x4, 0x50fd, 0x10001, 0x3, 0x9, 0x100, 0x9, 0xa, 0x2, 0x80000007, 0x7, 0x1, 0x10000, 0xfffffffe, 0x8, 0x6, 0xa23, 0x8, 0x9, 0x1, 0x6c1b, 0x2d513b50, 0x4, 0x5, 0x4b1c, 0x1, 0xa, 0xffff7441, 0xfff]}, 0x45c)
ppoll(&(0x7f0000000080)=[{r0, 0x400}], 0x1, 0x0, 0x0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x918)

0s ago: executing program 3 (id=371):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x14b440, 0x0)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x3, 0x400, 0x0, 0x2111}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000240)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x40, 0x4007, @fd=r0, 0x0, 0x0, 0x0, 0x0, 0x1, {0xfffc}})
io_uring_enter(r1, 0x47ba, 0x0, 0x3, 0x0, 0x0)
ioctl$SNDCTL_SEQ_RESET(r0, 0x5100)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.85' (ED25519) to the list of known hosts.
[   72.358692][ T5777] cgroup: Unknown subsys name 'net'
[   72.523701][ T5777] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   74.222469][ T5777] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   76.390946][ T5798] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   76.422877][ T5801] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   76.434495][ T5803] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   76.442252][ T5798] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   76.451047][ T5802] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   76.451174][ T5798] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   76.459258][ T5801] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   76.467224][ T5798] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   76.473481][ T5802] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   76.486432][ T5798] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   76.488826][ T5802] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   76.494244][ T5798] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   76.502279][ T5802] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   76.507923][ T5803] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   76.516154][ T5802] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   76.522908][ T5798] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   76.529553][ T5802] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   76.537512][ T5803] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   76.550437][ T5798] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   76.558181][ T5803] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   76.566404][ T5803] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   76.566597][   T52] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   76.574241][ T5803] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   76.582235][   T52] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   77.007323][ T5787] chnl_net:caif_netlink_parms(): no params data found
[   77.127101][ T5788] chnl_net:caif_netlink_parms(): no params data found
[   77.242082][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.250337][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.258275][ T5787] bridge_slave_0: entered allmulticast mode
[   77.265801][ T5787] bridge_slave_0: entered promiscuous mode
[   77.300038][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.307511][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.314667][ T5787] bridge_slave_1: entered allmulticast mode
[   77.323382][ T5787] bridge_slave_1: entered promiscuous mode
[   77.345867][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.353223][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.360484][ T5788] bridge_slave_0: entered allmulticast mode
[   77.367668][ T5788] bridge_slave_0: entered promiscuous mode
[   77.390033][ T5790] chnl_net:caif_netlink_parms(): no params data found
[   77.400925][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state
[   77.408581][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state
[   77.415751][ T5788] bridge_slave_1: entered allmulticast mode
[   77.422716][ T5788] bridge_slave_1: entered promiscuous mode
[   77.429454][ T5786] chnl_net:caif_netlink_parms(): no params data found
[   77.470973][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.489531][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.512273][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   77.563397][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   77.637323][ T5787] team0: Port device team_slave_0 added
[   77.653204][ T5788] team0: Port device team_slave_0 added
[   77.667791][ T5788] team0: Port device team_slave_1 added
[   77.676114][ T5787] team0: Port device team_slave_1 added
[   77.770213][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.777325][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.804986][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.831526][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0
[   77.838659][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.864713][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   77.876155][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.883449][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.891341][ T5786] bridge_slave_0: entered allmulticast mode
[   77.899022][ T5786] bridge_slave_0: entered promiscuous mode
[   77.906357][ T5790] bridge0: port 1(bridge_slave_0) entered blocking state
[   77.913494][ T5790] bridge0: port 1(bridge_slave_0) entered disabled state
[   77.921010][ T5790] bridge_slave_0: entered allmulticast mode
[   77.927918][ T5790] bridge_slave_0: entered promiscuous mode
[   77.935744][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.942953][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   77.969920][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   77.981803][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1
[   77.988840][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.015446][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.033515][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.041314][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.049039][ T5786] bridge_slave_1: entered allmulticast mode
[   78.055887][ T5786] bridge_slave_1: entered promiscuous mode
[   78.063337][ T5790] bridge0: port 2(bridge_slave_1) entered blocking state
[   78.070831][ T5790] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.078286][ T5790] bridge_slave_1: entered allmulticast mode
[   78.085202][ T5790] bridge_slave_1: entered promiscuous mode
[   78.166827][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.192835][ T5790] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   78.217284][ T5787] hsr_slave_0: entered promiscuous mode
[   78.223705][ T5787] hsr_slave_1: entered promiscuous mode
[   78.245099][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.269997][ T5790] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   78.313500][ T5786] team0: Port device team_slave_0 added
[   78.335124][ T5788] hsr_slave_0: entered promiscuous mode
[   78.341690][ T5788] hsr_slave_1: entered promiscuous mode
[   78.348412][ T5788] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.356827][ T5788] Cannot create hsr debugfs directory
[   78.375463][ T5786] team0: Port device team_slave_1 added
[   78.438359][ T5790] team0: Port device team_slave_0 added
[   78.450570][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.457966][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.484143][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.501057][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.508266][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.534639][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.548039][ T5790] team0: Port device team_slave_1 added
[   78.588676][   T52] Bluetooth: hci3: command tx timeout
[   78.637982][ T5786] hsr_slave_0: entered promiscuous mode
[   78.644355][ T5786] hsr_slave_1: entered promiscuous mode
[   78.651574][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.659662][ T5786] Cannot create hsr debugfs directory
[   78.666662][   T52] Bluetooth: hci2: command tx timeout
[   78.667138][ T5803] Bluetooth: hci1: command tx timeout
[   78.672256][   T52] Bluetooth: hci0: command tx timeout
[   78.710188][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_0
[   78.717480][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.743495][ T5790] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   78.761593][ T5790] batman_adv: batadv0: Adding interface: batadv_slave_1
[   78.768718][ T5790] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   78.795569][ T5790] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   78.955850][ T5790] hsr_slave_0: entered promiscuous mode
[   78.962928][ T5790] hsr_slave_1: entered promiscuous mode
[   78.969342][ T5790] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   78.979019][ T5790] Cannot create hsr debugfs directory
[   79.115473][ T5787] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   79.145888][ T5787] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   79.162695][ T5787] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   79.188964][ T5787] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   79.283571][ T5788] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   79.294097][ T5788] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   79.327328][ T5788] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   79.338257][ T5788] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   79.419232][ T5786] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   79.430342][ T5786] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   79.442072][ T5786] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   79.465772][ T5786] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   79.538725][ T5790] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   79.551992][ T5790] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   79.562818][ T5790] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   79.574147][ T5790] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   79.754948][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.793471][ T5790] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.807305][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.820692][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0
[   79.864023][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[   79.874168][ T5787] 8021q: adding VLAN 0 to HW filter on device team0
[   79.888048][ T5788] 8021q: adding VLAN 0 to HW filter on device team0
[   79.909761][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.917157][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.932171][   T42] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.939336][   T42] bridge0: port 1(bridge_slave_0) entered forwarding state
[   79.951874][ T5790] 8021q: adding VLAN 0 to HW filter on device team0
[   79.965302][ T1134] bridge0: port 1(bridge_slave_0) entered blocking state
[   79.972488][ T1134] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.000359][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.007523][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.019556][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.026795][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.036742][ T1134] bridge0: port 1(bridge_slave_0) entered blocking state
[   80.043863][ T1134] bridge0: port 1(bridge_slave_0) entered forwarding state
[   80.053158][ T1134] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.060408][ T1134] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.134604][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[   80.142030][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[   80.667746][   T52] Bluetooth: hci3: command tx timeout
[   80.746835][   T52] Bluetooth: hci1: command tx timeout
[   80.747262][ T5803] Bluetooth: hci2: command tx timeout
[   80.756092][   T52] Bluetooth: hci0: command tx timeout
[   80.773210][ T5790] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.805287][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.858356][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.904104][ T5786] veth0_vlan: entered promiscuous mode
[   80.920536][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0
[   80.945321][ T5786] veth1_vlan: entered promiscuous mode
[   81.011125][ T5787] veth0_vlan: entered promiscuous mode
[   81.042031][ T5790] veth0_vlan: entered promiscuous mode
[   81.054591][ T5787] veth1_vlan: entered promiscuous mode
[   81.099365][ T5786] veth0_macvtap: entered promiscuous mode
[   81.111178][ T5790] veth1_vlan: entered promiscuous mode
[   81.143703][ T5786] veth1_macvtap: entered promiscuous mode
[   81.157241][ T5788] veth0_vlan: entered promiscuous mode
[   81.201035][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.214033][ T5788] veth1_vlan: entered promiscuous mode
[   81.234318][ T5790] veth0_macvtap: entered promiscuous mode
[   81.254270][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.279519][ T5790] veth1_macvtap: entered promiscuous mode
[   81.300135][ T5786] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.310572][ T5786] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.319462][ T5786] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.330155][ T5786] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.341507][ T5787] veth0_macvtap: entered promiscuous mode
[   81.362322][ T5787] veth1_macvtap: entered promiscuous mode
[   81.389820][ T5788] veth0_macvtap: entered promiscuous mode
[   81.404974][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.416410][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.429202][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.452581][ T5788] veth1_macvtap: entered promiscuous mode
[   81.471247][ T5790] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.482572][ T5790] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.495068][ T5790] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.510331][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.520958][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.531110][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.542229][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.553623][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.567214][ T5790] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.577399][ T5790] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.586521][ T5790] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.595253][ T5790] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.632018][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.650120][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.660266][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.671117][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.683048][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1
[   81.719321][ T5787] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   81.729318][ T5787] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   81.740731][ T5787] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   81.749936][ T5787] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   81.762891][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.774162][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.784260][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.795651][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.805628][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   81.816287][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.828135][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0
[   81.845764][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   81.854784][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   81.892674][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.905143][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.921434][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.932781][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.943733][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   81.954678][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   81.982427][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1
[   82.025846][ T5788] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   82.050182][ T5788] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   82.065575][ T5788] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   82.075648][ T5788] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   82.185816][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.198878][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.339295][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.356379][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.424629][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.435909][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.524714][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.555338][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.669257][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.686091][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.715031][ T5882] syzkaller0: tun_chr_ioctl cmd 1074025676
[   82.737612][ T5882] syzkaller0: owner set to 803
[   82.746486][   T52] Bluetooth: hci3: command tx timeout
[   82.782181][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.798602][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   82.826141][ T5803] Bluetooth: hci1: command tx timeout
[   82.832040][   T52] Bluetooth: hci0: command tx timeout
[   82.846603][ T5803] Bluetooth: hci2: command tx timeout
[   82.852476][ T2882] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   82.899978][ T2882] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   83.280869][ T5891] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   83.315605][ T5892] syz.3.6[5892]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   83.682933][ T5900] Context (ID=0x0) not attached to queue pair (handle=0x4d9:0x0)
[   84.002106][ T5907] netlink: 56 bytes leftover after parsing attributes in process `syz.3.12'.
[   84.039802][ T5907] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12'.
[   84.600706][ T5931] loop3: detected capacity change from 0 to 1024
[   84.630516][ T5931] EXT4-fs: Ignoring removed nomblk_io_submit option
[   84.741258][ T5931] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.827991][ T5803] Bluetooth: hci3: command tx timeout
[   84.891556][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.908507][ T5803] Bluetooth: hci2: command tx timeout
[   84.910993][   T52] Bluetooth: hci0: command tx timeout
[   84.914455][ T5796] Bluetooth: hci1: command tx timeout
[   84.956203][  T789] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   85.132403][ T5946] loop6: detected capacity change from 0 to 7
[   85.145249][ T5789] Dev loop6: unable to read RDB block 7
[   85.146744][  T789] usb 1-1: Using ep0 maxpacket: 16
[   85.152862][ T5789]  loop6: unable to read partition table
[   85.162671][ T5789] loop6: partition table beyond EOD, truncated
[   85.171207][  T789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   85.184213][ T5946] Dev loop6: unable to read RDB block 7
[   85.194098][ T5946]  loop6: unable to read partition table
[   85.197128][  T789] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   85.206679][ T5946] loop6: partition table beyond EOD, truncated
[   85.217943][ T5946] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[   85.241933][  T789] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[   85.255674][  T789] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[   85.265263][  T789] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.285808][  T789] usb 1-1: config 0 descriptor??
[   85.346528][ T5792] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[   85.566359][ T5792] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[   85.596156][ T5792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.604307][ T5792] usb 2-1: Product: syz
[   85.617359][ T5792] usb 2-1: Manufacturer: syz
[   85.622194][ T5792] usb 2-1: SerialNumber: syz
[   85.638053][ T5792] usb 2-1: config 0 descriptor??
[   85.735151][  T789] shield 0003:0955:7214.0001: unknown main item tag 0x0
[   85.750776][  T789] shield 0003:0955:7214.0001: unknown main item tag 0x0
[   85.760171][  T789] shield 0003:0955:7214.0001: unknown main item tag 0x0
[   85.769947][  T789] shield 0003:0955:7214.0001: unknown main item tag 0x0
[   85.786750][  T789] shield 0003:0955:7214.0001: unknown main item tag 0x0
[   85.815086][  T789] input: HID 0955:7214 Haptics as /devices/virtual/input/input5
[   85.893310][ T5792] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[   85.925700][  T789] shield 0003:0955:7214.0001: Registered Thunderstrike controller
[   85.932267][ T5933] netlink: 'syz.0.23': attribute type 2 has an invalid length.
[   85.947810][  T789] shield 0003:0955:7214.0001: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0
[   85.972472][ T5933] netlink: 244 bytes leftover after parsing attributes in process `syz.0.23'.
[   86.002989][ T5960] netlink: 12 bytes leftover after parsing attributes in process `syz.2.34'.
[   86.044339][ T5843] shield 0003:0955:7214.0001: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[   86.065335][  T789] usb 1-1: USB disconnect, device number 2
[   86.072886][ T5843] shield 0003:0955:7214.0001: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   86.105639][ T5843] shield 0003:0955:7214.0001: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   86.148730][ T5843] shield 0003:0955:7214.0001: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[   86.276180][ T5836] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   86.472818][ T5836] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   86.484180][ T5836] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   86.510711][ T5836] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   86.523682][ T5836] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.532476][ T5836] usb 4-1: Product: syz
[   86.540515][ T5836] usb 4-1: Manufacturer: syz
[   86.545167][ T5836] usb 4-1: SerialNumber: syz
[   86.884081][ T5970] loop0: detected capacity change from 0 to 2048
[   86.904406][ T5970] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   86.925107][ T5792] dvb_usb_rtl28xxu: probe of 2-1:0.0 failed with error -71
[   86.966517][ T5792] usb 2-1: USB disconnect, device number 2
[   87.025220][ T2197] cfg80211: failed to load regulatory.db
[   87.363563][ T5977] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[   87.595025][ T5836] cdc_ncm 4-1:1.0: SET_NTB_FORMAT failed
[   87.641007][ T5836] cdc_ncm 4-1:1.0: bind() failure
[   87.660635][ T5986] syz.2.43 uses obsolete (PF_INET,SOCK_PACKET)
[   87.664475][ T5836] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[   87.689124][ T5836] cdc_ncm 4-1:1.1: bind() failure
[   87.736175][ T5836] usb 4-1: USB disconnect, device number 2
[   87.984626][ T5993] netlink: 'syz.2.46': attribute type 3 has an invalid length.
[   88.010038][ T5993] netlink: 'syz.2.46': attribute type 3 has an invalid length.
[   88.052914][ T5993] netlink: 'syz.2.46': attribute type 3 has an invalid length.
[   88.070817][ T5993] netlink: 'syz.2.46': attribute type 3 has an invalid length.
[   88.087818][ T5993] netlink: 'syz.2.46': attribute type 3 has an invalid length.
[   88.112530][ T5993] netlink: 'syz.2.46': attribute type 3 has an invalid length.
[   88.122272][ T5993] netlink: 'syz.2.46': attribute type 3 has an invalid length.
[   88.136803][ T5993] netlink: 'syz.2.46': attribute type 3 has an invalid length.
[   88.158929][ T5993] netlink: 'syz.2.46': attribute type 3 has an invalid length.
[   88.193057][ T5995] warning: `syz.1.47' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   89.438301][ T6009] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   89.540426][ T6000] loop2: detected capacity change from 0 to 32768
[   89.685339][ T6003] loop3: detected capacity change from 0 to 32768
[   89.703332][ T6000] ERROR: (device loop2): diAllocAG: ipimap->i_size is wrong
[   89.703332][ T6000] 
[   89.743196][ T6003] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop3 scanned by syz.3.51 (6003)
[   89.764012][ T6000] ERROR: (device loop2): remounting filesystem as read-only
[   89.804826][ T6000] ialloc: diAlloc returned -5!
[   89.858567][ T6003] BTRFS info (device loop3): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[   89.900312][ T6003] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[   89.953625][ T6003] BTRFS info (device loop3): enabling auto defrag
[   89.972772][ T6003] BTRFS info (device loop3): force clearing of disk cache
[   89.994496][ T6003] BTRFS info (device loop3): enabling disk space caching
[   90.014852][ T6003] BTRFS info (device loop3): max_inline at 0
[   90.031905][ T6003] BTRFS info (device loop3): disk space caching is enabled
[   90.091276][ T6019] input: syz0 as /devices/virtual/input/input6
[   90.241872][ T6003] BTRFS info (device loop3): enabling ssd optimizations
[   90.257163][ T6003] BTRFS info (device loop3): auto enabling async discard
[   90.303609][ T6003] BTRFS info (device loop3): rebuilding free space tree
[   90.453877][ T6003] BTRFS info (device loop3): disabling free space tree
[   90.491843][ T6003] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   90.527414][ T6003] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   90.578665][ T6043] process 'syz.1.60' launched './file1' with NULL argv: empty string added
[   91.291547][ T5790] BTRFS info (device loop3): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[   92.058890][ T6075] netlink: 80 bytes leftover after parsing attributes in process `syz.1.72'.
[   92.077796][ T6075] netlink: 80 bytes leftover after parsing attributes in process `syz.1.72'.
[   92.879332][ T6085] loop2: detected capacity change from 0 to 32768
[   92.896755][ T6085] =======================================================
[   92.896755][ T6085] WARNING: The mand mount option has been deprecated and
[   92.896755][ T6085]          and is ignored by this kernel. Remove the mand
[   92.896755][ T6085]          option from the mount to silence this warning.
[   92.896755][ T6085] =======================================================
[   93.547812][ T6108] loop0: detected capacity change from 0 to 512
[   93.575455][ T6108] EXT4-fs error (device loop0): ext4_orphan_get:1399: inode #15: comm syz.0.87: inode has both inline data and extents flags
[   93.622285][ T6108] EXT4-fs error (device loop0): ext4_orphan_get:1404: comm syz.0.87: couldn't read orphan inode 15 (err -117)
[   93.644777][ T6108] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.708725][ T6108] EXT4-fs warning (device loop0): ext4_block_to_path:107: block 1718579813 > max in inode 18
[   93.835020][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.005134][ T6117] validate_nla: 45 callbacks suppressed
[   94.005152][ T6117] netlink: 'syz.3.90': attribute type 1 has an invalid length.
[   94.312654][ T6123] bridge0: port 3(vlan2) entered blocking state
[   94.325476][ T6123] bridge0: port 3(vlan2) entered disabled state
[   94.333612][ T6123] vlan2: entered allmulticast mode
[   94.339514][ T6123] bridge0: entered allmulticast mode
[   94.353089][ T6127] Bluetooth: MGMT ver 1.22
[   94.362330][ T6123] vlan2: left allmulticast mode
[   94.376740][ T6123] bridge0: left allmulticast mode
[   94.611618][ T6131] bridge0: entered promiscuous mode
[   94.637205][ T6131] batman_adv: batadv0: Adding interface: macsec1
[   94.656140][ T6131] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   94.681915][    C1] vkms_vblank_simulate: vblank timer overrun
[   94.716159][ T6131] batman_adv: batadv0: Interface activated: macsec1
[   95.352172][ T6148] loop1: detected capacity change from 0 to 256
[   95.367957][ T6129] loop3: detected capacity change from 0 to 40427
[   95.433427][ T6129] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff
[   95.481996][ T6129] F2FS-fs (loop3): invalid crc value
[   95.557968][ T6129] F2FS-fs (loop3): Found nat_bits in checkpoint
[   95.825112][ T6129] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   96.233558][ T6169] loop1: detected capacity change from 0 to 64
[   96.302743][ T5790] syz-executor: attempt to access beyond end of device
[   96.302743][ T5790] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   96.367790][ T5790] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[   96.393010][ T5790] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[   96.702131][ T6175] loop2: detected capacity change from 0 to 1024
[   96.741354][ T6175] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[   96.766621][ T6175] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   96.800729][ T6175] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   96.840348][ T6175] EXT4-fs (loop2): orphan cleanup on readonly fs
[   96.856434][ T6175] EXT4-fs error (device loop2): ext4_ext_check_inode:520: inode #3: comm syz.2.114: pblk 2 bad header/extent: invalid extent entries - magic f30a, entries 2, max 2(4), depth 0(0)
[   96.949544][ T6175] EXT4-fs (loop2): Remounting filesystem read-only
[   96.995913][ T6175] EXT4-fs warning (device loop2): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   97.046407][ T6175] EXT4-fs (loop2): Cannot turn on quotas: error -117
[   97.064982][ T6175] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   97.128601][ T6175] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.210602][ T6184] loop1: detected capacity change from 0 to 16
[   97.329765][ T6184] erofs: (device loop1): mounted with root inode @ nid 36.
[   98.176204][ T6210] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[   98.246120][    T9] usb 3-1: new low-speed USB device number 2 using dummy_hcd
[   98.322310][ T6212] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[   98.441603][ T6196] loop1: detected capacity change from 0 to 40427
[   98.458689][    T9] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[   98.478142][ T6196] F2FS-fs (loop1): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[   98.496060][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.506595][ T6196] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   98.526774][ T6196] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x35f7
[   98.537453][    T9] usb 3-1: config 0 descriptor??
[   98.558600][ T6196] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x7ffff
[   98.573476][ T6196] F2FS-fs (loop1): Image doesn't support compression
[   98.591677][ T6196] F2FS-fs (loop1): invalid crc value
[   98.612380][ T6196] F2FS-fs (loop1): Found nat_bits in checkpoint
[   98.751731][ T6196] F2FS-fs (loop1): Start checkpoint disabled!
[   98.822914][ T6196] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   98.836192][ T6196] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   99.251132][ T6226] loop0: detected capacity change from 0 to 4096
[   99.364039][ T6227] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   99.641965][ T6230] NILFS error (device loop0): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[   99.718259][ T6230] Remounting filesystem read-only
[   99.762145][ T6229] loop1: detected capacity change from 0 to 4096
[   99.797480][    T9] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[   99.831066][    T9] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[   99.863848][    T9] asix: probe of 3-1:0.0 failed with error -71
[   99.902045][    T9] usb 3-1: USB disconnect, device number 2
[  100.007436][ T5786] NILFS (loop0): discard dirty page: offset=8192, ino=6
[  100.014833][ T5786] NILFS (loop0): discard dirty block: blocknr=25, size=4096
[  100.156337][ T2197] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  100.175213][ T6234] loop1: detected capacity change from 0 to 1024
[  100.205902][ T6234] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  100.234041][ T6234] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  100.250868][ T6234] EXT4-fs (loop1): orphan cleanup on readonly fs
[  100.260190][ T6234] EXT4-fs error (device loop1): ext4_free_blocks:6676: comm syz.1.137: Freeing blocks not in datazone - block = 0, count = 4096
[  100.290658][ T6234] EXT4-fs (loop1): 1 orphan inode deleted
[  100.298123][ T6234] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  100.363246][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.366143][ T2197] usb 4-1: Using ep0 maxpacket: 8
[  100.420429][ T6240] loop0: detected capacity change from 0 to 128
[  100.446924][ T2197] usb 4-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  100.472369][ T2197] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.506809][ T2197] usb 4-1: Product: syz
[  100.511060][ T2197] usb 4-1: Manufacturer: syz
[  100.515698][ T2197] usb 4-1: SerialNumber: syz
[  100.543220][ T6240] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  100.546051][   T27] audit: type=1800 audit(1763766995.475:2): pid=6240 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.138" name="file2" dev="loop0" ino=1048594 res=0 errno=0
[  100.587332][ T2197] usb 4-1: config 0 descriptor??
[  100.589067][ T6240] FAT-fs (loop0): Filesystem has been set read-only
[  100.601883][ T2197] gspca_main: sq905-2.14.0 probing 2770:9120
[  100.634537][ T6240] syz.0.138: attempt to access beyond end of device
[  100.634537][ T6240] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[  101.002564][ T6254] loop0: detected capacity change from 0 to 1024
[  101.046988][ T6254] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.097445][ T6254] ext4 filesystem being mounted at /36/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.302002][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.589359][ T6266] loop1: detected capacity change from 0 to 256
[  101.618970][ T6266] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  101.644319][ T6266] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  101.655132][ T2197] gspca_sq905: bulk read fail (-22) len 0/4
[  101.666984][ T2197] sq905: probe of 4-1:0.0 failed with error -5
[  101.714185][ T6266] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0x65b64522, utbl_chksum : 0xe619d30d)
[  101.939394][ T2197] usb 4-1: USB disconnect, device number 3
[  102.520285][   T27] audit: type=1326 audit(1763766997.465:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz.1.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7319b8f749 code=0x7ffc0000
[  102.602546][   T27] audit: type=1326 audit(1763766997.465:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz.1.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7319b8f749 code=0x7ffc0000
[  102.659867][   T27] audit: type=1326 audit(1763766997.505:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz.1.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7319b8f749 code=0x7ffc0000
[  102.692645][   T27] audit: type=1326 audit(1763766997.505:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz.1.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7319b8f749 code=0x7ffc0000
[  102.717766][   T27] audit: type=1326 audit(1763766997.505:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz.1.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7319b8f749 code=0x7ffc0000
[  102.748497][   T27] audit: type=1326 audit(1763766997.505:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz.1.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7f7319b8f749 code=0x7ffc0000
[  102.773523][   T27] audit: type=1326 audit(1763766997.505:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz.1.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7319b8f749 code=0x7ffc0000
[  102.810072][   T27] audit: type=1326 audit(1763766997.505:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6281 comm="syz.1.155" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7319b8f749 code=0x7ffc0000
[  103.012513][ T6293] loop8: detected capacity change from 0 to 8
[  103.059839][ T6293]  loop8: [CUMANA/ADFS] p1 [ADFS] p1
[  103.065258][ T6293] loop8: partition table partially beyond EOD, truncated
[  103.094743][ T6293] loop8: p1 size 3004527350 extends beyond EOD, truncated
[  103.210491][ T5789] udevd[5789]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[  103.618879][ T6303] loop0: detected capacity change from 0 to 1024
[  103.913329][   T11] hfsplus: b-tree write err: -5, ino 4
[  104.314957][ T6312] netlink: 8 bytes leftover after parsing attributes in process `syz.1.167'.
[  104.378963][ T6312] Zero length message leads to an empty skb
[  104.567373][ T6314] loop0: detected capacity change from 0 to 4096
[  104.847701][ T6314] EXT4-fs: Ignoring removed nobh option
[  104.865277][ T6314] EXT4-fs (loop0): Test dummy encryption mode enabled
[  104.913918][ T6314] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.015855][ T6327] tipc: Started in network mode
[  105.033581][ T6327] tipc: Node identity ac14140f, cluster identity 4711
[  105.048199][ T6314] fscrypt: AES-256-CTS-CBC using implementation "cts-cbc-aes-aesni"
[  105.083025][ T6327] tipc: New replicast peer: 255.255.255.255
[  105.125383][ T6327] tipc: Enabled bearer <udp:syz2>, priority 10
[  105.282992][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.461645][ T6333] capability: warning: `syz.1.174' uses deprecated v2 capabilities in a way that may be insecure
[  106.034467][ T6348] loop0: detected capacity change from 0 to 8192
[  106.227874][ T5792] tipc: Node number set to 2886997007
[  106.921832][ T6369] loop1: detected capacity change from 0 to 4096
[  106.957520][ T6369] EXT4-fs (loop1): Test dummy encryption mode enabled
[  106.994071][ T6369] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.142046][ T5803] Bluetooth: hci0: hcon ffff88802f52c000 sent 1 < count 32780
[  107.149402][ T6377] Bluetooth: hci0: unsupported parameter 32780
[  107.157232][ T6377] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  107.394677][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.616323][ T2197] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  107.625328][ T6391] loop1: detected capacity change from 0 to 1024
[  107.809089][ T2197] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  107.826067][ T2197] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.832516][ T6391] hfsplus: xattr searching failed
[  107.847244][ T2197] usb 3-1: config 0 descriptor??
[  107.865301][ T6391] hfsplus: xattr searching failed
[  107.883334][ T2197] gspca_main: spca508-2.14.0 probing 8086:0110
[  107.893462][ T6391] hfsplus: xattr searching failed
[  107.904961][ T6391] hfsplus: xattr searching failed
[  108.099161][ T2197] gspca_spca508: reg_read err -32
[  108.154998][ T2197] gspca_spca508: reg_read err -32
[  108.171726][ T2197] gspca_spca508: reg_read err -32
[  108.179773][ T2197] gspca_spca508: reg_read err -32
[  108.403830][ T2197] gspca_spca508: reg write: error -71
[  108.416193][ T2197] spca508: probe of 3-1:0.0 failed with error -71
[  108.439468][ T2197] usb 3-1: USB disconnect, device number 3
[  108.446058][ T5879] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  108.639563][ T5879] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  108.660877][ T5879] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 32
[  108.680794][ T6401] loop3: detected capacity change from 0 to 40427
[  108.692167][ T5879] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  108.701895][ T5879] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.712798][ T5879] usb 1-1: Product: syz
[  108.721918][ T5879] usb 1-1: Manufacturer: syz
[  108.733695][ T5879] usb 1-1: SerialNumber: syz
[  108.742481][ T6401] F2FS-fs (loop3): Found nat_bits in checkpoint
[  108.897879][ T6401] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  108.996392][ T6405] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  109.121348][ T6412] f2fs_ckpt-7:3: attempt to access beyond end of device
[  109.121348][ T6412] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  109.164950][ T6412] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  109.182409][ T6412] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  109.196303][ T6412] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  109.224902][ T6412] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  109.457788][ T6411] loop1: detected capacity change from 0 to 32768
[  109.537347][ T6411] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  109.671014][ T6411] XFS (loop1): Ending clean mount
[  109.680235][ T6405] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  109.742085][ T6411] XFS (loop1): Quotacheck needed: Please wait.
[  109.883489][ T6411] XFS (loop1): Quotacheck: Done.
[  109.910067][ T5879] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42
[  109.937552][ T5879] cdc_ncm 1-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  109.955667][ T5879] cdc_ncm 1-1:1.0: setting rx_max = 2048
[  110.095534][ T5788] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  110.114748][ T5879] cdc_ncm 1-1:1.0: setting tx_max = 184
[  110.162005][ T5879] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  110.247827][ T5879] usb 1-1: USB disconnect, device number 3
[  110.267618][ T5879] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP)
[  110.633270][ T6445] tls_set_device_offload: netdev not found
[  111.107769][ T6461] binder: 6459:6461 ioctl 40046205 0 returned -22
[  111.129781][ T6457] loop0: detected capacity change from 0 to 8192
[  111.187963][ T6457] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  111.246852][ T6457] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  111.265869][ T6469] bridge0: entered allmulticast mode
[  111.280683][ T6469] pim6reg: entered allmulticast mode
[  111.296943][ T6457] REISERFS (device loop0): using ordered data mode
[  111.339761][ T6457] reiserfs: using flush barriers
[  111.380017][ T6457] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  111.418055][ T6457] REISERFS (device loop0): checking transaction log (loop0)
[  111.468957][ T6457] REISERFS (device loop0): Using r5 hash to sort names
[  111.484892][ T6457] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  111.759922][ T6457] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 2057, free_space(entry_count) 2
[  111.801600][ T6457] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 564. Fsck?
[  111.844220][ T6457] REISERFS (device loop0): Remounting filesystem read-only
[  111.868348][ T6457] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 3 0x0 SD] stat data
[  112.358756][ T6494] netlink: 'syz.1.235': attribute type 11 has an invalid length.
[  112.380893][ T6494] netlink: 56 bytes leftover after parsing attributes in process `syz.1.235'.
[  112.396363][ T2197] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  112.408505][ T6494] netlink: 'syz.1.235': attribute type 11 has an invalid length.
[  112.426620][ T6494] netlink: 56 bytes leftover after parsing attributes in process `syz.1.235'.
[  112.437178][ T6494] netlink: 'syz.1.235': attribute type 11 has an invalid length.
[  112.455090][ T6494] netlink: 56 bytes leftover after parsing attributes in process `syz.1.235'.
[  112.593361][ T6503] netlink: 44 bytes leftover after parsing attributes in process `syz.1.238'.
[  112.611979][ T2197] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  112.634577][ T2197] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  112.643084][ T6499] loop2: detected capacity change from 0 to 8192
[  112.644741][ T2197] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 64
[  112.669229][ T2197] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  112.680906][ T2197] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.728159][ T6488] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  112.745375][ T2197] hub 4-1:1.0: bad descriptor, ignoring hub
[  112.777011][ T2197] hub: probe of 4-1:1.0 failed with error -5
[  112.810033][ T2197] cdc_wdm 4-1:1.0: skipping garbage
[  112.815327][ T2197] cdc_wdm 4-1:1.0: skipping garbage
[  112.891574][ T2197] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  112.896907][ T6506] input: syz0 as /devices/virtual/input/input7
[  112.938115][ T2197] cdc_wdm 4-1:1.0: Unknown control protocol
[  112.950015][ T6508] loop0: detected capacity change from 0 to 1024
[  112.991626][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  112.998684][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  113.006299][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  113.012954][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  113.019360][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  113.025994][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  113.032366][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  113.038985][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  113.045388][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  113.052019][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  113.058374][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  113.065185][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  113.073042][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  113.079785][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  113.086740][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  113.093471][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  113.100158][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  113.106804][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  113.113297][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  113.120032][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  113.133858][ T2197] usb 4-1: Failed to suspend device, error -71
[  113.143568][ T6508] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.156195][ T2197] usb 4-1: USB disconnect, device number 4
[  113.273370][ T6508] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  113.296427][ T6508] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  113.313435][ T6516] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 64 with max blocks 4 with error 28
[  113.314042][ T6508] EXT4-fs (loop0): This should not happen!! Data will be lost
[  113.314042][ T6508] 
[  113.346187][ T6516] EXT4-fs (loop0): This should not happen!! Data will be lost
[  113.346187][ T6516] 
[  113.366134][ T6508] EXT4-fs (loop0): Total free blocks count 0
[  113.376070][ T6516] EXT4-fs (loop0): Total free blocks count 0
[  113.386039][ T6516] EXT4-fs (loop0): Free/Dirty block details
[  113.392116][ T6508] EXT4-fs (loop0): Free/Dirty block details
[  113.410336][ T6516] EXT4-fs (loop0): free_blocks=68451041280
[  113.590969][ T6520] Driver unsupported XDP return value 0 on prog  (id 38) dev N/A, expect packet loss!
[  113.689405][ T5792] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  113.877995][ T6528] netlink: 84 bytes leftover after parsing attributes in process `syz.2.246'.
[  113.932465][ T5792] usb 4-1: config 1 has an invalid descriptor of length 111, skipping remainder of the config
[  113.957111][ T5792] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  113.975805][ T5792] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  114.016059][ T5792] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  114.047143][ T5792] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.065088][ T6488] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  114.078712][ T5792] hub 4-1:1.0: bad descriptor, ignoring hub
[  114.096046][ T5792] hub: probe of 4-1:1.0 failed with error -5
[  114.102714][ T5792] cdc_wdm 4-1:1.0: skipping garbage
[  114.134338][ T5792] cdc_wdm 4-1:1.0: skipping garbage
[  114.141592][ T5792] cdc_wdm: probe of 4-1:1.0 failed with error -22
[  114.150905][ T6537] loop0: detected capacity change from 0 to 512
[  114.154194][ T6535] loop2: detected capacity change from 0 to 1024
[  114.182531][ T6537] EXT4-fs: Ignoring removed oldalloc option
[  114.210011][ T6535] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.242889][ T6537] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  114.287747][ T6537] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  114.328084][ T6542] loop1: detected capacity change from 0 to 512
[  114.379651][ T6542] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2249: inode #15: comm syz.1.251: corrupted in-inode xattr: invalid ea_ino
[  114.394674][ T6537] EXT4-fs (loop0): 1 truncate cleaned up
[  114.410964][ T6542] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.251: couldn't read orphan inode 15 (err -117)
[  114.423547][ T6537] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.439213][ T6542] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.508070][ T2197] usb 4-1: USB disconnect, device number 5
[  114.622771][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.765040][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.840784][ T6548] overlayfs: invalid origin (0000)
[  115.043418][   T27] audit: type=1800 audit(1763767265.995:11): pid=6551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.250" name="file1" dev="loop0" ino=15 res=0 errno=0
[  115.104356][ T6555] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  115.283810][ T6559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.257'.
[  115.326081][ T5792] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  115.514342][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.534686][ T5792] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  115.571684][ T5792] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  115.591477][ T5792] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  115.613449][ T5792] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  115.626918][ T5792] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  115.650774][ T5792] usb 2-1: config 0 descriptor??
[  115.838197][ T6571] loop0: detected capacity change from 0 to 512
[  115.881139][ T6571] EXT4-fs: Ignoring removed i_version option
[  115.928663][ T6570] loop2: detected capacity change from 0 to 4096
[  115.938512][ T6570] ntfs: (device loop2): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  115.947573][ T6571] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.982183][ T6571] ext4 filesystem being mounted at /62/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  116.012440][ T6570] ntfs: (device loop2): ntfs_read_locked_inode(): Corrupt standard information attribute in inode.
[  116.070538][ T6570] ntfs: (device loop2): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  116.084041][ T6570] ntfs: (device loop2): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  116.103126][ T5792] plantronics 0003:047F:FFFF.0002: unknown main item tag 0xd
[  116.122524][ T6570] ntfs: volume version 3.1.
[  116.123745][ T5792] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving
[  116.162739][ T6571] EXT4-fs error (device loop0): ext4_get_first_dir_block:3592: inode #12: block 32: comm syz.0.260: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  116.222813][ T5792] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  116.229977][ T6571] EXT4-fs (loop0): Remounting filesystem read-only
[  116.464147][ T1134] ntfs: (device loop2): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry.
[  116.493314][ T5787] ntfs: (device loop2): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  116.539531][ T5792] usb 2-1: USB disconnect, device number 3
[  116.649325][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.986037][ T2197] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  117.186028][ T2197] usb 3-1: Using ep0 maxpacket: 8
[  117.203258][ T2197] usb 3-1: unable to get BOS descriptor or descriptor too short
[  117.217027][ T6601] loop1: detected capacity change from 0 to 1024
[  117.239258][ T2197] usb 3-1: config 4 interface 0 has no altsetting 0
[  117.265906][ T2197] usb 3-1: string descriptor 0 read error: -22
[  117.279478][ T6601] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.292596][ T2197] usb 3-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  117.322946][ T2197] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.405561][ T6601] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.273: bg 0: block 385: padding at end of block bitmap is not set
[  117.422649][ T2197] usb 3-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  117.470727][ T2197] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  117.509145][ T2197] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  117.537195][ T2197] usb 3-1: media controller created
[  117.542222][ T6607] netlink: 'syz.0.276': attribute type 32 has an invalid length.
[  117.620780][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.650228][ T2197] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  117.675695][ T6587] usb 3-1: dvb_usb_au6610: wlen=0, aborting
[  117.897180][ T2197] zl10353_read_register: readreg error (reg=127, ret==0)
[  118.012899][ T2197] usb 3-1: USB disconnect, device number 4
[  118.216097][    T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  118.450673][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  118.465680][    T9] usb 1-1: New USB device found, idVendor=046d, idProduct=c626, bcdDevice= 0.00
[  118.491240][ T6632] netlink: 12 bytes leftover after parsing attributes in process `syz.3.284'.
[  118.501626][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.512449][    T9] usb 1-1: config 0 descriptor??
[  118.522187][ T6632] netlink: 'syz.3.284': attribute type 15 has an invalid length.
[  118.583531][ T6632] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 65279 - 0
[  118.593161][ T6632] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 65279 - 0
[  118.602087][ T6632] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 65279 - 0
[  118.611434][ T6632] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 65279 - 0
[  118.634806][ T6632] vxlan0: entered promiscuous mode
[  118.958970][    T9] logitech 0003:046D:C626.0003: unbalanced delimiter at end of report description
[  119.001587][    T9] logitech 0003:046D:C626.0003: parse failed
[  119.016487][    T9] logitech: probe of 0003:046D:C626.0003 failed with error -22
[  119.279744][ T6650] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  119.312073][ T6650] overlayfs: failed to set xattr on upper
[  119.324952][ T6650] overlayfs: ...falling back to redirect_dir=nofollow.
[  119.342371][ T6650] overlayfs: ...falling back to index=off.
[  119.356219][ T6650] overlayfs: ...falling back to uuid=null.
[  119.409504][ T6654] loop3: detected capacity change from 0 to 128
[  119.762545][ T6662] loop3: detected capacity change from 0 to 512
[  119.793894][ T6662] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2249: inode #15: comm syz.3.299: corrupted in-inode xattr: e_value size too large
[  119.814435][ T6662] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.299: couldn't read orphan inode 15 (err -117)
[  119.832866][ T6662] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.871246][ T6662] EXT4-fs error (device loop3): ext4_validate_block_bitmap:430: comm syz.3.299: bg 0: block 5: invalid block bitmap
[  120.022579][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.153978][ T6673] loop3: detected capacity change from 0 to 256
[  120.193960][ T6669] loop1: detected capacity change from 0 to 2048
[  120.279584][ T6669] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.377832][ T6678] loop2: detected capacity change from 0 to 128
[  120.517178][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.552556][ T6680] loop3: detected capacity change from 0 to 512
[  120.636207][ T6680] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  120.671550][ T6680] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.983354][  T789] usb 1-1: USB disconnect, device number 4
[  121.016934][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  121.061124][ T1134] Bluetooth: hci4: Frame reassembly failed (-84)
[  121.145758][ T6694] loop0: detected capacity change from 0 to 512
[  121.179256][ T6694] EXT4-fs (loop0): bad geometry: block count 3825205504 exceeds size of device (256 blocks)
[  121.333523][ T6698] loop1: detected capacity change from 0 to 1024
[  121.373088][ T6698] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.417625][ T6698] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.517458][ T5843] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  121.541199][ T6698] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: comm syz.1.313: lblock 0 mapped to illegal pblock 0 (length 1)
[  121.569692][ T6698] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: block 3: comm syz.1.313: lblock 3 mapped to illegal pblock 3 (length 3)
[  121.586726][ T6698] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  121.601290][ T6698] EXT4-fs (loop1): This should not happen!! Data will be lost
[  121.601290][ T6698] 
[  121.627408][ T6698] EXT4-fs error (device loop1): ext4_map_blocks:608: inode #15: block 3: comm syz.1.313: lblock 3 mapped to illegal pblock 3 (length 1)
[  121.696731][ T2882] EXT4-fs error (device loop1): ext4_map_blocks:718: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8)
[  121.715518][ T2882] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  121.732300][ T2882] EXT4-fs (loop1): This should not happen!! Data will be lost
[  121.732300][ T2882] 
[  121.732963][ T5843] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  121.760433][ T5843] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.772339][ T5788] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  121.790157][ T5843] usb 1-1: config 0 descriptor??
[  121.822964][ T5843] cp210x 1-1:0.0: cp210x converter detected
[  121.834929][ T6709] netlink: 12 bytes leftover after parsing attributes in process `syz.3.318'.
[  122.242719][ T5843] cp210x 1-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  122.268632][ T5843] usb 1-1: cp210x converter now attached to ttyUSB0
[  122.489741][    T9] usb 1-1: USB disconnect, device number 5
[  122.500020][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  122.531009][    T9] cp210x 1-1:0.0: device disconnected
[  122.976070][ T2197] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  123.066353][ T5803] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  123.197147][ T2197] usb 4-1: Using ep0 maxpacket: 32
[  123.211066][ T2197] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.234700][ T2197] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.256702][ T2197] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  123.286091][ T2197] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.319327][ T2197] usb 4-1: config 0 descriptor??
[  123.819463][ T2197] savu 0003:1E7D:2D5A.0004: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[  124.006231][ T5843] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  124.192332][  T789] usb 4-1: USB disconnect, device number 6
[  124.218134][ T5843] usb 3-1: Using ep0 maxpacket: 32
[  124.242406][ T5843] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.275178][ T5843] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  124.304964][ T5843] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  124.326011][ T5843] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  124.334433][ T5843] usb 3-1: Product: syz
[  124.366324][ T5843] usb 3-1: Manufacturer: syz
[  124.394939][ T5843] hub 3-1:4.0: USB hub found
[  124.621594][ T5843] hub 3-1:4.0: 2 ports detected
[  124.761979][ T6760] "syz.1.340" (6760) uses obsolete ecb(arc4) skcipher
[  124.800210][ T6760] trusted_key: syz.1.340 sent an empty control message without MSG_MORE.
[  125.045077][ T5843] hub 3-1:4.0: set hub depth failed
[  125.085341][ T5843] usb 3-1: USB disconnect, device number 5
[  125.616089][ T5836] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[  125.810931][ T6771] loop2: detected capacity change from 0 to 512
[  125.833084][ T5836] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  125.856335][ T5836] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.903561][ T5836] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  125.904328][ T6771] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  125.926362][ T6771] ext4 filesystem being mounted at /79/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  125.965472][ T5836] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.006540][   T27] audit: type=1326 audit(1763767276.965:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6762 comm="syz.3.341" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f083818f749 code=0x7fc00000
[  126.057509][ T5836] usb 2-1: config 0 descriptor??
[  126.198122][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.539436][ T5836] savu 0003:1E7D:2D5A.0005: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[  126.919703][ T6789] loop2: detected capacity change from 0 to 128
[  126.941629][ T6784] loop0: detected capacity change from 0 to 32768
[  126.955347][ T6789] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  126.978272][ T6789] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  127.011947][ T6784] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  127.055692][ T6784] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  127.094665][ T5792] usb 2-1: USB disconnect, device number 4
[  127.105555][ T6784] ocfs2: Unmounting device (7,0) on (node local)
[  127.372776][ T1134] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  127.407564][ T6795] netlink: 'syz.3.352': attribute type 1 has an invalid length.
[  127.544866][ T6795] 8021q: adding VLAN 0 to HW filter on device bond1
[  127.671809][ T6798] bond1: (slave geneve2): making interface the new active one
[  127.764708][ T6798] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  128.029530][ T6807] loop3: detected capacity change from 0 to 1024
[  128.055132][ T6807] EXT4-fs: Ignoring removed nobh option
[  128.065890][ T6807] EXT4-fs: Ignoring removed bh option
[  128.092913][ T6807] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  128.111268][ T6807] EXT4-fs (loop3): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  128.144425][ T6807] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.215530][ T6809] loop1: detected capacity change from 0 to 4096
[  128.221196][ T6807] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4031: comm syz.3.356: Allocating blocks 497-513 which overlap fs metadata
[  128.247856][ T6807] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  128.270481][ T6799] loop0: detected capacity change from 0 to 40427
[  128.280109][ T6807] EXT4-fs (loop3): This should not happen!! Data will be lost
[  128.280109][ T6807] 
[  128.282014][ T6809] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  128.300856][ T6799] F2FS-fs (loop0): build fault injection attr: rate: 25, type: 0x7ffff
[  128.311647][ T6809] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096)
[  128.321672][ T6799] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x7698c
[  128.342864][   T27] audit: type=1326 audit(1763767279.295:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6800 comm="syz.2.354" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e22f8f749 code=0x7fc00000
[  128.377084][ T6799] F2FS-fs (loop0): invalid crc value
[  128.405248][ T6799] F2FS-fs (loop0): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1d6/0x920
[  128.422643][ T6815] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  128.453397][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.476271][ T6799] F2FS-fs (loop0): Found nat_bits in checkpoint
[  128.652612][ T6799] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  128.735785][ T6799] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  128.744197][ T6809] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  128.774344][ T6820] binder: 6819:6820 ioctl c0306201 2000000003c0 returned -14
[  128.778703][ T6809] Remounting filesystem read-only
[  128.787651][ T6809] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  128.806849][ T6809] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  128.823432][ T6809] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  128.843670][ T6809] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  128.861962][ T6809] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  128.878183][ T6799] F2FS-fs (loop0): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xda/0x1d0
[  128.882449][ T6809] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  128.937009][ T6809] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  128.964645][ T6799] F2FS-fs (loop0): inject dquot initialize in f2fs_dquot_initialize of f2fs_truncate+0x2fe/0x730
[  128.986523][ T6809] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  129.019723][ T6823] loop3: detected capacity change from 0 to 1024
[  129.025541][ T6809] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  129.045757][ T5786] syz-executor: attempt to access beyond end of device
[  129.045757][ T5786] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  129.060860][ T5786] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  129.080237][ T6823] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.103481][ T5788] NILFS (loop1): discard dirty page: offset=8192, ino=6
[  129.127362][ T5788] NILFS (loop1): discard dirty block: blocknr=25, size=4096
[  129.152540][ T5788] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[  129.176489][ T5788] NILFS (loop1): discard dirty page: offset=20480, ino=15
[  129.198588][ T5788] NILFS (loop1): discard dirty block: blocknr=0, size=4096
[  129.222960][ T5788] NILFS (loop1): discard dirty page: offset=24576, ino=15
[  129.250398][ T5788] NILFS (loop1): discard dirty block: blocknr=0, size=4096
[  129.259117][ T5788] NILFS (loop1): discard dirty page: offset=28672, ino=15
[  129.276232][ T5788] NILFS (loop1): discard dirty block: blocknr=0, size=4096
[  129.293835][ T5788] NILFS (loop1): discard dirty page: offset=49152, ino=15
[  129.307096][ T5788] NILFS (loop1): discard dirty block: blocknr=0, size=4096
[  129.328070][ T5788] NILFS (loop1): discard dirty page: offset=0, ino=3
[  129.348473][ T5788] NILFS (loop1): discard dirty block: blocknr=28, size=4096
[  129.362711][ T5788] NILFS (loop1): discard dirty page: offset=4096, ino=3
[  129.370351][ T5788] NILFS (loop1): discard dirty block: blocknr=29, size=4096
[  129.386904][ T5788] NILFS (loop1): discard dirty page: offset=925696, ino=3
[  129.398639][ T5788] NILFS (loop1): discard dirty block: blocknr=36, size=4096
[  129.410834][ T5788] NILFS (loop1): discard dirty page: offset=16846848, ino=3
[  129.422855][ T5788] NILFS (loop1): discard dirty block: blocknr=0, size=4096
[  129.434855][ T5788] NILFS (loop1): discard dirty page: offset=16850944, ino=3
[  129.456120][ T5788] NILFS (loop1): discard dirty block: blocknr=0, size=4096
[  129.693766][ T5790] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.006277][ T5836] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  130.206182][ T5836] usb 2-1: Using ep0 maxpacket: 16
[  130.243758][ T5836] usb 2-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[  130.264406][ T5836] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  130.286643][ T5836] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  130.318444][ T5836] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.336186][ T5836] usb 2-1: Product: syz
[  130.340457][ T5836] usb 2-1: Manufacturer: syz
[  130.345096][ T5836] usb 2-1: SerialNumber: syz
[  130.483015][ T6841] loop3: detected capacity change from 0 to 2048
[  130.537569][ T6843] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  130.635403][ T5836] usb 2-1: 0:2 : does not exist
[  130.659776][ T5836] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[  130.728704][ T6843] NILFS (loop3): vblocknr = 18 has abnormal lifetime: start cno (= 504403158265495554) > current cno (= 3)
[  130.787312][ T6843] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=2)
[  130.796286][ T5836] usb 2-1: USB disconnect, device number 5
[  130.829227][ T6843] Remounting filesystem read-only
[  130.845997][ T2882] NILFS (loop3): discard dirty page: offset=4096, ino=6
[  130.853196][ T2882] NILFS (loop3): discard dirty block: blocknr=39, size=1024
[  130.854726][ T6844] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  130.917842][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  130.966160][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  130.975094][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  130.995718][ T5789] udevd[5789]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  131.029677][ T2882] NILFS (loop3): discard dirty page: offset=0, ino=3
[  131.039021][ T2882] NILFS (loop3): discard dirty block: blocknr=42, size=1024
[  131.058313][ T2882] NILFS (loop3): discard dirty block: blocknr=43, size=1024
[  131.065682][ T2882] NILFS (loop3): discard dirty block: blocknr=44, size=1024
[  131.106296][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  131.129219][ T2882] NILFS (loop3): discard dirty page: offset=65536, ino=3
[  131.142669][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  131.166165][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  131.175282][ T2882] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  131.187380][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  131.203307][ T2882] NILFS (loop3): discard dirty page: offset=0, ino=18
[  131.219421][ T2882] NILFS (loop3): discard dirty block: blocknr=0, size=1024
[  131.236097][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  131.254147][ T6847] loop2: detected capacity change from 0 to 8192
[  131.254266][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  131.263285][ T6847] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  131.282904][ T6847] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  131.292244][ T6847] REISERFS (device loop2): using ordered data mode
[  131.298949][ T6847] reiserfs: using flush barriers
[  131.306203][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  131.315262][ T6847] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  131.332197][ T2882] NILFS (loop3): discard dirty page: offset=0, ino=2
[  131.341652][ T2882] NILFS (loop3): discard dirty block: blocknr=18, size=1024
[  131.351636][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  131.357484][ T6847] REISERFS (device loop2): checking transaction log (loop2)
[  131.360747][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  131.377015][ T2882] NILFS (loop3): discard dirty block: blocknr=18446744073709551615, size=1024
[  131.386554][ T6841] NILFS (loop3): mounting fs with errors
[  131.390186][ T6847] REISERFS (device loop2): Using r5 hash to sort names
[  131.400077][ T6847] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  131.449972][ T6843] ------------[ cut here ]------------
[  131.456514][ T6843] WARNING: CPU: 0 PID: 6843 at fs/buffer.c:1188 mark_buffer_dirty+0x2bb/0x4d0
[  131.465783][ T6843] Modules linked in:
[  131.470372][ T6843] CPU: 0 PID: 6843 Comm: segctord Not tainted syzkaller #0
[  131.477780][ T6843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  131.488095][ T6843] RIP: 0010:mark_buffer_dirty+0x2bb/0x4d0
[  131.493876][ T6843] Code: 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 bf ac fc ff e8 6a fa 89 ff 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 ea 57 e8 ff e8 55 fa 89 ff <0f> 0b e9 84 fd ff ff e8 49 fa 89 ff 0f 0b e9 b0 fd ff ff e8 3d fa
[  131.513618][ T6843] RSP: 0000:ffffc9001969f6f0 EFLAGS: 00010293
[  131.520239][ T6843] RAX: ffffffff81fb953b RBX: ffff888059488ae0 RCX: ffff88802b59bc00
[  131.529727][ T6843] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  131.538465][ T6843] RBP: ffffc9001969fb01 R08: ffff888059488ae7 R09: 1ffff1100b29115c
[  131.546940][ T6843] R10: dffffc0000000000 R11: ffffed100b29115d R12: 1ffff1100b2a5027
[  131.554966][ T6843] R13: ffff888059528148 R14: ffff88805de99328 R15: 1ffff1100b2a5029
[  131.563477][ T6843] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  131.572764][ T6843] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  131.579466][ T6843] CR2: 0000001b2ea23ffc CR3: 000000002cf4e000 CR4: 00000000003506f0
[  131.587573][ T6843] Call Trace:
[  131.590903][ T6843]  <TASK>
[  131.593881][ T6843]  nilfs_segctor_do_construct+0x32c/0x6870
[  131.599939][ T6843]  ? mark_lock+0x94/0x320
[  131.604412][ T6843]  ? verify_lock_unused+0x140/0x140
[  131.609858][ T6843]  ? verify_lock_unused+0x140/0x140
[  131.615138][ T6843]  ? nilfs_transaction_unlock+0x220/0x220
[  131.620981][ T6843]  ? nilfs_bmap_test_and_clear_dirty+0x50/0x70
[  131.628463][ T6843]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  131.634081][ T6843]  ? __lock_acquire+0x7c80/0x7c80
[  131.639412][ T6843]  ? __rwlock_init+0x150/0x150
[  131.644242][ T6843]  ? do_raw_spin_unlock+0x121/0x230
[  131.649576][ T6843]  ? _raw_spin_unlock+0x28/0x40
[  131.654480][ T6843]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  131.660068][ T6843]  nilfs_segctor_construct+0x17b/0x690
[  131.665850][ T6843]  nilfs_segctor_thread+0x4f6/0x1000
[  131.671342][ T6843]  ? nilfs_iput_work_func+0x70/0x70
[  131.676653][ T6843]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  131.682614][ T6843]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  131.688751][ T6843]  ? wake_bit_function+0x200/0x200
[  131.693985][ T6843]  ? __kthread_parkme+0x7a/0x1c0
[  131.699007][ T6843]  kthread+0x2fa/0x390
[  131.703103][ T6843]  ? nilfs_iput_work_func+0x70/0x70
[  131.710300][ T6843]  ? kthread_blkcg+0xd0/0xd0
[  131.714931][ T6843]  ret_from_fork+0x48/0x80
[  131.719460][ T6843]  ? kthread_blkcg+0xd0/0xd0
[  131.724078][ T6843]  ret_from_fork_asm+0x11/0x20
[  131.729821][ T6843]  </TASK>
[  131.732862][ T6843] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  131.740143][ T6843] CPU: 0 PID: 6843 Comm: segctord Not tainted syzkaller #0
[  131.747352][ T6843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  131.757475][ T6843] Call Trace:
[  131.760828][ T6843]  <TASK>
[  131.763782][ T6843]  dump_stack_lvl+0x16c/0x230
[  131.768720][ T6843]  ? show_regs_print_info+0x20/0x20
[  131.774121][ T6843]  ? load_image+0x3b0/0x3b0
[  131.778752][ T6843]  panic+0x2c0/0x710
[  131.782654][ T6843]  ? bpf_jit_dump+0xd0/0xd0
[  131.787180][ T6843]  ? ret_from_fork_asm+0x11/0x20
[  131.792158][ T6843]  __warn+0x2e0/0x470
[  131.796158][ T6843]  ? mark_buffer_dirty+0x2bb/0x4d0
[  131.801291][ T6843]  ? mark_buffer_dirty+0x2bb/0x4d0
[  131.806509][ T6843]  report_bug+0x2be/0x4f0
[  131.810854][ T6843]  ? mark_buffer_dirty+0x2bb/0x4d0
[  131.815996][ T6843]  ? mark_buffer_dirty+0x2bb/0x4d0
[  131.821147][ T6843]  ? mark_buffer_dirty+0x2bd/0x4d0
[  131.826290][ T6843]  handle_bug+0xcf/0x120
[  131.830570][ T6843]  exc_invalid_op+0x1a/0x50
[  131.835092][ T6843]  asm_exc_invalid_op+0x1a/0x20
[  131.839956][ T6843] RIP: 0010:mark_buffer_dirty+0x2bb/0x4d0
[  131.845779][ T6843] Code: 00 00 00 5b 41 5c 41 5e 41 5f 5d e9 bf ac fc ff e8 6a fa 89 ff 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 ea 57 e8 ff e8 55 fa 89 ff <0f> 0b e9 84 fd ff ff e8 49 fa 89 ff 0f 0b e9 b0 fd ff ff e8 3d fa
[  131.865572][ T6843] RSP: 0000:ffffc9001969f6f0 EFLAGS: 00010293
[  131.871652][ T6843] RAX: ffffffff81fb953b RBX: ffff888059488ae0 RCX: ffff88802b59bc00
[  131.879662][ T6843] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  131.887814][ T6843] RBP: ffffc9001969fb01 R08: ffff888059488ae7 R09: 1ffff1100b29115c
[  131.895971][ T6843] R10: dffffc0000000000 R11: ffffed100b29115d R12: 1ffff1100b2a5027
[  131.904125][ T6843] R13: ffff888059528148 R14: ffff88805de99328 R15: 1ffff1100b2a5029
[  131.912199][ T6843]  ? mark_buffer_dirty+0x2bb/0x4d0
[  131.917429][ T6843]  nilfs_segctor_do_construct+0x32c/0x6870
[  131.923266][ T6843]  ? mark_lock+0x94/0x320
[  131.927712][ T6843]  ? verify_lock_unused+0x140/0x140
[  131.932936][ T6843]  ? verify_lock_unused+0x140/0x140
[  131.938156][ T6843]  ? nilfs_transaction_unlock+0x220/0x220
[  131.944010][ T6843]  ? nilfs_bmap_test_and_clear_dirty+0x50/0x70
[  131.950224][ T6843]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  131.955745][ T6843]  ? __lock_acquire+0x7c80/0x7c80
[  131.960788][ T6843]  ? __rwlock_init+0x150/0x150
[  131.965568][ T6843]  ? do_raw_spin_unlock+0x121/0x230
[  131.970894][ T6843]  ? _raw_spin_unlock+0x28/0x40
[  131.975765][ T6843]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  131.981269][ T6843]  nilfs_segctor_construct+0x17b/0x690
[  131.986853][ T6843]  nilfs_segctor_thread+0x4f6/0x1000
[  131.992300][ T6843]  ? nilfs_iput_work_func+0x70/0x70
[  131.997512][ T6843]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  132.003421][ T6843]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  132.009328][ T6843]  ? wake_bit_function+0x200/0x200
[  132.014448][ T6843]  ? __kthread_parkme+0x7a/0x1c0
[  132.019407][ T6843]  kthread+0x2fa/0x390
[  132.023571][ T6843]  ? nilfs_iput_work_func+0x70/0x70
[  132.028780][ T6843]  ? kthread_blkcg+0xd0/0xd0
[  132.033390][ T6843]  ret_from_fork+0x48/0x80
[  132.037834][ T6843]  ? kthread_blkcg+0xd0/0xd0
[  132.042428][ T6843]  ret_from_fork_asm+0x11/0x20
[  132.047217][ T6843]  </TASK>
[  132.050586][ T6843] Kernel Offset: disabled
[  132.055049][ T6843] Rebooting in 86400 seconds..