last executing test programs:

9m42.279826165s ago: executing program 32 (id=146):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r0, &(0x7f0000000280), 0x10)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x2, &(0x7f0000000080)=0x8, 0x4)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000040)=[{{0x3, 0x1, 0x0, 0x1}, {0x2, 0x1}}, {{0x1, 0x1}, {0x3, 0x1, 0x1, 0x1}}], 0x10)
close(r0)

7m35.994681195s ago: executing program 33 (id=527):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x102, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
ioctl$TUNGETVNETLE(r0, 0x4010744d, &(0x7f0000000180))

7m17.369141964s ago: executing program 34 (id=537):
r0 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x1, &(0x7f00000000c0)="b1", 0x1)

7m13.949470291s ago: executing program 35 (id=565):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000003c0)={0x2, 0x3, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000280)={0x0, 0x0, {0x3}})
close_range(r1, 0xffffffffffffffff, 0x0)

7m3.991362548s ago: executing program 36 (id=577):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000001680)=ANY=[@ANYBLOB="1800000000030000000000000000000095"], &(0x7f0000001700)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x180, 0x4, 0x28}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000010000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)

4m27.557486393s ago: executing program 6 (id=1107):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1e0000000000", @ANYRES32], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

4m26.825216604s ago: executing program 6 (id=1113):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='fd\x00')
fchdir(r0)
r1 = memfd_create(&(0x7f00000000c0)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\t\x90\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92N\a\xa7\x7fN\x9bL\xf8\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bC\xd8\x1c\xe8\x9bYS', 0x0)
write(r1, &(0x7f00000005c0)="6967ae42cbea486d00a74e3deec6fcb4391f745de505000000000000007190ba2b6d59c8958d6f156c9c8a2ac4677b000900ffffffffffffff200000f8bf54da33c42b", 0x43)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r1, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)

4m26.2587445s ago: executing program 6 (id=1117):
bind$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x22, &(0x7f0000000100)='cg\x8coup\x01\a\x06yy\xf3\xd7\xb3\x85\xe3\xf1\xd4\xcc\xae\x9f\xb9\x05/\x88\xb2\x8e\xfb\xae\xcb^F.x'}, 0x3c)
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="34020000", @ANYRES16=r1, @ANYBLOB="050000000000000000003f00000008000300", @ANYRES32=r2, @ANYBLOB="6c005e80080003000300000008000200a609000008000600c0dc000008000900050000000800070098010000200001"], 0x234}}, 0x0)

4m25.530436409s ago: executing program 6 (id=1120):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x260)

4m25.01903545s ago: executing program 6 (id=1123):
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1000, 0x0)
chmod(&(0x7f0000000180)='./file0\x00', 0x23f)
setgroups(0x0, 0x0)
setgid(0xffffffffffffffff)
setreuid(0x0, 0xee01)
faccessat(0xffffffffffffff9c, &(0x7f0000000940)='./file0\x00', 0x2)

4m24.370253205s ago: executing program 6 (id=1128):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x1010006, &(0x7f0000000200)=ANY=[@ANYBLOB='quota,discard=0x000000000000aff9,iocharset=none,iocharset=macgreek,iocharset=iso8859-1,integrity,nodiscard,noquota,uid=', @ANYRESHEX=0x0, @ANYRESOCT=0x0], 0x24, 0x61e3, &(0x7f000000d780)="$eJzs3UuPHFfZB/Cn+jaXvEmsLKK8FkKTxFxCiK/BGAIkWcCCDQvkLbI1mUQWTkC2QU5k4Ylmw4IPAUJiiRBLVnyALNiy4wNgyUYCZYFSqGbOGddUuqdnPJ6ubtfvJ42rnj5V06f87+rLVFWfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADihz/48bkiIq78Mt1wIuL/oh/Ri1ip6rWIWFk7UV/nhdhujucjYrgUUa2//c+zEa9HxCfPRNx/cGe9uvn8Afvx/T/9/fc/eepHf/vj8Mx//nyr/8ak5W7f/s2//3L30bcXAAAAuqgsy7JIH/NPRsQgfbYHAJ58+fW/TPLt6rmrN+esP2q1Wq1ewLquHO9uvYiIzfo61XsGh+MBYMFsxqdtd4EWyb/TBhHxVNudAOZa0XYHOBb3H9xZL1K+Rf31YG2nPZ8Lsif/zWL3+o5J02ma55jM6vG1Ff14bkJ/VmbUh3mS8+8187+y0z5Kyx13/rMyKf/RzqVPnZPz7zfzb3hy8u+Nzb+rcv6DQ+Xflz8AAAAAAMyx/Pf/Ey0f/106+qYcyH7Hf9dm1AcAAAAAAAAAeNwOO/7foDH+3y7j/wEAAMDcqj6rV377zMPbJn0XW3X75SLi6cbyQMeki2VW2+4HAAAAAAAAAAAAAHTJYOcc3stFxDAinl5dLcuy+qlr1od11PUXXde3H7qs7Sd5AADY8ckzjWv5i4jliLicvutvuLq6WpbLK6vlarmylN/PjpaWy5Xa59o8rW5bGh3gDfFgVFa/bLm2Xt20z8vT2pu/r7qvUdk/QMdmo8XAASAidl6N7k96Rfqv16vFVJbPRstvclgQ++z/LCj7PwfR9uMUAAAAOH5lWZZF+jrvk+mYf6/tTgEAM5Ff/5vHBdRqtVqtVj95dV053t16ERGb9XWq9wyG4weABbMZn7bdBVok/04bRMQLbXcCmGtF2x3gWNx/cGe9SPkW9deDNL57PhdkT/6bxfZ6ef1x02ma55jM6vG1Ff14bkJ/np9RH+ZJzr/XzP/KTvsoLXf0/Ms9fyZs6xyjSflX23mihf60Leffb+bfcNz7/6xsRW9s/l2V8x8cKv/+UfL/YCR/AAAAAAA4Vvnv/yfm6vjv6FE3Z6r9jv+ujV3j+PoCAAAAAAAAAI/L/Qd31vN1r/n4/xfGLOf6zydTzr+Qfyfl/HuN/L/aWK5fm7/39sP8//Xgzvofbv3z//P0oPkv5ZkiPbKK9Igo0j0VgzQ9ytZ93tawP6ruaVj0+oN0zk85fDeuxfXYiLN7lu2l/4+H7ef2tFc9HW63l/2d9vN72ge77Xn9C3vah+nsonIlt5+O9fhZXI93tturtqUp2788pb2c0p7z79v/OynnP6j9VPmvpvaiMa3c+7j3uf2+Ph13P29d++Kvzx7/5ky1Ff3dbaurtu+lFvqz/X/y1Ch+cXPjxunbV2/dunEu0mTPrecjTR6znP8w/ew+/7+8056f9+v7672PR4fOf15sxWBi/i/X5qvtfWXGfWtDzn+UfnL+76T28fv/Iuc/ef9/tYX+AAAAAAAAAAAAAAAAwH7Ksty+RPStiLiYrv9p69pMAGC28ut/meTbZ1X3Z3x/avWC18Wc9Wem9WflfPVHrV7Euq4c7816ERF/ra9TvWf41bhfBgDMs88i4h9td4LWyL/D8vf9VdNTbXcGmKmbH37006vXr2/cuNl2TwAAAAAAAACAR5XH/1yrjf98qizLu43l9oz/+nasHXX8z0Ge2R1gdMJA1f3Db9N+tnqjfq823PiLMWn87+Hu3H7jfw+m3N9wSvtoSvvSlPblKe1jL/Soyfm/WBvv/FREnGwMv96F8V+bY953Qc7/pdrjucr/K43l6vmXv1vk/Ht78j9z6/2fn7n54UevXXv/6nsb7218cOHcubMXLl68dOnSmXevXd84u/Nviz0+Xjn/PPa180C7JeefM5d/t+T8v5Rq+XdLzv/LqZZ/t+T88/s9+XdLzj9/9pF/t+T8X0m1/Lsl5/+1VMu/W3L+r6Za/t2S8/96quXfLTn/11It/27J+Z9Otfy7Jed/JtUHzH/luPvFbOT88xEu+3+35PzzmQ3y75ac//lUy79bcv4XUi3/bsn5v55q+XdLzv8bqZZ/t+T8L6Za/t2S8/9mquXfLTn/S6mWf7fk/L+Vavl3S87/26mWf7fk/N9Itfy7Jef/nVTLv1ty/t9Ntfy7Jef/vVTLv1ty/m+mWv7d8vD7/82YMWMmz7T9zAQAAAAAAAAAAAAANM3idOK2txEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgf+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCnv3FiPXXd8B/MzevHYgMRBSJzWwcUwIySa7thNfaFNMuDbcSiAUesF2vWuz4BteuwQayaaBEgmjooq24aEtINTmpSIPPNAKUB5QW6RK0D7QF0SFykNUBRSQKtEK2GrO+f//OzM7O7Nrj9dnzvl8pPjnnTkz58yZM2f3u853BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg1a2vnf9kI8uy5n/5H1uz7HnNv2+e2ppf9qprvYUAAADAlfpF/udzN6QLDq7hRi3L/PNLv/2VpaWlpew9o38+/tmlpXTFVJaNb8qy/LroqR+8t9G6TPBYNtkYafl6pM/qR/tcP9bn+vE+10/0uX5Tn+sn+1y/YgessLn4fUx+Zzvzv24tdml2YzaeX7ezy60ea2waGYm/y8k18tssjR/LFrIT2Xw227Z8sWwjX/5rtzbX9aYsrmukZV3bm0fITx49GrehEfbxzrZ1Ld9n9KPXZFM//cmjR//23LM3d5t9d0Pb/RXbeceO5nZ+PFxSbGsj25T2SdzOkZbt3N7lORlt285Gfrvm3zu387k1bufo8mZuqM7nfDIbyf/+nXw/jbX+Wi/tp+3hsp/dlmXZxeXN7lxmxbqykWxL2yUjy8/PZHFENu+jeSi9MBtb13F66xqO0+ac29l+nHa+JuLzf2u43dgq29D6NP3oYxMtz/vPly7nOI2aj3q110rnMTjo10pZjsF4XHwnf9CPdz0Gd4bH/+jtqx+DXY+dLsdgetwtx+COfsfgyMRovs3pSWjkt1k+Bne1LT+ar6mRz2du730Mzpw7eWZm8SMfvXvh5JHj88fnT+3ZtWt2z969+/fvnzm2cGJ+tvjzMvd2+W3JRtJrYEfYd/E18IqOZVsP1aUvTKw4/17u63Cyx+twa8eyg34djnU+uMbGvCBXHtPFa+NdzZ0+eWkkW+U1lj8/d1756zA97pbX4VjL67Dr95Qur8OxNbwOm8ucuXNtP7OMtfzXbRtW/15wZcfg1pZjsPPnkc5jcNA/j5TlGJwMx8X37lz9e8H2sL2PT6/355HRFcdgerjh3NO8JP28P7k/H92Oy1uaV1w3kZ1fnD97zyNHzp07uysLY0O8qOVY6Txet7Q8pmzF8Tqy7uP14MJLH7+ly+Vbw76avLv5x+Sqz1VzmXvv6f1c5d/duu/Ptkt3Z2EM2Ebvz27fzZv7cyLLPvfNjz309Uc/99pV92czb3585sp/Fk+5tOX8O77K+Tfm/l8W60t39djo+Fjx+h1Ne2e87Xzc/lSN5eeuRr7u52bWdj4eD/9t9Pn4xh7n420dyw76fDze+eDi+bjR77cdV6bz+ZwMx8mJ2d7n4+Yy23av95gc63k+vi3MRtj/rwxJIeWilmNnteM2rWtsbDw8rrG4hvbjdE/b8uMhmzXX9eTu8ENh2sq1Had33FYsP9pyu2ijjtOpjmUHfZym332tdpw2+v327fJ0Pp+T4bi4cU/v47S5zNP3Xvm5c3P8a8u5c6LfMTg+OtHc5vF0EObn+2xpczwG78mOZqezE9lcfu1Efjw18nVN37e2c+VE+G+jz5XbehyDd3QsO+hjMH0fW+3Ya4ytfPAD0Pl8Tobj4on7eh+DzWVet2+wP7veES5Jy7T87Nr5+7XVfud1S8duulrHyljYzm/u6/272eYyJ/avN2f23k93hUuu67KfOl+/q72m5rKN2U/bwnY+u3/1/dTcnuYynz2wxuPpYJZlFz70QP773vDvKxfOf/crbf/u0u3fdC586IEfP//YP61n+wEYfr8sxpbie13Lv0yt5d//AQAAgKEQc/9ImIn8DwAAAJURc3/8v8IT+R8AAAAqI+b+sTCTKuT/P+6/yLbXPbvwywtZauYvBfH6tBseLJaLHdfZ8PXU0rLm5Q98af5//vHC2jZvJMuynz/4R12X3/Zg3K7CVNjOp17ffvkKX7l7Tes+/PCFtN7W/vrnw/3Hx7PWw6BbBXc2y7Kv3fDpfD1T772Uz6cfPJzPhy4+/lhzmecOFF/H2z/zomL5vwrl34PHjrTd/pmwH34Y5uybu++PeLsvX3rl9n3vXl5fvF1jx/X5w37ifcX9xvfJ+cxjxfJxP6+2/V//1JNfbi7/yMu7b/+Fke7b/2S43y+F+b8vKZZvfQ6aX8fbfSJsf1xfvN09X/xG1+1/6pPF8mfeUCx3OMy4/jvC1zvf8OxC6/56pHGk7XFlbyyWi+uf/e6f5tfH+4v337n9k4cute2PzuPj6X8v7memY/l4eVxP9A8d62/eT+vxGdf/5J8cbtvP/db/1EPPvKR5v53rv6tjuTMfujNf//L9tb9j019/4tNd1xe35+Dfn2l7PAffEV7HYf1PvC8cj+H6/3uquL/Od1c4/I72809c/vNbL7Q9nuhNPy3W/9Srj+dz0+TmLdc97/nXX3xZc99l2Xc2FffXb/3H/+Z02/Z/4aZif8TrY0e/c/2ries/++HpU6cXzy/Mpb366A35e+e8pdieuL03hHNr59eHTp97//zZqdmp2Sybqu5b6F22L4b542Jc7L300ooz6J0Ph+fzlr/82pbb/+1T8fL/eFdx+aU3F9+3XhGW+0y4fGt4/ta3/pWeuPWm/PXdeDps4dLK9wu+Ett3/vf+NS0YHn/nzwXxeD/z4vfn+6F5Xf59I76ur3D7vz9X3M9Xw35dCu/MvOOm5fW1Lh/fG+HSO4vX+xXvv3Cai8/r34Xn+60/LO4/bld8vN8PP8d8Y1v7+S4eH1+9MNJ5//m7eFwM55PsYnF9XCru70vP3dR18+L7kGQXb86//rN0Pzev62GuZvEjizMnFk6df2Tm3PziuZnFj3z00MnT50+dO5S/l+ehD/S7/fL5aUt+fpqb33tvlp+tThfjKrvW23/m4aNz+2Zvn5s/duT8sXMPn5k/e/zo4uLR+bnF248cOzb/4X63X5i7f9fuA3v27Z4+vjB3//4DB/YcmF44dbq5GcVG9bF39oPTp84eym+yeP+9B3bdd9+9s9MnT8/N379vdnb6fL/b59+bppu3/sPps/MnjpxbODk/vbjw0fn7dx3Yu3d333cDPHnm2OLUzNnzp2bOL86fnSkey9S5/OLm975+t6eaFv+z+Hm2U6N4I77s7XftTe/P2vSlj616V8UiHW8g+mx4L5pvveDM/rV8HXP/eJhJFfI/AAAAkIu5fyLMRP4HAACAyoi5f1OYifwPAAAAlRFz/2SY6X8JqEn+r1z/f9uFNa1f/1//v3V/6f/XrP//zrL1/4vzhf7/YFxp/17/P9D/1//X/9f/1/9nAMrW/4+5f3OW+fd/AAAAqKiY+7eEmcj/AAAAUBkx918XZiL/AwAAQGXE3P+8MJOa5H/9f/1//X/9f/3/7uvX/x9O+v+96f/3of8/k9Wr/39xkNt/Dfr/m1u/0P+njMrW/4+5//lhJjXJ/wAAAFAHMfdfH2Yi/wMAAEBlxNx/Q5iJ/A8AAACVEXP/1jCTmuR//f8r6v+nzpX+f/v26/+30/8Px4P+v/7/BtD/703/vw/9f5//P1z9/zb6/5RR2fr/Mfe/IMykJvkfAAAA6iDm/heGmcj/AAAAUD5jl3ezmPtfFGayIv9f5goAAACAay7m/huzjiJ4Tf79X//f5//r/+v/6/93X//a+/+jmf5/eej/96b/34f+v/6//r/+PwNVtv5/nvuzyezFYSY1yf8AAABQBzH33xRmIv8DAABAZcTc/ythJvI/AAAAVEbM/dvCTGqS//X/K9P//1nrU6f/r//fa/36/z7/v8r0/3vT/+9D/1//X/9f/5+BKlv/P+b+m8NMapL/AQAAoA5i7r8lzET+BwAAgMqIuf9Xw0zkfwAAAKiMmPu3h5nUJP/r/5e8/x+boz7/X/9f/7+U/f9J/f/SqVn/f6nb959e9P/70P/X/9f/1/9noMrW/4+5/yVhJjXJ/wAAAFAHMfe/NMxE/gcAAIDKiLn/ZWEm8j8AAABURsz9U2EmNcn/6+n/Ny7q/6/mKn/+/8QaPv+/jf6//n+v9ev/+/z/KqtZ/3/d9P/70P/X/9f/1/9noMrW/4+5/9Ywk5rkfwAAAKiDmPt3hJnI/wAAAFAZMfffFmYi/wMAAEBlxNy/M8ykJvnf5/8PRf8/0//X/9f/1//X/18b/f/e9P/70P/X/9f/1/9noMrW/4+5/+VhJjXJ/wAAAFAHMfffHmYi/wMAAEBlxNz/ijAT+R8AAAAqI+b+O8JMapL/9f/1//X/9f/1/7uvX/9/OOn/96b/34f+v/6//r/+P4PyL1kJ+/8x978yzKQm+R8AAADqIOb+O8NM5H8AAACojJj77wozkf8BAACgMmLunw4zqUn+1//X/9f/1//X/+++fv3/4aT/35v+fx/6//r/+v/6/wxU2fr/MfffHWZSk/wPAAAAdRBz/z1hJvI/AAAAVEbM/TNhJvI/AAAAVEbM/bNhJjXJ//r/+v/6//r/6+r/v2z5fvX/C/r/5aL/35v+fx/6//r/17z/P67/T6WUrf8fc/+uMJOa5H8AAACog5j7d4eZyP8AAABQGTH37wkzkf8BAACgMmLuvzfMpCb5X/9f/1//X//f5/93X7/+/3DS/+9t8P3/+BD1//X/9f99/r/+PyuVrf8fc/99YSY1yf8AAABQBzH37w0zkf8BAACgMmLu3xdmIv8DAABAZcTcvz/MpCb5X/9f/1//X/9f/7/7+vX/h5P+f28+/78P/X/9/yHu/zePLf1/yqZs/f+Y+w+EmdQk/wMAAEAdxNz/qjAT+R8AAAAqI+b+Xwszkf8BAACgMmLu//UwsyzbnP+1Jvlf/1//X/9f/7/s/f8J/X/9/3XQ/+9N/78P/X/9/yHu//v8f8qobP3/mPvvDzOpSf4HAACAOoi5/zfCTOR/AAAAqIyY+18dZiL/AwAAQGXE3H8wzKQm+V//f4P6//FC/X/9f/1/n/+v/39V6f/3pv/fh/6//r/+v/4/A1W2/n/M/a8JM6lJ/gcAAIA6iLn/gTAT+R8AAAAqI+b+14aZyP8AAABQGTH3vy7MpCb5X//f5/9f+/7/eNu26/8v307/v6D/r/+/Hvr/ven/96H/r/+v/6//z0CVrf8fc//rw0xqkv8BAACgDmLuf0OYifwPAAAAlRFz/xvDTOR/AAAAqIyY+98UZlKT/K//r/9/7fv/Pv9f/7+g/6//Pwj6/73p//eh/6//r/+v/89Ala3/H3P/b4aZ1CT/AwAAQB3E3P9gmIn8DwAAAJURc/+bw0zkfwAAAKiMmPvfEmZSk/yv/6//r/+v/6//3339+v/DSf+/tyHr///i+nC5/n9B/7/c27/e/v9Yx9dXpf//g9X6/0ubOm+v/8/VULb+f8z9bw0zqUn+BwAAgDqIuf9tYSbyPwAAAFRGzP1vDzOR/wEAAKAyYu7/rTCTmuR//f/mdiy3l/X/9f/zC/T/9f/1/4eW/n9vQ9b/9/n/HfT/y739Pv9f/5+Vytb/j7n/HWEmNcn/AAAAUAcx9z8UZiL/AwAAQGXE3P/OMBP5HwAAACoj5v53hZnUJP/r//v8f/1//X/9/+7r1/8fTvr/ven/96H/r/9ftv7/f+n/M9zK1v+Puf/hMJOa5H8AAACog5j73x1mIv8DAABAZcTc/9thJvI/AAAAVEbM/e8JM6lJ/tf/H5b+/5T+/zr7/xPhMv1//X/9/3rR/+9N/78P/X/9/7L1/33+P0OubP3/mPvfG2ay9vw/ueYlAQAAgGsi5v7fCTOpyb//AwAAQB3E3P+7YSbyPwAAAFRGzP2/F2ZSk/yv/z8s/X+f/5/5/H/9/47Ho/+v/9/NxvX/45lH/1//X/8/0v/X/9f/p1PZ+v8x9/9+mElN8j8AAADUQcz97wszkf8BAABgKHT7f7I7xdx/KMxE/gcAAIDKiLn/cJhJTfK//r/+v/5/Sfv/f7HjX7/37bcd3qX/r/+v/78uG/r5/80Xv8//1//X/0/0//X/9f/pVLb+f8z9R8JMloPfW3zAPwAAAAy3mPv/IMykJv/+DwAAAHUQc//RMBP5HwAAACoj5v65MJOa5H/9f/1//f+S9v+H+PP/4/4Ypv7/9KYh6v/Hk67+f1cb2v9/93JPXP9/vf3/ia6Xdvb/G/r/bfT/173938qyTP9f/59rqGz9/5j758NMapL/AQAAoA5C7h85VszlK+R/AAAAqIyY+4+Hmcj/AAAAUBkx978/zKQm+V//X/9f/1//3+f/d19/afv/Pv+/J/3/3srT/+/O5//r/w/z9uv/6/+zUtn6/zH3L4SZ1CT/AwAAQB3E3P+BMBP5HwAAACoj5v4PhpnI/wAAAFAZMfefCDOpSf7X/9f/1//X/9f/775+/f/hpP/fm/5/H/r/+v/6//r/DFTZ+v8x958MM6lJ/gcA+H/27qPLsrrc4/gpbnHpXkycOXCgc18CAxnrC3DAxIGu5XIAKuZEY46Yc8AsBgygiAlzAhOKWVTMOWBGXe2Cep6nq/rs2qeq+1TV3v//5zO4DxT03QdXL+BH8WUDQA9y918ct9j/AAAA0Izc/ZfELfY/AAAANCN3/0Pjlk72v/5f/99s/38f/f9uz9f/6/9bpv8fp/9fQf+v/9f/6/9Zq6n1/7n7Hxa3dLL/AQAAoAe5+x8et9j/AAAA0Izc/ZfGLfY/AAAANCN3/yPilk72/2n9/8aiz/4/M179f0v9v/f/7/p8/b/+v2WH2/9ffuef+fT/+n/9f9D/6//1/5xuav1/7v5Hxi2d7H8AAADoQe7+R8Ut9j8AAAA0I3f/o+MW+x8AAACakbv/MXFLJ/vf+/+9/1//r//X/w8/X/8/T97/P66n/v/SW86/+Pbr7nH9fp6v/9f/6//1/6zX1Pr/3P2PjVs62f8AAADQg9z9j4tb7H8AAABoRu7+x8ct9j8AAADM0PHBr+buf0Lc0sn+1//r//X/0f8f0//r//X/LdD/j+up/z+T5+v/9f/6f/0/6zW1/j93/xPjlk72PwAAAPQgd/+T4hb7HwAAAKZr6F/EHpG7/7K4xf4HAACAZuTuPxG3dLL/9f8H3///V/8/j/7f+//1//r/Juj/x+n/V9D/6//1//p/1mpq/X/u/svjlk72PwAAAPQgd/+T4xb7HwAAAJqRu/8pcYv9DwAAAM3I3f/UuKWT/a//9/5//b/+X/8//Hz9/zzp/8fp/1fQ/59tP3+u/l//r/9nu332/3eM/Gl7Lf1/7v6nxS2d7H8AAADoQe7+p8ct9j8AAAA0I3f/M+IW+x8AAACakbv/mXFLJ/tf/6//1//r/8+4/1/+qXcX/f8w/f/h0P+Pm0z/v7E5+GX9/+z7f+//1//r/9lhau//z93/rLilk/0PAAAAPcjd/+y4ZWT/7/sf5gMAAABHKnf/c+IW3/8HAACA2cvqLHf/c+OWTva//l//r//X/3v///Dzx/r/67d9Pv3/tOj/x02m/9+F/l//P+fPr//X/7Nsav1/7v7nxS2d7H8AAADoQe7+K+IW+x8AAACakbv/+XGL/Q8AAADNyN3/grilk/0/3P+f+u36/73R/+/8/Pr/4Z8f6+r/8/+j/n+0/7/Q+//7pP8fp/9fQf+v/9f/79b/H1/14/X/DJla/5+7/4VxSyf7HwAAAHqQu/9FcYv9DwAAAM3I3f/iuMX+BwAAgGbk7n9J3NLJ/vf+f/2//n9+/b/3/285yvf/Lw69/9/U/++R/n+c/n8F/b/+X/8//v7/kf8KgP6fIVPr/3P3vzRu6WT/AwAAQA9y978sbrH/AQAAYB62/7sDp/8LpSF3/8vjFvsfAAAAmpG7/xVxSzv7f/Rdnfp//b/+X/+v/x9+/rT6f+//3yv9/zj9/wr6/4Po5zcb6/+v3O3HT6H/v+yg+/8R+n+G7Oj/bzj19aPq/3P3vzJuaWf/AwAAQPdy978qbrH/AQAAoBm5+18dt9j/AAAA0Izc/a+JWzrZ/wfe/4/81wf0//p//b/+X/+v/183/f84/f8K+n/v//f+f/0/a7Wj/9/mqPr/3P2vjVs62f8AAADQg9z9r4tb7H8AAABoRu7+K+MW+x8AAACakbv/9XFLJ/vf+//1//p//b/+f/j5+v95Oqv+/hz9f9H/6//1//p//T9rMLX+P3f/G+KWTvY/AAAA9CB3/xvjFvsfAAAAmpG7/01xi/0PAAAAzcjd/+a4pZP9r/8/2P4/v67/1/8v9P/6f/3/oej2/f8bQ38lWrZL/3/Tg0/cb+dX9P/6f/2//l//zx7dbeS3TaL/P3nq7y5z978lbulk/wMAAEAPcve/NW6x/wEAAKAZufvfFrfY/wAAANCM3P1XxS373P9jzcOU6f+9/1//r//X/w8/X/8/T932/3vk/f8r6P/77P/zT+j6f/0/azeJ/n/br+fuf3vc4vv/AAAA0Izc/e+IW+x/AAAAaEbu/nfGLfY/AAAANCN3/7vilk72v/5f/6//1//r/4efr/+fJ/3/OP3/CnPq/686i/5/c/jL3fb/a/r8+n/9P8um1v/n7r86bulk/wMAAEAPcve/O26x/wEAAKAZufvfE7fY/wAAANCM3P3vjVs62f/6f/2//l//r/8ffr7+f570/+P0/4vF4pqRDzDU/588b5r9v/f/T+7z6//1/yybWv+fu/99cUsn+x8AAAB6kLv/mrjF/gcAAIBm5O6/Nm6x/wEAAKAZufvfH7d0sv/1//p//b/+X/8//Hz9/zzp/8fp/1eY0/v/9f+T+/z6f/0/y6bW/+fu/0Dc0sn+BwAAgB7k7r8ubrH/AQAAoBm5+z8Yt9j/AAAA0Izc/dfHLZ3sf/2//l//r//X/w8/X/8/TwfX/y/0//p//f8K+n/9v/6f002t/8/d/6G4pZP9DwAAAD3I3f/huMX+BwAAgGbk7v9I3GL/AwAAQDNy9380bulk/+v/9f/6f/2//n/4+fr/efL+/3H6/xX0//r/vX7+E8t/96f/1/+zbLj/v+zI+v/c/R+LWzrZ/wAAANCD3P03xC32PwAAADQjd//H4xb7HwAAAJqRu/8TcUsn+1//r//f2f8vFvp//b/+f8sh9P/HFvr/tdP/j9P/r6D/b7P/P2fR0Pv/j+/64/X/TNHU3v+fu/+TcUsn+x8AAAB6kLv/U3GL/Q8AAADNyN3/6bjF/gcAAIBm5O7/TNzSyf7X/+v/vf9f/6//H36+9//Pk/5/nP5/Bf1/m/3/IX1+7//X/7Nsav1/7v7Pxi2d7H8AAADoQe7+z8Ut9j8AAAA0I3f/5+MW+x8AAACakbv/C3FLJ/tf/6//1//r//X/w8/X/8+T/n+c/n8F/b/+X/+v/2etptb/5+7/YtzSyf4HAACAHuTuvzFusf8BAACgGbn7b4pb7H8AAABoRu7+L8Utnex//b/+X/8/z/7/WPv9///nj9P/6//3Yyr9/wUX3Pdm/b/+X/+v/9f/6/97N7X+P3f/l+OWTvY/AAAA9CB3/1fiFvsfAAAAmpG7/6txi/0PAAAAzcjd/7W4pZP9v9z/n7vYKlS3DPX/0ajp/7fR/+/8/Pr/4Z8f3v/v/f/6/4M3lf7f+//P7PPr//X/c/78++r/77X84/X/tGhq/X/u/pvjlk72PwAAAPQgd//X4xb7HwAAAJqRu/8bcYv9DwAAAM3I3X9L3NLJ/vf+f/2//l//r/8ffr7+f570/+P0/yvo//X/3v9/yQP/T//P+kyt/8/d/824pZP9DwAAAD3I3f+tuMX+BwAAgGbk7v923GL/AwAAQDNy938nbulk/+v/9f/6f/2//n/4+fr/edL/j9P/l9P/0Lb00/8fG/riUffzZ+uoP38z/b/3/7NGU+v/c/d/N27pZP8DAABAD3L3fy9usf8BAACgGbn7vx+32P8AAADQjNz9P4hbOtn/+n/9f/v9/wP0/6c9X/+v/2+Z/j//ij5M/79CP/3/oKPu5+f++fX/+n+WTa3/z91/a9zSyf4HAACAHuTu/2HcYv8DAABAM3L3/yhusf8BAACgGbn7fxy3dLL/9f999f8bix77f+//1//r/3ui/x+n/19B/6//1//r/1mrqfX/uftv29jscv8DAADAXN3/3g+5da+/7213/d9ji5/ELRcuTu7x29gAAADAxN25+zc2F4uf3vVrvv8PAAAALcrd/7O4pZP9r//vq//v8/3/+n/9v/6/J/r/cfr/FfT/+n/9v/6ftZpa/5+7/+dxy7bht7nvP0oAAABgSnL3/yJu6eT7/wAAANCD3P2/jFuW9r//HCAAAADMVe7+X8UtnXz/X/8/8f5/cUD9f/x++v8t+n/9/9Dz9f/zpP8fd5b9/8kN/X8n/f/GQv+v/9f/sw5T6/9z9/86bulk/wMAAECjdvwThdz9v4lb7H8AAABoRu7+38Yt9j8AAAA0I3f/7+KWTva//v/Q+/9M1Q/w/f/H65e8/7/z/v+KY4PP1//r/1um/x/n/f8r6P9bef//efp//T/TMLX+P3f/7+OWTvY/AAAA9CB3/x/iFvsfAAAAmpG7/49xi/0PAAAAzcjd/6e4pZP9r/+f+Pv/z6j/38P7//X/ffT/uzy/nf7/7uefuPGiB117tf6fUw6z/8+fC/r/ra+fs4bPr//X/8/58+v/9f8sW3//v7nji/vt/3P3/zlu6WT/AwAAQA9y998et9j/AAAA0Izc/X+JW+x/AAAAaEbu/r/GLZ3sf/2//n8q/X/+b30E/f+JM+7/jy8WiyPp/7MpPtv+fzHz/t/7//X/y7z/f5z3/6+g/9f/6//1/6zV+vv/nV/cb/+fu/9vcUsn+x8AAAB6kLv/73FL7v+Nff+jewAAAGBicvf/I27x/X8AAABoRu7+f8Ytnex//b/+fyr9f/L+/1M/rq33/19UcWqf/f8965f0/wdL/z9O/7+C/l//r//X/7NWU+v/c/f/K27pZP8DAABAD3L33xG32P8AAADQjNz9/45b7H8AAABoRu7+/8Qtnex//X+r/X8W8fp//f9U+n/v//f+/8Oh/x+n/19B/6//1//r/1mrqfX/ufv/FwAA//+aaXUt")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
chdir(&(0x7f00000001c0)='./file0\x00')
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6000, 0x1)

4m22.073370122s ago: executing program 37 (id=1128):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x1010006, &(0x7f0000000200)=ANY=[@ANYBLOB='quota,discard=0x000000000000aff9,iocharset=none,iocharset=macgreek,iocharset=iso8859-1,integrity,nodiscard,noquota,uid=', @ANYRESHEX=0x0, @ANYRESOCT=0x0], 0x24, 0x61e3, &(0x7f000000d780)="$eJzs3UuPHFfZB/Cn+jaXvEmsLKK8FkKTxFxCiK/BGAIkWcCCDQvkLbI1mUQWTkC2QU5k4Ylmw4IPAUJiiRBLVnyALNiy4wNgyUYCZYFSqGbOGddUuqdnPJ6ubtfvJ42rnj5V06f87+rLVFWfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADihz/48bkiIq78Mt1wIuL/oh/Ri1ip6rWIWFk7UV/nhdhujucjYrgUUa2//c+zEa9HxCfPRNx/cGe9uvn8Afvx/T/9/fc/eepHf/vj8Mx//nyr/8ak5W7f/s2//3L30bcXAAAAuqgsy7JIH/NPRsQgfbYHAJ58+fW/TPLt6rmrN+esP2q1Wq1ewLquHO9uvYiIzfo61XsGh+MBYMFsxqdtd4EWyb/TBhHxVNudAOZa0XYHOBb3H9xZL1K+Rf31YG2nPZ8Lsif/zWL3+o5J02ma55jM6vG1Ff14bkJ/VmbUh3mS8+8187+y0z5Kyx13/rMyKf/RzqVPnZPz7zfzb3hy8u+Nzb+rcv6DQ+Xflz8AAAAAAMyx/Pf/Ey0f/106+qYcyH7Hf9dm1AcAAAAAAAAAeNwOO/7foDH+3y7j/wEAAMDcqj6rV377zMPbJn0XW3X75SLi6cbyQMeki2VW2+4HAAAAAAAAAAAAAHTJYOcc3stFxDAinl5dLcuy+qlr1od11PUXXde3H7qs7Sd5AADY8ckzjWv5i4jliLicvutvuLq6WpbLK6vlarmylN/PjpaWy5Xa59o8rW5bGh3gDfFgVFa/bLm2Xt20z8vT2pu/r7qvUdk/QMdmo8XAASAidl6N7k96Rfqv16vFVJbPRstvclgQ++z/LCj7PwfR9uMUAAAAOH5lWZZF+jrvk+mYf6/tTgEAM5Ff/5vHBdRqtVqtVj95dV053t16ERGb9XWq9wyG4weABbMZn7bdBVok/04bRMQLbXcCmGtF2x3gWNx/cGe9SPkW9deDNL57PhdkT/6bxfZ6ef1x02ma55jM6vG1Ff14bkJ/np9RH+ZJzr/XzP/KTvsoLXf0/Ms9fyZs6xyjSflX23mihf60Leffb+bfcNz7/6xsRW9s/l2V8x8cKv/+UfL/YCR/AAAAAAA4Vvnv/yfm6vjv6FE3Z6r9jv+ujV3j+PoCAAAAAAAAAI/L/Qd31vN1r/n4/xfGLOf6zydTzr+Qfyfl/HuN/L/aWK5fm7/39sP8//Xgzvofbv3z//P0oPkv5ZkiPbKK9Igo0j0VgzQ9ytZ93tawP6ruaVj0+oN0zk85fDeuxfXYiLN7lu2l/4+H7ef2tFc9HW63l/2d9vN72ge77Xn9C3vah+nsonIlt5+O9fhZXI93tturtqUp2788pb2c0p7z79v/OynnP6j9VPmvpvaiMa3c+7j3uf2+Ph13P29d++Kvzx7/5ky1Ff3dbaurtu+lFvqz/X/y1Ch+cXPjxunbV2/dunEu0mTPrecjTR6znP8w/ew+/7+8056f9+v7672PR4fOf15sxWBi/i/X5qvtfWXGfWtDzn+UfnL+76T28fv/Iuc/ef9/tYX+AAAAAAAAAAAAAAAAwH7Ksty+RPStiLiYrv9p69pMAGC28ut/meTbZ1X3Z3x/avWC18Wc9Wem9WflfPVHrV7Euq4c7816ERF/ra9TvWf41bhfBgDMs88i4h9td4LWyL/D8vf9VdNTbXcGmKmbH37006vXr2/cuNl2TwAAAAAAAACAR5XH/1yrjf98qizLu43l9oz/+nasHXX8z0Ge2R1gdMJA1f3Db9N+tnqjfq823PiLMWn87+Hu3H7jfw+m3N9wSvtoSvvSlPblKe1jL/Soyfm/WBvv/FREnGwMv96F8V+bY953Qc7/pdrjucr/K43l6vmXv1vk/Ht78j9z6/2fn7n54UevXXv/6nsb7218cOHcubMXLl68dOnSmXevXd84u/Nviz0+Xjn/PPa180C7JeefM5d/t+T8v5Rq+XdLzv/LqZZ/t+T88/s9+XdLzj9/9pF/t+T8X0m1/Lsl5/+1VMu/W3L+r6Za/t2S8/96quXfLTn/11It/27J+Z9Otfy7Jed/JtUHzH/luPvFbOT88xEu+3+35PzzmQ3y75ac//lUy79bcv4XUi3/bsn5v55q+XdLzv8bqZZ/t+T8L6Za/t2S8/9mquXfLTn/S6mWf7fk/L+Vavl3S87/26mWf7fk/N9Itfy7Jef/nVTLv1ty/t9Ntfy7Jef/vVTLv1ty/m+mWv7d8vD7/82YMWMmz7T9zAQAAAAAAAAAAAAANM3idOK2txEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgf+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCnv3FiPXXd8B/MzevHYgMRBSJzWwcUwIySa7thNfaFNMuDbcSiAUesF2vWuz4BteuwQayaaBEgmjooq24aEtINTmpSIPPNAKUB5QW6RK0D7QF0SFykNUBRSQKtEK2GrO+f//OzM7O7Nrj9dnzvl8pPjnnTkz58yZM2f3u853BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg1a2vnf9kI8uy5n/5H1uz7HnNv2+e2ppf9qprvYUAAADAlfpF/udzN6QLDq7hRi3L/PNLv/2VpaWlpew9o38+/tmlpXTFVJaNb8qy/LroqR+8t9G6TPBYNtkYafl6pM/qR/tcP9bn+vE+10/0uX5Tn+sn+1y/YgessLn4fUx+Zzvzv24tdml2YzaeX7ezy60ea2waGYm/y8k18tssjR/LFrIT2Xw227Z8sWwjX/5rtzbX9aYsrmukZV3bm0fITx49GrehEfbxzrZ1Ld9n9KPXZFM//cmjR//23LM3d5t9d0Pb/RXbeceO5nZ+PFxSbGsj25T2SdzOkZbt3N7lORlt285Gfrvm3zu387k1bufo8mZuqM7nfDIbyf/+nXw/jbX+Wi/tp+3hsp/dlmXZxeXN7lxmxbqykWxL2yUjy8/PZHFENu+jeSi9MBtb13F66xqO0+ac29l+nHa+JuLzf2u43dgq29D6NP3oYxMtz/vPly7nOI2aj3q110rnMTjo10pZjsF4XHwnf9CPdz0Gd4bH/+jtqx+DXY+dLsdgetwtx+COfsfgyMRovs3pSWjkt1k+Bne1LT+ar6mRz2du730Mzpw7eWZm8SMfvXvh5JHj88fnT+3ZtWt2z969+/fvnzm2cGJ+tvjzMvd2+W3JRtJrYEfYd/E18IqOZVsP1aUvTKw4/17u63Cyx+twa8eyg34djnU+uMbGvCBXHtPFa+NdzZ0+eWkkW+U1lj8/d1756zA97pbX4VjL67Dr95Qur8OxNbwOm8ucuXNtP7OMtfzXbRtW/15wZcfg1pZjsPPnkc5jcNA/j5TlGJwMx8X37lz9e8H2sL2PT6/355HRFcdgerjh3NO8JP28P7k/H92Oy1uaV1w3kZ1fnD97zyNHzp07uysLY0O8qOVY6Txet7Q8pmzF8Tqy7uP14MJLH7+ly+Vbw76avLv5x+Sqz1VzmXvv6f1c5d/duu/Ptkt3Z2EM2Ebvz27fzZv7cyLLPvfNjz309Uc/99pV92czb3585sp/Fk+5tOX8O77K+Tfm/l8W60t39djo+Fjx+h1Ne2e87Xzc/lSN5eeuRr7u52bWdj4eD/9t9Pn4xh7n420dyw76fDze+eDi+bjR77cdV6bz+ZwMx8mJ2d7n4+Yy23av95gc63k+vi3MRtj/rwxJIeWilmNnteM2rWtsbDw8rrG4hvbjdE/b8uMhmzXX9eTu8ENh2sq1Had33FYsP9pyu2ijjtOpjmUHfZym332tdpw2+v327fJ0Pp+T4bi4cU/v47S5zNP3Xvm5c3P8a8u5c6LfMTg+OtHc5vF0EObn+2xpczwG78mOZqezE9lcfu1Efjw18nVN37e2c+VE+G+jz5XbehyDd3QsO+hjMH0fW+3Ya4ytfPAD0Pl8Tobj4on7eh+DzWVet2+wP7veES5Jy7T87Nr5+7XVfud1S8duulrHyljYzm/u6/272eYyJ/avN2f23k93hUuu67KfOl+/q72m5rKN2U/bwnY+u3/1/dTcnuYynz2wxuPpYJZlFz70QP773vDvKxfOf/crbf/u0u3fdC586IEfP//YP61n+wEYfr8sxpbie13Lv0yt5d//AQAAgKEQc/9ImIn8DwAAAJURc3/8v8IT+R8AAAAqI+b+sTCTKuT/P+6/yLbXPbvwywtZauYvBfH6tBseLJaLHdfZ8PXU0rLm5Q98af5//vHC2jZvJMuynz/4R12X3/Zg3K7CVNjOp17ffvkKX7l7Tes+/PCFtN7W/vrnw/3Hx7PWw6BbBXc2y7Kv3fDpfD1T772Uz6cfPJzPhy4+/lhzmecOFF/H2z/zomL5vwrl34PHjrTd/pmwH34Y5uybu++PeLsvX3rl9n3vXl5fvF1jx/X5w37ifcX9xvfJ+cxjxfJxP6+2/V//1JNfbi7/yMu7b/+Fke7b/2S43y+F+b8vKZZvfQ6aX8fbfSJsf1xfvN09X/xG1+1/6pPF8mfeUCx3OMy4/jvC1zvf8OxC6/56pHGk7XFlbyyWi+uf/e6f5tfH+4v337n9k4cute2PzuPj6X8v7memY/l4eVxP9A8d62/eT+vxGdf/5J8cbtvP/db/1EPPvKR5v53rv6tjuTMfujNf//L9tb9j019/4tNd1xe35+Dfn2l7PAffEV7HYf1PvC8cj+H6/3uquL/Od1c4/I72809c/vNbL7Q9nuhNPy3W/9Srj+dz0+TmLdc97/nXX3xZc99l2Xc2FffXb/3H/+Z02/Z/4aZif8TrY0e/c/2ries/++HpU6cXzy/Mpb366A35e+e8pdieuL03hHNr59eHTp97//zZqdmp2Sybqu5b6F22L4b542Jc7L300ooz6J0Ph+fzlr/82pbb/+1T8fL/eFdx+aU3F9+3XhGW+0y4fGt4/ta3/pWeuPWm/PXdeDps4dLK9wu+Ett3/vf+NS0YHn/nzwXxeD/z4vfn+6F5Xf59I76ur3D7vz9X3M9Xw35dCu/MvOOm5fW1Lh/fG+HSO4vX+xXvv3Cai8/r34Xn+60/LO4/bld8vN8PP8d8Y1v7+S4eH1+9MNJ5//m7eFwM55PsYnF9XCru70vP3dR18+L7kGQXb86//rN0Pzev62GuZvEjizMnFk6df2Tm3PziuZnFj3z00MnT50+dO5S/l+ehD/S7/fL5aUt+fpqb33tvlp+tThfjKrvW23/m4aNz+2Zvn5s/duT8sXMPn5k/e/zo4uLR+bnF248cOzb/4X63X5i7f9fuA3v27Z4+vjB3//4DB/YcmF44dbq5GcVG9bF39oPTp84eym+yeP+9B3bdd9+9s9MnT8/N379vdnb6fL/b59+bppu3/sPps/MnjpxbODk/vbjw0fn7dx3Yu3d333cDPHnm2OLUzNnzp2bOL86fnSkey9S5/OLm975+t6eaFv+z+Hm2U6N4I77s7XftTe/P2vSlj616V8UiHW8g+mx4L5pvveDM/rV8HXP/eJhJFfI/AAAAkIu5fyLMRP4HAACAyoi5f1OYifwPAAAAlRFz/2SY6X8JqEn+r1z/f9uFNa1f/1//v3V/6f/XrP//zrL1/4vzhf7/YFxp/17/P9D/1//X/9f/1/9nAMrW/4+5f3OW+fd/AAAAqKiY+7eEmcj/AAAAUBkx918XZiL/AwAAQGXE3P+8MJOa5H/9f/1//X/9f/3/7uvX/x9O+v+96f/3of8/k9Wr/39xkNt/Dfr/m1u/0P+njMrW/4+5//lhJjXJ/wAAAFAHMfdfH2Yi/wMAAEBlxNx/Q5iJ/A8AAACVEXP/1jCTmuR//f8r6v+nzpX+f/v26/+30/8Px4P+v/7/BtD/703/vw/9f5//P1z9/zb6/5RR2fr/Mfe/IMykJvkfAAAA6iDm/heGmcj/AAAAUD5jl3ezmPtfFGayIv9f5goAAACAay7m/huzjiJ4Tf79X//f5//r/+v/6/93X//a+/+jmf5/eej/96b/34f+v/6//r/+PwNVtv5/nvuzyezFYSY1yf8AAABQBzH33xRmIv8DAABAZcTc/ythJvI/AAAAVEbM/dvCTGqS//X/K9P//1nrU6f/r//fa/36/z7/v8r0/3vT/+9D/1//X/9f/5+BKlv/P+b+m8NMapL/AQAAoA5i7r8lzET+BwAAgMqIuf9Xw0zkfwAAAKiMmPu3h5nUJP/r/5e8/x+boz7/X/9f/7+U/f9J/f/SqVn/f6nb959e9P/70P/X/9f/1/9noMrW/4+5/yVhJjXJ/wAAAFAHMfe/NMxE/gcAAIDKiLn/ZWEm8j8AAABURsz9U2EmNcn/6+n/Ny7q/6/mKn/+/8QaPv+/jf6//n+v9ev/+/z/KqtZ/3/d9P/70P/X/9f/1/9noMrW/4+5/9Ywk5rkfwAAAKiDmPt3hJnI/wAAAFAZMfffFmYi/wMAAEBlxNy/M8ykJvnf5/8PRf8/0//X/9f/1//X/18b/f/e9P/70P/X/9f/1/9noMrW/4+5/+VhJjXJ/wAAAFAHMfffHmYi/wMAAEBlxNz/ijAT+R8AAAAqI+b+O8JMapL/9f/1//X/9f/1/7uvX/9/OOn/96b/34f+v/6//r/+P4PyL1kJ+/8x978yzKQm+R8AAADqIOb+O8NM5H8AAACojJj77wozkf8BAACgMmLunw4zqUn+1//X/9f/1//X/+++fv3/4aT/35v+fx/6//r/+v/6/wxU2fr/MfffHWZSk/wPAAAAdRBz/z1hJvI/AAAAVEbM/TNhJvI/AAAAVEbM/bNhJjXJ//r/+v/6//r/6+r/v2z5fvX/C/r/5aL/35v+fx/6//r/17z/P67/T6WUrf8fc/+uMJOa5H8AAACog5j7d4eZyP8AAABQGTH37wkzkf8BAACgMmLuvzfMpCb5X/9f/1//X//f5/93X7/+/3DS/+9t8P3/+BD1//X/9f99/r/+PyuVrf8fc/99YSY1yf8AAABQBzH37w0zkf8BAACgMmLu3xdmIv8DAABAZcTcvz/MpCb5X/9f/1//X/9f/7/7+vX/h5P+f28+/78P/X/9/yHu/zePLf1/yqZs/f+Y+w+EmdQk/wMAAEAdxNz/qjAT+R8AAAAqI+b+Xwszkf8BAACgMmLu//UwsyzbnP+1Jvlf/1//X/9f/7/s/f8J/X/9/3XQ/+9N/78P/X/9/yHu//v8f8qobP3/mPvvDzOpSf4HAACAOoi5/zfCTOR/AAAAqIyY+18dZiL/AwAAQGXE3H8wzKQm+V//f4P6//FC/X/9f/1/n/+v/39V6f/3pv/fh/6//r/+v/4/A1W2/n/M/a8JM6lJ/gcAAIA6iLn/gTAT+R8AAAAqI+b+14aZyP8AAABQGTH3vy7MpCb5X//f5/9f+/7/eNu26/8v307/v6D/r/+/Hvr/ven/96H/r/+v/6//z0CVrf8fc//rw0xqkv8BAACgDmLuf0OYifwPAAAAlRFz/xvDTOR/AAAAqIyY+98UZlKT/K//r/9/7fv/Pv9f/7+g/6//Pwj6/73p//eh/6//r/+v/89Ala3/H3P/b4aZ1CT/AwAAQB3E3P9gmIn8DwAAAJURc/+bw0zkfwAAAKiMmPvfEmZSk/yv/6//r/+v/6//3339+v/DSf+/tyHr///i+nC5/n9B/7/c27/e/v9Yx9dXpf//g9X6/0ubOm+v/8/VULb+f8z9bw0zqUn+BwAAgDqIuf9tYSbyPwAAAFRGzP1vDzOR/wEAAKAyYu7/rTCTmuR//f/mdiy3l/X/9f/zC/T/9f/1/4eW/n9vQ9b/9/n/HfT/y739Pv9f/5+Vytb/j7n/HWEmNcn/AAAAUAcx9z8UZiL/AwAAQGXE3P/OMBP5HwAAACoj5v53hZnUJP/r//v8f/1//X/9/+7r1/8fTvr/ven/96H/r/9ftv7/f+n/M9zK1v+Puf/hMJOa5H8AAACog5j73x1mIv8DAABAZcTc/9thJvI/AAAAVEbM/e8JM6lJ/tf/H5b+/5T+/zr7/xPhMv1//X/9/3rR/+9N/78P/X/9/7L1/33+P0OubP3/mPvfG2ay9vw/ueYlAQAAgGsi5v7fCTOpyb//AwAAQB3E3P+7YSbyPwAAAFRGzP2/F2ZSk/yv/z8s/X+f/5/5/H/9/47Ho/+v/9/NxvX/45lH/1//X/8/0v/X/9f/p1PZ+v8x9/9+mElN8j8AAADUQcz97wszkf8BAABgKHT7f7I7xdx/KMxE/gcAAIDKiLn/cJhJTfK//r/+v/5/Sfv/f7HjX7/37bcd3qX/r/+v/78uG/r5/80Xv8//1//X/0/0//X/9f/pVLb+f8z9R8JMloPfW3zAPwAAAAy3mPv/IMykJv/+DwAAAHUQc//RMBP5HwAAACoj5v65MJOa5H/9f/1//f+S9v+H+PP/4/4Ypv7/9KYh6v/Hk67+f1cb2v9/93JPXP9/vf3/ia6Xdvb/G/r/bfT/173938qyTP9f/59rqGz9/5j758NMapL/AQAAoA5C7h85VszlK+R/AAAAqIyY+4+Hmcj/AAAAUBkx978/zKQm+V//X/9f/1//3+f/d19/afv/Pv+/J/3/3srT/+/O5//r/w/z9uv/6/+zUtn6/zH3L4SZ1CT/AwAAQB3E3P+BMBP5HwAAACoj5v4PhpnI/wAAAFAZMfefCDOpSf7X/9f/1//X/9f/775+/f/hpP/fm/5/H/r/+v/6//r/DFTZ+v8x958MM6lJ/gcA+H/27qPLsrrc4/gpbnHpXkycOXCgc18CAxnrC3DAxIGu5XIAKuZEY46Yc8AsBgygiAlzAhOKWVTMOWBGXe2Cep6nq/rs2qeq+1TV3v//5zO4DxT03QdXL+BH8WUDQA9y918ct9j/AAAA0Izc/ZfELfY/AAAANCN3/0Pjlk72v/5f/99s/38f/f9uz9f/6/9bpv8fp/9fQf+v/9f/6/9Zq6n1/7n7Hxa3dLL/AQAAoAe5+x8et9j/AAAA0Izc/ZfGLfY/AAAANCN3/yPilk72/2n9/8aiz/4/M179f0v9v/f/7/p8/b/+v2WH2/9ffuef+fT/+n/9f9D/6//1/5xuav1/7v5Hxi2d7H8AAADoQe7+R8Ut9j8AAAA0I3f/o+MW+x8AAACakbv/MXFLJ/vf+/+9/1//r//X/w8/X/8/T97/P66n/v/SW86/+Pbr7nH9fp6v/9f/6//1/6zX1Pr/3P2PjVs62f8AAADQg9z9j4tb7H8AAABoRu7+x8ct9j8AAADM0PHBr+buf0Lc0sn+1//r//X/0f8f0//r//X/LdD/j+up/z+T5+v/9f/6f/0/6zW1/j93/xPjlk72PwAAAPQgd/+T4hb7HwAAAKZr6F/EHpG7/7K4xf4HAACAZuTuPxG3dLL/9f8H3///V/8/j/7f+//1//r/Juj/x+n/V9D/6//1//p/1mpq/X/u/svjlk72PwAAAPQgd/+T4xb7HwAAAJqRu/8pcYv9DwAAAM3I3f/UuKWT/a//9/5//b/+X/8//Hz9/zzp/8fp/1fQ/59tP3+u/l//r/9nu332/3eM/Gl7Lf1/7v6nxS2d7H8AAADoQe7+p8ct9j8AAAA0I3f/M+IW+x8AAACakbv/mXFLJ/tf/6//1//r/8+4/1/+qXcX/f8w/f/h0P+Pm0z/v7E5+GX9/+z7f+//1//r/9lhau//z93/rLilk/0PAAAAPcjd/+y4ZWT/7/sf5gMAAABHKnf/c+IW3/8HAACA2cvqLHf/c+OWTva//l//r//X/3v///Dzx/r/67d9Pv3/tOj/x02m/9+F/l//P+fPr//X/7Nsav1/7v7nxS2d7H8AAADoQe7+K+IW+x8AAACakbv/+XGL/Q8AAADNyN3/grilk/0/3P+f+u36/73R/+/8/Pr/4Z8f6+r/8/+j/n+0/7/Q+//7pP8fp/9fQf+v/9f/79b/H1/14/X/DJla/5+7/4VxSyf7HwAAAHqQu/9FcYv9DwAAAM3I3f/iuMX+BwAAgGbk7n9J3NLJ/vf+f/2//n9+/b/3/285yvf/Lw69/9/U/++R/n+c/n8F/b/+X/8//v7/kf8KgP6fIVPr/3P3vzRu6WT/AwAAQA9y978sbrH/AQAAYB62/7sDp/8LpSF3/8vjFvsfAAAAmpG7/xVxSzv7f/Rdnfp//b/+X/+v/x9+/rT6f+//3yv9/zj9/wr6/4Po5zcb6/+v3O3HT6H/v+yg+/8R+n+G7Oj/bzj19aPq/3P3vzJuaWf/AwAAQPdy978qbrH/AQAAoBm5+18dt9j/AAAA0Izc/a+JWzrZ/wfe/4/81wf0//p//b/+X/+v/183/f84/f8K+n/v//f+f/0/a7Wj/9/mqPr/3P2vjVs62f8AAADQg9z9r4tb7H8AAABoRu7+K+MW+x8AAACakbv/9XFLJ/vf+//1//p//b/+f/j5+v95Oqv+/hz9f9H/6//1//p//T9rMLX+P3f/G+KWTvY/AAAA9CB3/xvjFvsfAAAAmpG7/01xi/0PAAAAzcjd/+a4pZP9r/8/2P4/v67/1/8v9P/6f/3/oej2/f8bQ38lWrZL/3/Tg0/cb+dX9P/6f/2//l//zx7dbeS3TaL/P3nq7y5z978lbulk/wMAAEAPcve/NW6x/wEAAKAZufvfFrfY/wAAANCM3P1XxS373P9jzcOU6f+9/1//r//X/w8/X/8/T932/3vk/f8r6P/77P/zT+j6f/0/azeJ/n/br+fuf3vc4vv/AAAA0Izc/e+IW+x/AAAAaEbu/nfGLfY/AAAANCN3/7vilk72v/5f/6//1//r/4efr/+fJ/3/OP3/CnPq/686i/5/c/jL3fb/a/r8+n/9P8um1v/n7r86bulk/wMAAEAPcve/O26x/wEAAKAZufvfE7fY/wAAANCM3P3vjVs62f/6f/2//l//r/8ffr7+f570/+P0/4vF4pqRDzDU/588b5r9v/f/T+7z6//1/yybWv+fu/99cUsn+x8AAAB6kLv/mrjF/gcAAIBm5O6/Nm6x/wEAAKAZufvfH7d0sv/1//p//b/+X/8//Hz9/zzp/8fp/1eY0/v/9f+T+/z6f/0/y6bW/+fu/0Dc0sn+BwAAgB7k7r8ubrH/AQAAoBm5+z8Yt9j/AAAA0Izc/dfHLZ3sf/2//l//r//X/w8/X/8/TwfX/y/0//p//f8K+n/9v/6f002t/8/d/6G4pZP9DwAAAD3I3f/huMX+BwAAgGbk7v9I3GL/AwAAQDNy9380bulk/+v/9f/6f/2//n/4+fr/efL+/3H6/xX0//r/vX7+E8t/96f/1/+zbLj/v+zI+v/c/R+LWzrZ/wAAANCD3P03xC32PwAAADQjd//H4xb7HwAAAJqRu/8TcUsn+1//r//f2f8vFvp//b/+f8sh9P/HFvr/tdP/j9P/r6D/b7P/P2fR0Pv/j+/64/X/TNHU3v+fu/+TcUsn+x8AAAB6kLv/U3GL/Q8AAADNyN3/6bjF/gcAAIBm5O7/TNzSyf7X/+v/vf9f/6//H36+9//Pk/5/nP5/Bf1/m/3/IX1+7//X/7Nsav1/7v7Pxi2d7H8AAADoQe7+z8Ut9j8AAAA0I3f/5+MW+x8AAACakbv/C3FLJ/tf/6//1//r//X/w8/X/8+T/n+c/n8F/b/+X/+v/2etptb/5+7/YtzSyf4HAACAHuTuvzFusf8BAACgGbn7b4pb7H8AAABoRu7+L8Utnex//b/+X/8/z/7/WPv9///nj9P/6//3Yyr9/wUX3Pdm/b/+X/+v/9f/6/97N7X+P3f/l+OWTvY/AAAA9CB3/1fiFvsfAAAAmpG7/6txi/0PAAAAzcjd/7W4pZP9v9z/n7vYKlS3DPX/0ajp/7fR/+/8/Pr/4Z8f3v/v/f/6/4M3lf7f+//P7PPr//X/c/78++r/77X84/X/tGhq/X/u/pvjlk72PwAAAPQgd//X4xb7HwAAAJqRu/8bcYv9DwAAAM3I3X9L3NLJ/vf+f/2//l//r/8ffr7+f570/+P0/yvo//X/3v9/yQP/T//P+kyt/8/d/824pZP9DwAAAD3I3f+tuMX+BwAAgGbk7v923GL/AwAAQDNy938nbulk/+v/9f/6f/2//n/4+fr/edL/j9P/l9P/0Lb00/8fG/riUffzZ+uoP38z/b/3/7NGU+v/c/d/N27pZP8DAABAD3L3fy9usf8BAACgGbn7vx+32P8AAADQjNz9P4hbOtn/+n/9f/v9/wP0/6c9X/+v/2+Z/j//ij5M/79CP/3/oKPu5+f++fX/+n+WTa3/z91/a9zSyf4HAACAHuTu/2HcYv8DAABAM3L3/yhusf8BAACgGbn7fxy3dLL/9f999f8bix77f+//1//r/3ui/x+n/19B/6//1//r/1mrqfX/uftv29jscv8DAADAXN3/3g+5da+/7213/d9ji5/ELRcuTu7x29gAAADAxN25+zc2F4uf3vVrvv8PAAAALcrd/7O4pZP9r//vq//v8/3/+n/9v/6/J/r/cfr/FfT/+n/9v/6ftZpa/5+7/+dxy7bht7nvP0oAAABgSnL3/yJu6eT7/wAAANCD3P2/jFuW9r//HCAAAADMVe7+X8UtnXz/X/8/8f5/cUD9f/x++v8t+n/9/9Dz9f/zpP8fd5b9/8kN/X8n/f/GQv+v/9f/sw5T6/9z9/86bulk/wMAAECjdvwThdz9v4lb7H8AAABoRu7+38Yt9j8AAAA0I3f/7+KWTva//v/Q+/9M1Q/w/f/H65e8/7/z/v+KY4PP1//r/1um/x/n/f8r6P9bef//efp//T/TMLX+P3f/7+OWTvY/AAAA9CB3/x/iFvsfAAAAmpG7/49xi/0PAAAAzcjd/6e4pZP9r/+f+Pv/z6j/38P7//X/ffT/uzy/nf7/7uefuPGiB117tf6fUw6z/8+fC/r/ra+fs4bPr//X/8/58+v/9f8sW3//v7nji/vt/3P3/zlu6WT/AwAAQA9y998et9j/AAAA0Izc/X+JW+x/AAAAaEbu/r/GLZ3sf/2//n8q/X/+b30E/f+JM+7/jy8WiyPp/7MpPtv+fzHz/t/7//X/y7z/f5z3/6+g/9f/6//1/6zV+vv/nV/cb/+fu/9vcUsn+x8AAAB6kLv/73FL7v+Nff+jewAAAGBicvf/I27x/X8AAABoRu7+f8Ytnex//b/+fyr9f/L+/1M/rq33/19UcWqf/f8965f0/wdL/z9O/7+C/l//r//X/7NWU+v/c/f/K27pZP8DAABAD3L33xG32P8AAADQjNz9/45b7H8AAABoRu7+/8Qtnex//X+r/X8W8fp//f9U+n/v//f+/8Oh/x+n/19B/6//1//r/1mrqfX/ufv/FwAA//+aaXUt")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
chdir(&(0x7f00000001c0)='./file0\x00')
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6000, 0x1)

3m49.997714145s ago: executing program 8 (id=1232):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@mcast1, 0x0, 0xe, 0x4e20, 0x0, 0x2}, {0x1, 0x7, 0x0, 0x0, 0xfffffffffffffffe, 0x2, 0x10000}, {0x0, 0x0, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0x2, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x4, 0x0, 0x0, 0x5}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r1, &(0x7f0000007fc0), 0x800001d, 0xbb8)

3m47.029236165s ago: executing program 8 (id=1245):
r0 = fsopen(&(0x7f0000000000)='pipefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
unshare(0x20000400)
r2 = landlock_create_ruleset(&(0x7f00000000c0)={0x5949}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r2, 0x1, &(0x7f0000000080)={0x1008, r1}, 0x0)

3m46.291981372s ago: executing program 8 (id=1247):
r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, r1)
r3 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, r2)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000180)=@chain={'key_or_keyring:', r0})
keyctl$link(0x8, r3, r2)

3m45.134229223s ago: executing program 8 (id=1252):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000140)={[{@nouid32}]}, 0x1, 0x461, &(0x7f0000000540)="$eJzs3U9sFGUfB/DvbrslAd638OZVEf9VUCmi1LYmSIKJRDnJxWDiuaGFEAs1tCZCiNHEgzcvJp49KDePHDwZD3jUBC/e1JMxEkMkntSa2e7Qbdkt3dB2q/v5JLP7zM6wz2/m4ffM7MOTIUDPGipeKsn2JN8mGVxYXbrD0MLbzRuXTv5+49LJSubnT/xaqe/3241LJ8tdyz+3rXipJsPVpPpeJQ+0qHf2wsXXJ6anp8431kfmzr4xMnvh4tNnzk6cnjo9dW700OHnxkcPjY2Pr9mxvnz57RPbXnnh2AeT136ZufzD50W82xvbmo9jrQxlaOm5bPLEWlfWZfc0lSv9XQyEjvQlKZqrVs//wfRlsfEG89X3XQ0OWFfzhS1tN78zD/yLVdLtCIDuKC/0xe/fcll6C3BsXe8/6K7rRxd+ABbtfrOxLGzpT7WxT23Z7/u1NJTkyJVjnxVL1mkcBgAAAKCXfXE0yVOtxv+qubdpv6J8X5JdSe5Psjupz+t5MMlDSR5O8kg5n6gDy/dfPv5TaTeBhjVx/WhypDG3a+n4Xzn6lx19jbX/FCupVU6dmZ56Jsl/kwyntqVYH12hjqtf//VNu23N43/FUtRfjgU24vi5f9m/T09OzE3czTGz6Pq7ye7+Vu1fuTUTqEjBR5Ps6eSLa4vFH/fsP91utzu3P+tp/uNkX8v8b3S81w7X31aYnzlS7w9Gyl7hdu+Pjr3Urv4W7V9UrP03SJH/W1dq/2RHpXm+7mzndVzddeX5dts67/+/+6To/wcqr9YDHGh8+tbE3Nz50WSgcvz2z8c6j/mfrf1NU3k+yvNVtP/w3tbX//81fdveJI8lebwxd3lf/dqf7E/yZJIDK0Tz54uHXkvzHUUT/X93Fe0/2TL/b00NWJb/nReO7PzoeLv6V5f/z9b/Qg83PnH/d2erbaBuxwkAAAAAAADA2qjWn4FXqR68Va5WDx5ceIbf/7O1Oj0zO3fg1Myb5yYXnpW3I7VqOdNrsGk+6Gi9vLg+tmx9PMnOJB/2/dF48sDM9GS3Dx563LY2+V/4qa/b0QHrzvNaoXetIv9rGxEHsPFc/6F3yX/oXfIfepf8h94l/6F3yX/oXavP/4F1jQPYeK7/0JPu5rl+m63Qn00RRstCOX+qS2GU/yX/Jjkbm7Pw6ZfJBtTVl2SzHPIKhW72SgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACbx98BAAD//5IX2eo=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x105042, 0x1db)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
writev(r0, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x60000}], 0x1)

3m43.33520851s ago: executing program 8 (id=1256):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xd4bb, 0x0, 0xfffffffd}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x80800})
listen(r0, 0x5)
io_uring_enter(r1, 0x3517, 0xc2de, 0x9, 0x0, 0x0)

3m42.440506496s ago: executing program 8 (id=1260):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001300)=ANY=[@ANYBLOB="38010000000101040000000000000000020000002c0001801400018008000100ac14143208000200ac1414000c00028005000100000000000600034000020000240002801400018008000100e000000108000200e00000010c0002800500010000000000080007"], 0x138}}, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x200480c5}, 0x0)

3m40.506748859s ago: executing program 38 (id=1260):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001300)=ANY=[@ANYBLOB="38010000000101040000000000000000020000002c0001801400018008000100ac14143208000200ac1414000c00028005000100000000000600034000020000240002801400018008000100e000000108000200e00000010c0002800500010000000000080007"], 0x138}}, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)={0x38, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x200480c5}, 0x0)

2m57.765568254s ago: executing program 1 (id=1443):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x200000, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x2def, 0x4000, 0x0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

2m56.424808041s ago: executing program 1 (id=1448):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r0}, 0x18)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)

2m53.600500016s ago: executing program 1 (id=1458):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @empty}, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)

2m52.499216476s ago: executing program 1 (id=1463):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r0, &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000080)={0x2, 0xf8, 0x40000, {r0}}, 0x20)

2m51.314741895s ago: executing program 1 (id=1467):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x1, 0x0, 0x0, 0x10, "00090000000000000000000a000200"})
r2 = syz_open_pts(r1, 0x120800)
r3 = dup3(r2, r0, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000100)=0x1a)

2m46.888945158s ago: executing program 1 (id=1481):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x40100001, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000240)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000002c0)={r2, <r3=>0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000580)={0x0, 0x0, r3, r4, 0x3, 0x0, 0xffffffff, 0x804, {0xac7c, 0x1, 0x7, 0x69, 0xf4b, 0x2, 0x2, 0x5, 0x412f, 0xe154, 0x1000, 0x7, 0xb2bf, 0x3, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}})

2m44.618897053s ago: executing program 39 (id=1481):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x40100001, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000240)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000002c0)={r2, <r3=>0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000580)={0x0, 0x0, r3, r4, 0x3, 0x0, 0xffffffff, 0x804, {0xac7c, 0x1, 0x7, 0x69, 0xf4b, 0x2, 0x2, 0x5, 0x412f, 0xe154, 0x1000, 0x7, 0xb2bf, 0x3, "fe1d00003413000000000000000caa000000090000000000000004b427180010"}})

2m39.210388176s ago: executing program 7 (id=1506):
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x1, 0x1, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xe1000, 0x280000b, 0x28011, r1, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)

2m38.214950353s ago: executing program 7 (id=1509):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000002300)='./file0\x00')
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f00000000c0)='./file0\x00', 0xa4000608)
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)

2m37.813401671s ago: executing program 7 (id=1512):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r0, &(0x7f0000001400)=[{{&(0x7f0000000140)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000001c00)='{', 0x1}], 0x1}}], 0x1, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f0000001a40)=[{&(0x7f0000000000)=@in={0x2, 0x0, @multicast1}, 0x10, 0x0}], 0x1, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={r2, 0x7}, 0x8)

2m37.244196341s ago: executing program 7 (id=1515):
syz_mount_image$exfat(&(0x7f0000000700), &(0x7f0000000640)='./file0\x00', 0x810450, &(0x7f0000000280)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c696f636861727365743d69736f383835392d312c646d61736b3d30303030303030303030303033373737373737373737372c696f636861727365743d6b6f69382d72752c696f636861727365743d63703433372c6e616d65636173653d312c6e616d65636173653d312c009a8d4d9016e3d8128333e260a1b926dd0c5f7619710e03ea1ae6521494f87e5737dc0c5bec3f76668140a15258818b6fbc51f9a13940e63c378688559c351287f0e09ef0b7330db20eef797e5004484649e7f5fb64b746683a75b9ed822f5ae34fac"], 0x1, 0x1501, &(0x7f0000000780)="$eJzs3AuYzlW7MPD7Xmv9GdOkp0kOw1rr/vOkwTJJkkOKHJIkSZKcEpImSRISQ0gSkpwPk+QwhOQwjUnjfD7knDR5pUmSkJzC+q7pbW/vu3v3297f2/581577d13rmnXPeu71rDX3zDz/9b+u5/m+x8i6zevVakpE8C/Bv35JAYAYABgCANcBQAAAleIrxeeOF5CY8q89CftzPZJ2tVfAriauf97G9c/buP55G9c/b+P6521c/7yN65+3cf0Zy8u2zyl2Pbe82/j+f17Gr///i+SUn/z1xvI39vxvpHD98zauf97G9c/buP55G9c/b+P6/+9X85+Mcf3zNq4/Y3nZ1b7/zO3qtqv9+8cYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLG84569QAPBv/au9LsYYY4wxxhhjjP15fP6rvQLGGGOMMcYYY4z9z0MQIEFBAPkgP8RAAYiFayAOroWCcB1E4HqIhxugENwIhaEIFIVikADFoQRoMGCBIISSUAqicBOUhpshEcpAWSgHDspDEtwCFeBWqAi3QSW4HSrDHVAFqkI1qA53Qg24C+6GmlAL7oHaUAfqQj24F+rDfdAA7oeG8AA0ggehMTwETeBhaAqPQDN4FJrDY9ACHoeW0ApaQxto+3+V/zL0gVegL/SDFOgPA+BVGAiDYDC8BkPgdRgKb8AweBOGwwgYCW/BKHgbRsM7MAbGwjgYDxNgIkyCyTAFpkIqvAvT4D2YDu/DDJgJs2A2pMEcmAsfwDyYDwvgQ1gIH8EiWAxLYCmkw8eQAcsgEz6B5fApZMEKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22w2ewA3bCLtgNe2Av7IPPYT98AQfgS8iGr/6b+Wf/Q35PBAQUKFChwnyYD2MwBmMxFuMwDgtiQYxgBOMxHgthISyMhbEoFsUETMASWAINGiQkLIklMYpRLI2lMRETsSyWRYcOkzAJK+CtWBErYiWshJWxMlbBqlgVq2N1rIE18G6EKgHUwtpYG+tiXbwX78X7sAE2wIbYEBthI2yMjbEJNsGm2BSbYTNsjs2xBbbAltgSW2NrbIttsR22w/bYHjtiR+yEnbAzdsZkTMYu2AW7Ylfsht2wO3bHHtgDe2Iv7IUv48v4Cr6C/bC26I8DcAAOxIEHcv8YXsPXcSi+gW/gmzgcR+BIfAvfwrdxNJ7BMTgWx+E4rCEm4iScjCSmYiqm4jSchtNxOs7AmTgTZ2MazsG5OBfn4Xycjx/iQvwIP8LFuBiXYjqmYwYuw0zMxOV4FrNwBa7EVbga1+BqXIfrcR1uxE24EbfgFtyG2/Az/Ax34k7cjbtxL+7Fz/Fz/AK/wOGYjdl4EA/iITyEh/Ew5mAOHsEjeBSP4jE8hsfxOJ7Ak3gKT+JpPI1n8Cyew3N4AS/gRXwx4dtme8tsGA4ilxJK5BP5RIyIEbEiVsSJOFFQFBQRERHxIl4UEoVEYVFYFBVFRYJIECVECWGEESRCUVKUFFERFaVFaZEoEkVZUVY44USSSBIVRAVRUVQUlcTtorK4Q1QRVUUHV11UFzVER3e3qClqiVqitqgj6op6op6oL+qLBqKBaCgaikaikWgsHhJNRH8cjI+I3Mo0FyOwhRiJLUUr0Vq0EW/jE6KdGI3tRQfRUTwlxuIY7CzauWTxrOgiJmFX8byYjC+I7mIq9hAviZ6il+gtXhZ9RHvXV/QTM7C/GCBm40AxSAwWr4l5WEfkVqyueFMMFyPESPGWWIpvi9HiHTFGjBXjxHgxQUwUk8RkMUVMFaniXTFNvCemi/fFDDFTzBKzRZqYI+aKD8Q8MV8sEB+KheIjsUgsFkvEUpEuPhYZYpnIFJ+I5eJTkSVWiJVilVgt1oi1Yp1YLzaIjWKT2Cy2iK1im9guPhM7xE6xS+wWe8ResU98LvaLL8QB8aXIFl+Jg+Iv4pD4WhwW34gc8a04Ir4TR8X34pj4QRwXP4oT4qQ4JX4Sp8XP4ow4K86J8+KC+EVcFJfEZeEFSJRCSqlkIPPJ/DJGFpCx8hoZJ6+VBeV1MiKvl/HyBllI3igLyyKyqCwmE2RxWUJqaaSVJENZUpaSUXmTLC1vlomyjCwry0kny8skeYusIG+VFeVtspK8XVaWd8gqsqqsJqvLO2UNeZe8W9aUteQ9srasI+vKevJeWV/eJxvI+2VD+YBsJB+UjeVDsol8WDaVj8hm8lHZXD4mW8jHZUvZSraWbWRb+YRsJ5+U7WUH2VE+JTvJp2Vn+YxMls/KLvI52VU+L7vJF2R3+aLsIV+SPWUv2Vtekpell31lP5ki+8sB8lU5UA6Sg+Vrcoh8XQ6Vb8hh8k05XI6QI+VbcpR8W46W78gxcqwcJ8fLCXKinCQnyylyqkyV78pp8j05Xb4vZ8iZcpacLdPkHDn4t5kW/Bfy3/sH+cN+ffZtcrv8TO6QO+UuuVvukXvlPrlP7pf75QF5QGbLbHlQHpSH5CF5WB6WOTJHHpFH5FF5VB6Tx+RxeVyekCflefmTPC1/lmfkWXlWnpcX5AV58befAShUQkmlVKDyqfwqRhVQseoaFaeuVQXVdSqirlfx6gZVSN2oCqsiqqgqphJUcVVCaWWUVaRCVVKVUlF1kyqtblaJqowqq8opp8qrJHXLv5z/R+trq9qqdqqdaq/aq46qo+qkOqnOqrNKVsmqi+qiuqquqpvqprqr7qqH6qF6qp6qt+qt+qg+qq/qq1JUihqgXlUD1SA1WL2mhqjX1VA1VA1Tw9RwNVyNVCPVKDVKjVaj1Rg1Ro1T49QENUFNUpPUFDVFpapUNU1NU9PVdDVDzVCz1CyVptLUXDVXzVPz1AK1QC1UC9UitUgtUUtUukpXGSpDZapMtVwtV1lqhVqhVqlVao1ao9apdWqD2qA2qU1qi9qistR2tV3tUDvULrVL7VF71D61T+1X+9UBdUBlq2x1UB1Uh9QhdVgdVjkqRx1RR9RRdVQdU8fUcXVcnVAn1Cl1Sp1Wp9UZdUadU+fUBXVBXVQX1WV1OfeyLxCBCFSggnxBviAmiAlig9ggLogLCgYFg0gQCeKD+KBQcGNQOCgSFA2KBQlB8aBEoAMT2ICCMCgZlAqiwU1B6eDmIDEoE5QNygUuKB8kBbcEFYJbg4rBbUGl4PagcnBHUCWoGlQLqgd3BjWCu4K7g5pBreCeoHZQJ6gb1AvuDeoH9wUNgvuDhsEDQaPgwaBx8FDQJHg4aBo8EjQLHg2aB48FLYLHg5ZBq6B10CZo+6fO7/2ZIk+6vrqfTtH99QD9qh6oB+nB+jU9RL+uh+o39DD9ph6uR+iR+i09Sr+tR+t39Bg9Vo/T4/UEPVFP0pP1FD1Vp+p39TT9np6u39cz9Ew9S8/WaXqOnqs/0PP0fL1Af6gX6o/0Ir1YL9FLdbr+WGfoZTpTf6KX6091ll6hV+pVerVeo9fqdXq93qA36k16s96it+pterv+TO/QO/UuvVvv0Xv1Pv253q+/0Af0lzpbf6UP6r/oQ/prfVh/o3P0t/qI/k4f1d/rY/oHfVz/qE/ok/qU/kmf1j/rM/qsPqfP6wv6F31RX9KXtc+9uM99eTfKKJPP5DMxJsbEmlgTZ+JMQVPQREzExJt4U8gUMoVNYVPUFDUJJsGUMCVMLjJkSpqSJmqiprQpbRJNoilryhpnnEkySaaCqWAqmoqmkqlkKpvKpoqpYqqZauZOc6e5y9xlapqa5h5zj6lj6ph6pp6pb+qbBqaBaWgamkamkWlsGpsmpolpapqaZqaZaW6amxamhWlpWprWprVpa9qadqadaW/am46mo+lkOpnOprNJNsmmi+liupquppvpZrqb7qaH6WF6mp6mt+lt+pg+pq/pa1JMihlgBpiBZqAZbAabIWaIGWqGmmFmmBlfYVPN3JPTKDPKjDajzRgz1owz480EM9FMMpPNFDPVpJpUM81MM9PNdDPDzDCzzCyTZtLMXDPXzDPzzAKzwCw0C80is8gsMUtMukk3GSbDZJpMs9wsN1kmy6w0K81qs9qsNWvNerPebDQbzWaz2Ww1W812s93sMDvMLrPL7DF7zD6zz+w3+80Bc8Bkm+yY3w535rA5bHJMjjlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86ZC+YXc9FcMpeNNzFWQKy9xsbZa21Be52NsQXs38ZFbTGbYIvbElbbwrbI38XGWptoy9iytpx1trxNsrf8Lq5iq9pqtrq909awd9m7fxfXt/fZBvZ+29A+YOvZe/8ubmQftI3tY7aJfdw2ta1sM9vGNreP2Rb2cdvStrKtbRvbyT5tO9tnbLJ91naxz/0uzrDL7Hq7wW60m+x++4U9Z8/bo/Z7e8H+YvvafnaIfd0OtW/YYfZNO9yO+F08zo63E+xEO8lOtlPs1N/Fs+xsm2bn2Ln2AzvPzv9dnG4/tgttpl1kF9sldumvce6aMu0ndrn91GbZFXalXWVX2zV2rV3372tdZbfYrXab3Wc/tzvsTrvL7rZ77N5f49x9HLBf2mz7lT1iv7OH7Nf2sD1mc+y3v8a5+wP4wR63P9oT9qQ9ZX+yp+3P9ow9++v+c/f+k71kL1tvgZAESVIUUD7KTzFUgGLpGoqja6kgXUcRup7i6QYqRDdSYSpCRakYJVBxKkGaDFkiCqkklaIo3USl6WZKpDJUlsqRo/KURLdQBbqVKtJtVIlup8p0B1WhqlSNqtOdVIPuorupJtWie6g21aG6VI/upfp0HzWg+6khPUCN6EFqTA9RE3qYmtIj1Iwepeb0GLWgx6kltaLW1Iba0hPUjp6k9tSBOtJT1Imeps70DCXTs9SFnqOu9Dx1oxeoO71IPegl6km9qDe9TH3oFepL/SiF+tMAepUG0iAaTK/REHqdhtIbNIzepOE0gkbSWzSK3qbR9A6NobE0jsbTBJpIk2gyTaGplErv0jR6j6bT+zSDZtIsmk1pNIfm0gc0j+bTAvqQFtJHtIgW0xJaSun0MWXQMsqkT2g5fUpZtIJW0ipaTWtoLa2j9bSBNtIm2kxbaCtto+30Ge2gnbSLdtMe2kv76HPaT1/QAfqSsukrOkh/oUP0NR2mbyiHvqUj9B0dpe/pGP1Ax+lHOkEn6RT9RKfpZzpDZ+kcnacL9AtdpEt0mTxBiKEIZajCIMwX5g9jwgJhbHhNGBdeGxYMrwsj4fVhfHhDWCi8MSwcFgmLhsXChLB4WCLUoQltSGEYlgxLhdHwprB0eHOYGJYJy4blQheWD5PCW8IK4a1hxfC2sFJ4e1g5vCOsElYNH3ugenhnWCO8K7w7rBnWCu8Ja4d1wrphvfDesH54X9ggvD9sGD4QVgwfDBuHD4VNwofDpuEjYbPw0bB5+FjYInw8bBm2CluHbcK24RNhu/DJsH3YIewYPhV2Cp8OO4fPhMnhs2GX8Lk/HE8J+4cDwlfDV0Pv75dLokuj6dGPoxnRZdHM6CfR5dFPo1nRFdGV0VXR1dE10bXRddH10Q3RjdFN0c3RLdGt0W1R7+vlB4dOOOmUC1w+l9/FuAIu1l3j4ty1rqC7zkXc9S7e3eAKuRtdYVfEFXXFXIIr7ko47YyzjlzoSrpSLupucqXdzS7RlXFlXTnnXHmX5Nq4tq6ta+eedO1dB9fRPeWeck+7p90z7hn3rOvinnNd3fOum3vBdXcvuhfdS66n6+V6u5ddH/eK6+v6uRSX4ga4AW6gG+gGu8FuiBvihrqhbpgb5oa74W6kG+lGuVFutBvtxrgxbpwb5ya4CW6Sm+SmuCku1aW6aW6am+6muxluhpvlZrk0l+bmurlunpvnFrgFbmHiQrfILXJL3BKX7tJdhstwmS7TLXfLXZbLcivdSrfarXZr3Vq33q13G91Gt9ltdlvdVrfdbXc73A63y+1ye9wet8/tc/vdfnfAHXDZLtsddAfdIXfIHXbfuBz3rTvivnNH3ffumPvBHXc/uhPupDvlfnKn3c/ujDvrzrnz7oL7xV10l9xl511q5N3ItMh7kemR9yMzIjMjsyKzI2mROZG5kQ8i8yLzIwsiH0YWRj6KLIosjiyJLI2kRz6OZESWRTIjn0SWRz6NZEVWRFZGVkVWR9ZEvC++I/QlfSkf9Tf50v5mn+jL+LK+nHe+vE/yt/gK/lZf0d/mK/nbfWV/h6/iq/pq/nHf0rfyrX0b39Y/4dv5J31738F39E/5Tv5p39k/45P9s76Lf8539c/7bv4F392/6Hv4l3xP38v39i/7Pv4V39f38ym+vx/gX/UD/SA/2L/mh/jX/VD/hh/m3/TD/Qg/0r/lR/m3/Wj/jh/jx/pxfryf4Cf6SX6yn+Kn+lT/rp/m3/PT/ft+hp/pZ/nZPs3P8XP9B36en+8X+A/9Qv+RX+QX+yV+qU/3H/sMv8xn+k/8cv+pz/Ir/Eq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3n/kdfqff5Xf7PX6v3+c/9/v9F/6A/9Jn+6/8Qf8Xf8h/7Q/7b3yO/9Yf8d/5o/57f8z/4I/7H/0Jf9Kf8j/50/5nf8af9ef8eX/B/+Iv+kv+8n/1PWv5/ifvpTPGGGOM/f8v9Q/G+/+D74nfWq4BAHDtzmI5fzsuAWBz4b/2B4mEThEAeLZfj0f+rdWunZKS8ttjsyQEpRYDQORK/q+XaL/FK6AjPA3J0AEq/MP1DRK9LtAfzB+9HSD2b3Ji/voxB/9h/lv/k/mfeGpcRuXwXPw/mX8xQGKpKzkF4Ep8Zf6K/8n8Rdr9wfoLfJ0K0P5vcuLgSnxl/iR4Ep6D5L97JGOMMcYYY4wx9leDRLVulHsihn9+Pk9QV3Lyw5X4j87njDHGGGOMMcYYu/pe6NX7mSeSkzt04w53uMOdf+9c7f9MjDHGGGOMsT/blYv+q70SxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMs7/p/8XFiV3uPjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2NX2fwIAAP//sN45jQ==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000380)='\x00', 0x89901)
fchdir(r0)
close(r0)
mount(0x0, &(0x7f0000000040)='./file0/../file0\x00', 0x0, 0x1304c24, 0x0)

2m36.373403612s ago: executing program 7 (id=1519):
timerfd_create(0x7, 0x0)
syz_open_dev$media(&(0x7f00000004c0), 0x40, 0x8000)
r0 = syz_io_uring_setup(0x9e, &(0x7f0000000000)={0x0, 0xec25, 0x0, 0x2, 0x40000333}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x6007, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

2m35.046816408s ago: executing program 7 (id=1525):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848330000005e14060200000000", 0x20}], 0x1}, 0x40804)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xd0, &(0x7f0000000000)=0x46, 0x4)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

2m32.320908543s ago: executing program 40 (id=1525):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848330000005e14060200000000", 0x20}], 0x1}, 0x40804)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xd0, &(0x7f0000000000)=0x46, 0x4)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

1m46.419966s ago: executing program 0 (id=1740):
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
symlink(&(0x7f0000000000)='./file1\x00', &(0x7f0000000280)='./file1\x00')
mount$afs(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x800, 0x0)

1m45.940301619s ago: executing program 0 (id=1744):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg(r0, &(0x7f0000000640)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)='$r', 0x2}], 0xfe, &(0x7f0000001a80)=[{0xc, 0x1}], 0xc}}], 0x1, 0x4004804)

1m45.359609568s ago: executing program 0 (id=1749):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
write(r0, &(0x7f0000000180)="2cd8cc8888b87c8e14", 0x9)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

1m44.489829487s ago: executing program 0 (id=1756):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000000c0), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000380)=""/141, 0x8d)

1m43.959553772s ago: executing program 0 (id=1760):
r0 = io_uring_setup(0x1950, &(0x7f0000000a80)={0x0, 0xd3d5, 0x80, 0x5, 0x2b0})
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
r2 = dup2(r1, r1)
read$FUSE(r2, &(0x7f0000002b40)={0x2020}, 0x2020)
close_range(r0, 0xffffffffffffffff, 0x0)

1m43.454996012s ago: executing program 0 (id=1764):
socket$inet_sctp(0x2, 0x1, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x4f27, 0x5, 0x10000, 0x0, 0x4, 0x3, 0x8, 0x7, 0x8, 0x100, 0x2, 0x1, 0x1db, 0x2, 0x6, 0x101, 0xfffffffd, 0x6, 0x3, 0x40000006, 0x2, 0x100002, 0xf27, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x6, 0x0, 0xfffffff8]})
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

1m42.110245389s ago: executing program 41 (id=1764):
socket$inet_sctp(0x2, 0x1, 0x84)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'pcl812\x00', [0x4f27, 0x5, 0x10000, 0x0, 0x4, 0x3, 0x8, 0x7, 0x8, 0x100, 0x2, 0x1, 0x1db, 0x2, 0x6, 0x101, 0xfffffffd, 0x6, 0x3, 0x40000006, 0x2, 0x100002, 0xf27, 0x20001e58, 0xb, 0xe69, 0x3c, 0x8, 0x6, 0x0, 0xfffffff8]})
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

6.584836042s ago: executing program 2 (id=2137):
syz_open_dev$video4linux(0x0, 0x0, 0x80681)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)

5.340498649s ago: executing program 3 (id=2143):
syz_mount_image$hfs(&(0x7f0000000140), &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYRES8=0x0, @ANYRESOCT, @ANYRES32=0x0, @ANYRES8, @ANYRESOCT], 0x1, 0x273, &(0x7f0000001200)="$eJzs3U9rE0EYx/HfbNIabalrWxHEg1QLnsTWi3gRpO/AiydRmwjFUEErqBerZ/EFePctePAleBLPQm6e9J5bZP7EbNJsNo2Jk8TvBxI2yTw7z2RnOzO7lAjAf+v2TuPj9R/2YaSSSpJuSomkilSWdFbnKs/3D/YO6rXqoB2VXIR9GPlIc6TM7n6tX6iNcxFBal+VtZx9D5NR+R47A0wDd/Z7v7LvJ9KJcHa6zytRshu/w9gJRGaaauqFVmLnAQCIK4z/SRjnl8P8PUmkzTDsd4//Mz6ANmMnEFlm/HerrJaxx/e0+6iz3jN+9meFVeIodS3K96xSVwJFq0qXS3Ly0V69dnX3Sb2a6K1uBZli6+656rtuWyOT7Zuju97oszYdoDFy25dcGxZsG7Zz8l8bb43FzBfz1dwzqT6o+mf+V24Ze5jckUp7jpTP/1r+Hl0rU18qp5VnXCXnQw3BwFaW1JNG1mLYZ9cFgrQoTxe12hPlW7dVELXWN2q7IGq9N6rTm/MjJ828N3fNhn7qk3Yy8//EftubGubMtGVcydAzBran7EqmbjwxF91bhxf6lkxGbhKO750e6oZWnr189fhBvV57ysYIG6/Dlzkt+Qy70e4E05LP3G7YLzlK7eW/7plR/irhH+sc9GMGcm9mXth5l/Hrv/Z65fNCuH1nn9IB8/RW0c4zK6CtnLXBqns+lb+C62LcpYclmbxbEcOuuS5dkS4PU6OXhjznhNnRN93n+j8AAAAAAAAAAAAAAAAAAMCsGd+/HFSU91HsNgIAAAAAAAAAAAAAAAAAAAAAMOum7vd/78i/4vd/gYn7HQAA//8NSnOZ")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1817c1, 0x0)
write$P9_RREMOVE(r1, &(0x7f0000002340)={0x7, 0x7b, 0x2}, 0x7)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x5)
pwrite64(r2, &(0x7f0000000140)='2', 0x1, 0x8000c61)
write$FUSE_WRITE(r0, &(0x7f00000000c0)={0x18}, 0xfffffdef)

4.335675817s ago: executing program 5 (id=2147):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x0, @private2={0xfc, 0x2, '\x00', 0xff}}]}, &(0x7f0000000180)=0x10)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={r3, 0xe994}, 0x8)

4.178837642s ago: executing program 9 (id=2149):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@getchain={0x24, 0x66, 0x0, 0x40000000, 0x2000, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x4}}}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x38, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r2, 0x98, 0x1114}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x401, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, 0x1493cf2c54a75087, 0xac}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}, @IFLA_IPTUN_FWMARK={0x8, 0x14, 0x3}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20040805}, 0x20004094)

3.945593854s ago: executing program 3 (id=2150):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0xf97}, 0x94)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fcffffff850000002d000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='leases_conflict\x00', r1}, 0x10)
chown(&(0x7f0000000180)='./file1\x00', 0x0, 0x0)

3.901113004s ago: executing program 2 (id=2151):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettaction={0x50, 0x32, 0x20, 0x70bd25, 0x25dfdbfe, {}, [@action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x20, 0x1, [{0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x4048801)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xa, &(0x7f0000000380)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x4, 0x80000000, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x3}, {0xa, 0xffe0}, {0x4, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x14, 0x8002, [@TCA_FQ_PIE_TUPDATE={0x8, 0x4, 0x7}, @TCA_FQ_PIE_DQ_RATE_ESTIMATOR={0x8}]}}]}, 0x44}}, 0x45)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.822860639s ago: executing program 5 (id=2152):
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x7, 0x4, 0x438, 0x240, 0x240, 0x240, 0x350, 0x350, 0x350, 0x4, 0x0, {[{{@arp={@private, @local, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0xfffd, 0x0, 0x0, 0x1, 'veth1_to_batadv\x00', 'batadv0\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "bc2e329885ea365407212432bdda7deb48d85c6f5e269c0900c8f8dc09af0b000000f7d26a6e00"}}}, {{@arp={@empty, @broadcast, 0xff, 0xffffffff, 0x7, 0x4, {@mac=@remote, {[0xff, 0xff, 0xff, 0x0, 0xff]}}, {@empty, {[0xff, 0xff, 0xff, 0xff, 0x0, 0xff]}}, 0x4560, 0x2ea, 0x4, 0x40, 0x4e, 0x6, 'bond0\x00', 'pim6reg\x00', {}, {0xff}, 0x0, 0x10}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr, @broadcast}}}, {{@arp={@private, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@empty, {[0x0, 0x0, 0x0, 0x0, 0xff]}}, {@empty, {[0x0, 0x0, 0x0, 0x0, 0xff]}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0\x00', 'veth0_to_bond\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x488)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000000)=0x7f, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x20000001, &(0x7f0000000300)={0xa, 0x4e20, 0x5, @mcast1}, 0x1c)

3.706837999s ago: executing program 4 (id=2153):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x20d00, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000300)={0x0, 0x0, 0xffffffff, 0x0, 0x7, "ff00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000000c0))
ioctl$TCSETSW2(r1, 0x402c542c, &(0x7f0000000100)={0x1f1b, 0x6, 0x1e1, 0xfff, 0x0, "12000000000000000100", 0x1, 0x11ff})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000080)=0x5)

3.548085585s ago: executing program 9 (id=2154):
open$dir(&(0x7f0000000000)='./file0\x00', 0x800, 0x20)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xd)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x8080000, 0x1d000, 0x2})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x8000000, 0x6000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0xdddd0000, 0x10000})

3.237768273s ago: executing program 2 (id=2155):
r0 = syz_io_uring_setup(0x22b, &(0x7f0000000080)={0x0, 0x5325, 0x10000, 0x0, 0x100002cf}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = fanotify_init(0x500, 0x0)
r5 = fcntl$dupfd(r3, 0x0, r4)
fanotify_mark(r4, 0x1, 0x40000019, r5, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd=r3, 0x0, 0x0})
io_uring_enter(r0, 0x25d8, 0x0, 0x84, 0x0, 0x0)

3.181294666s ago: executing program 5 (id=2156):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb3c5ca683a4b6fc89398f2b9000f224891060017c4700de60beac671e8e8fdecb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0d18a93ee341ab59016f81860324b800300000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4a801efdf008499d7aca1afac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x12, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r2, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r0}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001000)={r2, &(0x7f0000000fc0)}, 0x20)

3.167897403s ago: executing program 3 (id=2157):
mount$bind(0x0, 0x0, 0x0, 0x2a05004, 0x0)
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000001020d0000052406000105240000640d240f0100000000000000000006241a000000090581ee3f000018000904010000020d00000904010102020d0000090582020002000000090503020002"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000480)={0x44, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x20, 0x80, 0x1c, {0x3, 0x6, 0xff, 0x1, 0x2, 0x3, 0x4, 0x8001, 0x7a, 0x1, 0x1000, 0xfff}}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

3.153321952s ago: executing program 9 (id=2158):
syz_mount_image$nilfs2(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x1014800, &(0x7f0000000c80)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRESDEC, @ANYRES16, @ANYBLOB="0cbd5b5353912a879413ea41a5629122f6276e175b189b44b947b5ed8f34c9675196c7f420a9b4778c892a009b17763f4dbda6a421bf154a20ef7653d70337286d09a41d27fbb619ff647f585a8577dd9c318e307ee0e9c3328c5093134a7c98153b0d68aba22a65e8773fad07b59a0c5437e47d4255e1e8658b9b5a0cf45c27f88d87d58476713ea75cc39cdeb6036614e0b73cfbcd4f9243e2124d8ff5112db88857c7b69007b6ff5355f42dac04033a790725615a827b96542e64ad60984b7626cc74628d2d76b1f32df646d70aa036bc7d42fd", @ANYRESDEC, @ANYRESOCT=0x0, @ANYBLOB="d435d9afbeca2782ae19ed8bd41575ea7d9c9874c548e8a3b6d356a39d4518f41339a72ccd509df9e4d9d79abcc2f6da6768bd4f40d0beffba62fb5009c1e93fd4fe41778354a47dc025c852e30590bfb3cccdb6c83b0fdb27f16f03d72df1eac33d4948589efe30db71a5f7e31a303bf4ed9f3125c0a7aa0008ddaa", @ANYRESDEC], 0x1, 0xda6, &(0x7f0000003c80)="$eJzs3ctvXFf9APBzx544r/7iNO4vJoTEJJSGR+wmtSg7XCksKqQKKX9BFdKS4pZHwqJVKiVZsCVS1T+AqmtY8MyiUtRVUDcg/oGqKzahqlQgQmqNbJ8zHn8zw51xbI/H8/lId87c+z33nnPmcefOfZ0EjKzGyuP8/HSV0tt33rrw4OT4v5ennGzlmFl5HM9jCymlZmu+lCbD8hYmVtPPPrl+qT39PKdVOp+qVLWmpxfut+Y9kFK6kWbS3TSZLn589PYrHzy/+N6Rm0cuvHnm3ta0HgAARsuD77370z8/9d3rh//zmxMLaaI1vWyfL+Txg3m7f6FaHc9J639A1ZZWbePFnpBvPA+NkG+sQ772cpoh33iX8veE5Ta75JuoKX+sbVqndsMwW/sfXzVm1403GrOzq//Jl304tqeafe3K4ktXB1RRYNN9ejLv4jMYDCM3LB0a9BoIYFU8bviQG3HPwqNpLW28t/LvP9foPD9sgu3+/Ct/uMp/96Y1Dptnt36aSrvK9+hgHo/HEcbDfP1+/8vy4vGIZo/17HYcYViOL3Sr59g212OjutU/fi52qy/ltLwOJ0K8/fsT39NheY+Bzh7Y/28wjOywNOgVELBjxfPmlrISj+f1xfhETXxvTXxfTXx/TfxATRxG2W+v/TLdrtb+58f/9P3uDyv72R7L6f/1WZ+4P7Lf8uN5v/161PLj+cSwo5351/FPf373L/H8/8/D+f+n82/pZF5BlP2Fcb9669z/cGFwo0u+x0N1HuuQf+X51Pp81dTaclLbeuahekyvn+9Qt3zH1+ebDPn2522RvaG+cftkf5ivbH+U9Wp5vcZDe5uhHXtCPco7czine0N7DndrV9iRvSfka+bhSGjXVGjXE2G+/w/tqqbXtyvuPy/1ORqmx+MkJV942x76XYrvRbwu41ROb+X0nZy+n9OPOpQ7isrnsdv5/+XzOZ2a1UtXFi8/ncfL5/TeWHNiefq5ba438Oh6vf5nOq2//udga3qz0b5eOLQ2vWpfL0yG6ee7TH8mj5ffsx+O7VuZPnvpx4s/2OzGw4i7+vobP3pxcfHyzzzxxBNPWk/+x0rj1zMXr23jOgrYGnPXXv3J3NXX3zh75dUXX7788uXXzj397W898+yz83MrW/Vz7dv2wO6y9qM/6JoAAAAAAAAAAAAAPav2dZ6c07r725brycv16fH6eIZDed/Kp6Hcx6Bc/9ntvi7l+s3D21BHNt92XE406DYCnf3D/X8NhpEdlpbcxR/YGQbd/1+572FJD5792+HloWS7/9z69WW8fyE8ip3e/5zyd1f/f63+r3pe/4UesyY3Vu7vHuz7a1ux6Viv5cf2l/vATvVX/u9z+aU1T6beyl/6VSg/3qi0R38I5e/vsfyH2n98Y+X/MZdfXrYzp3stf7XGVWN9PeJ+43IfwLjfuPhTaH+5t18/7T91a+Mdtd3J5cMoG5Z+Jvs1LP1/dlOWW9aDefXcOk5X7r8d+zvot/7lvt/ld+CJsPyq5vdN/5/Dra7/z/L5m9P/J+w6Hzr+ZzCM7LC0tDTQrk9Gtd+VnWLQr/+gtyEHXf6gX/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x9Yz9f8b40bDc2D/odE38CzXxYzXxL9bEj9fE4/+3GJ+piZ+oiZ+siT9eEz9VEz9dE/9KTfzJmvhTNfEzNfHd7ss5HdX2wyiL/Ub6/sPoKMd/un3/p2riwPCK/TrH7/dXa+LA8Crnefh+wwiqOt+xI+5vL/txb+X0nZy+n9OPtqyCbIev5fTrOf1GTr+Z07M5nc3pXE71DTncfvH3YyduV2vn+R0K8V7PJ43XA8T7xJzrsT7x+Fy/57Me7bGcrSp/g5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxsrj/Px0ldLbd9668M+p73x/ecrJVo6ZlcfxPLaQUmqmlKo8Ph6Wd2NiNf3sk+uXOqVVOr/yWMbTC/db8x5Ynj/NpLtpMl38+OjtVz54fvG9IzePXHjzzL2taT0AAACMhv8GAAD//5Cp5/o=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000440)={'syz0\x00', {0x6, 0x5, 0x4, 0x7ff}, 0x1a, [0x10001, 0x0, 0x6, 0xfffffff7, 0xfffffff7, 0xfffffffc, 0x9, 0xc, 0xfff, 0x6, 0x10, 0x0, 0x7fffffff, 0x7, 0x3ff, 0xffffe682, 0x8, 0x19a, 0x3, 0x3, 0x5, 0x1, 0x6be2, 0x401, 0x80000000, 0x2, 0x5, 0x3, 0x0, 0x3ff, 0x80, 0x1000, 0x7f, 0x5, 0x98, 0x9, 0x4, 0x846, 0x7, 0x71c, 0x10000, 0x0, 0x3, 0x4, 0x2, 0x9, 0x5, 0x8, 0x3, 0x1, 0xc24b, 0x5e, 0x42b, 0xf3fc, 0x9, 0x7fffffff, 0x1ff, 0x0, 0x7, 0xd, 0x7f, 0x4, 0x3, 0xad], [0xfebb, 0x3d2, 0x4, 0x8, 0x80, 0x6, 0x3, 0x800, 0xc805, 0x1, 0xfffffffc, 0xb0, 0x7, 0x6, 0x63, 0x7, 0x1, 0x7ffffffe, 0x1, 0x7, 0x7, 0x9, 0x737e, 0x7, 0x8000, 0x1, 0x1000, 0x8001, 0xb, 0x5, 0x3, 0x2, 0x4, 0x0, 0x4, 0x7, 0x161c, 0xd, 0x9, 0x3ff, 0xb, 0x5a4, 0x0, 0xa99, 0x5, 0x6, 0x6, 0x8000, 0x800, 0x4, 0x7, 0x1, 0x3, 0x4, 0x10000, 0x4, 0xfffffffb, 0xff, 0x4, 0xa, 0x10, 0x6df, 0xcbf, 0xe278], [0x6, 0x5, 0x5, 0x0, 0x25, 0x2, 0x5, 0x8, 0x6, 0x7fff, 0x17ee, 0x2, 0x200, 0xf1b00000, 0x4, 0x1, 0x9, 0x2, 0x983, 0x8, 0x2, 0x40, 0x3, 0x4, 0xe, 0x3, 0x4, 0x6, 0x9, 0x7ff, 0x92, 0x4, 0x33e, 0xae1b, 0x4, 0x5, 0x1, 0x3, 0xffffffff, 0xc, 0x0, 0x1b87, 0x1, 0x4, 0xffff0001, 0x7, 0x5, 0x4000, 0x1, 0x6, 0x8001, 0x3, 0xb, 0xcfa6, 0x1000, 0x10001, 0x91d8, 0xfffffff8, 0x6, 0xc, 0x8000, 0x45c, 0xf, 0x6], [0x6, 0x4, 0x3e3ae9e1, 0x7f, 0x3, 0x6, 0x1, 0x9, 0x8893, 0x2, 0x2ca, 0x200, 0x52, 0x9, 0x0, 0xffff, 0x5, 0x3, 0x100000, 0xff, 0x3, 0x1000, 0x2, 0x160, 0x8, 0x0, 0x4, 0xf, 0x2, 0x4, 0x2, 0x0, 0x8, 0x5, 0xd66, 0x7, 0x58f, 0x2, 0x5, 0x0, 0x80000001, 0x9, 0x80000001, 0xffffffff, 0xfffff801, 0x2, 0x94d3, 0x1, 0xfe85, 0x7, 0x3, 0x10001, 0x80, 0x9, 0x80000000, 0x4, 0xe, 0x6, 0x8, 0x10000, 0x0, 0x1, 0x101, 0x40000]}, 0x45c)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)
ftruncate(r1, 0xd5)
copy_file_range(r0, 0x0, r0, &(0x7f00000000c0)=0xae8, 0x863, 0x0)

3.000861311s ago: executing program 4 (id=2159):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e0000000000000000001800028014000380"], 0x44}, 0x1, 0x0, 0x0, 0x20004080}, 0x20000000)

2.702070638s ago: executing program 4 (id=2160):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f00000005c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newlink={0x78, 0x10, 0x437, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, 0x40c89}, [@IFLA_LINKINFO={0x58, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x48, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}, @IFLA_GRE_LOCAL={0x14, 0x6, @private1}, @IFLA_GRE_REMOTE={0x14, 0x7, @private0}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x8}, @IFLA_GRE_TTL={0x5, 0x8, 0x3}, @IFLA_GRE_TTL={0x5, 0x8, 0x6}]}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24004880}, 0x0)

2.692772502s ago: executing program 2 (id=2161):
set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58)
r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0xbcb5, 0x3f00, 0x5, 0x1000}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x40, 0x3, r0, 0x0})
io_uring_enter(r1, 0x3516, 0x3e44, 0x8, 0x0, 0x0)

2.659898818s ago: executing program 5 (id=2162):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x1, &(0x7f00000008c0)=[{0x6, 0x0, 0x0, 0x6}]})
socket$packet(0x11, 0x2, 0x300)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000080)={0x1, 0x1}, 0x8)
close_range(r1, 0xffffffffffffffff, 0x0)

2.176589452s ago: executing program 4 (id=2163):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000400)='dctcp\x00', 0x6)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg(r0, &(0x7f0000005ec0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)='7', 0x1}], 0x1}}], 0x1, 0x1)
r1 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r1, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784002000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)

2.173561635s ago: executing program 3 (id=2164):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f0000000240), 0x1, 0x4bf, &(0x7f0000000540)="$eJzs3c9vG1kdAPDvTJImm81usrASPwRsWRYKqtZO3N1otaflAkKrlRArThzakLhRFDuOYqc0oYf0f0CiEif4EzggcUDqiTs3uCGkckAqUIEaJA5GM56kaWqnEU08Vfz5SE8zb57t73tt573pt41fACPrckTsRcSliLgREbPF9aQo8VGvZK97/OjO8v6jO8tJdLuf/iPJ27NrceQ9mVeLz5yKiB98N+LHybNx2zu760uNRn2rqFc7zc1qe2f3L2vNpdX6an2jVltcWJz/4Nr7tTMb61vNXz/8ztrHP/zdb7/84A973/pp1q2Zou3oOM5Sb+gTh3Ey4xHx8XkEK8FYMZ5LZXeE/0saEZ+JiLez+79bdm8AgGHodmejO3u0DgBcdGmeA0vSSpELmIk0rVR6Obw3YzpttNqdqzdb2xsrvVzZXEykN9ca9fkiVzgXE0lWX8jPn9Rrx+rXIuKNiPjZ5Ct5vbLcaqyU+eADACPs1WPr/78ne+s/AHDBTZXdAQBg6Kz/ADB6rP8AMHqs/wAweqz/ADB6rP8AMHqs/wAwUr7/ySdZ6e4X33+9cmtne711692Venu90txeriy3tjYrq63Wav6dPc3nfV6j1dpceC+2b1c79Xan2t7Zvd5sbW90ruff6329PjGUUQEAJ3njrft/SiJi78NX8hJH9nKwVsPFlpbdAaA0Y2V3ACjNeNkdAErj7/hAny16nzLwvwjdG/gWUwu85K58Qf4fRpX8P4wu+X8YXfL/MLq63cSe/wAwYuT4gXP4938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC48GbykqSVYi/wmUjTSiXitYiYi4nk5lqjPh8Rr0fEHycnJrP6QtmdBgBeUPq3pNj/68rsOzPHWy8l/5nMjxHxk198+vPbS53O1kJ2/Z+H1zv3iuu1EwPZahAASnKwTh+s4wceP7qzfFCG2Z+H3+5tLprF3S9Kr2U8xvPjVP7gMP2vpKj3ZM8rY2cQf+9uRHy+3/iTPDcyV+x8ejx+Fvu1ocZPn4qf5m29Y/Zr8dkz6AuMmvvZ/PNRv/svjcv5sf/9P5XPUC/uYP7bf2b+Sw/nv7EB89/l08Z47/ffG9h2N+KL4/3iJ4fxkwHx3zll/D9/6StvD2rr/jLiSvSPfzRWtdPcrLZ3dt9day6t1lfrG7Xa4sLi/AfX3q9V8xx19SBT/ay/f3j19ZPGPz0g/tRzxv/1U47/V/+98aOvnhD/m1/r//v/5gnxszXxG6eMvzT9m4Hbd2fxV/qPv3jP4PFfPWX8B3/dXTnlSwGAIWjv7K4vNRr1LSdDO8me3V6Cbjgp7ST7E3AWn/O5c+xq2TMTcN6e3PRl9wQAAAAAAAAAAAAAABhkGD/wVPYYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLj+FwAA//+vctdr")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000200)=0x8)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f00000000c0)="6ae4", 0x2}], 0x1, 0xe7b, 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file1\x00', 0x42, 0x1)
fallocate(r2, 0x3, 0x0, 0x8000c62)

2.118611534s ago: executing program 9 (id=2165):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r1 = fanotify_init(0x0, 0x0)
r2 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r1, 0x1, 0x2a, r2, 0x0)
vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000140)='U', 0x1}], 0x1, 0x2)

1.75577175s ago: executing program 9 (id=2166):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e21}, 0x4e)
r2 = syz_io_uring_setup(0x10f, &(0x7f0000000700)={0x0, 0x1726f, 0x80, 0x2, 0xfffffffe}, &(0x7f0000000240)=<r3=>0x0, &(0x7f0000000180)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f000001f500)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r1, 0x0, &(0x7f0000001c00)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x47f5, 0x6021, 0x0, 0x0, 0x0)
connect$unix(r1, &(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)

1.608049347s ago: executing program 3 (id=2167):
r0 = syz_usb_connect(0x1, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x40, 0x13, 0x6, @remote}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000340)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001600)={0x40, 0x19, 0x2}, 0x0, 0x0, 0x0, 0x0})
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000001680)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000013c0)={0x40, 0x9, 0x1, 0x6b}, &(0x7f0000001400)={0x40, 0xb, 0x2, 'gv'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)

1.392861124s ago: executing program 4 (id=2168):
creat(&(0x7f00000002c0)='./file0\x00', 0x140)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
r1 = getpgid(0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000340)=[0x4], 0x0, 0x0, 0x1, 0x1, r1}}, 0x40)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)

1.253647031s ago: executing program 5 (id=2169):
userfaultfd(0x80001)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)

1.206852555s ago: executing program 2 (id=2170):
write$cgroup_type(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000300)='rxrpc_client\x00', r0}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000140)='rxrpc_client\x00', r0, 0x0, 0x5}, 0x18)
r1 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in6={0x21, 0xfffc, 0x2, 0x1c, {0xa, 0x0, 0x4, @dev}}, 0x80, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0xfc00)

628.715728ms ago: executing program 4 (id=2171):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x2}, &(0x7f00000003c0)="01f7d066b1fed6005ddda352695a836362dea3d9587003f277db0dea10a1abc9e679b1cafddb3107471455d0f5050df036df4cfafff965847e3e6752712064273d152059f7cd7be11a22587862879474f9688451", 0x54, 0xffffffffffffffff)
r1 = add_key$user(&(0x7f0000000140), &(0x7f0000002840)={'syz', 0x0}, &(0x7f0000002880)="f40fc24077021c9b084c60ffc26f26db12b9e78d629870bb26edb4a5e1cc0942ed8c58ca4fe84b94a0e31ea64089ee9ca1efb52945ffebbfea11dd3d0df936a10285eccab940ab5c96cb5d81dac1ad2243d878dde6cfd6ea08d5abcb00bb35436929ddabce530b63fab525337057438cf64a506d54d5c83e3e593d1d53ad0e6a44168fe8cfc6ad98b653d80636e4ddc1f2ab58762b3494250b9557f5b606a43e50874c90143034142cd5f7bd9b4dd876b97b7feb75b9138dde818a3c6b96dd80", 0xc0, 0xfffffffffffffffb)
keyctl$dh_compute(0x17, &(0x7f0000001340)={r0, r1, r0}, 0x0, 0x0, 0x0)
syz_usb_connect(0x3, 0xf5, 0x0, 0x0)

355.882064ms ago: executing program 2 (id=2172):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0xc)
r1 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @local}, 0xc)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast2}, 0x10)

331.145538ms ago: executing program 3 (id=2173):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1}, 0x18)
sendmmsg$inet(r0, &(0x7f0000003b80)=[{{0x0, 0x0, &(0x7f0000002940)=[{&(0x7f0000002640)="ef0ba606342672dabc", 0x9}], 0x1}}], 0x1, 0x20000010)
recvmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)=""/189}, {&(0x7f00000002c0)=""/182}, {&(0x7f0000000380)=""/4096}, {&(0x7f0000001380)=""/198}, {&(0x7f0000001480)=""/169}, {&(0x7f0000001540)=""/4096}], 0x10, &(0x7f0000002540)=""/216}}], 0x2, 0x0, 0x0)

148.946171ms ago: executing program 5 (id=2174):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000006c0)=@newtfilter={0x38, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r3, {0xfff2, 0x4}, {}, {0xd, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x8, 0x2, [@TCA_FLOW_EMATCHES={0x4}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054)

0s ago: executing program 9 (id=2175):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000006, 0x4132, 0xffffffffffffffff, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r1, 0x0)
pipe(&(0x7f0000002740))

kernel console output (not intermixed with test programs):

:0 - no destination available
[  650.987076][ T3791] hsr_slave_0: left promiscuous mode
[  651.066689][ T3791] hsr_slave_1: left promiscuous mode
[  651.074814][ T3791] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  651.082869][ T3791] batman_adv: batadv0: Removing interface: batadv_slave_0
[  651.152353][ T3791] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  651.164312][ T3791] batman_adv: batadv0: Removing interface: batadv_slave_1
[  651.248464][ T5828] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  651.319126][ T5828] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  651.337481][ T5828] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  651.354275][ T5828] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  651.371524][ T5828] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  651.410331][ T3791] veth1_macvtap: left promiscuous mode
[  651.416286][ T3791] veth0_macvtap: left promiscuous mode
[  651.422410][ T3791] veth1_vlan: left promiscuous mode
[  651.431794][ T3791] veth0_vlan: left promiscuous mode
[  651.585725][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  652.620167][T10058] loop7: detected capacity change from 0 to 40427
[  652.627116][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  652.656653][T10058] F2FS-fs (loop7): build fault injection rate: 14
[  652.666391][T10058] F2FS-fs (loop7): build fault injection type: 0x3bfe8c
[  652.727063][T10058] F2FS-fs (loop7): invalid crc value
[  652.803135][    C1] F2FS-fs (loop7): inject read IO error in f2fs_read_end_io of bio_endio+0xde2/0xf30
[  652.831389][    C0] F2FS-fs (loop7): inject read IO error in f2fs_read_end_io of bio_endio+0xde2/0xf30
[  653.140012][T10058] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  653.149488][T10058] F2FS-fs (loop7): inject page alloc in f2fs_grab_cache_folio of f2fs_get_tmp_folio+0x38/0x50
[  653.166253][ T3791] team0 (unregistering): Port device team_slave_1 removed
[  653.233473][T10058] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  653.261840][ T3791] team0 (unregistering): Port device team_slave_0 removed
[  653.465143][ T5828] Bluetooth: hci2: command tx timeout
[  653.664638][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  653.952234][    C1] F2FS-fs (loop7): inject write IO error in f2fs_write_end_io of bio_endio+0xde2/0xf30
[  653.962447][    C1] CPU: 1 UID: 0 PID: 3935 Comm: kworker/u8:19 Not tainted syzkaller #0 PREEMPT(none) 
[  653.962605][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  653.962722][    C1] Workqueue: events_unbound nsim_dev_trap_report_work
[  653.962943][    C1] Call Trace:
[  653.962994][    C1]  <IRQ>
[  653.963049][    C1]  __dump_stack+0x26/0x30
[  653.963228][    C1]  dump_stack_lvl+0x1df/0x270
[  653.963426][    C1]  dump_stack+0x1e/0x25
[  653.963591][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  653.963845][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  653.964046][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  653.964293][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  653.964522][    C1]  bio_endio+0xde2/0xf30
[  653.964675][    C1]  blk_update_request+0xf4c/0x1a90
[  653.964950][    C1]  blk_mq_end_request+0x50/0xb0
[  653.965165][    C1]  lo_complete_rq+0x188/0x3a0
[  653.965333][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  653.965497][    C1]  blk_done_softirq+0x112/0x1f0
[  653.965688][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  653.965881][    C1]  handle_softirqs+0x166/0x6e0
[  653.966065][    C1]  __do_softirq+0x14/0x1b
[  653.966224][    C1]  do_softirq+0x99/0x100
[  653.966365][    C1]  </IRQ>
[  653.966414][    C1]  <TASK>
[  653.966472][    C1]  __local_bh_enable_ip+0xa1/0xb0
[  653.966629][    C1]  _raw_spin_unlock_bh+0x2d/0x40
[  653.966788][    C1]  nsim_dev_trap_report_work+0x1047/0x1440
[  653.967043][    C1]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  653.967252][    C1]  process_scheduled_works+0xb8e/0x1d80
[  653.967508][    C1]  worker_thread+0xedf/0x1590
[  653.967751][    C1]  kthread+0xd59/0xf00
[  653.967891][    C1]  ? __pfx_worker_thread+0x10/0x10
[  653.968113][    C1]  ? __pfx_kthread+0x10/0x10
[  653.968262][    C1]  ret_from_fork+0x1e3/0x310
[  653.968411][    C1]  ? __pfx_kthread+0x10/0x10
[  653.968571][    C1]  ret_from_fork_asm+0x1a/0x30
[  653.968799][    C1]  </TASK>
[  654.154761][    C1] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  654.161891][    C1] CPU: 1 UID: 0 PID: 3935 Comm: kworker/u8:19 Not tainted syzkaller #0 PREEMPT(none) 
[  654.162043][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  654.162156][    C1] Workqueue: events_unbound nsim_dev_trap_report_work
[  654.162368][    C1] Call Trace:
[  654.162422][    C1]  <IRQ>
[  654.162474][    C1]  __dump_stack+0x26/0x30
[  654.162648][    C1]  dump_stack_lvl+0x1df/0x270
[  654.162846][    C1]  dump_stack+0x1e/0x25
[  654.163012][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  654.163261][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  654.163465][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  654.163739][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  654.163965][    C1]  bio_endio+0xde2/0xf30
[  654.164121][    C1]  blk_update_request+0xf4c/0x1a90
[  654.164384][    C1]  blk_mq_end_request+0x50/0xb0
[  654.164587][    C1]  lo_complete_rq+0x188/0x3a0
[  654.164766][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  654.164919][    C1]  blk_done_softirq+0x112/0x1f0
[  654.165088][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  654.165255][    C1]  handle_softirqs+0x166/0x6e0
[  654.165415][    C1]  __do_softirq+0x14/0x1b
[  654.165561][    C1]  do_softirq+0x99/0x100
[  654.165686][    C1]  </IRQ>
[  654.165733][    C1]  <TASK>
[  654.165790][    C1]  __local_bh_enable_ip+0xa1/0xb0
[  654.165928][    C1]  _raw_spin_unlock_bh+0x2d/0x40
[  654.166062][    C1]  nsim_dev_trap_report_work+0x1047/0x1440
[  654.166292][    C1]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  654.166481][    C1]  process_scheduled_works+0xb8e/0x1d80
[  654.166720][    C1]  worker_thread+0xedf/0x1590
[  654.166945][    C1]  kthread+0xd59/0xf00
[  654.167070][    C1]  ? __pfx_worker_thread+0x10/0x10
[  654.167272][    C1]  ? __pfx_kthread+0x10/0x10
[  654.167407][    C1]  ret_from_fork+0x1e3/0x310
[  654.167542][    C1]  ? __pfx_kthread+0x10/0x10
[  654.167677][    C1]  ret_from_fork_asm+0x1a/0x30
[  654.167887][    C1]  </TASK>
[  654.353346][    C1] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  654.360568][    C1] CPU: 1 UID: 0 PID: 3935 Comm: kworker/u8:19 Not tainted syzkaller #0 PREEMPT(none) 
[  654.360725][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  654.360851][    C1] Workqueue: events_unbound nsim_dev_trap_report_work
[  654.361062][    C1] Call Trace:
[  654.361115][    C1]  <IRQ>
[  654.361164][    C1]  __dump_stack+0x26/0x30
[  654.361337][    C1]  dump_stack_lvl+0x1df/0x270
[  654.361527][    C1]  dump_stack+0x1e/0x25
[  654.361689][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  654.361948][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  654.362157][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  654.362396][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  654.362606][    C1]  bio_endio+0xde2/0xf30
[  654.362765][    C1]  blk_update_request+0xf4c/0x1a90
[  654.363025][    C1]  blk_mq_end_request+0x50/0xb0
[  654.363244][    C1]  lo_complete_rq+0x188/0x3a0
[  654.363411][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  654.363585][    C1]  blk_done_softirq+0x112/0x1f0
[  654.363782][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  654.363964][    C1]  handle_softirqs+0x166/0x6e0
[  654.364142][    C1]  __do_softirq+0x14/0x1b
[  654.364318][    C1]  do_softirq+0x99/0x100
[  654.364460][    C1]  </IRQ>
[  654.364508][    C1]  <TASK>
[  654.364566][    C1]  __local_bh_enable_ip+0xa1/0xb0
[  654.364722][    C1]  _raw_spin_unlock_bh+0x2d/0x40
[  654.364886][    C1]  nsim_dev_trap_report_work+0x1047/0x1440
[  654.365146][    C1]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  654.365352][    C1]  process_scheduled_works+0xb8e/0x1d80
[  654.365627][    C1]  worker_thread+0xedf/0x1590
[  654.365881][    C1]  kthread+0xd59/0xf00
[  654.366023][    C1]  ? __pfx_worker_thread+0x10/0x10
[  654.366246][    C1]  ? __pfx_kthread+0x10/0x10
[  654.366400][    C1]  ret_from_fork+0x1e3/0x310
[  654.366548][    C1]  ? __pfx_kthread+0x10/0x10
[  654.366699][    C1]  ret_from_fork_asm+0x1a/0x30
[  654.366935][    C1]  </TASK>
[  654.552936][    C1] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  654.560207][    C1] CPU: 1 UID: 0 PID: 3935 Comm: kworker/u8:19 Not tainted syzkaller #0 PREEMPT(none) 
[  654.560371][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  654.560546][    C1] Workqueue: events_unbound nsim_dev_trap_report_work
[  654.560759][    C1] Call Trace:
[  654.560816][    C1]  <IRQ>
[  654.560868][    C1]  __dump_stack+0x26/0x30
[  654.561048][    C1]  dump_stack_lvl+0x1df/0x270
[  654.561245][    C1]  dump_stack+0x1e/0x25
[  654.561417][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  654.561679][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  654.561904][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  654.562159][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  654.562374][    C1]  bio_endio+0xde2/0xf30
[  654.562542][    C1]  blk_update_request+0xf4c/0x1a90
[  654.562799][    C1]  blk_mq_end_request+0x50/0xb0
[  654.563009][    C1]  lo_complete_rq+0x188/0x3a0
[  654.563187][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  654.563353][    C1]  blk_done_softirq+0x112/0x1f0
[  654.563549][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  654.563739][    C1]  handle_softirqs+0x166/0x6e0
[  654.563922][    C1]  __do_softirq+0x14/0x1b
[  654.564076][    C1]  do_softirq+0x99/0x100
[  654.564225][    C1]  </IRQ>
[  654.564296][    C1]  <TASK>
[  654.564357][    C1]  __local_bh_enable_ip+0xa1/0xb0
[  654.564517][    C1]  _raw_spin_unlock_bh+0x2d/0x40
[  654.564668][    C1]  nsim_dev_trap_report_work+0x1047/0x1440
[  654.564918][    C1]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  654.565116][    C1]  process_scheduled_works+0xb8e/0x1d80
[  654.565374][    C1]  worker_thread+0xedf/0x1590
[  654.565626][    C1]  kthread+0xd59/0xf00
[  654.565769][    C1]  ? __pfx_worker_thread+0x10/0x10
[  654.565994][    C1]  ? __pfx_kthread+0x10/0x10
[  654.566151][    C1]  ret_from_fork+0x1e3/0x310
[  654.566308][    C1]  ? __pfx_kthread+0x10/0x10
[  654.566465][    C1]  ret_from_fork_asm+0x1a/0x30
[  654.566689][    C1]  </TASK>
[  654.752764][    C1] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  654.759963][    C1] CPU: 1 UID: 0 PID: 3935 Comm: kworker/u8:19 Not tainted syzkaller #0 PREEMPT(none) 
[  654.760114][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  654.760227][    C1] Workqueue: events_unbound nsim_dev_trap_report_work
[  654.760442][    C1] Call Trace:
[  654.760492][    C1]  <IRQ>
[  654.760544][    C1]  __dump_stack+0x26/0x30
[  654.760716][    C1]  dump_stack_lvl+0x1df/0x270
[  654.760900][    C1]  dump_stack+0x1e/0x25
[  654.761059][    C1]  f2fs_handle_critical_error+0xa6f/0xc20
[  654.761294][    C1]  f2fs_stop_checkpoint+0x65/0x80
[  654.761499][    C1]  f2fs_write_end_io+0x101c/0x1bc0
[  654.761746][    C1]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  654.761957][    C1]  bio_endio+0xde2/0xf30
[  654.762105][    C1]  blk_update_request+0xf4c/0x1a90
[  654.762365][    C1]  blk_mq_end_request+0x50/0xb0
[  654.762578][    C1]  lo_complete_rq+0x188/0x3a0
[  654.762737][    C1]  ? __pfx_lo_complete_rq+0x10/0x10
[  654.762900][    C1]  blk_done_softirq+0x112/0x1f0
[  654.763081][    C1]  ? __pfx_blk_done_softirq+0x10/0x10
[  654.763265][    C1]  handle_softirqs+0x166/0x6e0
[  654.763448][    C1]  __do_softirq+0x14/0x1b
[  654.763597][    C1]  do_softirq+0x99/0x100
[  654.763758][    C1]  </IRQ>
[  654.763809][    C1]  <TASK>
[  654.763865][    C1]  __local_bh_enable_ip+0xa1/0xb0
[  654.764013][    C1]  _raw_spin_unlock_bh+0x2d/0x40
[  654.764164][    C1]  nsim_dev_trap_report_work+0x1047/0x1440
[  654.764447][    C1]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  654.764655][    C1]  process_scheduled_works+0xb8e/0x1d80
[  654.764929][    C1]  worker_thread+0xedf/0x1590
[  654.765177][    C1]  kthread+0xd59/0xf00
[  654.765318][    C1]  ? __pfx_worker_thread+0x10/0x10
[  654.765551][    C1]  ? __pfx_kthread+0x10/0x10
[  654.765743][    C1]  ret_from_fork+0x1e3/0x310
[  654.765906][    C1]  ? __pfx_kthread+0x10/0x10
[  654.766071][    C1]  ret_from_fork_asm+0x1a/0x30
[  654.766299][    C1]  </TASK>
[  654.951755][    C1] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  654.963018][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  655.032146][ T7878] F2FS-fs (loop7): do_checkpoint failed err:-5, stop checkpoint
[  655.381022][ T3791] IPVS: stop unused estimator thread 0...
[  655.442711][T10079] netlink: 'syz.3.1278': attribute type 39 has an invalid length.
[  655.495481][T10079] bridge0: port 1(bridge_slave_0) entered disabled state
[  655.506381][ T5828] Bluetooth: hci2: command tx timeout
[  655.555613][T10079] bridge_slave_0 (unregistering): left allmulticast mode
[  655.562911][T10079] bridge_slave_0 (unregistering): left promiscuous mode
[  655.570380][T10079] bridge0: port 1(bridge_slave_0) entered disabled state
[  655.983454][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  656.287802][T10048] chnl_net:caif_netlink_parms(): no params data found
[  657.023557][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  657.586738][ T5828] Bluetooth: hci2: command tx timeout
[  658.035690][T10048] bridge0: port 1(bridge_slave_0) entered blocking state
[  658.045929][T10048] bridge0: port 1(bridge_slave_0) entered disabled state
[  658.057766][T10048] bridge_slave_0: entered allmulticast mode
[  658.067750][T10048] bridge_slave_0: entered promiscuous mode
[  658.072565][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  658.163587][T10048] bridge0: port 2(bridge_slave_1) entered blocking state
[  658.171335][T10048] bridge0: port 2(bridge_slave_1) entered disabled state
[  658.179313][T10048] bridge_slave_1: entered allmulticast mode
[  658.189353][T10048] bridge_slave_1: entered promiscuous mode
[  658.512912][T10116] loop7: detected capacity change from 0 to 128
[  658.564110][T10048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  658.610241][T10048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  658.888039][T10048] team0: Port device team_slave_0 added
[  658.953310][T10048] team0: Port device team_slave_1 added
[  659.102187][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  659.282626][T10048] batman_adv: batadv0: Adding interface: batadv_slave_0
[  659.289786][T10048] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  659.320198][T10048] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  659.416366][ T4273] kworker/u8:25: attempt to access beyond end of device
[  659.416366][ T4273] loop7: rw=1, sector=145, nr_sectors = 16 limit=128
[  659.434315][ T4273] kworker/u8:25: attempt to access beyond end of device
[  659.434315][ T4273] loop7: rw=1, sector=169, nr_sectors = 8 limit=128
[  659.450209][ T4273] kworker/u8:25: attempt to access beyond end of device
[  659.450209][ T4273] loop7: rw=1, sector=185, nr_sectors = 8 limit=128
[  659.464516][ T4273] kworker/u8:25: attempt to access beyond end of device
[  659.464516][ T4273] loop7: rw=1, sector=201, nr_sectors = 8 limit=128
[  659.479096][ T4273] kworker/u8:25: attempt to access beyond end of device
[  659.479096][ T4273] loop7: rw=1, sector=217, nr_sectors = 8 limit=128
[  659.616892][T10048] batman_adv: batadv0: Adding interface: batadv_slave_1
[  659.627235][T10048] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  659.654856][T10048] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  659.736559][ T5828] Bluetooth: hci2: command tx timeout
[  659.870266][ T4273] kworker/u8:25: attempt to access beyond end of device
[  659.870266][ T4273] loop7: rw=1, sector=233, nr_sectors = 8 limit=128
[  660.141559][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  660.929642][T10048] hsr_slave_0: entered promiscuous mode
[  660.941449][T10048] hsr_slave_1: entered promiscuous mode
[  660.950284][T10048] debugfs: 'hsr0' already exists in 'hsr'
[  660.962886][T10048] Cannot create hsr debugfs directory
[  661.181952][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  662.220397][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  662.569336][T10048] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  662.624848][T10048] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  662.633935][   T30] audit: type=1326 audit(1755937668.934:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10145 comm="syz.2.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34dbd8ebe9 code=0x7fc00000
[  662.651618][T10048] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  662.804596][T10048] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  663.260182][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  663.842585][T10169] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1311'.
[  663.852371][T10169] netlink: 'syz.7.1311': attribute type 7 has an invalid length.
[  663.860636][T10169] netlink: 'syz.7.1311': attribute type 8 has an invalid length.
[  663.868690][T10169] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1311'.
[  663.894295][T10169] erspan0: entered promiscuous mode
[  663.906575][T10169] gretap0: entered promiscuous mode
[  663.985434][T10171] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1309'.
[  664.196515][T10169] erspan0: left promiscuous mode
[  664.276782][T10169] gretap0: left promiscuous mode
[  664.299477][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  664.401268][T10171] 0ªî{X¹¦: renamed from gretap0 (while UP)
[  664.422500][T10171] 0ªî{X¹¦: entered allmulticast mode
[  664.430822][T10171] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  664.651452][T10048] 8021q: adding VLAN 0 to HW filter on device bond0
[  665.045472][T10048] 8021q: adding VLAN 0 to HW filter on device team0
[  665.064791][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  665.165726][ T1861] bridge0: port 1(bridge_slave_0) entered blocking state
[  665.173432][ T1861] bridge0: port 1(bridge_slave_0) entered forwarding state
[  665.262397][ T4273] bridge0: port 2(bridge_slave_1) entered blocking state
[  665.270164][ T4273] bridge0: port 2(bridge_slave_1) entered forwarding state
[  665.274327][T10178] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  665.339144][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  666.084207][T10186] bridge_slave_0: left allmulticast mode
[  666.090271][T10186] bridge_slave_0: left promiscuous mode
[  666.097122][T10186] bridge0: port 1(bridge_slave_0) entered disabled state
[  666.146379][T10186] bridge_slave_1: left allmulticast mode
[  666.152941][T10186] bridge_slave_1: left promiscuous mode
[  666.161727][T10186] bridge0: port 2(bridge_slave_1) entered disabled state
[  666.286049][T10186] bond0: (slave bond_slave_0): Releasing backup interface
[  666.380754][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  666.412575][T10186] bond0: (slave bond_slave_1): Releasing backup interface
[  666.607171][T10186] team0: Port device team_slave_0 removed
[  666.704770][T10186] team0: Port device team_slave_1 removed
[  666.716272][T10186] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  666.724116][T10186] batman_adv: batadv0: Removing interface: batadv_slave_0
[  666.742281][T10186] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  666.750208][T10186] batman_adv: batadv0: Removing interface: batadv_slave_1
[  666.960035][T10186] bond1: (slave geneve2): Releasing active interface
[  667.428000][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  667.764107][T10201] loop2: detected capacity change from 0 to 2048
[  667.864062][T10201] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  667.980862][   T30] audit: type=1800 audit(1755937674.287:23): pid=10201 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1322" name="file1" dev="loop2" ino=1367 res=0 errno=0
[  668.015175][T10048] 8021q: adding VLAN 0 to HW filter on device batadv0
[  668.457195][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  668.539712][T10048] veth0_vlan: entered promiscuous mode
[  668.691176][T10048] veth1_vlan: entered promiscuous mode
[  668.990247][T10048] veth0_macvtap: entered promiscuous mode
[  669.019698][T10048] veth1_macvtap: entered promiscuous mode
[  669.168578][T10048] batman_adv: batadv0: Interface activated: batadv_slave_0
[  669.268665][T10048] batman_adv: batadv0: Interface activated: batadv_slave_1
[  669.368878][ T3791] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  669.408414][ T3791] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  669.445508][ T3791] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  669.497045][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  669.510937][ T3791] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  670.536190][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  670.730187][T10239] team_slave_0: entered promiscuous mode
[  670.736368][T10239] team_slave_1: entered promiscuous mode
[  670.750005][T10239] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  671.582643][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  671.647512][T10245] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1340'.
[  672.615160][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  672.944133][T10260] loop2: detected capacity change from 0 to 2048
[  673.027380][T10260] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  673.038577][T10260] UDF-fs: Scanning with blocksize 512 failed
[  673.215209][T10260] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  673.413497][T10260] overlayfs: upper fs needs to support d_type.
[  673.462613][T10260] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  673.470348][T10260] overlayfs: failed to set xattr on upper
[  673.476415][T10260] overlayfs: ...falling back to redirect_dir=nofollow.
[  673.483444][T10260] overlayfs: ...falling back to index=off.
[  673.489753][T10260] overlayfs: ...falling back to uuid=null.
[  673.664795][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  674.694090][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  674.919774][T10295] ip6gre1: entered allmulticast mode
[  675.734094][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  676.126078][T10315] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  676.634832][T10324] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1371'.
[  676.773005][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  676.859003][ T3656] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  676.870925][ T3656] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  677.084666][ T1861] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  677.096053][ T1861] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  677.484604][T10331] loop2: detected capacity change from 0 to 2364
[  677.514034][T10331] iso9660: Bad value for 'sbsector'
[  677.523735][T10337] netlink: 100 bytes leftover after parsing attributes in process `syz.7.1376'.
[  677.578710][T10339] netlink: 'syz.1.1262': attribute type 29 has an invalid length.
[  677.633628][T10339] netlink: 'syz.1.1262': attribute type 29 has an invalid length.
[  677.692058][T10339] netlink: 500 bytes leftover after parsing attributes in process `syz.1.1262'.
[  677.823651][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  678.850978][T10356] loop2: detected capacity change from 0 to 64
[  678.861972][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  679.045538][T10359] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1385'.
[  679.055264][T10359] netlink: 'syz.3.1385': attribute type 19 has an invalid length.
[  679.063496][T10359] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1385'.
[  679.626787][T10357] loop1: detected capacity change from 0 to 32768
[  679.896566][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  679.964109][T10357] JBD2: Ignoring recovery information on journal
[  680.229835][T10357] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  680.669127][T10048] ocfs2: Unmounting device (7,1) on (node local)
[  680.930972][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  681.072169][T10373] netlink: 'syz.2.1390': attribute type 3 has an invalid length.
[  681.885002][T10387] input: syz1 as /devices/virtual/input/input18
[  681.971195][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  683.009923][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  683.812622][T10410] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1408'.
[  683.980520][ T1908] usb 8-1: new full-speed USB device number 7 using dummy_hcd
[  684.049632][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  684.215717][ T1908] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  684.226530][ T1908] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  684.450289][ T1908] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  684.460049][ T1908] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  684.468319][ T1908] usb 8-1: Product: syz
[  684.475911][ T1908] usb 8-1: Manufacturer: syz
[  684.480985][ T1908] usb 8-1: SerialNumber: syz
[  685.088847][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  685.100406][ T1908] usb 8-1: 0:2 : does not exist
[  685.249973][ T1908] usb 8-1: 5:0: failed to get current value for ch 0 (-22)
[  685.289573][    T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  685.581649][    T9] usb 2-1: config index 0 descriptor too short (expected 45, got 36)
[  685.590769][    T9] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  685.602774][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  685.614100][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  685.630838][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  685.646071][    T9] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  685.655853][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  685.678739][ T1908] usb 8-1: USB disconnect, device number 7
[  685.971019][    T9] usb 2-1: config 0 descriptor??
[  685.979708][T10417] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  686.128773][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  686.484150][    T9] usbhid 2-1:0.0: can't add hid device: -71
[  686.491401][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  686.572587][    T9] usb 2-1: USB disconnect, device number 5
[  686.632421][T10422] IPVS: persistence engine module ip_vs_pe_@ not found
[  687.167832][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  688.117625][    T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  688.137892][ T5870] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  688.207686][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  688.312309][    T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  688.322936][    T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  688.327358][ T5870] usb 8-1: Using ep0 maxpacket: 16
[  688.370103][    T9] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  688.380145][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  688.395089][    T9] usb 3-1: SerialNumber: syz
[  688.411645][ T5870] usb 8-1: config 0 has no interfaces?
[  688.417590][ T5870] usb 8-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88
[  688.427128][ T5870] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  688.531656][ T5870] usb 8-1: config 0 descriptor??
[  688.691842][    T9] usb 3-1: 0:2 : does not exist
[  688.811732][ T1908] usb 8-1: USB disconnect, device number 8
[  688.834186][    T9] usb 3-1: USB disconnect, device number 4
[  689.246770][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  690.335783][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  690.510833][T10477] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1436'.
[  690.793688][T10467] loop2: detected capacity change from 0 to 40427
[  690.889843][T10467] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  690.898300][T10467] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  690.913057][T10467] F2FS-fs (loop2): invalid crc value
[  691.405729][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  691.757051][T10467] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  691.828226][T10467] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  691.835885][T10467] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  692.325322][T10491] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1439'.
[  692.353414][T10491] vxlan0: entered promiscuous mode
[  692.445747][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  693.484670][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  694.451534][T10499] loop7: detected capacity change from 0 to 40427
[  694.475968][T10499] F2FS-fs (loop7): invalid crc value
[  694.528154][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  694.868550][T10499] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  694.897624][T10499] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  694.998025][T10499] F2FS-fs (loop7): Stopped filesystem due to reason: 0
[  695.563763][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  696.603521][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  696.662041][T10528] loop2: detected capacity change from 0 to 1024
[  697.448880][T10537] syz_tun: entered allmulticast mode
[  697.528516][T10535] syz_tun: left allmulticast mode
[  697.643147][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  698.190367][ T3935] hfsplus: b-tree write err: -5, ino 4
[  698.682682][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  698.902888][T10550] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1460'.
[  699.014321][T10550] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1460'.
[  699.286130][ T5870] libceph: connect (1)[c::]:6789 error -101
[  699.292941][ T5870] libceph: mon0 (1)[c::]:6789 connect error
[  699.378748][ T5870] libceph: connect (1)[c::]:6789 error -101
[  699.385253][ T5870] libceph: mon0 (1)[c::]:6789 connect error
[  699.721522][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  700.060087][T10554] ceph: No mds server is up or the cluster is laggy
[  700.119360][T10557] ceph: No mds server is up or the cluster is laggy
[  700.271151][T10563] loop2: detected capacity change from 0 to 32768
[  700.283305][ T5870] libceph: connect (1)[c::]:6789 error -101
[  700.289680][ T5870] libceph: mon0 (1)[c::]:6789 connect error
[  700.296455][T10563] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1469 (10563)
[  700.311889][ T5876] libceph: connect (1)[c::]:6789 error -101
[  700.318341][ T5876] libceph: mon0 (1)[c::]:6789 connect error
[  700.337283][T10563] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  700.348093][T10563] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  700.600813][T10563] BTRFS info (device loop2): rebuilding free space tree
[  700.664522][T10563] BTRFS info (device loop2): enabling ssd optimizations
[  700.676864][T10563] BTRFS info (device loop2): turning on sync discard
[  700.684095][T10563] BTRFS info (device loop2): enabling free space tree
[  700.691145][T10563] BTRFS info (device loop2): force clearing of disk cache
[  700.698451][T10563] BTRFS info (device loop2): enabling auto defrag
[  700.705546][T10563] BTRFS info (device loop2): max_inline set to 0
[  700.761319][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  700.857636][ T3935] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  701.087540][ T3935] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  701.296244][ T9666] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  701.315560][ T3935] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  701.527730][ T3935] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  701.800505][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  702.169512][ T3935] bridge_slave_1: left allmulticast mode
[  702.175843][ T3935] bridge_slave_1: left promiscuous mode
[  702.182531][ T3935] bridge0: port 2(bridge_slave_1) entered disabled state
[  702.840311][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  703.079977][T10595] loop7: detected capacity change from 0 to 32768
[  703.119208][ T3935] bridge_slave_0: left allmulticast mode
[  703.130289][ T3935] bridge_slave_0: left promiscuous mode
[  703.136968][ T3935] bridge0: port 1(bridge_slave_0) entered disabled state
[  703.853058][ T3935] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  703.879521][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  704.017580][ T3935] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  704.061332][ T3935] bond0 (unregistering): Released all slaves
[  704.866336][ T3935] hsr_slave_0: left promiscuous mode
[  704.875320][ T3935] hsr_slave_1: left promiscuous mode
[  704.883971][ T3935] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  704.891714][ T3935] batman_adv: batadv0: Removing interface: batadv_slave_0
[  704.919267][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  704.942594][ T3935] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  704.950418][ T3935] batman_adv: batadv0: Removing interface: batadv_slave_1
[  705.051672][ T3935] veth1_macvtap: left promiscuous mode
[  705.057453][ T3935] veth0_macvtap: left promiscuous mode
[  705.063630][ T3935] veth1_vlan: left promiscuous mode
[  705.072620][ T3935] veth0_vlan: left promiscuous mode
[  705.963105][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  706.056645][ T3935] team0 (unregistering): Port device team_slave_1 removed
[  706.231658][ T3935] team0 (unregistering): Port device team_slave_0 removed
[  706.998167][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  707.076237][T10613] loop2: detected capacity change from 0 to 32768
[  707.347798][T10613] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  707.772380][T10613] XFS (loop2): Ending clean mount
[  707.784908][ T5821] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  707.802090][ T5821] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  707.814205][ T5821] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  707.864941][ T5821] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  707.885842][ T5821] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  707.931282][T10636] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  708.037486][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  708.325933][ T9666] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  708.567751][T10646] loop6: detected capacity change from 0 to 7
[  708.614522][T10646] Dev loop6: unable to read RDB block 7
[  708.621957][T10646]  loop6: AHDI p3 p4
[  708.626103][T10646] loop6: partition table partially beyond EOD, truncated
[  708.633861][T10646] loop6: p3 start 1886353253 is beyond EOD, truncated
[  709.077164][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  709.226353][T10635] chnl_net:caif_netlink_parms(): no params data found
[  710.047177][ T5821] Bluetooth: hci2: command tx timeout
[  710.116422][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  711.113722][T10635] bridge0: port 1(bridge_slave_0) entered blocking state
[  711.124740][T10635] bridge0: port 1(bridge_slave_0) entered disabled state
[  711.133676][T10635] bridge_slave_0: entered allmulticast mode
[  711.143621][T10635] bridge_slave_0: entered promiscuous mode
[  711.156144][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  711.188850][T10635] bridge0: port 2(bridge_slave_1) entered blocking state
[  711.198648][T10635] bridge0: port 2(bridge_slave_1) entered disabled state
[  711.210712][T10635] bridge_slave_1: entered allmulticast mode
[  711.221738][T10635] bridge_slave_1: entered promiscuous mode
[  711.506232][T10635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  711.598489][T10635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  711.968455][T10635] team0: Port device team_slave_0 added
[  711.997768][T10635] team0: Port device team_slave_1 added
[  712.138255][ T5821] Bluetooth: hci2: command tx timeout
[  712.204466][T10681] netlink: 9286 bytes leftover after parsing attributes in process `syz.3.1508'.
[  712.205455][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  712.272791][T10674] netlink: zone id is out of range
[  712.278575][T10674] netlink: zone id is out of range
[  712.283861][T10674] netlink: zone id is out of range
[  712.289341][T10674] netlink: zone id is out of range
[  712.294609][T10674] netlink: zone id is out of range
[  712.300184][T10674] netlink: zone id is out of range
[  712.305650][T10674] netlink: zone id is out of range
[  712.310931][T10674] netlink: zone id is out of range
[  712.438710][T10635] batman_adv: batadv0: Adding interface: batadv_slave_0
[  712.447302][T10635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  712.474809][T10635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  712.526281][T10635] batman_adv: batadv0: Adding interface: batadv_slave_1
[  712.533444][T10635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  712.563993][T10635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  713.006297][T10635] hsr_slave_0: entered promiscuous mode
[  713.016728][T10635] hsr_slave_1: entered promiscuous mode
[  713.025601][T10635] debugfs: 'hsr0' already exists in 'hsr'
[  713.031547][T10635] Cannot create hsr debugfs directory
[  713.493513][T10699] loop7: detected capacity change from 0 to 256
[  713.536747][T10699] exfat: Deprecated parameter 'namecase'
[  713.543010][T10699] exfat: Deprecated parameter 'namecase'
[  713.733049][T10699] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  714.050440][T10707] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1518'.
[  714.060240][T10707] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1518'.
[  714.069653][T10707] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1518'.
[  714.084531][T10707] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1518'.
[  714.194829][ T5821] Bluetooth: hci2: command tx timeout
[  714.218177][ T7878] exFAT-fs (loop7): error, data size is invalid(16777215)
[  714.252194][ T7878] exFAT-fs (loop7): error, data size is invalid(16777215)
[  715.141073][T10635] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  715.296397][T10635] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  715.358582][T10635] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  715.500654][ T3695] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  715.560694][T10635] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  715.661045][ T3695] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  715.851046][ T3695] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.011274][ T3695] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  716.316847][ T5821] Bluetooth: hci2: command tx timeout
[  716.353236][    C1] net_ratelimit: 38 callbacks suppressed
[  716.353323][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  717.393052][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  717.403413][ T3695] bond0 (unregistering): Released all slaves
[  717.427788][ T3695] bond1 (unregistering): Released all slaves
[  717.923933][T10635] 8021q: adding VLAN 0 to HW filter on device bond0
[  718.148314][ T3695] hsr_slave_0: left promiscuous mode
[  718.169285][ T3695] hsr_slave_1: left promiscuous mode
[  718.208723][ T3695] veth1_macvtap: left promiscuous mode
[  718.215679][ T3695] veth0_macvtap: left promiscuous mode
[  718.221609][ T3695] veth1_vlan: left promiscuous mode
[  718.227337][ T3695] veth0_vlan: left promiscuous mode
[  718.432260][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  719.472024][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  719.671840][ T5828] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  719.695149][ T5828] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  719.708255][ T5828] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  719.728386][ T5828] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  719.740557][ T5828] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  719.944081][T10635] 8021q: adding VLAN 0 to HW filter on device team0
[  720.046206][ T3791] bridge0: port 1(bridge_slave_0) entered blocking state
[  720.053848][ T3791] bridge0: port 1(bridge_slave_0) entered forwarding state
[  720.390329][ T3791] bridge0: port 2(bridge_slave_1) entered blocking state
[  720.397967][ T3791] bridge0: port 2(bridge_slave_1) entered forwarding state
[  720.511183][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  720.754890][T10635] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  721.561022][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  721.788461][T10741] chnl_net:caif_netlink_parms(): no params data found
[  722.031622][ T5821] Bluetooth: hci4: command tx timeout
[  722.291111][T10635] 8021q: adding VLAN 0 to HW filter on device batadv0
[  722.600110][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  722.745097][T10635] veth0_vlan: entered promiscuous mode
[  722.880976][T10635] veth1_vlan: entered promiscuous mode
[  723.236893][T10635] veth0_macvtap: entered promiscuous mode
[  723.293643][T10635] veth1_macvtap: entered promiscuous mode
[  723.640310][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  723.648444][T10741] bridge0: port 1(bridge_slave_0) entered blocking state
[  723.658033][T10741] bridge0: port 1(bridge_slave_0) entered disabled state
[  723.666082][T10741] bridge_slave_0: entered allmulticast mode
[  723.675745][T10741] bridge_slave_0: entered promiscuous mode
[  723.710381][T10741] bridge0: port 2(bridge_slave_1) entered blocking state
[  723.717978][T10741] bridge0: port 2(bridge_slave_1) entered disabled state
[  723.726081][T10741] bridge_slave_1: entered allmulticast mode
[  723.736050][T10741] bridge_slave_1: entered promiscuous mode
[  724.130393][ T5821] Bluetooth: hci4: command tx timeout
[  724.321257][T10741] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  724.505571][T10741] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  724.572792][T10783] loop2: detected capacity change from 0 to 32768
[  724.627549][T10783] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  724.669035][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  724.674855][T10635] batman_adv: batadv0: Interface activated: batadv_slave_0
[  724.803526][T10783] XFS (loop2): Ending clean mount
[  724.805152][T10741] team0: Port device team_slave_0 added
[  724.836709][T10741] team0: Port device team_slave_1 added
[  724.846820][T10783] XFS (loop2): Quotacheck needed: Please wait.
[  724.952055][T10783] XFS (loop2): Quotacheck: Done.
[  724.985881][T10635] batman_adv: batadv0: Interface activated: batadv_slave_1
[  725.003758][T10741] batman_adv: batadv0: Adding interface: batadv_slave_0
[  725.012602][T10741] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  725.041472][T10741] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  725.154827][ T3695] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  725.201972][ T9666] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  725.219502][ T3695] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  725.262661][ T3695] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  725.276283][T10741] batman_adv: batadv0: Adding interface: batadv_slave_1
[  725.285305][T10741] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  725.312458][T10741] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  725.336000][   T14] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  725.708858][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  725.817070][T10741] hsr_slave_0: entered promiscuous mode
[  725.827770][T10741] hsr_slave_1: entered promiscuous mode
[  725.920857][T10806] netlink: 'syz.9.1549': attribute type 4 has an invalid length.
[  726.211148][ T5821] Bluetooth: hci4: command tx timeout
[  726.470947][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  726.748027][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  727.485902][T10741] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  727.554904][T10741] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  727.631582][T10741] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  727.663279][ T5870] libceph: connect (1)[c::]:6789 error -101
[  727.669921][ T5870] libceph: mon0 (1)[c::]:6789 connect error
[  727.702745][T10741] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  727.789834][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  727.938976][ T5876] libceph: connect (1)[c::]:6789 error -101
[  727.945361][ T5876] libceph: mon0 (1)[c::]:6789 connect error
[  728.274334][ T5821] Bluetooth: hci4: command tx timeout
[  728.349707][T10822] ceph: No mds server is up or the cluster is laggy
[  728.476544][T10741] 8021q: adding VLAN 0 to HW filter on device bond0
[  728.622859][T10741] 8021q: adding VLAN 0 to HW filter on device team0
[  728.674757][ T3695] bridge0: port 1(bridge_slave_0) entered blocking state
[  728.682449][ T3695] bridge0: port 1(bridge_slave_0) entered forwarding state
[  728.761201][ T3695] bridge0: port 2(bridge_slave_1) entered blocking state
[  728.768833][ T3695] bridge0: port 2(bridge_slave_1) entered forwarding state
[  728.826956][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  729.814252][T10840] loop2: detected capacity change from 0 to 32768
[  729.866776][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  729.902066][T10840] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  729.980851][T10854] overlayfs: failed to clone upperpath
[  730.198569][T10840] XFS (loop2): Ending clean mount
[  730.210793][T10840] XFS (loop2): Quotacheck needed: Please wait.
[  730.241649][T10840] XFS (loop2): Quotacheck: Done.
[  730.438522][ T9666] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  730.641244][ T5821] Bluetooth: hci3: unexpected event for opcode 0x2005
[  730.906729][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  731.482720][T10741] 8021q: adding VLAN 0 to HW filter on device batadv0
[  731.945822][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  732.116703][ T3695] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  732.124951][ T3695] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  732.761064][ T3791] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  732.769390][ T3791] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  732.984974][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  733.343884][T10896] batadv_slave_1: entered promiscuous mode
[  733.383443][T10895] batadv_slave_1: left promiscuous mode
[  733.636472][ T5828] Bluetooth: hci1: command 0x0406 tx timeout
[  733.969567][T10893] loop2: detected capacity change from 0 to 32768
[  733.987259][T10893] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1571 (10893)
[  734.012829][T10893] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  734.024653][T10893] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  734.033939][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  734.267826][T10893] BTRFS info (device loop2): enabling ssd optimizations
[  734.275457][T10893] BTRFS info (device loop2): turning on async discard
[  734.282447][T10893] BTRFS info (device loop2): enabling free space tree
[  734.587919][ T9666] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  735.073942][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  735.218095][T10741] veth0_vlan: entered promiscuous mode
[  735.299407][T10741] veth1_vlan: entered promiscuous mode
[  735.594120][T10741] veth0_macvtap: entered promiscuous mode
[  735.642164][T10935] capability: warning: `syz.0.1580' uses deprecated v2 capabilities in a way that may be insecure
[  735.662333][T10741] veth1_macvtap: entered promiscuous mode
[  735.731832][T10935] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  735.741541][T10935] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  735.753105][T10935] overlayfs: failed to get uuid (2/file1, err=-13); falling back to uuid=null.
[  735.820487][T10741] batman_adv: batadv0: Interface activated: batadv_slave_0
[  735.907673][T10741] batman_adv: batadv0: Interface activated: batadv_slave_1
[  735.985653][ T3695] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  736.014413][ T3695] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  736.059900][ T3695] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  736.103760][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  736.133780][ T3695] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  736.346882][T10942] loop2: detected capacity change from 0 to 512
[  736.433647][T10942] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  736.501190][T10942] EXT4-fs (loop2): invalid journal inode
[  736.508394][T10942] EXT4-fs (loop2): can't get journal size
[  736.562266][T10942] EXT4-fs (loop2): 1 truncate cleaned up
[  736.570898][T10942] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  737.051333][ T9666] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  737.143322][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  737.994452][T10972] netlink: 'syz.2.1590': attribute type 4 has an invalid length.
[  738.044240][T10973] netlink: 'syz.2.1590': attribute type 4 has an invalid length.
[  738.182727][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  738.511221][T10980] overlayfs: failed to clone upperpath
[  739.221941][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  740.261667][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  741.300835][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  741.325806][T11034] overlayfs: failed to clone lowerpath
[  741.385842][ T3725] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  741.394623][ T3725] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  741.668245][ T4273] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  741.676463][ T4273] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  742.340606][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  743.380142][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  743.698806][T11076] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1630'.
[  743.801188][T11076] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1630'.
[  744.419626][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  745.172644][T11085] loop0: detected capacity change from 0 to 32768
[  745.275387][T11091] netlink: 'syz.5.1637': attribute type 16 has an invalid length.
[  745.284941][T11091] netlink: 64138 bytes leftover after parsing attributes in process `syz.5.1637'.
[  745.458663][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  746.105039][ T5870] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  746.311041][ T5870] usb 6-1: Using ep0 maxpacket: 8
[  746.389440][ T5870] usb 6-1: config index 0 descriptor too short (expected 6427, got 27)
[  746.398308][ T5870] usb 6-1: config 0 has an invalid interface number: 21 but max is 0
[  746.406633][ T5870] usb 6-1: config 0 has no interface number 0
[  746.413360][ T5870] usb 6-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  746.429758][ T5870] usb 6-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  746.442987][ T5870] usb 6-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  746.498452][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  746.652167][ T5870] usb 6-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  746.662378][ T5870] usb 6-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  746.670745][ T5870] usb 6-1: Product: syz
[  746.750336][ T5870] usb 6-1: config 0 descriptor??
[  746.769146][T11098] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  747.295355][T11109] atomic_op ffff88804a245d28 conn xmit_atomic 0000000000000000
[  747.428506][ T5870] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.21/input/input20
[  747.539814][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  747.700458][    T9] usb 6-1: USB disconnect, device number 3
[  747.700484][    C1] keyspan_remote 6-1:0.21: keyspan_irq_recv - usb_submit_urb failed with result: -19
[  748.555646][T11121] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1650'.
[  748.577477][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  748.586805][T11121] dummy0: entered promiscuous mode
[  748.598780][T11121] batadv_slave_0: entered promiscuous mode
[  749.616600][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  750.136291][T11135] loop0: detected capacity change from 0 to 32768
[  750.361224][T11135] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  750.361355][T11135]   allowing incompatible features above 0.0: (unknown version)
[  750.361447][T11135]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  750.398984][T11135] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  750.413133][T11135] bcachefs (loop0): initializing new filesystem
[  750.434743][T11135] bcachefs (loop0): going read-write
[  750.473580][T11135] bcachefs (loop0): marking superblocks
[  750.534841][T11135] bcachefs (loop0): initializing freespace
[  750.564249][T11135] bcachefs (loop0): done initializing freespace
[  750.585260][T11135] bcachefs (loop0): reading snapshots table
[  750.588081][T11158] loop2: detected capacity change from 0 to 128
[  750.591750][T11135] bcachefs (loop0): reading snapshots done
[  750.666306][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  750.720829][T11158] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  750.749891][T11135] bcachefs (loop0):  loop0: Superblock write was silently dropped! (seq 0 expected 42)
[  750.763997][T11135] bcachefs (loop0): done starting filesystem
[  750.806554][T11158] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  751.695544][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  751.872676][T11169] veth0: entered promiscuous mode
[  751.923192][T11169] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1666'.
[  752.634015][T10635] bcachefs (loop0): shutting down
[  752.639891][T10635] bcachefs (loop0): going read-only
[  752.645538][T10635] bcachefs (loop0): finished waiting for writes to stop
[  752.711481][T10635] bcachefs (loop0): flushing journal and stopping allocators, journal seq 5
[  752.745528][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  753.195929][T10635] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 7
[  753.221249][T10635] bcachefs (loop0): clean shutdown complete, journal seq 8
[  753.258524][T10635] bcachefs (loop0): marking filesystem clean
[  753.575889][T10635] bcachefs (loop0): shutdown complete
[  753.725865][ T5870] kernel read not supported for file /232/oom_adj (pid: 5870 comm: kworker/1:3)
[  753.774522][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  754.814742][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  755.599278][T11215] loop5: detected capacity change from 0 to 64
[  755.855841][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  756.066966][T11220] netlink: 'syz.2.1688': attribute type 1 has an invalid length.
[  756.166606][T11220] bond1: entered promiscuous mode
[  756.173317][T11220] 8021q: adding VLAN 0 to HW filter on device bond1
[  756.331379][T11223] 8021q: adding VLAN 0 to HW filter on device bond1
[  756.341477][T11223] bond1: (slave ip6gre2): The slave device specified does not support setting the MAC address
[  756.356146][T11223] bond1: (slave ip6gre2): Setting fail_over_mac to active for active-backup mode
[  756.381383][T11223] bond1: (slave ip6gre2): making interface the new active one
[  756.390322][T11223] ip6gre2: entered promiscuous mode
[  756.404496][T11223] bond1: (slave ip6gre2): Enslaving as an active interface with an up link
[  756.894830][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  757.782625][ T5825] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  757.791780][ T5825] Bluetooth: hci0: Injecting HCI hardware error event
[  757.799464][ T5828] Bluetooth: hci0: hardware error 0x00
[  757.934516][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  758.295964][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  758.984807][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  759.758396][T11283] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1714'.
[  759.855168][ T5828] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  759.856824][T11286] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1715'.
[  760.014512][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  760.844033][T11298] bridge0: port 3(syz_tun) entered blocking state
[  760.856584][T11298] bridge0: port 3(syz_tun) entered disabled state
[  760.863753][T11298] syz_tun: entered allmulticast mode
[  760.872878][T11298] syz_tun: entered promiscuous mode
[  760.880735][T11298] bridge0: port 3(syz_tun) entered blocking state
[  760.887769][T11298] bridge0: port 3(syz_tun) entered forwarding state
[  760.915558][T11301] program syz.5.1720 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  761.059542][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  762.094718][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  762.160891][T11310] loop5: detected capacity change from 0 to 32768
[  762.208050][T11310] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1726 (11310)
[  762.230834][T11310] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  762.241486][T11310] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  762.244837][    T9] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  762.482722][T11310] BTRFS info (device loop5): rebuilding free space tree
[  762.500574][    T9] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  762.512577][    T9] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  762.524021][    T9] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  762.528553][T11310] BTRFS info (device loop5): setting nodatasum
[  762.533747][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  762.539972][T11310] BTRFS info (device loop5): allowing degraded mounts
[  762.554865][T11310] BTRFS info (device loop5): setting nodatacow
[  762.561233][T11310] BTRFS info (device loop5): enabling ssd optimizations
[  762.568514][T11310] BTRFS info (device loop5): enabling free space tree
[  762.575616][T11310] BTRFS info (device loop5): force clearing of disk cache
[  762.678871][T11317] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  762.792753][    T9] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  762.902325][T10741] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  763.114038][ T5870] usb 3-1: USB disconnect, device number 5
[  763.134830][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  764.175113][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  765.214840][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  766.254498][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  767.064811][    T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  767.286032][    T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  767.296657][    T9] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  767.305881][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  767.357842][    T9] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  767.367453][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  767.379979][    T9] usb 3-1: SerialNumber: syz
[  767.666736][    T9] usb 3-1: 0:2 : does not exist
[  767.749172][    T9] usb 3-1: USB disconnect, device number 6
[  767.994874][   T14] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.105061][   T14] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.232733][   T14] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.319576][   T14] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  768.344495][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  768.608912][T11417] bond_slave_0: entered allmulticast mode
[  768.624089][T11417] bond_slave_0: left allmulticast mode
[  769.374772][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  769.472581][T11421] loop5: detected capacity change from 0 to 32768
[  769.496220][   T14] bridge_slave_1: left allmulticast mode
[  769.502106][   T14] bridge_slave_1: left promiscuous mode
[  769.509020][   T14] bridge0: port 2(bridge_slave_1) entered disabled state
[  769.727109][   T14] bridge_slave_0: left allmulticast mode
[  769.733089][   T14] bridge_slave_0: left promiscuous mode
[  769.740357][   T14] bridge0: port 1(bridge_slave_0) entered disabled state
[  769.810362][T11421] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  769.810535][T11421]   allowing incompatible features above 0.0: (unknown version)
[  769.810621][T11421]   features: 
[  769.845497][T11421] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  769.853926][T11421] bcachefs (loop5): initializing new filesystem
[  769.879914][T11421] bcachefs (loop5): going read-write
[  769.989169][T11421] bcachefs (loop5): marking superblocks
[  770.044735][T11421] bcachefs (loop5): initializing freespace
[  770.079968][T11421] bcachefs (loop5): done initializing freespace
[  770.100775][T11421] bcachefs (loop5): reading snapshots table
[  770.107312][T11421] bcachefs (loop5): reading snapshots done
[  770.236852][T11439] 9pnet_fd: Insufficient options for proto=fd
[  770.327654][T11421] bcachefs (loop5): done starting filesystem
[  770.414522][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  770.855775][ T5828] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  770.918459][T10741] bcachefs (loop5): shutting down
[  770.923683][T10741] bcachefs (loop5): going read-only
[  770.929318][T10741] bcachefs (loop5): finished waiting for writes to stop
[  770.958479][T11444] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  770.967960][T11444] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  771.002126][T11444] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  771.014149][T11444] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  771.076284][T10741] bcachefs (loop5): flushing journal and stopping allocators, journal seq 3
[  771.256210][   T14] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  771.327958][   T14] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  771.355279][   T14] bond0 (unregistering): Released all slaves
[  771.454850][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  771.743631][T10741] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 3
[  771.821491][T10741] bcachefs (loop5): clean shutdown complete, journal seq 4
[  771.856212][T10741] bcachefs (loop5): marking filesystem clean
[  772.498194][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  772.567295][T10741] bcachefs (loop5): shutdown complete
[  773.060551][T11444] Bluetooth: hci2: command tx timeout
[  773.165161][   T14] dummy0: left promiscuous mode
[  773.225328][   T14] batadv_slave_0: left promiscuous mode
[  773.302896][   T14] hsr_slave_0: left promiscuous mode
[  773.323690][   T14] hsr_slave_1: left promiscuous mode
[  773.332114][   T14] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  773.340244][   T14] batman_adv: batadv0: Removing interface: batadv_slave_0
[  773.385374][   T14] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  773.392997][   T14] batman_adv: batadv0: Removing interface: batadv_slave_1
[  773.535016][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  773.588252][   T14] veth1_macvtap: left promiscuous mode
[  773.594228][   T14] veth0_macvtap: left promiscuous mode
[  773.600266][   T14] veth1_vlan: left promiscuous mode
[  773.606027][   T14] veth0_vlan: left promiscuous mode
[  774.311576][T11471] overlayfs: failed to clone lowerpath
[  774.395439][T11471] overlayfs: failed to clone lowerpath
[  774.584489][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  774.638070][   T14] team0 (unregistering): Port device team_slave_1 removed
[  774.704202][   T14] team0 (unregistering): Port device team_slave_0 removed
[  775.141807][T11444] Bluetooth: hci2: command tx timeout
[  775.614944][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  775.852794][T11440] chnl_net:caif_netlink_parms(): no params data found
[  776.506120][ T3791] wlan1: Trigger new scan to find an IBSS to join
[  776.654521][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  776.820844][T11489] loop2: detected capacity change from 0 to 32768
[  776.834096][T11493] netlink: 56 bytes leftover after parsing attributes in process `syz.9.1795'.
[  777.056545][T11489] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,checksum_err_retry_nr=12,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,degraded=yes,nojournal_transaction_names
[  777.056723][T11489]   allowing incompatible features above 0.0: (unknown version)
[  777.056821][T11489]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  777.105595][T11489] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  777.114011][T11489] bcachefs (loop2): initializing new filesystem
[  777.139183][T11489] bcachefs (loop2): going read-write
[  777.189786][T11489] bcachefs (loop2): marking superblocks
[  777.247893][T11489] bcachefs (loop2): initializing freespace
[  777.276452][T11489] bcachefs (loop2): done initializing freespace
[  777.297189][T11489] bcachefs (loop2): reading snapshots table
[  777.303522][T11489] bcachefs (loop2): reading snapshots done
[  777.305883][T11444] Bluetooth: hci2: command tx timeout
[  777.456514][T11489] bcachefs (loop2): done starting filesystem
[  777.582353][ T5825] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  777.694842][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  777.782145][ T9666] bcachefs (loop2): shutting down
[  777.788161][ T9666] bcachefs (loop2): going read-only
[  777.793574][ T9666] bcachefs (loop2): finished waiting for writes to stop
[  777.813138][ T9666] bcachefs (loop2): flushing journal and stopping allocators, journal seq 2
[  777.971429][ T9666] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  778.049550][ T9666] bcachefs (loop2): clean shutdown complete, journal seq 4
[  778.100331][ T9666] bcachefs (loop2): marking filesystem clean
[  778.238243][ T9666] bcachefs (loop2): shutdown complete
[  778.518491][T11440] bridge0: port 1(bridge_slave_0) entered blocking state
[  778.526253][T11440] bridge0: port 1(bridge_slave_0) entered disabled state
[  778.534235][T11440] bridge_slave_0: entered allmulticast mode
[  778.544231][T11440] bridge_slave_0: entered promiscuous mode
[  778.645761][T11440] bridge0: port 2(bridge_slave_1) entered blocking state
[  778.653451][T11440] bridge0: port 2(bridge_slave_1) entered disabled state
[  778.662041][T11440] bridge_slave_1: entered allmulticast mode
[  778.673998][T11440] bridge_slave_1: entered promiscuous mode
[  778.734489][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  778.804825][T11440] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  778.838832][T11440] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  779.007658][T11440] team0: Port device team_slave_0 added
[  779.036552][T11527] loop5: detected capacity change from 0 to 512
[  779.049873][T11440] team0: Port device team_slave_1 added
[  779.074899][T11527] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  779.141121][T11527] EXT4-fs (loop5): 1 truncate cleaned up
[  779.151811][T11527] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  779.186126][T11440] batman_adv: batadv0: Adding interface: batadv_slave_0
[  779.193294][T11440] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  779.219684][T11440] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  779.236926][T11440] batman_adv: batadv0: Adding interface: batadv_slave_1
[  779.244072][T11440] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  779.273201][T11440] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  779.374705][ T5825] Bluetooth: hci2: command tx timeout
[  779.539371][T10741] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  779.577644][T11440] hsr_slave_0: entered promiscuous mode
[  779.588082][T11440] hsr_slave_1: entered promiscuous mode
[  779.602302][T11440] debugfs: 'hsr0' already exists in 'hsr'
[  779.612982][T11440] Cannot create hsr debugfs directory
[  779.774877][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  780.497366][   T14] wlan1: Trigger new scan to find an IBSS to join
[  780.814485][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  781.584798][ T3791] wlan1: Creating new IBSS network, BSSID 00:00:00:8d:00:00
[  781.855155][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  781.994043][T11440] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  782.204229][T11440] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  782.342248][T11440] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  782.395493][T11440] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  782.894486][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  783.238757][T11440] 8021q: adding VLAN 0 to HW filter on device bond0
[  783.615323][T11440] 8021q: adding VLAN 0 to HW filter on device team0
[  783.717836][ T3656] bridge0: port 1(bridge_slave_0) entered blocking state
[  783.725659][ T3656] bridge0: port 1(bridge_slave_0) entered forwarding state
[  783.934835][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  783.981144][ T3656] bridge0: port 2(bridge_slave_1) entered blocking state
[  783.988842][ T3656] bridge0: port 2(bridge_slave_1) entered forwarding state
[  784.152784][T11564] loop2: detected capacity change from 0 to 40427
[  784.170555][T11564] F2FS-fs (loop2): invalid crc value
[  784.699257][T11564] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  784.773541][T11564] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  784.941050][T11566] loop5: detected capacity change from 0 to 32768
[  784.974492][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  785.022822][ T9666] syz-executor: attempt to access beyond end of device
[  785.022822][ T9666] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  785.037573][ T9666] CPU: 0 UID: 0 PID: 9666 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(none) 
[  785.037726][ T9666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  785.037814][ T9666] Call Trace:
[  785.037870][ T9666]  <TASK>
[  785.037922][ T9666]  __dump_stack+0x26/0x30
[  785.038122][ T9666]  dump_stack_lvl+0x1df/0x270
[  785.038315][ T9666]  dump_stack+0x1e/0x25
[  785.038490][ T9666]  f2fs_handle_critical_error+0xa6f/0xc20
[  785.038738][ T9666]  f2fs_stop_checkpoint+0x65/0x80
[  785.038945][ T9666]  f2fs_write_end_io+0x101c/0x1bc0
[  785.039203][ T9666]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  785.039417][ T9666]  bio_endio+0xde2/0xf30
[  785.039574][ T9666]  submit_bio_noacct+0x213/0x2750
[  785.039798][ T9666]  submit_bio+0x57c/0x630
[  785.039964][ T9666]  f2fs_submit_write_bio+0x92/0x250
[  785.040183][ T9666]  __submit_merged_bio+0x16f/0x6a0
[  785.040372][ T9666]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  785.040566][ T9666]  __submit_merged_write_cond+0x458/0x9a0
[  785.040783][ T9666]  f2fs_write_data_pages+0x4bb2/0x5480
[  785.041145][ T9666]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  785.041328][ T9666]  ? folios_put_refs+0x41/0xb10
[  785.041522][ T9666]  ? filter_irq_stacks+0x49/0x190
[  785.041731][ T9666]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  785.041910][ T9666]  ? stack_depot_save_flags+0x35/0x7b0
[  785.042115][ T9666]  ? kmsan_get_metadata+0xfb/0x160
[  785.042297][ T9666]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  785.042465][ T9666]  ? kmsan_get_metadata+0xfb/0x160
[  785.042635][ T9666]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  785.042809][ T9666]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  785.043015][ T9666]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  785.043229][ T9666]  do_writepages+0x3ef/0x860
[  785.043387][ T9666]  ? _raw_spin_unlock+0x30/0x50
[  785.043537][ T9666]  ? wbc_attach_and_unlock_inode+0x131/0x680
[  785.043775][ T9666]  filemap_fdatawrite+0x207/0x260
[  785.044027][ T9666]  f2fs_sync_dirty_inodes+0x2ab/0x9e0
[  785.044229][ T9666]  f2fs_write_checkpoint+0xfe2/0x2b00
[  785.044523][ T9666]  kill_f2fs_super+0x2ff/0x970
[  785.044700][ T9666]  ? __pfx_kill_f2fs_super+0x10/0x10
[  785.044857][ T9666]  deactivate_locked_super+0xcb/0x3c0
[  785.045048][ T9666]  deactivate_super+0x12f/0x140
[  785.045214][ T9666]  cleanup_mnt+0x6fb/0x780
[  785.045406][ T9666]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  785.045581][ T9666]  ? __pfx___cleanup_mnt+0x10/0x10
[  785.045781][ T9666]  __cleanup_mnt+0x22/0x30
[  785.045967][ T9666]  task_work_run+0x206/0x2b0
[  785.046158][ T9666]  exit_to_user_mode_loop+0x2a6/0x330
[  785.046333][ T9666]  do_syscall_64+0x1e3/0x210
[  785.046509][ T9666]  ? irqentry_exit+0x16/0x60
[  785.046669][ T9666]  ? clear_bhb_loop+0x40/0x90
[  785.046829][ T9666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.046989][ T9666] RIP: 0033:0x7f34dbd8ff17
[  785.047108][ T9666] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  785.047241][ T9666] RSP: 002b:00007ffd56ce82f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  785.047382][ T9666] RAX: 0000000000000000 RBX: 00007f34dbe11c05 RCX: 00007f34dbd8ff17
[  785.047479][ T9666] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd56ce83b0
[  785.047581][ T9666] RBP: 00007ffd56ce83b0 R08: 0000000000000000 R09: 0000000000000000
[  785.047671][ T9666] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd56ce9440
[  785.047761][ T9666] R13: 00007f34dbe11c05 R14: 00000000000bfac3 R15: 00007ffd56ce9480
[  785.047896][ T9666]  </TASK>
[  785.395809][ T9666] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  785.523459][T11566] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  786.014894][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  786.093859][T11566] XFS (loop5): Ending clean mount
[  786.230592][T10741] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  786.671687][T11440] 8021q: adding VLAN 0 to HW filter on device batadv0
[  787.054615][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  787.877585][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  788.094816][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  788.904885][ T5874] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  789.122681][ T5874] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  789.137311][ T5874] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 62976, setting to 1024
[  789.144585][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  789.148836][ T5874] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  789.199563][T11440] veth0_vlan: entered promiscuous mode
[  789.240501][T11440] veth1_vlan: entered promiscuous mode
[  789.343643][ T5874] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  789.353906][ T5874] usb 3-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  789.362511][ T5874] usb 3-1: Product: syz
[  789.367072][ T5874] usb 3-1: Manufacturer: syz
[  789.371880][ T5874] usb 3-1: SerialNumber: syz
[  789.437301][ T5874] cdc_mbim 3-1:1.0: skipping garbage
[  789.491470][T11440] veth0_macvtap: entered promiscuous mode
[  789.569598][T11440] veth1_macvtap: entered promiscuous mode
[  789.690355][T11617] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  789.796814][T11440] batman_adv: batadv0: Interface activated: batadv_slave_0
[  789.857989][T11440] batman_adv: batadv0: Interface activated: batadv_slave_1
[  789.956670][T11629] loop5: detected capacity change from 0 to 1024
[  789.964600][ T3791] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  790.003484][ T3791] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  790.069687][ T3791] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  790.127719][T11629] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  790.155423][ T3791] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  790.174816][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  790.397213][T11617] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  790.702176][ T5874] cdc_mbim 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  790.709223][ T5874] cdc_mbim 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  790.718057][ T5874] cdc_mbim 3-1:1.0: setting rx_max = 2048
[  790.761833][T10741] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  790.905844][ T5874] cdc_mbim 3-1:1.0: setting tx_max = 184
[  790.983212][ T5874] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71
[  791.012323][ T5874] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71
[  791.058266][ T5874] usbtest 3-1:1.1: probe with driver usbtest failed with error -71
[  791.119110][ T5874] usb 3-1: USB disconnect, device number 7
[  791.214489][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  792.264803][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  792.324264][    C0] hrtimer: interrupt took 253520 ns
[  793.294503][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  793.432164][T11677] loop5: detected capacity change from 0 to 128
[  793.592001][T11677] syz.5.1851: attempt to access beyond end of device
[  793.592001][T11677] loop5: rw=2049, sector=138, nr_sectors = 112 limit=128
[  793.696334][T11679] syz.5.1851: attempt to access beyond end of device
[  793.696334][T11679] loop5: rw=2049, sector=144, nr_sectors = 2 limit=128
[  793.710422][T11679] Buffer I/O error on dev loop5, logical block 72, lost async page write
[  794.338175][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  795.374500][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  795.561516][T11711] loop2: detected capacity change from 0 to 256
[  795.737786][T11711] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e00961, utbl_chksum : 0xe619d30d)
[  795.892585][   T14] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  795.902086][   T14] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  795.929258][   T30] audit: type=1800 audit(1755938314.285:24): pid=11711 uid=0 auid=4 ses=1 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1863" name="file1" dev="loop2" ino=1048663 res=0 errno=0
[  796.083534][ T8118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  796.092444][ T8118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  796.414779][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  797.436674][T11724] loop4: detected capacity change from 0 to 32768
[  797.456928][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  797.632024][T11724] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  797.632199][T11724]   allowing incompatible features above 0.0: (unknown version)
[  797.632277][T11724]   features: 
[  797.666880][T11724] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  797.675527][T11724] bcachefs (loop4): initializing new filesystem
[  797.695949][T11724] bcachefs (loop4): going read-write
[  797.723657][T11724] bcachefs (loop4): marking superblocks
[  797.778537][T11724] bcachefs (loop4): initializing freespace
[  797.807082][T11724] bcachefs (loop4): done initializing freespace
[  797.832889][T11724] bcachefs (loop4): reading snapshots table
[  797.839409][T11724] bcachefs (loop4): reading snapshots done
[  797.946714][T11724] bcachefs (loop4): done starting filesystem
[  798.169960][T11440] bcachefs (loop4): shutting down
[  798.179252][T11440] bcachefs (loop4): going read-only
[  798.203420][T11440] bcachefs (loop4): finished waiting for writes to stop
[  798.241254][T11440] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  798.390545][T11440] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  798.414697][T11440] bcachefs (loop4): clean shutdown complete, journal seq 4
[  798.425242][T11440] bcachefs (loop4): marking filesystem clean
[  798.494856][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  798.503042][T11750] loop5: detected capacity change from 0 to 512
[  798.550173][T11440] bcachefs (loop4): shutdown complete
[  798.608305][T11750] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  798.789155][T11750] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  798.804024][T11750] ext4 filesystem being mounted at /49/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  799.236822][T10741] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  799.536956][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  800.064669][ T5874] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  800.283658][ T5874] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  800.295707][ T5874] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  800.305923][ T5874] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  800.315457][ T5874] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  800.571829][ T5874] usb 6-1: config 0 descriptor??
[  800.594819][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  800.923992][T11770] loop2: detected capacity change from 0 to 32768
[  800.933383][T11770] btrfs: Deprecated parameter 'usebackuproot'
[  800.939839][T11770] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  800.951591][   T30] audit: type=1326 audit(1755938318.485:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11769 comm="syz.9.1882" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f97a9d8ebe9 code=0x0
[  800.975470][T11770] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1881 (11770)
[  801.013611][T11770] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  801.024455][T11770] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  801.033397][T11770] workqueue: max_active 65524 requested for btrfs-worker is out of range, clamping between 1 and 2048
[  801.047626][T11770] workqueue: max_active 65524 requested for btrfs-delalloc is out of range, clamping between 1 and 2048
[  801.100366][T11770] workqueue: max_active 65524 requested for btrfs-endio is out of range, clamping between 1 and 2048
[  801.116106][T11770] workqueue: max_active 65524 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048
[  801.139291][T11770] workqueue: max_active 65524 requested for btrfs-rmw is out of range, clamping between 1 and 2048
[  801.154031][T11770] workqueue: max_active 65524 requested for btrfs-endio-write is out of range, clamping between 1 and 2048
[  801.178457][T11770] workqueue: max_active 65524 requested for btrfs-compressed-write is out of range, clamping between 1 and 2048
[  801.390383][T11770] BTRFS info (device loop2): rebuilding free space tree
[  801.450303][T11770] BTRFS info (device loop2): enabling ssd optimizations
[  801.460467][T11770] BTRFS info (device loop2): using spread ssd allocation scheme
[  801.468961][T11770] BTRFS info (device loop2): enabling free space tree
[  801.476052][T11770] BTRFS info (device loop2): force clearing of disk cache
[  801.483367][T11770] BTRFS info (device loop2): enabling auto defrag
[  801.490120][T11770] BTRFS info (device loop2): doing ref verification
[  801.497040][T11770] BTRFS info (device loop2): trying to use backup root at mount time
[  801.511133][T11770] BTRFS info (device loop2): force lzo compression, level 0
[  801.518770][T11770] BTRFS info (device loop2): max_inline set to 4096
[  801.614559][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  802.002395][ T5874] uclogic 0003:256C:006D.000D: failed retrieving string descriptor #100: -71
[  802.013450][ T5874] uclogic 0003:256C:006D.000D: failed retrieving pen parameters: -71
[  802.027118][ T5874] uclogic 0003:256C:006D.000D: failed probing pen v1 parameters: -71
[  802.037019][ T5874] uclogic 0003:256C:006D.000D: failed probing parameters: -71
[  802.045331][ T5874] uclogic 0003:256C:006D.000D: probe with driver uclogic failed with error -71
[  802.048998][ T9666] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  802.211777][ T5874] usb 6-1: USB disconnect, device number 4
[  802.654891][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  803.694508][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  804.357088][T11821] loop2: detected capacity change from 0 to 1024
[  804.734912][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  804.758374][T11821] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  805.581370][ T9666] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  805.774547][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  806.069564][T11846] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1901'.
[  806.734665][T11845] loop4: detected capacity change from 0 to 32768
[  806.806966][T11845] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  806.816384][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  807.185682][T11845] XFS (loop4): Ending clean mount
[  807.201456][T11845] XFS (loop4): Quotacheck needed: Please wait.
[  807.281884][T11845] XFS (loop4): Quotacheck: Done.
[  807.864469][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  808.241266][T11440] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  808.894792][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  809.638920][T11879] loop2: detected capacity change from 0 to 32768
[  809.934547][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  809.941930][T11879] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  809.942093][T11879]   allowing incompatible features above 0.0: (unknown version)
[  809.942184][T11879]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  809.987945][T11879] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  809.996503][T11879] bcachefs (loop2): initializing new filesystem
[  810.021714][T11879] bcachefs (loop2): going read-write
[  810.042518][T11879] bcachefs (loop2): marking superblocks
[  810.097693][T11879] bcachefs (loop2): initializing freespace
[  810.131097][T11879] bcachefs (loop2): done initializing freespace
[  810.151899][T11879] bcachefs (loop2): reading snapshots table
[  810.158389][T11879] bcachefs (loop2): reading snapshots done
[  810.298757][T11881] loop5: detected capacity change from 0 to 32768
[  810.345360][T11881] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  810.395424][T11879] bcachefs (loop2): done starting filesystem
[  810.426392][T11881] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  810.492292][   T30] audit: type=1326 audit(1755938328.845:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.3.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71d6f8ebe9 code=0x7ffc0000
[  810.602528][   T30] audit: type=1326 audit(1755938328.895:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.3.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f71d6f8ebe9 code=0x7ffc0000
[  810.629767][   T30] audit: type=1326 audit(1755938328.895:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.3.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71d6f8ebe9 code=0x7ffc0000
[  810.653984][   T30] audit: type=1326 audit(1755938328.915:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.3.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f71d6f8ebe9 code=0x7ffc0000
[  810.680215][   T30] audit: type=1326 audit(1755938328.915:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.3.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71d6f8ebe9 code=0x7ffc0000
[  810.704582][   T30] audit: type=1326 audit(1755938328.965:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.3.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f71d6f8ebe9 code=0x7ffc0000
[  810.734598][   T30] audit: type=1326 audit(1755938328.965:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11892 comm="syz.3.1915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f71d6f8ebe9 code=0x7ffc0000
[  810.783804][T11899] netlink: 240 bytes leftover after parsing attributes in process `syz.9.1916'.
[  810.955152][T10741] ocfs2: Unmounting device (7,5) on (node local)
[  810.974820][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  811.050061][ T9666] bcachefs (loop2): shutting down
[  811.056666][ T9666] bcachefs (loop2): going read-only
[  811.124639][ T9666] bcachefs (loop2): finished waiting for writes to stop
[  811.176296][ T9666] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3
[  811.384172][ T9666] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  811.407854][ T9666] bcachefs (loop2): clean shutdown complete, journal seq 4
[  811.457878][ T9666] bcachefs (loop2): marking filesystem clean
[  811.647925][ T3935] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  811.731768][ T9666] bcachefs (loop2): shutdown complete
[  812.014487][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  813.054863][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  814.107480][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  814.484555][ T5874] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  814.704031][ T5874] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  814.766384][ T5874] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  814.776732][ T5874] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  814.785099][ T5874] usb 6-1: Product: syz
[  814.789463][ T5874] usb 6-1: Manufacturer: syz
[  814.794465][ T5874] usb 6-1: SerialNumber: syz
[  815.134826][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  815.924181][ T5874] cdc_ncm 6-1:1.0: failed to get mac address
[  816.134931][ T5874] cdc_ncm 6-1:1.0: bind() failure
[  816.161626][ T5874] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71
[  816.171971][ T5874] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71
[  816.184488][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  816.217666][ T5874] usbtest 6-1:1.1: probe with driver usbtest failed with error -71
[  816.267304][ T5874] usb 6-1: USB disconnect, device number 5
[  817.184926][ T5874] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  817.214746][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  817.378662][ T5874] usb 5-1: Using ep0 maxpacket: 16
[  817.433737][ T5874] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  817.446410][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  817.543920][ T5874] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  817.553538][ T5874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  817.562008][ T5874] usb 5-1: Product: syz
[  817.566685][ T5874] usb 5-1: Manufacturer: syz
[  817.572483][ T5874] usb 5-1: SerialNumber: syz
[  817.632427][ T5874] usb 5-1: config 0 descriptor??
[  817.669829][ T5874] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  817.679564][ T5874] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  818.053292][T11989] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1953'.
[  818.254473][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  818.411237][ T5874] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  818.454954][ T5874] em28xx 5-1:0.0: Config register raw data: 0xfffffffb
[  818.728968][ T5874] em28xx 5-1:0.0: AC97 chip type couldn't be determined
[  818.736840][ T5874] em28xx 5-1:0.0: No AC97 audio processor
[  818.840621][ T5874] usb 5-1: USB disconnect, device number 2
[  818.849242][ T5874] em28xx 5-1:0.0: Disconnecting em28xx
[  818.940669][ T5874] em28xx 5-1:0.0: Freeing device
[  819.295010][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  819.944917][T12002] netlink: 104 bytes leftover after parsing attributes in process `syz.2.1959'.
[  820.334639][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  821.087952][T12014] loop5: detected capacity change from 0 to 512
[  821.374884][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  821.402588][T12014] EXT4-fs (loop5): 1 orphan inode deleted
[  821.411653][T12014] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  821.426531][T12021] loop2: detected capacity change from 0 to 256
[  821.435515][ T4964] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  821.446183][ T4964] EXT4-fs error (device loop5): ext4_release_dquot:6973: comm kworker/u8:28: Failed to release dquot type 1
[  821.483038][T12021] FAT-fs (loop2): Directory bread(block 1285) failed
[  821.508532][T12021] FAT-fs (loop2): Directory bread(block 1285) failed
[  821.516243][T12021] FAT-fs (loop2): FAT read failed (blocknr 1281)
[  821.526230][T12021] FAT-fs (loop2): Directory bread(block 1285) failed
[  821.533553][T12021] FAT-fs (loop2): FAT read failed (blocknr 1281)
[  821.537072][ T5874] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  821.541903][T12014] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  821.572301][T12021] FAT-fs (loop2): Directory bread(block 1285) failed
[  821.586801][T12021] FAT-fs (loop2): FAT read failed (blocknr 1281)
[  821.615794][T12021] FAT-fs (loop2): Directory bread(block 1285) failed
[  821.623169][T12021] FAT-fs (loop2): FAT read failed (blocknr 1281)
[  821.636330][T12021] FAT-fs (loop2): Directory bread(block 1285) failed
[  821.731092][ T5874] usb 5-1: Using ep0 maxpacket: 16
[  821.840154][ T5874] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  821.850867][ T5874] usb 5-1: config 0 has no interfaces?
[  821.857489][ T5874] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  821.866941][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  821.970441][ T5874] usb 5-1: config 0 descriptor??
[  822.056831][T10741] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  822.414486][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  822.944166][ T5874] usb 5-1: USB disconnect, device number 3
[  823.454786][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  823.883689][T12032] loop2: detected capacity change from 0 to 32768
[  823.973232][T12032] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  824.067385][T12032] XFS (loop2): Ending clean mount
[  824.246355][ T9666] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  824.494498][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  824.951474][T12044] loop5: detected capacity change from 0 to 32768
[  825.125809][T12044] bcachefs (loop5): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  825.125979][T12044]   allowing incompatible features above 0.0: (unknown version)
[  825.126073][T12044]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  825.177687][T12044] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  825.186298][T12044] bcachefs (loop5): initializing new filesystem
[  825.206215][T12044] bcachefs (loop5): going read-write
[  825.296768][T12044] bcachefs (loop5): marking superblocks
[  825.350453][T12044] bcachefs (loop5): initializing freespace
[  825.386186][T12044] bcachefs (loop5): done initializing freespace
[  825.406983][T12044] bcachefs (loop5): reading snapshots table
[  825.413295][T12044] bcachefs (loop5): reading snapshots done
[  825.526990][T12044] bcachefs (loop5): done starting filesystem
[  825.534741][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  826.059974][T10741] bcachefs (loop5): shutting down
[  826.065572][T10741] bcachefs (loop5): going read-only
[  826.105059][T10741] bcachefs (loop5): finished waiting for writes to stop
[  826.171545][T10741] bcachefs (loop5): flushing journal and stopping allocators, journal seq 8
[  826.574572][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  826.622088][T10741] bcachefs (loop5): flushing journal and stopping allocators complete, journal seq 12
[  826.648598][T10741] bcachefs (loop5): clean shutdown complete, journal seq 13
[  826.665245][T10741] bcachefs (loop5): marking filesystem clean
[  826.725987][T10741] bcachefs (loop5): shutdown complete
[  827.170331][T12070] loop2: detected capacity change from 0 to 256
[  827.618358][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  828.654522][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  828.709667][T12086] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1988'.
[  829.124847][ T5874] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  829.454749][ T5874] usb 3-1: Using ep0 maxpacket: 16
[  829.479889][ T5874] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  829.493629][ T5874] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  829.503217][ T5874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  829.522459][ T5874] usb 3-1: config 0 descriptor??
[  829.543447][ T5874] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input21
[  829.694766][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  830.035561][ T5154] bcm5974 3-1:0.0: could not read from device
[  830.079662][ T5154] bcm5974 3-1:0.0: could not read from device
[  830.375288][T12086] bridge_slave_1: left allmulticast mode
[  830.388408][T12086] bridge_slave_1: left promiscuous mode
[  830.395458][T12086] bridge0: port 2(bridge_slave_1) entered disabled state
[  830.640240][ T5874] usb 3-1: USB disconnect, device number 8
[  830.646888][ T5154] bcm5974 3-1:0.0: could not read from device
[  830.734474][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  830.840843][ T5154] bcm5974 3-1:0.0: could not read from device
[  830.850207][T12086] bridge_slave_0: left allmulticast mode
[  830.856266][T12086] bridge_slave_0: left promiscuous mode
[  830.863267][T12086] bridge0: port 1(bridge_slave_0) entered disabled state
[  831.320458][T12096] loop2: detected capacity change from 0 to 1024
[  831.402343][T12096] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  831.562891][T12096] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  831.774738][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  831.787419][T12102] 9pnet: p9_errstr2errno: server reported unknown error „Çð­LmÖ¤E;09‘YÏűÅ–³ÑwUvXú@¸S%È-üAò„£vÌgPô°uï¬
[  832.099300][ T9666] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  832.526925][T12107] sit0: entered promiscuous mode
[  832.554701][T12107] netlink: 'syz.9.1999': attribute type 1 has an invalid length.
[  832.562663][T12107] netlink: 1 bytes leftover after parsing attributes in process `syz.9.1999'.
[  832.814716][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  833.854768][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  834.146927][T12111] loop4: detected capacity change from 0 to 40427
[  834.162827][T12111] F2FS-fs (loop4): invalid crc value
[  834.316393][T12115] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  834.551522][T12111] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  834.567020][T12111] F2FS-fs (loop4): Start checkpoint disabled!
[  834.765283][T12111] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  834.897514][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  835.050981][ T4964] kworker/u8:28: attempt to access beyond end of device
[  835.050981][ T4964] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  835.066589][ T4964] CPU: 1 UID: 0 PID: 4964 Comm: kworker/u8:28 Not tainted syzkaller #0 PREEMPT(none) 
[  835.066743][ T4964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  835.066866][ T4964] Workqueue: writeback wb_workfn (flush-7:4)
[  835.067094][ T4964] Call Trace:
[  835.067149][ T4964]  <TASK>
[  835.067200][ T4964]  __dump_stack+0x26/0x30
[  835.067381][ T4964]  dump_stack_lvl+0x1df/0x270
[  835.067569][ T4964]  dump_stack+0x1e/0x25
[  835.067741][ T4964]  f2fs_handle_critical_error+0xa6f/0xc20
[  835.067992][ T4964]  f2fs_stop_checkpoint+0x65/0x80
[  835.068200][ T4964]  f2fs_write_end_io+0x101c/0x1bc0
[  835.068452][ T4964]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  835.068657][ T4964]  bio_endio+0xde2/0xf30
[  835.068826][ T4964]  submit_bio_noacct+0x213/0x2750
[  835.069040][ T4964]  submit_bio+0x57c/0x630
[  835.069209][ T4964]  f2fs_submit_write_bio+0x92/0x250
[  835.069406][ T4964]  __submit_merged_bio+0x16f/0x6a0
[  835.069618][ T4964]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  835.069815][ T4964]  __submit_merged_write_cond+0x458/0x9a0
[  835.070033][ T4964]  f2fs_write_data_pages+0x4bb2/0x5480
[  835.070372][ T4964]  ? trace_pid_list_set+0x580/0x730
[  835.070574][ T4964]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  835.070813][ T4964]  ? kmsan_get_metadata+0xfb/0x160
[  835.070980][ T4964]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  835.071149][ T4964]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  835.071372][ T4964]  ? irqentry_enter+0x30/0x60
[  835.071539][ T4964]  ? sysvec_call_function_single+0x4f/0x90
[  835.071723][ T4964]  ? kmsan_get_metadata+0xfb/0x160
[  835.071891][ T4964]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  835.072068][ T4964]  ? kmsan_get_metadata+0xfb/0x160
[  835.072237][ T4964]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  835.072416][ T4964]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  835.072622][ T4964]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  835.072834][ T4964]  do_writepages+0x3ef/0x860
[  835.072980][ T4964]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  835.073167][ T4964]  ? writeback_sb_inodes+0x31/0x1cb0
[  835.073327][ T4964]  ? kmsan_get_metadata+0xfb/0x160
[  835.073517][ T4964]  __writeback_single_inode+0x101/0x1190
[  835.073689][ T4964]  ? kmsan_get_metadata+0xfb/0x160
[  835.073879][ T4964]  writeback_sb_inodes+0xac1/0x1cb0
[  835.074132][ T4964]  ? kmsan_get_metadata+0xfb/0x160
[  835.074338][ T4964]  wb_writeback+0x4ce/0xc00
[  835.074505][ T4964]  ? queue_io+0x4d1/0x790
[  835.074659][ T4964]  wb_workfn+0x397/0x1910
[  835.074860][ T4964]  ? kmsan_get_metadata+0xfb/0x160
[  835.075050][ T4964]  ? __pfx_wb_workfn+0x10/0x10
[  835.075240][ T4964]  process_scheduled_works+0xb8e/0x1d80
[  835.075508][ T4964]  worker_thread+0xedf/0x1590
[  835.075750][ T4964]  kthread+0xd59/0xf00
[  835.075901][ T4964]  ? __pfx_worker_thread+0x10/0x10
[  835.076134][ T4964]  ? __pfx_kthread+0x10/0x10
[  835.076288][ T4964]  ret_from_fork+0x1e3/0x310
[  835.076435][ T4964]  ? __pfx_kthread+0x10/0x10
[  835.076600][ T4964]  ret_from_fork_asm+0x1a/0x30
[  835.076845][ T4964]  </TASK>
[  835.371879][ T4964] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  835.934806][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  836.974439][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  838.014821][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  839.055830][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  840.095003][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  840.424786][ T5876] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  840.667123][ T5876] usb 6-1: Using ep0 maxpacket: 8
[  840.729873][ T5876] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  840.741579][ T5876] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  840.751765][ T5876] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  840.761892][ T5876] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 65535, setting to 1024
[  840.773411][ T5876] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  840.783848][ T5876] usb 6-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  840.793390][ T5876] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  840.860777][T12173] loop2: detected capacity change from 0 to 40427
[  840.907447][T12173] F2FS-fs (loop2): invalid crc value
[  841.011417][T12181] loop4: detected capacity change from 0 to 2048
[  841.112323][T12181] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  841.135872][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  841.226579][T12173] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  841.229532][T12181] UDF-fs: warning (device loop4): udf_truncate_tail_extent: Too long extent after EOF in inode 1367: i_size: 0 lbcount: 512 extent 56+512
[  841.241841][T12173] F2FS-fs (loop2): Start checkpoint disabled!
[  841.313259][T12173] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  841.315952][ T5876] usb 6-1: config 0 descriptor??
[  841.330672][T12175] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  841.405862][   T30] audit: type=1804 audit(1755938615.726:33): pid=12173 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.2026" name="/newroot/159/file0/file0" dev="loop2" ino=10 res=1 errno=0
[  841.531492][ T3791] kworker/u8:16: attempt to access beyond end of device
[  841.531492][ T3791] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  841.552298][ T3791] CPU: 1 UID: 0 PID: 3791 Comm: kworker/u8:16 Not tainted syzkaller #0 PREEMPT(none) 
[  841.552448][ T3791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  841.552562][ T3791] Workqueue: writeback wb_workfn (flush-7:2)
[  841.552785][ T3791] Call Trace:
[  841.552837][ T3791]  <TASK>
[  841.552889][ T3791]  __dump_stack+0x26/0x30
[  841.553070][ T3791]  dump_stack_lvl+0x1df/0x270
[  841.553240][ T3791]  dump_stack+0x1e/0x25
[  841.553416][ T3791]  f2fs_handle_critical_error+0xa6f/0xc20
[  841.553649][ T3791]  f2fs_stop_checkpoint+0x65/0x80
[  841.553847][ T3791]  f2fs_write_end_io+0x101c/0x1bc0
[  841.554083][ T3791]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  841.554294][ T3791]  bio_endio+0xde2/0xf30
[  841.554441][ T3791]  submit_bio_noacct+0x213/0x2750
[  841.554640][ T3791]  submit_bio+0x57c/0x630
[  841.554800][ T3791]  f2fs_submit_write_bio+0x92/0x250
[  841.554993][ T3791]  __submit_merged_bio+0x16f/0x6a0
[  841.555175][ T3791]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  841.555365][ T3791]  __submit_merged_write_cond+0x458/0x9a0
[  841.555567][ T3791]  f2fs_write_data_pages+0x4bb2/0x5480
[  841.555846][ T3791]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  841.556045][ T3791]  ? trace_pid_list_set+0x580/0x730
[  841.556221][ T3791]  ? kmsan_get_metadata+0xfb/0x160
[  841.556391][ T3791]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  841.556558][ T3791]  ? __update_load_avg_cfs_rq+0xd7f/0x1010
[  841.556761][ T3791]  ? kmsan_get_metadata+0xfb/0x160
[  841.556921][ T3791]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  841.557091][ T3791]  ? __rb_insert_augmented+0x80/0x11b0
[  841.557267][ T3791]  ? kmsan_get_metadata+0xfb/0x160
[  841.557433][ T3791]  ? kmsan_get_metadata+0xfb/0x160
[  841.557579][ T3791]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  841.557748][ T3791]  ? kmsan_get_metadata+0xfb/0x160
[  841.557906][ T3791]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  841.558064][ T3791]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  841.558271][ T3791]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  841.558464][ T3791]  do_writepages+0x3ef/0x860
[  841.558606][ T3791]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  841.558781][ T3791]  ? writeback_sb_inodes+0x31/0x1cb0
[  841.558930][ T3791]  ? kmsan_get_metadata+0xfb/0x160
[  841.559103][ T3791]  __writeback_single_inode+0x101/0x1190
[  841.559274][ T3791]  ? kmsan_get_metadata+0xfb/0x160
[  841.559451][ T3791]  writeback_sb_inodes+0xac1/0x1cb0
[  841.559686][ T3791]  ? kmsan_get_metadata+0xfb/0x160
[  841.559890][ T3791]  wb_writeback+0x4ce/0xc00
[  841.560047][ T3791]  ? queue_io+0x4d1/0x790
[  841.560207][ T3791]  wb_workfn+0x397/0x1910
[  841.560396][ T3791]  ? kmsan_get_metadata+0xfb/0x160
[  841.560577][ T3791]  ? __pfx_wb_workfn+0x10/0x10
[  841.560771][ T3791]  process_scheduled_works+0xb8e/0x1d80
[  841.561034][ T3791]  worker_thread+0xedf/0x1590
[  841.561267][ T3791]  kthread+0xd59/0xf00
[  841.561402][ T3791]  ? __pfx_worker_thread+0x10/0x10
[  841.561607][ T3791]  ? __pfx_kthread+0x10/0x10
[  841.561754][ T3791]  ret_from_fork+0x1e3/0x310
[  841.561895][ T3791]  ? __pfx_kthread+0x10/0x10
[  841.562040][ T3791]  ret_from_fork_asm+0x1a/0x30
[  841.562246][ T3791]  </TASK>
[  841.646521][ T1908] usb 6-1: USB disconnect, device number 6
[  841.661622][ T3791] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  841.766338][T11444] Bluetooth: hci5: Opcode 0x0c03 failed: -19
[  842.174833][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  842.677882][ T3791] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  843.214475][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  844.001852][T12202] loop5: detected capacity change from 0 to 2048
[  844.246816][T12202] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  844.264903][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  844.606767][T10741] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  844.905328][T12215] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2032'.
[  845.076771][T12220] bond2: (slave vti0): The slave device specified does not support setting the MAC address
[  845.096137][T12220] bond2: (slave vti0): Error -95 calling set_mac_address
[  845.294471][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  845.666980][T12228] netlink: 204 bytes leftover after parsing attributes in process `syz.2.2047'.
[  846.255366][ T5825] Bluetooth: hci4: command 0x0406 tx timeout
[  846.334812][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  846.424600][ T1908] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  846.596532][ T1908] usb 5-1: Using ep0 maxpacket: 32
[  846.625116][ T1908] usb 5-1: config 0 has an invalid interface number: 132 but max is 0
[  846.633817][ T1908] usb 5-1: config 0 has no interface number 0
[  846.640817][ T1908] usb 5-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  846.697727][ T1908] usb 5-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  846.707373][ T1908] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  846.716111][ T1908] usb 5-1: Product: syz
[  846.720498][ T1908] usb 5-1: Manufacturer: syz
[  846.725431][ T1908] usb 5-1: SerialNumber: syz
[  846.778043][T12247] loop5: detected capacity change from 0 to 256
[  846.794538][ T1908] usb 5-1: config 0 descriptor??
[  846.828025][ T1908] em28xx 5-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  846.838437][ T1908] em28xx 5-1:0.132: Video interface 132 found:
[  846.859127][T12247] exfat: Deprecated parameter 'namecase'
[  846.868537][T12247] exfat: Deprecated parameter 'utf8'
[  846.959355][T12247] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  847.377688][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  847.487667][ T1908] em28xx 5-1:0.132: unknown em28xx chip ID (0)
[  848.236617][ T1908] em28xx 5-1:0.132: failed to trigger write to i2c address 0xa0 (error=-5)
[  848.245980][ T1908] em28xx 5-1:0.132: failed to read eeprom (err=-5)
[  848.252828][ T1908] em28xx 5-1:0.132: em28xx_i2c_register: em28xx_i2_eeprom failed! retval [-5]
[  848.414805][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  849.331236][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  849.358415][T12258] loop5: detected capacity change from 0 to 32768
[  849.369591][ T1908] em28xx 5-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  849.377965][ T1908] em28xx 5-1:0.132: analog set to bulk mode.
[  849.389956][ T5874] em28xx 5-1:0.132: Registering V4L2 extension
[  849.402101][ T1908] usb 5-1: USB disconnect, device number 4
[  849.410033][ T1908] em28xx 5-1:0.132: Disconnecting em28xx
[  849.454581][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  850.494737][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  851.128875][ T5874] em28xx 5-1:0.132: Config register raw data: 0xffffffed
[  851.138657][ T5874] em28xx 5-1:0.132: AC97 chip type couldn't be determined
[  851.146339][ T5874] em28xx 5-1:0.132: No AC97 audio processor
[  851.199823][T12278] loop2: detected capacity change from 0 to 128
[  851.200873][ T5874] usb 5-1: Decoder not found
[  851.211583][ T5874] em28xx 5-1:0.132: failed to create media graph
[  851.218452][ T5874] em28xx 5-1:0.132: V4L2 device video103 deregistered
[  851.242473][ T5874] em28xx 5-1:0.132: Remote control support is not available for this card.
[  851.253629][ T1908] em28xx 5-1:0.132: Closing input extension
[  851.288601][T12278] EXT4-fs: Ignoring removed nobh option
[  851.296872][ T1908] em28xx 5-1:0.132: Freeing device
[  851.409339][T12278] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  851.452291][T12278] ext4 filesystem being mounted at /166/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  851.513642][T12282] netlink: 204 bytes leftover after parsing attributes in process `syz.4.2070'.
[  851.544476][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  851.805088][ T9666] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  852.222629][T12295] netlink: 40 bytes leftover after parsing attributes in process `syz.9.2075'.
[  852.232794][T12295] netlink: 40 bytes leftover after parsing attributes in process `syz.9.2075'.
[  852.245100][T12295] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  852.585029][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  853.614773][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  854.114798][ T1908] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  854.306105][ T1908] usb 3-1: Using ep0 maxpacket: 8
[  854.337671][ T1908] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  854.350759][ T1908] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  854.362557][ T1908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  854.463201][ T1908] usb 3-1: config 0 descriptor??
[  854.498730][ T1908] gspca_main: vc032x-2.14.0 probing 046d:0892
[  854.655427][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  855.694527][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  856.042290][T12332] loop4: detected capacity change from 0 to 32768
[  856.258462][ T1908] gspca_vc032x: reg_w err -71
[  856.263630][ T1908] vc032x 3-1:0.0: probe with driver vc032x failed with error -71
[  856.284996][ T1908] usb 3-1: USB disconnect, device number 9
[  856.734778][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  857.684658][ T1908] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  857.774446][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  857.886570][ T1908] usb 6-1: Using ep0 maxpacket: 32
[  857.951280][ T1908] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  857.963353][ T1908] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  857.975333][ T1908] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  857.986944][ T1908] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  857.996427][ T1908] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  858.155559][ T1908] usb 6-1: config 0 descriptor??
[  858.163709][T12349] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  858.177483][ T1908] hub 6-1:0.0: USB hub found
[  858.441574][ T1908] hub 6-1:0.0: 2 ports detected
[  858.814821][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  858.892861][ T1908] hub 6-1:0.0: set hub depth failed
[  858.940528][ T1908] usb 6-1: USB disconnect, device number 7
[  859.854515][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  860.900047][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  861.523922][T12406] loop2: detected capacity change from 0 to 256
[  861.721367][T12411] netlink: 'syz.9.2125': attribute type 21 has an invalid length.
[  861.730081][T12411] netlink: 132 bytes leftover after parsing attributes in process `syz.9.2125'.
[  861.752979][T12411] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2125'.
[  861.762655][T12411] netlink: 'syz.9.2125': attribute type 7 has an invalid length.
[  861.770800][T12411] netlink: 'syz.9.2125': attribute type 8 has an invalid length.
[  861.779310][T12411] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2125'.
[  861.805022][T12411] gretap0: entered promiscuous mode
[  861.819199][T12411] batadv_slave_1: entered promiscuous mode
[  861.829216][T12411] erspan0: entered promiscuous mode
[  861.935001][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  862.974762][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  864.014481][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  865.054768][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  866.094455][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  866.826117][T12470] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2151'.
[  866.841848][T12470] netlink: 'syz.2.2151': attribute type 12 has an invalid length.
[  866.892334][ T3656] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  866.905613][T12470] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2151'.
[  866.915653][T12470] netlink: 'syz.2.2151': attribute type 12 has an invalid length.
[  866.940988][ T3656] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  866.983696][ T3656] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  867.020507][ T8118] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  867.134802][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  868.174477][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  868.232599][   T30] audit: type=1326 audit(1755938642.576:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12492 comm="syz.5.2162" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fea7338ebe9 code=0x0
[  869.214787][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  870.254449][    C1] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[  870.658022][    C0] =====================================================
[  870.665443][    C0] BUG: KMSAN: uninit-value in can_receive+0x12c/0x4a0
[  870.672536][    C0]  can_receive+0x12c/0x4a0
[  870.677349][    C0]  can_rcv+0x1ff/0x3b0
[  870.681651][    C0]  __netif_receive_skb+0x477/0xac0
[  870.687154][    C0]  process_backlog+0x485/0xa00
[  870.692140][    C0]  __napi_poll+0xdd/0x8a0
[  870.696822][    C0]  net_rx_action+0xa59/0x1ac0
[  870.701738][    C0]  handle_softirqs+0x166/0x6e0
[  870.706984][    C0]  __irq_exit_rcu+0x66/0x180
[  870.711795][    C0]  irq_exit_rcu+0x12/0x20
[  870.716431][    C0]  sysvec_apic_timer_interrupt+0x84/0x90
[  870.722274][    C0]  asm_sysvec_apic_timer_interrupt+0x1f/0x30
[  870.728583][    C0]  _raw_spin_unlock_irqrestore+0x33/0x60
[  870.734504][    C0]  hrtimer_start_range_ns+0x149a/0x1900
[  870.740253][    C0]  j1939_tp_schedule_txtimer+0xc7/0x110
[  870.746175][    C0]  j1939_sk_sendmsg+0x1bb4/0x2760
[  870.751434][    C0]  __sock_sendmsg+0x330/0x3d0
[  870.756463][    C0]  ____sys_sendmsg+0x893/0xd80
[  870.761425][    C0]  ___sys_sendmsg+0x271/0x3b0
[  870.766403][    C0]  __sys_sendmmsg+0x2d9/0x7c0
[  870.771275][    C0]  __x64_sys_sendmmsg+0xc6/0x150
[  870.776545][    C0]  x64_sys_call+0x21de/0x3e20
[  870.781452][    C0]  do_syscall_64+0xd9/0x210
[  870.786306][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  870.792411][    C0] 
[  870.794934][    C0] Uninit was created at:
[  870.799449][    C0]  __kmalloc_node_track_caller_noprof+0x96d/0x12f0
[  870.806298][    C0]  kmalloc_reserve+0x22f/0x4b0
[  870.811254][    C0]  pskb_expand_head+0x1fc/0x1610
[  870.816509][    C0]  do_xdp_generic+0xa79/0x1690
[  870.821463][    C0]  __netif_receive_skb_core+0x2524/0x6df0
[  870.827517][    C0]  __netif_receive_skb+0xcc/0xac0
[  870.832748][    C0]  process_backlog+0x485/0xa00
[  870.837867][    C0]  __napi_poll+0xdd/0x8a0
[  870.842395][    C0]  net_rx_action+0xa59/0x1ac0
[  870.847403][    C0]  handle_softirqs+0x166/0x6e0
[  870.852344][    C0]  __irq_exit_rcu+0x66/0x180
[  870.857228][    C0]  irq_exit_rcu+0x12/0x20
[  870.861753][    C0]  sysvec_apic_timer_interrupt+0x84/0x90
[  870.867773][    C0]  asm_sysvec_apic_timer_interrupt+0x1f/0x30
[  870.873956][    C0] 
[  870.876517][    C0] CPU: 0 UID: 0 PID: 12524 Comm: syz.3.2173 Not tainted syzkaller #0 PREEMPT(none) 
[  870.886182][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  870.896513][    C0] =====================================================
[  870.903564][    C0] Disabling lock debugging due to kernel taint
[  870.909984][    C0] Kernel panic - not syncing: kmsan.panic set ...
[  870.916568][    C0] CPU: 0 UID: 0 PID: 12524 Comm: syz.3.2173 Tainted: G    B               syzkaller #0 PREEMPT(none) 
[  870.927731][    C0] Tainted: [B]=BAD_PAGE
[  870.932011][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  870.942213][    C0] Call Trace:
[  870.945612][    C0]  <IRQ>
[  870.948572][    C0]  __dump_stack+0x26/0x30
[  870.953116][    C0]  dump_stack_lvl+0x53/0x270
[  870.957925][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  870.963956][    C0]  dump_stack+0x1e/0x25
[  870.968316][    C0]  vpanic+0x361/0xc50
[  870.972523][    C0]  panic+0x15d/0x160
[  870.976666][    C0]  kmsan_report+0x31c/0x320
[  870.981375][    C0]  ? __msan_warning+0x1b/0x30
[  870.986236][    C0]  ? can_receive+0x12c/0x4a0
[  870.991046][    C0]  ? can_rcv+0x1ff/0x3b0
[  870.995520][    C0]  ? __netif_receive_skb+0x477/0xac0
[  871.001037][    C0]  ? process_backlog+0x485/0xa00
[  871.006372][    C0]  ? __napi_poll+0xdd/0x8a0
[  871.011067][    C0]  ? net_rx_action+0xa59/0x1ac0
[  871.016135][    C0]  ? handle_softirqs+0x166/0x6e0
[  871.021255][    C0]  ? __irq_exit_rcu+0x66/0x180
[  871.026178][    C0]  ? irq_exit_rcu+0x12/0x20
[  871.030831][    C0]  ? sysvec_apic_timer_interrupt+0x84/0x90
[  871.036822][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1f/0x30
[  871.043169][    C0]  ? _raw_spin_unlock_irqrestore+0x33/0x60
[  871.049154][    C0]  ? hrtimer_start_range_ns+0x149a/0x1900
[  871.055057][    C0]  ? j1939_tp_schedule_txtimer+0xc7/0x110
[  871.061005][    C0]  ? j1939_sk_sendmsg+0x1bb4/0x2760
[  871.066414][    C0]  ? __sock_sendmsg+0x330/0x3d0
[  871.071463][    C0]  ? ____sys_sendmsg+0x893/0xd80
[  871.076588][    C0]  ? ___sys_sendmsg+0x271/0x3b0
[  871.081606][    C0]  ? __sys_sendmmsg+0x2d9/0x7c0
[  871.086632][    C0]  ? __x64_sys_sendmmsg+0xc6/0x150
[  871.091948][    C0]  ? x64_sys_call+0x21de/0x3e20
[  871.097005][    C0]  ? do_syscall_64+0xd9/0x210
[  871.101871][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.108108][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  871.113404][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  871.119413][    C0]  ? __netif_receive_skb_core+0x6670/0x6df0
[  871.125512][    C0]  ? rb_insert_color+0x77/0x1020
[  871.130622][    C0]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  871.137125][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  871.142429][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  871.147724][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  871.153737][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  871.159028][    C0]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  871.165533][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  871.170822][    C0]  __msan_warning+0x1b/0x30
[  871.175487][    C0]  can_receive+0x12c/0x4a0
[  871.180115][    C0]  can_rcv+0x1ff/0x3b0
[  871.184377][    C0]  ? __pfx_can_rcv+0x10/0x10
[  871.189159][    C0]  __netif_receive_skb+0x477/0xac0
[  871.194459][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  871.199779][    C0]  process_backlog+0x485/0xa00
[  871.204772][    C0]  ? __pfx_process_backlog+0x10/0x10
[  871.210254][    C0]  __napi_poll+0xdd/0x8a0
[  871.214781][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  871.220067][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  871.226160][    C0]  net_rx_action+0xa59/0x1ac0
[  871.231030][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  871.236320][    C0]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  871.242837][    C0]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  871.249189][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  871.254506][    C0]  handle_softirqs+0x166/0x6e0
[  871.259448][    C0]  __irq_exit_rcu+0x66/0x180
[  871.264195][    C0]  irq_exit_rcu+0x12/0x20
[  871.268684][    C0]  sysvec_apic_timer_interrupt+0x84/0x90
[  871.274506][    C0]  </IRQ>
[  871.277525][    C0]  <TASK>
[  871.280542][    C0]  asm_sysvec_apic_timer_interrupt+0x1f/0x30
[  871.286709][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x33/0x60
[  871.293307][    C0] Code: 56 53 48 89 f3 49 89 fe e8 2a c0 b6 f1 4c 89 f7 e8 32 b3 b6 f1 c6 00 00 41 c6 06 00 f7 c3 00 02 00 00 74 01 fb be 04 00 00 00 <48> c7 c7 28 e0 57 95 e8 41 b5 b6 f1 65 ff 0d 42 ed 76 04 74 0a 5b
[  871.313085][    C0] RSP: 0018:ffff8880831e7768 EFLAGS: 00000206
[  871.319313][    C0] RAX: ffff88823fd11440 RBX: 0000000000000292 RCX: 0000000000b3edef
[  871.327411][    C0] RDX: ffff88823fc63440 RSI: 0000000000000004 RDI: ffff88813fc91440
[  871.335508][    C0] RBP: ffff8880831e7778 R08: ffffea000000000f R09: 0000000000000000
[  871.343611][    C0] R10: ffff8881287ca0c0 R11: ffffffff81899a50 R12: ffff888128fca0e8
[  871.351740][    C0] R13: 0000000000000010 R14: ffff88813fc91440 R15: ffff88804d058b60
[  871.359855][    C0]  ? __pfx_lapic_next_event+0x10/0x10
[  871.365456][    C0]  ? _raw_spin_unlock_irqrestore+0x1e/0x60
[  871.371438][    C0]  hrtimer_start_range_ns+0x149a/0x1900
[  871.377207][    C0]  j1939_tp_schedule_txtimer+0xc7/0x110
[  871.382985][    C0]  j1939_sk_sendmsg+0x1bb4/0x2760
[  871.388275][    C0]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[  871.393847][    C0]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[  871.399425][    C0]  __sock_sendmsg+0x330/0x3d0
[  871.404312][    C0]  ____sys_sendmsg+0x893/0xd80
[  871.409278][    C0]  ___sys_sendmsg+0x271/0x3b0
[  871.414159][    C0]  ? __rcu_read_unlock+0x6d/0xd0
[  871.419269][    C0]  ? __fget_files+0x3b4/0x4a0
[  871.424136][    C0]  ? __fget_files+0x3b9/0x4a0
[  871.429019][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  871.434331][    C0]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  871.440348][    C0]  __sys_sendmmsg+0x2d9/0x7c0
[  871.445222][    C0]  ? do_futex+0x416/0x480
[  871.449770][    C0]  ? kmsan_get_metadata+0xfb/0x160
[  871.455092][    C0]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  871.461631][    C0]  __x64_sys_sendmmsg+0xc6/0x150
[  871.466779][    C0]  x64_sys_call+0x21de/0x3e20
[  871.471664][    C0]  do_syscall_64+0xd9/0x210
[  871.476359][    C0]  ? irqentry_exit+0x16/0x60
[  871.481117][    C0]  ? clear_bhb_loop+0x40/0x90
[  871.486084][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.492151][    C0] RIP: 0033:0x7f71d6f8ebe9
[  871.496752][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  871.516629][    C0] RSP: 002b:00007f71d7ea8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  871.525219][    C0] RAX: ffffffffffffffda RBX: 00007f71d71b5fa0 RCX: 00007f71d6f8ebe9
[  871.533412][    C0] RDX: 0000000000000001 RSI: 0000200000003b80 RDI: 0000000000000003
[  871.541860][    C0] RBP: 00007f71d7011e19 R08: 0000000000000000 R09: 0000000000000000
[  871.549965][    C0] R10: 0000000020000010 R11: 0000000000000246 R12: 0000000000000000
[  871.558076][    C0] R13: 00007f71d71b6038 R14: 00007f71d71b5fa0 R15: 00007ffeab9cfc48
[  871.566221][    C0]  </TASK>
[  871.569854][    C0] Kernel Offset: disabled
[  871.574259][    C0] Rebooting in 86400 seconds..