last executing test programs:

2m26.399071912s ago: executing program 1 (id=198):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000002c0)={0x0, 0x2}, 0x8)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='J', 0x1}], 0x1, 0x0, 0x0, 0x2804c044}, 0x40)
sendmmsg$inet_sctp(r0, &(0x7f0000000a40)=[{&(0x7f0000000000)=@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000040)="02", 0x1}], 0x1, 0x0, 0x0, 0x8000}], 0x1, 0x0)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000240)={0x0, 0x0, 0x9}, 0x8)

2m25.383429253s ago: executing program 1 (id=200):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="e80000001300e9406ac70098c0ddca7cc30304b7956ae1e3e16a31f0101851359a7c5703fc74fc67eebb02e249974c775483c8c90fdf0737e305e3456fde5c4168848ec690e11bc031e1cdab73043da9"], 0xe8}, 0x1, 0x0, 0x0, 0x8411}, 0x0)

2m25.38305939s ago: executing program 1 (id=201):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000006c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-blowfish-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c156", 0x7b}], 0x2, &(0x7f0000000340)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000840)=""/81, 0x51}, {&(0x7f00000002c0)=""/52, 0x34}], 0x2}, 0x40000040)

2m25.255537774s ago: executing program 1 (id=202):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2145c99, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x901)

2m25.255235297s ago: executing program 1 (id=203):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="840000000008010300000000000000000000000a060002406558000006000240600100000600024088a2000005000300840000000600024060020000060002400011000034000480080008400000000608000340000000010800044000000004080002400000000008000940000007ff0807074000000001090001"], 0x84}}, 0x8000)

2m25.014232493s ago: executing program 1 (id=204):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002f00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r3, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

2m24.968118271s ago: executing program 32 (id=204):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002f00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x80)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r2, r3, 0x5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r2}, &(0x7f00000006c0), &(0x7f0000000700)=r1}, 0x20)
sendmsg$inet(r0, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)

2m7.445395264s ago: executing program 0 (id=443):
unshare(0xa020480)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000080)={0x2, r0, 0x1})
pselect6(0x40, &(0x7f0000000300)={0x0, 0x3ffffffffffffffc, 0xffffffffffffffff, 0x100, 0x0, 0x10, 0xfffc}, &(0x7f0000000580)={0x10, 0x0, 0x7, 0x2, 0x0, 0xfffffffffffffffd, 0x4, 0x3}, 0x0, 0x0, 0x0)

2m7.445010267s ago: executing program 0 (id=444):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
fsopen(0x0, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0x0, 0xff, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0x0, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @empty}, 0x10)

2m7.407124497s ago: executing program 0 (id=446):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000200))

2m7.367715234s ago: executing program 0 (id=448):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000400)='devtmpfs\x00', 0x10, 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000280)='./file0\x00', 0xa0, &(0x7f0000000700)=ANY=[], 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

2m7.337981003s ago: executing program 0 (id=449):
r0 = socket$inet(0x2, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x4840)

2m7.044261171s ago: executing program 0 (id=451):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x12, 0x9, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000780)={@map=r0, 0x4, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

2m6.963281277s ago: executing program 33 (id=451):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x12, 0x9, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000780)={@map=r0, 0x4, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

1m39.93229906s ago: executing program 2 (id=786):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x800)
recvmmsg$unix(r1, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)
sendmmsg$inet6(r1, &(0x7f0000005b00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20040000)

1m39.856126899s ago: executing program 2 (id=787):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f00000021c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x880}], 0x1, 0x80001)
read$alg(r1, &(0x7f0000002200)=""/4130, 0x1053)

1m39.855812736s ago: executing program 2 (id=788):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000700)=ANY=[@ANYBLOB="201101"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000180)={0x1, 0x5, 0x0, 0x0})

1m38.489134854s ago: executing program 2 (id=806):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file0\x00', 0x2000000, &(0x7f00000004c0)=ANY=[], 0x2, 0x222, &(0x7f0000000800)="$eJzsmL9rFEEUx78zu7feiog2KWwsDBjR7GX3UNIcGkGwEiHxV6WHWUPMJieXFUxANNjYaGchpLHwH7BIkcrCzn9A0EIFwcIrLGxsRmZndm9yc3HDcla+TzF8Z9+befPezbziQBDEf8vXL78+Pzs/PXcKwAGMY5/+/t0BGFOaG/6fXt4/+aJ1YfPNx9fvVg4+3B7cTy4RYueH+l/iuwDezjhIi0jF6t9SjOvJHHihr4DjhNbXwBBofQscV7WOwXBD67uG7kj/ILizmMTB7U4yL8WUHEI5RHJoDp6vt8Ewr+dCCMEM++ra+lI7SeKuIVxtG2KqJIpgS2NW/Wrw0JvhaBnnk1W8/vTJhpzntZky6heCI9RJNMEwq79PYzOvjSqJkf8Rt7+/Y+U/JFumLwNQlmRdidbPkRTLFIcnqy2fkOmcs02HUOUY2Lmqhr5JVnK0KVtXJxNu+V08q3/QCrEuDWYhHg1/AM99AP8oU1NUyiIXY73t97bpmxJ81/ssWHkItvf7U9/rmfOHWL1iPmReI/8tgA9bqn+IVwzHjf7kGv2jkS7fa6yurU8uLrcX4oV4JYqaZxjw+HTUyBqRGq2+1+/Pftaf9hv713bx9biHB+007YZq9JgHH2najbJ5ZDyb2a3Oj5t6WYqLAI6piWxpXrGjY8VgnvLhma9UE7YTQRAEQRAEQRAEQRAEQRBEJY6CZf+ClhBdzrz/BAAA//9oglvV")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

1m38.408165557s ago: executing program 2 (id=807):
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
syz_usb_connect(0x0, 0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000f3c7c820da059a0095620102030109023400010000000009049200030f6276000905000000000000000705e37e1b82e60905f2020000060000090501"], 0x0)
syz_usb_connect(0x1, 0x2d, &(0x7f00000016c0)=ANY=[@ANYBLOB], 0x0)

1m38.361800955s ago: executing program 2 (id=808):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@migrate={0xac, 0x21, 0x1, 0x0, 0x0, {{@in=@private=0xa010102, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in=@loopback, @in=@private=0xa010100, @in=@multicast2, @in=@rand_addr=0x64010100, 0x3c, 0x0, 0x0, 0x0, 0xa, 0x2}]}, @policy_type={0xa}]}, 0xac}}, 0x0)

1m38.312228322s ago: executing program 34 (id=808):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@migrate={0xac, 0x21, 0x1, 0x0, 0x0, {{@in=@private=0xa010102, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@migrate={0x50, 0x11, [{@in=@loopback, @in=@private=0xa010100, @in=@multicast2, @in=@rand_addr=0x64010100, 0x3c, 0x0, 0x0, 0x0, 0xa, 0x2}]}, @policy_type={0xa}]}, 0xac}}, 0x0)

1m33.826151219s ago: executing program 5 (id=858):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000010c0), 0x2, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000480)={{0x0, 0xefae, 0x0, 0x3}, 'syz1\x00', 0x4d})
ioctl$UI_SET_KEYBIT(r0, 0x40045565, 0x2c0)
ioctl$UI_DEV_CREATE(r0, 0x5501)

1m33.741772862s ago: executing program 5 (id=859):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0x2, 0x4}, 0x1c)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000240)={'gre0\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000140)=0x8, 0x4)
sendto$packet(r1, &(0x7f0000000340)="05030006e8fe091c6202a0ffffffff006003000000007f141434e3177f43055762cb80948864113b022543424aa608", 0xfef2, 0x0, &(0x7f0000000a80)={0x11, 0x88a8, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

1m33.671802209s ago: executing program 5 (id=860):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_pressure(r0, &(0x7f0000000180)='cpu.pressure\x00', 0x2, 0x0)
preadv(r1, &(0x7f0000000580)=[{&(0x7f0000000100)=""/105, 0x69}], 0x1, 0x0, 0x0)

1m33.595972151s ago: executing program 5 (id=863):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000180)='./file2\x00', 0x402, &(0x7f00000001c0)=ANY=[], 0x1, 0x242, &(0x7f0000000380)="$eJzsmL+LE0EUx7+zu5kkIqLNFTYKHhjRSy57KNeE8wTBysYTtdLgrceZvYskK5iA4mFjo52FYGPhP2BxxdV2/gOCFioIFqawEEQOVt7O7GbiJpdltfN9iuE7M2/m/ZjNKwKGYf5bPn/68fHJucWVUwD2YxZFvf7VBoRQ2jLsPzy/e/JZ4/yL1+9fvdk8cH/nz/voSBjuhuZCaQ//DoDKso0g8RTGZ3+RmNWTFRQTfRkWTmh9BQJVrW/AKsT3evgZKoDbELim19tkX63eWve96s22v0pinoY6DS4NI/lSfIMtgVU9pxuFsd/t9VtN3/c6hnD03pitXCJx1ppJ1a8AicGyhYaOluKj+K8+frRFK3Ft5mEl9avDQl0nsbCblAmLKMa1USUx8j/sDPO3i4l7etpW0x+brb4V05Is+b5nd3uN7/+kWKY4NJfveIXSOatXHgDQWweRJwwMTy3B6xQw3LLpSx0xPpr55jKADJ9OJBzjdTDeeEm/aI4EL6aymCCeZor570WuLGIxM9h5m976op9SMeZ4KKa7ECPfj9zLuJQ15jik/BUro9+yclZMTv51A++2Vf8IXwocB2TcPxyjf9WCjTu1bq8/t77RXPPWvE3XXTgjgIen3VrUiNSY6nvD/lyO+tM+oz8XJthKS+JeMwg6dTVKIVFGEHTcaO4aP5tL2+1v1/WxABcAHFMTapsyudFO+RBS2ViRLalK2ohhGIZhGIZhGIZhGIZhGCYrI394HoFAOB1XWf8OAAD//5X0aKk=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
link(&(0x7f0000000040)='./file0/file0\x00', 0x0)

1m33.533138943s ago: executing program 5 (id=865):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, 0x0, &(0x7f0000001080))

1m32.546569926s ago: executing program 5 (id=867):
socket(0x22, 0x1, 0x3)

1m32.520046823s ago: executing program 35 (id=867):
socket(0x22, 0x1, 0x3)

46.926634014s ago: executing program 3 (id=1465):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
wait4(0x0, 0x0, 0x5, 0x0)

46.862613341s ago: executing program 3 (id=1466):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000880)=[{&(0x7f00000002c0)="94", 0xf000}], 0x1)

46.855462593s ago: executing program 3 (id=1468):
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x1010006, &(0x7f00000013c0)=ANY=[@ANYBLOB='quota,discard=0x000000000000aff9,iocharset=none,nointegrity,iocharset=cp1251,integrity,nodiscard,noquota,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c00c38b4986bd7086e58f5d7fd70ab0f8e8bb0e5f5b35be555a19034ea00aa5cc6053411b1c187a24d1f68a37ecec3d26f9ba8207f6ce22b0a47e28485c69c14dc952b0c5e5f1ffe29eb2ce10e7e2a59e32a5a7ea7d8a6fa0b5e90476f3fa2cb4fcba14a881906678b3f96174c0ea0e4edc3068e37fec09729df129bb3e5b9490df2879472cb2e2"], 0x24, 0x6254, &(0x7f0000007740)="$eJzs3cuPHFfZB+C3+jaXfHGsLKJ8FhKTxFxCiK/BGAIkWcCCDQvkHUK2JpPIwgFkG+REFp5otuzZgpBYIsSSFX9AFmzZsUXCko0EygJSqGbOGddUuqdnbE9Xt+t5pHHV26dq+pR/XX2ZquoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB89zvfP1tExOWfpxuOR/xf9CN6EStVvRYRK2vH6+s8H9vN8VxEDJciqvW3/3km4rWI+OhYxL37t9erm88dsB/f/sNff/vDp773l98PT//7jzf7r09a7tatX/7rT3cefnsBAACgi8qyLIv0Mf9ERAzSZ3sA4MmXX//LJN+unrt6c876o1ar1eoFrOvK8e7Ui4jYrK9TvWdwOB4AFsxmfNx2F2iR/DttEBFPtd0JYK4VbXeAI3Hv/u31IuVb1F8P1nba87kge/LfLHav75g0naZ5jsmsHl9b0Y9nJ/RnZUZ9mCc5/14z/8s77aO03FHnPyuT8h/tXPrUOTn/fjP/hicn/97Y/Lsq5z84VP59+QMAAAAAwBzLf/8/3vLx36VH35QD2e/479qM+gAAAAAAAAAAj9thx/8bNMb/22X8PwAAAJhb1Wf1yq+PPbht0nexVbdfKiKebiwPdEy6WGa17X4AAAAAAAAAAAAAQJcMds7hvVREDCPi6dXVsiyrn7pmfViPuv6i6/r2Q5e1/SQPAAA7PjrWuJa/iFiOiEvpu/6Gq6urZbm8slqulitL+f3saGm5XKl9rs3T6ral0QHeEA9GZfXLlmvr1U37vDytvfn7qvsalf0DdGw2WgwcACJi59Xo3qRXpP94vVpMZflMtPwmhwWxz/7PgrL/cxBtP04BAACAo1eWZVmkr/M+kY7599ruFAAwE/n1v3lcQK1Wq9Xqg9e/+uzffzBP/VFPquvK8e7Ui4jYrK9TvWcwHD8ALJjN+LjtLtAi+XfaICKeb7sTwFwr2u4AR+Le/dvrRcq3qL8epPHd87kge/LfLLbXy+uPm07TPMdkVo+vrejHsxP689yM+jBPcv69Zv6Xd9pHablHz7/c82fCts4xmpR/tZ3HW+hP23L+/Wb+DUe9/8/KVvTG5t9VOf/BofLvyx8AAAAAAOZY/vv/8bk6/jt62M2Zar/jv2tj1zi6vgAAAAAAAADA43Lv/u31fN1rPv7/mTHLuf7zyZTzL+TfSTn/XiP/LzaW69fm7771IP9/3r+9/rub//j/PD1o/kt5pkiPrCI9Iop0T8UgTR9l6z5ta9gfVfc0LHr9QTrnpxy+E1fjWmzEmT3L9tL/x4P2s3vaq54Ot9vL/k77uT3tg932vP75Pe3DdHZRuZLbT8V6/CSuxdvb7VXb0pTtX57SXk5pz/n37f+dlPMf1H6q/FdTe9GYVu5+2PvUfl+fjrufN6/+d59vHp6drejvbltdtX0vttCf7Wecp0bxsxsb10/dunLz5vWzkSZ7bj0XafKY5fyH6Wf3+f+lnfb8vF/fX+9+ODp0/vNiKwYT83+pNl9t78sz7lsbcv6j9JPzfzu1j9//Fzn/yfv/Ky30BwAAAAAAAAAAAAAAAPZTluX2JaJvRsSFdP1PW9dmAgCzlV//y8ZV+rOq+zO+P/XB6/p3v8xDf9TbdTFn/Zlp/Uk5X/1RqxexrivHe6NeRMSf6+tU7xl+Me6XAQDz7JOI+FvbnaA18u+w/H1/1fRk250BZurG+x/86Mq1axvXb7TdEwAAAAAAAADgYeXxP9dq4z+fLMvyTmO5PeO/vhVrjzr+5yDP7A4wOmGg6v7ht2k/W71Rv1cbbvyFmDT+93B3br/xvwdT7m84pX00pX1pSvvylPZpwy3n/F+ojXd+MiJONIZf78L4r80x77sg5/9i7fFc5f+FxnL1/MvfLHL+vT35n7753k9P33j/g1evvnfl3Y13N358/uzZM+cvXLh48eLpd65e2ziz82+LPT5aOf889rXzQLsl558zl3+35Pw/l2r5d0vO//Opln+35Pzz+z35d0vOP3/2kX+35PxfTrX8uyXn/6VUy79bcv6vpFr+3ZLz/3Kq5d8tOf9XUy3/bsn5n0q1/Lsl53861QfMf2XacU8WQ84/H+Gy/3dLzj+f2SD/bsn5n0u1/Lsl538+1fLvlpz/a6mWf7fk/L+Savl3S87/Qqrl3y05/6+mWv7dkvO/mGr5d0vO/2upln+35Py/nmr5d0vO//VUy79bcv7fSLX8uyXn/81Uy79bcv7fSrX8uyXn/0aq5d8tD77/34wZM2byTNvPTAAAAAAAAAAAAABA0yxOJ257GwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe3cXI9dZ3w/8zL557UBiIOTv5G9g7RhjnE12/RK/0LqYJLw0vJVAKPQF2/WuzYLf8Nol0Eg2DZRIGBVVtA0XbQFFbW4qfJELWgWUC9QKqRJpL+gNokLlIqoCCkiVaAXZas48z7Mzs7Mzu971+sw5n49k/7wzZ+Y858xzzs5v1985AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQbMv905+vZVlW/5P/tTHLXlb/9/qxjfltb7rRIwQAAABW6lf53y/ekm44vIQHNS3zz6/93tNzc3Nz2YcG/3z4y3Nz6Y6xLBtel2X5fdHVH3241rxM8Fg2Whto+nqgx+oHe9w/1OP+4R73j/S4f12P+0d73L9gByywvvHzmPzJtuX/3NjYpdmt2XB+37YOj3qstm5gIP4sJ1fLHzM3fCKbyU5l09lky/KNZWv58s9sqa/rHVlc10DTujbXZ8jPHj0ex1AL+3hby7rmnzP6yVuysZ//7NHjf3vhhds71Z67oeX5GuPcsbU+zs+GWxpjrWXr0j6J4xxoGufmDq/JYMs4a/nj6v9uH+eLSxzn4Pww11T7az6aDeT/fi7fT0PNP9ZL+2lzuO0Xd2ZZdnl+2O3LLFhXNpBtaLllYP71GW3MyPpz1KfSK7OhZc3TLUuYp/U6ta11nrYfE/H13xIeN7TIGJpfpp98ZqTpdf/l3LXM06i+1YsdK+1zcLWPlaLMwTgvnss3+vGOc3Bb2P5Hty8+BzvOnQ5zMG130xzc2msODowM5mNOL0Itf8z8HNzVsvxgvqZaXp/f3n0OTlw4fW5i9lOfvnvm9LGT0yenz+zZtWtyz759Bw4cmDgxc2p6svH3Ne7t4tuQDaRjYGvYd/EYeEPbss1Tde5rIwvOv9d6HI52OQ43ti272sfhUPvG1dbmgFw4pxvHxgfqO330ykC2yDGWvz47V34cpu1uOg6Hmo7Djt9TOhyHQ0s4DuvLnNu5tPcsQ01/Oo1h8e8FK5uDG5vmYPv7kfY5uNrvR4oyB0fDvPjBzsW/F2wO4318fLnvRwYXzMG0ueHcU78lvd8fPZCXTvPyjvodN41kF2enz9/zyLELF87vykJZE69qmivt83VD0zZlC+brwLLn6+GZ1z5+R4fbN4Z9NXp3/a/RRV+r+jJ77+n+WuXf3Trvz5Zbd2ehrLK13p+dvpvX9+dIln3lO5956FuPfuX+Rfdnvd/87MTK34unvrTp/Du8yPk39v0vNdaXnuqxweGhxvE7mPbOcMv5uPWlGsrPXbV83S9OLO18PBz+rPX5+NYu5+NNbcuu9vl4uH3j4vm41uunHSvT/nqOhnlyarL7+bi+zKbdy52TQ13Px3eGWgv7/42hU0h9UdPcWWzepnUNDQ2H7RqKa2idp3talh8OvVl9XU/tDm8K0yiXNk933NlYfrDpcdFazdOxtmVXe56mn30tNk9rvX76dm3aX8/RMC9u3dN9ntaXeXbvys+d6+M/m86dI73m4PDgSH3Mw2kS5uf7bG59nIP3ZMezs9mpbCq/dySfT7V8XeP3Lu1cORL+rPW5clOXObijbdnVnoPp+9hic682tHDjV0H76zka5sUT93afg/VlHti/uu9dd4Rb0jJN713bf7622M+87mjbTddrrgyFcX5nf/efzdaXOXVguX1m9/10V7jlpg77qf34XeyYmsrWZj9tCuN84cDi+6k+nvoyXz64xPl0OMuyS5+4L/95b/j9yqWL33+65fcunX6nc+kT9/305Sf+aTnjB6D/vdQoGxrf65p+M7WU3/8DAAAAfSH2/QOhJvp/AAAAKI3Y98f/FZ7o/wEAAKA0Yt8/FGpShv7/j3svsumBF2ZeupSlZP5cEO9Pu+HBxnIx4zoZvh6bm1e//b4np//7Hy8tbXgDWZb98sE/6rj8pgfjuBrGwjivvrX19gWevntJ6z768KW03ub8+lfD88ftWeo06BTBncyy7JlbvpivZ+zDV/L67INH8/rQ5ccfqy/z4sHG1/Hxz7+qsfxfhfDv4RPHWh7/fNgPPw518p2d90d83DeuvHHz/g/Ory8+rrb15nyzn/hI43nj5+R86bHG8nE/Lzb+b33hqW/Ul3/k9Z3Hf2mg8/ifCs/7ZKj/85rG8s2vQf3r+LjPhfHH9cXH3fP1b3cc/9XPN5Y/97bGckdDjevfEb7e9rYXZpr31yO1Yy3blb29sVxc/+T3/zS/Pz5ffP728Y8eudKyP9rnx7P/1nieibbl4+1xPdE/tK2//jzN8zOu/6k/Odqyn3ut/+pDz7+m/rzt67+rbblzn9iZr3/++Vo/semvP/fFjuuL4zn89+datufw+8JxHNb/xEfCfAz3/+/VxvO1f7rC0fe1nn/i8l/deKlle6J3/Lyx/qtvPpnXdaPrN9z0spfffPl19X2XZc+tazxfr/Wf/JuzLeP/2m2N/RHvjxn99vUvJq7//CfHz5ydvTgzlfbqo7fkn53zrsZ44nhvCefW9q+PnL3w0enzY5Njk1k2Vt6P0LtmXw/1p41yufvScwvOoDsfDq/nHX/5zIbt//qFePu/f6Bx+5V3Nr5vvSEs96Vw+8bw+i1v/Qs9seW2/PiuPRtGOLfw84JXYvO2/zqwpAXD9re/L4jz/dyrP5rvh/p9+feNeFyvcPw/nGo8zzfDfp0Ln8y89bb59TUvHz8b4cr7G8f7ivdfOM3F1/Xvwuv97h83nj+OK27vD8P7mG9vaj3fxfnxzUsD7c+ff4rH5XA+yS437o9Lxf195cXbOg4vfg5Jdvn2/Os/S89z+7I2czGzn5qdODVz5uIjExemZy9MzH7q00dOn7145sKR/LM8j3ys1+Pnz08b8vPT1PS+vVl+tjrbKNfZjR7/uYePT+2f3D41feLYxRMXHj43ff7k8dnZ49NTs9uPnTgx/clej5+ZOrRr98E9+3ePn5yZOnTg4ME9B8dnzpytD6MxqB72TX58/Mz5I/lDZg/tPbjr3nv3To6fPjs1fWj/5OT4xV6Pz783jdcf/Yfj56dPHbswc3p6fHbm09OHdh3ct293z08DPH3uxOzYxPmLZyYuzk6fn2hsy9iF/Ob6975ej6ecZv+j8X62Xa3xQXzZe+/alz6fte7Jzyz6VI1F2j5A9IXwWTTffcW5A0v5Ovb9w6EmZej/AQAAgFzs+0dCTfT/AAAAUBqx718XaqL/BwAAgNKIff9oqOm/BFSk/y9d/n/TpSWtX/5f/r95f8n/Vyz///6i5f8b5wv5/9Wx0vy9/H9QzPz/cCb/L/9f4PHL/8v/s1DR8v+x71+fZX7/DwAAACUV+/4NoSb6fwAAACiN2PffFGqi/wcAAIDSiH3/y0JNKtL/y//L/8v/lzT/P7T4+uX/5f/LTP6/uz7P/7v+/xrk/7Nq5f8vr+b4b0D+f33zF/L/FFHR8v+x7395qElF+n8AAACogtj33xxqov8HAACA0oh9/y2hJvp/AAAAKI3Y928MNalI/y//v6L8f8pcyf+3jl/+v5Xr/4f5IP8v/78G5P+7k//voYT5/5FlbP6Nvn7+St3o8bv+v/w/CxUt/x/7/leEmlSk/wcAAIAqiH3/K0NN9P8AAABQPEPX9rDY978q1GRB/3+NKwAAAABuuNj335q1BcEr8vt/+X/X/5f/l/+X/++8/qXn/wcz+f/ikP/vTv6/hxLm/5fjRufn+3388v/y/yxUtPx/3vdno9mrQ00q0v8DAABAFcS+/7ZQE/0/AAAAlEbs+/9fqIn+HwAAAEoj9v2bQk0q0v/L/5cm//+L5pdO/l/+v9v65f9d/7/M5P+7k//vQf5f/l/+X/6fVVW0/H/s+28PNalI/w8AAABVEPv+O0JN9P8AAABQGrHv//+hJvp/AAAAKI3Y928ONalI/y//X/D8f0yOuv6//L/8fyHz/6Py/4Uj/9+d/H8P8v/y//L/8v+sqqLl/2Pf/5pQk4r0/wAAAFAF8eetr83/1v8DAABAGcW+/3WhJvp/AAAAKI3Y94+FmlSk/19O/r92Wf5/Mdf5+v8jS7j+fwv5f/n/buuX/3f9/zKT/+9O/r8H+X/5f/l/+X9WVdHy/7Hv3xJqUpH+HwAAAKog9v1bQ030/wAAAFAase+/M9RE/w8AAAClEfv+baEmFen/i3j9/yH5//b8fyb/L/8v/y//L/+/NPL/3cn/9yD/L/8v/y//z6oqWv4/9v2vDzWpSP8PAAAAVRD7/u2hJvp/AAAAKI3Y978h1ET/DwAAAKUR+/4doSYV6f+LmP/P5P/l/+X/c035//vXZ/L/8v/y/0sh/9+d/H8P8v/y//L/8v+sqqLl/2Pf/8ZQk4r0/wAAAFAFse/fGWqi/wcAAIDSiH3/XaEm+n8AAAAojdj3j4eaVKT/l/+X/5f/74v8v+v/y//L/y+R/H938v89yP/L/8v/y/+zqoqW/499/92hJhXp/wEAAKAKYt9/T6iJ/h8AAABKI/b9E6Em+n8AAAAojdj3T4aaVKT/l/+X/5f/l/9fVv7/dfPPK//fcF3z/w/I/y+X/H938v89yP/L/9/w/P+w/D+lUrT8f+z7d4WaVKT/BwAAgCqIff/uUBP9PwAAAJRG7Pv3hJro/wEAAKA0Yt+/N9SkIv2//L/8v/y//L/r/3defyHy/67/v2zy/92tfv4/bmJR8v/r5P9X4Ebn5/t9/K7/L//PQkXL/8e+/95Qk4r0/wAAAFAFse/fF2qi/wcAAIDSiH3//lAT/T8AAACURuz7D4SaVKT/l/+X/5f/l/+X/++8fvn//iT/353r//cg/y//38f5//rckv+naIqW/499/8FQk4r0/wAAAFAFse9/U6iJ/h8AAABKI/b9vxZqov8HAACA0oh9/6+HmlSk/5f/l/+X/5f/L3r+f0T+X/5/GeT/u5P/70H+X/6/j/P/rv9PERUt/x/7/kOhJhXp/wEAAKAKYt//G6Em+n8AAAAojdj3vznURP8PAAAApRH7/sOhJhXp/+X/1yj/H2+U/5f/l/93/X/5/+tK/r87+f8e5P/l/+X/5f9ZVUXL/8e+/y2hJhXp/wEAAKAKYt9/X6iJ/h8AAABKI/b994ea6P8BAACgNGLf/0CoSUX6f/n/Prv+/2gZ8//DLWOX/59/nPx/g/y//P9yyP93J//fg/y//L/8v/w/q6po+f/Y97811KQi/T8AAABUQez73xZq0qX/X3fdRwUAAACsptj3vz3UxO//AQAAoDRi3/+OUJOK9P/y/32W/3f9f/l/+X/5f/n/ruT/u5P/70H+X/5f/l/+n1VVtPx/7Pt/M9SkIv0/AAAAVEHs+x8MNdH/AwAAQGnEvv+doSb6fwAAACiN2Pe/K9SkIv2//L/8v/y//L/8f+f1y//3J/n/7vos//+rm8Pt8v8N8v/FHv9y8/9DbV9fl/z/jxbL/88tuKSZ/D/XQ9Hy/7Hvf3eoSUX6fwAAAKiC2Pe/J9RE/w8AAAClEfv+94aa6P8BAACgNGLf/1uhJhXp/+X/6+OYTy/L/8v/5zfI/y8n/z8k/y//XyTy/931Wf7f9f/byP8Xe/yu/y//z0JFy//Hvv99oSYV6f8BAACgCmLf/1Coif4fAAAASiP2/e8PNdH/AwAAQGnEvv8DoSYV6f/l/13/X/5f/t/1/zuvX/6/P8n/dyf/34P8v/x/0fL//yn/T38rWv4/9v0Ph5pUpP8HAACAKoh9/wdDTfT/AAAAUBqx7//tUBP9PwAAAJRG7Ps/FGpSkf5f/r9f8v9j8v/LzP+PhNvk/+X/5f+rRf6/O/n/HuT/5f+Llv93/X/6XNHy/7Hv/3CoydL7/9ElLwkAAADcELHv/51Qk+b+v/2XUQAAAEBfiX3/74aaVOT//wMAAEAVxL7/90JNKtL/y//3S/7f9f8z1/+X/2/bHvl/+f9O1i7/H8888v/y//L/kfy//L/8P+2Klv+Pff/vh5pUpP8HAACAKoh9/0dCDXymHwAAAPSJTv8nu13s+4+Emvj9PwAAAJRG7PuPhppUpP+X/5f/l/8vaP7/L7b+yw++956ju+T/W/L/l+X/5f97WNPr/9cPftf/l/+X/0/k/+X/5f9pV7T8f+z7j4WazDd+7xIGAAAAgP4W+/4/CDWpyO//AQAAoApi33881ET/DwAAAKUR+/6pUJOK9P/y//L/8v8Fzf/38fX/4/7op+v/j6/ro/x/POnK/3e0pvn/D87nxOX/l5v/H+l4a3v+vyb/30L+f9nj/26WZfL/8v/cQEXL/8e+fzrUpCL9PwAAAFRB6PsHTjTq/B36fwAAACiN2PefDDXR/wMAAEBpxL7/o6EmFen/5f/l/+X/5f/76fr/mev/u/5/D/L/3RUn/9+Z6//L//fz+OX/5f9ZqGj5/9j3z4SaVKT/BwAAgCqIff/HQk30/wAAAFAase//eKiJ/h8AAABKI/b9p0JNKtL/y//L/8v/y//L/3dev/x/f5L//z/27uTJ0rLK4/hNOmmqgk3vetGL7n3/CSyadfcf0AsiOnqhEYYRgorzROE84jwPOIsDDqCIE84TOKE4i4rzPOCMGmVAnXOqMvPN92ZW3cx87vN8PgsOJFXeW1gB9ausb73z9P9L6P/1//p//T8r1Vr/n7v/fnHLIPsfAAAARpC7/9K4xf4HAACAbuTuvyxusf8BAACgG7n77x+3DLL/9f/6/277///S/+/2+vp//X/P9P/z9P9L6P/1//p//T8r1Vr/n7v/AXHLnoff5h6/IAAAAHBUcvc/MG4Z5PP/AAAAMILc/ZfHLfY/AAAAdCN3/4PilkH2/7b+f2MxZv+fGa/+v6f+3/P/d319/b/+v2eH2/9fefe/+fT/+n/9f9D/6//1/2zXWv+fu//Bccsg+x8AAABGkLv/IXGL/Q8AAADdyN3/0LjF/gcAAIBu5O5/WNwyyP73/H/P/9f/6//1/9Ovr/9fT57/P2+k/v/y2y689M4b/u3G/by+/l//r//X/7NarfX/ufsfHrcMsv8BAABgBLn7HxG32P8AAADQjdz9j4xb7H8AAABYQ8cnP5q7/1FxyyD7X/+v/9f/R/9/TP+v/9f/90D/P2+k/v9sXl//r//X/+v/Wa3W+v/c/Y+OWwbZ/wAAADCC3P2PiVvsfwAAAGjX1C/EnpG7/4q4xf4HAACAbuTuPxG3DLL/9f8H3///Xf+/Hv2/5//r//X/XdD/z9P/L6H/1//r//X/rFRr/X/u/ivjlkH2PwAAAIwgd/9j4xb7HwAAALqRu/9xcYv9DwAAAN3I3f/4uGWQ/a//9/x//b/+X/8//fr6//Wk/5+n/19C/3+u/fz5+n/9v/6fM+2z/79r5l/bK+n/c/c/IW4ZZP8DAADACHL3PzFusf8BAACgG7n7nxS32P8AAADQjdz9T45bBtn/+n/9v/6/5f5/c9F0/7/zu9499P/T9P+HQ/8/r5n+f2Nz8sP6/7Xv/z3/X/+v/2eL1p7/n7v/KXHLIPsfAAAARpC7/6lxy8z+3/dP5gMAAABHKnf/0+IWn/8HAACAtZfVWe7+p8ctg+x//b/+X//fcv/v+f+LRvv/G894f/r/tuj/5zXT/+9C/6//X+f3r//X/7NTa/1/7v5nxC2D7H8AAAAYQe7+q+IW+x8AAAC6kbv/mXGL/Q8AAADdyN3/rLhlkP0/3f+f/vv6/73R/299//r/6e8fq+r/839R/z/b/1/s+f9j0v/P0/8vof/X/+v/d+v/jy/7+vp/prTW/+fuf3bcMsj+BwAAgBHk7n9O3GL/AwAAQDdy9z83brH/AQAAoBu5+58Xtwyy/z3/X/+v/1+//t/z/085yuf/Lw69/9/U/++R/n+e/n8J/b/+X/8///z/md8FQP/PlNb6/9z9z49bBtn/AAAAMILc/S+IW+x/AAAAWA9n/tqB7b+gNOTuf2HcYv8DAABAN3L3vyhu6Wf/zz6rU/+v/9f/6//1/9Ov31b/7/n/e6X/n6f/X0L/fxD9/GZn/f/Vu339Fvr/Kw66/5+h/2fKlv7/ptMfP6r+P3f/i+OWfvY/AAAADC93/0viFvsfAAAAupG7/6Vxi/0PAAAA3cjd/7K4ZZD9f+D9/8zvPqD/1//r//X/+n/9/6rp/+fp/5fQ/3v+v+f/6/9ZqS39/xmOqv/P3f/yuGWQ/Q8AAAAjyN3/irjF/gcAAIBu5O6/Om6x/wEAAKAbuftfGbcMsv89/1//r//X/+v/p19f/7+ezqm/P0//X/T/+n/9v/5f/88KtNb/5+5/Vdz64yD7HwAAAEaQu//VcYv9DwAAAN3I3f+auMX+BwAAgG7k7n9t3DLI/tf/H2z/nx/X/+v/F/p//b/+/1AM+/z/jan/Eu20S/9/y31O/M/Wj+j/9f/6f/2//p89+peZv9dE/3/y9I8uc/e/Lm4ZZP8DAADACHL3vz5usf8BAACgG7n73xC32P8AAADQjdz918Qt+9z/c81Dy/T/nv+v/99////PC/3/Qv+v/2/UsP3/Hnn+/xL6f/2//l//z0o10f+f8de5+98Yt/j8PwAAAHQjd/+b4hb7HwAAALqRu//NcYv9DwAAAN3I3f+WuGWQ/a//1//r/z3/X/8//fr6//Wk/5+n/19infr/a86h/9+c/vBR9/Pn6qjfv/5f/89OrfX/ufuvjVsG2f8AAAAwgtz9b41b7H8AAADoRu7+t8Ut9j8AAAB0I3f/2+OWQfa//l//r/9fRf9/6p+A/v8U/f80/f/h0P/P0/8vFovrZt7AVP9/8oI2+3/P/2/u/ev/9f/s1Fr/n7v/HXHLIPsfAAAARpC7/7q4xf4HAACAbuTuvz5usf8BAACgG7n73xm3DLL/9f/6f/2/5//r/6dfX/+/nvT/8/T/S6zT8//1/829f/2//p+dWuv/c/e/K24ZZP8DAADACHL33xC32P8AAADQjdz9745b7H8AAADoRu7+G+OWQfa//l//r//X/+v/p19f/7+eDq7/X+j/9f/6/yX0//p//T/btdb/5+5/T9wyyP4HAACAEeTuf2/cYv8DAABAN3L3vy9usf8BAACgG7n73x+3DLL/9f/6f/2//r/P/v8C/f+gPP9/nv5/Cf2//l//r/9npab7/yuOrP/P3f+BuGWQ/Q8AAAAjyN1/U9xi/wMAAEA3cvd/MG6x/wEAAKAbufs/FLcMsv/1//r/rf3/YqH/1//30f+vxfP/jy30/yun/5+n/19C/99n/3/eoqP+//iuX1//T4tae/5/7v4Pxy2D7H8AAAAYQe7+j8Qt9j8AAAB0I3f/R+MW+x8AAAC6kbv/Y3HLIPtf/6//9/x//b/+f/r1Pf9/Pen/5+n/l9D/99n/e/6//p8j01r/n7v/43HLIPsfAAAARpC7/xNxi/0PAAAA3cjd/8m4xf4HAACAbuTu/1TcMsj+1//r//X/+n/9//Tr6//Xk/5/nv5/Cf2//l//r/9npVrr/3P3fzpu2XX4bf+RKQAAANC63P03xy2DfP4fAAAARpC7/5a4xf4HAACAbuTu/0zcMsj+1//r//X/69n/H9P/6//1/5Na6f8vuui/b9X/6//1//p//b/+f3St9f+5+z8btwyy/wEAAGAEufs/F7fY/wAAANCN3P2fj1vsfwAAAOhG7v4vxC2D7P+d/f/5i1OF6ilT/X80avr/M+j/t75//f/09w/P/9f/6/8PXiv9v+f/n9371//r/9f5/e+r//+PnV9f/0+PWuv/c/ffGrcMsv8BAABgBLn7vxi32P8AAADQjdz9X4pb7H8AAADoRu7+2+KWQfa/5//r//X/+n/9//Tr6//Xk/5/nv5/Cf2//t/z/y+71z/p/1md1vr/3P1fjlsG2f8AAAAwgtz9X4lb7H8AAADoRu7+r8Yt9j8AAAB0I3f/1+KWQfa//l//r//X/+v/p19f/7+e9P/z9P9l+zftlHH6/2NTHzzqfv5cHfX776b/9/x/Vqi1/j93/9fjlkH2PwAAAIwgd/834hb7HwAAALqRu/+bcYv9DwAAAN3I3f+tuGWQ/a//1//33///v/5/2+vr//X/PdP/53/Rp+n/lxin/5901P38ur9//b/+n51a6/9z998etwyy/wEAAGAEufu/HbfY/wAAANCN3P3fiVvsfwAAAOhG7v7vxi2D7H/9/1j9/8ZixP7f8//1//r/kej/5+n/l9D/6//1//p/Vqq1/j93/x0bm0PufwAAAFhX//uf9719r1/2jnv+eGzxvbjl4sXJPX4aGwAAAGjc3bt/Y3Ox+P49f+Xz/wAAANCj3P0/iFsG2f/6/7H6//V9/v9N+n/9v/5f/78n+v95+v8l9P/6f/2//p+Vaq3/z93/w7jljOG3ue9vJQAAANCS3P0/ilsG+fw/AAAAjCB3/4/jlh37328HCAAAAOsqd/9P4pZBPv+v/2+8/18cUP8fX259+n/P/9f/6//1/3uj/593jv3/yQ39v/5/hv5f/6//Z7vW+v/c/T+NWwbZ/wAAANCpLT+jkLv/Z3GL/Q8AAADdyN3/87jF/gcAAIBu5O7/RdwyyP7X/x96/5+p+gE+//94/Vk/z//X/59V/3/VscnX1//r/3um/5/n+f9L6P976f8v0P/r/2lDa/1/7v5fxi3zw+//5r+VAAAAQEty9/8qbhnk8/8AAAAwgtz9v45b7H8AAADoRu7+38Qtg+x//X/jz/8/q/5/D8//1/+P0f/v8vr99P//euGJmy+59/XX6v857TD7//y+oP/X/+v/T2mo/z+S93/3/z/6f/0/W62+/9/c8sH99v+5+38btwyy/wEAAGAEufvvjFvsfwAAAOhG7v7fxS32PwAAAHQjd//v45ZB9r/+X//fSv+f/6yPoP8/cdb9//HFYnEk/X82xaP3/57/r//fyfP/5+n/l9D/6/89/1//z0qtvv/f+sH99v+5+/8Qtwyy/wEAAGAEufv/GLfk/t/Y90/dAwAAAI3J3f+nuMXn/wEAAKAbufv/HLcMsv/1//r/Vvr/5Pn/p79eX8//v6Ti1DH7/3+vP9P/H6zD6P/zRwv6f/2//n8r/b/+X//PdgfU/+cPw/bd/+fu/0vcMsj+BwAAgBHk7r8rbrH/AQAAoBu5+/8at9j/AAAA0I3c/X+LWwbZ//r/Xvv/LOL1//r/Vvp/z//3/P/D4fn/8/T/S+j/9f/6f/0/K9Xa8/9z9/8jAAD//8FQb5Q=")
open(&(0x7f0000001280)='./file1\x00', 0x12da80, 0x8)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
getpriority(0x0, r0)
syz_clone3(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000008, 0x4000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000007c0)=ANY=[], 0x119)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x2, @empty, 0xcac2d78a}}, 0x0, 0x0, 0x3f, 0x0, "ee8b0e650926a96ecc136e7fb980e989db9e8bf9b93129488f651a8de213eb94cd46e19d9c65a018444a131f4da58ae36556dd38ea6c029607462029add09240005c6776267517308a3d40aa1c788df6"}, 0xd8)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
writev(r2, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
close(r2)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
shutdown(r3, 0x1)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000009593d1044062180b738010203010902120001000000000904"], 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000100)={0x4, 0x3, 0x7, 0x6, 0x7, "bca2eab1eaabc68a"})
ioctl$TIOCMSET(r4, 0x5418, &(0x7f0000000000)=0x8001)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)

43.959045746s ago: executing program 3 (id=1501):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000180)={[{@min_batch_time={'min_batch_time', 0x3d, 0x83}}, {@init_itable}, {@mblk_io_submit}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)

43.512359298s ago: executing program 3 (id=1506):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000800)=ANY=[], 0x0, 0x4e, 0x0, 0x1, 0x1}, 0x28)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket(0x1e, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200), 0x20440, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
syz_io_uring_setup(0x234, 0x0, &(0x7f0000000380), &(0x7f0000000340))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
recvmmsg(r0, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0)
write$bt_hci(r0, 0x0, 0x24)
syz_io_uring_setup(0x8dd, &(0x7f0000000440)={0x0, 0x1b7, 0x400, 0x8, 0x20000fe}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
sendfile(r0, r4, &(0x7f0000000080)=0x10001, 0x8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, 0x0, &(0x7f0000000140)}, 0x20)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)

43.242799709s ago: executing program 3 (id=1507):
syz_usb_connect(0x0, 0x3f, &(0x7f0000003240)=ANY=[@ANYBLOB="1201000033bc1840861246202ec10000000109022d0001000040000904d80403ff04010009058f02400009000109050d00100005ba81090501"], 0x0)

43.085667967s ago: executing program 36 (id=1507):
syz_usb_connect(0x0, 0x3f, &(0x7f0000003240)=ANY=[@ANYBLOB="1201000033bc1840861246202ec10000000109022d0001000040000904d80403ff04010009058f02400009000109050d00100005ba81090501"], 0x0)

13.999567638s ago: executing program 6 (id=1831):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1e, 0xf, &(0x7f0000001840)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0xb2}}, {}, [], {{}, {0x5}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

13.916339465s ago: executing program 6 (id=1832):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=@migrate={0x50, 0x12, 0x1, 0x0, 0x0, {{@in6=@remote, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x4, 0x0, 0xfffe, 0xa}}}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0)

13.915893283s ago: executing program 6 (id=1834):
socket$nl_route(0x10, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f00000000c0), 0x12)

13.838362648s ago: executing program 6 (id=1835):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x11)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000240)='./file0/../file0\x00')
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00')

13.838119481s ago: executing program 6 (id=1836):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_OPENQRY(r0, 0x4b4c, &(0x7f0000000080))

13.641717815s ago: executing program 6 (id=1837):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0x10, 0x9}, @queue={0xee, {0x7, 0xc9a}}}, {0x0, 0x0, 0x0, 0x0, @tick=0x46f, {}, {0x80}, @connect={{0x40, 0x7}, {0x80, 0xf6}}}], 0x38)
write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x2a, 0x0, 0x0, @time={0x7f, 0x4}, {}, {}, @raw32}, {0x0, 0x0, 0x5, 0x0, @time={0xffffffff}, {0x4}, {0x0, 0x4}, @time=@tick=0x3}, {0x7f, 0x0, 0x0, 0x0, @time={0x7, 0x7}, {0x0, 0x3}, {}, @control={0x0, 0x0, 0x800}}, {0x0, 0x0, 0x0, 0x7, @tick, {}, {0x0, 0x4}, @addr={0xd1, 0x9}}, {0x0, 0x0, 0x0, 0x0, @tick, {0x0, 0x3}, {}, @quote={{0x1, 0xfe}}}, {0x0, 0x40, 0x0, 0x5, @time={0x5, 0x1000}, {}, {0x0, 0x9}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x1, 0x1, 0x0, @tick=0x401, {}, {}, @control={0x3, 0x9, 0x3}}], 0xc4)
read$snapshot(r1, 0x0, 0xffffffbf)
ioctl$SG_GET_PACK_ID(r1, 0x227c, &(0x7f0000000140))

13.610874577s ago: executing program 37 (id=1837):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x47, 0x0, 0x0, @tick, {0x40, 0xff}, {0x10, 0x9}, @queue={0xee, {0x7, 0xc9a}}}, {0x0, 0x0, 0x0, 0x0, @tick=0x46f, {}, {0x80}, @connect={{0x40, 0x7}, {0x80, 0xf6}}}], 0x38)
write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x2a, 0x0, 0x0, @time={0x7f, 0x4}, {}, {}, @raw32}, {0x0, 0x0, 0x5, 0x0, @time={0xffffffff}, {0x4}, {0x0, 0x4}, @time=@tick=0x3}, {0x7f, 0x0, 0x0, 0x0, @time={0x7, 0x7}, {0x0, 0x3}, {}, @control={0x0, 0x0, 0x800}}, {0x0, 0x0, 0x0, 0x7, @tick, {}, {0x0, 0x4}, @addr={0xd1, 0x9}}, {0x0, 0x0, 0x0, 0x0, @tick, {0x0, 0x3}, {}, @quote={{0x1, 0xfe}}}, {0x0, 0x40, 0x0, 0x5, @time={0x5, 0x1000}, {}, {0x0, 0x9}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x1, 0x1, 0x0, @tick=0x401, {}, {}, @control={0x3, 0x9, 0x3}}], 0xc4)
read$snapshot(r1, 0x0, 0xffffffbf)
ioctl$SG_GET_PACK_ID(r1, 0x227c, &(0x7f0000000140))

3.197499139s ago: executing program 4 (id=1961):
sendmsg$ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000814}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_setup(0x7, &(0x7f0000000280)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x8, r0, 0x0}])

2.271469146s ago: executing program 4 (id=1982):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCGETS2(r0, 0x802c542a, &(0x7f0000000040))
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f00000010c0)={0x44, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.228471841s ago: executing program 7 (id=1995):
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
io_setup(0x8, &(0x7f0000004200)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

1.141238858s ago: executing program 7 (id=1996):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
io_setup(0xea, &(0x7f00000000c0)=<r1=>0x0)
close(r0)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
io_submit(r1, 0x1, &(0x7f0000000940)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x5, 0x8, r0, 0x0, 0x0, 0x0, 0x0, 0x2}])

1.057428928s ago: executing program 7 (id=1997):
syz_mount_image$ocfs2(&(0x7f0000000140), &(0x7f0000000040)='./file1\x00', 0x8008c4, &(0x7f0000000480)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119, @ANYRES32], 0x1, 0x4436, &(0x7f0000004480)="$eJzs3c9rm+cdAPDnfe0sdpZkdpZDBoMJFtjYhrFz2ubAHMeJYyeeR9aE0osi20riVraCLZcecnBvgZ4KPZQeQguFUnwKPvSa/gm99JieA+2hl0Ih1EXSK1vvawmrxrKb8PlA9Oh9fitfvY8eHeQnTlTuL67mFldzheVcef7u6oXc2+XS2lIxxIfkqMenM92Ik9gfndnLV/9/+0IIXy58/Xxra2srVPWGlkaanv/w/cP55rQhzrSp9tu6t4PyRgjh7K55VfWEEF7/IoQohHApyRtP0v4QwulQL7v98L07uQOazZNnxYv5FzOPNkfPT2883mz/2qMQPir94R/3lr79c8/oN387oOEBAAAAAAAAAAAAAAAAAHjJTd6cvfW/4ZHwNAq9G9Hu3+tOJmmL38fOfl5Ptw7Gnw7j5QIAAAAAAAAAAAAAAAAAAMCv0s7v/3PRmRa//59I0rE27bf+0/050j1T/52duDI8kpz/Hu0q/2eS9d2lnjDY4tz37PnvlzLtW5//vnuc/WrMrzHuQIjiodR1HA8NhfBJcvD7uehEXCqvVv5+t7y2vHBg03hppeNfP70/FZ3kQP9O4z+e6b/75///fte7qXp95+DeYq+0dPx72tb79N2oo/hfzrQ7jPizf+n499by+psrjNUXgGr83+/dO/4Tmf67Ff/TIYRcVJ1rLrUCVPcw1fx2+xXS0vE/VstLLZ3Jf2S7+//HTPyvZPo/qvV/PftBREvp+P+mlteXqrFz/w/Ge93/feHq9vP6G+co4l+d/7rP/46k43+8ntnb9JgsB52u/5OZ/rsV/1txMsPTUeodsBHV81v8vTpaSMe/b1f5zve/uKP937VM+8P6/tcYt/H9r7H8/zWqf/+jtXT8+9vW6/T+n8q06/b6P1bb/7Ff6fifqOWl984DtcdO4z+d6b9b8a/tSvoa8d9ZT346Xs//2P6vI+n4/7aeGTfXWK891vZ/0d77/+uZ/o9i/1ed/3rc3VFfFen4n2xb77PFKHzVwef/jUy7ar/HujP1bcP2+vuWjv+ptvVq93/f3vGfybTr9v3/l252DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPASGE/SgRDFQ6nrOB4aCuFycn0unIjmCgv5uVJ5/q3VECaS/Fw4E90rlecKpfzicnmhmC+USuX5EK4k5WdDX7RaKlfyS4UHV7f76o/uFwsrlblioRJCmEzy/xhONfqaW6wsFR6EEK5tl/0uLq88uF9Yzi8srvx7eHh4OExtz2EwKr5TKS5X6qPXS0OY3m47EDVNrlZ8fXsuJ6M3y2sry4VSLf9GU5tSeb5Qamozk5R9EAajysra8nyhUsyXyvca4x2lsSSdmLr52s0bI7vK70T1dPxwpwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAL/R09F8fhhB661dxCCEXJU+i5F/Kk2fFi/kXM482R89PbzzefN6qDgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8zA4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV26RilgSAKA/CbAdHSY1gtu53tiiJauCJ4Aj2Gh9GjeAnvYJEibYoQSGYh7E6xTVJ9X/Ngfmbeg3kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMByj2/D+2vbRaS42l5G/H7+/R/nz6V+31UuX5xnRk7n6WW4f2i78u9plt+Wo1Wf9+lm/fURlTr6mezJdJ8O5n2mqvtWMc439r2OlJuI6Et+k3JummVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3jqJvAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//6KfHYs=")
setresuid(0x0, 0xee01, 0xee00)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x10)
fchown(r0, 0x0, 0x0)

848.780146ms ago: executing program 4 (id=1999):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000640)='/dev/comedi4\x00', 0x400, 0x0)
ioctl$COMEDI_CMD(r0, 0x80506409, &(0x7f0000000780)={0x1, 0x40, 0x10, 0x7, 0x0, 0x2, 0x4, 0x1ee, 0xffffffff, 0x1b1, 0x10, 0x2, &(0x7f0000000680)=[0xb8eb], 0x1, 0x0})

785.725953ms ago: executing program 4 (id=2000):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0x6, 0x1, 0x0, 0x0, @str='\x17\x00'}]}, 0x1c}}, 0x0)

780.5939ms ago: executing program 7 (id=2002):
socket$inet(0x2, 0x800, 0x8000002)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_tcp(0x2, 0x1, 0x0)
execve(0x0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f00000000c0)={@local, 0x0, 0x0, 0x1, 0x1}, 0x20)
socket$inet_tcp(0x2, 0x1, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x1, 0x0, 0x0, "810000cc2b000000000000fa25ffff00ffffff"})

733.083837ms ago: executing program 4 (id=2003):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x21000e, &(0x7f0000000180), 0xde, 0x53b, &(0x7f0000000e00)="$eJzs3c1vI2cZAPBnJnbIdlOSAodSqR+ii3YrWHvT0Dbi0BaBuFUClfsSJd4oWme9ip12E1WQFX8AEkJQiRMnLkjcuCCh/RMQUiX2jgCBEGzhwAEYNOPxNmvG2cD6Y5X8ftJrv/OOPc/zOvb4nY94AjizXoiINyNiLiJeioilsj0tSxz2S/64D++9t5GXvPntvySRlG0RRfW+8+XTFvp3lbr7B9fX2+3Wbjnd7O3cbHb3Dy5v76xvtbZaN1ZXV15de23tlbUrY+ln3q/Xv/KHH3z3J199/Zeff/e3V/906Vt50l8u5w/6NT7Fqxd3i9t6/lrcV4uI3fEGm5m5sj/1WScCAMCJ5KPUT0TEZ4rx/1LMFaO5wvCQbmH62QEAAADjkL2xGP9MIjIAAADg1HojIhYjSRvluQCLkaaNRv8c3k/FE2m70+197lpn78ZmPi9iOerpte1260p5Tu1y1JN8eqWofzT98tD0akQ8FRHfXzpXTDc2Ou3NWe/8AAAAgDPi/ND2/9+X+tv/AAAAwCmzPOsEAAAAgIkbtf2fTDkPAAAAYHIc/wcAAIBT7WtvvZWXbHD968139veud965vNnqXm/s7G00Njq7Nxtbnc5W8Zt9O8ctqx4R7U7n5hci9m41e61ur9ndP7i609m70bu67fqBAAAAMCtPPX/nbhIRh188V5TcfH4zN+IJzhWAUyMd0V75Mf/9ZHMBpmvU1/wJzI8zD2D6arNOAJidw1knAMzaAz/1UTEoOHryzgP7DH41uZwAAIDxuvjpO3e/XXH8v1aezw+cXqOO/wOn3yMc/89l48oDmD7H/+HsqsdctnTiR9+eaC7AbDzsUh8jf7yj6vh/5ZnBWfbQZQEAABO1WJTn00Z5LHAx0rTRiHiy+B/genJtu926EhEfj4jfLNU/lk+vFM9MXB4QAAAAAAAAAAAAAAAAAAAAAAAAAE4oy5LIAAAAgFMtIv1jUl7/6+LShcXh/QPzyT+KywPOR8S7P3r7h7fWe73dlbz9r/fbe++X7S/PYg8GAAAAnEW1Y+cOttMH2/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAME4f3ntvY1CmGffPX4qI5ar4tVgo7heiHhFP/C2J2pHnJRExN4b4h7cj4umq+EmeViyXWQzHTyPi3HTiP5tlWWX882OID2fZnXz982bV5y+NF4r76s9/rSyP6oH13/zPj8xJ76//5kas/548YYxnPvhZc2T82xHP1KrXP4P4yYj4L1YtsOJF+eY3Dg7+q7G/8Mh+HHGx8vsneSBWs7dzs9ndP7i8vbO+1dpq3VhdXXl17bW1V9auNK9tt1vlbVWI+N6zv/j3UPR/ZX1F/6MfP6rWv8f1/0JeqR9pzIbDlME+uHXvk/1qfWgRRfxLL1a//54+Jn7+nvhs+T2Qz784qB/260c999NfP1eZWBl/c8Tr/7C//6VRCx3y0te/87sTPhQAmILBKGu3u39wfb3dbk2s8n6WZRMO8X9UIj3pg4vhYkTMPufJVGqTficsPC49nXLlwuORxv9SGceeLQAA4HHz0aB/1pkAAAAAAAAAAAAAAAAAAADA2dXdj3TSPyc2HPNwNl0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjWfwIAAP//nJjX8w==")
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937e, &(0x7f00000019c0)={{0x1, 0x1, 0x1018, r0}, './file1\x00'})

612.546355ms ago: executing program 4 (id=2005):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000036571a20cd0c8000fe67010203010902120001000000000904"], 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000040)={0x34, &(0x7f0000000240)={0x0, 0x14, 0x8, "1357c4367e4be40d"}, 0x0, 0x0, 0x0, 0x0, 0x0})

295.686988ms ago: executing program 8 (id=2008):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@fallback=r0, r0, 0x2f}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000300)={@cgroup=r0, r2, 0x2f, 0x0, 0x4, @void, @value=r1}, 0x20)

220.197556ms ago: executing program 8 (id=2009):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r1=>0x0})
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x0, {0x1}}, 0x18)

219.955959ms ago: executing program 8 (id=2010):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)={0x14, r1, 0x1, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20004001}, 0x80)

143.05065ms ago: executing program 8 (id=2011):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x33, 0x1, 0x70bd2b, 0x25dbdbfe, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x50}, 0x4000000)

142.817506ms ago: executing program 8 (id=2012):
syz_mount_image$nilfs2(&(0x7f000000a000), &(0x7f0000000400)='./file0\x00', 0x94, &(0x7f000000a380)=ANY=[@ANYBLOB="0001def4774774366f0b8a20db13db64e85fc9322c3fe018b91ff1291b4f4c56de7e4543f49818e1307d98d09daa1e2a7dbf88003e9401dc73aad0b7dbb5685565c7825ba8340621faeae92abed19c524ab06c4303258d253722e159642af447aeb096c6a26d345d82f2925163331b0e9157441a9c61dd1051d3b970f9ac12f5975cf1ad4e45acef1a54921c492a77bcb1858b68758ed339608b8e43c733219f1f9e0b867840f821e03bc0e8a497c4d5dde436000090a397637dedb2f3"], 0x1, 0xd99, &(0x7f0000006900)="$eJzs3UtvXNUdAPBzx544LxqHmMZN09glpbiP2CRYpbsaKV2gSqgSnwClgYYa+ghdgIKUsOi2kRAfoIh9F31mgRSxSsWmVb8AYtVNipBoG1UCI9vnjMf/zOjOOLbH4/n9pDtn7v2fe88587hz575OAkZWY+1xcXG6SuntW29dvDcz/r/VKTOtHLNrj+N5bCml1GzNl9JkWN7SxHr62SfXLrWnn+e0ShdSlarW9PTs3da8R1JK19Nsup0m03Mfn7z50gfPLL934saJi2/M3dmZ1gMAwGi596N3f/m3x3947fj/f39mKU20ppft86U8fjRv9y9V6+M5af0PqNrSqm28OBDyjeehEfKNdcjXXk4z5BvvUv6BsNxml3wTNeWPtU3r1G4YZhv/46vG/KbxRmN+fv0/+aoPxw5U869cWX7h6oAqCmy7T2fyLj6DwTByw8qxQa+BANbF44b3uR73LDyY1tLGeyv/7tONzvPDNtjtz7/yh6v8d29Y47B99uunqbSrfI+O5vF4HGE8zNfv978sLx6PaPZYz27HEYbl+EK3eo7tcj22qlv94+div/paTsvrcCbE278/8T0dlvcY6Oye/f8Gw8gOK4NeAQF7VjxvbiUr8XheX4xP1MQP1sQP1cQP18SP1MRhlP3h1d+mm9XG//z4n77f/WFlP9tDOf1Sn/WJ+yP7LT+e99uvBy0/nk8Me9rcf09/+uvbf4/n/38ezv8/m39LJ/MKouwvjPvVW+f+hwuDG13yPRyq81CH/GvPpzbnq6Y2lpPa1jP31WN683zHuuU7vTnfZMh3OG+LHAz1jdsnh8N8ZfujrFfL6zUe2tsM7TgQ6lHemeM5PRjac7xbu8KO7AMhXzMPJ0K7pkK7HgnzfTm0q5re3K64/7zU52SYHo+TlHzhbbvvdym+F/G6jEdz+mZO38np+zn9qEO5o6h8Hrud/18+n9OpWb1wZfnyE3m8fE7vjDUnVqef3+V6Aw+u1+t/ptPm63+OtqY3G+3rhWMb06v29cJkmH6hy/Qn83j5Pfvp2KG16fOXfr78k+1uPIy4q6+9/rPnl5cv/8oTTzzxpPVk0GsmYKctvPryLxauvvb6uSsvP//i5Rcvv3L+ie9/78mnnlpcWNuqX2jftgf2l40f/UHXBAAAAAAAAAAAAOhZdajz5JzW3d+2XE9erk+P18czHMr7Vj4N5T4G5frPbvd1KddvHt+FOrL9duNyokG3Eejs3+7/azCM7LCy4i7+wN4w6P7/yn0PS3r03D+Prw4l292nN68v4/0L4UHs9f7nlL+/+v9r9X/V8/ov9Jg1ubVy/3jv0D/aik2nei0/tr/cB3aqv/L/lMsvrXks9Vb+yu9C+fFGpT36cyj/cI/l39f+01sr/y+5/PKyzZ3ttfz1GleNzfWI+43LfQDjfuPir6H95d5+fbd/ix213crlwygbln4m+zUs/X92U5Zb1oN59dw6Tlfuvx37O+i3/uW+3+V34JGw/Krm903/n8Otrv/P8vlb0P8n7DsfOv5nMIzssLKyMtCuT0a135W9YtCv/6C3IQdd/qBf/zqx/8/4fyn2/xnjsf/PGI/9f8Z47F8rxmP/n/H1jP1/xvjJsNzYP+h0TfwrNfFTNfGv1sRP18Tj/7cYn62Jn6mJz9TEH66JP1oTP1sT/0ZN/LGa+OM18bma+H739ZyOavthlMV+I33/YXSU4z/dvv9TNXFgeMV+neP3+5s1cWB4lfM8fL9hBFWd79gR97eX/bhv5vSdnL6f0492rILshm/l9Ns5/U5Ov5vTczmdz+lCTvUNOdx+869TZ25WG+f5HQvxXs8njdcDxPvEnO+xPvH4XL/ns57ssZydKn+Ll4MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADI3G2uPi4nSV0tu33rr4n6kf/Hh1ykwrx+za43geW0opNVNKVR4fD8u7PrGefvbJtUud0ipdWHss4+nZu615j6zOn2bT7TSZnvv45M2XPnhm+b0TN05cfGPuzs60HgAAAEbDFwEAAP//ManlwQ==")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0xb9cbbe05c791f09e)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r0, 0x5, 0x3)
getdents64(r0, 0x0, 0x0)

77.53403ms ago: executing program 7 (id=2013):
r0 = socket(0x1e, 0x5, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
recvmmsg(r0, &(0x7f0000001400)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000740)=""/245, 0xf5}], 0x1, &(0x7f0000000900)=""/211, 0xd3}, 0x3}], 0x1, 0x20, 0x0)
sendmmsg$inet(r0, &(0x7f0000000880)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="dc", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f00000005c0)="d91e42", 0x3}], 0x1}}], 0x2, 0x40480dc)

248.65µs ago: executing program 8 (id=2014):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9"], 0x1, 0x619d, &(0x7f0000000780)="$eJzs3cuOHFcZB/Cv+jaXEMfKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgCYsmKB8iCLTseAEs2EiirFKqZc8Y1nW732M509cz5/aRx1denavqU/119marqEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/PAHPz5bRcTlX6Ubjkd8LvoRvYiVpl6LiJW143n5QUQ8H9vN8VxEDJciqtz4TMRrEfHRsYh792+vNzed22c/vv+Xf/7hJ0/96B9/Gp7+319v9l+fttytW7/979/uPP72AgAAQInquq6r9DH/RPp83+u6UwDAXOTX/zrJt6sXrt5csP6o1Wq1+hDWbfVkd9pFRGy212neMzgcDwCHzGZ83HUX6JD8izaIiKe67gSw0KquO8CBuHf/9nqV8q3arwdrO+35XJA9+W9Wu9d3TJvOMn6OybweX1vRj2en9GdlTn1YJDn/3nj+l3faR2m5g85/XqblP9q59Kk4Of/+eP5jjk7+vYn5lyrnP3ik/PvyBwAAAACABZb//n+84+O/S0++KfvysOO/a3PqAwAAAAAAAAB81p50/L9dlfH/AAAAYFE1n9Ubvzv24LZp38XW3H6pinh6bHmgMOlimdWu+wEAAAAAAAAAAAAAJRnsnMN7qYoYRsTTq6t1XTc/beP1o3rS9Q+70rcfStb1kzwAAOz46NjYtfxVxHJEXErf9TdcXV2t6+WV1Xq1XlnK72dHS8v1SutzbZ42ty2N9vGGeDCqm1+23Fqvbdbn5Vnt47+vua9R3d9Hx+ajw8ABICJ2Xo3ueUU6Yur6mej6XQ6Hg/3/6LH/sx9dP04BAACAg1fXdV2lr/M+kY7597ruFAAwF/n1f/y4gFqtVqvV6qNXt9WT3WkXEbHZXqd5z2A4fgA4ZDbj4667QIfkX7RBRDzfdSeAhVZ13QEOxL37t9erlG/Vfj1I47vnc0H25L9Zba+X1580nWX8HJN5Pb62oh/PTunPc3PqwyLJ+ffG87+80z5Kyx10/vMyLf9mO4930J+u5fz74/mPOTr59ybmX6qc/+CR8u/LHwAAAAAAFlj++//xhTr+O3rczZnpYcd/1w7sXgEAAAAAAADgYN27f3s9X/eaj/9/YcJyrv88mnL+lfyLlPPvjeX/1bHl+q35u289yP8/92+v//Hmvz+fp/vNfynPVOmRVaVHRJXuqRqk6ZNs3adtDfuj5p6GVa8/SOf81MN34mpci404s2fZXvr/eNB+dk9709Phdnvd32k/t6d9sNue1z+/p32YznSqV3L7qViPn8e1eHu7vWlbmrH9yzPa6xntOf++/b9IOf9B66fJfzW1V2PTxt0Pe5/a79vTSffz5tUv/ubMwW/OTFvR3922tmb7XuygP9v/J0+N4pc3Nq6funXl5s3rZyNN9tx6LtLkM5bzH6af3ef/l3ba8/N+e3+9++HokfNfFFsxmJr/S635ZntfnnPfupDzH6WfnP/bqX3y/n+Y85++/7/SQX8AAAAAAAAAAAAAAADgYeq63r5E9M2IuJCu/+nq2kwAYL7y63+d5NvnVfcfd/0/792OrvqvVs+5rhasP3OtP6kXqz9q9WGs2+rJ3mgXEfH39jrNe4ZfT/plAMAi+yQi/tV1J+iM/AuWv++vmZ7sujPAXN14/4OfXrl2beP6ja57AgAAAAAAAAA8rjz+51pr/OeTdV3fGVtuz/ivb8Xak47/OcgzuwOMThmouv/o2/QwW71Rv9cabvyFmDb+93B37mHjfw9m3N9wRvtoRvvSjPblGe0TL/Royfm/0Brv/GREnBgbfr2E8V/Hx7wvQc7/xdbjucn/K2PLtfOvf3+Y8+/tyf/0zfd+cfrG+x+8evW9K+9uvLvxs/Nnz545f+HCxYsXT79z9drGmZ1/O+zxwcr557GvnQdalpx/zlz+Zcn5fynV8i9Lzv/LqZZ/WXL++f2e/MuS88+ffeRflpz/y6mWf1ly/l9LtfzLkvN/JdXyL0vO/+upln9Zcv6vplr+Zcn5n0q1/MuS8z+d6n3mv3LQ/WI+cv75CJf9vyw5/3xmg/zLkvM/l2r5lyXnfz7V8i9Lzv+1VMu/LDn/b6Ra/mXJ+V9ItfzLkvP/ZqrlX5ac/8VUy78sOf9vpVr+Zcn5fzvV8i9Lzv/1VMu/LDn/76Ra/mXJ+X831fIvS87/e6mWf1ly/m+kWv5lefD9/2bMmDGTZ7p+ZgIAAAAAAAAAAAAAxs3jdOKutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe3cXI9dZ3w/8zL557UBiIOTv5G/C2jHGOJvs+iV+oXUx4bXhrSSEQl+wXe/aLPgNr10CjWpHgRIJo6KKtuGiLSDU5qbCqrigFaBcoFaVKpH2gt4gKlQuoiqggFSJVpCtZs7zPDszOzuz6x07Z875fKTkl505M+fMmWdm92vnuwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBsy5tmP1PLsqxWq+UXbMyyl9Tn+omNjUte/+IeHwAAALB2v2z8+/lb0gWHV3Cjpm3+6c7vfn1hYWEh+8Dwn45+YWEhXTGRZaPrsqxxXXT1hx+sNW8TPJ6N14aavh7qsfvhHteP9Lh+tMf1Yz2uX9fj+vEe1y85AUusz2rpzrY1/nNjfkqzW7PRxnXbOtzq8dq6ofq5S7fNao3bLIyeyOayU9lsNt2yfb5trbH9N7fU9/X2LO5rqGlfm+sr5KePHo/HUAvneFvLvhbvM/rxG7OJn/300eN/feG52zvNnqeh5f7y49yxtX6cnwqX5Mday9alcxKPc6jpODd3eE6GW46z1rhd/b/bj/P5FR7n8OJh3lDtz/l4NtT472ca52mklnU4T5vDZT+/K8uyy4uH3b7Nkn1lQ9mGlkuGFp+f8XxF1u+jvpReno2sap1uWcE6rc+Zba3rtP01EZ//LeF2I8scQ/PT9OPHxpqe918sXMs6jeqPernXSvsa7PdrpShrMK6LZxoP+omOa3BbePyPbl9+DXZcOx3WYHrcTWtwa681ODQ23Djm9CTUGrdZXIO7WrYfbuyp1pjPbu++BqcunD43Nf+JT94zd/rYydmTs2f27No1vWffvgMHDkydmDs1O53/+xrPdvFtyIbSa2BrOHfxNfDatm2bl+rCl8eWvP9e6+twvMvrcGPbtv1+HY60P7jajXlBLl3T+WvjffWTPn5lKFvmNdZ4fnau/XWYHnfT63Ck6XXY8XtKh9fhyApeh/Vtzu1c2c8sI03/dDqG5b8XrG0Nbmxag+0/j7SvwX7/PFKUNTge1sX3dy7/vWBzON4nJlf788jwkjWYHm5476lfkn7eHz/QGJ3W5R31K24ayy7Oz56/95FjFy6c35WFcUO8ommttK/XDU2PKVuyXodWvV4Pz935xB0dLt8YztX4PfV/jS/7XNW32Xtv9+eq8d2t8/lsuXR3Fkaf3ejz2em7ef18jmXZF7/z2IPfevSLb1r2fNbz5qem1v6zeMqlTe+/o8u8/8bc/0K+v3RXjw+PjuSv3+F0dkZb3o9bn6qRxntXrbHv56dW9n48Gv650e/Ht3Z5P97Utm2/349H2x9cfD+u9frTjrVpfz7Hwzo5Nd39/bi+zabdq12TI13fj+8KsxbO/+tCUki5qGntLLdu075GRkbD4xqJe2hdp3tath8N2ay+r6d2X9s63XFXfl/D6dEtulHrdKJt236v0/RnX8ut01qvP327Nu3P53hYF7fu6b5O69s8vXft753r4382vXeO9VqDo8Nj9WMeTYuw8X6fLayPa/De7Hh2NjuVzTSuHWusp1pjX5P3rWwNjoV/bvR75aYua3BH27b9XoPp+9hya682svTB90H78zke1sWT93Vfg/Vt3ry/vz+77giXpG2afnZt//O15f7M646203S91spIOM7v7O/+Z7P1bU4dWG3O7H6e7g6X3NThPLW/fpd7Tc1kN+Y8bQrH+dyB5c9T/Xjq23zh4ArX0+Esyy597P7Gn/eGv1/5u4vf+3rL37t0+judSx+7/ycvPfGPqzl+AAbfC/nYkH+va/qbqZX8/T8AAAAwEGLuHwozkf8BAACgNGLuj/9XeCL/AwAAQGnE3D8SZlKR/L/pzc/NvXApS838hSBen07DA/l2seM6Hb6eWFhUv/z+r87+9z9cWtm+h7Is+8UDf9Bx+00PxOPKTYTjvPqW1suX+Po9K9r30Ycvpf0299e/FO4/Pp6VLoNOFdzpLMu+ecvnGvuZ+OCVxnz6gaON+eDlJx6vb/P8wfzrePtnX5Fv/xeh/Hv4xLGW2z8bzsOPwpx+R+fzEW/3tSuv27z//Yv7i7erbb258bCf/FB+v/H35Hz+8Xz7eJ6XO/5vffapr9W3f+Q1nY//0lDn438q3O9Xw/yfV+XbNz8H9a/j7T4djj/uL97u3q98u+PxX/1Mvv25t+bbHQ0z7n9H+HrbW5+baz5fj9SOtTyu7G35dnH/09/748b18f7i/bcf//iRKy3no319PP1v+f1MtW0fL4/7if6+bf/1+2len3H/T/3R0Zbz3Gv/Vx989lX1+23f/91t25372M7G/hfvr/U3Nv3lpz/XcX/xeA7/7bmWx3P4veF1HPb/5IfCegzX/+/V/P7af7vC0fe2vv/E7b+08VLL44ne/rN8/1ffcLIx142v33DTS1568+VX189dlj2zLr+/Xvs/+VdnW47/y7fl5yNeHzv67ftfTtz/+Y9Pnjk7f3FuJp3VR29p/O6cd+bHE4/3lvDe2v71kbMXPjx7fmJ6YjrLJsr7K/Su2VfC/Ek+LnffemHJO+jOh8Pzeceff3PD9n/9bLz839+XX37lHfn3rdeG7T4fLt8Ynr/V7X+pJ7fc1nh9154OR7iw9PcFr8Xmbf91YEUbhsff/nNBXO/nXvnhxnmoX9f4vhFf12s8/h/M5PfzjXBeF8JvZt562+L+mrePvxvhykP5633N5y+8zcXn9W/C8/2uH+X3H48rPt4fhJ9jvr2p9f0uro9vXBpqv//Gb/G4HN5Pssv59XGreL6vPH9bx8OLv4cku3x74+s/Sfdz+6oe5nLmPzE/dWruzMVHpi7Mzl+Ymv/EJ4+cPnvxzIUjjd/leeQjvW6/+P60ofH+NDO7b2/WeLc6m4/r7MU+/nMPH5/ZP719ZvbEsYsnLjx8bvb8yePz88dnZ+a3HztxYvbjvW4/N3No1+6De/bvnjw5N3PowMGDew5Ozp05Wz+M/KB62Df90ckz5480bjJ/aO/BXffdt3d68vTZmdlD+6enJy/2un3je9Nk/da/P3l+9tSxC3OnZyfn5z45e2jXwX37dvf8bYCnz52Yn5g6f/HM1MX52fNT+WOZuNC4uP69r9ftKaf5/8h/nm1Xy38RX/aeu/el389a99XHlr2rfJO2XyD6XPhdNP/8snMHVvJ1zP2jYSYVyf8AAABQBTH3j4WZyP8AAABQGjH3rwszkf8BAACgNGLuHw8zqUj+L13/f9OlFe1f/1//v/l86f9XrP//UNH6//n7hf5/f6y1f6//H+j/6//r/+v/6//TB0Xr/8fcvz7LKpn/AQAAoApi7t8QZiL/AwAAQGnE3H9TmIn8DwAAAKURc/9Lwkwqkv/1//X/9f/1//X/O+9f/38w6f93p//fg/7/VFat/v/lfh6//r/+P0sVrf8fc/9Lw0wqkv8BAACgCmLuvznMRP4HAACA0oi5/5YwE/kfAAAASiPm/o1hJhXJ//r/+v/6//r/+v+d96//P5j0/7vT/+9B/9/n/+v/6//TV0Xr/8fc/7Iwk4rkfwAAAKiCmPtfHmYi/wMAAEDxjFzbzWLuf0WYyZL8f407AAAAAF50MfffmrUVwSvy9//6//r/xe//r0vX6f/r/2eF7P8PZ/r/xaH/353+fw/6//r/+v/6//RV0fr/jdyfjWevDDOpSP4HAACAKoi5/7YwE/kfAAAASiPm/v8XZiL/AwAAQGnE3L8pzKQi+V//X/+/+P1/n/+v/1/0/r/P/y8S/f/u9P970P/X/9f/1/+nr4rW/4+5//Ywk4rkfwAAAKiCmPvvCDOR/wEAAKA0Yu7//2Em8j8AAACURsz9m8NMKpL/9f8L3v+PzVH9f/1//X/9f/3/FdH/707/vwf9f/1//X/9f/qqaP3/mPtfFWZSkfwPAAAAVRBz/51hJvI/AAAAlEbM/a8OM5H/AQAAoDRi7p8IM6lI/tf/L3j/P+/Bj/n8f/1//X/9f/3/ldH/707/vwf9f/3/vvT/Fy7p/+v/kyta/z/m/i1hJhXJ/wAAAFAFMfdvDTOR/wEAAKA0Yu6/K8xE/gcAAIDSiLl/W5hJRfK//v9A9P8z/X/9f/1//X/9/5XR/+9O/78H/X/9f5//r/9PXxWt/x9z/2vCTCqS/wEAAKAKYu7fHmYi/wMAAEBpxNz/2jAT+R8AAABKI+b+HWEmFcn/+v/6//r/+v/6/533r/8/mPT/u9P/70H/X/9f/1//n74qWv8/5v7XhZlUJP8DAABAFcTcvzPMRP4HAACA0oi5/+4wE/kfAAAASiPm/skwk4rkf/1//X/9f/1//f/O+9f/H0z6/93p//eg/6//r/+v/09fFa3/H3P/PWEmFcn/AAAAUAUx998bZiL/AwAAQGnE3D8VZiL/AwAAQGnE3D8dZlKR/K//r/+v/6//v6r+/6sX71f/P6f/Xyz6/93p//eg/6///6L3/0f1/ymVovX/Y+7fFWZSkfwPAAAAVRBz/+4wE/kfAAAASiPm/j1hJvI/AAAAlEbM/XvDTCqS//X/9f/1//X/ff5/5/3r/w8m/f/u+t//jw9R/1//X//f5//r/7NU0fr/MfffF2ZSkfwPAAAAVRBz/74wE/kfAAAASiPm/v1hJvI/AAAAlEbM/QfCTCqS//X/9f/1//X/9f8771//fzDp/3fn8/970P/X/9f/1/9njR76w+avitb/j7n/YJhJRfI/AAAAVEHM/a8PM5H/AQAAoDRi7v+VMBP5HwAAAEoj5v5fDTOpSP7X/9f/1//X/9f/77x//f/BpP/fnf5/D/r/+v/6//r/9FXR+v8x9x8KM6lI/gcAAIAqiLn/18JM5H8AAAAojZj73xBmIv8DAABAacTcfzjMpCL5X/9f/1//X/9f/7/z/m90/38s3q/+/5ro/3en/9+D/r/+v/6//j99VbT+f8z9bwwzqUj+BwAAgCqIuf/+MBP5HwAAAEoj5v43hZnI/wAAAFAaMfe/OcykIvlf/1//X/9f/1//v/P+ff7/YNL/707/vwf9f/1//X/9f/qqaP3/mPvfEmZSkfwPAAAAVRBz/1vDTOR/AAAAKI2Y+98WZiL/AwAAQGnE3P/2MJOK5H/9f/1//X/9f/3/zvvX/x9M+v/d6f/3oP+v/6//r/9PXxWt/x9z/6+HmVQk/wMAAEAVxNz/QJiJ/A8AAAClEXP/O8JM5H8AAAAojZj73xlmUpH8r/+v/6//r/+v/995//r/g0n/v7sB6///8uZwuf5/Tv+/2Me/2v7/SNvX16X//8Pl+v8L69pvr//P9VC0/n/M/e8KM6lI/gcAAIAqiLn/3WEm8j8AAACURsz97wkzkf8BAACgNGLu/40wk4rkf/3/+nEstpf1/8va/x/S/9f/1/+vCP3/7gas/+/z/9vo/xf7+H3+v/4/SxWt/x9z/3vDTCqS/wEAAKAKYu5/MMxE/gcAAIDSiLn/oTAT+R8AAABKI+b+94WZVCT/6//7/P9q9P99/n+m/6//XxH6/93p//eg/6//X7T+/3/q/zPYitb/j7n/4TCTiuR/AAAAqIKY+98fZiL/AwAAQGnE3P+bYSbyPwAAAJRGzP0fCDOpSP7X/x+U/v/EgPb/H9P/v479/ztvzrfT/9f/Z5H+f3f6/z3o/+v/F63/7/P/GXBF6//H3P/BMJOV5//xFW8JAAAAvChi7v+tMJOK/P0/AAAAVEHM/b8dZiL/AwAAQGnE3P87YSYVyf/6/4PS//f5/5n+v8//b3s8+v/6/53cuP5/fOfR/9f/1/+P9P/1//X/aVe0/n/M/b8bZlKR/A8AAABVEHP/h8JM5H8AAAAYCJ3+n+x2MfcfCTOR/wEAAKA0Yu4/GmZSkfyv/6//r/9f0P7/n239l+9/991Hd+n/6//r/6/KDf38//qL3+f/6//r/yf6//r/+v+0K1r/P+b+Y2EmFcn/AAAAUAUx9/9emIn8DwAAAKURc//xMBP5HwAAAEoj5v6ZMJOK5H/9f/1//f+C9v8H+PP/4/nQ/2/Vt/5/fNPV/+8o79+nVXR9+//vX+yJ6/+vtv8/1vFS/X/9/0E+fv1//X+WKlr/P+b+2TCTiuR/AAAAqIKQ+4dO5HPxCvkfAAAASiPm/pNhJvI/AAAAlEbM/R8OM6lI/tf/1//X/9f/9/n/nfffrf9fG/H5/0WV+vc/b7xQ9P/bFKf/35n+v/7/IB+//r/+P0sVrf8fc/9cmElF8j8AAABUQcz9Hwkzkf8BAACgNGLu/2iYifwPAAAApRFz/6kwk4rkf/1//X/9f/1//f/O+y/s5//r/3e11v69/n+g/6//r/+v/6//Tx8Urf8fc//pMJOK5H8AAACogpj7z4SZyP8AAABQGjH3/x97d9JkWVntcfjkvUVUVnAHd3YHd2KEQz8CAx3rB3DgxIFGGA5ERcWewr5FUbFXBPsGGxBEVLBvwA7FHlTs+wY7RIkyyFprVWXmzn0yq05m7v2+zzNgyZHkHIkK4F9ZP/f5cYv9DwAAAM3I3f/YuKWT/a//1/832/8/UP+/0/vr//X/LdP/j9P/L6H/1//r//X/rNTU+v/c/Y+LWzrZ/wAAANCD3P2Pj1vsfwAAAGhG7v4L4hb7HwAAAJqRu/8JcUsn+39L/7+26LP/z4xX/99S/+/5/zu+v/5f/9+yg+3/L77v73z6f/2//j/o/3fV/x/d6ev1/7Roav1/7v4nxi2d7H8AAADoQe7+J8Ut9j8AAAA0I3f/hXGL/Q8AAADNyN3/5Lilk/2/uuf/H9t4fab9f9H/6/83XtD/6//1/7Pl+f/jeur/L7jt3Mfcdd3/X7+X99f/6/89/1//z2pNrf/P3f+UuKWT/Q8AAAA9yN3/1LjF/gcAAIBm5O5/Wtxi/wMAAEAzcvc/PW7pZP+vrv+f9fP/i/5f/7/xgv5f/6//ny39/7ie+v8zeX/9v/5f/6//Z7Wm1v/n7n9G3NLJ/gcAAIAe5O5/Ztxi/wMAAEAzcvdfFLfY/wAAANCM3P3H45ZO9r/+f//7/3v1//r/uPp//b/+f//p/8fp/5fQ/+v/9f/6f1Zqav1/7v6L45ZO9j8AAAD0IHf/s+IW+x8AAACakbv/2XGL/Q8AAADNyN3/nLilk/2v//f8f/2//l//P/z++v950v+P0/8vof8/237+HP2//l//z+n22P/fM/K37ZX0/7n7nxu3dLL/AQAAoAe5+58Xt9j/AAAA0Izc/c+PW+x/AAAAaEbu/hfELZ3sf/2//l//r/8/4/5/+w+9Dfr/Yfr/g6H/HzeZ/n/tyODL+v/Z9/+e/6//1/+zydSe/5+7/4VxSyf7HwAAAHqQu/9FccvI/t/zT+YDAAAAhyp3/4vjFt//BwAAgNnL6ix3/0vilk72v/5f/6//1/97/v/w+4/1/9ef9vn0/9Oi/x83mf5/B/p//f+cP7/+X//PdlPr/3P3vzRu6WT/AwAAQA9y918St9j/AAAA0Izc/S+LW+x/AAAAaEbu/pfHLZ3s/+H+/9R/r//fHf3/5s+v/x/+8bGq/j//jPr/0f7/QZ7/3yf9/7iD7/+P6v83//n1//vosD9/4/3/sWVfr/9nyNT6/9z9l8Ytnex/AAAA6EHu/lfELfY/AAAANCN3/yvjFvsfAAAAmpG7/1VxSyf73/P/9f/6//n1/57/f9JhPv9/ceD9/xH9/y7p/8d5/v8S+n/9v/7f8/9Zqan1/7n7L4tbOtn/AAAA0IPL7l5s7P5XLxb2PwAAAMzR6b92YOsvKA25+18Tt9j/AAAA0Izc/a+NWzrZ//p//b/+X/+v/x9+/2n1/57/v1v6/3H6/yX0//vRzx9prP+/fKevn0L/f5H+n4nZ1P/feOr1w+r/c/e/Lm7pZP8DAABAD3L3vz5usf8BAACgGbn73xC32P8AAADQjNz9b4xbOtn/+97/H9v5vfX/+n/9v/5f/6//XzX9/zj9/xL6f8//9/x//T8rtan/P81h9f+5+98Ut3Sy/wEAAKAHufvfHLfY/wAAANCM3P2Xxy32PwAAADQjd/9b4pZO9r/n/+v/9f/6f/3/8Pvr/+dJ/z9O/7+E/l//r//X/7NSU+v/c/dfEbd0sv8BAACgB7n7r4xb7H8AAABoRu7+t8Yt9j8AAAA0I3f/2+KWTva//n9/+/98Xf+v/1/o//X/+v8D0W3/vzb0T6Ltduj/b3nU8YdsfkX/r//X/+v/9f+swCT6/xOn/u0yd//b45ZO9j8AAAD0IHf/O+IW+x8AAACakbv/nXGL/Q8AAADNyN3/rrhlj/v/f1f6qQ6O/t/z//X/+n/9//D76//nqdv+f5c8/38J/b/+X/+v/2elJtH/n/b7ufvfHbf4/j8AAAA0I3f/e+IW+x8AAACakbv/vXGL/Q8AAADNyN3/vrilk/2v/9f/6//1//r/4fc/0/5/fTFM/38w9P/j9P9L6P/1//p//T8rNbX+P3f/VXFLJ/sfAAAAepC7//1xi/0PAAAAzcjd/4G4xf4HAACAZuTu/2Dc0sn+1//r//X/+n/9//D7e/7/POn/x+n/F4vF1SMfYKj/P3FU/6//1//r/zlDU+v/c/d/KG7pZP8DAABAD3L3Xx232P8AAADQjNz918Qt9j8AAAA0I3f/h+OWTva//l//r//X/+v/h99f/z9P+v9x+v8lPP9f/6//1/+zUlPr/3P3Xxu3dLL/AQAAoAe5+6+LW+x/AAAAaEbu/o/ELfY/AAAANCN3//VxSyf7X/+v/9f/6//3pf8/rv/fSv9/MPav/1/o//X/+v8l9P/6f/0/Wx1U/39P/P1+Wf+fu/+jcUsn+x8AAAB6kLv/hrjF/gcAAIBm5O7/WNxi/wMAAEAzcvd/PG7pZP/r//X/+n/9v+f/D7+//n+ePP9/nP5/Cf2//l//r/9npQ6q/9+p99/6+7n7PxG3dLL/AQAAoAe5+2+MW+x/AAAAaEbu/pviFvsfAAAAmpG7/5NxSyf7X/+v/9/c/y8W+n/9v/7/pAPo/9cX+v+V0/+P0/8vof9vs///r0VD/f+xHb9e/88UTa3/z93/qbilk/0PAAAAPcjd/+m4xf4HAACAZuTu/0zcYv8DAABAM3L3fzZuaWn/37tz+jb//v/oli/U/y8Wi9sv9Px//f/I++v/J9P/119V/f/q6P/H6f+X0P+32f97/r/+n0Mztf4/d//n4paW9j8AAAB0Lnf/5+MW+x8AAACakbv/C3GL/Q8AAADNyN3/xbilk/0///5/6xfq/xdn9fx//f/GC/p//b/+f7bOtr+/Yj3+mab/1//r/wf7+bUd/r1nof/X/+v/GTC1/j93/5filk72PwAAAPQgd//NcYv9DwAAAM3I3X9L3GL/AwAAQDNy9385bulk/+v/9f/6/3n2/+v6f/2//n/QVJ7/f955D75V/6//b7H/H6P/1//r/9lqav1/7v6vxC2d7H8AAADoQe7+r8Yt9j8AAAA0I3f/1+IW+x8AAACakbv/63FLJ/t/e/9/zuJkoXrSUP8fjZr+/zT6/82fX/8//OPD8//1//r//TeV/t/z/8/s8+v/9f9z/vx76v/vt/3r9f+0aGr9f+7+W+OWTvY/AAAA9CB3/zfiFvsfAAAAmpG7/5txi/0PAAAAzcjdf1vc0sn+9/x//b/+X/+v/x9+f/3/POn/x+n/l9D/6/89///8R/y3/p/VmVr/n7v/W3HLxvC7//+c4f9MAAAAYEJy9387bunk+/8AAADQg9z934lb7H8AAABoRu7+78Ytnex//b/+X/+v/9f/D7+//n+e9P/j9P9L9NP/rw+9eNj9/Nk67M/fTP/v+f+s0NT6/9z934tbOtn/AAAA0IPc/d+PW+x/AAAAaEbu/h/ELfY/AAAANCN3/+1xSyf7X/+v/2+//3+4/n/L++v/9f8t0//nP9GH6f+X6Kf/H3TY/fzcP7/+X//PdlPr/3P33xG3dLL/AQAAoAe5+38Yt9j/AAAA0Izc/T+KW+x/AAAAaEbu/h/HLZ3sf/1/X/3/2qLH/t/z//X/+v+ezKf/v/LI0Kue/6//1//P9/Pr//X/bDe1/j93/51rR7rc/wAAADBXD33Ao+/Y7R9758Zv1xc/iVvsfwAAAGhG7v6fxi32PwAAADQjd//P4pZO9r/+v6/+v8/n/+v/9f/6/57Mp/8fpv/X/+v/5/v59f/6f7abWv+fu//ncctpw2/w/6AHAAAAmI3c/b+IWzr5/j8AAAD0IHf/L+OWbfv/xC5/VTsAAAAwNbn7fxW3dPL9f/3/xPv/xT71//HH6f9P0v/r/4feX/8/T/r/cWfZ/59Y0//r/0fo//X/+n+2mlr/n7v/hmsXXe5/AAAAaNSmn1H49cZv1xe/iVvsfwAAAGhG7v7fxi32PwAAADQjd//v4pZO9r/+f+L9/xk9//9Y/SfP/++8/79kffD99f/6/5bp/8d5/v8S+n/9v/5f/89K7aH/3xik+93/5+7/fdzSyf4HAACAHuTu/0PcYv8DAABAM3L3/zFusf8BAACgGbn7/xS3dLL/9f+H0P9fenSx2Nf+fxfP/9f/99H/7/D+7fT//3fu8Zsf9shrrtL/c8pB9v/5Y0H/r//X/5+k/9f/6//ZamrP/8/d/+e4pZP9DwAAAD3I3X9X3GL/AwAAQDNy9/8lbrlv/990WJ8KAAAAWKXc/X+NWzr5/r/+v8Xn/8+z/8+/1ofQ/x+fX/+fTXHv/b/n/+v/t/P8/3H6/yX0//p//b/+n5WaWv+fu/9vcUsn+x8AAAB6kLv/73FL7v+1Pf/UPQAAADAxufv/Ebf4/j8AAAA0I3f/3XFLJ/tf/6//n0r/nzz//9TXef7/Sfp//f9e6P/H6f+X0P/r//X/+n9Wamr9f+7+f8Ytnex/AAAA6EHu/nviFvsfAAAAmpG7/19xi/0PAAAAzcjd/++4pZP9r//X/+v/9f/6/+H31//Pk/5/nP5/Cf2//l//r/9npabW/+fu/08AAAD//zekcr0=")
rename(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
symlink(&(0x7f0000001640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/../file0\x00', &(0x7f0000000e40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

0s ago: executing program 7 (id=2015):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x81)
writev(r1, &(0x7f0000000040)=[{&(0x7f0000000240)="9ac247f3453d59133e6ec7cb31e5b52ca7", 0x11}, {0x0}], 0x2)

kernel console output (not intermixed with test programs):

 156.169897][   T33] audit: type=1326 audit(1755976885.195:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.4.1342" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5b718ebe9 code=0x7fc00000
[  156.180619][   T33] audit: type=1326 audit(1755976885.195:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.4.1342" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5b718ebe9 code=0x7fc00000
[  156.191118][   T33] audit: type=1326 audit(1755976885.195:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.4.1342" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5b718ebe9 code=0x7fc00000
[  156.200766][   T33] audit: type=1326 audit(1755976885.195:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.4.1342" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5b718ebe9 code=0x7fc00000
[  156.211342][   T33] audit: type=1326 audit(1755976885.195:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.4.1342" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5b718ebe9 code=0x7fc00000
[  156.221401][   T33] audit: type=1326 audit(1755976885.195:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.4.1342" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5b718ebe9 code=0x7fc00000
[  156.232273][   T33] audit: type=1326 audit(1755976885.195:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9414 comm="syz.4.1342" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5b718ebe9 code=0x7fc00000
[  156.313106][ T5995] usb 7-1: USB disconnect, device number 6
[  156.512624][ T9426] loop4: detected capacity change from 0 to 64
[  156.531097][ T9426] Trying to free block not in datazone
[  156.857199][ T9432] loop4: detected capacity change from 0 to 40427
[  156.865486][ T9432] F2FS-fs (loop4): build fault injection rate: 771
[  156.873398][ T9432] F2FS-fs (loop4): invalid crc value
[  156.915312][ T9432] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  156.919226][ T9432] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  156.937382][ T6979] syz-executor: attempt to access beyond end of device
[  156.937382][ T6979] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  156.942964][ T6979] CPU: 0 UID: 0 PID: 6979 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  156.942981][ T6979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  156.942988][ T6979] Call Trace:
[  156.942992][ T6979]  <TASK>
[  156.942997][ T6979]  dump_stack_lvl+0x189/0x250
[  156.943044][ T6979]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.943057][ T6979]  ? __pfx_queue_work_on+0x10/0x10
[  156.943068][ T6979]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  156.943083][ T6979]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  156.943100][ T6979]  f2fs_handle_critical_error+0x37c/0x540
[  156.943118][ T6979]  f2fs_write_end_io+0x886/0xb60
[  156.943135][ T6979]  __submit_merged_bio+0x27a/0x6a0
[  156.943151][ T6979]  __submit_merged_write_cond+0x255/0x530
[  156.943167][ T6979]  f2fs_write_data_pages+0x261d/0x3000
[  156.943211][ T6979]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  156.943229][ T6979]  ? arch_stack_walk+0xfc/0x150
[  156.943251][ T6979]  ? __mod_zone_page_state+0xd7/0x140
[  156.943268][ T6979]  ? folios_put_refs+0x560/0x640
[  156.943284][ T6979]  ? __pfx_folios_put_refs+0x10/0x10
[  156.943294][ T6979]  ? rcu_is_watching+0x15/0xb0
[  156.943305][ T6979]  ? lru_add+0xa2f/0xd80
[  156.943316][ T6979]  ? lru_add+0x198/0xd80
[  156.943327][ T6979]  ? folio_batch_move_lru+0x319/0x3a0
[  156.943340][ T6979]  ? filemap_get_folios_tag+0xed/0x630
[  156.943351][ T6979]  ? rcu_is_watching+0x15/0xb0
[  156.943361][ T6979]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  156.943374][ T6979]  do_writepages+0x32e/0x550
[  156.943388][ T6979]  ? rcu_is_watching+0x15/0xb0
[  156.943401][ T6979]  ? do_raw_spin_unlock+0x4d/0x240
[  156.943415][ T6979]  filemap_fdatawrite+0x199/0x240
[  156.943429][ T6979]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  156.943455][ T6979]  ? rcu_is_watching+0x15/0xb0
[  156.943467][ T6979]  ? do_raw_spin_unlock+0x4d/0x240
[  156.943479][ T6979]  f2fs_sync_dirty_inodes+0x31f/0x830
[  156.943491][ T6979]  f2fs_write_checkpoint+0x95a/0x1df0
[  156.943510][ T6979]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  156.943533][ T6979]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  156.943544][ T6979]  ? kfree+0x18e/0x440
[  156.943557][ T6979]  ? kill_f2fs_super+0x298/0x6c0
[  156.943566][ T6979]  kill_f2fs_super+0x2c3/0x6c0
[  156.943574][ T6979]  ? __pfx_kill_f2fs_super+0x10/0x10
[  156.943580][ T6979]  ? radix_tree_delete_item+0x2b6/0x400
[  156.943618][ T6979]  ? shrinker_free+0x2ce/0x3e0
[  156.943633][ T6979]  deactivate_locked_super+0xbc/0x130
[  156.943646][ T6979]  cleanup_mnt+0x425/0x4c0
[  156.943659][ T6979]  task_work_run+0x1d4/0x260
[  156.943675][ T6979]  ? __pfx_task_work_run+0x10/0x10
[  156.943684][ T6979]  ? __x64_sys_umount+0x122/0x160
[  156.943697][ T6979]  ? __pfx___x64_sys_umount+0x10/0x10
[  156.943711][ T6979]  ? rcu_is_watching+0x15/0xb0
[  156.943723][ T6979]  exit_to_user_mode_loop+0xec/0x110
[  156.943738][ T6979]  do_syscall_64+0x2bd/0x3b0
[  156.943754][ T6979]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.943765][ T6979]  ? exc_page_fault+0x9f/0xf0
[  156.943774][ T6979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.943783][ T6979] RIP: 0033:0x7fd5b718ff17
[  156.943794][ T6979] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  156.943805][ T6979] RSP: 002b:00007ffe8497ab08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  156.943818][ T6979] RAX: 0000000000000000 RBX: 00007fd5b7211c05 RCX: 00007fd5b718ff17
[  156.943826][ T6979] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe8497abc0
[  156.943832][ T6979] RBP: 00007ffe8497abc0 R08: 0000000000000000 R09: 0000000000000000
[  156.943839][ T6979] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe8497bc50
[  156.943847][ T6979] R13: 00007fd5b7211c05 R14: 0000000000026fa4 R15: 00007ffe8497bc90
[  156.943858][ T6979]  </TASK>
[  156.944805][ T6979] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  157.170320][ T6294] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.214220][ T6979] CPU: 1 UID: 0 PID: 6979 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  157.214233][ T6979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  157.214238][ T6979] Call Trace:
[  157.214242][ T6979]  <TASK>
[  157.214245][ T6979]  dump_stack_lvl+0x189/0x250
[  157.214258][ T6979]  ? __pfx_dump_stack_lvl+0x10/0x10
[  157.214266][ T6979]  ? __pfx_queue_work_on+0x10/0x10
[  157.214274][ T6979]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  157.214283][ T6979]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  157.214297][ T6979]  f2fs_handle_critical_error+0x37c/0x540
[  157.214313][ T6979]  f2fs_write_end_io+0x886/0xb60
[  157.214328][ T6979]  __submit_merged_bio+0x27a/0x6a0
[  157.214339][ T6979]  __submit_merged_write_cond+0x255/0x530
[  157.214349][ T6979]  f2fs_write_data_pages+0x261d/0x3000
[  157.214372][ T6979]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  157.214391][ T6979]  ? arch_stack_walk+0xfc/0x150
[  157.214403][ T6979]  ? __mod_zone_page_state+0xd7/0x140
[  157.214418][ T6979]  ? folios_put_refs+0x560/0x640
[  157.214432][ T6979]  ? __pfx_folios_put_refs+0x10/0x10
[  157.214443][ T6979]  ? rcu_is_watching+0x15/0xb0
[  157.214454][ T6979]  ? lru_add+0xa2f/0xd80
[  157.214462][ T6979]  ? lru_add+0x198/0xd80
[  157.214469][ T6979]  ? folio_batch_move_lru+0x319/0x3a0
[  157.214477][ T6979]  ? filemap_get_folios_tag+0xed/0x630
[  157.214484][ T6979]  ? rcu_is_watching+0x15/0xb0
[  157.214490][ T6979]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  157.214501][ T6979]  do_writepages+0x32e/0x550
[  157.214510][ T6979]  ? rcu_is_watching+0x15/0xb0
[  157.214517][ T6979]  ? do_raw_spin_unlock+0x4d/0x240
[  157.214526][ T6979]  filemap_fdatawrite+0x199/0x240
[  157.214536][ T6979]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  157.214550][ T6979]  ? rcu_is_watching+0x15/0xb0
[  157.214557][ T6979]  ? do_raw_spin_unlock+0x4d/0x240
[  157.214565][ T6979]  f2fs_sync_dirty_inodes+0x31f/0x830
[  157.214575][ T6979]  f2fs_write_checkpoint+0x95a/0x1df0
[  157.214585][ T6979]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  157.214597][ T6979]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  157.214603][ T6979]  ? kfree+0x18e/0x440
[  157.214612][ T6979]  ? kill_f2fs_super+0x298/0x6c0
[  157.214619][ T6979]  kill_f2fs_super+0x2c3/0x6c0
[  157.214627][ T6979]  ? __pfx_kill_f2fs_super+0x10/0x10
[  157.214633][ T6979]  ? radix_tree_delete_item+0x2b6/0x400
[  157.214643][ T6979]  ? shrinker_free+0x2ce/0x3e0
[  157.214650][ T6979]  deactivate_locked_super+0xbc/0x130
[  157.214659][ T6979]  cleanup_mnt+0x425/0x4c0
[  157.214667][ T6979]  task_work_run+0x1d4/0x260
[  157.214677][ T6979]  ? __pfx_task_work_run+0x10/0x10
[  157.214685][ T6979]  ? __x64_sys_umount+0x122/0x160
[  157.214694][ T6979]  ? __pfx___x64_sys_umount+0x10/0x10
[  157.214705][ T6979]  ? rcu_is_watching+0x15/0xb0
[  157.214716][ T6979]  exit_to_user_mode_loop+0xec/0x110
[  157.214731][ T6979]  do_syscall_64+0x2bd/0x3b0
[  157.214741][ T6979]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.214748][ T6979]  ? exc_page_fault+0x9f/0xf0
[  157.214757][ T6979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.214764][ T6979] RIP: 0033:0x7fd5b718ff17
[  157.214775][ T6979] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  157.214785][ T6979] RSP: 002b:00007ffe8497ab08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  157.214798][ T6979] RAX: 0000000000000000 RBX: 00007fd5b7211c05 RCX: 00007fd5b718ff17
[  157.214805][ T6979] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe8497abc0
[  157.214810][ T6979] RBP: 00007ffe8497abc0 R08: 0000000000000000 R09: 0000000000000000
[  157.214814][ T6979] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe8497bc50
[  157.214819][ T6979] R13: 00007fd5b7211c05 R14: 0000000000026fa4 R15: 00007ffe8497bc90
[  157.214826][ T6979]  </TASK>
[  157.351164][ T6979] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  157.497166][ T9448] loop3: detected capacity change from 0 to 8
[  157.923587][   T10] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  157.960903][ T9446] syz.4.1352 (9446): drop_caches: 2
[  158.067031][   T10] usb 7-1: Using ep0 maxpacket: 8
[  158.071841][   T10] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1023
[  158.076121][   T10] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  158.084819][   T10] usb 7-1: language id specifier not provided by device, defaulting to English
[  158.089584][   T10] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  158.093231][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.098069][   T10] usb 7-1: Product: syz
[  158.100185][   T10] usb 7-1: Manufacturer: 헣
[  158.102109][   T10] usb 7-1: SerialNumber: syz
[  158.115341][ T9455] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  158.120259][ T9455] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  158.158078][ T9469] loop4: detected capacity change from 0 to 128
[  158.297197][ T9478] snd_dummy snd_dummy.0: control 0:8:0:syz0:0 is already present
[  158.330593][   T10] usblp 7-1:1.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 2 vid 0x0525 pid 0xA4A8
[  158.338204][   T10] usb 7-1: USB disconnect, device number 7
[  158.344400][   T10] usblp0: removed
[  158.847057][ T9500] loop4: detected capacity change from 0 to 512
[  158.856349][ T9500] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  158.865833][ T9500] EXT4-fs (loop4): 1 truncate cleaned up
[  158.868127][ T9500] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.885853][ T6979] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.280419][ T9529] loop4: detected capacity change from 0 to 1024
[  159.294818][ T9529] syz.4.1388: attempt to access beyond end of device
[  159.294818][ T9529] loop4: rw=0, sector=4294967366, nr_sectors = 2 limit=1024
[  159.305011][ T9529] Buffer I/O error on dev loop4, logical block 2147483683, async page read
[  159.351313][ T9529] syz.4.1388: attempt to access beyond end of device
[  159.351313][ T9529] loop4: rw=0, sector=4294967368, nr_sectors = 2 limit=1024
[  159.356793][ T9529] Buffer I/O error on dev loop4, logical block 2147483684, async page read
[  159.367427][ T9529] syz.4.1388: attempt to access beyond end of device
[  159.367427][ T9529] loop4: rw=0, sector=4294967370, nr_sectors = 2 limit=1024
[  159.376133][ T9529] Buffer I/O error on dev loop4, logical block 2147483685, async page read
[  159.379492][ T9529] syz.4.1388: attempt to access beyond end of device
[  159.379492][ T9529] loop4: rw=0, sector=4294967372, nr_sectors = 2 limit=1024
[  159.384599][ T9529] Buffer I/O error on dev loop4, logical block 2147483686, async page read
[  159.389478][ T9529] hfsplus: failed to load attributes file
[  159.702658][ T9535] loop4: detected capacity change from 0 to 32768
[  159.716442][ T9535] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  159.738851][ T9535] XFS (loop4): Ending clean mount
[  159.909309][ T6979] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  160.713568][ T9570] loop3: detected capacity change from 0 to 32768
[  160.717819][ T9570] XFS: noikeep mount option is deprecated.
[  160.723773][ T9570] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  160.731682][ T9570] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  160.739320][ T9570] XFS (loop3): Starting recovery (logdev: internal)
[  160.745082][ T9570] XFS (loop3): Ending recovery (logdev: internal)
[  160.767573][ T6294] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  160.847744][ T9585] netlink: 136 bytes leftover after parsing attributes in process `syz.3.1404'.
[  160.893696][ T9590] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1407'.
[  160.909317][ T9583] loop4: detected capacity change from 0 to 32768
[  160.911949][ T9583] XFS: ikeep mount option is deprecated.
[  160.938747][ T9583] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  160.951220][ T9583] XFS (loop4): Ending clean mount
[  160.954187][ T9583] XFS (loop4): Quotacheck needed: Please wait.
[  160.960742][ T9583] XFS (loop4): Quotacheck: Done.
[  161.182152][   T10] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  161.361548][   T10] usb 4-1: Using ep0 maxpacket: 8
[  161.374038][   T10] usb 4-1: New USB device found, idVendor=2040, idProduct=b910, bcdDevice=18.c2
[  161.382469][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.389742][   T10] usb 4-1: Product: syz
[  161.396382][   T10] usb 4-1: Manufacturer: syz
[  161.402643][   T10] usb 4-1: SerialNumber: syz
[  161.411761][   T10] usb 4-1: config 0 descriptor??
[  161.415506][   T10] smsusb:smsusb_probe: board id=8, interface number 1
[  161.433432][   T10] smsusb:smsusb_probe: board id=8, interface number 0
[  161.576883][ T6979] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  161.607269][  T793] usb 4-1: USB disconnect, device number 12
[  162.159699][ T5981] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  162.294439][ T9640] loop3: detected capacity change from 0 to 40427
[  162.297434][ T9640] F2FS-fs: heap/no_heap options were deprecated
[  162.305839][ T5981] usb 5-1: New USB device found, idVendor=0547, idProduct=6801, bcdDevice=43.6f
[  162.306433][ T9640] F2FS-fs (loop3): invalid crc value
[  162.309569][ T5981] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.309585][ T5981] usb 5-1: Product: syz
[  162.309594][ T5981] usb 5-1: Manufacturer: syz
[  162.309603][ T5981] usb 5-1: SerialNumber: syz
[  162.325015][ T5981] usb 5-1: config 0 descriptor??
[  162.333641][ T5981] gspca_main: touptek-2.14.0 probing 0547:6801
[  162.345466][ T9640] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  162.350593][ T9640] F2FS-fs (loop3): Start checkpoint disabled!
[  162.353986][ T9640] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  162.409992][ T1091] kworker/u10:5: attempt to access beyond end of device
[  162.409992][ T1091] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  162.417693][ T1091] CPU: 1 UID: 0 PID: 1091 Comm: kworker/u10:5 Not tainted syzkaller #0 PREEMPT(full) 
[  162.417709][ T1091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  162.417716][ T1091] Workqueue: writeback wb_workfn (flush-7:3)
[  162.417737][ T1091] Call Trace:
[  162.417741][ T1091]  <TASK>
[  162.417746][ T1091]  dump_stack_lvl+0x189/0x250
[  162.417762][ T1091]  ? __pfx_dump_stack_lvl+0x10/0x10
[  162.417775][ T1091]  ? __pfx_queue_work_on+0x10/0x10
[  162.417787][ T1091]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  162.417803][ T1091]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  162.417819][ T1091]  f2fs_handle_critical_error+0x37c/0x540
[  162.417838][ T1091]  f2fs_write_end_io+0x886/0xb60
[  162.417853][ T1091]  __submit_merged_bio+0x27a/0x6a0
[  162.417869][ T1091]  __submit_merged_write_cond+0x255/0x530
[  162.417885][ T1091]  f2fs_write_data_pages+0x261d/0x3000
[  162.417909][ T1091]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  162.417930][ T1091]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  162.417974][ T1091]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  162.417993][ T1091]  ? trace_f2fs_writepages+0x7f/0x200
[  162.418009][ T1091]  ? f2fs_write_node_pages+0x478/0x6e0
[  162.418022][ T1091]  ? xa_load+0x60/0x210
[  162.418038][ T1091]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  162.418052][ T1091]  ? do_raw_spin_lock+0x121/0x290
[  162.418066][ T1091]  ? rcu_is_watching+0x15/0xb0
[  162.418079][ T1091]  ? set_shrinker_bit+0x7c/0x350
[  162.418091][ T1091]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  162.418114][ T1091]  do_writepages+0x32e/0x550
[  162.418128][ T1091]  ? unwind_next_frame+0xa5/0x2390
[  162.418144][ T1091]  __writeback_single_inode+0x145/0xff0
[  162.418159][ T1091]  ? do_raw_spin_unlock+0x4d/0x240
[  162.418173][ T1091]  writeback_sb_inodes+0x6c7/0x1010
[  162.418191][ T1091]  ? fprop_reflect_period_percpu+0x6b/0x330
[  162.418207][ T1091]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  162.418230][ T1091]  ? rcu_is_watching+0x15/0xb0
[  162.418262][ T1091]  wb_writeback+0x43b/0xaf0
[  162.418278][ T1091]  ? queue_io+0x301/0x590
[  162.418291][ T1091]  ? __pfx_wb_writeback+0x10/0x10
[  162.418307][ T1091]  ? rcu_is_watching+0x15/0xb0
[  162.418318][ T1091]  wb_workfn+0x409/0xef0
[  162.418333][ T1091]  ? __pfx_wb_workfn+0x10/0x10
[  162.418344][ T1091]  ? rcu_is_watching+0x15/0xb0
[  162.418354][ T1091]  ? rcu_is_watching+0x15/0xb0
[  162.418385][ T1091]  ? process_scheduled_works+0x9ef/0x17b0
[  162.418398][ T1091]  ? rcu_is_watching+0x15/0xb0
[  162.418407][ T1091]  ? lock_acquire+0x5f/0x360
[  162.418425][ T1091]  ? rcu_is_watching+0x15/0xb0
[  162.418434][ T1091]  ? process_scheduled_works+0x9ef/0x17b0
[  162.418443][ T1091]  ? process_scheduled_works+0x9ef/0x17b0
[  162.418455][ T1091]  process_scheduled_works+0xae1/0x17b0
[  162.418471][ T1091]  ? __pfx_process_scheduled_works+0x10/0x10
[  162.418487][ T1091]  worker_thread+0x8a0/0xda0
[  162.418503][ T1091]  kthread+0x711/0x8a0
[  162.418519][ T1091]  ? __pfx_worker_thread+0x10/0x10
[  162.418529][ T1091]  ? __pfx_kthread+0x10/0x10
[  162.418542][ T1091]  ? rcu_is_watching+0x15/0xb0
[  162.418553][ T1091]  ? __pfx_kthread+0x10/0x10
[  162.418565][ T1091]  ret_from_fork+0x3fc/0x770
[  162.418578][ T1091]  ? __pfx_ret_from_fork+0x10/0x10
[  162.418590][ T1091]  ? __switch_to_asm+0x39/0x70
[  162.418604][ T1091]  ? __switch_to_asm+0x33/0x70
[  162.418617][ T1091]  ? __pfx_kthread+0x10/0x10
[  162.418630][ T1091]  ret_from_fork_asm+0x1a/0x30
[  162.418649][ T1091]  </TASK>
[  162.419310][ T1091] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  162.563547][ T6016] usb 5-1: USB disconnect, device number 10
[  162.596335][ T9645] loop6: detected capacity change from 0 to 32768
[  162.632855][ T9645] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  162.632872][ T9645]   allowing incompatible features above 0.0: (unknown version)
[  162.632879][ T9645]   features: 
[  162.646795][ T9645] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  162.649844][ T9645] bcachefs (loop6): initializing new filesystem
[  162.657106][ T9645] bcachefs (loop6): going read-write
[  162.660374][ T9645] bcachefs (loop6): marking superblocks
[  162.666028][ T9645] bcachefs (loop6): initializing freespace
[  162.669727][ T9645] bcachefs (loop6): done initializing freespace
[  162.673158][ T9645] bcachefs (loop6): reading snapshots table
[  162.675400][ T9645] bcachefs (loop6): reading snapshots done
[  162.684751][ T9645] bcachefs (loop6): done starting filesystem
[  162.728120][ T8148] bcachefs (loop6): shutting down
[  162.730177][ T8148] bcachefs (loop6): going read-only
[  162.732201][ T8148] bcachefs (loop6): finished waiting for writes to stop
[  162.735042][ T8148] bcachefs (loop6): flushing journal and stopping allocators, journal seq 2
[  162.743280][ T8148] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 3
[  162.747390][ T8148] bcachefs (loop6): clean shutdown complete, journal seq 4
[  162.750939][ T8148] bcachefs (loop6): marking filesystem clean
[  162.761312][ T8148] bcachefs (loop6): shutdown complete
[  162.966657][ T5981] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  163.109087][ T5981] usb 4-1: Using ep0 maxpacket: 8
[  163.113021][ T5981] usb 4-1: unable to get BOS descriptor or descriptor too short
[  163.403490][ T5981] usb 4-1: config 7 has an invalid interface number: 67 but max is 0
[  163.406915][ T5981] usb 4-1: config 7 has no interface number 0
[  163.412061][ T5981] usb 4-1: string descriptor 0 read error: -22
[  163.414591][ T5981] usb 4-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=6b.16
[  163.417715][ T5981] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.617586][ T5981] usb 4-1: USB disconnect, device number 13
[  163.912655][ T9672] loop4: detected capacity change from 0 to 128
[  163.918797][ T9672] EXT4-fs (loop4): Test dummy encryption mode enabled
[  163.923619][ T9672] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  163.929735][ T9672] ext4 filesystem being mounted at /328/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  163.952411][ T6979] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  164.005027][ T9678] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1435'.
[  164.160059][   T33] kauditd_printk_skb: 57 callbacks suppressed
[  164.160073][   T33] audit: type=1326 audit(1755976893.651:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9686 comm="syz.3.1439" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51eb78ebe9 code=0x7ffc0000
[  164.181637][   T33] audit: type=1326 audit(1755976893.672:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9686 comm="syz.3.1439" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51eb78ebe9 code=0x7ffc0000
[  164.191918][   T33] audit: type=1326 audit(1755976893.672:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9686 comm="syz.3.1439" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f51eb78ebe9 code=0x7ffc0000
[  164.200838][   T33] audit: type=1326 audit(1755976893.672:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9686 comm="syz.3.1439" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51eb78ebe9 code=0x7ffc0000
[  164.209501][   T33] audit: type=1326 audit(1755976893.672:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9686 comm="syz.3.1439" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51eb78ebe9 code=0x7ffc0000
[  164.218342][   T33] audit: type=1326 audit(1755976893.672:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9686 comm="syz.3.1439" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f51eb78ebe9 code=0x7ffc0000
[  164.227573][   T33] audit: type=1326 audit(1755976893.672:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9686 comm="syz.3.1439" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51eb78ebe9 code=0x7ffc0000
[  164.238122][   T33] audit: type=1326 audit(1755976893.672:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9686 comm="syz.3.1439" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51eb78ebe9 code=0x7ffc0000
[  164.246797][   T33] audit: type=1326 audit(1755976893.672:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9686 comm="syz.3.1439" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f51eb78ebe9 code=0x7ffc0000
[  164.258379][   T33] audit: type=1326 audit(1755976893.672:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9686 comm="syz.3.1439" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51eb78ebe9 code=0x7ffc0000
[  164.410427][   T10] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  164.530036][ T9693] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1441'.
[  164.562024][   T10] usb 4-1: Using ep0 maxpacket: 32
[  164.564083][   T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  164.564102][   T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.564116][   T10] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  164.566654][   T10] usb 4-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  164.586087][   T10] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  164.586104][   T10] usb 4-1: Product: syz
[  164.586114][   T10] usb 4-1: Manufacturer: syz
[  164.586124][   T10] usb 4-1: SerialNumber: syz
[  164.591829][   T10] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input13
[  164.794385][   T10] usb 4-1: USB disconnect, device number 14
[  164.801037][   T10] appletouch 4-1:1.0: input: appletouch disconnected
[  165.015995][ T9713] loop6: detected capacity change from 0 to 256
[  165.022818][ T9713] FAT-fs (loop6): Directory bread(block 64) failed
[  165.025390][ T9713] FAT-fs (loop6): Directory bread(block 65) failed
[  165.028025][ T9713] FAT-fs (loop6): Directory bread(block 66) failed
[  165.030400][ T9713] FAT-fs (loop6): Directory bread(block 67) failed
[  165.033112][ T9713] FAT-fs (loop6): Directory bread(block 68) failed
[  165.035573][ T9713] FAT-fs (loop6): Directory bread(block 69) failed
[  165.039149][ T9713] FAT-fs (loop6): Directory bread(block 70) failed
[  165.041616][ T9713] FAT-fs (loop6): Directory bread(block 71) failed
[  165.044573][ T9713] FAT-fs (loop6): Directory bread(block 72) failed
[  165.047808][ T9713] FAT-fs (loop6): Directory bread(block 73) failed
[  165.107844][ T9717] openvswitch: netlink: IPv4 tun info is not correct
[  165.343253][ T9730] bond0: entered promiscuous mode
[  165.345297][ T9730] bond_slave_0: entered promiscuous mode
[  165.347100][ T9730] bond_slave_1: entered promiscuous mode
[  165.349278][ T9730] team0: entered promiscuous mode
[  165.352807][ T9730] team_slave_0: entered promiscuous mode
[  165.359869][ T9730] team_slave_1: entered promiscuous mode
[  165.366866][ T9730] bond0: left promiscuous mode
[  165.368728][ T9730] bond_slave_0: left promiscuous mode
[  165.373245][ T9730] bond_slave_1: left promiscuous mode
[  165.374974][ T9730] team0: left promiscuous mode
[  165.376600][ T9730] team_slave_0: left promiscuous mode
[  165.378775][ T9730] team_slave_1: left promiscuous mode
[  165.385954][ T9732] loop6: detected capacity change from 0 to 4096
[  165.393139][ T9733] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  165.638897][ T9753] loop3: detected capacity change from 0 to 32768
[  165.650596][ T9753] ea_get: invalid extended attribute
[  165.652848][ T9753] ea_get: invalid extended attribute
[  166.025004][ T6002] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  166.195847][ T6002] usb 4-1: Using ep0 maxpacket: 16
[  166.208858][ T6002] usb 4-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=38.b7
[  166.212252][ T6002] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.215313][ T6002] usb 4-1: Product: syz
[  166.216848][ T6002] usb 4-1: Manufacturer: syz
[  166.218469][ T6002] usb 4-1: SerialNumber: syz
[  166.225433][ T6002] usb 4-1: config 0 descriptor??
[  166.234285][ T6002] hub 4-1:0.0: bad descriptor, ignoring hub
[  166.236659][ T6002] hub 4-1:0.0: probe with driver hub failed with error -5
[  167.421728][ T5995] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  167.434816][ T5995] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  167.739516][ T9786] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1481'.
[  167.744173][ T9786] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1481'.
[  167.747600][ T9786] netlink: 60 bytes leftover after parsing attributes in process `syz.6.1481'.
[  167.891808][ T9798] mmap: syz.4.1487 (9798) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  168.006237][ T9808] loop4: detected capacity change from 0 to 8192
[  168.216568][ T9822] dvmrp0: entered allmulticast mode
[  168.242365][ T9818] loop4: detected capacity change from 0 to 32768
[  168.244876][ T9818] btrfs: Deprecated parameter 'usebackuproot'
[  168.247105][ T9818] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  168.251479][ T9818] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1496 (9818)
[  168.258782][ T9818] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  168.262649][ T9818] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  168.275345][   T28] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  168.281138][ T9818] BTRFS error (device loop4): failed to load root extent
[  168.284115][ T9818] BTRFS warning (device loop4): try to load backup roots slot 1
[  168.288497][ T9573] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  168.294020][ T9818] BTRFS warning (device loop4): couldn't read tree root
[  168.297100][ T9818] BTRFS warning (device loop4): try to load backup roots slot 2
[  168.300389][ T9573] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  168.304802][ T9818] BTRFS warning (device loop4): couldn't read tree root
[  168.307792][ T9818] BTRFS warning (device loop4): try to load backup roots slot 3
[  168.316682][ T9818] BTRFS info (device loop4): rebuilding free space tree
[  168.322139][ T9818] BTRFS info (device loop4): checking UUID tree
[  168.325758][ T9818] BTRFS info (device loop4): setting nodatasum
[  168.328133][ T9818] BTRFS info (device loop4): setting nodatacow
[  168.330257][ T9818] BTRFS info (device loop4): enabling ssd optimizations
[  168.332580][ T9818] BTRFS info (device loop4): turning off barriers
[  168.335425][ T9818] BTRFS info (device loop4): turning on sync discard
[  168.337855][ T9818] BTRFS info (device loop4): enabling free space tree
[  168.340376][ T9818] BTRFS info (device loop4): force clearing of disk cache
[  168.343179][ T9818] BTRFS info (device loop4): enabling auto defrag
[  168.345364][ T9818] BTRFS info (device loop4): doing ref verification
[  168.351233][ T9818] BTRFS info (device loop4): trying to use backup root at mount time
[  168.355230][ T9818] BTRFS info (device loop4): max_inline set to 0
[  168.417781][ T6979] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  168.523614][ T6002] usb 4-1: USB disconnect, device number 15
[  168.570854][ T9851] loop4: detected capacity change from 0 to 1024
[  168.671001][ T9854] loop4: detected capacity change from 0 to 512
[  168.702625][ T9854] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  168.727820][ T9854] EXT4-fs error (device loop4): ext4_find_inline_data_nolock:169: inode #17: comm syz.4.1504: inline data xattr refers to an external xattr inode
[  168.742820][ T9854] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1504: couldn't read orphan inode 17 (err -117)
[  168.752108][ T9854] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.780522][ T9854] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  168.792942][ T6979] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  168.812878][ T9858] loop3: detected capacity change from 0 to 512
[  168.834449][ T9858] EXT4-fs: Ignoring removed mblk_io_submit option
[  168.838232][ T9858] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  168.843491][ T9858] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.1501: bad orphan inode 131083
[  168.849092][ T9858] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.857967][ T9858] overlayfs: upper fs needs to support d_type.
[  168.863194][ T9858] EXT4-fs error (device loop3): ext4_lookup:1787: inode #14: comm syz.3.1501: invalid fast symlink length 39
[  168.880247][ T6294] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 13: comm syz-executor: path /403/bus: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  169.096296][ T8816] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.146334][ T9861] loop4: detected capacity change from 0 to 32768
[  169.171589][ T9861] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  169.209704][ T9861] XFS (loop4): Ending clean mount
[  169.237051][ T6979] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  169.406361][ T5953] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  169.409651][ T5953] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  169.420926][ T5953] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  169.427446][ T5953] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  169.430797][ T5953] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  169.475191][ T9877] loop4: detected capacity change from 0 to 4096
[  169.516360][ T9874] chnl_net:caif_netlink_parms(): no params data found
[  169.526311][ T9886] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1513'.
[  169.552674][ T9874] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.554992][ T9874] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.557273][ T9874] bridge_slave_0: entered allmulticast mode
[  169.562722][ T9874] bridge_slave_0: entered promiscuous mode
[  169.565331][ T9874] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.567598][ T9874] bridge0: port 2(bridge_slave_1) entered disabled state
[  169.571411][ T9874] bridge_slave_1: entered allmulticast mode
[  169.576204][ T9874] bridge_slave_1: entered promiscuous mode
[  169.592057][ T9874] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  169.597049][ T9874] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  169.620759][ T9874] team0: Port device team_slave_0 added
[  169.624595][ T9874] team0: Port device team_slave_1 added
[  169.641986][ T9874] batman_adv: batadv0: Adding interface: batadv_slave_0
[  169.645136][ T9874] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.655463][ T9874] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  169.659339][ T9874] batman_adv: batadv0: Adding interface: batadv_slave_1
[  169.661560][ T9874] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  169.671037][ T9874] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  169.675370][ T9899] netlink: 'syz.6.1518': attribute type 1 has an invalid length.
[  169.695541][ T9874] hsr_slave_0: entered promiscuous mode
[  169.700856][ T9874] hsr_slave_1: entered promiscuous mode
[  169.704543][ T9874] debugfs: 'hsr0' already exists in 'hsr'
[  169.706644][ T9874] Cannot create hsr debugfs directory
[  169.773560][ T9901] loop6: detected capacity change from 0 to 32768
[  169.776653][ T9901] BTRFS error: invalid value 0 for thread_pool
[  169.807635][ T9874] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  169.812499][ T9874] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  169.820037][ T9874] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  169.825254][ T9874] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  169.872242][ T9874] bridge0: port 2(bridge_slave_1) entered blocking state
[  169.875292][ T9874] bridge0: port 2(bridge_slave_1) entered forwarding state
[  169.878482][ T9874] bridge0: port 1(bridge_slave_0) entered blocking state
[  169.881403][ T9874] bridge0: port 1(bridge_slave_0) entered forwarding state
[  169.887514][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  169.891478][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  170.111106][ T9874] 8021q: adding VLAN 0 to HW filter on device bond0
[  170.117954][ T9874] 8021q: adding VLAN 0 to HW filter on device team0
[  170.124721][ T1018] bridge0: port 1(bridge_slave_0) entered blocking state
[  170.127099][ T1018] bridge0: port 1(bridge_slave_0) entered forwarding state
[  170.140428][ T1018] bridge0: port 2(bridge_slave_1) entered blocking state
[  170.143368][ T1018] bridge0: port 2(bridge_slave_1) entered forwarding state
[  170.283457][ T9924] loop4: detected capacity change from 0 to 512
[  170.286889][ T9874] 8021q: adding VLAN 0 to HW filter on device batadv0
[  170.290178][ T9924] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  170.296308][ T9924] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.1524: invalid indirect mapped block 83886080 (level 1)
[  170.304078][ T9924] EXT4-fs (loop4): Remounting filesystem read-only
[  170.306602][ T9924] EXT4-fs (loop4): 1 orphan inode deleted
[  170.308914][ T9924] EXT4-fs (loop4): 1 truncate cleaned up
[  170.311750][ T9924] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.646691][ T9874] veth0_vlan: entered promiscuous mode
[  170.654919][ T9874] veth1_vlan: entered promiscuous mode
[  170.686820][ T9874] veth0_macvtap: entered promiscuous mode
[  170.692496][ T9874] veth1_macvtap: entered promiscuous mode
[  170.712323][ T9874] batman_adv: batadv0: Interface activated: batadv_slave_0
[  170.724262][ T9874] batman_adv: batadv0: Interface activated: batadv_slave_1
[  170.761620][ T5747] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  170.773175][ T5747] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  170.795692][ T5747] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  170.809777][ T5747] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  170.905364][   T28] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  170.916781][   T28] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.932312][ T1018] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  171.037035][ T1018] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  171.398430][   T55] Bluetooth: hci2: command tx timeout
[  172.038057][ T6979] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.416446][T10015] loop6: detected capacity change from 0 to 40427
[  172.428722][T10015] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  172.431905][T10015] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  172.436219][T10015] F2FS-fs (loop6): invalid crc value
[  172.443318][T10019] loop7: detected capacity change from 0 to 512
[  172.452621][T10019] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  172.470990][T10015] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  172.475892][T10015] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  172.479292][T10015] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  172.497184][T10019] EXT4-fs (loop7): 1 orphan inode deleted
[  172.507061][T10019] EXT4-fs (loop7): 1 truncate cleaned up
[  172.512143][T10019] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.954491][   T33] kauditd_printk_skb: 78 callbacks suppressed
[  172.954508][   T33] audit: type=1800 audit(1755976902.640:224): pid=10028 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1533" name="file1" dev="loop6" ino=10 res=0 errno=0
[  173.281450][ T9874] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.338173][T10046] loop7: detected capacity change from 0 to 512
[  173.346075][T10046] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  173.353209][T10046] EXT4-fs (loop7): 1 truncate cleaned up
[  173.355892][T10046] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.364545][T10046] fscrypt (loop7, inode 18): Can't use IV_INO_LBLK_32 policy on filesystem 'loop7' because it doesn't have stable inode numbers
[  173.381158][ T9874] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.385891][   T55] Bluetooth: hci2: command tx timeout
[  173.796585][T10058] loop7: detected capacity change from 0 to 32768
[  173.800444][T10058] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1548 (10058)
[  173.810507][T10058] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  173.815452][T10058] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm
[  173.830283][T10058] BTRFS info (device loop7): setting nodatasum
[  173.833067][T10058] BTRFS info (device loop7): setting nodatacow
[  173.836351][T10058] BTRFS info (device loop7): enabling ssd optimizations
[  173.839476][T10058] BTRFS info (device loop7): turning on sync discard
[  173.842414][T10058] BTRFS info (device loop7): enabling free space tree
[  173.847199][T10058] BTRFS info (device loop7): enabling auto defrag
[  173.850081][T10058] BTRFS info (device loop7): max_inline set to 0
[  173.858995][T10058] BTRFS info (device loop7 state M): max_inline set to 0
[  173.875597][ T9874] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  173.945113][T10076] loop7: detected capacity change from 0 to 512
[  173.948243][T10076] EXT4-fs: Ignoring removed nomblk_io_submit option
[  173.952416][T10076] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  173.957949][T10076] EXT4-fs error (device loop7): ext4_find_inline_data_nolock:169: inode #17: comm syz.7.1549: inline data xattr refers to an external xattr inode
[  173.964533][T10076] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.1549: couldn't read orphan inode 17 (err -117)
[  173.971117][T10076] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.994256][ T9874] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.190056][   T33] audit: type=1326 audit(1755976904.218:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10080 comm="syz.7.1551" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f275298ebe9 code=0x0
[  174.490544][T10087] (unnamed net_device) (uninitialized): option arp_validate: invalid value (18446744073709551614)
[  175.261037][ T8148] syz-executor: attempt to access beyond end of device
[  175.261037][ T8148] loop6: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  175.267259][ T8148] CPU: 0 UID: 0 PID: 8148 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  175.267276][ T8148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  175.267282][ T8148] Call Trace:
[  175.267288][ T8148]  <TASK>
[  175.267293][ T8148]  dump_stack_lvl+0x189/0x250
[  175.267310][ T8148]  ? __pfx_dump_stack_lvl+0x10/0x10
[  175.267325][ T8148]  ? __pfx_queue_work_on+0x10/0x10
[  175.267335][ T8148]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  175.267352][ T8148]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  175.267390][ T8148]  f2fs_handle_critical_error+0x37c/0x540
[  175.267409][ T8148]  f2fs_write_end_io+0x886/0xb60
[  175.267425][ T8148]  __submit_merged_bio+0x27a/0x6a0
[  175.267438][ T8148]  ? up_write+0x1c4/0x420
[  175.267453][ T8148]  __submit_merged_write_cond+0x44c/0x530
[  175.267469][ T8148]  f2fs_sync_node_pages+0x1479/0x15e0
[  175.267487][ T8148]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  175.267510][ T8148]  ? up_write+0x1c4/0x420
[  175.267522][ T8148]  ? do_raw_spin_unlock+0x4d/0x240
[  175.267536][ T8148]  f2fs_write_checkpoint+0xe6f/0x1df0
[  175.267553][ T8148]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  175.267575][ T8148]  ? kill_f2fs_super+0x298/0x6c0
[  175.267587][ T8148]  kill_f2fs_super+0x2c3/0x6c0
[  175.267601][ T8148]  ? __pfx_kill_f2fs_super+0x10/0x10
[  175.267610][ T8148]  ? radix_tree_delete_item+0x2b6/0x400
[  175.267628][ T8148]  ? shrinker_free+0x2ce/0x3e0
[  175.267640][ T8148]  deactivate_locked_super+0xbc/0x130
[  175.267655][ T8148]  cleanup_mnt+0x425/0x4c0
[  175.267669][ T8148]  task_work_run+0x1d4/0x260
[  175.267684][ T8148]  ? __pfx_task_work_run+0x10/0x10
[  175.267699][ T8148]  ? __x64_sys_umount+0x122/0x160
[  175.267719][ T8148]  ? __pfx___x64_sys_umount+0x10/0x10
[  175.267734][ T8148]  ? rcu_is_watching+0x15/0xb0
[  175.267747][ T8148]  exit_to_user_mode_loop+0xec/0x110
[  175.267762][ T8148]  do_syscall_64+0x2bd/0x3b0
[  175.267779][ T8148]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.267790][ T8148]  ? exc_page_fault+0x9f/0xf0
[  175.267805][ T8148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.267840][ T8148] RIP: 0033:0x7f449678ff17
[  175.267853][ T8148] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  175.267862][ T8148] RSP: 002b:00007fffb4bff0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  175.267876][ T8148] RAX: 0000000000000000 RBX: 00007f4496811c05 RCX: 00007f449678ff17
[  175.267884][ T8148] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffb4bff1a0
[  175.267890][ T8148] RBP: 00007fffb4bff1a0 R08: 0000000000000000 R09: 0000000000000000
[  175.267898][ T8148] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffb4c00230
[  175.267906][ T8148] R13: 00007f4496811c05 R14: 000000000002b2a2 R15: 00007fffb4c00270
[  175.267917][ T8148]  </TASK>
[  175.267978][ T8148] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  175.348539][   T55] Bluetooth: hci2: command tx timeout
[  175.442336][   T10] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  175.584776][   T10] usb 5-1: Using ep0 maxpacket: 8
[  175.589492][   T10] usb 5-1: unable to get BOS descriptor or descriptor too short
[  175.601702][   T10] usb 5-1: config 7 has an invalid interface number: 67 but max is 0
[  175.606193][   T10] usb 5-1: config 7 has no interface number 0
[  175.614417][   T10] usb 5-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=6b.16
[  175.618066][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.626009][   T10] usb 5-1: Product: syz
[  175.627759][   T10] usb 5-1: Manufacturer: syz
[  175.629651][   T10] usb 5-1: SerialNumber: syz
[  175.714795][T10109] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1564'.
[  175.845973][   T10] usb 5-1: USB disconnect, device number 11
[  175.941641][T10128] netlink: 'syz.7.1572': attribute type 29 has an invalid length.
[  175.945470][T10128] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1572'.
[  176.072803][T10142] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  176.082186][T10142] CIFS mount error: No usable UNC path provided in device string!
[  176.082186][T10142] 
[  176.085325][T10142] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  176.202544][   T47] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  176.363017][   T47] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.379021][   T47] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.383726][   T47] usb 8-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  176.387494][   T47] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.398428][   T47] usb 8-1: config 0 descriptor??
[  176.613308][   T47] usbhid 8-1:0.0: can't add hid device: -71
[  176.618482][   T47] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  176.628374][   T47] usb 8-1: USB disconnect, device number 2
[  177.189310][T10176] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1586'.
[  177.329838][T10182] loop4: detected capacity change from 0 to 32768
[  177.346906][T10179] loop6: detected capacity change from 0 to 32768
[  177.350081][T10179] XFS: ikeep mount option is deprecated.
[  177.354668][ T5953] Bluetooth: hci2: command tx timeout
[  177.382169][T10179] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  177.398942][  T793] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  177.407922][T10179] XFS (loop6): Ending clean mount
[  177.411010][T10179] XFS (loop6): Quotacheck needed: Please wait.
[  177.417929][T10179] XFS (loop6): Quotacheck: Done.
[  177.580370][  T793] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.586306][  T793] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.591179][  T793] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  177.596822][  T793] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  177.603268][  T793] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.611913][  T793] usb 8-1: config 0 descriptor??
[  177.637085][   T55] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  178.093454][  T793] plantronics 0003:047F:FFFF.0009: reserved main item tag 0xd
[  178.196959][  T793] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  178.306888][ T6016] usb 8-1: USB disconnect, device number 3
[  178.770856][ T8148] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  178.964099][T10229] loop7: detected capacity change from 0 to 1024
[  179.122854][T10238] netlink: 'syz.6.1594': attribute type 4 has an invalid length.
[  179.161046][T10238] netlink: 'syz.6.1594': attribute type 4 has an invalid length.
[  179.181757][T10242] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  179.517407][   T10] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  180.099021][   T10] usb 5-1: Using ep0 maxpacket: 32
[  180.102866][   T10] usb 5-1: New USB device found, idVendor=d5ff, idProduct=0066, bcdDevice=d8.b0
[  180.106791][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.113623][   T10] usb 5-1: config 0 descriptor??
[  180.121049][   T10] rndis_host 5-1:0.0: probe with driver rndis_host failed with error -22
[  180.135271][T10279] loop7: detected capacity change from 0 to 256
[  180.308008][T10289] loop7: detected capacity change from 0 to 40427
[  180.318397][   T10] usb 5-1: USB disconnect, device number 12
[  180.329515][T10289] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  180.333011][T10289] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  180.503202][T10303] syz.7.1606: attempt to access beyond end of device
[  180.503202][T10303] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  180.894844][T10312] loop4: detected capacity change from 0 to 2048
[  180.899011][T10312] NILFS (loop4): invalid segment: Magic number mismatch
[  180.901278][T10312] NILFS (loop4): trying rollback from an earlier position
[  180.905499][T10312] NILFS (loop4): recovery complete
[  180.908902][T10315] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  181.061476][ T9874] syz-executor: attempt to access beyond end of device
[  181.061476][ T9874] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  181.067505][ T9874] CPU: 0 UID: 0 PID: 9874 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  181.067524][ T9874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  181.067531][ T9874] Call Trace:
[  181.067536][ T9874]  <TASK>
[  181.067541][ T9874]  dump_stack_lvl+0x189/0x250
[  181.067581][ T9874]  ? __pfx_dump_stack_lvl+0x10/0x10
[  181.067595][ T9874]  ? __pfx_queue_work_on+0x10/0x10
[  181.067607][ T9874]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  181.067623][ T9874]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  181.067647][ T9874]  f2fs_handle_critical_error+0x37c/0x540
[  181.067666][ T9874]  f2fs_write_end_io+0x886/0xb60
[  181.067681][ T9874]  __submit_merged_bio+0x27a/0x6a0
[  181.067699][ T9874]  __submit_merged_write_cond+0x255/0x530
[  181.067716][ T9874]  f2fs_write_data_pages+0x261d/0x3000
[  181.067741][ T9874]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  181.067794][ T9874]  ? __mod_zone_page_state+0xd7/0x140
[  181.067814][ T9874]  ? folios_put_refs+0x560/0x640
[  181.067829][ T9874]  ? __pfx_folios_put_refs+0x10/0x10
[  181.067840][ T9874]  ? rcu_is_watching+0x15/0xb0
[  181.067852][ T9874]  ? lru_add+0xa2f/0xd80
[  181.067863][ T9874]  ? lru_add+0x198/0xd80
[  181.067875][ T9874]  ? folio_batch_move_lru+0x319/0x3a0
[  181.067888][ T9874]  ? filemap_get_folios_tag+0xed/0x630
[  181.067900][ T9874]  ? rcu_is_watching+0x15/0xb0
[  181.067912][ T9874]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  181.067929][ T9874]  do_writepages+0x32e/0x550
[  181.067945][ T9874]  ? rcu_is_watching+0x15/0xb0
[  181.067957][ T9874]  ? do_raw_spin_unlock+0x4d/0x240
[  181.067972][ T9874]  filemap_fdatawrite+0x199/0x240
[  181.067988][ T9874]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  181.068013][ T9874]  ? rcu_is_watching+0x15/0xb0
[  181.068025][ T9874]  ? do_raw_spin_unlock+0x4d/0x240
[  181.068040][ T9874]  f2fs_sync_dirty_inodes+0x31f/0x830
[  181.068056][ T9874]  f2fs_write_checkpoint+0x95a/0x1df0
[  181.068073][ T9874]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  181.068097][ T9874]  ? kill_f2fs_super+0x298/0x6c0
[  181.068110][ T9874]  kill_f2fs_super+0x2c3/0x6c0
[  181.068123][ T9874]  ? __pfx_kill_f2fs_super+0x10/0x10
[  181.068133][ T9874]  ? radix_tree_delete_item+0x2b6/0x400
[  181.068150][ T9874]  ? shrinker_free+0x2ce/0x3e0
[  181.068163][ T9874]  deactivate_locked_super+0xbc/0x130
[  181.068177][ T9874]  cleanup_mnt+0x425/0x4c0
[  181.068191][ T9874]  task_work_run+0x1d4/0x260
[  181.068207][ T9874]  ? __pfx_task_work_run+0x10/0x10
[  181.068221][ T9874]  ? __x64_sys_umount+0x122/0x160
[  181.068236][ T9874]  ? __pfx___x64_sys_umount+0x10/0x10
[  181.068251][ T9874]  ? rcu_is_watching+0x15/0xb0
[  181.068263][ T9874]  exit_to_user_mode_loop+0xec/0x110
[  181.068279][ T9874]  do_syscall_64+0x2bd/0x3b0
[  181.068296][ T9874]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.068307][ T9874]  ? exc_page_fault+0x9f/0xf0
[  181.068322][ T9874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.068333][ T9874] RIP: 0033:0x7f275298ff17
[  181.068344][ T9874] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  181.068355][ T9874] RSP: 002b:00007ffe7ba91968 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  181.068370][ T9874] RAX: 0000000000000000 RBX: 00007f2752a11c05 RCX: 00007f275298ff17
[  181.068378][ T9874] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe7ba91a20
[  181.068385][ T9874] RBP: 00007ffe7ba91a20 R08: 0000000000000000 R09: 0000000000000000
[  181.068393][ T9874] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe7ba92ab0
[  181.068400][ T9874] R13: 00007f2752a11c05 R14: 000000000002d2c1 R15: 00007ffe7ba92af0
[  181.068413][ T9874]  </TASK>
[  181.069103][ T9874] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  181.683743][T10338] netlink: 148 bytes leftover after parsing attributes in process `syz.7.1615'.
[  181.688008][T10338] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[  182.828827][T10383] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1628'.
[  182.914022][T10391] loop7: detected capacity change from 0 to 128
[  182.919403][T10391] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  182.924549][T10391] ext4 filesystem being mounted at /57/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  182.934608][T10391] fscrypt (loop7, inode 12): Unsupported encryption flags (0xff)
[  182.948155][ T9874] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  183.030636][T10404] loop6: detected capacity change from 0 to 512
[  183.035208][T10404] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  183.056305][T10404] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  183.059308][T10404] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e000e118, mo2=0002]
[  183.062218][T10404] System zones: 0-1, 15-15, 18-18, 34-34
[  183.064461][T10404] EXT4-fs (loop6): orphan cleanup on readonly fs
[  183.066682][T10404] Quota error (device loop6): v2_read_header: Failed header read: expected=8 got=0
[  183.069822][T10404] EXT4-fs warning (device loop6): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  183.076183][T10404] EXT4-fs (loop6): Cannot turn on quotas: error -22
[  183.078978][T10404] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1633: bg 0: block 40: padding at end of block bitmap is not set
[  183.084530][T10404] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  183.088149][T10404] EXT4-fs (loop6): 1 truncate cleaned up
[  183.090931][T10404] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  183.099343][T10404] EXT4-fs error (device loop6): ext4_encrypted_get_link:46: inode #16: comm syz.6.1633: bad symlink.
[  183.105517][T10404] EXT4-fs error (device loop6): ext4_encrypted_get_link:46: inode #16: comm syz.6.1633: bad symlink.
[  183.121632][ T8148] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.150467][T10401] loop7: detected capacity change from 0 to 40427
[  183.156250][T10401] F2FS-fs (loop7): Image doesn't support compression
[  183.164814][T10401] F2FS-fs (loop7): build fault injection rate: 690
[  183.168515][T10401] F2FS-fs (loop7): invalid crc value
[  183.199505][T10401] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  183.203378][T10401] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  183.224144][   T33] audit: type=1800 audit(1755976913.709:226): pid=10401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1632" name="file1" dev="loop7" ino=10 res=0 errno=0
[  183.242059][T10401] syz.7.1632: attempt to access beyond end of device
[  183.242059][T10401] loop7: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  183.249914][T10401] syz.7.1632: attempt to access beyond end of device
[  183.249914][T10401] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  183.272450][ T9874] syz-executor: attempt to access beyond end of device
[  183.272450][ T9874] loop7: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  183.279301][ T9874] CPU: 0 UID: 0 PID: 9874 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  183.279317][ T9874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  183.279324][ T9874] Call Trace:
[  183.279329][ T9874]  <TASK>
[  183.279333][ T9874]  dump_stack_lvl+0x189/0x250
[  183.279351][ T9874]  ? __pfx_dump_stack_lvl+0x10/0x10
[  183.279362][ T9874]  ? __pfx_queue_work_on+0x10/0x10
[  183.279370][ T9874]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  183.279379][ T9874]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  183.279389][ T9874]  f2fs_handle_critical_error+0x37c/0x540
[  183.279401][ T9874]  f2fs_write_end_io+0x886/0xb60
[  183.279410][ T9874]  __submit_merged_bio+0x27a/0x6a0
[  183.279420][ T9874]  __submit_merged_write_cond+0x255/0x530
[  183.279430][ T9874]  f2fs_write_data_pages+0x261d/0x3000
[  183.279440][ T9874]  ? lock_release+0x4b/0x3e0
[  183.279450][ T9874]  ? lock_release+0x4b/0x3e0
[  183.279471][ T9874]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  183.279488][ T9874]  ? arch_stack_walk+0xfc/0x150
[  183.279508][ T9874]  ? __mod_zone_page_state+0xd7/0x140
[  183.279547][ T9874]  ? folios_put_refs+0x560/0x640
[  183.279558][ T9874]  ? __pfx_folios_put_refs+0x10/0x10
[  183.279565][ T9874]  ? rcu_is_watching+0x15/0xb0
[  183.279572][ T9874]  ? lru_add+0xa2f/0xd80
[  183.279579][ T9874]  ? lru_add+0x198/0xd80
[  183.279586][ T9874]  ? folio_batch_move_lru+0x319/0x3a0
[  183.279599][ T9874]  ? filemap_get_folios_tag+0xed/0x630
[  183.279610][ T9874]  ? rcu_is_watching+0x15/0xb0
[  183.279621][ T9874]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  183.279637][ T9874]  do_writepages+0x32e/0x550
[  183.279651][ T9874]  ? rcu_is_watching+0x15/0xb0
[  183.279662][ T9874]  ? do_raw_spin_unlock+0x4d/0x240
[  183.279683][ T9874]  filemap_fdatawrite+0x199/0x240
[  183.279697][ T9874]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  183.279720][ T9874]  ? rcu_is_watching+0x15/0xb0
[  183.279755][ T9874]  ? do_raw_spin_unlock+0x4d/0x240
[  183.279771][ T9874]  f2fs_sync_dirty_inodes+0x31f/0x830
[  183.279785][ T9874]  f2fs_write_checkpoint+0x95a/0x1df0
[  183.279801][ T9874]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  183.279824][ T9874]  ? kill_f2fs_super+0x298/0x6c0
[  183.279835][ T9874]  kill_f2fs_super+0x2c3/0x6c0
[  183.279847][ T9874]  ? __pfx_kill_f2fs_super+0x10/0x10
[  183.279856][ T9874]  ? radix_tree_delete_item+0x2b6/0x400
[  183.279872][ T9874]  ? shrinker_free+0x2ce/0x3e0
[  183.279885][ T9874]  deactivate_locked_super+0xbc/0x130
[  183.279898][ T9874]  cleanup_mnt+0x425/0x4c0
[  183.279911][ T9874]  task_work_run+0x1d4/0x260
[  183.279926][ T9874]  ? __pfx_task_work_run+0x10/0x10
[  183.279940][ T9874]  ? __x64_sys_umount+0x122/0x160
[  183.279955][ T9874]  ? __pfx___x64_sys_umount+0x10/0x10
[  183.279969][ T9874]  ? rcu_is_watching+0x15/0xb0
[  183.279979][ T9874]  exit_to_user_mode_loop+0xec/0x110
[  183.279995][ T9874]  do_syscall_64+0x2bd/0x3b0
[  183.280010][ T9874]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.280022][ T9874]  ? exc_page_fault+0x9f/0xf0
[  183.280036][ T9874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.280047][ T9874] RIP: 0033:0x7f275298ff17
[  183.280058][ T9874] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  183.280069][ T9874] RSP: 002b:00007ffe7ba91968 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  183.280083][ T9874] RAX: 0000000000000000 RBX: 00007f2752a11c05 RCX: 00007f275298ff17
[  183.280091][ T9874] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe7ba91a20
[  183.280098][ T9874] RBP: 00007ffe7ba91a20 R08: 0000000000000000 R09: 0000000000000000
[  183.280105][ T9874] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe7ba92ab0
[  183.280112][ T9874] R13: 00007f2752a11c05 R14: 000000000002dbea R15: 00007ffe7ba92af0
[  183.280121][ T9874]  </TASK>
[  183.280173][ T9874] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  183.338297][T10433] loop6: detected capacity change from 0 to 256
[  183.434042][T10433] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  183.438869][T10433] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  183.447572][T10433] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  183.520562][T10437] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1640'.
[  184.398820][T10464] loop4: detected capacity change from 0 to 1024
[  184.473479][   T28] hfsplus: b-tree write err: -5, ino 3
[  184.625214][T10483] loop6: detected capacity change from 0 to 128
[  184.631800][T10483] FAT-fs (loop6): Directory bread(block 162) failed
[  184.639327][T10483] FAT-fs (loop6): Directory bread(block 163) failed
[  184.648062][T10483] FAT-fs (loop6): Directory bread(block 164) failed
[  184.650999][T10483] FAT-fs (loop6): Directory bread(block 165) failed
[  184.656046][T10483] FAT-fs (loop6): Directory bread(block 166) failed
[  184.658616][T10483] FAT-fs (loop6): Directory bread(block 167) failed
[  184.662307][T10483] FAT-fs (loop6): Directory bread(block 168) failed
[  184.664940][T10483] FAT-fs (loop6): Directory bread(block 169) failed
[  184.676670][T10483] FAT-fs (loop6): Directory bread(block 162) failed
[  184.685241][T10497] loop4: detected capacity change from 0 to 256
[  184.686294][T10483] FAT-fs (loop6): Directory bread(block 163) failed
[  184.690246][T10497] exfat: Deprecated parameter 'utf8'
[  184.693499][T10497] exfat: Deprecated parameter 'utf8'
[  184.699448][T10497] exfat: Deprecated parameter 'utf8'
[  184.701664][T10497] exfat: Deprecated parameter 'utf8'
[  184.708455][T10483] syz.6.1652: attempt to access beyond end of device
[  184.708455][T10483] loop6: rw=3, sector=226, nr_sectors = 6 limit=128
[  184.712622][T10497] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xac5c0b1f, utbl_chksum : 0xe619d30d)
[  184.713627][T10483] syz.6.1652: attempt to access beyond end of device
[  184.713627][T10483] loop6: rw=2051, sector=232, nr_sectors = 2 limit=128
[  184.913396][T10538] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1666'.
[  185.032654][ T5995] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  185.047635][T10557] loop7: detected capacity change from 0 to 2048
[  185.052156][T10557] UDF-fs: warning (device loop7): udf_fill_super: No fileset found
[  185.183537][ T5995] usb 5-1: Using ep0 maxpacket: 16
[  185.196192][ T5995] usb 5-1: config 0 has an invalid interface number: 214 but max is 0
[  185.198846][ T5995] usb 5-1: config 0 has no interface number 0
[  185.201155][ T5995] usb 5-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  185.204177][T10574] loop6: detected capacity change from 0 to 2048
[  185.219700][ T5995] usb 5-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  185.223617][ T5995] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.225024][T10574] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.226911][ T5995] usb 5-1: Product: syz
[  185.238211][ T5995] usb 5-1: Manufacturer: syz
[  185.240171][ T5995] usb 5-1: SerialNumber: syz
[  185.328627][ T5995] usb 5-1: config 0 descriptor??
[  185.348158][T10586] loop7: detected capacity change from 0 to 512
[  185.352203][T10586] EXT4-fs: Ignoring removed bh option
[  185.362229][T10586] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  185.368478][T10586] EXT4-fs (loop7): 1 truncate cleaned up
[  185.508081][T10586] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  185.862344][   T33] audit: type=1800 audit(1755976916.496:227): pid=10591 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1680" name="bus" dev="loop7" ino=18 res=0 errno=0
[  186.074137][ T8148] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.180665][ T5995] usbtouchscreen 5-1:0.214: probe with driver usbtouchscreen failed with error -71
[  186.185785][ T9874] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.190051][ T5995] usb 5-1: USB disconnect, device number 13
[  186.212935][T10613] loop7: detected capacity change from 0 to 2048
[  186.217861][T10613] EXT4-fs: Ignoring removed bh option
[  186.242306][T10613] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.269534][ T9874] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.394146][T10646] loop7: detected capacity change from 0 to 764
[  186.404941][T10646] rock: directory entry would overflow storage
[  186.407544][T10646] rock: sig=0x4f50, size=4, remaining=3
[  186.410464][T10646] iso9660: Corrupted directory entry in block 6 of inode 1792
[  186.781188][T10680] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1701'.
[  189.031863][T10732] loop4: detected capacity change from 0 to 32768
[  189.035258][T10732] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1713 (10732)
[  189.043235][T10732] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  189.053816][T10732] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  189.085524][T10732] BTRFS info (device loop4): allowing degraded mounts
[  189.091642][T10732] BTRFS info (device loop4): enabling ssd optimizations
[  189.095794][T10732] BTRFS info (device loop4): enabling free space tree
[  189.100983][T10732] BTRFS info (device loop4): force zlib compression, level 3
[  189.165242][ T6979] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  189.173301][T10784] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1724'.
[  189.246131][T10797] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1728'.
[  189.395559][T10818] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1734'.
[  189.474802][T10827] netlink: 'syz.6.1738': attribute type 3 has an invalid length.
[  189.492059][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  189.494808][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  189.610921][T10842] loop6: detected capacity change from 0 to 4096
[  189.619937][T10842] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  189.622921][T10842] ntfs3(loop6): Failed to load $Extend (-22).
[  189.625900][T10842] ntfs3(loop6): Failed to initialize $Extend.
[  189.677141][T10821] loop7: detected capacity change from 0 to 32768
[  189.710449][T10844] loop4: detected capacity change from 0 to 512
[  189.738872][T10821] ocfs2: Slot 0 on device (7,7) was already allocated to this node!
[  189.740855][T10844] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.747343][T10844] ext4 filesystem being mounted at /405/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  189.747448][T10821] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  189.834509][T10857] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  189.896177][ T6979] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.989933][ T9874] ocfs2: Unmounting device (7,7) on (node local)
[  189.994359][T10866] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  190.260105][ T5995] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  190.403353][ T5995] usb 5-1: Using ep0 maxpacket: 32
[  190.407072][ T5995] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  190.411802][ T5995] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  190.412214][ T5953] Bluetooth: hci2: command 0x0405 tx timeout
[  190.417801][ T5995] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  190.423144][ T5995] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  190.427958][ T5995] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  190.434781][ T5995] usb 5-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  190.438573][ T5995] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.442124][ T5995] usb 5-1: Product: syz
[  190.443873][ T5995] usb 5-1: Manufacturer: syz
[  190.445847][ T5995] usb 5-1: SerialNumber: syz
[  190.449813][ T5995] usb 5-1: config 0 descriptor??
[  190.836473][ T5995] iforce 5-1:0.0: usb_submit_urb failed: -32
[  190.839059][ T5995] input input16: Device does not respond to id packet M
[  190.842965][ T5995] iforce 5-1:0.0: usb_submit_urb failed: -32
[  190.845646][ T5995] input input16: Device does not respond to id packet P
[  190.849340][ T5995] iforce 5-1:0.0: usb_submit_urb failed: -32
[  190.852283][ T5995] input input16: Device does not respond to id packet B
[  191.047195][ T5995] iforce 5-1:0.0: usb_submit_urb failed: -71
[  191.059243][ T5995] iforce 5-1:0.0: usb_submit_urb failed: -71
[  191.064791][ T5995] iforce 5-1:0.0: usb_submit_urb failed: -71
[  191.067535][ T5995] iforce 5-1:0.0: usb_submit_urb failed: -71
[  191.079474][ T5995] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input16
[  191.091822][ T5995] usb 5-1: USB disconnect, device number 14
[  191.164735][T10892] loop6: detected capacity change from 0 to 40427
[  191.171898][T10892] F2FS-fs (loop6): Image doesn't support compression
[  191.179974][T10892] F2FS-fs (loop6): build fault injection rate: 690
[  191.186818][T10892] F2FS-fs (loop6): invalid crc value
[  191.214880][T10892] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  191.218907][T10892] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  191.251368][ T8148] syz-executor: attempt to access beyond end of device
[  191.251368][ T8148] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  191.257865][ T8148] CPU: 0 UID: 0 PID: 8148 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  191.257883][ T8148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  191.257892][ T8148] Call Trace:
[  191.257896][ T8148]  <TASK>
[  191.257901][ T8148]  dump_stack_lvl+0x189/0x250
[  191.257918][ T8148]  ? __pfx_dump_stack_lvl+0x10/0x10
[  191.257931][ T8148]  ? __pfx_queue_work_on+0x10/0x10
[  191.257942][ T8148]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  191.257959][ T8148]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  191.257976][ T8148]  f2fs_handle_critical_error+0x37c/0x540
[  191.257993][ T8148]  f2fs_write_end_io+0x886/0xb60
[  191.258007][ T8148]  __submit_merged_bio+0x27a/0x6a0
[  191.258025][ T8148]  __submit_merged_write_cond+0x255/0x530
[  191.258041][ T8148]  f2fs_write_data_pages+0x261d/0x3000
[  191.258057][ T8148]  ? arch_stack_walk+0xfc/0x150
[  191.258078][ T8148]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  191.258094][ T8148]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  191.258110][ T8148]  ? rcu_is_watching+0x15/0xb0
[  191.258128][ T8148]  ? folios_put_refs+0x559/0x640
[  191.258143][ T8148]  ? __pfx_folios_put_refs+0x10/0x10
[  191.258153][ T8148]  ? rcu_is_watching+0x15/0xb0
[  191.258163][ T8148]  ? lru_add+0xa2f/0xd80
[  191.258173][ T8148]  ? lru_add+0x198/0xd80
[  191.258183][ T8148]  ? folio_batch_move_lru+0x319/0x3a0
[  191.258195][ T8148]  ? filemap_get_folios_tag+0xed/0x630
[  191.258206][ T8148]  ? rcu_is_watching+0x15/0xb0
[  191.258217][ T8148]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  191.258234][ T8148]  do_writepages+0x32e/0x550
[  191.258249][ T8148]  ? rcu_is_watching+0x15/0xb0
[  191.258261][ T8148]  ? do_raw_spin_unlock+0x4d/0x240
[  191.258275][ T8148]  filemap_fdatawrite+0x199/0x240
[  191.258291][ T8148]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  191.258314][ T8148]  ? rcu_is_watching+0x15/0xb0
[  191.258350][ T8148]  ? do_raw_spin_unlock+0x4d/0x240
[  191.258365][ T8148]  f2fs_sync_dirty_inodes+0x31f/0x830
[  191.258380][ T8148]  f2fs_write_checkpoint+0x95a/0x1df0
[  191.258397][ T8148]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  191.258418][ T8148]  ? kill_f2fs_super+0x298/0x6c0
[  191.258430][ T8148]  kill_f2fs_super+0x2c3/0x6c0
[  191.258442][ T8148]  ? __pfx_kill_f2fs_super+0x10/0x10
[  191.258452][ T8148]  ? radix_tree_delete_item+0x2b6/0x400
[  191.258469][ T8148]  ? shrinker_free+0x2ce/0x3e0
[  191.258482][ T8148]  deactivate_locked_super+0xbc/0x130
[  191.258497][ T8148]  cleanup_mnt+0x425/0x4c0
[  191.258510][ T8148]  task_work_run+0x1d4/0x260
[  191.258526][ T8148]  ? __pfx_task_work_run+0x10/0x10
[  191.258540][ T8148]  ? __x64_sys_umount+0x122/0x160
[  191.258554][ T8148]  ? __pfx___x64_sys_umount+0x10/0x10
[  191.258568][ T8148]  ? rcu_is_watching+0x15/0xb0
[  191.258579][ T8148]  exit_to_user_mode_loop+0xec/0x110
[  191.258594][ T8148]  do_syscall_64+0x2bd/0x3b0
[  191.258611][ T8148]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.258622][ T8148]  ? exc_page_fault+0x9f/0xf0
[  191.258637][ T8148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.258648][ T8148] RIP: 0033:0x7f449678ff17
[  191.258688][ T8148] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  191.258698][ T8148] RSP: 002b:00007fffb4bff0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  191.258713][ T8148] RAX: 0000000000000000 RBX: 00007f4496811c05 RCX: 00007f449678ff17
[  191.258721][ T8148] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffb4bff1a0
[  191.258729][ T8148] RBP: 00007fffb4bff1a0 R08: 0000000000000000 R09: 0000000000000000
[  191.258736][ T8148] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffb4c00230
[  191.258744][ T8148] R13: 00007f4496811c05 R14: 000000000002fcb4 R15: 00007fffb4c00270
[  191.258755][ T8148]  </TASK>
[  191.418100][ T8148] F2FS-fs (loop6): Remounting filesystem read-only
[  191.419761][T10921] loop7: detected capacity change from 0 to 32768
[  191.441288][T10921] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  191.457245][T10921] XFS (loop7): Ending clean mount
[  191.460527][T10921] XFS (loop7): Quotacheck needed: Please wait.
[  191.467255][T10921] XFS (loop7): Quotacheck: Done.
[  191.507722][ T9874] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  191.646886][T10945] loop4: detected capacity change from 0 to 128
[  191.906234][   T10] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  192.048016][   T10] usb 8-1: Using ep0 maxpacket: 32
[  192.058706][   T10] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  192.084723][   T10] usb 8-1: New USB device found, idVendor=0c72, idProduct=0011, bcdDevice= 9.75
[  192.095035][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.100230][   T10] usb 8-1: Product: syz
[  192.105524][   T10] usb 8-1: Manufacturer: syz
[  192.107408][   T10] usb 8-1: SerialNumber: syz
[  192.119603][   T10] usb 8-1: config 0 descriptor??
[  192.149210][T10976] loop4: detected capacity change from 0 to 32768
[  192.154368][T10976] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  192.159244][T10976] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  192.176794][T10991] loop6: detected capacity change from 0 to 32768
[  192.184412][ T6979] ocfs2: Unmounting device (7,4) on (node local)
[  192.191327][T10991] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  192.201458][   T33] audit: type=1800 audit(1755976923.154:228): pid=10991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1771" name="file1" dev="loop6" ino=17058 res=0 errno=0
[  192.317266][   T24] usb 8-1: USB disconnect, device number 4
[  192.977199][ T8148] ocfs2: Unmounting device (7,6) on (node local)
[  193.459194][T11070] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1784'.
[  193.555229][T11040] loop7: detected capacity change from 0 to 32768
[  193.565149][T11040] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  193.573709][T11040] XFS (loop7): Ending clean mount
[  193.590190][ T9874] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  193.769383][   T24] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  193.912045][   T24] usb 7-1: Using ep0 maxpacket: 16
[  193.915949][   T24] usb 7-1: unable to get BOS descriptor or descriptor too short
[  193.919466][   T24] usb 7-1: config 5 has an invalid interface number: 118 but max is 0
[  193.924020][   T24] usb 7-1: config 5 has no interface number 0
[  193.926353][   T24] usb 7-1: config 5 interface 118 has no altsetting 0
[  193.931715][   T24] usb 7-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=1c.96
[  193.934701][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.937578][   T24] usb 7-1: Product: syz
[  193.938988][   T24] usb 7-1: Manufacturer: syz
[  193.941319][   T24] usb 7-1: SerialNumber: syz
[  194.151158][   T24] imon_raw 7-1:5.118: IR endpoint missing
[  194.157326][   T24] usb 7-1: USB disconnect, device number 8
[  194.774406][T11125] loop6: detected capacity change from 0 to 4096
[  194.926240][   T33] audit: type=1326 audit(1755976926.025:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11140 comm="syz.7.1797" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275298ebe9 code=0x7ffc0000
[  194.937022][   T33] audit: type=1326 audit(1755976926.025:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11140 comm="syz.7.1797" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275298ebe9 code=0x7ffc0000
[  194.951941][   T33] audit: type=1326 audit(1755976926.046:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11140 comm="syz.7.1797" exe="/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f275298ebe9 code=0x7ffc0000
[  194.961832][   T33] audit: type=1326 audit(1755976926.046:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11140 comm="syz.7.1797" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275298ebe9 code=0x7ffc0000
[  194.970153][   T33] audit: type=1326 audit(1755976926.046:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11140 comm="syz.7.1797" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275298ebe9 code=0x7ffc0000
[  194.978530][   T33] audit: type=1326 audit(1755976926.067:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11140 comm="syz.7.1797" exe="/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f275298ebe9 code=0x7ffc0000
[  195.002711][   T33] audit: type=1326 audit(1755976926.067:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11140 comm="syz.7.1797" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275298ebe9 code=0x7ffc0000
[  195.020082][   T33] audit: type=1326 audit(1755976926.067:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11140 comm="syz.7.1797" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f275298ebe9 code=0x7ffc0000
[  195.145323][T11166] binder_alloc: 11164: binder_alloc_buf, no vma
[  195.157265][   T10] usb 7-1: new low-speed USB device number 9 using dummy_hcd
[  195.246441][T11178] loop4: detected capacity change from 0 to 512
[  195.251429][T11178] EXT4-fs: Ignoring removed i_version option
[  195.261856][T11178] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.279023][ T6979] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.291595][ T5995] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  195.311122][   T10] usb 7-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  195.314986][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.321229][   T10] usb 7-1: config 0 descriptor??
[  195.433149][ T5995] usb 8-1: Using ep0 maxpacket: 16
[  195.436156][ T5995] usb 8-1: config 0 has an invalid interface number: 105 but max is 0
[  195.439031][ T5995] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  195.443371][ T5995] usb 8-1: config 0 has no interface number 0
[  195.447015][ T5995] usb 8-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  195.450216][ T5995] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.453345][ T5995] usb 8-1: Product: syz
[  195.454946][ T5995] usb 8-1: Manufacturer: syz
[  195.456563][ T5995] usb 8-1: SerialNumber: syz
[  195.460360][ T5995] usb 8-1: config 0 descriptor??
[  195.463747][ T5995] uvcvideo 8-1:0.105: probe with driver uvcvideo failed with error -22
[  195.557099][  T793] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  195.656430][ T5995] usb 8-1: USB disconnect, device number 5
[  195.727716][  T793] usb 5-1: Using ep0 maxpacket: 32
[  195.730853][  T793] usb 5-1: config 0 interface 0 has no altsetting 0
[  195.735136][  T793] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  195.738674][  T793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.741353][  T793] usb 5-1: Product: syz
[  195.742843][  T793] usb 5-1: Manufacturer: syz
[  195.744452][  T793] usb 5-1: SerialNumber: syz
[  195.747603][  T793] usb 5-1: config 0 descriptor??
[  196.137749][  T793] gs_usb 5-1:0.0: Configuring for 1 interfaces
[  196.475625][   T10] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  196.480419][   T10] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  196.484924][   T10] asix 7-1:0.0: probe with driver asix failed with error -71
[  196.489957][   T10] usb 7-1: USB disconnect, device number 9
[  196.519136][  T793] gs_usb 5-1:0.0: Couldn't register candev for channel 0 (-EINVAL)
[  196.522357][  T793] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -22
[  196.714566][   T10] usb 5-1: USB disconnect, device number 15
[  197.222145][   T10] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  197.230499][T11248] loop4: detected capacity change from 0 to 64
[  197.281922][T11254] loop4: detected capacity change from 0 to 2048
[  197.291729][T11254] EXT4-fs: Ignoring removed nobh option
[  197.297991][ T5995] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  197.318619][T11254] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.323931][T11254] ext4 filesystem being mounted at /433/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.335113][   T33] audit: type=1800 audit(1755976928.549:237): pid=11254 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1818" name="file0" dev="loop4" ino=13 res=0 errno=0
[  197.356329][ T6979] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.373322][   T10] usb 7-1: Using ep0 maxpacket: 32
[  197.384965][   T10] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  197.393140][   T10] usb 7-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  197.396924][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.400426][   T10] usb 7-1: Product: syz
[  197.409178][   T10] usb 7-1: Manufacturer: syz
[  197.411795][   T10] usb 7-1: SerialNumber: syz
[  197.418488][   T10] usb 7-1: config 0 descriptor??
[  197.421673][T11233] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  197.426312][   T10] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  197.440241][ T5995] usb 8-1: Using ep0 maxpacket: 16
[  197.454894][ T5995] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  197.470732][ T5995] usb 8-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  197.480572][ T5995] usb 8-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  197.483922][ T5995] usb 8-1: Manufacturer: syz
[  197.496967][ T5995] usb 8-1: config 0 descriptor??
[  197.643155][   T10] usb 7-1: USB disconnect, device number 10
[  197.705213][  T793] usb 8-1: USB disconnect, device number 6
[  198.154271][T11313] loop6: detected capacity change from 0 to 512
[  198.165035][T11313] Quota error (device loop6): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  198.169401][T11313] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  198.173734][T11313] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.1823: Failed to acquire dquot type 1
[  198.179025][T11313] EXT4-fs (loop6): 1 truncate cleaned up
[  198.183515][T11313] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.190260][T11313] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.243070][ T8148] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.375751][T11344] vivid-003: =================  START STATUS  =================
[  198.378953][T11344] vivid-003: Radio HW Seek Mode: Bounded
[  198.382981][T11344] vivid-003: Radio Programmable HW Seek: false
[  198.385637][T11344] vivid-003: RDS Rx I/O Mode: Block I/O
[  198.387810][T11344] vivid-003: Generate RBDS Instead of RDS: false
[  198.390332][T11344] vivid-003: RDS Reception: true
[  198.393046][T11344] vivid-003: RDS Program Type: 0 inactive
[  198.402882][T11344] vivid-003: RDS PS Name:  inactive
[  198.406121][T11344] vivid-003: RDS Radio Text:  inactive
[  198.409211][T11344] vivid-003: RDS Traffic Announcement: false inactive
[  198.414898][T11344] vivid-003: RDS Traffic Program: false inactive
[  198.419506][T11344] vivid-003: RDS Music: false inactive
[  198.421933][T11344] vivid-003: ==================  END STATUS  ==================
[  198.453816][T11351] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1832'.
[  198.467541][ T5995] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  198.611190][ T5995] usb 8-1: config 0 has an invalid interface number: 117 but max is 0
[  198.613914][ T5995] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  198.617315][ T5995] usb 8-1: config 0 has no interface number 0
[  198.619929][ T5995] usb 8-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  198.623186][ T5995] usb 8-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  198.630151][ T5995] usb 8-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  198.633132][ T5995] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.635794][ T5995] usb 8-1: Product: syz
[  198.637177][ T5995] usb 8-1: Manufacturer: syz
[  198.638891][ T5995] usb 8-1: SerialNumber: syz
[  198.641248][ T5995] usb 8-1: config 0 descriptor??
[  198.707232][   T10] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  198.716505][ T5747] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.766807][ T5747] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.812438][ T5747] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.850016][ T5747] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.859086][   T10] usb 5-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.04
[  198.862032][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.876408][   T10] usb 5-1: config 0 descriptor??
[  198.883403][   T10] go7007 5-1:0.0: probe with driver go7007 failed with error -12
[  198.898728][ T5953] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  198.901765][ T5953] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  198.904265][ T5953] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  198.907396][ T5953] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  198.910176][ T5953] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  198.945690][ T5747] bridge_slave_1: left allmulticast mode
[  198.948070][ T5747] bridge_slave_1: left promiscuous mode
[  198.950802][ T5747] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.961949][ T5747] bridge_slave_0: left allmulticast mode
[  198.964301][ T5747] bridge_slave_0: left promiscuous mode
[  198.966770][ T5747] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.035416][ T5747] dvmrp0 (unregistering): left allmulticast mode
[  199.074640][ T5995] usb 5-1: USB disconnect, device number 16
[  199.126060][ T5747] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  199.130969][ T5747] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  199.136628][ T5747] bond0 (unregistering): Released all slaves
[  199.205526][T11376] chnl_net:caif_netlink_parms(): no params data found
[  199.228680][  T793] usb 8-1: USB disconnect, device number 7
[  199.302718][T11376] bridge0: port 1(bridge_slave_0) entered blocking state
[  199.307250][T11376] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.309956][T11376] bridge_slave_0: entered allmulticast mode
[  199.314900][T11376] bridge_slave_0: entered promiscuous mode
[  199.319046][T11376] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.322111][T11376] bridge0: port 2(bridge_slave_1) entered disabled state
[  199.326608][T11376] bridge_slave_1: entered allmulticast mode
[  199.329140][T11376] bridge_slave_1: entered promiscuous mode
[  199.357194][ T5747] hsr_slave_0: left promiscuous mode
[  199.359960][ T5747] hsr_slave_1: left promiscuous mode
[  199.363807][ T5747] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  199.367000][ T5747] batman_adv: batadv0: Removing interface: batadv_slave_0
[  199.371850][ T5747] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  199.375971][ T5747] batman_adv: batadv0: Removing interface: batadv_slave_1
[  199.383429][ T5747] veth1_macvtap: left promiscuous mode
[  199.385776][ T5747] veth0_macvtap: left promiscuous mode
[  199.388033][ T5747] veth1_vlan: left promiscuous mode
[  199.392171][ T5747] veth0_vlan: left promiscuous mode
[  199.486840][ T5747] team0 (unregistering): Port device team_slave_1 removed
[  199.491170][ T5747] team0 (unregistering): Port device team_slave_0 removed
[  199.522172][T11376] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  199.537057][T11376] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  199.599969][T11376] team0: Port device team_slave_0 added
[  199.614393][T11376] team0: Port device team_slave_1 added
[  199.656700][T11376] batman_adv: batadv0: Adding interface: batadv_slave_0
[  199.660100][T11376] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  199.672163][T11376] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  199.681232][T11376] batman_adv: batadv0: Adding interface: batadv_slave_1
[  199.690013][T11376] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  199.703100][T11376] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  199.776179][T11376] hsr_slave_0: entered promiscuous mode
[  199.779628][T11376] hsr_slave_1: entered promiscuous mode
[  199.782755][T11376] debugfs: 'hsr0' already exists in 'hsr'
[  199.785044][T11376] Cannot create hsr debugfs directory
[  199.866080][T11752] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1844'.
[  199.894978][T11376] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  199.906994][T11376] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  199.912198][T11376] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  199.921529][T11376] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  200.010957][T11376] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.024428][T11376] 8021q: adding VLAN 0 to HW filter on device team0
[  200.088547][ T1018] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.091033][ T1018] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.103789][ T1018] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.106344][ T1018] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.294605][T11376] 8021q: adding VLAN 0 to HW filter on device batadv0
[  200.383785][T11807] loop7: detected capacity change from 0 to 2048
[  200.408115][T11807] UDF-fs: error (device loop7): udf_process_sequence: Primary Volume Descriptor not found!
[  200.412376][T11807] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  200.433222][T11376] veth0_vlan: entered promiscuous mode
[  200.444041][T11376] veth1_vlan: entered promiscuous mode
[  200.504189][T11376] veth0_macvtap: entered promiscuous mode
[  200.507490][T11376] veth1_macvtap: entered promiscuous mode
[  200.513231][T11376] batman_adv: batadv0: Interface activated: batadv_slave_0
[  200.518055][T11814] tipc: Enabled bearer <eth:bridge0>, priority 10
[  200.527996][T11376] batman_adv: batadv0: Interface activated: batadv_slave_1
[  200.535052][   T12] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.538612][   T12] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.547258][   T12] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.551529][   T12] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  200.770963][   T28] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.780644][   T28] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.801308][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  200.804051][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.825741][ T5953] Bluetooth: hci1: command tx timeout
[  200.887811][T11847] loop8: detected capacity change from 0 to 2048
[  200.898257][T11847] NILFS (loop8): broken superblock, retrying with spare superblock (blocksize = 1024)
[  200.903284][ T6170] udevd[6170]: incorrect nilfs2 checksum on /dev/loop8
[  200.907927][T11847] NILFS (loop8): mounting unchecked fs
[  200.917397][T11847] NILFS (loop8): recovery complete
[  200.921711][T11842] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  200.923593][T11850] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  201.112506][T11889] netlink: 209832 bytes leftover after parsing attributes in process `syz.8.1867'.
[  201.157137][T11893] loop8: detected capacity change from 0 to 4096
[  201.164023][T11893] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512).
[  201.173479][T11893] ntfs3(loop8): Failed to load $Extend (-22).
[  201.175480][T11893] ntfs3(loop8): Failed to initialize $Extend.
[  201.288075][T11912] loop8: detected capacity change from 0 to 128
[  201.290687][T11912] EXT4-fs: Ignoring removed nobh option
[  201.305495][T11912] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  201.311615][T11912] ext4 filesystem being mounted at /9/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  201.317188][T11912] fscrypt (loop8, inode 12): Direct key flag not allowed with different contents and filenames modes
[  201.339294][T11376] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  201.472629][ T6016] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  201.500139][T11921] loop7: detected capacity change from 0 to 32768
[  201.512541][T11921] XFS (loop7): invalid logbufsize: 73 [not 16k,32k,64k,128k or 256k]
[  201.624767][ T6016] usb 5-1: Using ep0 maxpacket: 8
[  201.654040][ T6016] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  201.657897][ T6016] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.670180][ T6016] usb 5-1: config 0 descriptor??
[  201.747930][   T10] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  201.890793][   T10] usb 9-1: Using ep0 maxpacket: 32
[  201.943458][   T10] usb 9-1: New USB device found, idVendor=0483, idProduct=3747, bcdDevice= 0.02
[  201.950757][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.954400][   T10] usb 9-1: Product: syz
[  201.956495][   T10] usb 9-1: Manufacturer: syz
[  201.962947][   T10] usb 9-1: SerialNumber: syz
[  201.971710][   T10] usb 9-1: config 0 descriptor??
[  201.975391][   T10] ftdi_sio 9-1:0.0: Ignoring interface reserved for JTAG
[  202.172931][ T6002] usb 9-1: USB disconnect, device number 2
[  202.707618][T11980] loop8: detected capacity change from 0 to 8192
[  202.718260][  T793] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  202.779347][T11989] loop8: detected capacity change from 0 to 164
[  202.782681][T11989] rock: directory entry would overflow storage
[  202.786991][T11989] rock: sig=0x4543, size=28, remaining=18
[  202.803904][ T5953] Bluetooth: hci1: command tx timeout
[  202.857199][T12000] loop8: detected capacity change from 0 to 512
[  202.865385][T12000] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  202.869856][  T793] usb 8-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  202.876490][T12000] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002]
[  202.879968][  T793] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.884640][T12000] EXT4-fs (loop8): orphan cleanup on readonly fs
[  202.887235][T12000] EXT4-fs error (device loop8): ext4_orphan_get:1418: comm syz.8.1889: bad orphan inode 267
[  202.891402][  T793] usb 8-1: Product: syz
[  202.892938][  T793] usb 8-1: Manufacturer: syz
[  202.894654][  T793] usb 8-1: SerialNumber: syz
[  202.897446][T12000] EXT4-fs (loop8): Remounting filesystem read-only
[  202.900296][  T793] usb 8-1: config 0 descriptor??
[  202.902451][T12000] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  202.911901][T12000] EXT4-fs warning (device loop8): dx_probe:861: inode #2: comm syz.8.1889: dx entry: limit 0 != root limit 125
[  202.916238][T12000] EXT4-fs warning (device loop8): dx_probe:934: inode #2: comm syz.8.1889: Corrupt directory, running e2fsck is recommended
[  202.936083][T11376] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  203.112457][T12014] binder: 12013:12014 unknown command 0
[  203.114514][T12014] binder: 12013:12014 ioctl c0306201 200000000080 returned -22
[  203.143890][T12017] loop8: detected capacity change from 0 to 512
[  203.149930][T12017] EXT4-fs: journaled quota format not specified
[  203.272767][ T5953] Bluetooth: hci1: unexpected cc 0x0402 length: 61 > 1
[  203.275797][ T5953] Bluetooth: hci1: Ignoring error of Inquiry Cancel command
[  203.281406][T12029] loop8: detected capacity change from 0 to 64
[  203.626805][ T6016] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  203.630075][ T6016] asix 5-1:0.0: probe with driver asix failed with error -71
[  203.640341][ T6016] usb 5-1: USB disconnect, device number 17
[  204.273225][  T793] usb 8-1: f81604_read: reg: 200f failed: -EPROTO
[  204.275971][T12080] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1905'.
[  204.280853][  T793] usb 8-1: USB disconnect, device number 8
[  204.284834][T12080] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1905'.
[  204.290249][  T793] usb 8-1: f81604_read: reg: 100f failed: -ENODEV
[  204.305327][ T5591] usb 8-1: f81604_read: reg: 200f failed: -ENODEV
[  204.311603][ T5591] usb 8-1: f81604_read: reg: 200f failed: -ENODEV
[  204.334211][ T5591] usb 8-1: f81604_read: reg: 200f failed: -ENODEV
[  204.341119][  T793] usb 8-1: f81604_read: reg: 200f failed: -ENODEV
[  204.865829][T12119] netlink: 'syz.7.1913': attribute type 9 has an invalid length.
[  205.004698][T12131] netlink: 424 bytes leftover after parsing attributes in process `syz.7.1915'.
[  205.010892][T12131] netlink: 'syz.7.1915': attribute type 1 has an invalid length.
[  205.034875][T12137] loop8: detected capacity change from 0 to 128
[  205.042296][T12137] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  205.047653][T12137] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  205.070711][T11376] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  205.076119][T12144] loop7: detected capacity change from 0 to 2048
[  205.089216][T12144] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  205.165152][T11395] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  205.239215][ T5953] Bluetooth: hci1: command tx timeout
[  205.262591][T12161] loop7: detected capacity change from 0 to 32768
[  205.268752][T12161] XFS: attr2 mount option is deprecated.
[  205.278937][T12161] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  205.288415][T12161] XFS (loop7): Ending clean mount
[  205.290817][T12161] XFS (loop7): Quotacheck needed: Please wait.
[  205.296142][T12161] XFS (loop7): Quotacheck: Done.
[  205.306160][T11395] usb 5-1: Using ep0 maxpacket: 32
[  205.311545][T11395] usb 5-1: config 186 has an invalid interface number: 85 but max is 0
[  205.317097][T11395] usb 5-1: config 186 has no interface number 0
[  205.325601][ T9874] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  205.327334][T11395] usb 5-1: config 186 interface 85 has no altsetting 0
[  205.336602][T11395] usb 5-1: New USB device found, idVendor=04b4, idProduct=931d, bcdDevice=bb.43
[  205.340339][T11395] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.344780][T11395] usb 5-1: Product: syz
[  205.346528][T11395] usb 5-1: Manufacturer: syz
[  205.348446][T11395] usb 5-1: SerialNumber: syz
[  205.549778][T11395] usb 5-1: can't set first interface for hiFace device.
[  205.552048][T11395] snd-usb-hiface 5-1:186.85: probe with driver snd-usb-hiface failed with error -5
[  205.559095][T11395] usb 5-1: USB disconnect, device number 18
[  205.604970][T12197] loop7: detected capacity change from 0 to 40427
[  205.610068][T12197] F2FS-fs (loop7): build fault injection rate: 25
[  205.612887][T12197] F2FS-fs (loop7): build fault injection type: 0x7698c
[  205.617027][T12197] F2FS-fs (loop7): invalid crc value
[  205.621113][T12197] F2FS-fs (loop7): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x1cb/0x970
[  205.628756][T12197] F2FS-fs (loop7): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  205.652441][T12197] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  205.658179][T12197] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  205.674825][T12197] F2FS-fs (loop7): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xda/0x1d0
[  205.680229][T12197] F2FS-fs (loop7): inject lock_op in f2fs_trylock_op of f2fs_write_single_data_page+0x9f1/0x16a0
[  205.683817][T12197] F2FS-fs (loop7): inject lock_op in f2fs_trylock_op of f2fs_write_single_data_page+0x9f1/0x16a0
[  205.687596][T12197] syz.7.1928: attempt to access beyond end of device
[  205.687596][T12197] loop7: rw=2049, sector=45096, nr_sectors = 136 limit=40427
[  205.702293][ T9874] syz-executor: attempt to access beyond end of device
[  205.702293][ T9874] loop7: rw=2049, sector=45232, nr_sectors = 8 limit=40427
[  205.708291][ T9874] CPU: 0 UID: 0 PID: 9874 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  205.708303][ T9874] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  205.708308][ T9874] Call Trace:
[  205.708311][ T9874]  <TASK>
[  205.708314][ T9874]  dump_stack_lvl+0x189/0x250
[  205.708327][ T9874]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.708335][ T9874]  ? __pfx_queue_work_on+0x10/0x10
[  205.708343][ T9874]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  205.708353][ T9874]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  205.708363][ T9874]  f2fs_handle_critical_error+0x37c/0x540
[  205.708374][ T9874]  f2fs_write_end_io+0x886/0xb60
[  205.708384][ T9874]  __submit_merged_bio+0x27a/0x6a0
[  205.708395][ T9874]  __submit_merged_write_cond+0x255/0x530
[  205.708404][ T9874]  f2fs_write_data_pages+0x261d/0x3000
[  205.708439][ T9874]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  205.708457][ T9874]  ? kernel_text_address+0xa5/0xe0
[  205.708467][ T9874]  ? __kernel_text_address+0xd/0x40
[  205.708476][ T9874]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  205.708488][ T9874]  ? stack_trace_save+0x9c/0xe0
[  205.708496][ T9874]  ? stack_depot_save_flags+0x40/0x860
[  205.708532][ T9874]  ? filemap_get_folios_tag+0xed/0x630
[  205.708540][ T9874]  ? rcu_is_watching+0x15/0xb0
[  205.708547][ T9874]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  205.708558][ T9874]  do_writepages+0x32e/0x550
[  205.708567][ T9874]  ? rcu_is_watching+0x15/0xb0
[  205.708575][ T9874]  ? do_raw_spin_unlock+0x4d/0x240
[  205.708584][ T9874]  filemap_fdatawrite+0x199/0x240
[  205.708594][ T9874]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  205.708609][ T9874]  ? rcu_is_watching+0x15/0xb0
[  205.708617][ T9874]  ? do_raw_spin_unlock+0x4d/0x240
[  205.708626][ T9874]  f2fs_sync_dirty_inodes+0x31f/0x830
[  205.708635][ T9874]  f2fs_write_checkpoint+0x95a/0x1df0
[  205.708652][ T9874]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  205.708676][ T9874]  ? kill_f2fs_super+0x298/0x6c0
[  205.708688][ T9874]  kill_f2fs_super+0x2c3/0x6c0
[  205.708708][ T9874]  ? __pfx_kill_f2fs_super+0x10/0x10
[  205.708719][ T9874]  ? radix_tree_delete_item+0x2b6/0x400
[  205.708735][ T9874]  ? shrinker_free+0x2ce/0x3e0
[  205.708747][ T9874]  deactivate_locked_super+0xbc/0x130
[  205.708763][ T9874]  cleanup_mnt+0x425/0x4c0
[  205.708776][ T9874]  task_work_run+0x1d4/0x260
[  205.708792][ T9874]  ? __pfx_task_work_run+0x10/0x10
[  205.708807][ T9874]  ? __x64_sys_umount+0x122/0x160
[  205.708821][ T9874]  ? __pfx___x64_sys_umount+0x10/0x10
[  205.708836][ T9874]  ? rcu_is_watching+0x15/0xb0
[  205.708848][ T9874]  exit_to_user_mode_loop+0xec/0x110
[  205.708864][ T9874]  do_syscall_64+0x2bd/0x3b0
[  205.708880][ T9874]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.708892][ T9874]  ? exc_page_fault+0x9f/0xf0
[  205.708907][ T9874]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.708918][ T9874] RIP: 0033:0x7f275298ff17
[  205.708929][ T9874] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  205.708938][ T9874] RSP: 002b:00007ffe7ba91968 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  205.708951][ T9874] RAX: 0000000000000000 RBX: 00007f2752a11c05 RCX: 00007f275298ff17
[  205.708959][ T9874] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe7ba91a20
[  205.708965][ T9874] RBP: 00007ffe7ba91a20 R08: 0000000000000000 R09: 0000000000000000
[  205.708973][ T9874] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe7ba92ab0
[  205.708980][ T9874] R13: 00007f2752a11c05 R14: 0000000000033812 R15: 00007ffe7ba92af0
[  205.708993][ T9874]  </TASK>
[  205.709622][ T9874] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  206.163783][T12242] nfs4: Unexpected value for 'acl'
[  206.221827][T12245] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  206.225090][T12245] overlayfs: failed to set xattr on upper
[  206.227576][T12245] overlayfs: ...falling back to redirect_dir=nofollow.
[  206.235468][T12245] overlayfs: ...falling back to index=off.
[  206.337309][T12235] loop8: detected capacity change from 0 to 32768
[  206.372832][T12235] XFS (loop8): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  206.422416][T12235] XFS (loop8): Ending clean mount
[  206.481829][T11376] XFS (loop8): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  206.695450][T11395] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  206.837150][T11395] usb 8-1: Using ep0 maxpacket: 8
[  206.841991][T11395] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  206.846794][T11395] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  206.851072][T11395] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  206.855140][T11395] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  206.860117][T11395] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  206.863842][T11395] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.893811][   T24] usb 9-1: new full-speed USB device number 3 using dummy_hcd
[  207.039007][   T24] usb 9-1: config 0 has an invalid interface number: 128 but max is 0
[  207.042247][   T24] usb 9-1: config 0 has no interface number 0
[  207.044363][   T24] usb 9-1: config 0 interface 128 altsetting 6 endpoint 0x5 has invalid maxpacket 1024, setting to 1023
[  207.048574][   T24] usb 9-1: config 0 interface 128 altsetting 6 endpoint 0xF has invalid maxpacket 512, setting to 64
[  207.052570][   T24] usb 9-1: config 0 interface 128 altsetting 6 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  207.056892][   T24] usb 9-1: config 0 interface 128 has no altsetting 0
[  207.061935][   T24] usb 9-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=95.91
[  207.065003][   T24] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.068130][   T24] usb 9-1: Product: syz
[  207.070340][   T24] usb 9-1: Manufacturer: syz
[  207.072567][T11395] usb 8-1: GET_CAPABILITIES returned 0
[  207.074516][   T24] usb 9-1: SerialNumber: syz
[  207.076240][T11395] usbtmc 8-1:16.0: can't read capabilities
[  207.080996][   T24] usb 9-1: config 0 descriptor??
[  207.095534][   T24] radio-si470x 9-1:0.128: could not find interrupt in endpoint
[  207.098309][   T24] radio-si470x 9-1:0.128: probe with driver radio-si470x failed with error -5
[  207.101701][   T24] usbhid 9-1:0.128: couldn't find an input interrupt endpoint
[  207.270130][ T6002] usb 8-1: USB disconnect, device number 9
[  207.291312][  T793] usb 9-1: USB disconnect, device number 3
[  207.493255][   T24] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  207.636198][   T24] usb 5-1: Using ep0 maxpacket: 8
[  207.639795][   T24] usb 5-1: config 3 has an invalid interface number: 45 but max is 0
[  207.643120][   T24] usb 5-1: config 3 contains an unexpected descriptor of type 0x1, skipping
[  207.646868][   T24] usb 5-1: config 3 has no interface number 0
[  207.649386][   T24] usb 5-1: config 3 interface 45 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  207.655154][   T24] usb 5-1: config 3 interface 45 has no altsetting 0
[  207.659384][   T24] usb 5-1: New USB device found, idVendor=0582, idProduct=e6ca, bcdDevice=d3.0b
[  207.662611][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.665967][   T24] usb 5-1: Product: syz
[  207.667552][   T24] usb 5-1: Manufacturer: syz
[  207.669248][   T24] usb 5-1: SerialNumber: syz
[  207.874842][   T24] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  207.905263][   T24] usb 5-1: USB disconnect, device number 19
[  207.946818][ T5955] udevd[5955]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:3.45/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  207.960182][T12313] loop8: detected capacity change from 0 to 32768
[  207.973277][T12310] loop7: detected capacity change from 0 to 32768
[  207.973848][T12313] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.1945 (12313)
[  207.985822][T12310] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  208.006022][T12310] XFS (loop7): Ending clean mount
[  208.007177][T12313] BTRFS info (device loop8): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  208.022258][T12313] BTRFS info (device loop8): using blake2b (blake2b-256-generic) checksum algorithm
[  208.042243][ T9874] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  208.079551][T12313] BTRFS info (device loop8): enabling ssd optimizations
[  208.082423][T12313] BTRFS info (device loop8): enabling free space tree
[  208.107857][T12313] BTRFS info (device loop8): use zstd compression, level 3
[  208.159921][T11376] BTRFS info (device loop8): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  208.613735][T12389] loop4: detected capacity change from 0 to 256
[  208.618398][T12389] exfat: Deprecated parameter 'namecase'
[  208.620834][T12389] exfat: Deprecated parameter 'utf8'
[  208.626776][T12389] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  208.634720][ T6002] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  208.777156][ T6002] usb 9-1: Using ep0 maxpacket: 8
[  208.780217][ T6002] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.783796][ T6002] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  208.789696][ T6002] usb 9-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  208.793221][ T6002] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.802861][ T6002] usb 9-1: config 0 descriptor??
[  209.209185][ T6002] hid-rmi 0003:06CB:81A7.000A: unknown main item tag 0x0
[  209.220107][ T6002] hid-rmi 0003:06CB:81A7.000A: unknown main item tag 0x0
[  209.223168][ T6002] hid-rmi 0003:06CB:81A7.000A: unknown main item tag 0x0
[  209.229229][ T6002] hid-rmi 0003:06CB:81A7.000A: unknown main item tag 0x0
[  209.232286][ T6002] hid-rmi 0003:06CB:81A7.000A: unknown main item tag 0x7
[  209.235764][ T6002] hid-rmi 0003:06CB:81A7.000A: unknown main item tag 0x0
[  209.238562][ T6002] hid-rmi 0003:06CB:81A7.000A: unknown main item tag 0x0
[  209.242531][ T6002] hid-rmi 0003:06CB:81A7.000A: hidraw0: USB HID v0.00 Device [HID 06cb:81a7] on usb-dummy_hcd.8-1/input0
[  209.353270][T12449] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1964'.
[  209.356384][T12449] unsupported nlmsg_type 40
[  209.403009][   T24] usb 9-1: USB disconnect, device number 4
[  209.460397][T12468] bond1: entered allmulticast mode
[  209.463022][T12468] 8021q: adding VLAN 0 to HW filter on device bond1
[  210.045142][T12550] loop8: detected capacity change from 0 to 4096
[  210.183104][T12567] loop8: detected capacity change from 0 to 4096
[  210.265791][T12574] loop8: detected capacity change from 0 to 4096
[  210.288554][T12574] ntfs3(loop8): failed to convert name for inode 1e.
[  210.291729][T12574] ntfs3(loop8): ino=1f, mi_enum_attr
[  210.293484][T12574] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[  210.347129][   T10] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  210.367065][T12580] loop8: detected capacity change from 0 to 4096
[  210.379442][T12580] ntfs3(loop8): Different NTFS sector size (2048) and media sector size (512).
[  210.500470][   T10] usb 5-1: config 0 has an invalid interface number: 18 but max is 0
[  210.503505][   T10] usb 5-1: config 0 has no interface number 0
[  210.505487][   T10] usb 5-1: config 0 interface 18 altsetting 15 has 0 endpoint descriptors, different from the interface descriptor's value: 23
[  210.518728][   T10] usb 5-1: config 0 interface 18 has no altsetting 0
[  210.527624][   T10] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  210.530556][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.537765][   T10] usb 5-1: config 0 descriptor??
[  210.541943][T12592] loop8: detected capacity change from 0 to 1024
[  210.546007][   T10] cp210x 5-1:0.18: cp210x converter detected
[  210.586951][ T9989] hfsplus: b-tree write err: -5, ino 3
[  211.091723][   T10] cp210x 5-1:0.18: failed to get vendor val 0x000e size 3: -71
[  211.106268][   T10] usb 5-1: cp210x converter now attached to ttyUSB0
[  211.114208][   T10] usb 5-1: USB disconnect, device number 20
[  211.121264][   T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  211.126975][   T10] cp210x 5-1:0.18: device disconnected
[  211.438060][T12668] loop7: detected capacity change from 0 to 32768
[  211.448061][T12668] JBD2: Ignoring recovery information on journal
[  211.554173][T12668] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  211.558147][T12684] comedi comedi4: bad chanlist[0]=0x0000b8eb chan=47339 range length=2
[  211.602860][T12691] loop8: detected capacity change from 0 to 128
[  211.622640][ T9874] ocfs2: Unmounting device (7,7) on (node local)
[  211.655640][T12698] loop4: detected capacity change from 0 to 512
[  211.673629][T12698] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  211.689813][T12698] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  211.698141][T12698] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  211.702118][T12698] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  211.705436][T12698] System zones: 0-2, 18-18, 34-34
[  211.708904][T12698] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.2003: iget: bad i_size value: 360287970189639680
[  211.713309][T12698] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.2003: couldn't read orphan inode 15 (err -117)
[  211.717976][T12698] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.733146][T12709] loop8: detected capacity change from 0 to 2048
[  211.759756][T12698] EXT4-fs error (device loop4): ext4_lookup:1787: inode #15: comm syz.4.2003: iget: bad i_size value: 360287970189639680
[  211.771474][ T6979] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.785363][T12709] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  211.847844][ T9989] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  211.868917][ T9989] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  211.875842][ T9989] EXT4-fs (loop8): This should not happen!! Data will be lost
[  211.875842][ T9989] 
[  211.880148][ T9989] EXT4-fs (loop8): Total free blocks count 0
[  211.882466][ T9989] EXT4-fs (loop8): Free/Dirty block details
[  211.884758][ T9989] EXT4-fs (loop8): free_blocks=4096
[  211.886826][ T9989] EXT4-fs (loop8): dirty_blocks=16
[  211.901173][ T9989] EXT4-fs (loop8): Block reservation details
[  211.903481][ T9989] EXT4-fs (loop8): i_reserved_data_blocks=1
[  211.906992][T11376] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.249608][  T793] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  212.292148][T12747] loop8: detected capacity change from 0 to 4096
[  212.320870][T12753] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  212.326609][   T33] audit: type=1800 audit(1755976944.319:238): pid=12747 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2012" name="file1" dev="loop8" ino=15 res=0 errno=0
[  212.336153][T12747] NILFS error (device loop8): nilfs_readdir: zero-length directory entry
[  212.340743][T12747] Remounting filesystem read-only
[  212.394318][  T793] usb 5-1: Using ep0 maxpacket: 32
[  212.399865][  T793] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe
[  212.405130][  T793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.408461][  T793] usb 5-1: Product: syz
[  212.410201][  T793] usb 5-1: Manufacturer: syz
[  212.415740][  T793] usb 5-1: SerialNumber: syz
[  212.418942][  T793] usb 5-1: config 0 descriptor??
[  212.425409][   T10] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  212.434562][   T10] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  212.552956][T12759] loop8: detected capacity change from 0 to 32768
[  212.560207][T12759] 
[  212.560207][T12759]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.560207][T12759] 
[  212.576778][T12759] read_mapping_page failed!
[  212.578463][T12759] ERROR: (device loop8): txCommit: 
[  212.578463][T12759] 
[  212.606052][   T70] 
[  212.606052][   T70]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.606052][   T70] 
[  212.609719][   T70] 
[  212.609719][   T70]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.609719][   T70] 
[  212.617607][T11376] 
[  212.617607][T11376]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.617607][T11376] 
[  212.620612][  T793] snd-usb-6fire 5-1:0.0: unknown device firmware state received from device:
[  212.624858][T11376] 
[  212.624858][T11376]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.624858][T11376] 
[  212.633235][  T116] ==================================================================
[  212.636607][  T116] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x23d/0x290
[  212.639729][  T116] Read of size 4 at addr ffff888110cdc8c4 by task jfsCommit/116
[  212.643752][  T116] 
[  212.644753][  T116] CPU: 0 UID: 0 PID: 116 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  212.644769][  T116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  212.644776][  T116] Call Trace:
[  212.644782][  T116]  <TASK>
[  212.644787][  T116]  dump_stack_lvl+0x189/0x250
[  212.644807][  T116]  ? __pfx_dump_stack_lvl+0x10/0x10
[  212.644820][  T116]  ? lock_release+0x4b/0x3e0
[  212.644840][  T116]  ? __virt_addr_valid+0x4a5/0x5c0
[  212.644854][  T116]  print_report+0xca/0x240
[  212.644867][  T116]  ? do_raw_spin_lock+0x23d/0x290
[  212.644881][  T116]  kasan_report+0x118/0x150
[  212.644897][  T116]  ? do_raw_spin_lock+0x23d/0x290
[  212.644913][  T116]  do_raw_spin_lock+0x23d/0x290
[  212.644926][  T116]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  212.644943][  T116]  _raw_spin_lock_irqsave+0xb3/0xf0
[  212.644957][  T116]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  212.644974][  T116]  ? schedule+0x16f/0x360
[  212.644986][  T116]  ? __mutex_lock+0x37a/0x1350
[  212.645002][  T116]  __mutex_lock+0x3d1/0x1350
[  212.645016][  T116]  ? do_raw_spin_lock+0x121/0x290
[  212.645032][  T116]  ? rcu_is_watching+0x15/0xb0
[  212.645043][  T116]  ? jfs_syncpt+0x25/0x90
[  212.645054][  T116]  ? rcu_is_watching+0x15/0xb0
[  212.645065][  T116]  ? __pfx___mutex_lock+0x10/0x10
[  212.645079][  T116]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  212.645094][  T116]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  212.645108][  T116]  ? rcu_is_watching+0x15/0xb0
[  212.645122][  T116]  jfs_syncpt+0x25/0x90
[  212.645132][  T116]  txEnd+0x2e5/0x530
[  212.645145][  T116]  jfs_lazycommit+0x5ba/0xa90
[  212.645159][  T116]  ? __pfx_jfs_lazycommit+0x10/0x10
[  212.645170][  T116]  ? __pfx_default_wake_function+0x10/0x10
[  212.645187][  T116]  ? __kthread_parkme+0x7b/0x200
[  212.645197][  T116]  ? __kthread_parkme+0x1a1/0x200
[  212.645209][  T116]  kthread+0x711/0x8a0
[  212.645225][  T116]  ? __pfx_jfs_lazycommit+0x10/0x10
[  212.645236][  T116]  ? __pfx_kthread+0x10/0x10
[  212.645250][  T116]  ? _raw_spin_unlock_irq+0x23/0x50
[  212.645262][  T116]  ? lockdep_hardirqs_on+0x9c/0x150
[  212.645275][  T116]  ? __pfx_kthread+0x10/0x10
[  212.645290][  T116]  ret_from_fork+0x3fc/0x770
[  212.645301][  T116]  ? __pfx_ret_from_fork+0x10/0x10
[  212.645315][  T116]  ? __switch_to_asm+0x39/0x70
[  212.645328][  T116]  ? __switch_to_asm+0x33/0x70
[  212.645342][  T116]  ? __pfx_kthread+0x10/0x10
[  212.645355][  T116]  ret_from_fork_asm+0x1a/0x30
[  212.645378][  T116]  </TASK>
[  212.645383][  T116] 
[  212.734567][  T116] Allocated by task 12759:
[  212.736488][  T116]  kasan_save_track+0x3e/0x80
[  212.738493][  T116]  __kasan_kmalloc+0x93/0xb0
[  212.740420][  T116]  __kmalloc_cache_noprof+0x230/0x3d0
[  212.742673][  T116]  lmLogOpen+0x2d1/0xfb0
[  212.744454][  T116]  jfs_mount_rw+0xe9/0x670
[  212.746259][  T116]  jfs_fill_super+0x754/0xd80
[  212.748246][  T116]  get_tree_bdev_flags+0x40e/0x4d0
[  212.750378][  T116]  vfs_get_tree+0x92/0x2b0
[  212.752237][  T116]  do_new_mount+0x2a2/0x9e0
[  212.754136][  T116]  __se_sys_mount+0x317/0x410
[  212.756134][  T116]  do_syscall_64+0xfa/0x3b0
[  212.758027][  T116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.760455][  T116] 
[  212.761468][  T116] Freed by task 11376:
[  212.762906][  T116]  kasan_save_track+0x3e/0x80
[  212.764715][  T116]  kasan_save_free_info+0x46/0x50
[  212.766535][  T116]  __kasan_slab_free+0x5b/0x80
[  212.768151][  T116]  kfree+0x18e/0x440
[  212.769471][  T116]  lmLogClose+0x297/0x520
[  212.770791][  T116]  jfs_umount+0x2ef/0x3c0
[  212.772102][  T116]  jfs_put_super+0x8c/0x190
[  212.773820][  T116]  generic_shutdown_super+0x135/0x2c0
[  212.775842][  T116]  kill_block_super+0x44/0x90
[  212.777561][  T116]  deactivate_locked_super+0xbc/0x130
[  212.779363][  T116]  cleanup_mnt+0x425/0x4c0
[  212.780935][  T116]  task_work_run+0x1d4/0x260
[  212.782539][  T116]  exit_to_user_mode_loop+0xec/0x110
[  212.784234][  T116]  do_syscall_64+0x2bd/0x3b0
[  212.785722][  T116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.787854][  T116] 
[  212.788693][  T116] The buggy address belongs to the object at ffff888110cdc800
[  212.788693][  T116]  which belongs to the cache kmalloc-1k of size 1024
[  212.793421][  T116] The buggy address is located 196 bytes inside of
[  212.793421][  T116]  freed 1024-byte region [ffff888110cdc800, ffff888110cdcc00)
[  212.798201][  T116] 
[  212.799056][  T116] The buggy address belongs to the physical page:
[  212.801122][  T116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x110cd8
[  212.803979][  T116] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  212.806744][  T116] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[  212.809174][  T116] page_type: f5(slab)
[  212.810461][  T116] raw: 057ff00000000040 ffff88801a441dc0 dead000000000100 dead000000000122
[  212.813181][  T116] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  212.816406][  T116] head: 057ff00000000040 ffff88801a441dc0 dead000000000100 dead000000000122
[  212.819327][  T116] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  212.822465][  T116] head: 057ff00000000003 ffffea0004433601 00000000ffffffff 00000000ffffffff
[  212.825402][  T116] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  212.828292][  T116] page dumped because: kasan: bad access detected
[  212.830348][  T116] page_owner tracks the page as allocated
[  212.832647][  T116] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 23, tgid 23 (ksoftirqd/1), ts 121786489751, free_ts 111088526721
[  212.839687][  T116]  post_alloc_hook+0x240/0x2a0
[  212.841658][  T116]  get_page_from_freelist+0x21e4/0x22c0
[  212.843876][  T116]  __alloc_frozen_pages_noprof+0x181/0x370
[  212.846225][  T116]  alloc_pages_mpol+0x232/0x4a0
[  212.848178][  T116]  allocate_slab+0x8a/0x370
[  212.850005][  T116]  ___slab_alloc+0xbeb/0x1410
[  212.851901][  T116]  __kmalloc_noprof+0x305/0x4f0
[  212.853830][  T116]  ieee802_11_parse_elems_full+0x152/0x2ab0
[  212.856173][  T116]  ieee80211_inform_bss+0x10c/0x10a0
[  212.858314][  T116]  cfg80211_inform_single_bss_data+0xd05/0x1ac0
[  212.860817][  T116]  cfg80211_inform_bss_data+0x1fb/0x3b30
[  212.863026][  T116]  cfg80211_inform_bss_frame_data+0x3d7/0x730
[  212.865428][  T116]  ieee80211_bss_info_update+0x746/0x9e0
[  212.867669][  T116]  ieee80211_scan_rx+0x593/0xa20
[  212.869580][  T116]  ieee80211_rx_list+0x201c/0x2a90
[  212.871289][  T116]  ieee80211_rx_napi+0x1a8/0x3d0
[  212.872876][  T116] page last free pid 5294 tgid 5294 stack trace:
[  212.874871][  T116]  __free_frozen_pages+0xbc4/0xd30
[  212.876553][  T116]  __put_partials+0x156/0x1a0
[  212.878047][  T116]  put_cpu_partial+0x17c/0x250
[  212.879593][  T116]  __slab_free+0x2d5/0x3c0
[  212.881114][  T116]  qlist_free_all+0x97/0x140
[  212.882595][  T116]  kasan_quarantine_reduce+0x148/0x160
[  212.884531][  T116]  __kasan_slab_alloc+0x22/0x80
[  212.886082][  T116]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  212.887923][  T116]  getname_flags+0xb8/0x540
[  212.889564][  T116]  do_sys_openat2+0xbc/0x1c0
[  212.891003][  T116]  __x64_sys_openat+0x138/0x170
[  212.892560][  T116]  do_syscall_64+0xfa/0x3b0
[  212.894030][  T116]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.895933][  T116] 
[  212.896716][  T116] Memory state around the buggy address:
[  212.898482][  T116]  ffff888110cdc780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  212.900962][  T116]  ffff888110cdc800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  212.903413][  T116] >ffff888110cdc880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  212.905932][  T116]                                            ^
[  212.907883][  T116]  ffff888110cdc900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  212.910422][  T116]  ffff888110cdc980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  212.912958][  T116] ==================================================================
[  212.915455][  T116] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  212.918002][  T116] CPU: 0 UID: 0 PID: 116 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  212.921131][  T116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  212.924354][  T116] Call Trace:
[  212.925530][  T116]  <TASK>
[  212.926502][  T116]  dump_stack_lvl+0x99/0x250
[  212.928153][  T116]  ? __asan_memcpy+0x40/0x70
[  212.929700][  T116]  ? __pfx_dump_stack_lvl+0x10/0x10
[  212.931406][  T116]  ? __pfx__printk+0x10/0x10
[  212.932918][  T116]  vpanic+0x281/0x750
[  212.934230][  T116]  ? __pfx_print_hex_dump+0x10/0x10
[  212.935914][  T116]  ? __pfx_vpanic+0x10/0x10
[  212.937408][  T116]  panic+0xb9/0xc0
[  212.938793][  T116]  ? __pfx_panic+0x10/0x10
[  212.940316][  T116]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  212.942809][  T116]  ? do_raw_spin_lock+0x23d/0x290
[  212.944831][  T116]  check_panic_on_warn+0x89/0xb0
[  212.946500][  T116]  ? do_raw_spin_lock+0x23d/0x290
[  212.948303][  T116]  end_report+0x78/0x160
[  212.949738][  T116]  kasan_report+0x129/0x150
[  212.951223][  T116]  ? do_raw_spin_lock+0x23d/0x290
[  212.952920][  T116]  do_raw_spin_lock+0x23d/0x290
[  212.954736][  T116]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  212.956723][  T116]  _raw_spin_lock_irqsave+0xb3/0xf0
[  212.958588][  T116]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[  212.960457][  T116]  ? schedule+0x16f/0x360
[  212.961830][  T116]  ? __mutex_lock+0x37a/0x1350
[  212.963364][  T116]  __mutex_lock+0x3d1/0x1350
[  212.964891][  T116]  ? do_raw_spin_lock+0x121/0x290
[  212.966555][  T116]  ? rcu_is_watching+0x15/0xb0
[  212.968078][  T116]  ? jfs_syncpt+0x25/0x90
[  212.969483][  T116]  ? rcu_is_watching+0x15/0xb0
[  212.971009][  T116]  ? __pfx___mutex_lock+0x10/0x10
[  212.972624][  T116]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  212.974540][  T116]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  212.976562][  T116]  ? rcu_is_watching+0x15/0xb0
[  212.978067][  T116]  jfs_syncpt+0x25/0x90
[  212.979386][  T116]  txEnd+0x2e5/0x530
[  212.980649][  T116]  jfs_lazycommit+0x5ba/0xa90
[  212.982192][  T116]  ? __pfx_jfs_lazycommit+0x10/0x10
[  212.983897][  T116]  ? __pfx_default_wake_function+0x10/0x10
[  212.985825][  T116]  ? __kthread_parkme+0x7b/0x200
[  212.987400][  T116]  ? __kthread_parkme+0x1a1/0x200
[  212.989234][  T116]  kthread+0x711/0x8a0
[  212.991004][  T116]  ? __pfx_jfs_lazycommit+0x10/0x10
[  212.992962][  T116]  ? __pfx_kthread+0x10/0x10
[  212.994858][  T116]  ? _raw_spin_unlock_irq+0x23/0x50
[  212.996922][  T116]  ? lockdep_hardirqs_on+0x9c/0x150
[  212.998836][  T116]  ? __pfx_kthread+0x10/0x10
[  213.000549][  T116]  ret_from_fork+0x3fc/0x770
[  213.002173][  T116]  ? __pfx_ret_from_fork+0x10/0x10
[  213.003876][  T116]  ? __switch_to_asm+0x39/0x70
[  213.005420][  T116]  ? __switch_to_asm+0x33/0x70
[  213.007109][  T116]  ? __pfx_kthread+0x10/0x10
[  213.008779][  T116]  ret_from_fork_asm+0x1a/0x30
[  213.010301][  T116]  </TASK>
[  213.012036][  T116] Kernel Offset: disabled
[  213.013737][  T116] Rebooting in 86400 seconds..

VM DIAGNOSIS:
19:09:31  Registers:
info registers vcpu 0

CPU#0
RAX=1ffffffff33bde60 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=0000000000000000 RDI=0000000000000020 RBP=ffffffff99def670 RSP=ffffc9000243f1b0
R8 =ffff888107b98237 R9 =1ffff11020f73046 R10=dffffc0000000000 R11=ffffffff854f1bf0
R12=dffffc0000000000 R13=0000000000000000 R14=ffffffff99def3e0 R15=0000000000000000
RIP=ffffffff854f1c67 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c290be4 CR3=000000003a57e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffffff000000 0000000000000000
XMM02=00007fd5b7387498 00007fd5b7387470 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=00007fd5b7387478 00007fd5b73874c0
XMM06=00007fd5b73874b8 00007fd5b73874b0 XMM07=00007fd5b73874a8 00007fd5b73874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fd5b7212fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffc90007900000 RBX=1ffff110044e725a RCX=ffff888035399cc0 RDX=0000000000010000
RSI=ffff888022738000 RDI=0000000000000017 RBP=0000000000000080 RSP=ffffc900001e0dc0
R8 =ffffffff8fa38337 R9 =1ffffffff1f47066 R10=dffffc0000000000 R11=ffffffff8699bc20
R12=dffffc0000000000 R13=ffff8880227392d0 R14=ffff888022738000 R15=dffffc0000000000
RIP=ffffffff8699bc68 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555587091500 ffffffff 00c00000
GS =0000 ffff8881a3c1b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055faf9ce9000 CR3=00000000398f8000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=029a030602000298 031e020002960304
XMM02=0200029403020200 0292030802000290 XMM03=0300000000000001 ffffffffffffffff
XMM04=f308028403020200 0282030402000280 XMM05=f308028403020200 0282030402000280
XMM06=0300000000000001 ffffffffffffffff XMM07=0200029403020200 0292030802000290
XMM08=0100100002100061 8004010000000806 XMM09=2030363864303061 3966666666666666
XMM10=6f6e5f6769726f5f 7664617461622062 XMM11=0a33312e79656b5f 5f2e77656e5f6564
XMM12=660a6c61636f6c5f 74726f70736e6172 XMM13=2030386130313061 3966666666666666
XMM14=0a6732685f74726f 70736e6172742062 XMM15=3061613031306139 6666666666666666
