last executing test programs:

4.529963121s ago: executing program 2 (id=126):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
unshare(0x2a020480)
r2 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x8)
r4 = openat$cgroup_pressure(r3, &(0x7f0000000000)='cpu.pressure\x00', 0x2, 0x0)
read(r4, &(0x7f0000000040)=""/252, 0xfc)

3.608476788s ago: executing program 2 (id=133):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0)
r1 = dup(r0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x121003, 0x0)
ioctl$FS_IOC_SETFLAGS(r2, 0x40081271, &(0x7f0000000980)=0x4000)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000400), 0x202)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4054)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r5)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002cff9fb8430800000000000000000400080003007cc910fa7e18300eeb14dc59fbfde1893f6672987545e3c6c2e329ef158a727b37493213b1ed27b7b972ba53edc8171f8e4bd59053eb04f2e387e0d92e71b2023a3def3ac281ef295bd89dce1d08aad6fbfacbbc43e0f8269a575daddc2550a9ae5d0018c6c94be29c51225fad4f772da5dd254a33198c6dfc24070000349efb79368c57df217a4716", @ANYRES32=r7, @ANYBLOB="080005000b0000000a0018000303030303030000"], 0x30}}, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r8, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r8, &(0x7f00000001c0)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg(r8, &(0x7f00000082c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000000)='%', 0x1}], 0x1}}], 0x1, 0x50)
recvmmsg(r3, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)}}], 0x1, 0x10122, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r1, 0x2c93a000)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b7"], 0x0}, 0x94)
madvise(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)

2.719842701s ago: executing program 2 (id=137):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000005980)=ANY=[@ANYBLOB="6a71666d743d76667376312c686561702c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c666c7573685f6d657267652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030303032332c646973636172642c6e6f636865636b706f696e745f6d657267652c6673796e635f6d6f64653d706f7369782c6e6f696e6c696e655f78617474722c6261636b67726f756e645f67633d6f66662c6163746976655f6c6f67733d322c6661756c745f747970653d30303030303030303030303031363737373231342c003768c6924517a8cb86a418dbafc026c9dd971f90627ac8bb79a03b1e409b8c4d8c247165507579466481caa4f65c32219c090d30ce08d306fb62e926cac2e7e8bab2d6ea6737092f5810c13aa485b063ac135c1bd342b9eb5f1a748a3d70b24ee293bba0516e780af0997e884d0b743d24498b57e1623090bb2e38fc3eca36e360d5568d5647c2187d4768"], 0x3, 0x5505, &(0x7f0000000340)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fcntl$setstatus(r0, 0x4, 0x6000)
io_setup(0x202, &(0x7f0000000200)=<r1=>0x0)
io_submit(r1, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000000), 0x4020, 0xa00, 0x604}])

2.018814068s ago: executing program 2 (id=144):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_clone3(&(0x7f00000004c0)={0x84000000, &(0x7f0000000180), &(0x7f00000001c0)=<r0=>0x0, &(0x7f0000000280), {0x38}, &(0x7f0000000340)=""/4, 0x4, &(0x7f0000000380)=""/164, &(0x7f0000000480)=[0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0], 0x9}, 0x58)
prlimit64(r0, 0x6, &(0x7f0000000100)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000900)=[{{&(0x7f0000000540)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000880)=[{&(0x7f0000000600)="90c8061958b69470d141daae73ee3878347de50481e2cbb165c0563b5661eca3a84cb79a565c5e6541010cbe776eabf994ac4b7715077fdbe43f955fa2966ded4d9176177155b221e231cac06ea920f7ee272d21af849feafa537db1c01de50a65245ff9d8c85b93d3d5a361848839947e7ad1dc33337051f21354e3ec7aafe299f35f85828a64d1c0bbac805d4c038a87f6f47c63098a5a1af913f1f6ff853ba867a7bfbb7211fee22836adc69a695d4dc575f03d37c85f7c", 0xb9}, {&(0x7f0000000940)="6b4b4cdd0219794c497b2c4db60737193b2e94febe5833b795ce6860c6ff3070be05e28df68dd4bc6df783d512267fa5f01cba1b639439760c48c2c5113ce0db3f409c98461240f98df3fa671dfe027b59149c839c805c75a78293b8edfb35550fa219d624802e3ec23df0549c45810ac68cd9c7a713e15dd882171612a1bf65470642aeddd1cef3aacf99cf1e2246260974d3196ac2b28feabfb4949c71ab81b6913d7b15b4acc7ced455cffe066c3ad8c3f10566cdcd1385e383605d497196ad20b69a7311e58c501c314a4cb629", 0xcf}, {&(0x7f00000007c0)="20637c7dd7eb11998a7c5534eb1ebf06eddeba6dc642565bec468d3e292b05e055c0221230e32942610e83a3b7d227dc730cb0700b7e983df78e69e91813ad5b0e39944e68f11840f070ecab6852f71014c26e481e6d6832cf90c9e5c051d15b468357646121bae21313ed46acfa52a9423c47b4b54888671238d06755fe391f6fa21773f297", 0x86}], 0x3, 0x0, 0x0, 0x20000000}}], 0x1, 0x24044880)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x1)
r5 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r6, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r5, &(0x7f0000000300)="ca0e808bb35b", 0x6)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000440)=[0x5], &(0x7f0000000240)=[0x2], 0x0, 0x1}}, 0x40)
mmap$xdp(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1f, 0x12, r4, 0x0)

1.490130963s ago: executing program 1 (id=147):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file1\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x444a, &(0x7f0000004480)="$eJzs3b1PHGcaAPB3BnwGfx32ufBJJ91KZ+k+hcDV3WHpMMbGYHOOnNhFmvUCa5tkYS1YohQuSGcpVaQUUQorkdJRWUhp0jh/QpqUTm0pKdJEimSFaHdnMTPsmg3ZhWD9fsXOzvv5wLMzvGNp/caJyr355dz8cq6wmCvP3lk+l3unXFpZKIZ4jzSd/9DezU97uvE5edmYn3cscpq5fvHy67fOhfDl3NfPNjY2NkJVb2hqeMv7H75/MLv12BBn+lTHbTLUoeYz7MabIYTT2+Kq6gkh9IUQohDChaRsLDn2hxCOJ3W3Hrx/O9ehaB4/LZ7PP59+uD5ydmrt0Xqzn70uCuHj0h//dXfh27/0jHzzj9YjfnG0Q6EBAAAAAAAAAAAAAAAAAHAATNy4fvO1oeHwJAq9a9H27+tOJMcW34/t3eiYP78szL+f6NyPDAAAAAAAAAAAAAAAAAAAAL85L77/n4tONfn+/3hyHG3Rf+N/3Y+R7pn8//XxS0PDyf7v0bb6fydF313oCSeb7Pue3f/9QqZ/8/3ft8+zW434GvMOhCgeTJ3H8eBgCJ8mG7+fiY7EpfJy5Z93yiuLcx0L48BK57++e38qO8mG/m3mPx7LjN9i//8O+sO2T1P1/HbnPmKvtHT+e1q2++y9qK3r/2Km317kn91L57+3Vta/tcFo/QZQzf8HvTvnfzwzfrfyfyKEkIuqseZSd4DqGqZa3mq9Qlo6/4dqZalbZ/KLbHX9/5jJ/6XM+Pt1/1/N/iGiqXT+f1cr60u1OFx7reU/3vn6v5wZfz/yX41/tV640d25D750/uu5Dr2pJrXfZLv3/4nM+C3zf/jXxX0zTuI8EaU+AWtRvbzF/1dHRjr/fdvqXzz/xW2t/65k+u/V819j3sbzX+P2/7eo/vxHc+n897ds1+71P5np1+37/2ht/cdupfN/pFaWXjsP1F7bzf9UZvxu5b/2VNLXyP+L+8lPh+vln1j/tSWd/6P1wnhri9Xaa239F+28/r+aGX8/1n/V+Ffj7s76qkjn/1jLdtX8f9XG3/9rmX7dz38IQ/6tb9fS+T/esl3t+u/bOf/Tm+/qY3U7/3/t5uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8BYchwIUTyYOo/jwcEQLibnZ8KRaKYwl58plWffXg5hPCnPhVPR3VJ5plDKzy+W54r5QqlUng3hUlJ/OvRFy6VyJb9QuH95c6z+6F6xsFSZKRYqIYSJpPxP4XhjrJn5ykLhfgjhymbd7+Py0v17hcX83PzSf4eGhobC5GYMJ6Piu5XiYqU+e702hKnNvgPRluBq1Vc3YzkWvVVeWVoslGrl17b0KZVnC6UtfaaTug/DyaiytLI4W6gU86Xy3cZ8+2k0OY5P3njjxrXhbfW3o/pxbG/DAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAXejLyn49CCL31sziEMNp4EzVr//hp8Xz++fTD9ZGzU2uP1p+1agcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DM7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2KVj1ASCKAzAbyZFki7HSLUkXdoNgZAU2SB4Aj2Gh9GjeAnvYGFhayGC7KKuu7CNVt/XPJifmfdgHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw3yPqvH/23tEiqf9Y8Ryulqf5791nX9233+4w4zczs9f9XX6w3SVf9RHmzIf0912NomO2li09qS9T5d9nnvn6tu3vvmavi+RchERZZ2/ppyLYthbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcGAHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AsAAAAACDM3zqKvg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BUAAP//hkEdVg==")
r0 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002cbd70ef040000000300b600080009"], 0x40}, 0x1, 0x0, 0x0, 0x94ced4add106a01f}, 0x4040)

1.079553839s ago: executing program 0 (id=149):
r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000000), 0xc0880, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000380)=ANY=[], 0x8)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r1, &(0x7f0000005880)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000011c0)="8217", 0x2}], 0x1}}], 0x1, 0x4408c800)
sendto$inet6(r1, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000040)={0x0, @reserved})

1.010159139s ago: executing program 1 (id=150):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0xc, &(0x7f0000000140), 0x4)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @empty, 0xf}, 0x1c)

939.951592ms ago: executing program 0 (id=151):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0xc, &(0x7f0000000140), 0x4)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x80fe, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)

937.941978ms ago: executing program 1 (id=152):
r0 = gettid()
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x5d}, [@ldst={0x6, 0x0, 0x3}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r3 = syz_open_dev$vim2m(&(0x7f0000000080), 0x5, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000140)={0x11, 0x1, 0x2, "000000400000000405f887f800000000590b00000000000000000000000400", 0x34363248})
r4 = userfaultfd(0x801)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000280)={0x1c, 0x25, 0x1, 0x70bd2a, 0x25dfdbff, {0x8}, [@typed={0x6, 0x1, 0x0, 0x0, @str='&\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24001}, 0x4000000)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0))
userfaultfd(0x801)
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000180)='hugetlbfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_io_uring_setup(0x48ba, &(0x7f0000000000)={0x0, 0xfffffffc, 0x1000, 0x0, 0x333}, &(0x7f0000000080), &(0x7f0000ff4000))
close_range(r2, 0xffffffffffffffff, 0x0)

870.252439ms ago: executing program 0 (id=153):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="5000fcff", @ANYRES16=r1, @ANYBLOB="17090000000000000009000000000500070001000000080009000000000008040a0000000000060002000100000014001f00000000000006001b004e240000"], 0x50}}, 0x0)

869.496969ms ago: executing program 0 (id=154):
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80880)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000080)={0x6, &(0x7f0000000040)=[{0x7, 0x8, 0x4, 0x3}, {0x1, 0x9, 0xed, 0x4}, {0xfffd, 0x7, 0x2, 0x800}, {0x2, 0xe, 0x7, 0x5c9}, {0xc6, 0x1d, 0x2, 0x9}, {0x10, 0x9, 0x4, 0x3}]}, 0x10)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f0000000100)={0x0, ""/256, 0x0, <r3=>0x0})
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r2, 0xd000943e, &(0x7f0000000300)={r3, 0x0, "36b6fdd23699754e1dad6a21bb23ab9750d2b82483000afc7094afb005d5d6707d1cd576b972ed185bd57aecbb38598e55cf70d211a69549d97adca6cf6e33535788e94e2add79d0e0549f2761ee45dedb3bbe457b27ee561ce83b3262435b615482b233398587065d62dcd708f0202bc7efad284b5604ba2145c13344e316000a49396abd41981067c01051a7c475610c7628d3fcfe4d05c26248076ed8aa37ab65ba4ed6ba2fa89ad97be768418e3d1519f4b7c387e4c8df1f807d3297910775b5d667cb0fe9fb52225fcb21b0f676e5dc57be5704e39cde83fb68a468a8318d2a2951f53038db3b18b5aa5fbeb4338a54943839c2c37d0c4a81aa219b137d", "a1d95ee0213eb29155fab657e06adeac949cd9d1e8f94644e2907a55c4c0e9fa053c9ddd1500207b8cc67e5a819faecaca697060d238540f77699a9afb39d1c7e404c45ff8c1085295eeb3c8c8a8dc56d9cfd3ae9b572f7a61991332e55b0a14f6a151a396a137a9b00ee9202fe057cdd26042cb6f3a4e47d367430870a27ace7b5f922c046c177fe720d0523dd6cf983cd9075d0c2367cc807ae10ffff84481c64357c16968fd203b95e6f9e8f96b41f6d3ba65173bf8133f49001795dcf21b621bcca91ce6f51c40e1e9fc92316111be79781e26a6099535d2a7972fc3ef95e890c7fff1a53d97fc724b1eba3e333a0b8445bd65141bb8e7c32a54c2efbccc44bde2fb5f25de87173cdb5e60fde991e8d3c8c0764a8a92a4d96f11e32fb456a28add8af7ab927adb2f5da47970c650438ba53b5e9c9f233b22339552405c6f4b719f0894ecb7fa8f4fda2685ce9f584ad34e466c0a3c4262c29e64fe7fa6af8c734522cc49c250368544ab82b8132f97f6ac4d142a51e8ae85e4599e4bb6ce86454e5a2645b53b020cc0d25e3f134ce021f4db067e49bd4f565424a9c6c01dc21953d73e61c38e2d6fbfc0eb3bb68afdee32adde51a32f837ff1484d6bac9e7b7c5bc1c27a18d01c306a2bde858a1b67b92087ca62a8286023f8ea07dc6acccfff128985e7b65a3dfa4709a4a6ebc392e6decdc154ee4406d51d83c91ff98110c5b3ee583e9002212951686adce37490cca2aadb7ea65bb9aecde2d415d3505cf8bdc31399aa55b355d0e6f7bf8773aea76e79697aa6fb1f43d78e32a499174674c3807676524a83f9d76720a7d494a80e351c15de6e611b2b63580612394031a8b36f841f9c913c18197ecedc2c3a4b66442d1c138da4e0b0da096b6cb2196b35d4c14e34a5ddae2de066f94c158038f7a620937b542da59da6bb0b2f06f750a480ed9d0ed1dfac021e1dcd851c9aed96c8ee2f6ddc242841a1a51cf54fad2b4f92c84e16fb533e6ca02029a5387ffebd47cafb11c1ec375f38dace5953057af9e524f3e2e19049317535c1d674a6a6d75d1eadedb337d51e094702e928b206e9a84735bf7429daecce057c3561ef54ca2acb2a5052cf4c2140e6455df746905c75bf91d09be63da3ab6013362791cad516e3691c2edf285bed00a9e6556f0376a75f1fa611a36d6a6292cd65dea49b8c312995922e390dae4e9a56dc7419528a099442f365859ef689c355f0a32214fa6929ba0eb1406bab2afcae8333cec529f03bd9ae8d68d43d55537a31bcf6a41170325dee58e100e2c233a655bb61f2d7ff3a0c4b75e47c80c32b89aa8751ca9feaedf8d95133a14a671d9c7335a80d32b89538f2bd12a96dec245d2f24e7a3d79ca6f2a0fea9d922c53e6cdf74bfc44c176e10b14cc4f8f7319619e1a534276ed5eca33da031e69e551ffb82f437c0faaf9b80707be1a694dff582b97325a139968698d9eef7a9cc351c7129d3dc6cb08cec4542206e00b64d1f6ccf785f00b0e3402139f9fc0a358eb23d7e03f791dd5e9cca20776bda6f6592a695aae755e14469b30deb17798aed2cb2c6e6ee694f7a8967269450625f16b9773a5104e5f435e413e84f1e346cd95ed92941ff1ad1bd7cc2656465963c9221bc35f6e27633a25ab680a9adacaccc87f71348036a6892e7a8af38dbdbd849e3da7bea646f27f314197aac910fdfd8ca3ec3ebb9f97e0f6f0d946a8d4bbbc936fac8ad810e515fd4a8c5979dc3837657901049901c7899ebdb987eadd7ba88bf8b8260acb66a6cabea64def2629eb33cc620d8f6d8a85c72fa741c4c3305bb22a4181ce1cd89e8df085c95a4224839fbebd1669f743301e59c932c2d644aed5fc2a9a8d299b47b87fe072e58cd39901b78c0d4f358e6d5d72302ca432d7f6b4f89b125a9cfeefc0b897e574c8ae3b6677bce47b1d0fe287a282837c60448906a6113b63bb9941aa5dab9f6e072a3465b166e80e1615bb3c6b5aece8cc2dfcdec9401bb0cd530b52799f1458cc1833c3b0811a4fa591e93c100c82417180e3e99edd5b7e48f9b912879d7e9468929729fc04e943cef79bc35077eff4b8799a32ebae2e5ffb463a7c97dbfd5d53976b878b92d9773aaff8c3983362e6bdb18d7f0894d06eea28daaf6d9337a7e8f99ed2f1547e35383b5a579f660495b7326ca3de64e72a295c396544b4ca7be979b235795dac02913851f21d1c66f3e110f6d962b10b90a7711d9f4859b3d064f2a88593e36686c1eb1228b394bcc274ffed0aafc1ef4fc622dd27915c334b0e1839e67d17de8e5a37e8a7c7c0560fee16ad93821eff4e8ea6784c1531720e0933a64019434ef22ec458060e7fb28f697bfc2b22a8fce8192459cd400aeaad8c250920a6b97f84ce933cc8047115d1ffc2615e3d0b2f8fadb9d8747ceecdf9da2053bf060d4c421330a24f94e0e284ca5a0e3e9d911537a30245ed01e579d33b760f77d57fbe2ffd171e06a2fe2246b11cb9774adb0100ea64d5943b92de3db17a7a0ce04d2507056347453a6110f5556d87dc7aaffab537a77cabef3a3f1583b4bf00900d2086c20a532a3e8b6daf37960d11d1f435bcf7a735ac8e6686432c28867fda674a0d68210fcb58d034814c0d8e914db9fe31fd78b5d0cf0183d2ec6033b96cbd415cda4be9fcded320f68b69ca5437fee5fb66f8c5d93d911a982461a65c40a878e691ceb4c21557f44842a809927ab3c0789d667cd7f681653f52f27da3b72ff822667681cbfd7caf1d8582da01bbc9041c73be53f56ff9e5ee803b38e91b21863c9f80417af7005b3e4e533709c0316107eb54eafffb344ee9aefebfbf9585af3b4d6e4eb137fede36013844d8b7e1207b7308799795b746ee6ee4e07a08552aa692c3a0e5a0bde44fbe956418da4bcb6e00be85ced2b8f58997fc9773d163f3b9acc37add13df3ee79f1df7aaaebe5d2bccfc86eb062bd8c146931d88b4bb7b606ce07acdefe15d43f4b9979f04bad6242632d07d5e80782d7aead08fe5bbff266d47d04546c3973b054904021e53d77ab903a12eb1995f0a603d9f43b1e4017723c8fad2f594850bb92b3b190d4c491067bf5e0d2bc928593aeb3dad75e14a9263bf9f207ca343ea3f3ffd1d65a66fce45439e132820b7bd35bf7957199a576e546c562bc5b5f9c3f52dcecaf80a7014d307dc56ac690e6461e4a3404d1f339fcc336ae97fadb3a8559b29e268926db85f972b9ecc22ac5a6b0a58fb823765ff1eafc08e08bb8936b0c0431d8527e4d8606b381dd47eb7be7012447a26268ddeaeb30e1aafb53dcfe3962b2514e69b96cbf2b08cb29db26a6d9e85cd2a6cde4a32eaf329d9287299ee001a5863b5bc55d53284b660be2f0ece7ec677dc39b1db977d880ade7f75cd9af2b74b2fe07126cde9e3bf8f75e91affc459a40f4eea99750c3defba2f3896907d4f6147e790f92e696579498bd7b1243f9b15804759a141678aa6dd604a7456c98c8b576413380b19806e21f086304a62e969caa6f34a0a3f306cf6492733270013b145ff95be571a4583bcd05e2e359b7a0f7360f101d397d9e1bea0a1511c7b871e041d87d0f6391b516ae4dd06aad33ee10250b4d43ee163291b7b4021ed350c14b49643e9ad62a53077fe9a0971e9a95e4f0b648468b1e62f2e3facf611a72c14bb972e693389a2f94efeaeeccea345c0bac411d9050ab3e87b80c3b392b2774dbe5ae84152bc7298e12016d17ece7a12bd8e6c4f1976182564550deda42297a0c3a797c28a1d3c5ac3d3f91dca227698bf239a1dfa48b7079ebe6d7838e77f08525c6aa7960be7340b92f07f29ae05f42cb3580de9a937556a96cfcc6abbceafc0567b7fe411d4e937558db56f37497237568a808fdb6ed731c92b9b895e6507bda211ac5dbb6df20655439770b653c5955776c97741fd3b1841dc074960a4775bbc8158c131a505bad709ec3c4a18fd0f5eafeb9095698804becf0c4697e09487721f0a17cd048b49c33885e1569c25bf0bf4a846039e6af661c28f2730a49158bf10479c351892982c941eeac4f76923ef26eaacae7322a702a70477f885ae53288c71702099801b27eb2ebdfbbe09852449f6f1233a8b447a66c7a1b1ebff4aa266ccba4193fc941c037e0ff89cbdc7417646759837ec100193eca3e5579b7f4aba5610aac579a54128db16ceb4996530a69d929935c06c8e2cde7f440679b9d9092d307e5f980399a58e4b3133aad9822202fd6c2cb368bd2328b816827952a88d586a739afe4d1ad42b5fd2f26456983b96a88bab18213eebd404c0279bbd26409522eccb46c6eff2f036e47624cea56dc2b05be88265f55b60b5b8c570611286bb0520f39b788aef096f3ff1bb4b7abc29495839fad471065f85f507d22544ca5bb28b875b3b449ff81aa140280259b0f3ef6626c733498da08a61d30b86bbc02d23c7ffee07740941d7b6d9880f17fcbb52d349a4fb6b49d863ca00629fd90df7699653a279de83d8b14b102b0aaf26cf8e9070c22c411225152c0d4844e5aab9c0289186eaceee628ff9b6126f9113cf60d493410a6904cb8d8e1c62e44d82095a052216e0735fabacf956c3f8162822a358a3b3ed017749a0d2d1f7427144bc2029c6e08761caed5b3ebf319cecc677a1218b39acba831d02cedb54c0b14fc1a29fcfa6ab11be15821ac4445f05343a4e5a3225dd86bc6dbc0584467b3a2551e495351fd7f3baba97ff2b0cc6fb93169663f82554a4166867d447bf5d6d2709e4a74a304018088715d9ba9d299c0e41adbfc6af9d174bd968cf189bd483a28225847bd19e3d25b9fa936ed25a269750b28d40049cc6805fe9c85b60fa2e220488576e937833e12b2effefcf7e947153faf8014a143c6dab0955ec68da2af6b304972308fec0600cea1c9531377bc05758334b388981c3665b05a8093aec0293f00a64ae68f597c2b73b9791873e44732c84907681474b016d88e8a1666ee2d264474537dff07f87324d909948c8b7ca445815e6f22b4e6ed2a2ca2e7c5742e72276ab208ac58599ebb7684085775ee26ad8602c34d7f02d5998847e2d683264a89df245bf7315079effb05dc8ad4d12ce01489dccfb2c62d11a788db544540d8a2152453038cf764b5a489e579903df858fbf7b7f3bfc1d473d7567c37a31313e68f68d9f901782bdeef3e731425662de0e16d1d6f9adeb72c003dff4e0d1ac71a618c88f8bdfff8feb8396dba6476b5cc25233048e83671036d2150448e033ef72534c8ea434785c497deeb29b1ed6293b5e66427c70ea6ecd182bfd0798e41f582152bc92d3ab1d248da72127a7656739bf6019b2ce0b8cc7ae376a8525ae1970270a55052ffc4c7db3f3508d3e6172e5097188e22594b34f95e58ef37277e"})
r4 = openat$cgroup_ro(r1, &(0x7f0000001300)='memory.numa_stat\x00', 0x0, 0x0)
ioctl$VIDIOC_ENUMSTD(r0, 0xc0485619, &(0x7f0000001340)={0x8, 0x1000, "0a8e79cef50af94739d26a06c8c94458ae5bd4c51ef4736c", {0x80000001, 0x6}, 0x2})
r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000013c0)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r5, 0x4020565b, &(0x7f0000001400)={0x6, 0x3431})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000001480)={0x2, &(0x7f0000001440)=[{0x7, 0x3, 0x3, 0xf46}, {0x6, 0x9, 0xe, 0x331}]})
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001500), r0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001800)={r1, 0xe0, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000001540)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x2, 0x1, &(0x7f0000001580)=[0x0, 0x0], &(0x7f00000015c0)=[0x0], 0x0, 0x6f, &(0x7f0000001600)=[{}], 0x8, 0x10, &(0x7f0000001640), &(0x7f0000001680), 0x8, 0x14, 0x8, 0x8, &(0x7f00000016c0)}}, 0x10)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000001840)={<r8=>0x0, @initdev, @multicast1}, &(0x7f0000001880)=0xc)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000001940)={'sit0\x00', &(0x7f00000018c0)={'erspan0\x00', <r9=>0x0, 0x80, 0x8, 0x5, 0x6, {{0xf, 0x4, 0x2, 0x2, 0x3c, 0x65, 0x0, 0x46, 0x29, 0x0, @loopback, @loopback, {[@rr={0x7, 0x27, 0x6a, [@rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x18}, @rand_addr=0x64010100, @multicast1, @empty, @empty, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x14}, @dev={0xac, 0x14, 0x14, 0x22}]}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r4, 0x89f2, &(0x7f0000001a00)={'tunl0\x00', &(0x7f0000001980)={'ip_vti0\x00', <r10=>0x0, 0x10, 0x8, 0x5, 0x7ff, {{0xe, 0x4, 0x1, 0x5, 0x38, 0x68, 0x0, 0xe, 0x4, 0x0, @multicast2, @remote, {[@ssrr={0x89, 0x23, 0xc, [@remote, @remote, @multicast1, @empty, @loopback, @private=0xa010100, @multicast1, @empty]}, @end]}}}}})
getsockopt$inet_mreqn(r5, 0x0, 0x20, &(0x7f0000001a40)={@dev, @dev, <r11=>0x0}, &(0x7f0000001a80)=0xc)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000001ac0)={'wg0\x00', <r12=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000001b00)={'wg2\x00', <r13=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000001b40)={'wg2\x00', <r14=>0x0})
getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000001b80)={@private2, <r15=>0x0}, &(0x7f0000001bc0)=0x14)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r5, &(0x7f0000001e40)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000001e00)={&(0x7f0000001c00)={0x1f0, r6, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'lo\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macsec0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nr0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r15}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}]}, 0x1f0}}, 0x40800)
close_range(r0, r4, 0x0)
copy_file_range(r1, 0x0, r2, &(0x7f0000001e80)=0x8, 0x7, 0x0)
r16 = syz_genetlink_get_family_id$batadv(&(0x7f0000001f00), r1)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r5, &(0x7f0000001fc0)={&(0x7f0000001ec0), 0xc, &(0x7f0000001f80)={&(0x7f0000001f40)={0x1c, r16, 0x8, 0x70bd2d, 0x25dfdbfc, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x9dafea4041ffc5e7}, 0x4008040)
accept4(r1, &(0x7f0000002000)=@pppoe, &(0x7f0000002080)=0x80, 0x800)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000020c0))
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, 0x0, 0x4008000)
setsockopt$bt_rfcomm_RFCOMM_LM(r5, 0x12, 0x3, &(0x7f0000002100)=0x40, 0x4)
sendmsg$IPCTNL_MSG_EXP_DELETE(r4, &(0x7f0000002200)={&(0x7f0000002140)={0x10, 0x0, 0x0, 0x2002}, 0xc, &(0x7f00000021c0)={&(0x7f0000002180)={0x14, 0x2, 0x2, 0x301, 0x0, 0x0, {0x1, 0x0, 0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x800)

798.758994ms ago: executing program 1 (id=155):
r0 = shmget$private(0x0, 0x4000, 0x54001800, &(0x7f0000000000/0x4000)=nil) (async)
r1 = ioctl$USERFAULTFD_IOC_NEW(0xffffffffffffffff, 0xaa00)
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000300)={&(0x7f0000dd4000/0x3000)=nil, &(0x7f0000f1f000/0x3000)=nil, 0x3000, 0x6}) (async)
r2 = socket$inet6_udp(0xa, 0x2, 0x0) (async)
r3 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000340)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3fd7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, 0x0, 0x0, 0x0, 0xfffffffe}, 0xdf)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000500)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000180)=r4, 0x4) (async)
sendmsg$inet(r6, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000) (async)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x48, &(0x7f0000000100)={0x88, 0x19, '\x00', [@generic={0x0, 0xc6, "3fcd12ae2d9c9963ffb743e2dc2590debefb8792a8a8a7a9100c141fbc325fdc59ccddb656c92b648d84372e3af700d668a0884914b47dc9b771533934535b72f4bc03f7505fc9d443698785659827a9d7af52a2b4b91ecb98478515108dd6c6e425b6e82ef1a8b3a619e4add83e6cf3e1d84b02b2877b09db81a458473c0e842e3500b5d133d83d3724bce1fee3ea4d4f1ed85f2a2ea4cdeb6f95b864d7d2a288465fccf155b11f0264e3142b72a2d0165f7daa384e2b3542b495f4bf061530b5e0f12e391f"}]}, 0xd0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x5325, 0x10000, 0x0, 0x100002cf}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000040)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
r9 = syz_io_uring_setup(0x237, &(0x7f0000000280)={0x0, 0x275, 0x400, 0x0, 0x2cf}, &(0x7f0000000040)=<r10=>0x0, &(0x7f0000000600)=<r11=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000340)={0xff, <r12=>r9, 0x1})
ioctl$CDROMSEEK(r12, 0x5316, &(0x7f0000000380)={0xac, 0x3, 0x39, 0x33, 0xa, 0xa})
syz_io_uring_submit(r10, r11, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x38, 0x0, @fd=r9, 0x100000001, 0x0, 0x0, 0x2, 0x1}) (async)
r13 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x400000, 0x0)
syz_io_uring_submit(r7, r11, &(0x7f00000000c0)=@IORING_OP_ACCEPT={0xd, 0x44, 0x2, r13, &(0x7f0000000080)=0x80, &(0x7f0000000200)=@caif=@rfm, 0x0, 0x400}) (async)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn']) (async)
mount$nfs(&(0x7f0000000100)='...', &(0x7f0000000140)='./file0\x00', 0x0, 0x2000, 0x0) (async)
shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x0) (async)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) (async)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ebc000/0x1000)=nil, 0x1000, &(0x7f0000000000)='*\\*&\x00') (async)
mmap$binder(&(0x7f0000e9b000/0x4000)=nil, 0x4000, 0x1, 0x11, 0xffffffffffffffff, 0x8000000000000001)

798.076896ms ago: executing program 0 (id=156):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000640)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@discard}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
ioctl$USBDEVFS_BULK(0xffffffffffffffff, 0xc0185502, &(0x7f00000000c0)={{{0xb}}, 0x3c, 0x7fff, &(0x7f0000000080)="30ffedd89b53ee9f5e3ed7d2610db03b70354589f0736ea15aa0c1151aaebefef146a628f2a7cd1a9c8caabcb835ecfc081a3371cba6ed5bfb55af5d"})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x80000000, <r0=>0x0}, 0x8)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xc, 0x3, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x4d}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffc93, r0}, 0x94)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8003}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x9c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x74, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x3c, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_XOR={0x4}, @NFTA_BITWISE_MASK={0xc, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x8, 0x1, "6eee7e08"}]}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x110}}, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x3d, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x2, 0x0, &(0x7f0000000200)="63ec", 0x0, 0x9ffc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r2, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000140)=0xff)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000240)=0x3)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f00000001c0)=0x28)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000100)=0x7)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000200))

796.639674ms ago: executing program 1 (id=157):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000024002, 0x0)
ioctl$BLKBSZGET(r0, 0x80081270, &(0x7f0000000000)) (async)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x0) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f00000014c0)={'syztnl2\x00', 0x0}) (async)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f00000000c0)={{{@in6=@local, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@private1}, 0x0, @in6=@private0}}, &(0x7f00000001c0)=0xe8)
quotactl_fd$Q_SETINFO(r2, 0xffffffff80000600, r3, &(0x7f0000000200)={0x6d6, 0x5, 0x1, 0x5}) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1) (async)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)

599.773093ms ago: executing program 2 (id=158):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x3)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x74c, &(0x7f0000000f40)="$eJzs3E9rHPUbAPBnpknbX5ufG8GDeBIqVqidpKnakxDxXCj0BdSwmYSQSTZkN7WJAVsPHgRBRfBPL/oOvCiCl9L3oAjeFDwIWtN4EDys7GST6nY3jc2frfXzgdl5vt/dned5ssOXDOxsAP9ZT7YekoihiLgQEZX2fBoRh8voaMTVjdfdXlutrq+tVpNoNi/eSlpvK+c2j5W098ejfEs8HhE3ByNOvXF33vryyuxEUeSL7fFIY25hpL68cnpmbmI6n87nx0ZHz559Yez550b3rNe3X/vsl7e+fPnrj8/N/fHirWcnkxgv+46OPvbSxt9kMMY75uf3I1kfNZvNZr9rAADg3tLyv9OIgXJfiUNl1NPRg6sMAAAA2CvNI00AAADgoZdEvysAAAAA9tfm9wBur61WN7eD/P7Bzy9FxPCde4vXt/IPlPcQRxwt7084tp787c6EZONtsCtXr0XEjfEu53/SPv/uX+ed68kuj8feu9Faf8a7rX/p1voTXdafgc3fTtilzfVv/a71707+Qz3Wvws7zHFk8eQ3PfNfi3hioFv+ZCt/0iP/KzvM//nQd9/3eq75acTJ6J7/r7m2+X2IkamZIm8/ds1x4ovXT23X/7Fe+ZPt+1/YYf8/XB+b7rWWtPI/c2L7z79b/tY58U67jjQi3m3vW+P3OnI8fXP0o+36n+zR/70+/0922P9Xb678uMOXAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQCmNiKFI0mwrTtMsizgeEY/FsbSo1RunpmpL85Ot5yKGYzCdminy0YiobIyT1vhMGd8Zj3WMz0bEoxHxfuV/5Tir1orJfjcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAluMRMRRJmkVEGhG/VdI0y/pdFQAAALDnhvtdAAAAALDvXP8DAADAw8/1PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAALpw/39qa62ur1dZ48vLy0mzt8unJvD6bzS1Vs2ptcSGbrtWmizyr1ubudbyiVls4F/NLV0Yaeb0xUl9euTRXW5pvXJqZm5jOL+WDB9IVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/9RQuSVpFhFpGadplkX8PyKGYzCZminy0Yh4JCK+rQweaY3P9LtoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9lx9eWV2oijyRcEugmr1gSjjXxkcigeiDEFH0O+VCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAfqgvr8xOFEW+WO93JQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+lMSEa3tZOWpoc5nDye/V8p9RLx6/eIHVyYajcUzrflft+YbH7bnx/pRPwAAANBp8zp98zoeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgp+rLK7MTRZEv7mPQ7x4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID782cAAAD//z5Jzng=")
unlink(&(0x7f0000000300)='./file1\x00')
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(0xffffffffffffffff, 0x6, 0x15, &(0x7f00000002c0)=0xfffffffe, 0x4)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000001, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x1, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x4, 0x2)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
syz_open_dev$radio(0x0, 0x0, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000340), 0x83c342, 0x0)
r1 = epoll_create(0xc9)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010, 0x1, 0x39d}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="0100000000000000"], 0x44}}, 0x0)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r6, 0x400452c8, &(0x7f0000000100))
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c9, &(0x7f0000000100))

139.302525ms ago: executing program 0 (id=159):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x42901, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
close(r0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0x9}, 0x8)
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd0900300003003000000060ce902d000c2f0081e949b93897bc3b0000000000007d01ff020000000000000000000000000001120022eb"], 0xfdef)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0xc, &(0x7f0000000140), 0x4)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x6, 0x1, @vifc_lcl_addr=@local, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
setsockopt$MRT_ADD_MFC_PROXY(r3, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe000031f, 0x0, "ff00000058b274e6d845167fefe428970548fc3c7b00000000000000fcff00", 0xb2, 0xb, 0x6, 0x6}, 0x3c)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x9, @dev={0xfe, 0x80, '\x00', 0x37}, 0xd}, 0x1c)

139.094053ms ago: executing program 1 (id=160):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00004, &(0x7f0000000300)=ANY=[@ANYBLOB='adinicb,lastblock=00000000000000000005,utf8,uid=', @ANYRESDEC=0x0, @ANYBLOB=',novrs,iocharset=macgreek,mode=00000000000020000000000,fileset=00000000000000002237,adinicb,gid=forget,lastblock=00000000000000000007,gid=forget,uid=', @ANYRESDEC=0x0, @ANYBLOB='- '], 0x1, 0xc4d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ftruncate(r0, 0x5)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00004, &(0x7f0000000300)=ANY=[@ANYBLOB='adinicb,lastblock=00000000000000000005,utf8,uid=', @ANYRESDEC=0x0, @ANYBLOB=',novrs,iocharset=macgreek,mode=00000000000020000000000,fileset=00000000000000002237,adinicb,gid=forget,lastblock=00000000000000000007,gid=forget,uid=', @ANYRESDEC=0x0, @ANYBLOB='- '], 0x1, 0xc4d, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy3FldxWTJwqThoHm7ZIZcZy9S+mYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQwWMzsW3FJkbYskhIlfz429Z2deW/mvZn1jCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr546nTaZsOhh9AYAOCBuDz2tVNntnv+AwCPrSs7/f8/AAAAAAAAAAAAAABwUKQo4slIMXd5LU1Unzvql9p9t26PD49sX+1IqmoeqsqXP/XTZ86e+/LzQ+e7eak98wH199pn49WxKxcbL83enJufWliYmmyMz7SvzU5O3fMedlt/q8HqBDRuvnZr8vr1hcaZ585u2nx74L3+J44PXBh65uTT3bLjwyMjYxtF6r3la/fdkI6dRngcjiJORopnv/+z1IqIInZ/LuoP9tpvdaTqxGDVifHhkaoj0+3WzGK5cbR7IoqIRk+lZvccbX8totb3QPuws2bEUtn8ssGDZffG5lrzravTU43R1vxie7E9OzOaOq0t+9OIIs6niOWIWO2/e3d9UUQtUnz32Fq6mt/6UZ2HL1UDg3duR7GPfbwHZTsbfRHLxSNwzQ6w/ijilUjx87dPxLV8n6nuNV+MeKXMH0a8WeaLEan8YpyLeHeb7xGPploU8efl9b+wliar+0H3vnLp642vzlyf7Snbva98xOfDXXeKh/R8OLIlH4wDfm+qRxGt6o6/lu7/NzsAAAAAAAAAAAAAAAAA7LUjUcRnIsXL//ZH1bjiqMalH7sw9PsDv9w7ZvypD9lPWfa5iFgq7m1M7uE8MHA0jab0kMcSf5zVo4g/zuP/vv2wGwMAAAAAAAAAAAAAAAAAAPCxVsRPI8UL75xIy9E7p3h75kbjSuvqdGdW2O7cv90509fX19cbqZPNnBM5l3Iu51zJuZozilw/ZzPnRM6lnMs5V3Ku5oxDuX7OZs6JnEs5l3Ou5FzNGbVcP2cz50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIt6PFN/55lqKFBHNiIno5Er/w24dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFDqT0X8IFI0/qB5Z10tIlL1b8eJ8pdz0Txc5iejOVTmi9G8mLNVZa357YfQfnanLxXxk0jRX3/rzgXP17+v8+nO1yDe/NbGp8/WOnmou3Hgvf4njh+7MDTy+ad2Wk7bNWDwUnvm1u3G+PDIyFjP6lo++id71g3k4xZ703UiYuH1N15rTU9Pzd//QvkVuM/q3Su5i6M/yIVUe2SaamEvFqJ2IJrxcPq+Sf1h3JzYd+Xz/91I8dvv/Hv3gd95/tfjlzqf7jzh4xd/svH8f2Hrju7x+V/bWi8//8snwXbP/yd71r2QfzfSV4uoL96c6zseUV94/Y2T7ZutG1M3pmbOnTr1laGhr5w91Xc4on69PT3Vs7QnpwsAAAAAAAAAAAAAAADgwUlF/G6kaP1kLTUi4nY1XmvgwtAzJ58+FIeq8Vabxm2/OnblYuOl2Ztz81MLC1OTjfGZ9rXZyal7PVy9Gu41PjyyL535UEf2uf1H6i/Nzr0+377xh4vbbj9av3h1YXG+dW37zXEkiohm75rBqsHjwyNVo6fbrZmq6ui2g+k/ur5UxH9EimvnGukLeV0e/791hP+m8f9LW3e0h+P/P390Y/zfJ3qKlsdMqYhfRIrf+oun4gtVO4/GXecsl/ubSDF4/nO5XBwuy3Xb0HmvQGdkYFn2fyLFP7y/uWx3POSTG2VPf6ST+wgor/+xSPGDP/te/Hpet/n9D9tf/6Nbd7RP73/4VM+6o5veV7DrrpOv/8lI8eKTb8VvVGv+7wPf/9F9Y8OJTuGN93Ps0/X/1Z51A/m4v7lXnQcAAAAAAAAAAHiE9aUi/jZS/Giklp7P6+7l7/9Nbt3RPv39r0/3rJvcm/mKPnRh1ycVAAAAAA6IvlTETyPFjcW37oyh3jz+u2f85+9sjP8cTlu2Vn/O9yvVewP28s//eg3k407svtsAAAAAAAAAAAAAAAAAAABwoKRUxPN5PvWJajz/5I7zqa9Eipf/69lcLh0vy3XngR+ofq1fnp05eXF6erYei62r01ONsbnWtamy7qcixdpffy7XLar51bvzzXfmeN+Yi30+Uoz8XbdsZy727tzknfnA6+vrEafLsp+IFP/595vL5qmp89zR1X7PlGX/KlJ845+2L3t8o+zZsuz3IsWPv9Holj1alu2+H/XTG2WfuzZb7MNVAQAAAAAAAAAAAAAAAAAA4OOmLxXxp5Hiv28u3xnLn+f/7+v5WHnzWz3z/W9xu5rnf6Ca/3+n5fuZ/796r8DSTkcFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDHU4oi3ogUc5fX0kp/+bmjfqk9c+v2+PDI9tWOpKrmoap8+VM/febsuS8/P3S+mx9cf699Jl4du3Kx8dLszbn5qYWFqcnG+Ez72uzk1D3vYbf1txqsTkDj5mu3Jq9fX2icee7sps23B97rf+L4wIWhZ04+3S07PjwyMtZTptZ330e/S9ph/eEo4i8jxbPf/1n6UX9EEbs/Fx/y3dlvR6pODFadGB8eqToy3W7NLJYbR7snooho9FRqds/RA7gWu9KMWCqbXzZ4sOze2FxrvnV1eqox2ppfbC+2Z2dGU6e1ZX8aUcT5FLEcEav9d++uL4p4LVJ899ha+uf+iEPd8/Cly2NfO3Vm53YU+9jHe1C2s9EXsVw8AtfsAOuPIv4xUvz87RPxL/0Rtej8xBcjXinzhxFvRud6p/KLcS7i3W2+RzyaalHE/5bX/8Jaeru/vB907yuXvt746sz12Z6y3fvKI/98eJAO+L2pHkX8uLrjr6V/9d81AAAAAAAAAAAAAAAAwAFSxK9FihfeOZGq8cF3xhS3Z240rrSuTneG9XXH/nXHTK+vr683UiebOSdyLuVczrmSczVnFLl+zmaZ9fX1ifx5KedyzpWcqznjUK6fs5lzIudSzuWcKzlXc0Yt18/ZzDmRcynncs6VnKs544CM3QMAAAAAAAAAAAAAAAAAAB4vRfVPiu98cy2t93fml56ITq6YD/Sx9/8BAAD//9kg9g0=") (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0) (async)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) (async)
ftruncate(r0, 0x5) (async)

0s ago: executing program 2 (id=161):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002abd7084000000521a86677ce8aa2200", @ANYRES32, @ANYBLOB="05005b00a7000000"], 0x24}}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:21951' (ED25519) to the list of known hosts.
syzkaller login: [   58.803495][ T5840] cgroup: Unknown subsys name 'net'
[   58.962191][ T5840] cgroup: Unknown subsys name 'cpuset'
[   58.965957][ T5840] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   60.945239][ T5840] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   67.113644][ T5234] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   67.117429][ T5234] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   67.128904][ T5234] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   67.133390][ T5234] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   67.141923][ T5234] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   67.157385][ T5855] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   67.161439][ T5855] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   67.168378][ T5863] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   67.175396][ T5863] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   67.178901][ T5863] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   67.232522][ T5863] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   67.237376][ T5863] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   67.241220][ T5863] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   67.245415][ T5863] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   67.250127][ T5863] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   67.556208][ T5854] chnl_net:caif_netlink_parms(): no params data found
[   67.583060][ T5858] chnl_net:caif_netlink_parms(): no params data found
[   67.660577][ T5864] chnl_net:caif_netlink_parms(): no params data found
[   67.741328][ T5858] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.744325][ T5858] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.747404][ T5858] bridge_slave_0: entered allmulticast mode
[   67.751579][ T5858] bridge_slave_0: entered promiscuous mode
[   67.756756][ T5858] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.759723][ T5858] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.762725][ T5858] bridge_slave_1: entered allmulticast mode
[   67.766448][ T5858] bridge_slave_1: entered promiscuous mode
[   67.783053][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.785930][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.788691][ T5854] bridge_slave_0: entered allmulticast mode
[   67.792632][ T5854] bridge_slave_0: entered promiscuous mode
[   67.818033][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.821162][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.824037][ T5854] bridge_slave_1: entered allmulticast mode
[   67.827784][ T5854] bridge_slave_1: entered promiscuous mode
[   67.885221][ T5858] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.892010][ T5858] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.938240][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.942109][ T5864] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.944939][ T5864] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.947993][ T5864] bridge_slave_0: entered allmulticast mode
[   67.952159][ T5864] bridge_slave_0: entered promiscuous mode
[   67.971674][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.977241][ T5858] team0: Port device team_slave_0 added
[   67.980235][ T5864] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.983181][ T5864] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.985948][ T5864] bridge_slave_1: entered allmulticast mode
[   67.990195][ T5864] bridge_slave_1: entered promiscuous mode
[   68.021176][ T5858] team0: Port device team_slave_1 added
[   68.055476][ T5864] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.074517][ T5854] team0: Port device team_slave_0 added
[   68.094295][ T5864] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.098669][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.102038][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   68.112808][ T5858] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.120342][ T5854] team0: Port device team_slave_1 added
[   68.135991][ T5858] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.139170][ T5858] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   68.149513][ T5858] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.203660][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.206372][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   68.216045][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.222312][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.224978][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   68.237304][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.243581][ T5864] team0: Port device team_slave_0 added
[   68.269408][ T5864] team0: Port device team_slave_1 added
[   68.344344][ T5858] hsr_slave_0: entered promiscuous mode
[   68.347748][ T5858] hsr_slave_1: entered promiscuous mode
[   68.356503][ T5854] hsr_slave_0: entered promiscuous mode
[   68.359840][ T5854] hsr_slave_1: entered promiscuous mode
[   68.362781][ T5854] debugfs: 'hsr0' already exists in 'hsr'
[   68.365169][ T5854] Cannot create hsr debugfs directory
[   68.368149][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.371546][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   68.382262][ T5864] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.389729][ T5864] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.392466][ T5864] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   68.402395][ T5864] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.589426][ T5864] hsr_slave_0: entered promiscuous mode
[   68.592781][ T5864] hsr_slave_1: entered promiscuous mode
[   68.595719][ T5864] debugfs: 'hsr0' already exists in 'hsr'
[   68.598104][ T5864] Cannot create hsr debugfs directory
[   68.752246][ T5858] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   68.758684][ T5858] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   68.771638][ T5858] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   68.810495][ T5858] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   68.849746][ T5854] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   68.870807][ T5854] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   68.876818][ T5854] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   68.893119][ T5854] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   68.931234][ T5864] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   68.940955][ T5864] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   68.946730][ T5864] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   68.962891][ T5864] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   69.070063][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.076974][ T5858] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.114894][ T5854] 8021q: adding VLAN 0 to HW filter on device team0
[   69.125839][ T5858] 8021q: adding VLAN 0 to HW filter on device team0
[   69.138397][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.141410][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.160389][ T3591] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.163307][ T3591] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.169962][ T3591] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.172871][ T3591] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.186111][ T5864] 8021q: adding VLAN 0 to HW filter on device bond0
[   69.197335][ T3591] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.200029][ T3591] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.204376][ T5863] Bluetooth: hci0: command tx timeout
[   69.267033][ T5864] 8021q: adding VLAN 0 to HW filter on device team0
[   69.269641][ T5863] Bluetooth: hci2: command tx timeout
[   69.269873][ T5863] Bluetooth: hci1: command tx timeout
[   69.298270][ T3591] bridge0: port 1(bridge_slave_0) entered blocking state
[   69.301141][ T3591] bridge0: port 1(bridge_slave_0) entered forwarding state
[   69.312722][ T3591] bridge0: port 2(bridge_slave_1) entered blocking state
[   69.315098][ T3591] bridge0: port 2(bridge_slave_1) entered forwarding state
[   69.437741][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.474139][ T5854] veth0_vlan: entered promiscuous mode
[   69.481053][ T5854] veth1_vlan: entered promiscuous mode
[   69.518137][ T5854] veth0_macvtap: entered promiscuous mode
[   69.526593][ T5864] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.535779][ T5858] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.541663][ T5854] veth1_macvtap: entered promiscuous mode
[   69.561279][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.572260][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.587750][ T5892] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.603469][ T5892] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.611598][ T5892] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.623484][ T5892] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.636844][ T5864] veth0_vlan: entered promiscuous mode
[   69.661116][ T5864] veth1_vlan: entered promiscuous mode
[   69.667894][ T5858] veth0_vlan: entered promiscuous mode
[   69.696790][ T5858] veth1_vlan: entered promiscuous mode
[   69.727060][ T5864] veth0_macvtap: entered promiscuous mode
[   69.732645][ T5864] veth1_macvtap: entered promiscuous mode
[   69.766186][   T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.774160][ T5858] veth0_macvtap: entered promiscuous mode
[   69.786982][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.791106][   T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.802534][ T5858] veth1_macvtap: entered promiscuous mode
[   69.826682][ T5864] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.843103][   T54] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.846502][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.849034][   T54] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.860851][ T5858] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.864099][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.874047][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.907158][ T5751] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.913007][ T5751] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.920615][ T5751] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.931143][ T5854] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   69.947052][ T5751] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.952030][ T5751] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.955789][ T5751] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.040864][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.044089][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.072973][   T54] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.075980][   T54] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.132740][ T1092] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.135892][ T1092] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.136201][   T88] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.142154][   T88] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.620451][ T5919] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   70.714676][ T5948] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9'.
[   70.734472][ T5949] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9'.
[   70.761210][ T5919] usb 2-1: device descriptor read/64, error -71
[   70.799604][ T5920] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   70.879801][ T5955] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[   70.882591][ T5955] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[   70.934995][ T5957] binder: BINDER_SET_CONTEXT_MGR already set
[   70.938087][ T5957] binder: 5956:5957 ioctl 4018620d 2000000000c0 returned -16
[   70.979051][ T5920] usb 1-1: Using ep0 maxpacket: 32
[   70.984039][ T5920] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[   70.986776][ T5920] usb 1-1: config 0 has no interface number 0
[   70.989351][ T5920] usb 1-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[   70.992825][ T5920] usb 1-1: config 0 interface 1 has no altsetting 0
[   70.996816][ T5920] usb 1-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[   71.001817][ T5920] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.004384][ T5920] usb 1-1: Product: syz
[   71.005690][ T5920] usb 1-1: Manufacturer: syz
[   71.007139][ T5920] usb 1-1: SerialNumber: syz
[   71.015141][ T5920] usb 1-1: config 0 descriptor??
[   71.099807][ T5919] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   71.242327][ T5919] usb 2-1: device descriptor read/64, error -71
[   71.288913][ T5863] Bluetooth: hci0: command tx timeout
[   71.349422][ T5863] Bluetooth: hci2: command tx timeout
[   71.356262][ T5919] usb usb2-port1: attempt power cycle
[   71.363611][ T5863] Bluetooth: hci1: command tx timeout
[   71.367925][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[   71.511378][ T5920] cx231xx 1-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[   71.514976][ T5920] cx231xx 1-1:0.1: Not found matching IAD interface
[   71.537715][ T5920] usb 1-1: USB disconnect, device number 2
[   71.759017][ T5919] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   71.779544][ T5919] usb 2-1: device descriptor read/8, error -71
[   71.974076][ T5973] netlink: 16 bytes leftover after parsing attributes in process `syz.2.16'.
[   72.037684][ T5976] loop2: detected capacity change from 0 to 1024
[   72.047000][ T5976] hfsplus: Bad value for 'gid'
[   72.058945][ T5919] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   72.064646][ T5974] loop0: detected capacity change from 0 to 128
[   73.140307][ T5919] usb 2-1: device descriptor read/8, error -71
[   73.329164][ T5919] usb usb2-port1: unable to enumerate USB device
[   73.359309][ T5863] Bluetooth: hci0: command tx timeout
[   73.429098][ T5863] Bluetooth: hci1: command tx timeout
[   73.431582][ T5863] Bluetooth: hci2: command tx timeout
[   73.674818][   T33] audit: type=1800 audit(1759296756.499:2): pid=5988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.18" name="file1" dev="tmpfs" ino=78 res=0 errno=0
[   73.800370][ T5987] loop2: detected capacity change from 0 to 1024
[   73.830254][ T5993] loop1: detected capacity change from 0 to 1024
[   73.833467][ T5993] =======================================================
[   73.833467][ T5993] WARNING: The mand mount option has been deprecated and
[   73.833467][ T5993]          and is ignored by this kernel. Remove the mand
[   73.833467][ T5993]          option from the mount to silence this warning.
[   73.833467][ T5993] =======================================================
[   73.863912][ T5993] EXT4-fs: inline encryption not supported
[   73.868908][ T5993] EXT4-fs: Ignoring removed bh option
[   73.924545][ T5993] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.929257][ T5995] loop0: detected capacity change from 0 to 4096
[   73.951316][ T5995] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[   74.007744][ T5995] ntfs3(loop0): ino=19, mi_enum_attr
[   74.010563][ T5995] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[   74.017872][ T5995] ntfs3(loop0): failed to convert "076c" to cp949
[   74.022248][ T5995] ntfs3(loop0): ino=20, mi_enum_attr
[   74.197935][ T6008] netlink: 16 bytes leftover after parsing attributes in process `syz.0.23'.
[   74.309453][ T5860] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[   74.790370][ T5860] usb 2-1: device descriptor read/64, error -71
[   74.845815][ T6011] loop2: detected capacity change from 0 to 32768
[   74.866359][ T6011] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[   74.874248][ T6011] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   74.905910][ T6011] XFS (loop2): Ending clean mount
[   74.916929][ T6011] XFS (loop2): Quotacheck needed: Please wait.
[   74.940873][ T6011] XFS (loop2): Quotacheck: Done.
[   74.969880][ T5858] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   75.038965][ T5860] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[   75.168917][ T5860] usb 2-1: device descriptor read/64, error -71
[   75.220614][ T6034] loop0: detected capacity change from 0 to 16
[   75.242959][ T6034] erofs (device loop0): mounted with root inode @ nid 36.
[   75.350727][ T5860] usb usb2-port1: attempt power cycle
[   75.430028][ T5234] Bluetooth: hci0: command tx timeout
[   75.524930][ T5863] Bluetooth: hci1: command tx timeout
[   75.527373][ T5234] Bluetooth: hci2: command tx timeout
[   75.719319][ T5860] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[   75.754040][   T47] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   75.761638][ T5860] usb 2-1: device descriptor read/8, error -71
[   75.813343][ T6042] netlink: 892 bytes leftover after parsing attributes in process `syz.2.30'.
[   75.817021][ T6042] netlink: 892 bytes leftover after parsing attributes in process `syz.2.30'.
[   75.822526][ T6042] netlink: 892 bytes leftover after parsing attributes in process `syz.2.30'.
[   75.826459][ T6042] netlink: 892 bytes leftover after parsing attributes in process `syz.2.30'.
[   75.830656][ T6042] netlink: 892 bytes leftover after parsing attributes in process `syz.2.30'.
[   75.834648][ T6042] netlink: 892 bytes leftover after parsing attributes in process `syz.2.30'.
[   75.838259][ T6042] netlink: 892 bytes leftover after parsing attributes in process `syz.2.30'.
[   75.845995][ T6042] netlink: 892 bytes leftover after parsing attributes in process `syz.2.30'.
[   75.850139][ T6042] netlink: 892 bytes leftover after parsing attributes in process `syz.2.30'.
[   75.854357][ T6042] netlink: 892 bytes leftover after parsing attributes in process `syz.2.30'.
[   75.920211][   T47] usb 1-1: Using ep0 maxpacket: 16
[   75.930179][   T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   75.934515][   T47] usb 1-1: New USB device found, idVendor=046d, idProduct=c70a, bcdDevice= 0.00
[   75.937909][   T47] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.950847][   T47] usb 1-1: config 0 descriptor??
[   75.999428][ T5860] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[   76.019659][ T5860] usb 2-1: device descriptor read/8, error -71
[   76.139071][ T5860] usb usb2-port1: unable to enumerate USB device
[   76.156800][ T6046] loop2: detected capacity change from 0 to 32768
[   76.165338][ T6046] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.31 (6046)
[   76.179898][ T6046] BTRFS info (device loop2): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[   76.183352][ T6046] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[   76.186628][ T6046] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   76.260695][ T6046] BTRFS info (device loop2): rebuilding free space tree
[   76.282565][ T6046] BTRFS info (device loop2): disabling free space tree
[   76.285296][ T6046] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   76.290126][ T6046] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   76.299809][ T6046] BTRFS info (device loop2): enabling ssd optimizations
[   76.302406][ T6046] BTRFS info (device loop2): enabling disk space caching
[   76.304802][ T6046] BTRFS info (device loop2): force clearing of disk cache
[   76.307345][ T6046] BTRFS info (device loop2): use zstd compression, level 3
[   76.315304][ T6046] BTRFS info (device loop2): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[   76.674624][ T6074] process 'syz.2.35' launched '/dev/fd/4' with NULL argv: empty string added
[   76.926969][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.297134][ T6083] loop1: detected capacity change from 0 to 2048
[   77.306363][ T6083] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[   77.309909][ T6006] udevd[6006]: incorrect nilfs2 checksum on /dev/loop1
[   77.328312][ T6084] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   77.338599][   T33] audit: type=1800 audit(1759296760.159:3): pid=6083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.38" name="file1" dev="loop1" ino=15 res=0 errno=0
[   77.414853][ T6086] netlink: 'syz.1.39': attribute type 6 has an invalid length.
[   77.797574][ T6094] fuse: Bad value for 'fd'
[   77.933450][ T6094] mmap: syz.1.41 (6094) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   78.112507][ T6098] loop2: detected capacity change from 0 to 32768
[   78.134872][ T6098] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[   78.145078][ T6098] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   78.184987][ T5858] ocfs2: Unmounting device (7,2) on (node local)
[   78.267950][   T47] usb 1-1: USB disconnect, device number 3
[   79.415148][ T6123] loop2: detected capacity change from 0 to 1024
[   79.431827][    T9] IPVS: starting estimator thread 0...
[   79.442926][ T6110] IPVS: fo: FWM 3 0x00000003 - no destination available
[   79.451068][ T6123] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   79.454913][ T6123] ext4 filesystem being mounted at /28/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.478095][ T6127] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[   79.493037][ T6123] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 3: comm syz.2.50: lblock 3 mapped to illegal pblock 3 (length 3)
[   79.512379][ T6123] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[   79.517347][ T6123] EXT4-fs (loop2): This should not happen!! Data will be lost
[   79.517347][ T6123] 
[   79.539200][ T6124] IPVS: using max 55 ests per chain, 132000 per kthread
[   79.774778][   T13] IPVS: stop unused estimator thread 0...
[   80.205948][ T6123] EXT4-fs warning (device loop2): ext4_empty_dir:3099: inode #12: comm syz.2.50: directory missing '..'
[   80.212412][ T6123] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.50: lblock 3 mapped to illegal pblock 3 (length 1)
[   80.221013][ T6123] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.50: lblock 3 mapped to illegal pblock 3 (length 1)
[   80.226725][ T6123] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.50: lblock 3 mapped to illegal pblock 3 (length 1)
[   80.232021][ T6123] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.50: lblock 3 mapped to illegal pblock 3 (length 1)
[   80.237682][ T6123] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.50: lblock 3 mapped to illegal pblock 3 (length 1)
[   80.243597][ T6123] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.50: lblock 3 mapped to illegal pblock 3 (length 1)
[   80.249969][ T6123] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.50: lblock 3 mapped to illegal pblock 3 (length 1)
[   80.255556][ T6123] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.50: lblock 3 mapped to illegal pblock 3 (length 1)
[   80.301456][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   80.334342][ T6144] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   80.534707][ T6144] loop2: detected capacity change from 0 to 40427
[   80.538274][ T6144] f2fs: Unexpected value for 'grpquota'
[   80.838013][ T6157] loop2: detected capacity change from 0 to 1024
[   80.851184][ T6157] EXT4-fs: inline encryption not supported
[   80.869202][ T6157] EXT4-fs: Ignoring removed bh option
[   80.899564][ T6157] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.230163][ T6152] loop1: detected capacity change from 0 to 40427
[   81.233904][ T6152] F2FS-fs: heap/no_heap options were deprecated
[   81.260392][ T6152] F2FS-fs (loop1): build fault injection rate: 19
[   81.263032][ T6152] F2FS-fs (loop1): build fault injection type: 0x3bfe8c
[   81.295904][ T6152] F2FS-fs (loop1): invalid crc value
[   81.334224][ T6152] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[   81.448500][ T6148] loop0: detected capacity change from 0 to 32768
[   81.452474][ T6152] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[   81.461535][ T6148] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.56 (6148)
[   81.480562][ T6152] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   81.491771][ T6148] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   81.497605][ T6152] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   81.497956][ T6148] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[   81.520137][ T6152] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[   81.532810][ T6152] F2FS-fs (loop1): inject checkpoint error in f2fs_balance_fs of f2fs_map_blocks+0x345f/0x4130
[   81.537512][ T6152] CPU: 0 UID: 0 PID: 6152 Comm: syz.1.57 Not tainted syzkaller #0 PREEMPT(full) 
[   81.537532][ T6152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   81.537542][ T6152] Call Trace:
[   81.537559][ T6152]  <TASK>
[   81.537573][ T6152]  dump_stack_lvl+0x189/0x250
[   81.537606][ T6152]  ? __pfx_dump_stack_lvl+0x10/0x10
[   81.537623][ T6152]  ? __pfx_queue_work_on+0x10/0x10
[   81.537637][ T6152]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   81.537658][ T6152]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   81.537677][ T6152]  ? f2fs_hw_is_readonly+0x39b/0x470
[   81.537696][ T6152]  f2fs_handle_critical_error+0x37c/0x540
[   81.537715][ T6152]  f2fs_balance_fs+0x32d/0x7f0
[   81.537735][ T6152]  ? f2fs_map_blocks+0x345f/0x4130
[   81.537750][ T6152]  ? __pfx_f2fs_balance_fs+0x10/0x10
[   81.537764][ T6152]  ? __up_read+0x280/0x680
[   81.537780][ T6152]  ? __pfx___up_read+0x10/0x10
[   81.537803][ T6152]  f2fs_map_blocks+0x345f/0x4130
[   81.537856][ T6152]  ? __pfx_f2fs_map_blocks+0x10/0x10
[   81.537876][ T6152]  ? __pfx_invalidate_inode_pages2_range+0x10/0x10
[   81.537910][ T6152]  f2fs_iomap_begin+0x384/0x860
[   81.537929][ T6152]  ? __pfx_f2fs_iomap_begin+0x10/0x10
[   81.537968][ T6152]  ? __pfx_f2fs_iomap_begin+0x10/0x10
[   81.537984][ T6152]  iomap_iter+0x534/0xde0
[   81.538001][ T6152]  ? __kmalloc_cache_noprof+0x3d5/0x6f0
[   81.538025][ T6152]  __iomap_dio_rw+0xc57/0x1e50
[   81.538113][ T6152]  ? __pfx___iomap_dio_rw+0x10/0x10
[   81.538159][ T6152]  ? f2fs_file_write_iter+0x1208/0x2410
[   81.538200][ T6152]  f2fs_file_write_iter+0x13c1/0x2410
[   81.538240][ T6152]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[   81.538267][ T6152]  ? aio_write+0x4c4/0x7a0
[   81.538292][ T6152]  aio_write+0x535/0x7a0
[   81.538318][ T6152]  ? __pfx_aio_write+0x10/0x10
[   81.538350][ T6152]  ? __might_fault+0xb0/0x130
[   81.538384][ T6152]  io_submit_one+0x78b/0x1310
[   81.538418][ T6152]  ? __pfx_io_submit_one+0x10/0x10
[   81.538439][ T6152]  ? __might_fault+0xb0/0x130
[   81.538466][ T6152]  ? __might_fault+0xb0/0x130
[   81.538485][ T6152]  __se_sys_io_submit+0x185/0x2f0
[   81.538506][ T6152]  ? __pfx___se_sys_io_submit+0x10/0x10
[   81.538534][ T6152]  ? do_syscall_64+0xbe/0xfa0
[   81.538554][ T6152]  do_syscall_64+0xfa/0xfa0
[   81.538570][ T6152]  ? lockdep_hardirqs_on+0x9c/0x150
[   81.538593][ T6152]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.538609][ T6152]  ? exc_page_fault+0xab/0x100
[   81.538627][ T6152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.538640][ T6152] RIP: 0033:0x7fdea138ec29
[   81.538652][ T6152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.538664][ T6152] RSP: 002b:00007fdea21ec038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   81.538680][ T6152] RAX: ffffffffffffffda RBX: 00007fdea15d5fa0 RCX: 00007fdea138ec29
[   81.538691][ T6152] RDX: 0000200000000540 RSI: 000000000000003b RDI: 00007fdea21c3000
[   81.538700][ T6152] RBP: 00007fdea1411e41 R08: 0000000000000000 R09: 0000000000000000
[   81.538707][ T6152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   81.538716][ T6152] R13: 00007fdea15d6038 R14: 00007fdea15d5fa0 R15: 00007ffdcc56e578
[   81.538739][ T6152]  </TASK>
[   81.674641][ T6152] F2FS-fs (loop1): Stopped filesystem due to reason: 1
[   81.725127][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.793127][ T6148] BTRFS info (device loop0): enabling ssd optimizations
[   81.795847][ T6148] BTRFS info (device loop0): enabling free space tree
[   81.953132][   T13] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[   82.063191][ T5864] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   82.240581][ T6187] __nla_validate_parse: 59 callbacks suppressed
[   82.240598][ T6187] netlink: 44 bytes leftover after parsing attributes in process `syz.1.60'.
[   82.394636][ T6189] loop1: detected capacity change from 0 to 2048
[   82.442282][ T6189] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.449207][ T6189] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.490742][ T6196] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set
[   82.507501][ T6196] EXT4-fs (loop1): Remounting filesystem read-only
[   82.523081][ T6189] netlink: 104 bytes leftover after parsing attributes in process `syz.1.62'.
[   82.663658][ T6193] loop0: detected capacity change from 0 to 32768
[   82.667132][ T6193] btrfs: Unknown parameter 'appraise_type'
[   82.812413][ T6204] netlink: 452 bytes leftover after parsing attributes in process `syz.2.65'.
[   82.817802][ T6204] netlink: 'syz.2.65': attribute type 10 has an invalid length.
[   82.893322][ T6205] loop0: detected capacity change from 0 to 2048
[   82.896464][ T6205] nilfs2: Unknown parameter 'P'
[   83.116725][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.152886][ T6211] netlink: 12 bytes leftover after parsing attributes in process `syz.1.67'.
[   83.160828][ T5919] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   83.174836][ T6211] bridge1: trying to set multicast query interval above maximum, setting to 8640000 (86400000ms)
[   83.254628][ T6216] loop1: detected capacity change from 0 to 4096
[   83.295410][ T6216] ntfs3(loop1): ino=19, mi_enum_attr
[   83.297955][ T6216] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[   83.341770][ T5919] usb 3-1: config 0 has an invalid interface number: 128 but max is 0
[   83.344703][ T5919] usb 3-1: config 0 has no interface number 0
[   83.349841][ T5919] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[   83.352988][ T5919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.355778][ T5919] usb 3-1: Product: syz
[   83.357245][ T5919] usb 3-1: Manufacturer: syz
[   83.358871][ T5919] usb 3-1: SerialNumber: syz
[   83.363608][ T5919] usb 3-1: config 0 descriptor??
[   85.369874][ T6236] AppArmor: change_hat: Invalid input '0x0000000'
[   85.374761][ T5919] usb 3-1: non-Atmel transceiver xxxx0098
[   86.034318][ T6243] netlink: 44 bytes leftover after parsing attributes in process `syz.0.75'.
[   86.052584][ T6245] loop1: detected capacity change from 0 to 512
[   86.077209][ T6245] EXT4-fs: Ignoring removed mblk_io_submit option
[   86.091331][ T6245] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   86.094668][ T6245] EXT4-fs (loop1): orphan cleanup on readonly fs
[   86.103603][ T6245] Quota error (device loop1): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[   86.107819][ T6245] EXT4-fs warning (device loop1): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   86.116408][ T6245] EXT4-fs (loop1): Cannot turn on quotas: error -117
[   86.121968][ T6245] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.74: bg 0: block 40: padding at end of block bitmap is not set
[   86.127810][ T6245] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6667: Corrupt filesystem
[   86.131136][ T6245] EXT4-fs (loop1): 1 truncate cleaned up
[   86.133646][ T6245] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   86.141065][ T6250] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.74: bad symlink.
[   86.144892][ T6250] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.74: bad symlink.
[   86.148557][ T6250] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.74: bad symlink.
[   86.152995][ T6250] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.74: bad symlink.
[   86.157085][ T6250] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.74: bad symlink.
[   86.161112][ T6250] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.74: bad symlink.
[   86.164690][ T6250] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.74: bad symlink.
[   86.168429][ T6250] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.74: bad symlink.
[   86.172651][ T6250] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.74: bad symlink.
[   86.176225][ T6250] EXT4-fs error (device loop1): ext4_get_link:106: inode #16: comm syz.1.74: bad symlink.
[   86.209859][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.339274][ T6259] netlink: 8 bytes leftover after parsing attributes in process `syz.1.78'.
[   86.367830][ T6247] loop0: detected capacity change from 0 to 40427
[   86.370854][ T6247] F2FS-fs: heap/no_heap options were deprecated
[   86.374257][ T6247] F2FS-fs (loop0): build fault injection rate: 19
[   86.376428][ T6247] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[   86.384632][ T6247] F2FS-fs (loop0): invalid crc value
[   86.390790][ T5919] usb 3-1: Firmware version (0.0) predates our first public release.
[   86.394584][ T5919] usb 3-1: Please update to version 0.2 or newer
[   86.397494][ T5919] usb 3-1: atusb_probe: initialization failed, error = -19
[   86.399921][ T6247] F2FS-fs (loop0): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[   86.433813][ T6247] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[   86.440469][ T6247] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   86.445891][ T6247] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   86.454187][ T6247] F2FS-fs (loop0): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[   86.558650][ T5864] syz-executor: attempt to access beyond end of device
[   86.558650][ T5864] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   86.566110][ T5864] CPU: 0 UID: 0 PID: 5864 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   86.566126][ T5864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   86.566132][ T5864] Call Trace:
[   86.566137][ T5864]  <TASK>
[   86.566142][ T5864]  dump_stack_lvl+0x189/0x250
[   86.566161][ T5864]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.566172][ T5864]  ? __pfx_queue_work_on+0x10/0x10
[   86.566181][ T5864]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   86.566194][ T5864]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   86.566212][ T5864]  f2fs_handle_critical_error+0x37c/0x540
[   86.566228][ T5864]  f2fs_write_end_io+0x886/0xb60
[   86.566251][ T5864]  __submit_merged_bio+0x27a/0x6a0
[   86.566265][ T5864]  __submit_merged_write_cond+0x255/0x530
[   86.566285][ T5864]  f2fs_write_data_pages+0x261d/0x3000
[   86.566315][ T5864]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   86.566367][ T5864]  ? __lock_acquire+0xab9/0xd20
[   86.566407][ T5864]  ? do_raw_spin_lock+0x121/0x290
[   86.566427][ T5864]  ? do_raw_spin_unlock+0x4d/0x240
[   86.566438][ T5864]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   86.566449][ T5864]  do_writepages+0x32e/0x550
[   86.566468][ T5864]  ? do_raw_spin_unlock+0x4d/0x240
[   86.566481][ T5864]  filemap_fdatawrite+0x199/0x240
[   86.566493][ T5864]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   86.566531][ T5864]  ? do_raw_spin_unlock+0x4d/0x240
[   86.566545][ T5864]  f2fs_sync_dirty_inodes+0x31f/0x830
[   86.566568][ T5864]  f2fs_write_checkpoint+0x93e/0x2440
[   86.566579][ T5864]  ? __lock_acquire+0xab9/0xd20
[   86.566608][ T5864]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   86.566654][ T5864]  kill_f2fs_super+0x2cc/0x6d0
[   86.566672][ T5864]  ? __pfx_kill_f2fs_super+0x10/0x10
[   86.566727][ T5864]  ? shrinker_free+0x2ce/0x3e0
[   86.566745][ T5864]  deactivate_locked_super+0xbc/0x130
[   86.566764][ T5864]  cleanup_mnt+0x425/0x4c0
[   86.566779][ T5864]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.566794][ T5864]  task_work_run+0x1d4/0x260
[   86.566809][ T5864]  ? __pfx_task_work_run+0x10/0x10
[   86.566819][ T5864]  ? __x64_sys_umount+0x122/0x160
[   86.566832][ T5864]  ? exit_to_user_mode_loop+0x40/0x130
[   86.566849][ T5864]  exit_to_user_mode_loop+0xe9/0x130
[   86.566862][ T5864]  do_syscall_64+0x2bd/0xfa0
[   86.566873][ T5864]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.566884][ T5864]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.566895][ T5864]  ? exc_page_fault+0xab/0x100
[   86.566908][ T5864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.566917][ T5864] RIP: 0033:0x7f16d978ff57
[   86.566936][ T5864] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   86.566943][ T5864] RSP: 002b:00007fff06d84788 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   86.566955][ T5864] RAX: 0000000000000000 RBX: 00007f16d9811c2d RCX: 00007f16d978ff57
[   86.566961][ T5864] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff06d84840
[   86.566967][ T5864] RBP: 00007fff06d84840 R08: 0000000000000000 R09: 0000000000000000
[   86.566974][ T5864] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff06d858d0
[   86.566980][ T5864] R13: 00007f16d9811c2d R14: 0000000000015135 R15: 00007fff06d85910
[   86.567000][ T5864]  </TASK>
[   86.567107][ T5864] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   86.710846][  T793] cfg80211: failed to load regulatory.db
[   86.907491][ T5980] usb 3-1: USB disconnect, device number 2
[   87.240264][ T6280] netlink: 44 bytes leftover after parsing attributes in process `syz.1.82'.
[   87.321869][ T6282] loop1: detected capacity change from 0 to 2048
[   87.503853][ T6282] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.511155][ T6282] ext4 filesystem being mounted at /23/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.542979][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.592851][ T6287] netlink: 12 bytes leftover after parsing attributes in process `syz.1.84'.
[   87.598660][ T6287] Zero length message leads to an empty skb
[   87.891850][ T6303] netlink: 44 bytes leftover after parsing attributes in process `syz.2.89'.
[   87.907946][ T6302] loop1: detected capacity change from 0 to 2048
[   87.932065][ T6302] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[   87.936018][ T6302] NILFS (loop1): mounting unchecked fs
[   87.951430][ T6013] udevd[6013]: incorrect nilfs2 checksum on /dev/loop1
[   87.969348][ T6302] NILFS (loop1): recovery complete
[   87.976321][ T6308] netlink: 8 bytes leftover after parsing attributes in process `syz.2.91'.
[   87.987108][ T6309] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   88.228938][ T5919] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   88.262231][ T6315] netlink: 8 bytes leftover after parsing attributes in process `syz.1.93'.
[   88.282639][ T6315] loop1: detected capacity change from 0 to 2048
[   88.306614][ T6315] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   88.382977][ T5919] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.387107][ T5919] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.392581][ T5919] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[   88.395976][ T5919] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.403979][ T5919] usb 3-1: config 0 descriptor??
[   88.426371][ T6318] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   88.433849][ T6318] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1104 with error 28
[   88.439715][ T6318] EXT4-fs (loop1): This should not happen!! Data will be lost
[   88.439715][ T6318] 
[   88.443017][ T6318] EXT4-fs (loop1): Total free blocks count 0
[   88.444868][ T6318] EXT4-fs (loop1): Free/Dirty block details
[   88.447129][ T6318] EXT4-fs (loop1): free_blocks=2415919104
[   88.449652][ T6318] EXT4-fs (loop1): dirty_blocks=1120
[   88.451740][ T6318] EXT4-fs (loop1): Block reservation details
[   88.453667][ T6318] EXT4-fs (loop1): i_reserved_data_blocks=70
[   88.507574][   T88] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[   89.012409][ T5919] usbhid 3-1:0.0: can't add hid device: -32
[   89.014827][ T5919] usbhid 3-1:0.0: probe with driver usbhid failed with error -32
[   89.020951][ T6308] i2c i2c-1: Invalid block write size 151
[   89.080060][   T47] usb 3-1: USB disconnect, device number 3
[   89.641293][ T6330] netlink: 44 bytes leftover after parsing attributes in process `syz.2.97'.
[   90.005939][ T6335] loop2: detected capacity change from 0 to 1024
[   90.010278][ T6335] EXT4-fs: inline encryption not supported
[   90.012628][ T6335] EXT4-fs: Ignoring removed bh option
[   90.037880][ T6335] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.567672][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.669866][ T6354] netlink: 44 bytes leftover after parsing attributes in process `syz.2.104'.
[   90.741153][ T6358] loop2: detected capacity change from 0 to 128
[   90.751771][ T6358] adfs: Unknown parameter 'uid>00000000000000000000'
[   91.027169][ T6356] loop1: detected capacity change from 0 to 40427
[   91.030798][ T6356] F2FS-fs: heap/no_heap options were deprecated
[   91.034094][ T6356] F2FS-fs (loop1): build fault injection rate: 19
[   91.036660][ T6356] F2FS-fs (loop1): build fault injection type: 0x3bfe8c
[   91.044243][ T6366] tmpfs: Bad value for 'huge'
[   91.056599][ T6356] F2FS-fs (loop1): invalid crc value
[   91.073545][ T6356] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[   91.135888][ T6356] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[   91.144176][ T6356] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   91.148332][ T6356] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   91.159976][ T6356] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[   91.219120][ T5980] IPVS: starting estimator thread 0...
[   91.222868][ T6377] IPVS: fo: FWM 3 0x00000003 - no destination available
[   91.264030][ T5854] syz-executor: attempt to access beyond end of device
[   91.264030][ T5854] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   91.269576][ T5854] CPU: 1 UID: 0 PID: 5854 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   91.269595][ T5854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   91.269604][ T5854] Call Trace:
[   91.269610][ T5854]  <TASK>
[   91.269617][ T5854]  dump_stack_lvl+0x189/0x250
[   91.269643][ T5854]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.269658][ T5854]  ? __pfx_queue_work_on+0x10/0x10
[   91.269670][ T5854]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   91.269686][ T5854]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   91.269711][ T5854]  f2fs_handle_critical_error+0x37c/0x540
[   91.269734][ T5854]  f2fs_write_end_io+0x886/0xb60
[   91.269772][ T5854]  __submit_merged_bio+0x27a/0x6a0
[   91.269792][ T5854]  __submit_merged_write_cond+0x255/0x530
[   91.269820][ T5854]  f2fs_write_data_pages+0x261d/0x3000
[   91.269835][ T5854]  ? unwind_next_frame+0xa5/0x2390
[   91.269878][ T5854]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   91.269932][ T5854]  ? __mod_zone_page_state+0xd7/0x140
[   91.269955][ T5854]  ? folios_put_refs+0x58b/0x670
[   91.269987][ T5854]  ? __lock_acquire+0xab9/0xd20
[   91.270013][ T5854]  ? do_raw_spin_lock+0x121/0x290
[   91.270039][ T5854]  ? do_raw_spin_unlock+0x4d/0x240
[   91.270053][ T5854]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   91.270069][ T5854]  do_writepages+0x32e/0x550
[   91.270093][ T5854]  ? do_raw_spin_unlock+0x4d/0x240
[   91.270111][ T5854]  filemap_fdatawrite+0x199/0x240
[   91.270125][ T5854]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   91.270181][ T5854]  ? do_raw_spin_unlock+0x4d/0x240
[   91.270200][ T5854]  f2fs_sync_dirty_inodes+0x31f/0x830
[   91.270230][ T5854]  f2fs_write_checkpoint+0x93e/0x2440
[   91.270245][ T5854]  ? __lock_acquire+0xab9/0xd20
[   91.270288][ T5854]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   91.270380][ T5854]  kill_f2fs_super+0x2cc/0x6d0
[   91.270407][ T5854]  ? __pfx_kill_f2fs_super+0x10/0x10
[   91.270439][ T5854]  ? shrinker_free+0x2ce/0x3e0
[   91.270461][ T5854]  deactivate_locked_super+0xbc/0x130
[   91.270485][ T5854]  cleanup_mnt+0x425/0x4c0
[   91.270504][ T5854]  ? lockdep_hardirqs_on+0x9c/0x150
[   91.270522][ T5854]  task_work_run+0x1d4/0x260
[   91.270541][ T5854]  ? __pfx_task_work_run+0x10/0x10
[   91.270555][ T5854]  ? __x64_sys_umount+0x122/0x160
[   91.270572][ T5854]  ? exit_to_user_mode_loop+0x40/0x130
[   91.270593][ T5854]  exit_to_user_mode_loop+0xe9/0x130
[   91.270611][ T5854]  do_syscall_64+0x2bd/0xfa0
[   91.270625][ T5854]  ? lockdep_hardirqs_on+0x9c/0x150
[   91.270640][ T5854]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.270653][ T5854]  ? exc_page_fault+0xab/0x100
[   91.270670][ T5854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.270682][ T5854] RIP: 0033:0x7fdea138ff57
[   91.270696][ T5854] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   91.270707][ T5854] RSP: 002b:00007ffdcc56d808 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   91.270722][ T5854] RAX: 0000000000000000 RBX: 00007fdea1411c2d RCX: 00007fdea138ff57
[   91.270731][ T5854] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdcc56d8c0
[   91.270738][ T5854] RBP: 00007ffdcc56d8c0 R08: 0000000000000000 R09: 0000000000000000
[   91.270751][ T5854] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdcc56e950
[   91.270759][ T5854] R13: 00007fdea1411c2d R14: 0000000000016397 R15: 00007ffdcc56e990
[   91.270785][ T5854]  </TASK>
[   91.270791][ T5854] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   91.319933][ T6380] IPVS: using max 44 ests per chain, 105600 per kthread
[   91.825883][ T5892] IPVS: stop unused estimator thread 0...
[   92.040368][ T6387] loop1: detected capacity change from 0 to 32768
[   92.063926][ T6387] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[   92.075654][ T6387] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   92.087165][ T6387] netlink: 36 bytes leftover after parsing attributes in process `syz.1.111'.
[   92.113562][ T5854] ocfs2: Unmounting device (7,1) on (node local)
[   92.322863][ T6395] loop2: detected capacity change from 0 to 128
[   92.333016][ T6395] adfs: Unknown parameter 'uid>00000000000000000000'
[   93.658344][ T6408] loop1: detected capacity change from 0 to 2048
[   93.685178][ T6408] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.693547][ T6408] ext4 filesystem being mounted at /40/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.733981][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.305372][ T6420] loop1: detected capacity change from 0 to 128
[   94.323638][   T33] audit: type=1800 audit(1759296777.149:4): pid=6420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.120" name="file1" dev="loop1" ino=1048597 res=0 errno=0
[   94.336460][ T6420] FAT-fs (loop1): error, invalid FAT chain (i_pos 548, last_block 8)
[   94.341615][ T6420] FAT-fs (loop1): Filesystem has been set read-only
[   94.344018][ T6420] FAT-fs (loop1): error, corrupted file size (i_pos 548, 522)
[   94.437218][ T6422] loop1: detected capacity change from 0 to 4096
[   94.442542][ T6422] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[   94.448258][ T6422] ntfs3(loop1): ino=0, mi_enum_attr
[   94.454775][ T6422] ntfs3(loop1): mft corrupted
[   94.456801][ T6422] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[   94.460257][ T6422] ntfs3(loop1): Failed to load $MFT (-22).
[   94.515054][ T6422] loop1: detected capacity change from 0 to 128
[   94.823768][ T6426] loop2: detected capacity change from 0 to 40427
[   94.827208][ T6426] F2FS-fs: heap/no_heap options were deprecated
[   94.833896][ T6426] F2FS-fs (loop2): build fault injection rate: 19
[   94.836453][ T6426] F2FS-fs (loop2): build fault injection type: 0x3bfe8c
[   94.841786][ T6426] F2FS-fs (loop2): invalid crc value
[   94.851859][ T6426] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[   94.859403][   T47] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   94.900901][ T6426] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[   94.908941][ T6426] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   94.912977][ T6426] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   94.923218][ T6426] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[   95.022339][   T47] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[   95.025784][   T47] usb 2-1: config 0 has no interface number 0
[   95.028200][   T47] usb 2-1: config 0 interface 85 altsetting 151 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.032983][   T47] usb 2-1: config 0 interface 85 altsetting 151 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.037111][   T47] usb 2-1: config 0 interface 85 has no altsetting 0
[   95.039663][   T47] usb 2-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[   95.042504][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.048262][   T47] usb 2-1: config 0 descriptor??
[   95.058269][ T5858] syz-executor: attempt to access beyond end of device
[   95.058269][ T5858] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   95.068697][ T5858] CPU: 1 UID: 0 PID: 5858 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   95.068717][ T5858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   95.068726][ T5858] Call Trace:
[   95.068749][ T5858]  <TASK>
[   95.068756][ T5858]  dump_stack_lvl+0x189/0x250
[   95.068780][ T5858]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.068794][ T5858]  ? __pfx_queue_work_on+0x10/0x10
[   95.068805][ T5858]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   95.068822][ T5858]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   95.068843][ T5858]  f2fs_handle_critical_error+0x37c/0x540
[   95.068864][ T5858]  f2fs_write_end_io+0x886/0xb60
[   95.068894][ T5858]  __submit_merged_bio+0x27a/0x6a0
[   95.068911][ T5858]  __submit_merged_write_cond+0x255/0x530
[   95.068937][ T5858]  f2fs_write_data_pages+0x261d/0x3000
[   95.068982][ T5858]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   95.069082][ T5858]  ? folio_unqueue_deferred_split+0x93/0x230
[   95.069104][ T5858]  ? folios_put_refs+0x584/0x670
[   95.069127][ T5858]  ? __lock_acquire+0xab9/0xd20
[   95.069150][ T5858]  ? do_raw_spin_lock+0x121/0x290
[   95.069191][ T5858]  ? do_raw_spin_unlock+0x4d/0x240
[   95.069206][ T5858]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   95.069222][ T5858]  do_writepages+0x32e/0x550
[   95.069245][ T5858]  ? do_raw_spin_unlock+0x4d/0x240
[   95.069263][ T5858]  filemap_fdatawrite+0x199/0x240
[   95.069277][ T5858]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   95.069330][ T5858]  ? do_raw_spin_unlock+0x4d/0x240
[   95.069348][ T5858]  f2fs_sync_dirty_inodes+0x31f/0x830
[   95.069377][ T5858]  f2fs_write_checkpoint+0x93e/0x2440
[   95.069392][ T5858]  ? __lock_acquire+0xab9/0xd20
[   95.069439][ T5858]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   95.069502][ T5858]  kill_f2fs_super+0x2cc/0x6d0
[   95.069526][ T5858]  ? __pfx_kill_f2fs_super+0x10/0x10
[   95.069556][ T5858]  ? shrinker_free+0x2ce/0x3e0
[   95.069577][ T5858]  deactivate_locked_super+0xbc/0x130
[   95.069599][ T5858]  cleanup_mnt+0x425/0x4c0
[   95.069615][ T5858]  ? lockdep_hardirqs_on+0x9c/0x150
[   95.069631][ T5858]  task_work_run+0x1d4/0x260
[   95.069647][ T5858]  ? __pfx_task_work_run+0x10/0x10
[   95.069657][ T5858]  ? __x64_sys_umount+0x122/0x160
[   95.069671][ T5858]  ? exit_to_user_mode_loop+0x40/0x130
[   95.069690][ T5858]  exit_to_user_mode_loop+0xe9/0x130
[   95.069707][ T5858]  do_syscall_64+0x2bd/0xfa0
[   95.069721][ T5858]  ? lockdep_hardirqs_on+0x9c/0x150
[   95.069733][ T5858]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.069744][ T5858]  ? exc_page_fault+0xab/0x100
[   95.069758][ T5858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.069769][ T5858] RIP: 0033:0x7faca398ff57
[   95.069780][ T5858] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   95.069789][ T5858] RSP: 002b:00007fffa81c7f08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   95.069802][ T5858] RAX: 0000000000000000 RBX: 00007faca3a11c2d RCX: 00007faca398ff57
[   95.069809][ T5858] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffa81c7fc0
[   95.069815][ T5858] RBP: 00007fffa81c7fc0 R08: 0000000000000000 R09: 0000000000000000
[   95.069821][ T5858] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffa81c9050
[   95.069828][ T5858] R13: 00007faca3a11c2d R14: 0000000000017248 R15: 00007fffa81c9090
[   95.069852][ T5858]  </TASK>
[   95.208643][ T5858] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   95.477656][   T47] hid-led 0003:1D34:0004.0002: unknown main item tag 0x0
[   95.481913][   T47] hid-led 0003:1D34:0004.0002: unknown main item tag 0x0
[   95.484716][   T47] hid-led 0003:1D34:0004.0002: unknown main item tag 0x0
[   95.487518][   T47] hid-led 0003:1D34:0004.0002: unknown main item tag 0x0
[   95.490479][   T47] hid-led 0003:1D34:0004.0002: unknown main item tag 0x0
[   95.493730][   T47] hid-led 0003:1D34:0004.0002: unknown main item tag 0x0
[   95.496506][   T47] hid-led 0003:1D34:0004.0002: unknown main item tag 0x0
[   95.496946][ T6430] input: syz1 as /devices/virtual/input/input4
[   95.587985][ T6435] loop2: detected capacity change from 0 to 2048
[   95.613420][ T6435] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.618551][ T6435] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.652838][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.702825][   T47] hid-led 0003:1D34:0004.0002: hidraw0: USB HID v0.00 Device [HID 1d34:0004] on usb-dummy_hcd.1-1/input85
[   95.727527][   T47] hid-led 0003:1D34:0004.0002: Dream Cheeky Webmail Notifier initialized
[   95.806625][ T6442] ptm ptm17: ldisc open failed (-12), clearing slot 17
[   95.893107][ T6425] loop1: detected capacity change from 0 to 128
[   95.907530][   T47] usb 2-1: USB disconnect, device number 10
[   96.136035][ T6452] loop0: detected capacity change from 0 to 64
[   96.152620][ T6452] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[   96.404894][ T6452] loop0: detected capacity change from 0 to 32768
[   96.416643][ T6452] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   96.468040][ T6452] XFS (loop0): Ending clean mount
[   96.474570][ T6452] XFS (loop0): Quotacheck needed: Please wait.
[   96.507844][ T6452] XFS (loop0): Quotacheck: Done.
[   96.844899][ T6476] loop1: detected capacity change from 0 to 128
[   96.916543][ T6478] loop1: detected capacity change from 0 to 512
[   97.340982][ T5864] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   97.577984][ T6498] loop0: detected capacity change from 0 to 128
[   97.583541][ T6498] adfs: Unknown parameter 'uid>00000000000000000000'
[   97.595368][ T6498] netlink: 340 bytes leftover after parsing attributes in process `syz.0.138'.
[   97.797403][ T6494] loop2: detected capacity change from 0 to 40427
[   97.801635][ T6494] F2FS-fs: heap/no_heap options were deprecated
[   97.816942][ T6494] F2FS-fs (loop2): build fault injection rate: 19
[   97.818620][ T6509] loop1: detected capacity change from 0 to 4096
[   97.834177][ T6494] F2FS-fs (loop2): build fault injection type: 0x3bfe8c
[   97.842500][ T6494] F2FS-fs (loop2): invalid crc value
[   97.847582][ T6509] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[   97.855308][ T6509] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096)
[   97.870625][ T6513] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   97.921670][ T6494] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[   97.970277][ T6494] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[   97.976172][ T6494] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   97.993070][ T6494] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   98.013508][ T6494] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[   98.152940][ T6517] loop0: detected capacity change from 0 to 8
[   98.191235][ T5858] syz-executor: attempt to access beyond end of device
[   98.191235][ T5858] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   98.197412][ T5858] CPU: 0 UID: 0 PID: 5858 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   98.197431][ T5858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   98.197439][ T5858] Call Trace:
[   98.197444][ T5858]  <TASK>
[   98.197451][ T5858]  dump_stack_lvl+0x189/0x250
[   98.197476][ T5858]  ? __pfx_dump_stack_lvl+0x10/0x10
[   98.197492][ T5858]  ? __pfx_queue_work_on+0x10/0x10
[   98.197503][ T5858]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   98.197519][ T5858]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   98.197543][ T5858]  f2fs_handle_critical_error+0x37c/0x540
[   98.197564][ T5858]  f2fs_write_end_io+0x886/0xb60
[   98.197596][ T5858]  __submit_merged_bio+0x27a/0x6a0
[   98.197615][ T5858]  __submit_merged_write_cond+0x255/0x530
[   98.197642][ T5858]  f2fs_write_data_pages+0x261d/0x3000
[   98.197686][ T5858]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   98.197743][ T5858]  ? folio_unqueue_deferred_split+0x93/0x230
[   98.197767][ T5858]  ? folios_put_refs+0x584/0x670
[   98.197795][ T5858]  ? __lock_acquire+0xab9/0xd20
[   98.197850][ T5858]  ? do_raw_spin_lock+0x121/0x290
[   98.197875][ T5858]  ? do_raw_spin_unlock+0x4d/0x240
[   98.197889][ T5858]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   98.197904][ T5858]  do_writepages+0x32e/0x550
[   98.197926][ T5858]  ? do_raw_spin_unlock+0x4d/0x240
[   98.197943][ T5858]  filemap_fdatawrite+0x199/0x240
[   98.197957][ T5858]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   98.198013][ T5858]  ? do_raw_spin_unlock+0x4d/0x240
[   98.198030][ T5858]  f2fs_sync_dirty_inodes+0x31f/0x830
[   98.198059][ T5858]  f2fs_write_checkpoint+0x93e/0x2440
[   98.198075][ T5858]  ? __lock_acquire+0xab9/0xd20
[   98.198116][ T5858]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   98.198174][ T5858]  kill_f2fs_super+0x2cc/0x6d0
[   98.198203][ T5858]  ? __pfx_kill_f2fs_super+0x10/0x10
[   98.198228][ T5858]  ? shrinker_free+0x2ce/0x3e0
[   98.198245][ T5858]  deactivate_locked_super+0xbc/0x130
[   98.198266][ T5858]  cleanup_mnt+0x425/0x4c0
[   98.198282][ T5858]  ? lockdep_hardirqs_on+0x9c/0x150
[   98.198298][ T5858]  task_work_run+0x1d4/0x260
[   98.198315][ T5858]  ? __pfx_task_work_run+0x10/0x10
[   98.198328][ T5858]  ? __x64_sys_umount+0x122/0x160
[   98.198344][ T5858]  ? exit_to_user_mode_loop+0x40/0x130
[   98.198361][ T5858]  exit_to_user_mode_loop+0xe9/0x130
[   98.198375][ T5858]  do_syscall_64+0x2bd/0xfa0
[   98.198389][ T5858]  ? lockdep_hardirqs_on+0x9c/0x150
[   98.198402][ T5858]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.198413][ T5858]  ? exc_page_fault+0xab/0x100
[   98.198428][ T5858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.198438][ T5858] RIP: 0033:0x7faca398ff57
[   98.198451][ T5858] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   98.198461][ T5858] RSP: 002b:00007fffa81c7f08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   98.198475][ T5858] RAX: 0000000000000000 RBX: 00007faca3a11c2d RCX: 00007faca398ff57
[   98.198482][ T5858] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffa81c7fc0
[   98.198489][ T5858] RBP: 00007fffa81c7fc0 R08: 0000000000000000 R09: 0000000000000000
[   98.198495][ T5858] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffa81c9050
[   98.198502][ T5858] R13: 00007faca3a11c2d R14: 0000000000017e6c R15: 00007fffa81c9090
[   98.198523][ T5858]  </TASK>
[   98.198528][ T5858] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   98.303632][ T6517] SQUASHFS error: zstd decompression error: 10
[   98.397376][ T6517] SQUASHFS error: zstd decompression failed, data probably corrupt
[   98.400999][ T6517] SQUASHFS error: Failed to read block 0x60: -5
[   98.403627][ T6517] SQUASHFS error: zstd decompression error: 10
[   98.405636][ T6517] SQUASHFS error: zstd decompression failed, data probably corrupt
[   98.408416][ T6517] SQUASHFS error: Failed to read block 0x60: -5
[   98.425717][ T6517] netlink: 8 bytes leftover after parsing attributes in process `syz.0.143'.
[   98.429129][ T6517] netlink: 'syz.0.143': attribute type 5 has an invalid length.
[   99.081024][ T6539] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[   99.084203][ T6539] ref_ctr increment failed for inode: 0x162 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888105eeeb80
[   99.087134][   T33] audit: type=1804 audit(1759296781.909:5): pid=6539 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.144" name="/newroot/61/file0" dev="tmpfs" ino=354 res=1 errno=0
[   99.104208][ T6535] loop1: detected capacity change from 0 to 32768
[   99.143917][ T6535] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[   99.151173][ T6535] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   99.158543][ T6535] netlink: 36 bytes leftover after parsing attributes in process `syz.1.147'.
[   99.185125][ T5854] ocfs2: Unmounting device (7,1) on (node local)
[   99.434287][ T6564] loop0: detected capacity change from 0 to 1024
[   99.437052][ T6564] EXT4-fs: inline encryption not supported
[   99.450666][ T6564] EXT4-fs: Ignoring removed bh option
[   99.473128][ T6564] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.793934][ T6577] loop2: detected capacity change from 0 to 2048
[   99.845063][ T6577] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.876022][ T6577] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.904837][ T6577] EXT4-fs error (device loop2): ext4_free_inode:354: comm syz.2.158: bit already cleared for inode 15
[  100.062019][ T5864] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.146214][ T6583] loop1: detected capacity change from 0 to 2048
[  100.180622][ T6585] syz.0.159 uses obsolete (PF_INET,SOCK_PACKET)
[  100.183785][ T6583] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  100.205915][ T5858] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.286915][ T6583] ------------[ cut here ]------------
[  100.289508][ T6583] WARNING: fs/udf/inode.c:684 at udf_setsize+0xd4e/0x1000, CPU#1: syz.1.160/6583
[  100.292947][ T6583] Modules linked in:
[  100.294710][ T6583] CPU: 1 UID: 0 PID: 6583 Comm: syz.1.160 Not tainted syzkaller #0 PREEMPT(full) 
[  100.299389][ T6583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.303306][ T6583] RIP: 0010:udf_setsize+0xd4e/0x1000
[  100.306180][ T6583] Code: 44 89 e0 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f0 46 85 fe 45 89 f4 e9 49 fe ff ff e8 e3 46 85 fe 90 <0f> 0b 90 e9 00 f8 ff ff 44 89 e9 80 e1 07 38 c1 0f 8c 49 f3 ff ff
[  100.313801][ T6583] RSP: 0018:ffffc90006d6faa0 EFLAGS: 00010293
[  100.316542][ T6583] RAX: ffffffff833b143d RBX: ffff888103500df8 RCX: ffff888106a88000
[  100.320097][ T6583] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000000000000200
[  100.323263][ T6583] RBP: ffffc90006d6fbe0 R08: ffff888103500dbb R09: 1ffff110206a01b7
[  100.326381][ T6583] R10: dffffc0000000000 R11: ffffed10206a01b8 R12: 0000000000000001
[  100.329593][ T6583] R13: 0000000000000005 R14: 0000000000000200 R15: 0000000000001000
[  100.332745][ T6583] FS:  00007fdea21ec6c0(0000) GS:ffff8881a39fc000(0000) knlGS:0000000000000000
[  100.336232][ T6583] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  100.344901][ T6583] CR2: 00007fdea21eaf98 CR3: 000000011fb62000 CR4: 00000000000006f0
[  100.347474][ T6583] Call Trace:
[  100.348544][ T6583]  <TASK>
[  100.350314][ T6583]  ? __pfx_udf_setsize+0x10/0x10
[  100.351936][ T6583]  ? down_write+0x162/0x1f0
[  100.353364][ T6583]  ? __pfx_down_write+0x10/0x10
[  100.354870][ T6583]  ? __pfx_current_time+0x10/0x10
[  100.356485][ T6583]  udf_setattr+0x3a1/0x5a0
[  100.357859][ T6583]  ? __pfx_udf_setattr+0x10/0x10
[  100.360690][ T6583]  notify_change+0xc1a/0xf40
[  100.362556][ T6583]  do_truncate+0x1a4/0x220
[  100.364095][ T6583]  ? __pfx_do_truncate+0x10/0x10
[  100.365722][ T6583]  do_ftruncate+0x489/0x540
[  100.367352][ T6583]  ? __fget_files+0x2a/0x420
[  100.369293][ T6583]  ? __pfx_do_ftruncate+0x10/0x10
[  100.371147][ T6583]  __x64_sys_ftruncate+0x92/0xf0
[  100.372719][ T6583]  do_syscall_64+0xfa/0xfa0
[  100.374287][ T6583]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.375795][ T6583]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.377912][ T6583]  ? exc_page_fault+0xab/0x100
[  100.379722][ T6583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.382086][ T6583] RIP: 0033:0x7fdea138ec29
[  100.383807][ T6583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.391305][ T6583] RSP: 002b:00007fdea21ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[  100.394588][ T6583] RAX: ffffffffffffffda RBX: 00007fdea15d5fa0 RCX: 00007fdea138ec29
[  100.394856][ T6590] netlink: 16 bytes leftover after parsing attributes in process `syz.2.161'.
[  100.397711][ T6583] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  100.403299][ T6583] RBP: 00007fdea1411e41 R08: 0000000000000000 R09: 0000000000000000
[  100.405773][ T6583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  100.408265][ T6583] R13: 00007fdea15d6038 R14: 00007fdea15d5fa0 R15: 00007ffdcc56e578
[  100.410886][ T6583]  </TASK>
[  100.412152][ T6583] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  100.415061][ T6583] CPU: 1 UID: 0 PID: 6583 Comm: syz.1.160 Not tainted syzkaller #0 PREEMPT(full) 
[  100.418719][ T6583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.421820][ T6583] Call Trace:
[  100.422866][ T6583]  <TASK>
[  100.423738][ T6583]  dump_stack_lvl+0x99/0x250
[  100.425406][ T6583]  ? __asan_memcpy+0x40/0x70
[  100.427091][ T6583]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.428792][ T6583]  ? __pfx__printk+0x10/0x10
[  100.430668][ T6583]  vpanic+0x237/0x6d0
[  100.432280][ T6583]  ? __pfx_vpanic+0x10/0x10
[  100.434110][ T6583]  ? is_bpf_text_address+0x292/0x2b0
[  100.436211][ T6583]  ? is_bpf_text_address+0x26/0x2b0
[  100.438298][ T6583]  panic+0xb9/0xc0
[  100.439802][ T6583]  ? __pfx_panic+0x10/0x10
[  100.441371][ T6583]  __warn+0x334/0x4c0
[  100.442797][ T6583]  ? udf_setsize+0xd4e/0x1000
[  100.444387][ T6583]  ? udf_setsize+0xd4e/0x1000
[  100.445873][ T6583]  report_bug+0x2be/0x4f0
[  100.447579][ T6583]  ? udf_setsize+0xd4e/0x1000
[  100.449488][ T6583]  ? udf_setsize+0xd4e/0x1000
[  100.451370][ T6583]  ? udf_setsize+0xd50/0x1000
[  100.453246][ T6583]  handle_bug+0x84/0x160
[  100.454931][ T6583]  exc_invalid_op+0x1a/0x50
[  100.456551][ T6583]  asm_exc_invalid_op+0x1a/0x20
[  100.458096][ T6583] RIP: 0010:udf_setsize+0xd4e/0x1000
[  100.459756][ T6583] Code: 44 89 e0 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 f0 46 85 fe 45 89 f4 e9 49 fe ff ff e8 e3 46 85 fe 90 <0f> 0b 90 e9 00 f8 ff ff 44 89 e9 80 e1 07 38 c1 0f 8c 49 f3 ff ff
[  100.465860][ T6583] RSP: 0018:ffffc90006d6faa0 EFLAGS: 00010293
[  100.468046][ T6583] RAX: ffffffff833b143d RBX: ffff888103500df8 RCX: ffff888106a88000
[  100.470874][ T6583] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000000000000200
[  100.473400][ T6583] RBP: ffffc90006d6fbe0 R08: ffff888103500dbb R09: 1ffff110206a01b7
[  100.476456][ T6583] R10: dffffc0000000000 R11: ffffed10206a01b8 R12: 0000000000000001
[  100.479060][ T6583] R13: 0000000000000005 R14: 0000000000000200 R15: 0000000000001000
[  100.481503][ T6583]  ? udf_setsize+0xd4d/0x1000
[  100.483014][ T6583]  ? __pfx_udf_setsize+0x10/0x10
[  100.484561][ T6583]  ? down_write+0x162/0x1f0
[  100.485992][ T6583]  ? __pfx_down_write+0x10/0x10
[  100.487503][ T6583]  ? __pfx_current_time+0x10/0x10
[  100.489084][ T6583]  udf_setattr+0x3a1/0x5a0
[  100.490464][ T6583]  ? __pfx_udf_setattr+0x10/0x10
[  100.492002][ T6583]  notify_change+0xc1a/0xf40
[  100.493441][ T6583]  do_truncate+0x1a4/0x220
[  100.494825][ T6583]  ? __pfx_do_truncate+0x10/0x10
[  100.496289][ T6583]  do_ftruncate+0x489/0x540
[  100.497685][ T6583]  ? __fget_files+0x2a/0x420
[  100.499162][ T6583]  ? __pfx_do_ftruncate+0x10/0x10
[  100.500751][ T6583]  __x64_sys_ftruncate+0x92/0xf0
[  100.502288][ T6583]  do_syscall_64+0xfa/0xfa0
[  100.503715][ T6583]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.505344][ T6583]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.507245][ T6583]  ? exc_page_fault+0xab/0x100
[  100.508739][ T6583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.510570][ T6583] RIP: 0033:0x7fdea138ec29
[  100.511946][ T6583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.517861][ T6583] RSP: 002b:00007fdea21ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[  100.520434][ T6583] RAX: ffffffffffffffda RBX: 00007fdea15d5fa0 RCX: 00007fdea138ec29
[  100.523227][ T6583] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[  100.526363][ T6583] RBP: 00007fdea1411e41 R08: 0000000000000000 R09: 0000000000000000
[  100.529499][ T6583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  100.532670][ T6583] R13: 00007fdea15d6038 R14: 00007fdea15d5fa0 R15: 00007ffdcc56e578
[  100.535767][ T6583]  </TASK>
[  100.537460][ T6583] Kernel Offset: disabled
[  100.539185][ T6583] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:33:03  Registers:
info registers vcpu 0

CPU#0
RAX=ffffffff8176013d RBX=ffff888031731a40 RCX=ffff88801caf3a00 RDX=0000000000000100
RSI=ffff888031731a40 RDI=ffffffff7fffffff RBP=ffffc90000127b30 RSP=ffffc90000127818
R8 =0000000000000000 R9 =ffffffff81a89157 R10=dffffc0000000000 R11=ffffffff821b32b0
R12=ffffea00008d2580 R13=ffffffff81a89157 R14=ffffffff821b3310 R15=dffffc0000000000
RIP=ffffffff81c06011 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b83fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007faca47056c0 CR3=00000000228c0000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=ffffffffffffffff ffff00ff00000000 XMM05=000000000000002d 0000000000352f2e
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffffff00 ffffffffff000000 XMM09=303a312d322f312d 322f326273752f31
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000054 RBX=0000000000000054 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90006d6f250
R8 =ffff888020608237 R9 =1ffff110040c1046 R10=dffffc0000000000 R11=ffffffff8556cf50
R12=dffffc0000000000 R13=ffffffff99d1993f R14=ffffffff9a00f5a0 R15=0000000000000000
RIP=ffffffff8556cfcc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fdea21ec6c0 ffffffff 00c00000
GS =0000 ffff8881a39fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fdea21eaf98 CR3=000000011fb62000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
