last executing test programs:

20m2.890250951s ago: executing program 32 (id=3145):
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setsockopt$netrom_NETROM_T4(r0, 0x103, 0x6, &(0x7f0000000000)=0xd, 0x4)

19m22.403063711s ago: executing program 33 (id=3751):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x4e24, @private=0xa010101}, 0xf)

13m25.233121309s ago: executing program 34 (id=8991):
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x0, &(0x7f00000047c0), 0x1, 0x4705, &(0x7f0000004800)="$eJzs222IHGcBB/BnNqe5pMn1XtImafqySQQPLceln6r1QzyrNpo2L9pWU+Xcu1wvp3u3592uFgxSgyAKghIEFV+oCqVfakEM9EstQsEXpFUoFUXrF5FCFfxg0AZ6sjszuZ25vc7mNmlp+/tBMjcvzzPP3n/nmX3m2Ssl6qfmlstzy+XKQrk2ff/yLeXP1aqN+ZlQepW81uenO1ciJ9m/do687wMfueeWEP5w7GsfWllZWQlNg6GjA20/n//36en2ZaqUK9Ost3NtsT82Hnnp5295pSOKnAgh7FjTrqZNIYSP/SKEzSGEoWTbcLLcEkLYFkKIQgiP/uZfP+7vpQltzt77wnPHzhzed2bi8ceeuTB7dN0DoxC+W9198+z8i/s33fb8Oy7T6QEA4BV98PiRu4+OHwhPRmHgXN/az+s7k2X6+fjOt33qrof7Vvev0J1Nr2KoAAAAkLM6/h+MXu4wX5fOrKVTgk88cOLup6LV/Qa2r2+H7jpy+/vHDyTzv9Ga/bcmm/753k2tOdT8vG9+/ncoV77z/O/qeR7+6rO/XHjrxtufti8972CISmOZ9VJpbCyEYxPx+q5oa6laW66/8/5aY+Hkxs/7RpHNP569z7wLkgn9bvMfztVfNP+/+xOf/9mWvl5ewUjIv2ubTS6vfSvTQTb/9fvyn3wp6ir/kVy5ovzveHr7+V9t7uUV5M/IpcjmH1+I+9oPKMcdQDP/b/YV578jV39R/t+fOPfoiQ18/6fZzwxGzbb2Z3qAl5Pt63yFiZxs/nEQma4z+UWud/3/L5f/Nbn6i/K/s/aP3/2th/t/p/6/uT460Uudbx7Z/OMgypkjVq//oVLx9X9trv6i/H976s/PfrKne/Xa/JvtH3X/70o2/+RGnO08W7/Jbvv/nbn6i/LfNXLfQ3MbaPeHtyTtHIjCSNu3Ts81b2EDq/PVrSFNc/fiBk7yJpDNP/6tZS6dgXjRuv4Hi/v/Xbn6i/J/aM/X33O6p+//du7/x/X/Xcnmv6W17VLyfymX/+5c/UX5//D03/9y32Xu/5vrB+XflWz+W9fsX33+U+pq/HddrnzR8599w0898tcexv9p+9Lzps9/0ucQo1H8/IfOsvlfte5x3d7/9+TKFV3/3/rP80/v76X/j/o9AehBNv9t8cYOA8Bu878+V39R/l+458sf/9MGxn+tT3z9af5t4//N8faj+v+uZPPfHm/M/DHUg63/W/f/aG3u/83lf0Ou/qL8Lxwa6/vKZb7/N9s/mv9DNDrK5j+w7nHN/H/fxf3/xly5ovy/uPenL97c0+f/EMaN9Tcsm//V6x7Xuv77i/O/KVeuKP/vfOPXTzzYQ/vf3kNZ8vnH9/rM5ZR8Nu92/F/O1V+U/49Gz5/dfwXGf7e6/3clm388a34p+efH/3tz9Rfl/70jP1jquwLPf+6QPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIYMJ8vBEJXGMuul0thYCCPJ+q6wNZqqnJycqtamP7Mcwo5kezkMR7PV2lSlOjm3UDs5M1mpVmvTIVyT7N8R+qPlaq0+OV9ZvPZiXVuiUzOVpfrUTKUeQtiZbL8+bE/rmpqrz1cWW8emZa6KKp9t1OqVscbyzFLYfXH7tnT77FKtsXjdxbquLtWWFk9VFiZPzi29e3x8fDzsudjmoWjmgfrMQj1ubby3WSYtOxi1vZjW7hvazvfpWmNpoVJtbb+xrUy1Nl2ptpW5qe189aXGwnSlPjNZrc2m5yu3lW17ba3de5N9o2Eo8/rSsnkHk+Xth45/9PjhA2v2l6Ns3guN+Znx7Z3fEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8cT1527u+HULoi9dKIYSD6Q9R8i/j7L0vPHfszOF9ZyYef+yZC7NHOx0DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/J8dOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NzPSxVdHAfgM+N7XwuklDZCLgNDRHQnYUG/iKTyGtmyTeugVgkZFAWGES0LgiCoXVQQtAoq/4KohctW1aYWLQwiqBidycsd4YYXOuY8Dwxnhrn3zBcG7p05n8MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9ePsjsWurL20a/PS1t0fQmd+7v8QwmiyvP95b0foCSF8/TJzOqzSFnqa+n8zOTdevmrye2//+MPro8na6y++W1y3OyTpUMPxziRNh4bW3v9GdWfw2fRgEkIauxCiWBh7cqYWQuiIXQhR/Pw4fzH7ff8vdiFE0f/hbld2/2uxCyGKrbs/9dXyZzyq53z9wmDjf3+rR/A2HtFZh96evPIudVMr72X+/p/km/fBapg9ceT989hFEM3s3NTR2DUAAAB/17kW+X/Ysrx//3ISerrLuf+3pvy/t6n/1fP/Ffe23xibaSuE2FYam8yOh/e10+fGd2rg6u3XNeM9VSX/rzb5f7XJ/6tN/l9t8v9qk/+TeSX/r6THN/csvohdBNHI/wEAoHoOHZ+Yqg+PZC//m350lvP6vryt53n6g1vTA48axo3kh/+2w8cmDhwcHsnve3lAcGX9h3Tp7Pd8vkdzW5hsmnfRav2H3qcL89c6y5+o/+H8jaK+4rrWfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgF7tzT8MgGIVh9LutiNpoVTRh4SfBBxoYEYAUZjSggwkDMBACChjIOcu9ybO8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADzfv8rr4vtLY6TXGpGmssuu/XM8zX7mvh2W99njxq0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbO3AgAwAAACDM3zqP9gMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPBQAA//+Ysss9")

13m22.770953794s ago: executing program 35 (id=8841):
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
r0 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
close(r0)
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r1, &(0x7f0000006840)={0x2020}, 0x2020)
socket(0x10, 0x3, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
mount$9p_fd(0x0, &(0x7f00000006c0)='./bus\x00', &(0x7f0000000100), 0x8000, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}})

13m12.022584249s ago: executing program 36 (id=9120):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x172f, 0x500, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x6d, 0x41, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x5, 0xfc, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)

13m4.98299351s ago: executing program 37 (id=9176):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e23, 0x800000, @mcast1, 0xc22}, {0xa, 0x4e21, 0x7, @remote}, r1}}, 0x48)
write$RDMA_USER_CM_CMD_BIND_IP(r0, &(0x7f0000000000)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e20, 0x3, @loopback, 0x3ff}, r1}}, 0x30)

12m55.968722663s ago: executing program 38 (id=9243):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x37)

9m46.509214681s ago: executing program 39 (id=11332):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="180200000000000000000000000000008500000028000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000730000009500"], &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

6m15.401599646s ago: executing program 8 (id=13807):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
read(r0, &(0x7f0000000240)=""/146, 0x92)
setsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000000340)=0x1ff, 0x4)
sendmmsg$inet(r0, &(0x7f0000000c40)=[{{&(0x7f0000000200)={0x2, 0x4e22, @local}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)='\b\x00\x00\x00(\x00\x00\x00', 0x8}], 0x1}}], 0x1, 0x4800)

6m14.458483206s ago: executing program 8 (id=13812):
syz_usb_connect(0x2, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="120110019bde521023398a71d7d80102030109022400010509401909047b07022d51d59809056b02200002020509050412"], 0x0)

6m13.88508046s ago: executing program 8 (id=13823):
syz_emit_ethernet(0x33, &(0x7f0000000040)={@random="e90c610faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x25, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x11, 0x0, @gue={{0x2, 0x1, 0x2, 0xc, 0x100}, '\t'}}}}}}, 0x0)
syz_emit_ethernet(0xfc0, &(0x7f0000001a80)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x6, 0x4, 0x0, 0x0, 0xfb2, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty, {[@end]}}, {0x0, 0x0, 0xf9a, 0x0, @opaque="edf1df4edc119cb3d0b8ad66bf21898f56dea225ccb2d8ed7e491f7a300b0b38fe69e2910f6158f4cf4d2bf792d3758d8173e85e1bf7fa7eeba490c2cf30bb231e806bfabcabdc0213d969b0b9434fa01623fc23c249a85e8258d584625788fafd9c12f510d09598f6dd6fabf6ac7a2dfe649fa04122d102e69784c8d78a65b1b9bf29114e5c2d5f1e7ae1e4338cfa45917f69e5ceac119ad400a552d4c840f0d3c4f7e64b2b88abb9c9c351dd84a30149d52caf718c64395eecb782880e012c6aeb368f429df66a611d773911057c7c0f854721c9c6eb45f1dd169791ee6e69c774608cb5b27a72fe02901efeec8f0533af0d040309cc15790df5450f1436129bf90da1eaa17fb268321a420daf37de6de4b9427b5c23b4c6464d994b8d624270403962219c427a1f6cad10ac4324c476f2d7cbb40a3a2152f3eba910733d56125a30ea13f5d62a7137764f4aabc3d3bf2ed6ae9372cff490b2bf06514e090df8cb651baaec0e333a5119b73034858016ae4607cf108127907094bb483de4d4a067e79f3761516e7c6c052b3abb947d3ac60ae14087b868a41bed15f4b396fdf92406fde018bd5aacc53fdc8d567889d7e2d04369a10f9654d01c5f63dad861216ad3fddccfb55ec1af75d200f528ee898dc09352b9dea259e05a1b235de5cccf0f946b5e6381ca8c548252cd3c571d389b216fea6cdff7d94c71355bc40eafaa7c087b72f6c916d62e8928ddfd8f1e1c7fcf5710de10a191c87238111de6cdf92c9263f7e30a735e0a36a32d4313ba1aa4e307fc9c83931cf87f2d824c247e7b049518ce986a8508551f5f1a56b38ec9cd97db9b1a1aee6b17d3167f58f7b1c59f7db3bf2f25a0ac3d187e28dade5feb9af131ce82da8d7c59cc49c33c6d83eaf940556828055075bb67268fbdca664789c5039732e03d120d2ed45bf6deb3fda5c1c78c1c8acc420dcba6584354ad20f648c94688773fb28249a13316507625e9d7e013fe3a0673c37c130cde07d7c5c10b141faed29bf646774d5d66a7e2adb39e0ff08019fd1c3ac48ea81da2764c38f5621870fd56cb32a6561a0e2c2be22f826c9b721799c19c9e4ebafec55785d62b7a08d72f27028eb11137de29f90a520e11f5064972bf0901833d8d9af653414e5c2ae329fb5075a1c7929badda2f7a3099b9760e8196ac177d191151572e890898219bade493fe9a2f7450694f88d66f827d1acd8221855ae1c6b73665957ee2f90fe3e4ece6fad6630c8a1d4ea025fd12ce10fdf9f92a6a798de701e376c1c4f460a24957446065789acd14ddc07773d9f96d5c5174895c79801fc99ee2d454543a5c101a7e02141cf562514d788511f3b654bcb291cc397ad6b89666246bf1a7f19525ca77077fc450f0b2a83fac614276711d4e08fb71b209f1e3e1a9b894df97a8e9bd180a50b9423f1b9c9b5335d57bd5caaa1b0a0f33ac9397030db272eb0eab096c69defc0229925fe7c259d30849bd36f1d67860b20760cdb387cbe661cbd3a9a352192425e1235a6905e7acacbfacaeb54fd2c76e03e9b9e57650ea1a06996ee8ce07e2724128c1fcd436047b8eeab184121c27772c036f85cf572e7f618ebc5e4b93be6bfead852f9128e2dadc195742f61d9e03a71f4437f2832df9ae52a419f27957edc6b1667ce80bda928dca2851ac64c080ce4e5bddaa58530ff4135cc86948a0dcd177d18e3e5f87148460fcbd5897813cf7d3c13ce769b7e07590e1390c5d15fdb6443c806065c15acff6e59a85df2e0f821b56f93105b0f87556ae2f5b37cfcda8e8a4e1876a8021fc21752bcbe4b0a9fd97ec3b93e41c7b5ef2157d2c65ac4249fc09bdede59386e948b17c30e5f108e0306a25a9cd6ef3b71c592c374ec5bd18ae427b6626dad6e1e4d0c6de16a8cd43849aa6a2fa4ac51cbd027ae8f628e27d30149b15f8bd858c1e322f856d569c70077f46d200b10c53be11b413c42e5e5656fd7ad8dd682386ab007b674c17fcf999a3d870e0840dbd0515a8b798e5309f54fa73b2231ce770bdd43ac609f771fe18099405f1a4fc2e3baebb4f479335d0379ee4b419dbd02ac1957d4dc429669308dd660d205897f8694ce3b82efb8dc715226161e47c85f0738adb6376d7a3e4b827b242245921fd184e2afbeb57c9dc96f91771a5dea966d1a823b9b8b150ed728687b6dcbfba7d0d3cf32ddf00a50b4ee465c1a4d8d2d01aa4a74966df83fbe0632e29df8c841b0f122984b0aa42f992d8a9d20a10e465d46a6127a900ceaffc90eb33fb05717fcaa2e8d02ed0ea0c5e2136f9d8d0c59be7671e85f72ad5751534224d88e4cb30958a9c0d816f7f2fd0ef42a0a508faca89afe82c737636be23098545be3f34f62f4e52958c72f91f5303a8c01d8c44ba6cbb657a7f07e919593a71c49c3e2280dfa5a242a97b3999c014ddcb0a6c33e6dfc0c0d876bec03940bc6d3be2993c5ee620e1110b2f281319376f8ff0fa35b14fab43005632a3ad0b4d15e58fde2ad7958d7d55bb649d554b3510be1cb7e7eb256afb8ebc6b25173874a470c4b4d3bcc299116c599583c8be01c4e63df0441a7aca948baf1cf878cc8bcccf78854e63b253b0055f6396c73860c393ea395b7a01aa9808b3bf2d5d508b0aaf8203853a1404c699f777a9b654de1855b31c0293f4f66dcd80d7cd82f89ab41b16542eb8b0649483323a74d27fd22207e00fcd13e212bb82ff8a4faf9af5980f0e99c01623b5e736f2318fe4019e70ab20952119c7f62c693e59b57ebafaa5a30ae2a901bde6a45ba36184192ef44f6a8221cb40b30f2a0f9845ec401907e6dd7c17bff1f894d38507d5151637ba944ba4051fe85e62882e290828c1b6f1a84f13feb83ac6f763dbe586d2f8a87fff3801764ee8abd053874c2c62b55ee03b016218e5229ae1b94221f13c5db51c28be4b95de955240e7d596c0288ba5250fe53fd4e9ad665d83c3863ce30d9b2eedb14bfd76c1ee8eb727dc02484eefeaa2e8ed0c3674c82ba583607c9bc35768fdaf8e2b6957e337bd7f4a48641b3ddb94f4156e9a0fcfe8244dcd26e31b665e5b59f3e924485d57aefb62b5365435adfc0194652bdc260b976b2d4184e18844c7a320f2fe948185dd9037c0e08c75edd26bb19114ecbbb0c75b392865139ff1f37d73d07d9069db6b9c8679d7994d5042d84e4d5261cb4f1dac7f1775bd2f5ba78ce677e249a0e1c046fb3e94391fbc00538ad8fc4f36b1f814a023287cc55fb2c6dc57b924f62c72e3e2cea02c3219449c7624f62d8d4e12fc0385c523c93cab456e95ffc5e25bba3001e12b7c1a22580a5788f4c5b53352f305bed341c314b400e075853859a95dd9f629eaee5ab0137c8f76d50b4e6be3728b79579483ffa8bf9fd4f85cdec3ba62ee8594d438fbd8c16361e82cf1f5a41714cd10231d02c2d2e5598814da6473d369c69eb0a6322dd3de414cd79c0e5c0e5ff87c6eb4f941e73aefdf2c87be134a2a5a9fd46d92f34aa7a52d1299481fd507e077346a8d438688b32509e2297d483306aa5ead530d0ad2a2892ef5fe5f9ed7fa4b566c6f5823e71b61347386d21c36cec70fb3c86bb525a68e06ff8717b3788b2295d8906820e8abf2c345631a366e55a1e2766b03bca88559760b9a88164567e8cf208283c6bd4165aa3db85eab42f0c5df2aaf1a285d2e87f859b6e0c10616f76237af6dfc10767052273d617bfb2e808a336b64c7ff98b04c30bd854360c822936e5ae915f2de5e81dca1f32f9eee2eb674be010bd884f7923d9806db542ae349f161b9245741f63a6cd9cb3ad73d58b6482de702a6ce06ef725d27fa104cd33ade94e379d154033b6553363910a8476b5957e22ef37164a8582c4173c7c61ef63d6a41817511fd114a57c7691e6cfcb410ff8258f422c3f5f207764b6e162211bd09ad00f3f6ebe686a3fac2530d4e81046971ec8812f8873f0bf1ff5dbab04f547b6c8ba8243b108bdd184e7358179882abfb19b2fd97ad740cbf535fd46941d46ae9778d2616c35277360e8f1c013520635ad1140fa330f95a64ddc2b8adf53ad13b00a03f7727d91afddcff9a50171f3802f8d50cc6a7042052019e23aa46eae532401fb8bda678a2a0681101f454adb3f6603ae90cebcfee9ef6b46411f8f320046fa1d74adaedf7c907bd7fa7fd6c496b11ac4b07ab6ebeccd0f9ab7f1bcbfc2dc7772c075f98d0371d24fb3b2eeaf21073efa76051a748c6c2b2683cca6b02178103eccd436c128f2ff95b9a56f1152ca5e35d3def06ef6edc372e8f19b6d2d167b17d379d5965dbe0110cc6c944eadc8b4240cd87f5e3b159bbcf7c037b4550abdc683f7f4553561c59fc8f1de247c51331d636d458abb2202feb8d8125c63184cdd8077ad7f154f25a0a331695e174bb1916540bc1b1150d08da736da5788742ed754316b7cc769bab8ac860bea58761a72e4577aff0cd7567223028a88759eba3c7d00b0b1e56c057400621b1eda2dbc6792ec84100b8e5cffad015d73179b4a29f9349a42d9ae1e67a443ba70d49619d28cfa390ceb9cf1eb5e2dfacda467c871d9d2fe9d03ac8ff7a36b2872fc42c602778371c1e1397e6468eaa88d40803524d283cf39a7865b0e11fb0886c0eef06fb7f0bdc73eee35adca58bb7ab3983e7d998a9c8d12a451990e5d8479ed57736b86ca9fa8160eb2ce547a55d2863aee0457b32db2b1cc202023bd65a5d73441d411198ac86c61de278f2cc8824c93a242ee7812c2014d18c2b9f9e81a71e26a790cdf9814e3cc2097d1bf01f42e268b104fddaafbc74681b565b77d616650f54e6fc8322a8cbd4555cd91cdb2a302f85e23fd154c83f41ce7ebab2d3a4a10ce93b754418ca72b694c081db8b9a642f01dc3c803f770f4802d02ff07932038dc345d08da3080b5c9994707e0de30ee9a11550a8be8eaab9696ecd0117afd21b894ec4a24f3bd1d9eca9c02098ba6fe4e41dcef1dabd862598db9b3b5d7f3442ec5e39f72b92912ccac2d912d18cdbafc650d56c03a57aab6301da11d523bce6ceee85076894a223f098acb0d574654ca43e170579329e84e7671432986d9b53554096227ba1eecf2b3ecca7d972de7730eb847eab3bb6c0797dcfe4e2b5c9ac98611ded719afc4c001c455671520fd0a4de2e275f5c2e4ecfd0465fdbfcce24a87f8cf3be61162f389859d7bc27c24178946542d678c425d0e57abc64a03e6105bcb7977c07e86e2c5cffe07905286ee4f1b54c366dbdccc0c7d716bc00557e4656e8fe3254851722753ed5690074f003075c875919a3b6e762f42e249444b518e78cff998b0311db99977588709b76e35959d0c0a6fb2919f2cb720e3a95365e13e50ff293a2561f69f1726cd733d7e180a7dd25c57378a70efe811f1aee79d796f4663bbc74986045e086ec1ba044046c1d6ed7a25da19e264a33df9aa1c6741c7634238dca85cb75129d06a071eda07d7c8abdf3069eb04aef5513e761e572aff660f1991f109d1e08868f1c39b185310be6bf9be015dce5f58cf446ca4688108829a8c0485a341776a4873fabae6a24b2681fda241831746eb434306be0828a2c12c89c96a69ec3b202e02ddb6290ed3de4b791d8759acbfa8187972ccfff"}}}}}, 0x0)

6m13.884796691s ago: executing program 8 (id=13824):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x512, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=")
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000001c0)=0x10)

6m13.81691302s ago: executing program 8 (id=13825):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
fcntl$getownex(r0, 0x10, 0x0)

6m13.571267446s ago: executing program 8 (id=13829):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x7)
setsockopt$ax25_SO_BINDTODEVICE(r0, 0x101, 0x19, &(0x7f0000000040)=@bpq0, 0x10)

6m13.509143661s ago: executing program 40 (id=13829):
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x7)
setsockopt$ax25_SO_BINDTODEVICE(r0, 0x101, 0x19, &(0x7f0000000040)=@bpq0, 0x10)

5m28.066086288s ago: executing program 3 (id=14316):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x1)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x5)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000480)={{0xfffc, 0x3, 0x0, 0x3}, 'syz0\x00', 0x2})
ioctl$UI_SET_KEYBIT(r1, 0x40045565, 0xee)
ioctl$UI_DEV_CREATE(r1, 0x5501)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0xa, &(0x7f0000000180), 0x4)

5m27.957877571s ago: executing program 3 (id=14317):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000001e00010022bd70000400000007000000", @ANYRES32=0x0, @ANYBLOB="000000000600", @ANYRES8=r0], 0x24}}, 0x0)

5m27.95752594s ago: executing program 3 (id=14318):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={0x0, @in6={{0xa, 0x4e24, 0x29, @ipv4={'\x00', '\xff\xff', @empty}, 0x3e}}, 0x3, 0xbe03, 0x31, 0x4ef2, 0x40, 0x10001, 0x6}, &(0x7f00000001c0)=0x9c)

5m27.902067026s ago: executing program 3 (id=14319):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x1, 0x4b4, &(0x7f0000000c80)="$eJzs3E9sFNUfAPDvbHdpgR8/KiIKoi6isdHYQkHh4AWjiQdMjHjQY9MWghRqaE2EECmJwaMh8W48evXgVb0ZTyZe8WhiSIjhAnhaM7sz7e52t//Y7oL7+SRL35t9s+99982bfTNvlwD6Vjn9J4n4X0TcjIidtWxjgXLtz707Vybv37kyGQuVyqm/k2q5u2k+k++3PcuMFCIKXyRNL1gzd+nyuYmZmemLWX5s/vwnY3OXLr969vzEmekz0xfGjx8/euTwsdfHX1t/UC3qS+O6u+/z2f173/noxruTxXz7UPa3Po5OKUe5VVOqXux0ZT22oy6dFHvYENZlICLS7ipVx//OGAidB/2iUqlUBts/vVBpdm3ZFuCRlUSvWwD0Rv5Bn17/5o8uTT0eCrdP1C6A0rjvZY/aM8UoZGVKTde3nTQUER8u/PNN+ohNug8BAFDvpxP5TLB5/leIPXXl/p+toQxHxGMRsSsiHo+I3RHxRES17JMR8VTT65cjorJC/eWm/PL5T+HWAwW4inT+90a2ttU4/8tnfzE8kOV2ROQT5ulD2XsyEqXB02dnpg+vUMfPb/3+VbvnynXzv/SR1p/PBbN23Co23aCbmpif2HDATW5fi9hXbI4/KUYkiysBSUTsjYh963jd4br02Ze/27+YKTWWWz3+qkrLdbQOLFVUvo14qdb/C9HQ/0s1JiuvT44Nxcz0obH0KDjUso5ff7v+Xrv6V43/hz+bd3n72I+nHjTsRWn/b6s7/iNfv12KfziJSBbXa+fWX8f1P75se02ztuP/asM+6fG/Jfmgmt6SbftsYn7+4uGILcnJ5dvHl/bN83n5NP6Rg63H/65sn/SdeDoi0oP4mYh4NiKey9p+ICKej4iDK8T/y5svfLzx+DdXGv9Uy/NfQ/8vrdfPncwTl9aaGDh34Ob9NiePtfX/0WpqJNvS+vyXNJwi1trADryFAAAA8NArRPW7/4XRxXShMDpauwe0O7YVZmbn5l85PfvphanabwSGo1TI73TV7geXkvz+53BdfrwpfyS7b/z1wNZqfnRydmaq18FDn9teHfPJsvGf+mug160DNp2f/ED/Wm3877nRpYYAXefzH/pX3fhfaFNkwTdl4L+p9ed/qevtALqv1fi/uoF9gEdLxViGvmb8Q/8qxvuL6UJPWwJ0m89/6Etr/xX/RhKVwdZPDcXywjG0Oc3Y2qKuniTSmVVPat+6kb3y/02hbZkorPY6xYZjbDCWlxmInvTFmT0dP/gr2XflO93U71cep/l0fRPeqO6ehwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADbLvwEAAP//cdfX0w==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f00000000c0), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000180)='./file0\x00', 0xd2023, &(0x7f00000001c0)={{}, 0x2c, {}, 0x2c, {'user_id', 0x3d, 0xee01}, 0x2c, {'group_id', 0x3d, 0xffffffffffffffff}}, 0x1, 0x0, 0x0)

5m27.822536604s ago: executing program 3 (id=14320):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000002740)={'dt2817\x00', [0x4f27, 0x4, 0x2, 0x3, 0x5, 0xcc5, 0xf, 0x6, 0xa, 0xe8aa, 0x2, 0x1, 0xffffbffd, 0x1, 0x0, 0x0, 0x0, 0x1a449, 0x3ff, 0x40000006, 0x200099, 0xcaa7, 0x0, 0x20001e57, 0x7, 0xe6b, 0x3c, 0xd0, 0x2, 0x1, 0xfce]})

5m27.549062568s ago: executing program 3 (id=14323):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000b40)={0x52, 0x1, 0x1, {0x0, 0x1}, {0x60, 0x2}, @const={0x3, {0x1, 0xf801, 0x4, 0x1}}})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)
ioctl$EVIOCGKEY(r0, 0x80404518, 0x0)
set_mempolicy(0x1, 0x0, 0x5609)

5m27.351845475s ago: executing program 41 (id=14323):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0xd, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000b40)={0x52, 0x1, 0x1, {0x0, 0x1}, {0x60, 0x2}, @const={0x3, {0x1, 0xf801, 0x4, 0x1}}})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)
ioctl$EVIOCGKEY(r0, 0x80404518, 0x0)
set_mempolicy(0x1, 0x0, 0x5609)

5m6.33102171s ago: executing program 4 (id=14575):
syz_mount_image$cramfs(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x2200409, &(0x7f0000000400)=ANY=[], 0xfe, 0x15f, &(0x7f0000000200)="$eJzs0M1qGmEUxvH/O/M6ClVsqQUptArd2ErBD9pdKU6pVKgdaOmmK8FOP0CxVGjdVSnddSF066JJtiGQK9DoIiToJrmJbNwFsjTMjEkI8Q5yfrt5znueA/Py2SyjuPCi1fz23W233Y/pt061/O5oOCx5uQWd7Uvz4P2oBF/QjDTMe+DFkxh8+tpwjXqr4X3PSxAG7Bt+HgLiZ/fshKanIU+wn3kA4zv+O4OrmVsk5O/d1WDHgywHLNasoO9WkHl9x4AJSlnLY/dM/lSyqdsKOoPs1ub+m+le5fGj5+7fQrn/MJo0s79gHVtFdiefD83l1mxafe1UnVmxUHhazOUNnhz4hd0++lX0B3xQoL0+A7/PInlfv4ffCv75t+Y7KgaM/584zfD5v+7+NNOgUoN6LRnaqCVuGpgZ7U0WrOBPiKwaCSGEEEIIIYQQQgghhBBCCCGEuO5OAwAA//+/BFIO")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r0, 0xfffffffffffffffd, 0xbb)

5m6.2277654s ago: executing program 4 (id=14577):
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0)
close(0x3)
syz_usb_connect(0x5, 0x2d, &(0x7f0000000380)=ANY=[], 0x0)

5m4.165549718s ago: executing program 4 (id=14606):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x4, 0x0, 0x0, 'queue0\x00'})
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x8882)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000400)={0x0, 0x0, {0x0, 0x2, 0x0, 0x0, 0x3}, 0x1000d023})
write$sndseq(r1, &(0x7f0000000140)=[{0x1f, 0x0, 0x0, 0xfd, @tick=0x4, {}, {}, @raw32={[0x0, 0x8]}}], 0x1c)

5m4.165234218s ago: executing program 4 (id=14607):
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000240)='./bus\x00', 0x8008, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], 0xf, 0xab, &(0x7f0000010140)="$eJzs1zGKwkAYBeB/s7CbdptFsLBO4x08ilhqI1aK4A3Ei3gVj5DewiKtiCOYiIidRQT5vmLgzWPgtbM7brubIiKtIlLRme7T3Wy+GA8n9Rl8pCwifiMij4jeX50Pg7r7avqyWo7K6vv58c+69b0AAMDrsug/5nNqLk7NL/Aa/m993vI+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHe7BAAA//+dfyiL")
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x40, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x40942, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
linkat(0xffffffffffffff9c, &(0x7f0000000000)='./file4\x00', 0xffffffffffffff9c, &(0x7f00000006c0)='./file5\x00', 0x0)

5m4.067838854s ago: executing program 4 (id=14610):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000140))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000001740)=""/192, &(0x7f0000000140)=""/92})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb0100"], 0x0, 0x40, 0x0, 0x3}, 0x28)
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000200)=0x800)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000001500)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

5m3.6776874s ago: executing program 4 (id=14614):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f023})

5m3.380070879s ago: executing program 42 (id=14614):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f023})

5m1.663375663s ago: executing program 0 (id=14644):
capset(&(0x7f00000004c0)={0x20071026}, &(0x7f0000000100))
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x2001)
ioctl$SG_IO(r0, 0x2285, &(0x7f00000002c0)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000340)="4b89a74cae5b", 0x0, 0x3, 0x16, 0x0, 0x0})

5m1.663078768s ago: executing program 0 (id=14645):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)}, 0x0)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r0, 0x89f1, &(0x7f0000000000))

5m1.565349565s ago: executing program 0 (id=14647):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f04000000000000000000850000000f000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x10)
faccessat(0xffffffffffffffff, 0x0, 0x2)

5m1.521138143s ago: executing program 0 (id=14649):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x11)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000240)='./file0/../file0\x00')
pivot_root(&(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00')

5m1.458839072s ago: executing program 0 (id=14652):
r0 = epoll_create1(0x0)
epoll_pwait(r0, &(0x7f0000000000)=[{}], 0x1, 0x6e, &(0x7f00000001c0)={[0x7f]}, 0x8)
close(r0)

5m1.100427128s ago: executing program 0 (id=14656):
ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$bcachefs(&(0x7f0000000080), &(0x7f0000000000)='./file1\x00', 0x800095, &(0x7f0000000280)=ANY=[@ANYBLOB="61636c2c6669785f6572726f72733d61736b2c6e6f7265636f766572792c6669785f6572726f727300826f2c7265636f766572795f706173735f6c6173743d636865636b5f657874656e74732c6e6f7265636f766572792c6572726f723d726f2c7265636f6e7374727563745f616c6c6f632c6e6f5f646174615f696f2c6673636f6e746578743d726f6f742c66736d616769633d3078303030303030303030303030383030302c61707072616973652c7375626a5f747990653d6e6f5f646174615f696f2c00b59ba3dc7bbd010000002d58cc2ee65dcef11e384bed58db423f661ac475e1edf48e9715f125f1ab862760524e2cbb0fe6fe3b33a703651061eedf21fdc6596e7a6f9c3e1c6eea624ea9ea9ea6fc8c85d320099b2b71a44825e990ecbace067e4aefba3e86efc5d412526bb782a0aaa29189c7a5f02806ba48a400000000"], 0x2, 0x59ef, &(0x7f0000000bc0)="$eJzs3X+QHNV9IPDXM7Pa0a5WWgkcZDCrRaCEQGyt+FXYvgtKLrFTQCi5SDmIkw0LWhHZklBJIoAgQcqBDwpwYZddDk7+IC5MHbbiogouRqFM+HESZ7ApLj7qClMHd9h/+IoQVAF0lMuXvZqdfrOzvdPq2dlZaYHPp6Tt6Tc93/f69Zue/r6Z3QkAAAB8IBy8befhS078/Wf/YuydW/7g77fuDf3lifJq3GAwXd5wrFrI0dRbWT6xzI6L37jpOz8fvvp3f/hQ37ffPbDxlE0//b3jrn7sCxfuv/evnnx74JF/fa0obhxPZ0yuJ28kIVR/cOjrXzrw3Am1siSEUE4G94SwNFn25NIkE2LklyGEjTnxH37n7E215d47e6eUL8lsZ7x/sFXTcbb78PVnhld+Z/2tP17xvb/t2ff6nslNkmrTeAph8ZXNj+8JISxM/9fE0bY8Pjhdrgsh9KW3ayPs/Jz2/PNXnz23tjy1zfavzlk/KV0uSJf9BXHi/Ssz66XMdtn1qCez7Cuob7by2tHpdkUWZdYnT0bfKOratuS1M5YvTZffT5dnzDB+Of5PQikJlUbztySTYyQ0HbckJBPbVxvrpcaxDen+Z9aTzHops17uyezXRL1p75WTZGp53C5THk/HlbT8lOZzdQuX5pR/OF1W0yfqu3E9ZG/U9U+70divCbFdh47QlqOh1HQOalXeOPDpwajtzvj4+Hh/smzaY8ZbiPcdWH/XqvKGpw4O5rQjeShJ4ycTdc40/u4fLV30+e/ecd3yvPhXltL4pY7iv3rR829efse3vpkb/54Yv9xR/LMe73vjoqdvW5nbP4di/1Q6ij/62jN3rzj+qn257b8vxq92FH/t/ud7Bw4//kRu+0di/yzsKP7Ln/zUzx588dHXc+OHGL+vo/gb9m//cu/Q4dMn45enxn8i9k//DOLvbdz36lv7zntpaOgXw3ntfyHGH+io/Q/sufcT9y+588Lc47su9s9gR/EvPu2xWxcdfvTkvHNncl+3XjkBPpiOS6+xbk/XO80zZ6spX/jL4Ur9OnBR+n8gfL17FWUuPmv1LO5edAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACY8KEz/+un//dnB9+opOu96Y2XS/VlLF8QQrIwhLBz1+iOXZu3XTP8hWuv27FtdMvw6K7hsW27dtw4fM5vDe8Y275l9MbavSMfPbv+uGUhqS+Tk6fV3Ts+Pl4anFoW6/t3p+17ZdX5/+efQhj50E+GKrntX33v1vuPb/EzI1k7fsHW6y75ybl/k+7XYNquwRbtGh8fHw857frny351/1cP/fz0EEZ+La9de0IIz7z82/8wpUETBZNxUqXeUG9Qb9LXsh2NVqftif1V2bR5y9hICMsuWJLuYev9KOfsx7+/6fVfbrrhK7+q92+15X6E9vt34drxLaVvrL/4/33j5nrBkY77+DE87kX9Hfciti/2XzXt78Xpfi3O2a9Kzn7d9uMnXvzBiXe8vSeMVN5aMb3uov3qSQdAT/LhtuqNNfQlS6eUV9Pt4xGPj1u9a+v21Ttv3P3RzVtHrxm7Zmzbx9ecs+a8kXPPO3f1xJ6v7vL+x/p/vc39Pzrjacmf7vl+/NneeCpqV1F/1NpV3B/NLcp7/vVd+qWvffzepy+pFxSN87h143ySLvtqx3lNaBpv0/uq1X4V9UMIYbhVP7z59oXhhP+x+dai81DzkWn+mZGsHX9u5b/8zfl/vfzf1Avm8jwf4nm+uUEdnucbrZ5sz0R/VdPjMV7bj97517+9oZzuV3/Ldq157umeuw7+05812rdgQbhhdNeuHWvqPxelLV2UnNSyXdnSuF8rJn6WQ3p4Q2OYthivNT2h3r7s+TNunu3V/vS+/mRZy/3KivcdWH/XqvKGpw7m9XTyUL3GhWGgvkw+krPllswDy40Gt6p/vj7/isbH0Kf/+pHPPvJ350wbH2fVfxbtV5KzX9978YGvffsr//Hvurdfn/7t5wf/5X/+yap6wXvlvNJoddqepPm8clYIRc+/FaH1fuQ+/0qt96fo+ZetZ3L71vGGM+v9odzR8/Wsx/veuOjp21bmPl8Ptft8vXnKWrnF83VBU0vmy/jJPr+SytR2zN3za8pASdaO//D24/Y8ecu6E+sFReO6sXWrcX12G/lHzn79w+UvDV07/B/+e/fOG9/5rYev+Ono2j+vF3R+3GNbunPcq2n/VnP6t9HqmHc29+/Hrr52y8Z6+fy9/k2XBflPPJXsvHH3F0e3bBnbsbO9/Zp4XHn6fmVfT2M92V7u9PU0nt2WFexXadp+zd2Ndvqr3edb2v5yNkanz7f+kHT0urD7R0sXff67d1w3OO1RaUVXltL4pY7iv3rR829efse3vpkb/54Yv9JR/NHXnrl7xfFX7cuNf1+Sxq92FH/t/ud7Bw4//kRu/JHY/oUdxX/5k5/62YMvPvp6bvwQ4/d31v9v7TvvpaGhX+TGfyFJ66ldI4Xw8Dtnb6qvJ6Enfb7FdvRMaVfIrieZ9VJmvdy8XqrPtTYqKCfJ1PK4XVp+SlNbWvnjnPJ4FVZdXl++G9dD9saRy+ebUtO5v1V50XUqAMD7XXz/P16Dxvf/x9ILpfyZBpg02zxseU7cmIdNzucsmHL/8jR+fHycBxz6WBipLfcO1y/0Z/o+Qnw+ZOc5Yz2nnzo1RqfznEXz7ysz67Fd9fnySlMempqe11RCG/PvsZ6BRj1Hnn/P7H7x/Pjw7dOaNdw0b5U9fj3pjFmrzzuEqf1SqUXIGx/ZebH4eY6hxWHdRH1tjo/s52jicch+jibWc2LmxNnp52hmOz5is48wPiaaXPz+xvTjF47Qv5PHr3W07PGbwfGu1raf6/dnuzBv2PKUdvTmDef2/TDzkjnx0yfYfJ83jOVxPyptzid+Nqe8W/OJ8XQR23XoCG05GqbOJ169MFtuPhF4r4r5f3yNqOX/tQvw/5vZrug6NHvVGOPlfk5o2ju8dUV5x/TP6fV19Dq+Yf/2L/cOHT499zrniXY/97N9ylpfwef0ivpxVWa9sB9zJmiK8r1sPUX9nv1cRn8Y6KjfH9hz7yfuX3Lnhbn9vq7+Qlrc71+bsjZQ0O/vgXyhdXz5wgciX5jr+bNjlo+kH3yaq3zkj3LKZ5qP9E270divCfMzH5le3jh99xzddgEA7x0x/2+8f5bm//8rbpBeRxTlrWdk1mO83Lw15/okL2/9w3R5Q2b7/vQ3KmZ63XzxaY/duujwoyfn5i33tZuH/qcpa4OFeejs8ubcPGJddz4vnptHNPKs2eWJue1v5Imzy9Nz4zfy9Nnl0bn908ijZzcPkBu/MQ8wf/PcxaGdPLdgvi5TWVxtd77ufZtHp78+O1d59KU55TPNo/un3Wjs1wR5NADAsRXz/3gZF/P/pzPbzfZ99ty8oEvX7dm/B9KI/8LRyivnOu+b67x1rvP6uZ6XqOfFpTD/8uL23v+d63mhuZ0n+8DnxWml8mIAAOazmP/HX2zKz/9nl5+0yt96puQn8vOW8d9n+fl8fN+6vfy8i/NfTb9jcfTmv+ZB/l+Z2gXHIP/fG8vn5H3xanWy8+T/AADMQzH/j7/2GP/+339J17N/t16enhN/1nn6kf+AjDz9GOTpzfGPWp7e/Xm24HMAx/bz8Qsnt38fzAOMj4/fMllgHgAA4D2hZyJTmv579p9Ll9nfs8/7vfzLc7ZvVyW9PL5q146xsSuu275xdNfYFduu3Ti284rrd2zetWtsW3272eaNuXlLeqXeEyppf7TeLpu3LUn/HsKSnL+HkN0+hj1p4sb0v4eQrXZhwd8RmDx+7bU37/iVjrB9q/GRd7zz4v9xzvZR4/hf/SdnXbFp5xWbt23etXl0y+bdY1O3q2WtfTP43szYLTP6vtTMj2lKM//+zu60ozStHT1pf2SP/8L4fQaZdixNW7I07/sPctr97H/76p+eNv6rB0MY+VD5I7Pqv2Tt+H++bOwPdx38yfZa+0u547fWnsaWabuKvq80u33cn8qWa3fuOnPTtddt25jb9pmI8xmlxvoczWekT/9ym/MTG3LKZ/r7++VpN+antj+nAADAFPH9/3g9G98//Ep6ARXL28/TZ/f+cW6enr5/XJSnZ7+XrChPz24f97fdPL06yzx9sv7edP+OnKdn25uXp+fl3Xnx/yhn+5lqf5zM7nMeuePkyvbGSfb7DIrGSXb7mY6TZJbjJFt/0ThptX2rcZJ33PPifyZn+zztj4fZfS4ndzzc0954+M3MetF4yG4/0/FQmuV4yNZfNB5abd9qPOQd37z4l+Rs366p46M2MCbGxdgV11+744tN283191/UvDKr9s3t9390qv32z+3nvua+/XP7ubK5b/9MPlc2+cmm+Lmy3Pa/MLuZsPbbP7ff79KpOZuvHZ+cIF0QJj9sVvT5s6J53PXTd2DCTOdxF0y7MT+Zx4VjJ+b/8WwW8/8702W33wbq5nXS+JLJ20fve9Leu99j9m/L8/97zIquY47a+69z9XqeKno93/PA1O29ngMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8v/RWlk8sD9628/AlJ/7+s38x9s4tf/D3W/f+xk3f+fnw1b/7w4f6vv3ugY2nbPrp7x139WNfuHD/vX/15NsDj/zra/Hx5bzAgxM/K2ekq9UQkjeSEKo/OPT1Lx147oRaWVJ7fDK4J4SlybInlyaZCCO/DCFsbLRz6p0Pv3P2ptpy7529U8qXZIJk9yv0l2N7mtsZwg1tdBbvOdV0nO0+fP2Z4ZXfWX/rj1d872979r2+Z3KTpNo0nkJYfGXz43tCCAvT/zVxtC2PD06X60IIfU2PO7+gXae22f7VOesnpcsF6bK/IE68f2VmvZTZLrse9WSWfQX1zVZeOzrdrsiizHr2ZDRbee2M5UvT5ffT5RkzjF+O/5NQSkKl0fwtyeQYCU3HLQnJxLGsNtZLjWMb0v3PrCeZ9VJmvdyT2a+JetOBVk6SqeVxu0x5PB1X0vJTms/VLVyaU/7hdFldPrW+6rQbdf3TbjT2a0Js16EjtOVoKDWdg1qVNw58ejD607L+ZNnkxuPjcTlN3OTA+rtWlTc8dXAwpx3JQ0kaP5keP+SGb8Tf/aOliz7/3TuuW54X/8pSGr/UUfxXL3r+zcvv+NY3c+PfE+OXO4p/1uN9b1z09G0rc/vnUOyfSkfxR1975u4Vx1+1L7f999WiVkJ/qLYdf0GYjL92//O9A4cffyK3/SOxfxZ21P6XP/mpnz344qOv58YPMX5fR/E37N/+5d6hw6fnxn8i9n9/Z+PnrX3nvTQ09IvhaY+qX4gmL8T4Ax3Ff2DPvZ+4f8mdF+Ye33WxfwY7in/xaY/duujwoyfnnTuT+7r1ygnwwXRceo11e7relGcOzCTPnK2mfOEvhyv1a75F6f+BblaUUatn8RzGBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/ekfbz7nc5dd8Jn1lSSEJGeb8RbifeUFa9cOd1Dv6GvP3L0wU7a8gzgAAABAsVoevuL4q/aVGiXVsDxcnywMJ7XcPs4RnBTXkqnl2TmEGCc7R9BpnFKX4pS7FKfSpTg9XYqzoEtxersUp1oQpxrai5OdK2qOU6mNijbb03fE9rQfp79LcRZ1Kc5Al+Is7lKcJV2KM3jEOO2Pw6VdirOsS3GO61Kc47sU50NdivNrXYpzQpfiZOeUZzoOB9ItT8yLM3GjXBinkpQbd7SaTz8hrefkWdbTX1DPQNHrcZv1LGyznlMzjyvNsJ5qm/X8+izrSdqs5zdnWU+poJ44bm/Iti/WE9faHP83dinO7i7FualLcW7uUpw/61KcP+9SnFtmGQegXTH/n8z3BkNvZUdjLTsLEPPdFRM/p7/e5Z2Q+tJIH8mULyiKl03UM/FWzLR92QmETLyVmfKeKfEqjXzkCPGqzfFWZe4s3N/shEKmfWdkynuL4mUnFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgDv3jzed87rILPrM+JKH2r6XxFuJ95QVr1w7XbvTOrN4D6+9aVd7w1MHmst5KR7sAAAAAFIh5eE+jpBp6K2tCb7JgynbVdB6gmq6XB+vLocVhXW2ZDJcm1vuSpUd8XCV93OpdW7ev3nnj7o9u3jp6zdg1Y9s+vuacNeeNnHveuas3bd4yNlL/GUJvQbwQwsT0w84bd39xdMuWsR0764XZ9i9PH7c8XU/Sxw19LIzUlnvT9i8rqK80rb65u1F89AAAAAAAAAAAAAAAAAAAAAAAAAAAgP/Prt2FyHmVcQA/78zszHTb2JV+ZBqazZCPErVoEreSaum+IFhok5ClILPVtQSbYHHThDYpsY5twLYmKEJLIERyYSQWW4s3/bBF7AeBSo0G3BikLdoLvVBaraQlF5Iykt05szOzM5l1CE0bf7+LeWfOec553jMXC/93BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GBNVUcmKqNj44NJCEmXmloHcS6bT9NyH32/+vz2HxaGT61sHivk2oou72NjAAAAYI6YwwcaI8VQyGVDNlw1/WlpaJoIs7kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/zNVHZmojI6NX5yEkHSpqXUQ57L5NC3Ps1fz/m++++TnXhse/nvzfKmvEwAAAAC9xByeaYwUQyksCwPJVS11MbsvalvfXhf3WTzPuvZnB93qls2z7pp51n2iR92G+nVXAAAAgI++mP9zjZGhUMgt6Jr/e+X6WLekrS5bv873twIAAADAuRPzf6ExUgqFXKmR1+eb95e21cX1vf5vH9ev6LK+1//z19ev/k8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8dU9WRicro2Hg2CSHpUlPrIM5l82la7qPvmhcG/3nLkYeWNo8Vcn1sBAAAAPQUc/hs9C6GQm4wDISLp3P/8E0Hn/7y08+OhBBmYn4+H3Zt2rHj7jUzr7Fu9dEjAz945e3vzKlbPfN63g4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcM1PVkYnK6Nj4RUkISZeaWgdxLptP03Iffd/4wpf++viJ595qHiv1sQ8AAADQW8zhs9m/GEohH/LhyulPzVn/jEzb+m7PDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIALxz3fuu+bmyYnN9/tjTfeeNN4c77/MgEAAOfakpCE2v9o4cbzfdcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCHwVR1ZKIyOjZeTEJIutTUOohz2Xyalvvomz5/rLDg1AsvNY+V+tgHAAAA6C3m8NnsXwylMBAGwhXTnzo9E5jO/0Mf4E0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHypT1ZGJyujY+IIkhKRLTa2DOJfNp2m5j76P7T7w+cOXfv/m5rFCro+NAAAAgJ5iDs83RoqhkPtkKISr658nWxck2fq183OB2XXbW5YNzntdtWVddt7r9rSdLFc/zcy6YtxvaObaWFeeu67ctK4UGu3LLevCvpZVC3rcZwAAAIDzKOb/QmNkKBRyhaac+7OW+iE5FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoYqo6MlEZHRtPkhCSLjW1DuJcNp+m5T763ve7j1/ytZ/v3dk8VupjHwAAAKC3mMOThXGkGEphcfhYWDyd+8NQa318RvCvyunDj/77bytDWHXl8eFc+7Y/jm9+88aNL7a/hJBprc6EcGm9X9Kl32//8Oi9y2unHw9h1RXZq+f0C2fv17plWnumsnn9ju1he69vBwAAAC4MMf8PNEaGQiF3V9f8H5N3j/zfMB3AL7139y8vr7/WE3nbisxQvV+mS78vLn/yLyvW/uPtM/n/bP0+c2Dr4ctbGs6MtEnS2ujWnRuOX3coE0890z/b1j9+L1/59lv/2bLrkdMz/YuhWB9flOvUf+5r234XpbXJzP7xde/vr7b2z3U5/0O/f+nErxftfe9M/3eXDDb6X3OW83fqHxr9B299eN/1B45saO0fQih36v/OezeHhX+688H28w+2bdz8zTe/tknS2tGlJw+tPVi6obV/0tY/fv+/OPHYvp8+8r1nY//4W5GVy+bbP9PW/9U9l+1++YGNi1r7Z7qc/8XbXhveVv7uH9vPf0fLrrmudzH3/E9c+9Ttr29K72+fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLBMVUcmKqNj45kkhKRLTa2DOJfNp2m5j75v3nLsndv2/uRHzWOlPvYBAAAAeos5fDb7F0Mp5EM+DE7n/mcqm9fveOX49jA0M5vUr7nJbffs+NSWbTvvuuM83TkAAAAwXzH/5xojQ6GQWx4G6vl/dOvODcevO5SJ+T8T8/+WOyc3rwqNulf3XLb75Qc2Lmo8Jwhh+mcBxTN1n52tu+nGY0Mn//yNFR3r1szWHV168tDag6UbYl1orlsdGs8nnrj2qdtf35Te37i/5rpPf33bZP3xRNx38NaH911/4MiGxjnq18H6vrFuMrN/fN37+6uxLlu/FuvnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmmqqOTFRGx8ZDNoSkS02tgziXzadpuY++65b/6sFLTj23uHmskOtjIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7LDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbrL0SqKo4D+Dkzazvu7K67GrQVrasVhT0kBRH1UlERGiL0pEhYmg9hEEQURrSGRmJFL0HWi0QF1RZCQW6SaLFG/6SXHioosB4CkRbSRYL+sDPnjjN35zY1K0H1+cBw5py59zu/e8+ZMzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8qvT0jtfbIzgdm1lxwyyeP33Pqsdveu2/7ZY+8/sPYpps+3tf3yumpzcu2fH3zkk0H7l01uefFwycH3vntWHPGyXbBD9ebFalbCSGeiCFU3p9+7ompT8+bHYshhHIcGg9hOC4+PBxzCSt/CSFsbtTZ+uLbp67eMttu393bMr4oF5K/rlAtZ/XUDbXWy39LJa2zbTMPXRG+vXHdjs+XvvXmgonj42cOiZWm9RTC4Mbm86cGQ1gY6o9Z2WobyU5O7doQQl/Tedd2qOviv1j/lQX9C1N7TmqrHXKy15fn+qXccfl+ZkEIv66ptzV9Hd5vvorq6Pa4TvpD6waT34zmK9W5tWA8DKf23dSu+Jv55RAeXV/bT0Mphp5G+VvjmTUSmuYthliby0qjX2rMbUjXn+vHXL+U65cX5K6r9r5poZVjbB3PjsuNZ9txTxpf1rxXt3FHwfj5qa2kD+rprB/yT+qqc540rqsmq2v6T2r5J5Sa9qB2442JT5NRTWPVuHjOOb+3kb02te6pS8sbPjgyVFBH3BdTfuycPxTm5G/7bLj/zjd2PThSlL+xlPJLXdX/3eqjP63f9dILhfnPZvnlrvKvOth3YvWHO5e3uT+Dtfzp7P70dJV/17GPnl567t0T7ea6lr83y690lX/D5NHegZmDhwrnd2V2fxZ2lf/N9bd+/9qX+48X5ocsv6+r/A2T9z/TOzpzeWH+ofpHoVpboV2sn58nrvlqdPTHsaL8L7L7P9AmP3bMf3V8z3UvL9q9qnB9rs3uz1BX9d9+yYEd/TP7LyraO+Pes/XNCfD/tCT9xnoy9bv9nzlfTf8Xnh/rqX8D9afHwNl8o5yY/eABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vv3BrEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUwAAAP//IkczQw==")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)

5m0.957597387s ago: executing program 43 (id=14656):
ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_mount_image$bcachefs(&(0x7f0000000080), &(0x7f0000000000)='./file1\x00', 0x800095, &(0x7f0000000280)=ANY=[@ANYBLOB="61636c2c6669785f6572726f72733d61736b2c6e6f7265636f766572792c6669785f6572726f727300826f2c7265636f766572795f706173735f6c6173743d636865636b5f657874656e74732c6e6f7265636f766572792c6572726f723d726f2c7265636f6e7374727563745f616c6c6f632c6e6f5f646174615f696f2c6673636f6e746578743d726f6f742c66736d616769633d3078303030303030303030303030383030302c61707072616973652c7375626a5f747990653d6e6f5f646174615f696f2c00b59ba3dc7bbd010000002d58cc2ee65dcef11e384bed58db423f661ac475e1edf48e9715f125f1ab862760524e2cbb0fe6fe3b33a703651061eedf21fdc6596e7a6f9c3e1c6eea624ea9ea9ea6fc8c85d320099b2b71a44825e990ecbace067e4aefba3e86efc5d412526bb782a0aaa29189c7a5f02806ba48a400000000"], 0x2, 0x59ef, &(0x7f0000000bc0)="$eJzs3X+QHNV9IPDXM7Pa0a5WWgkcZDCrRaCEQGyt+FXYvgtKLrFTQCi5SDmIkw0LWhHZklBJIoAgQcqBDwpwYZddDk7+IC5MHbbiogouRqFM+HESZ7ApLj7qClMHd9h/+IoQVAF0lMuXvZqdfrOzvdPq2dlZaYHPp6Tt6Tc93/f69Zue/r6Z3QkAAAB8IBy8befhS078/Wf/YuydW/7g77fuDf3lifJq3GAwXd5wrFrI0dRbWT6xzI6L37jpOz8fvvp3f/hQ37ffPbDxlE0//b3jrn7sCxfuv/evnnx74JF/fa0obhxPZ0yuJ28kIVR/cOjrXzrw3Am1siSEUE4G94SwNFn25NIkE2LklyGEjTnxH37n7E215d47e6eUL8lsZ7x/sFXTcbb78PVnhld+Z/2tP17xvb/t2ff6nslNkmrTeAph8ZXNj+8JISxM/9fE0bY8Pjhdrgsh9KW3ayPs/Jz2/PNXnz23tjy1zfavzlk/KV0uSJf9BXHi/Ssz66XMdtn1qCez7Cuob7by2tHpdkUWZdYnT0bfKOratuS1M5YvTZffT5dnzDB+Of5PQikJlUbztySTYyQ0HbckJBPbVxvrpcaxDen+Z9aTzHops17uyezXRL1p75WTZGp53C5THk/HlbT8lOZzdQuX5pR/OF1W0yfqu3E9ZG/U9U+70divCbFdh47QlqOh1HQOalXeOPDpwajtzvj4+Hh/smzaY8ZbiPcdWH/XqvKGpw4O5rQjeShJ4ycTdc40/u4fLV30+e/ecd3yvPhXltL4pY7iv3rR829efse3vpkb/54Yv9xR/LMe73vjoqdvW5nbP4di/1Q6ij/62jN3rzj+qn257b8vxq92FH/t/ud7Bw4//kRu+0di/yzsKP7Ln/zUzx588dHXc+OHGL+vo/gb9m//cu/Q4dMn45enxn8i9k//DOLvbdz36lv7zntpaOgXw3ntfyHGH+io/Q/sufcT9y+588Lc47su9s9gR/EvPu2xWxcdfvTkvHNncl+3XjkBPpiOS6+xbk/XO80zZ6spX/jL4Ur9OnBR+n8gfL17FWUuPmv1LO5edAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACY8KEz/+un//dnB9+opOu96Y2XS/VlLF8QQrIwhLBz1+iOXZu3XTP8hWuv27FtdMvw6K7hsW27dtw4fM5vDe8Y275l9MbavSMfPbv+uGUhqS+Tk6fV3Ts+Pl4anFoW6/t3p+17ZdX5/+efQhj50E+GKrntX33v1vuPb/EzI1k7fsHW6y75ybl/k+7XYNquwRbtGh8fHw857frny351/1cP/fz0EEZ+La9de0IIz7z82/8wpUETBZNxUqXeUG9Qb9LXsh2NVqftif1V2bR5y9hICMsuWJLuYev9KOfsx7+/6fVfbrrhK7+q92+15X6E9vt34drxLaVvrL/4/33j5nrBkY77+DE87kX9Hfciti/2XzXt78Xpfi3O2a9Kzn7d9uMnXvzBiXe8vSeMVN5aMb3uov3qSQdAT/LhtuqNNfQlS6eUV9Pt4xGPj1u9a+v21Ttv3P3RzVtHrxm7Zmzbx9ecs+a8kXPPO3f1xJ6v7vL+x/p/vc39Pzrjacmf7vl+/NneeCpqV1F/1NpV3B/NLcp7/vVd+qWvffzepy+pFxSN87h143ySLvtqx3lNaBpv0/uq1X4V9UMIYbhVP7z59oXhhP+x+dai81DzkWn+mZGsHX9u5b/8zfl/vfzf1Avm8jwf4nm+uUEdnucbrZ5sz0R/VdPjMV7bj97517+9oZzuV3/Ldq157umeuw7+05812rdgQbhhdNeuHWvqPxelLV2UnNSyXdnSuF8rJn6WQ3p4Q2OYthivNT2h3r7s+TNunu3V/vS+/mRZy/3KivcdWH/XqvKGpw7m9XTyUL3GhWGgvkw+krPllswDy40Gt6p/vj7/isbH0Kf/+pHPPvJ350wbH2fVfxbtV5KzX9978YGvffsr//Hvurdfn/7t5wf/5X/+yap6wXvlvNJoddqepPm8clYIRc+/FaH1fuQ+/0qt96fo+ZetZ3L71vGGM+v9odzR8/Wsx/veuOjp21bmPl8Ptft8vXnKWrnF83VBU0vmy/jJPr+SytR2zN3za8pASdaO//D24/Y8ecu6E+sFReO6sXWrcX12G/lHzn79w+UvDV07/B/+e/fOG9/5rYev+Ono2j+vF3R+3GNbunPcq2n/VnP6t9HqmHc29+/Hrr52y8Z6+fy9/k2XBflPPJXsvHH3F0e3bBnbsbO9/Zp4XHn6fmVfT2M92V7u9PU0nt2WFexXadp+zd2Ndvqr3edb2v5yNkanz7f+kHT0urD7R0sXff67d1w3OO1RaUVXltL4pY7iv3rR829efse3vpkb/54Yv9JR/NHXnrl7xfFX7cuNf1+Sxq92FH/t/ud7Bw4//kRu/JHY/oUdxX/5k5/62YMvPvp6bvwQ4/d31v9v7TvvpaGhX+TGfyFJ66ldI4Xw8Dtnb6qvJ6Enfb7FdvRMaVfIrieZ9VJmvdy8XqrPtTYqKCfJ1PK4XVp+SlNbWvnjnPJ4FVZdXl++G9dD9saRy+ebUtO5v1V50XUqAMD7XXz/P16Dxvf/x9ILpfyZBpg02zxseU7cmIdNzucsmHL/8jR+fHycBxz6WBipLfcO1y/0Z/o+Qnw+ZOc5Yz2nnzo1RqfznEXz7ysz67Fd9fnySlMempqe11RCG/PvsZ6BRj1Hnn/P7H7x/Pjw7dOaNdw0b5U9fj3pjFmrzzuEqf1SqUXIGx/ZebH4eY6hxWHdRH1tjo/s52jicch+jibWc2LmxNnp52hmOz5is48wPiaaXPz+xvTjF47Qv5PHr3W07PGbwfGu1raf6/dnuzBv2PKUdvTmDef2/TDzkjnx0yfYfJ83jOVxPyptzid+Nqe8W/OJ8XQR23XoCG05GqbOJ169MFtuPhF4r4r5f3yNqOX/tQvw/5vZrug6NHvVGOPlfk5o2ju8dUV5x/TP6fV19Dq+Yf/2L/cOHT499zrniXY/97N9ylpfwef0ivpxVWa9sB9zJmiK8r1sPUX9nv1cRn8Y6KjfH9hz7yfuX3Lnhbn9vq7+Qlrc71+bsjZQ0O/vgXyhdXz5wgciX5jr+bNjlo+kH3yaq3zkj3LKZ5qP9E270divCfMzH5le3jh99xzddgEA7x0x/2+8f5bm//8rbpBeRxTlrWdk1mO83Lw15/okL2/9w3R5Q2b7/vQ3KmZ63XzxaY/duujwoyfn5i33tZuH/qcpa4OFeejs8ubcPGJddz4vnptHNPKs2eWJue1v5Imzy9Nz4zfy9Nnl0bn908ijZzcPkBu/MQ8wf/PcxaGdPLdgvi5TWVxtd77ufZtHp78+O1d59KU55TPNo/un3Wjs1wR5NADAsRXz/3gZF/P/pzPbzfZ99ty8oEvX7dm/B9KI/8LRyivnOu+b67x1rvP6uZ6XqOfFpTD/8uL23v+d63mhuZ0n+8DnxWml8mIAAOazmP/HX2zKz/9nl5+0yt96puQn8vOW8d9n+fl8fN+6vfy8i/NfTb9jcfTmv+ZB/l+Z2gXHIP/fG8vn5H3xanWy8+T/AADMQzH/j7/2GP/+339J17N/t16enhN/1nn6kf+AjDz9GOTpzfGPWp7e/Xm24HMAx/bz8Qsnt38fzAOMj4/fMllgHgAA4D2hZyJTmv579p9Ll9nfs8/7vfzLc7ZvVyW9PL5q146xsSuu275xdNfYFduu3Ti284rrd2zetWtsW3272eaNuXlLeqXeEyppf7TeLpu3LUn/HsKSnL+HkN0+hj1p4sb0v4eQrXZhwd8RmDx+7bU37/iVjrB9q/GRd7zz4v9xzvZR4/hf/SdnXbFp5xWbt23etXl0y+bdY1O3q2WtfTP43szYLTP6vtTMj2lKM//+zu60ozStHT1pf2SP/8L4fQaZdixNW7I07/sPctr97H/76p+eNv6rB0MY+VD5I7Pqv2Tt+H++bOwPdx38yfZa+0u547fWnsaWabuKvq80u33cn8qWa3fuOnPTtddt25jb9pmI8xmlxvoczWekT/9ym/MTG3LKZ/r7++VpN+antj+nAADAFPH9/3g9G98//Ep6ARXL28/TZ/f+cW6enr5/XJSnZ7+XrChPz24f97fdPL06yzx9sv7edP+OnKdn25uXp+fl3Xnx/yhn+5lqf5zM7nMeuePkyvbGSfb7DIrGSXb7mY6TZJbjJFt/0ThptX2rcZJ33PPifyZn+zztj4fZfS4ndzzc0954+M3MetF4yG4/0/FQmuV4yNZfNB5abd9qPOQd37z4l+Rs366p46M2MCbGxdgV11+744tN283191/UvDKr9s3t9390qv32z+3nvua+/XP7ubK5b/9MPlc2+cmm+Lmy3Pa/MLuZsPbbP7ff79KpOZuvHZ+cIF0QJj9sVvT5s6J53PXTd2DCTOdxF0y7MT+Zx4VjJ+b/8WwW8/8702W33wbq5nXS+JLJ20fve9Leu99j9m/L8/97zIquY47a+69z9XqeKno93/PA1O29ngMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8v/RWlk8sD9628/AlJ/7+s38x9s4tf/D3W/f+xk3f+fnw1b/7w4f6vv3ugY2nbPrp7x139WNfuHD/vX/15NsDj/zra/Hx5bzAgxM/K2ekq9UQkjeSEKo/OPT1Lx147oRaWVJ7fDK4J4SlybInlyaZCCO/DCFsbLRz6p0Pv3P2ptpy7529U8qXZIJk9yv0l2N7mtsZwg1tdBbvOdV0nO0+fP2Z4ZXfWX/rj1d872979r2+Z3KTpNo0nkJYfGXz43tCCAvT/zVxtC2PD06X60IIfU2PO7+gXae22f7VOesnpcsF6bK/IE68f2VmvZTZLrse9WSWfQX1zVZeOzrdrsiizHr2ZDRbee2M5UvT5ffT5RkzjF+O/5NQSkKl0fwtyeQYCU3HLQnJxLGsNtZLjWMb0v3PrCeZ9VJmvdyT2a+JetOBVk6SqeVxu0x5PB1X0vJTms/VLVyaU/7hdFldPrW+6rQbdf3TbjT2a0Js16EjtOVoKDWdg1qVNw58ejD607L+ZNnkxuPjcTlN3OTA+rtWlTc8dXAwpx3JQ0kaP5keP+SGb8Tf/aOliz7/3TuuW54X/8pSGr/UUfxXL3r+zcvv+NY3c+PfE+OXO4p/1uN9b1z09G0rc/vnUOyfSkfxR1975u4Vx1+1L7f999WiVkJ/qLYdf0GYjL92//O9A4cffyK3/SOxfxZ21P6XP/mpnz344qOv58YPMX5fR/E37N/+5d6hw6fnxn8i9n9/Z+PnrX3nvTQ09IvhaY+qX4gmL8T4Ax3Ff2DPvZ+4f8mdF+Ye33WxfwY7in/xaY/duujwoyfnnTuT+7r1ygnwwXRceo11e7relGcOzCTPnK2mfOEvhyv1a75F6f+BblaUUatn8RzGBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/ekfbz7nc5dd8Jn1lSSEJGeb8RbifeUFa9cOd1Dv6GvP3L0wU7a8gzgAAABAsVoevuL4q/aVGiXVsDxcnywMJ7XcPs4RnBTXkqnl2TmEGCc7R9BpnFKX4pS7FKfSpTg9XYqzoEtxersUp1oQpxrai5OdK2qOU6mNijbb03fE9rQfp79LcRZ1Kc5Al+Is7lKcJV2KM3jEOO2Pw6VdirOsS3GO61Kc47sU50NdivNrXYpzQpfiZOeUZzoOB9ItT8yLM3GjXBinkpQbd7SaTz8hrefkWdbTX1DPQNHrcZv1LGyznlMzjyvNsJ5qm/X8+izrSdqs5zdnWU+poJ44bm/Iti/WE9faHP83dinO7i7FualLcW7uUpw/61KcP+9SnFtmGQegXTH/n8z3BkNvZUdjLTsLEPPdFRM/p7/e5Z2Q+tJIH8mULyiKl03UM/FWzLR92QmETLyVmfKeKfEqjXzkCPGqzfFWZe4s3N/shEKmfWdkynuL4mUnFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgDv3jzed87rILPrM+JKH2r6XxFuJ95QVr1w7XbvTOrN4D6+9aVd7w1MHmst5KR7sAAAAAFIh5eE+jpBp6K2tCb7JgynbVdB6gmq6XB+vLocVhXW2ZDJcm1vuSpUd8XCV93OpdW7ev3nnj7o9u3jp6zdg1Y9s+vuacNeeNnHveuas3bd4yNlL/GUJvQbwQwsT0w84bd39xdMuWsR0764XZ9i9PH7c8XU/Sxw19LIzUlnvT9i8rqK80rb65u1F89AAAAAAAAAAAAAAAAAAAAAAAAAAAgP/Prt2FyHmVcQA/78zszHTb2JV+ZBqazZCPErVoEreSaum+IFhok5ClILPVtQSbYHHThDYpsY5twLYmKEJLIERyYSQWW4s3/bBF7AeBSo0G3BikLdoLvVBaraQlF5Iykt05szOzM5l1CE0bf7+LeWfOec553jMXC/93BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GBNVUcmKqNj44NJCEmXmloHcS6bT9NyH32/+vz2HxaGT61sHivk2oou72NjAAAAYI6YwwcaI8VQyGVDNlw1/WlpaJoIs7kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/zNVHZmojI6NX5yEkHSpqXUQ57L5NC3Ps1fz/m++++TnXhse/nvzfKmvEwAAAAC9xByeaYwUQyksCwPJVS11MbsvalvfXhf3WTzPuvZnB93qls2z7pp51n2iR92G+nVXAAAAgI++mP9zjZGhUMgt6Jr/e+X6WLekrS5bv873twIAAADAuRPzf6ExUgqFXKmR1+eb95e21cX1vf5vH9ev6LK+1//z19ev/k8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8dU9WRicro2Hg2CSHpUlPrIM5l82la7qPvmhcG/3nLkYeWNo8Vcn1sBAAAAPQUc/hs9C6GQm4wDISLp3P/8E0Hn/7y08+OhBBmYn4+H3Zt2rHj7jUzr7Fu9dEjAz945e3vzKlbPfN63g4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcM1PVkYnK6Nj4RUkISZeaWgdxLptP03Iffd/4wpf++viJ595qHiv1sQ8AAADQW8zhs9m/GEohH/LhyulPzVn/jEzb+m7PDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIALxz3fuu+bmyYnN9/tjTfeeNN4c77/MgEAAOfakpCE2v9o4cbzfdcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCHwVR1ZKIyOjZeTEJIutTUOohz2Xyalvvomz5/rLDg1AsvNY+V+tgHAAAA6C3m8NnsXwylMBAGwhXTnzo9E5jO/0Mf4E0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHypT1ZGJyujY+IIkhKRLTa2DOJfNp2m5j76P7T7w+cOXfv/m5rFCro+NAAAAgJ5iDs83RoqhkPtkKISr658nWxck2fq183OB2XXbW5YNzntdtWVddt7r9rSdLFc/zcy6YtxvaObaWFeeu67ctK4UGu3LLevCvpZVC3rcZwAAAIDzKOb/QmNkKBRyhaac+7OW+iE5FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoYqo6MlEZHRtPkhCSLjW1DuJcNp+m5T763ve7j1/ytZ/v3dk8VupjHwAAAKC3mMOThXGkGEphcfhYWDyd+8NQa318RvCvyunDj/77bytDWHXl8eFc+7Y/jm9+88aNL7a/hJBprc6EcGm9X9Kl32//8Oi9y2unHw9h1RXZq+f0C2fv17plWnumsnn9ju1he69vBwAAAC4MMf8PNEaGQiF3V9f8H5N3j/zfMB3AL7139y8vr7/WE3nbisxQvV+mS78vLn/yLyvW/uPtM/n/bP0+c2Dr4ctbGs6MtEnS2ujWnRuOX3coE0890z/b1j9+L1/59lv/2bLrkdMz/YuhWB9flOvUf+5r234XpbXJzP7xde/vr7b2z3U5/0O/f+nErxftfe9M/3eXDDb6X3OW83fqHxr9B299eN/1B45saO0fQih36v/OezeHhX+688H28w+2bdz8zTe/tknS2tGlJw+tPVi6obV/0tY/fv+/OPHYvp8+8r1nY//4W5GVy+bbP9PW/9U9l+1++YGNi1r7Z7qc/8XbXhveVv7uH9vPf0fLrrmudzH3/E9c+9Ttr29K72+fAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLBMVUcmKqNj45kkhKRLTa2DOJfNp2m5j75v3nLsndv2/uRHzWOlPvYBAAAAeos5fDb7F0Mp5EM+DE7n/mcqm9fveOX49jA0M5vUr7nJbffs+NSWbTvvuuM83TkAAAAwXzH/5xojQ6GQWx4G6vl/dOvODcevO5SJ+T8T8/+WOyc3rwqNulf3XLb75Qc2Lmo8Jwhh+mcBxTN1n52tu+nGY0Mn//yNFR3r1szWHV168tDag6UbYl1orlsdGs8nnrj2qdtf35Te37i/5rpPf33bZP3xRNx38NaH911/4MiGxjnq18H6vrFuMrN/fN37+6uxLlu/FuvnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmmqqOTFRGx8ZDNoSkS02tgziXzadpuY++65b/6sFLTj23uHmskOtjIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7LDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbrL0SqKo4D+Dkzazvu7K67GrQVrasVhT0kBRH1UlERGiL0pEhYmg9hEEQURrSGRmJFL0HWi0QF1RZCQW6SaLFG/6SXHioosB4CkRbSRYL+sDPnjjN35zY1K0H1+cBw5py59zu/e8+ZMzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8qvT0jtfbIzgdm1lxwyyeP33Pqsdveu2/7ZY+8/sPYpps+3tf3yumpzcu2fH3zkk0H7l01uefFwycH3vntWHPGyXbBD9ebFalbCSGeiCFU3p9+7ompT8+bHYshhHIcGg9hOC4+PBxzCSt/CSFsbtTZ+uLbp67eMttu393bMr4oF5K/rlAtZ/XUDbXWy39LJa2zbTMPXRG+vXHdjs+XvvXmgonj42cOiZWm9RTC4Mbm86cGQ1gY6o9Z2WobyU5O7doQQl/Tedd2qOviv1j/lQX9C1N7TmqrHXKy15fn+qXccfl+ZkEIv66ptzV9Hd5vvorq6Pa4TvpD6waT34zmK9W5tWA8DKf23dSu+Jv55RAeXV/bT0Mphp5G+VvjmTUSmuYthliby0qjX2rMbUjXn+vHXL+U65cX5K6r9r5poZVjbB3PjsuNZ9txTxpf1rxXt3FHwfj5qa2kD+rprB/yT+qqc540rqsmq2v6T2r5J5Sa9qB2442JT5NRTWPVuHjOOb+3kb02te6pS8sbPjgyVFBH3BdTfuycPxTm5G/7bLj/zjd2PThSlL+xlPJLXdX/3eqjP63f9dILhfnPZvnlrvKvOth3YvWHO5e3uT+Dtfzp7P70dJV/17GPnl567t0T7ea6lr83y690lX/D5NHegZmDhwrnd2V2fxZ2lf/N9bd+/9qX+48X5ocsv6+r/A2T9z/TOzpzeWH+ofpHoVpboV2sn58nrvlqdPTHsaL8L7L7P9AmP3bMf3V8z3UvL9q9qnB9rs3uz1BX9d9+yYEd/TP7LyraO+Pes/XNCfD/tCT9xnoy9bv9nzlfTf8Xnh/rqX8D9afHwNl8o5yY/eABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vv3BrEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUwAAAP//IkczQw==")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)

4m51.991616489s ago: executing program 6 (id=14691):
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040)={{{@in=@remote, @in=@local, 0xfffd, 0x1, 0x0, 0x0, 0xa}, {0x2, 0xfffffffffffffffc, 0x3, 0x0, 0x0, 0x1, 0x1}, {0x40000000020, 0x40000000, 0xfffffffffffffffd, 0xff}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {{@in=@empty, 0x2, 0x32}, 0xa, @in6=@mcast2, 0xffffffde, 0x0, 0x3, 0x0, 0x4d}}, 0xe8)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x8, @loopback}, 0x1c)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x3d10, 0x4)
sendto$inet6(r0, &(0x7f0000000000)="8d", 0x1, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000080), 0x5e2, 0x2001, 0x0)

4m51.928535836s ago: executing program 6 (id=14693):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000005c0), 0x10)
recvmmsg(r0, &(0x7f0000001000)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000140)=""/53, 0x35}], 0x1}, 0x3ff}, {{0x0, 0x0, &(0x7f0000000940)=[{0x0}, {&(0x7f0000000400)=""/160, 0xa0}], 0x2}, 0x4}], 0x2, 0x10002, 0x0)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="050000007f0000000000010000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)

4m51.798783677s ago: executing program 6 (id=14697):
bpf$BPF_TASK_FD_QUERY(0x24, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)

4m51.798580794s ago: executing program 6 (id=14698):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x2000002, &(0x7f0000000240)=ANY=[@ANYBLOB='utf8,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c646d6f64653d30303030303030303030303030303030303030303030342c726f6f746469723d30303030303030303030303030303030303030342c696f636861727365743d63703836362c756e686964652c6e6f6164696e6963622c6e6f7374726963742c7569643d666f726765742c006e646058ca3be182cc43baaaf2f77a30538415e6cd8618f1936a4cc4515f736be0cf653e6d411a18db5d62a4cc1dca6e05b1200c3e50270c9902df1ebd79437f74a1b37db2bf05cda881dd68d2c53a4780f47d"], 0x1, 0xc32, &(0x7f0000000e00)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})

4m51.687120487s ago: executing program 6 (id=14699):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/notes', 0x0, 0x64)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58)
r2 = accept$alg(r1, 0x0, 0x0)
sendfile(r2, r0, 0x0, 0x1)

4m50.087238866s ago: executing program 6 (id=14706):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file2\x00', 0x2000482, &(0x7f00000004c0)=ANY=[], 0x1, 0x22e, &(0x7f00000005c0)="$eJzsmD1vE0EQht9dn885QAiaFDQpiEQQxI7PTRqLDwmJCiElfFVgkSMKduLIOSRiiSKioYGOAomGgj9AkSIVBR1/AAkKQEKiwAUFDRSLZnfPXnLn+BJCxTzF6t2b2ZmdyWYKg2GY/5bPn358fHx+dv40gEOYRMl+/1oAhDBaOv4fnt079bR+4fmr9y/frBx+sLU9Hh1R6s8PYzvkp3yvJ5KddE//JDFpN/OQfX0FEietvgaBstW3IHHV6ggCN6y+6+g2+ZfLd5ZaUfl2u7VAYoaWKi0hLTX3fh6A3obAgt0rpZRw7Gvr3Waj1Yo6jvCsLcO0J9FP1hxP9a8IH71zEnXnftTF648ebtA+6c2M078qJKq2iBoE5uz3WZSS3piWOPUf8wbxC6n6M6slVzKMKnLMiPr3fWkWCR9GHJ1O/hS7izNF5ZxNm4704yRPOk/AbdmLGJiok/tT8tCno4U3+i2eSTqV4ePtXOmlvFU8CQD8o0pdkV1FB6t5jo/3tt6mTV9GJVVieOTA3kfkfoe/VN6SsacX7ooA3abM7tjfCODdppkf6oXACWc+ec78qMTLq5W19e700nJjMVqMVsKwVjpobHoQVfSamnuD+Rzo+XTAiV8c4utLH/cbcdypmtUXPgLEcSfU+9D5t5nbbH+7aY/FuAjguNnQ2PT7EQupHMI3PlL7kpoqQAy9PsMwDMMwDMMwDMMwDMMwzC6YgNC/go4gvKy9fwcAAP//zrJYgQ==")

4m49.899244183s ago: executing program 44 (id=14706):
syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000580)='./file2\x00', 0x2000482, &(0x7f00000004c0)=ANY=[], 0x1, 0x22e, &(0x7f00000005c0)="$eJzsmD1vE0EQht9dn885QAiaFDQpiEQQxI7PTRqLDwmJCiElfFVgkSMKduLIOSRiiSKioYGOAomGgj9AkSIVBR1/AAkKQEKiwAUFDRSLZnfPXnLn+BJCxTzF6t2b2ZmdyWYKg2GY/5bPn358fHx+dv40gEOYRMl+/1oAhDBaOv4fnt079bR+4fmr9y/frBx+sLU9Hh1R6s8PYzvkp3yvJ5KddE//JDFpN/OQfX0FEietvgaBstW3IHHV6ggCN6y+6+g2+ZfLd5ZaUfl2u7VAYoaWKi0hLTX3fh6A3obAgt0rpZRw7Gvr3Waj1Yo6jvCsLcO0J9FP1hxP9a8IH71zEnXnftTF648ebtA+6c2M078qJKq2iBoE5uz3WZSS3piWOPUf8wbxC6n6M6slVzKMKnLMiPr3fWkWCR9GHJ1O/hS7izNF5ZxNm4704yRPOk/AbdmLGJiok/tT8tCno4U3+i2eSTqV4ePtXOmlvFU8CQD8o0pdkV1FB6t5jo/3tt6mTV9GJVVieOTA3kfkfoe/VN6SsacX7ooA3abM7tjfCODdppkf6oXACWc+ec78qMTLq5W19e700nJjMVqMVsKwVjpobHoQVfSamnuD+Rzo+XTAiV8c4utLH/cbcdypmtUXPgLEcSfU+9D5t5nbbH+7aY/FuAjguNnQ2PT7EQupHMI3PlL7kpoqQAy9PsMwDMMwDMMwDMMwDMMwzC6YgNC/go4gvKy9fwcAAP//zrJYgQ==")

4m29.131739545s ago: executing program 5 (id=14936):
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

4m29.053189005s ago: executing program 5 (id=14937):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, &(0x7f0000000480)=0x2, 0x4)
sendmsg$802154_dgram(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x24, @short={0x2, 0x0, 0xaaa3}}, 0x14, &(0x7f0000000100)={0x0}}, 0x0)

4m29.05268744s ago: executing program 5 (id=14938):
r0 = fsopen(&(0x7f0000000400)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000540)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f0000000240)='sockfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='\xd1S{O', &(0x7f0000000080)='\x1e\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000001680)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f0000000640)='dU|\xcbM\xe6\x91q\xe0\x05\xbes\xc0\xd2\xdb0}\xa6\xc4tly\xe0+\xb8~\xd9ymx\xa1\x06\xb4F\xf3Q:\xfem\xea\xed\xfc\x04\xf88\xe0\xa1&\xa8\xff\x10\xb3\xb2\x92N\f\x00!\xdbV\xc3\xca\r\x8c\xfb\x8esJ\xb3\x1bf\xce\v\x0e\xe3\xd5', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000003c0)='(\x00', &(0x7f0000000440)='\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000007c0)='{)+}@@!}\x00', &(0x7f0000000800)='dU|\xcbM\xe6\x91q\xe0', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000001ec0)='\\$#[\\/\x00\xd5\xd4^\xa7\xe4\xd4\x1f.yh\x18\xb8s\xe6\f\xaf*4\xe1\xa1e\x04%f\x8f\xde\x91\x04\xbb\xc8\x17\x15\xa4\xf0\x00\x15w\x00\x00\xed\xdd}\x00\x18\xf3\xde\n\xbe\x91\xc4\xc5\xe6\xd3o\xaau\xf34\t\x9d\x80rg\xbc\xee\x96p\x18\x9e(h\xeb\xd9\xde\xa6\xfc\x8e\xe3,\xae\xa8\xf0\x82y\x91\x1c{\x85 \xc7P\xa3\x9c\x06\xc1\xd3\x92\xcd\xcc\x17\xb2}\x13:\xbbh\"%;\b\x7f\x91\x8a\xa5Z\x92~<\xfe3\x19\xdcVJ\f\xd1\x89d\xf9N\xbd\x92\x86\xa2\xa8\xc0:\x1f\n\xc9\x8eUO\x8e\xea\x99\xe1\xbe%Y\x9eH#\xa4\x9d5\xa88m6\x89kE\xce\xc3\aBW\xec_\xea_\x81\xbe\x86~\x84F\xa9\xcd\xba\xfb\xd8\x8f\x01\x81~\x9c#\r\x87\xcf\x19\xb9\xbd \xcb\xff\x88io\xb0\xb1\xa0B\x8cI\x82+\xc4\xcf\xf4!+\x16v\xb6\x8a\xb7k}\x1d\xf2\x1c\x00\x8f\xd7\x84R\x12\xed){SM[\xe6g6\xfeF\x1dJ\x83', &(0x7f0000000380)='\xbd\x10\xe2\n\xc4\xa8\xa8?\a\x9e@O<\xf4s\x85~X\x85\xdc\x11\x04a\xf8\xa6f\x96nB\x02\x10+C$\f\xb3\xcc\xed\"M\xb6 V\xc5\x9a\x11o^\xda\xc8', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000a00)='wsync', &(0x7f0000000b40)="b2", 0x1)
close(r0)

4m28.970212591s ago: executing program 5 (id=14939):
syz_mount_image$minix(&(0x7f0000000540), &(0x7f00000002c0)='./file1\x00', 0x8040, &(0x7f0000000c00)=ANY=[@ANYRES16=0x0], 0xfd, 0x1d0, &(0x7f0000000300)="$eJzs3O9uk1AYx/EftIXNP/H/G99qom8cdiYSXxi3O3Hp2Fxkaqxv2jSxxivxRrwVb6BN7A2IAVoKqBVRoK3fT7LsPPQczvM0oZzThArAf+uqJEOGOpKCIHj/4m5wpemcANQj0LegqKeLMQC2ROvrH3U3pHFluQCo0/SwZUY39bH0ZTbqTeZ/ndw6YTcTtZPW9DAefiBpkhpvFVx/TD8Y0f/b7ex4W9JOkfXLp3j8vcX8YWqzUS+Tb76Y/Pze5zhIzX+hcP5x/ffvZPO/KOmSpMthIfay/zVJ139S/3H2/bNvFZwf+BuG9vJx5oCpkzPfe5jEHZ1Y8rpJbEWv7+fiR0lsR/Fe77V/XFUJAEoyf7j+n5vpuKVwwb+8/tvR9dytL0EAlekPhi+PfN97W6ZhjIt1NspPQaOehrUeaZRohJu7NUgj1/ho/oPz7NSac7hzTh3JfVAU3dAD2BjOu/M3Tn8wfHB2fnTqnXqv9t0nrit1H7tOtPN3svv/2Iov1ABsjMXdf7fpRAAAAAAAAAAAAAAAQGk3JN1chgdN5gIAAACgWr97MEjzn/tZ+fDQs/nJftGn4RIBAAAAAAAAAAAAAAAAAACArfE9AAD//zpGOPg=")
syz_mount_image$bfs(&(0x7f00000000c0), &(0x7f0000000100)='./file0\x00', 0x808000, &(0x7f00000002c0)=ANY=[@ANYBLOB="00cd067ca5fe94f358a97d3799d10d6a0f0d49553970899fa347aa76be1b2509f63779954a38f01042f578e036051ee7d6d1fb7e07c209e650464433ce970000000900000014c931bb00000000", @ANYRESOCT=0x0], 0x1, 0xa0, &(0x7f0000000000)="$eJzs17GJAlEUBdC7s8vuGjgNGNiBNdiKGGpmpAhWZCuWIIgVmInJyDgziHagngP/Py43fcnbXbaDlEm1Saoni+VqNpk3f/p5MA7voEjyl+Q/ybBs8u+tObRbkOxP62n36ubr3DUAAMArKTKqx3cbj/fmJ0mvvQOaBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPCJrgEAAP//sjg1uA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
lstat(&(0x7f00000034c0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)

4m28.916477259s ago: executing program 5 (id=14940):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x19, &(0x7f00000000c0)=""/25, 0x40f00, 0x0, '\x00', r1}, 0x94)

4m28.580005963s ago: executing program 5 (id=14941):
syz_usb_connect(0x0, 0x3f, &(0x7f0000000400)=ANY=[@ANYBLOB="1201000077f1c910720c0c0059f60102030109022d0001000000000904"], 0x0)

4m28.399917214s ago: executing program 45 (id=14941):
syz_usb_connect(0x0, 0x3f, &(0x7f0000000400)=ANY=[@ANYBLOB="1201000077f1c910720c0c0059f60102030109022d0001000000000904"], 0x0)

2m6.982181996s ago: executing program 1 (id=16578):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r3, 0x29, 0x3b, &(0x7f00000002c0)=ANY=[], 0x8)
bind$inet6(r3, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r3, &(0x7f0000001c00)=[{{&(0x7f00000000c0)=@alg, 0x80, &(0x7f0000000640)=[{&(0x7f0000000140)=""/97, 0x61}, {&(0x7f0000000240)=""/121, 0x79}, {&(0x7f0000000340)=""/107, 0x6b}, {0x0}, {&(0x7f00000003c0)=""/124, 0x7c}, {&(0x7f0000001cc0)=""/213, 0xd5}], 0x6, &(0x7f00000009c0)=""/4096, 0x1000}, 0xbac00000}, {{&(0x7f00000006c0), 0x80, &(0x7f00000002c0)}, 0x100}, {{&(0x7f00000019c0)=@pptp={0x18, 0x2, {0x0, @empty}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000001a40)=""/207, 0xcf}], 0x1, &(0x7f0000001b40)=""/173, 0xad}, 0x7a}], 0x3, 0x2b, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x4a, &(0x7f0000000040)=0x7, 0x4)
sendto$inet6(r3, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

2m5.971419757s ago: executing program 1 (id=16583):
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
socket$rds(0x15, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000020}, 0x0)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x34000, 0x0)
syz_mount_image$minix(&(0x7f0000000180), &(0x7f0000000300)='./file0\x00', 0x2000000, &(0x7f00000018c0)=ANY=[], 0x3, 0x1d4, &(0x7f0000000580)="$eJzs28tu00AUxvFvYjutW+6FDatIIMGGmKbiUrGBHZu+AlLVulWEC4iyaYRUISHxHDwRL8AjUAm2IGHkS5xiOypu4pom/99qTo9HPtN4kjMLC8Dc6qgjI+MM48MV4+hXmAStBgsDULtop/8Oq7GieQBmgPW96QoANOPoWdQFmKQZsJxCf/DVSE8lffvxfkutdiF/9EG66aZ5s6DFfH/xWboznG/c0vlLWX6pNH/31vD+y7qgi7qky7qiq7qW5rez+Tcm6ISA+WPUzcfd5FSQaGmnH/j3s9jRTn/52PXtON/LxWtZvBDH3a3XwXZtawBwOq3S/T9i5fa/HcerZ1cggNrsHwxebgaB/7by4MnPMKw+Kx5YkkpS6SmkLDW9QWhJpal2jTetNPhoxlQ4+aCjs1pFdFIspqIT55inbrHsgXyu/+NDscfsFPuE6YeSBl8kTaUMd2r/DVcnX3P8W6J47gdw/nnv9t54+weDe/29zV1/13/Ve9xbf7j2YPXRuhd3/t7f/T+A2TH60W+6EgAAAAAAAAAAAAAAcForup6O7NEfPzVVDQAAAIA6/dM7Qxu3N15M8MpR02sEAAAAAAAAAAAAAAAAAAAAZsWfAAAA//89Qw3O")
setsockopt(0xffffffffffffffff, 0x84, 0x7f, 0x0, 0x0)
setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x4b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

2m4.65395953s ago: executing program 1 (id=16591):
r0 = syz_open_dev$video4linux(&(0x7f0000001380), 0x2, 0x501)
ioctl$VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f00000002c0)=@overlay={0xfffffffa, 0x4, 0x4, 0x8, 0x1, {}, {0xcad72c80fdf3f3e7, 0xc, 0x3, 0x9, 0x7, 0x78, "1a2805b1"}, 0x4, 0x3, {}, 0x3})

2m4.653512419s ago: executing program 1 (id=16593):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000340)=[{0x0, 0x0, 0x0}], 0x1, 0x40801)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xe825, 0x3400, 0x1, 0x3c3}, &(0x7f0000000dc0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

2m4.459030347s ago: executing program 1 (id=16594):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

2m4.382937487s ago: executing program 1 (id=16595):
mq_open(&(0x7f0000000040)='\'\x00', 0x40, 0x10a, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0xa, 0x1, 0x7fff, 0x1, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb69, 0xc1, 0x4, 0x1, 0x3, 0x5, 0x101, 0x65d, 0x9, 0x3, 0x3, 0x1, 0xfffffffa, 0x0, 0x6, 0x9, 0x4, 0x7, 0x1000005, 0x100000, 0x75f, 0x3, 0xd, 0xe, 0x2b12, 0x100, 0x6, 0x1c00, 0xfffffff9, 0x8, 0xbed4, 0x8, 0x8000100, 0x61, 0x0, 0x11000, 0x1008, 0x1, 0x79b, 0x2, 0x1, 0x7f, 0x4, 0x400, 0x7, 0xf, 0x101, 0xd7, 0x1fa0860a, 0x7, 0xaa, 0x81, 0x2, 0x180000, 0x4007, 0x8b, 0x5, 0x2af, 0xf7, 0x5, 0x2, 0x6, 0xb, 0x4, 0x7, 0x4009, 0x0, 0x5, 0x100002, 0x8, 0x752, 0x0, 0x3, 0x0, 0x10001, 0x82, 0xd, 0x6, 0x6, 0xa, 0x80000000, 0xfdffffff, 0x2, 0x2, 0x84, 0x100, 0x5, 0x252, 0x81, 0xb, 0x5, 0x20006, 0x5, 0x2, 0x15f, 0x84ac, 0xd9a, 0x5, 0x82a2, 0xfff, 0x3, 0x2, 0x5, 0x8, 0x0, 0x4, 0x2, 0x40, 0x8, 0x7, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x1, 0x1fc, 0xc5c, 0xffffffff]}})
unshare(0x22020600)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

1m48.08484833s ago: executing program 46 (id=16595):
mq_open(&(0x7f0000000040)='\'\x00', 0x40, 0x10a, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0xa, 0x1, 0x7fff, 0x1, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb69, 0xc1, 0x4, 0x1, 0x3, 0x5, 0x101, 0x65d, 0x9, 0x3, 0x3, 0x1, 0xfffffffa, 0x0, 0x6, 0x9, 0x4, 0x7, 0x1000005, 0x100000, 0x75f, 0x3, 0xd, 0xe, 0x2b12, 0x100, 0x6, 0x1c00, 0xfffffff9, 0x8, 0xbed4, 0x8, 0x8000100, 0x61, 0x0, 0x11000, 0x1008, 0x1, 0x79b, 0x2, 0x1, 0x7f, 0x4, 0x400, 0x7, 0xf, 0x101, 0xd7, 0x1fa0860a, 0x7, 0xaa, 0x81, 0x2, 0x180000, 0x4007, 0x8b, 0x5, 0x2af, 0xf7, 0x5, 0x2, 0x6, 0xb, 0x4, 0x7, 0x4009, 0x0, 0x5, 0x100002, 0x8, 0x752, 0x0, 0x3, 0x0, 0x10001, 0x82, 0xd, 0x6, 0x6, 0xa, 0x80000000, 0xfdffffff, 0x2, 0x2, 0x84, 0x100, 0x5, 0x252, 0x81, 0xb, 0x5, 0x20006, 0x5, 0x2, 0x15f, 0x84ac, 0xd9a, 0x5, 0x82a2, 0xfff, 0x3, 0x2, 0x5, 0x8, 0x0, 0x4, 0x2, 0x40, 0x8, 0x7, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x1, 0x1fc, 0xc5c, 0xffffffff]}})
unshare(0x22020600)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)

7.527489809s ago: executing program 7 (id=17968):
syz_mount_image$nilfs2(&(0x7f0000000dc0), &(0x7f0000000e00)='./file1\x00', 0x12000c9, &(0x7f0000000080)=ANY=[@ANYBLOB="002cfbe4dfc52d07fe6b9670e93117085d789a4c3b76a7c8b3d273fd5392199ca0f5b52546f6050830f5a3ad42abe1a3b5b20f6e31132b03caec94aad2851bd2e7926212"], 0x1, 0xdab, &(0x7f0000000e80)="$eJzs3ctvXNX9APBzx544L36x8wuNm6ZJSkigj9iQumklNkaii1KE1CVLmgaa1gmP0AUoi5RFV0i1hPgDipDIpuqi6oJNFbGiG1Sp+wqx6iaVkLJAUcCV7XPG429mdGcc2+PxfD7SnTP3fs+955x53LlzXycBI6ux8jg3N12l9N5H7z7zr7O/+NvylJOtHKdWHsfz2HxKqdmaL6XJsLz5idX0qy+uX2xPv85plc6nKlWt6en52615D6SUbqRT6VaaTE+9cOfeh4vPPrc4debm0Xc+vbs1rV9TbXUBAACwA3z58w9e+8djP70+dfcvJ+bTRGt62T6fz+MH83b/fN5QLtvL5X9A1ZZWHban94R843lohHxjHfK1l9MM+ca7lL8nLLfZJd9ETfljbdM6tRuG2dr/+Koxs2680ZiZWf1PvuyzsT3VzNXLCy9dG1BFgU1352TexWcwGEZuWDo06DUQwKp43PA+Nzb3SF1raeO9lX/76Ubn+WETbPfnX/nDVf4Hv7fGYfPs1k9TaVf5Hh3M4/E4wniYr9/vf1lePB7R7LGe3Y4jDMvxhW71HNvmemxUt/rHz8Vu9e2cltfhRIi3f3/iezos7zHQ2Zf2/xsMIzssDXoFBOxY8by5pazE43l9MT5RE99bE99XE99fEz9QE4dR9tc3/pgWq7X/+fE/fb/7w8p+tody+n991ifuj+y3/Hjeb78etPx4PjHsZL8898mf7/zu1j/j+f9fh/P/T+ff0sm8gij7C+N+9da5/+HC4EaXfIdDfR7qkH/l+ZH1+aoja8tJbeuZ++oxvX6+Q93yHV+fbzLk25+3RfaG+sbtk/1hvrL9Udar5fUaD+1thnbsCfUo78xUTveG9kx1a1fYkb0n5Gvm4f9Du46Edj0c5vtGaFc1vb5dcf95qc/RMD0eJyn5wtt23+9SfC/idRmP5PTtnL6f049z+nmHckdR+Tx2O/+/fD6nU7N66fLCpSfyePmcfjLWnFie/uQ21xt4cL1e/zOd1l//c7A1vdloXy8cWpteta8XJsP0812m/zCPl9+zX4/tW5k+c/GVhV9tduNhxF17863fvriwcOl1TzzxxJPWk0GvmYCtNvvGlVdnr7351rnLV158+dLLl65e+MmPzj8x9+MLF2ZXNutn2zfugV1l7Ud/0DUBAAAAAAAAAAAAelbt6zw5p3X3ty3Xk5fr0+P18QyH8r6VT0O5j0G5/rPbfV3K9ZtT21BHNt92XE406DYCnf3X/X8NhpEdlpbcxR/YGQbd/1+572FJr/79Z3uXh5Lt9tPr15fx/oXwIHZ6/3PK3139/7X6v+p5/Rd6zJrcWLlX7j16s63YdKzX8mP7y31gj/RX/tVcfmnN2dRb+Ut/CuXHG5X26JVQ/v4ey7+v/cc3Vv6rufzysj1+utfyV2tcNdbXI+43LvcBjPuNi9dC+8u9/fpu/wY7ans9lw+jbFj6mezXsPT/2U1ZblkP5tVz6zhduf927O+g3/qX+36X34GHw/Krmt83/X8Ot7r+P8vnb1b/n7DrfOb4n8EwssPS0tJAuz4Z1X5XdopBv/6D3oYcdPmDfv3rxP4/4/+l2P9njMf+P2M89v8Z47F/rRiP/X/G1zP2/xnjR8NyY/+g0zXxb9bEj9XEv1UTP14Tj//fYvxUTfxETfxkTfxwTfyRmvjpmvijNfEzNfHHauKP18R3u+/kdFTbD6Ms9hvp+w+joxz/6fb9P1ITB4ZX7Nc5fr/P1sSB4VXO8/D9hhFUdb5jR9zfXvbjvp3T93P6cU4/37IKsh2+m9Pv5fT7Of1BTs/ldCansznVNeRw+8N/jp1YrNbO8zsU4r2eTxqvB4j3iXmyx/rE43P9ns96tMdytqr8DV4OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0GiuPc3PTVUrvffTuM/8+95vDy1NOtnKcWnkcz2PzKaVmSqnK4+NheTcmVtOvvrh+sVNapfMrj2U8PX+7Ne+B5fnTqXQrTaanXrhz78PFZ59bnDpz8+g7n97dmtavqba6AAAAABig/wUAAP//vrPsgA==")
mount(0x0, &(0x7f0000000040)='.\x00', 0x0, 0x2012024, 0x0)

7.46249854s ago: executing program 7 (id=17969):
open(&(0x7f00000000c0)='./bus\x00', 0x68042, 0x62)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
r1 = open(&(0x7f0000000100)='./bus\x00', 0x22982, 0x22)
write$FUSE_INIT(r1, &(0x7f0000000200)={0x1b, 0x0, 0x0, {0x7, 0x2b, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, 0x50)
write$uinput_user_dev(r0, &(0x7f0000000340)={'syz0\x00', {0x7fff, 0xa, 0x0, 0x2}, 0x54, [0x3, 0x8, 0x0, 0x4, 0x1, 0x5, 0x8, 0x18b95d75, 0xd, 0x200, 0x3, 0x7ff, 0x7, 0x68aa, 0x81, 0x6, 0x8001, 0x1, 0x80, 0x4, 0x6, 0x2b7c, 0xc, 0x0, 0x30dd, 0x6, 0xd67d, 0x400, 0xfffffffd, 0x8, 0xf1b, 0x8697, 0xd, 0x0, 0x3, 0xe, 0x10000, 0x7aa4, 0xb71d, 0x5, 0x80000001, 0x7, 0x4, 0x3, 0xfffffff0, 0x6, 0x9, 0x1, 0x9, 0x7, 0x7a, 0x1, 0xf, 0x2, 0xe9b9, 0x0, 0x80, 0x10000000, 0x9, 0x3, 0x3176, 0xf, 0x2199e7fd, 0xff], [0x3ff, 0x7, 0x4c, 0x9, 0x4afd, 0x10, 0x7, 0x7, 0x0, 0x5, 0x8, 0x10103517, 0x3, 0x3ff, 0x4, 0x5, 0x4, 0x5df, 0x4, 0x8, 0xf, 0xe, 0x1, 0x9, 0x3, 0x8c24, 0x0, 0x8d9, 0x6, 0x2, 0x2, 0x7, 0x8001, 0x6, 0x2, 0x2, 0x6, 0x3508, 0xf185, 0x9, 0x8aa, 0xffffffff, 0x9, 0x6634, 0x8, 0x2, 0x3ff, 0x11, 0x1, 0xfd4c, 0x40, 0x8001, 0x10, 0xfffffffa, 0x5, 0x1, 0x100, 0x6, 0x7fff, 0x9, 0x2ae, 0x9, 0x6, 0x80000001], [0x9, 0x0, 0x8001, 0x7, 0x8, 0x9, 0x5, 0x3, 0xfff, 0x2, 0x1, 0x7, 0x5, 0x1c, 0x8, 0x6, 0x9, 0x4, 0x8, 0x0, 0x1, 0x7fff, 0x8000, 0x1, 0x3, 0x1ff, 0x6, 0x8, 0x3, 0x101, 0xe287, 0x4, 0x2, 0x6, 0x1, 0x101, 0x4, 0xfffffffa, 0x5, 0x5, 0xf, 0x317, 0x3, 0x7, 0x9, 0x2, 0x7, 0x89ce, 0x4, 0x8, 0x4, 0x8cfe, 0x40a11adb, 0x1bf, 0xc, 0x7, 0x0, 0x4, 0x9, 0xffff, 0xa, 0x100, 0x9a2b, 0x2], [0x3, 0x24000, 0x6, 0x2, 0xff, 0x4, 0x7, 0x16, 0xffff, 0x3, 0x10001, 0x8, 0x1, 0xfffff9be, 0x0, 0xe, 0xecf0, 0x4a0, 0x0, 0x3, 0x0, 0x2, 0x9, 0x1b, 0x289a427e, 0x2, 0x5, 0xfffffffa, 0x10, 0x77bf8610, 0x2, 0xd4, 0x4, 0x8, 0x10, 0x8, 0x1, 0xff, 0x6, 0x5, 0x200, 0x74, 0x200, 0x57, 0x293, 0x5, 0x0, 0x7ff, 0x3, 0x0, 0x9, 0x2, 0x9, 0x0, 0xb173, 0x9, 0x8, 0x4, 0x7f, 0xf, 0x5, 0x10000, 0x7]}, 0x45c)

7.462321481s ago: executing program 7 (id=17970):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)={0x50, 0x2, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5, 0x4, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0x9}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000010}, 0x4000000)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x2, 0x36, &(0x7f0000000a40)={{0x12, 0x1, 0x0, 0xef, 0x96, 0xb, 0x40, 0x13b1, 0x42, 0x5103, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x93, 0x0, 0x2, 0x17, 0xc5, 0x5a, 0x0, [], [{{0x9, 0x5, 0x2, 0x3, 0x200, 0xff, 0x2, 0x2}}, {{0x9, 0x5, 0x1, 0x0, 0x8, 0x7f, 0x29, 0x6}}]}}]}}]}}, 0x0)
epoll_create1(0x0)

5.987095568s ago: executing program 9 (id=17985):
syz_usb_connect$cdc_ecm(0x6, 0x0, 0x0, &(0x7f0000000300)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x300, 0x9, 0x4, 0x3, 0x8, 0x4}, 0x0, 0x0})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e"], 0xf8)

5.408565431s ago: executing program 9 (id=17988):
r0 = socket$igmp(0x2, 0x3, 0x2)
bind$inet(r0, &(0x7f00000004c0)={0x2, 0x4e23, @private=0xa010100}, 0x10)

5.31771641s ago: executing program 9 (id=17989):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x0, &(0x7f0000000600), 0x1, 0x563, &(0x7f0000000640)="$eJzs3c9vFFUcAPDvm/7gR9EWYlQ8aBNjIFFaWsAQ4wHuhOCPmxdXWgiy/Ait0aIHSPBiYrx4MPHkQfwvlOjVkzcPXjwZEmIMRxPXzHamLHS3tGXXqcznk0w7b95uvm9289038/bNbAC1NZn/ySL2RsTlFDHeUTccReXk8uPu/vXJ6XxJ0Wq99WeKVGwrH5+K/2PFk7dHxC8/ptgztDruwtLV841mc/5KUZ5evHB5emHp6oFzFxpn58/OX5x9dfbokcNHjs4c7Nu+nrjx/ofjn51859uv/04z3/12MsWx2FXUde5Hv0zG5Mpr0il/XY/2O1hFhor96XyL03CFDWJDyvdvJCKeifEYintv3nh8+kaljQMGqpUiWkBNJfkPNVUeB5Tn9oM4Dwa2pjvHlwcAVuf/8PLYYGxvjw3svJuic1gnRUQ/RubyGD//dPJGvsSAxuGA7q5dj4hnu+V/aufmRHsUP8//7L78zyLiVPE/3/7mJuNPPlCW//DfeZT8f7cj/9/bZHz5DwAAAAAAAP1z63hEvNLt+79sZf5PdJn/MxYRx/oQ/+Hf/2W3+xAG6OLO8YjXu87/zcqHTAwVpSfa8wFG0plzzfmDEfFkROyPkW15eWaNGAc+3/NVr7rO+X/5kscv5wIW7bg9vO3+58w1FhuPss/AsjvXI57rOv83rfT/qUv/n38eXF5njD0v3TzVq+7h+Q8MSuubiH1d+/97d65Ia9+fY7p9PDBdHhWs9vzHX3zfK778h+rk/f/OtfN/InXer2dh4zEOLQ23etVt9vh/NL3dvuXMaLHto8bi4pWZiNF0YvX22Y23GR5HZT6U+ZLn//4X1x7/63b8vyMirq0z5tP/jP3eq07/D9XJ839uQ/3/xldmb0780Cv++vr/w+0+fX+xxfgfrG29CVp1OwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/yiLiF2RsqmV9SybmooYi4inYmfWvLSw+PKZSx9cnMvr2r//n5W/9Du+XE7l7/9PdJRnHygfiojdEfHl0I52eer0peZc1TsPAAAAAAAAAAAAAAAAAAAAW8RYj+v/c38MVd06YOCGq24AUBn5D/Ul/6G+5D/Ul/yH+pL/UF/yH+pL/kN9yX+oL/kPAAAAAACPld0v3Po1RcS113a0l9xoUTdSacuAQcuqbgBQGbf4gfoy9Qfqyzk+kB5Sv33TzwQAAAAAAAAAAAAA+mXfXtf/Q125/h/qy/X/UF+u/4f6co4PuP4fAAAAAAAAAAAAALa+haWr5xvN5vwVK1asWFlZqfqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP0bAAD//zn7JB8=")
quotactl$Q_GETQUOTA(0xffffffff80000701, &(0x7f0000000440)=@loop={'/dev/loop', 0x0}, 0x0, 0xfffffffffffffffd)

5.317495261s ago: executing program 9 (id=17990):
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x20)
mount$overlay(0x0, &(0x7f0000000340)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000440)=ANY=[], 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x80)
getdents64(r0, &(0x7f0000000000)=""/39, 0x27)

5.022319027s ago: executing program 9 (id=17991):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000140)='\x00', &(0x7f0000001040)=':', 0x1)

4.895340623s ago: executing program 9 (id=17992):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRES16=r0, @ANYRES16, @ANYRES16], 0x0)

4.847907293s ago: executing program 47 (id=17992):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000080), 0x802, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89101)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRES16=r0, @ANYRES16, @ANYRES16], 0x0)

4.120168403s ago: executing program 7 (id=17997):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f00000005c0), 0x1, 0x538, &(0x7f0000000600)="$eJzs3c1rHGUYAPBnZrPWttFU/EA9FbRUKd2kTYvk1hw8VqrBo8Sw2YaQSTZkN7UJObTgXUFBUQT15N2riPgHeBbRf0ARGyytt8hkd9Oaj3WtTVczvx/M7vsx5HnfzD4vO8MMG0BhHc9f0ohnIuJSEjF0V99AtDuPt/a7tb5Wvb2+Vk1iY2PitySSiLi5vlbt7J+0349GxLWIeDoivi1HnEp3xm2srM5NZVltqV0fbs4vDjdWVk/Pzk/N1GZqC6Nj58dGx14aOzd63+Y6MTn26okfXkm+TsZfvvnJGzeSuBCD7b6753E/tf4n5biwrf3cfgTro6TfA+CelNp5Xo6IJ2MoSu2sBw6+jUMRG0BBJfIfCqrzPSA//+1sD/L7x6/jrROQPO6t9tbqGWhdm4iHN89Njvye/OXMJD/fPPYgB8qBdO16RIwMDOz8/Cftz9+9G7kfA2RffTPeOlA7j3+6tf7ELuvPYOfa6b/UWf9u7Vj/7sQv7bH+XeoxxsLYd0/tGf96xLO7xk+24ie7xE8j4s0e4098+cvne/VtfBZxMnaP35F0vz48fHk2q420XneN8c5rI190m/+RPeJf6DL/vG2xx/nH64//eK1L/Bee6378d4t/OCLe7TH8Tx+99/ZefXn86T3m3y1+3vZpj/FPvPjVeI+7AgAAAAAAAAAA/0C6eS9bkla2ymlaqbSe4X0ijqRZvdE8dbm+vDDduuftWJTTzp1WQ616ktfPtO/H7dTPbquPRsRjEfF+6fBmvVKtZ9P9njwAAAAAAAAAAAAAAAAAAAD8Rxzd9vz/zVLr+X+gIPzkNxSX/Ifikv9QXPIfikv+Q3HJfygu+Q/FJf+huOQ/FJf8h+KS/wAAAAAAAAAAAAAAAAAAAAAAAAAAsC8uXbyYbxu319eqeX36ysryXP3K6elaY64yv1ytVOtLi5WZen0mq1Wq9fm/+3tZvb54PhaWrw43a43mcGNldXK+vrzQnJydn5qpTdbKD2RWAAAAAAAAAAAAAAAAAAAA8P8yuLklaSUi0s1ymlYqEY9ExLEoJ5dns9pIRDwaEd+Xyofy+pl+DxoAAAAAAAAAAAAAAAAAAAAOmMbK6txUltWWFBQUFLYK/V6ZAAAAAAAAAAAAAAAAAACgeO489NvvkQAAAAAAAAAAAAAAAAAAAECRpT8nEZFvJ4eeH9ze+1DyR2nzPSLe+njig6tTzebSmbz9xlZ788N2+9l+jB/oVSdPO3kMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3NFYWZ2byrLa0j4W+j1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHvxZwAAAP//YVnXuQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)
fallocate(r0, 0x10, 0x17e, 0x1000f)
lseek(r0, 0x3, 0x3)

4.018726906s ago: executing program 7 (id=17999):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r4 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000240)={'team0\x00', <r5=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x58, r4, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8, 0x1, r5}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffbfff9}}}]}}]}, 0x58}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)

1.440602975s ago: executing program 2 (id=18008):
r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05604, &(0x7f0000000240)={0xa, @sliced={0x3, [0xf15d, 0x4, 0x200, 0x0, 0x4, 0xc, 0x8, 0x42, 0x6, 0xfeff, 0x9ff, 0x5, 0x1, 0x2, 0x9, 0x1, 0x1ff, 0xf20a, 0x653, 0x9, 0xa, 0xfffc, 0x9, 0x37, 0x5, 0x1, 0x2, 0x58aa, 0x3, 0x65, 0x3, 0x100, 0x4, 0x8, 0x9, 0x5f, 0x6, 0x7, 0xff, 0xdb, 0x7, 0x9a, 0x0, 0x101, 0x9, 0xf, 0x101, 0x3], 0x2}})

1.440304029s ago: executing program 2 (id=18009):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000e00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x31)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

1.169729983s ago: executing program 2 (id=18010):
memfd_create(0x0, 0x6)
r0 = socket(0x2, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x1}}, &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x40, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xff}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {0xe, 0xb}}}, 0x24}}, 0x800)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r7=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000100)={r2, r7, 0x25, 0x0, @void}, 0x10)
syz_usb_connect$cdc_ncm(0x3, 0x0, 0x0, 0x0)

632.502578ms ago: executing program 7 (id=18011):
r0 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000300))
r1 = inotify_init()
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000340)=""/263, 0x107}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x4002)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)

179.405963ms ago: executing program 2 (id=18012):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000140)={0x16f, @tick=0x7fffffff})

106.598256ms ago: executing program 2 (id=18013):
r0 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0485661, &(0x7f0000000080)={0x2, 0x0, @stop_pts=0x9})

0s ago: executing program 2 (id=18014):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@newtaction={0x74, 0x30, 0x1, 0x0, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_LABEL={0x8, 0x5, 0x4}, @TCA_MPLS_PROTO={0x6, 0x4, 0x8847}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x4, 0x7, 0x0, 0x2, 0x7}, 0x2}}]}, {0x4, 0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x74}}, 0x0)

kernel console output (not intermixed with test programs):

88] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1314.459046][T11088] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1314.486482][T11088] BTRFS error (device loop7): balance: mixed groups data and metadata options must be the same
[ 1314.518418][ T9151] BTRFS info (device loop7): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1315.055901][T11118] loop7: detected capacity change from 0 to 65
[ 1315.058963][T11118] BFS-fs: bfs_fill_super(): NOTE: filesystem loop7 was created with 512 inodes, the real maximum is 511, mounting anyway
[ 1316.838281][ T5312] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 1316.999986][ T5312] usb 2-1: Using ep0 maxpacket: 32
[ 1317.004483][ T5312] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[ 1317.007573][ T5312] usb 2-1: config 0 has no interface number 0
[ 1317.014594][ T5312] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[ 1317.018124][ T5312] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1317.021332][ T5312] usb 2-1: Product: syz
[ 1317.023151][ T5312] usb 2-1: Manufacturer: syz
[ 1317.024950][ T5312] usb 2-1: SerialNumber: syz
[ 1317.029005][ T5312] usb 2-1: config 0 descriptor??
[ 1317.033917][ T5312] smsc95xx v2.0.0
[ 1317.910892][ T5312] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[ 1318.128394][ T5312] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[ 1318.131982][ T5312] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[ 1318.136571][ T5312] usb 2-1: USB disconnect, device number 57
[ 1320.562762][T27729] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[ 1320.725785][T27729] usb 2-1: Using ep0 maxpacket: 32
[ 1320.729718][T27729] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[ 1320.733106][T27729] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[ 1320.736799][T27729] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[ 1320.740239][T27729] usb 2-1: config 1 has no interface number 0
[ 1320.742684][T27729] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1320.747162][T27729] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1320.752195][T27729] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[ 1320.755715][T27729] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1320.765882][T27729] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[ 1320.904063][T11205] netlink: 32 bytes leftover after parsing attributes in process `syz.2.15823'.
[ 1320.992182][T27729] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[ 1321.435388][T27891] usb 2-1: USB disconnect, device number 58
[ 1321.439026][T27891] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[ 1322.904087][T11245] team_slave_1: entered promiscuous mode
[ 1322.910422][T11245] bond_slave_0: entered promiscuous mode
[ 1322.916865][T11245] 8021q: adding VLAN 0 to HW filter on device team0
[ 1323.458824][T11268] netlink: 'syz.2.15853': attribute type 25 has an invalid length.
[ 1323.609929][T11282] loop7: detected capacity change from 0 to 2048
[ 1323.613840][T11282] UDF-fs: error (device loop7): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[ 1323.620796][T27729] usb 2-1: new full-speed USB device number 59 using dummy_hcd
[ 1323.622770][T11282] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1323.792824][T27729] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1323.796005][T27729] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[ 1323.799371][T27729] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 13155, setting to 64
[ 1323.821848][T27729] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1323.828486][T27729] usb 2-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[ 1323.831124][T27729] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1323.833898][T27729] usb 2-1: Product: syz
[ 1323.835570][T27729] usb 2-1: Manufacturer: syz
[ 1323.837374][T27729] usb 2-1: SerialNumber: syz
[ 1323.855049][T27729] usb 2-1: config 0 descriptor??
[ 1323.863974][T11266] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1323.872132][T11292] loop7: detected capacity change from 0 to 32768
[ 1323.897767][T11292] ocfs2: Slot 0 on device (7,7) was already allocated to this node!
[ 1323.904900][T11292] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[ 1323.930571][T27729] rc_core: IR keymap rc-imon-rsc not found
[ 1323.935507][T27729] Registered IR keymap rc-empty
[ 1323.938573][T27729] rc rc0: iMON Station as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1323.944836][T27729] input: iMON Station as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input59
[ 1324.029659][ T9151] ocfs2: Unmounting device (7,7) on (node local)
[ 1324.096562][T27729] usb 2-1: USB disconnect, device number 59
[ 1325.090585][T11335] openvswitch: netlink: VXLAN extension message has 4 unknown bytes.
[ 1327.324298][T11399] can0: slcan on ttyS3.
[ 1327.385499][T11399] can0 (unregistered): slcan off ttyS3.
[ 1327.579989][  T973] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[ 1327.819111][  T973] usb 2-1: Using ep0 maxpacket: 8
[ 1327.822349][  T973] usb 2-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1327.825758][T11420] netlink: 'syz.2.15920': attribute type 1 has an invalid length.
[ 1327.826408][  T973] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1327.837328][  T973] usb 2-1: New USB device found, idVendor=05ac, idProduct=0230, bcdDevice= 0.00
[ 1327.841065][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.2.15920'.
[ 1327.847076][  T973] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1327.853055][  T973] usb 2-1: config 0 descriptor??
[ 1327.859696][  T973] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input60
[ 1328.079599][ T5279] bcm5974 2-1:0.0: could not read from device
[ 1328.084262][ T5279] bcm5974 2-1:0.0: could not read from device
[ 1328.094025][  T973] usb 2-1: USB disconnect, device number 60
[ 1328.286011][T11431] loop7: detected capacity change from 0 to 32768
[ 1328.477431][T11437] loop7: detected capacity change from 0 to 128
[ 1328.481016][T11437] EXT4-fs: Ignoring removed nobh option
[ 1328.487395][T11437] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1328.491574][T11437] ext4 filesystem being mounted at /205/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1328.525092][ T9151] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1328.574067][T11441] loop7: detected capacity change from 0 to 64
[ 1328.707532][T11443] nbd2: detected capacity change from 0 to 7
[ 1328.715359][T31514] block nbd2: Receive control failed (result -32)
[ 1328.800341][T11453] netlink: 'syz.1.15934': attribute type 4 has an invalid length.
[ 1328.831252][T11455] netlink: 12 bytes leftover after parsing attributes in process `syz.7.15935'.
[ 1329.012716][T11468] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15941'.
[ 1330.146804][T11506] netlink: 12 bytes leftover after parsing attributes in process `syz.1.15959'.
[ 1331.029105][T11518] netlink: 132 bytes leftover after parsing attributes in process `syz.2.15964'.
[ 1331.397377][T11534] netlink: 20 bytes leftover after parsing attributes in process `syz.2.15971'.
[ 1331.518916][T11544] delete_channel: no stack
[ 1333.532413][T11594] loop7: detected capacity change from 0 to 4096
[ 1333.671019][T11598] loop7: detected capacity change from 0 to 512
[ 1333.685388][T11598] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1333.695208][T11598] ext4 filesystem being mounted at /221/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1333.728098][ T9151] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1334.002379][  T973] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[ 1334.167421][  T973] usb 2-1: New USB device found, idVendor=0547, idProduct=6801, bcdDevice=43.6f
[ 1334.170402][  T973] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1334.173261][  T973] usb 2-1: Product: syz
[ 1334.174921][  T973] usb 2-1: Manufacturer: syz
[ 1334.177032][  T973] usb 2-1: SerialNumber: syz
[ 1334.181108][  T973] usb 2-1: config 0 descriptor??
[ 1334.185943][  T973] gspca_main: touptek-2.14.0 probing 0547:6801
[ 1334.407596][  T973] usb 2-1: USB disconnect, device number 61
[ 1334.653963][T11622] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16011'.
[ 1334.734020][T11626] loop7: detected capacity change from 0 to 4096
[ 1334.737605][T11626] ntfs3(loop7): Different NTFS sector size (4096) and media sector size (512).
[ 1334.747981][T11626] ntfs3(loop7): Mark volume as dirty due to NTFS errors
[ 1334.758378][T11626] ntfs3(loop7): Failed to load $Extend (-22).
[ 1334.760948][T11626] ntfs3(loop7): Failed to initialize $Extend.
[ 1334.985186][T11636] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1334.988172][T11636] IPv6: NLM_F_CREATE should be set when creating new route
[ 1334.990992][T11636] IPv6: NLM_F_CREATE should be set when creating new route
[ 1335.456965][   T33] audit: type=1326 audit(1755125400.927:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11661 comm="syz.7.16031" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629bd8ebe9 code=0x7ffc0000
[ 1335.487781][   T33] audit: type=1326 audit(1755125400.945:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11661 comm="syz.7.16031" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629bd8ebe9 code=0x7ffc0000
[ 1335.502652][   T33] audit: type=1326 audit(1755125400.945:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11661 comm="syz.7.16031" exe="/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7f629bd8ebe9 code=0x7ffc0000
[ 1335.509353][   T33] audit: type=1326 audit(1755125400.945:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11661 comm="syz.7.16031" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629bd8ebe9 code=0x7ffc0000
[ 1335.516823][   T33] audit: type=1326 audit(1755125400.945:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11661 comm="syz.7.16031" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629bd8ebe9 code=0x7ffc0000
[ 1335.596136][T11673] binder_alloc: 11671: pid 11671 spamming oneway? 1 buffers allocated for a total size of 5304
[ 1336.029134][T11687] loop7: detected capacity change from 0 to 2048
[ 1336.356535][T11694] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16041'.
[ 1336.671342][T11719] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16053'.
[ 1337.445197][T27729] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[ 1337.536403][T11740] loop7: detected capacity change from 0 to 32768
[ 1337.545708][T11740] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[ 1337.559451][T11740] OCFS2: ERROR (device loop7): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #17056 has bad chain 1280
[ 1337.566212][T11740] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 1337.569229][T11740] OCFS2: File system is now read-only.
[ 1337.571013][T11740] (syz.7.16063,11740,0):ocfs2_search_chain:1817 ERROR: status = -30
[ 1337.573481][T11740] (syz.7.16063,11740,0):ocfs2_search_chain:1940 ERROR: status = -30
[ 1337.577412][T11740] (syz.7.16063,11740,0):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30
[ 1337.580601][T11740] (syz.7.16063,11740,0):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30
[ 1337.583962][T11740] (syz.7.16063,11740,0):ocfs2_claim_new_inode:2298 ERROR: status = -30
[ 1337.587390][T11740] (syz.7.16063,11740,0):ocfs2_claim_new_inode:2313 ERROR: status = -30
[ 1337.590565][T11740] (syz.7.16063,11740,0):ocfs2_mknod_locked:641 ERROR: status = -30
[ 1337.592999][T11740] (syz.7.16063,11740,0):ocfs2_mknod:388 ERROR: status = -30
[ 1337.595937][T11740] (syz.7.16063,11740,0):ocfs2_mknod:505 ERROR: status = -30
[ 1337.599656][T11740] (syz.7.16063,11740,0):ocfs2_create:678 ERROR: status = -30
[ 1337.618014][T27729] usb 2-1: Using ep0 maxpacket: 32
[ 1337.621949][T27729] usb 2-1: config 0 has an invalid interface number: 86 but max is 0
[ 1337.625558][T27729] usb 2-1: config 0 has no interface number 0
[ 1337.633225][T27729] usb 2-1: config 0 interface 86 altsetting 2 endpoint 0x9 has an invalid bInterval 0, changing to 7
[ 1337.639071][T27729] usb 2-1: config 0 interface 86 altsetting 2 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1337.642469][T27729] usb 2-1: config 0 interface 86 has no altsetting 0
[ 1337.646547][ T9151] ocfs2: Unmounting device (7,7) on (node local)
[ 1337.651539][T27729] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=33.7a
[ 1337.680808][T27729] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1337.684545][T27729] usb 2-1: Product: syz
[ 1337.686354][T27729] usb 2-1: Manufacturer: syz
[ 1337.687804][T27729] usb 2-1: SerialNumber: syz
[ 1337.692321][T27729] usb 2-1: config 0 descriptor??
[ 1337.776055][T11744] loop7: detected capacity change from 0 to 1024
[ 1337.788700][T11744] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1337.928297][ T9151] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1337.930540][T27729] usb 2-1: USB disconnect, device number 62
[ 1337.981969][T11752] program syz.7.16066 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1339.357027][T11782] netlink: 260 bytes leftover after parsing attributes in process `syz.7.16078'.
[ 1339.634078][T11774] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1340.167675][T11788] loop7: detected capacity change from 0 to 131072
[ 1340.170949][T11788] F2FS-fs (loop7): Invalid log sectorsize (67108873)
[ 1340.173308][T11788] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1340.177780][T11788] F2FS-fs (loop7): invalid crc value
[ 1340.260425][T11788] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1340.265805][T11788] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 1340.268607][T11788] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[ 1340.302247][T11788] F2FS-fs (loop7): inconsistent node block, node_type:2, nid:8, node_footer[nid:8,ino:8,ofs:0,cpver:5013063228981249506,blkaddr:100678662]
[ 1340.377771][T11807] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 1340.377771][T11807] The task syz.2.16086 (11807) triggered the difference, watch for misbehavior.
[ 1341.261961][T22394] Bluetooth: hci2: command 0x0406 tx timeout
[ 1341.742301][T11828] openvswitch: netlink: Missing key (keys=40, expected=2000)
[ 1341.791062][T11832] loop7: detected capacity change from 0 to 512
[ 1341.795748][T11832] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[ 1341.805942][T11832] UDF-fs: error (device loop7): udf_read_inode: (ino 19) failed ident=264
[ 1341.967512][T11840] netlink: 'syz.7.16102': attribute type 1 has an invalid length.
[ 1341.970685][T11840] netlink: 224 bytes leftover after parsing attributes in process `syz.7.16102'.
[ 1342.062744][T11842] netlink: 8 bytes leftover after parsing attributes in process `syz.7.16103'.
[ 1342.330220][T11854] lo speed is unknown, defaulting to 1000
[ 1342.332231][T11854] lo speed is unknown, defaulting to 1000
[ 1342.334813][T11854] lo speed is unknown, defaulting to 1000
[ 1342.354023][T11854] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[ 1342.401456][T11854] lo speed is unknown, defaulting to 1000
[ 1342.415484][T11854] lo speed is unknown, defaulting to 1000
[ 1342.424859][T11854] lo speed is unknown, defaulting to 1000
[ 1342.433552][T11854] lo speed is unknown, defaulting to 1000
[ 1342.436730][T11854] lo speed is unknown, defaulting to 1000
[ 1342.440506][T11854] lo speed is unknown, defaulting to 1000
[ 1342.615940][T11858] loop7: detected capacity change from 0 to 8
[ 1342.630975][T11858] SQUASHFS error: Failed to read block 0x6e6: -5
[ 1342.633125][T11858] SQUASHFS error: Unable to read metadata cache entry [6e4]
[ 1342.656315][T11858] SQUASHFS error: Unable to read directory block [631:26]
[ 1342.976590][   T33] audit: type=1326 audit(1755125663.873:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11871 comm="syz.2.16117" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1342.995011][   T33] audit: type=1326 audit(1755125663.873:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11871 comm="syz.2.16117" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1343.015751][   T33] audit: type=1326 audit(1755125663.873:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11871 comm="syz.2.16117" exe="/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1343.036780][   T33] audit: type=1326 audit(1755125663.873:704): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=11871 comm="syz.2.16117" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1343.056881][   T33] audit: type=1326 audit(1755125663.873:705): auid=4294967295 uid=0 gid=60928 ses=4294967295 subj=unconfined pid=11871 comm="syz.2.16117" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1343.175300][T11888] random: crng reseeded on system resumption
[ 1343.446928][T27891] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[ 1343.766950][T11899] loop7: detected capacity change from 0 to 65536
[ 1343.796513][T11899] XFS (loop7): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1343.807628][T11899] XFS (loop7): Ending clean mount
[ 1343.817926][T11899] XFS (loop7): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[ 1343.822393][T11899] XFS (loop7): Unmount and run xfs_repair
[ 1343.824263][T11899] XFS (loop7): First 128 bytes of corrupted metadata buffer:
[ 1343.826775][T11899] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[ 1343.830023][T11899] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[ 1343.832740][T11899] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[ 1343.835539][T11899] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[ 1343.838593][T11899] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[ 1343.841336][T11899] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[ 1343.843970][T11899] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1343.846631][T11899] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[ 1343.849428][T11899] XFS (loop7): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[ 1343.853256][T11899] XFS (loop7): page discard on page ffffea0004445d00, inode 0x26, pos 21504.
[ 1343.879632][ T9151] XFS (loop7): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[ 1343.882618][T27891] usb 2-1: Using ep0 maxpacket: 32
[ 1343.888686][ T9151] XFS (loop7): Uncorrected metadata errors detected; please run xfs_repair.
[ 1343.892696][T27891] usb 2-1: config 0 has an invalid interface number: 146 but max is 0
[ 1343.895236][T27891] usb 2-1: config 0 has no interface number 0
[ 1343.897154][T27891] usb 2-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1343.900421][T27891] usb 2-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[ 1343.911885][T27891] usb 2-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[ 1343.916422][T27891] usb 2-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[ 1343.919790][T27891] usb 2-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[ 1343.923288][T27891] usb 2-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1343.952828][T27891] usb 2-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1343.956013][T27891] usb 2-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid maxpacket 19968, setting to 1024
[ 1343.959474][T27891] usb 2-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1343.962527][T27891] usb 2-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[ 1343.992068][T27891] usb 2-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[ 1343.994907][T27891] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1343.997446][T27891] usb 2-1: Product: syz
[ 1343.998829][T27891] usb 2-1: Manufacturer: syz
[ 1344.010204][T27891] usb 2-1: SerialNumber: syz
[ 1344.013475][T27891] usb 2-1: config 0 descriptor??
[ 1344.015809][T11888] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1344.018940][T11888] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1344.025140][T27891] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3
[ 1344.027662][T27891] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2
[ 1344.068874][T27891] scsi host6: microtekX6
[ 1344.573059][T11925] loop7: detected capacity change from 0 to 32768
[ 1344.580944][T11925] BTRFS info: device /dev/loop7 (7:7) using temp-fsid 56897974-f4d7-489c-9201-a85de6521eb3
[ 1344.615731][T11925] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.16138 (11925)
[ 1344.621680][T11925] BTRFS info (device loop7): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1344.625694][T11925] BTRFS info (device loop7): using blake2b (blake2b-256-generic) checksum algorithm
[ 1344.628819][T11925] BTRFS info (device loop7): using free-space-tree
[ 1344.730596][   T10] usb 2-1: USB disconnect, device number 63
[ 1344.788747][ T9151] BTRFS info (device loop7): last unmount of filesystem 56897974-f4d7-489c-9201-a85de6521eb3
[ 1345.176774][T11942] loop7: detected capacity change from 0 to 32768
[ 1345.225840][T11942] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1345.253077][T11942] XFS (loop7): Ending clean mount
[ 1345.256854][T11942] XFS (loop7): Quotacheck needed: Please wait.
[ 1345.328006][T11942] XFS (loop7): Quotacheck: Done.
[ 1345.372638][ T9151] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1348.981502][T12055] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1348.983801][T12055] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1349.073165][ T5847] Bluetooth: hci3: unexpected subevent 0x01 length: 78 > 18
[ 1349.084871][T12062] loop7: detected capacity change from 0 to 1024
[ 1349.092110][T12062] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1349.264810][T27891] usb 2-1: new full-speed USB device number 64 using dummy_hcd
[ 1349.429018][T27891] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1349.432293][T27891] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1349.447767][T27891] usb 2-1: config 1 interface 1 has no altsetting 1
[ 1349.453921][T27891] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1349.456951][T27891] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1349.470782][T27891] usb 2-1: Product: syz
[ 1349.472809][T27891] usb 2-1: Manufacturer: syz
[ 1349.474697][T27891] usb 2-1: SerialNumber: syz
[ 1349.507772][T12073] loop7: detected capacity change from 0 to 32768
[ 1349.513047][T12073] bcachefs (/dev/loop7): error validating superblock: Invalid superblock section replicas_v0: no devices in entry btree: 1/0 []
[ 1349.513047][T12073] replicas_v0 (size 24):
[ 1349.513047][T12073] btree: 0 [] (unknown data_type 16): 2 [1 0] user: 1 [0]
[ 1349.513047][T12073] 
[ 1349.523458][T12073] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[ 1349.703478][T12078] vlan2: entered promiscuous mode
[ 1349.706540][T12078] bridge0: entered promiscuous mode
[ 1349.708522][T27891] usb 2-1: selecting invalid altsetting 1
[ 1349.708982][T12078] vlan2: entered allmulticast mode
[ 1349.711254][T27891] cdc_ncm 2-1:1.0: bind() failure
[ 1349.712495][T12078] bridge0: entered allmulticast mode
[ 1349.719346][T27891] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[ 1349.723588][T27891] cdc_ncm 2-1:1.1: bind() failure
[ 1349.728055][T27891] usb 2-1: USB disconnect, device number 64
[ 1349.739612][T12078] bridge_slave_0: left allmulticast mode
[ 1349.742123][T12078] bridge_slave_0: left promiscuous mode
[ 1349.744595][T12078] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1349.751038][T12078] bridge_slave_1: left allmulticast mode
[ 1349.754164][T12078] bridge_slave_1: left promiscuous mode
[ 1349.756639][T12078] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1349.766868][T12078] bond0: (slave bond_slave_0): Releasing backup interface
[ 1349.781119][T12078] bond0: (slave bond_slave_1): Releasing backup interface
[ 1349.803507][T12078] team0: Port device team_slave_0 removed
[ 1349.811164][T12078] team0: Port device team_slave_1 removed
[ 1349.814437][T12078] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1349.819095][T12078] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1349.823733][T12078] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1349.826865][T12078] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1349.851209][ T5312] lo speed is unknown, defaulting to 1000
[ 1350.303879][   T33] audit: type=1326 audit(1755125670.630:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12079 comm="syz.1.16198" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f58b8ebe9 code=0x7ffc0000
[ 1350.313374][   T33] audit: type=1326 audit(1755125670.639:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12079 comm="syz.1.16198" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f58b8ebe9 code=0x7ffc0000
[ 1350.322329][   T33] audit: type=1326 audit(1755125670.639:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12079 comm="syz.1.16198" exe="/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f5f58b8ebe9 code=0x7ffc0000
[ 1350.334544][   T33] audit: type=1326 audit(1755125670.639:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12079 comm="syz.1.16198" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f58b8ebe9 code=0x7ffc0000
[ 1350.346307][   T33] audit: type=1326 audit(1755125670.639:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12079 comm="syz.1.16198" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5f58b8ebe9 code=0x7ffc0000
[ 1350.432328][ T5312] hid-generic 00A0:0006:0003.0049: unknown main item tag 0x0
[ 1350.436928][ T5312] hid-generic 00A0:0006:0003.0049: unknown main item tag 0x0
[ 1350.440792][ T5312] hid-generic 00A0:0006:0003.0049: unknown main item tag 0x0
[ 1350.443805][ T5312] hid-generic 00A0:0006:0003.0049: unknown main item tag 0x0
[ 1350.451313][ T5312] hid-generic 00A0:0006:0003.0049: unknown main item tag 0x0
[ 1350.456917][ T5312] hid-generic 00A0:0006:0003.0049: unknown main item tag 0x0
[ 1350.459952][ T5312] hid-generic 00A0:0006:0003.0049: unknown main item tag 0x0
[ 1350.465328][ T5312] hid-generic 00A0:0006:0003.0049: unknown main item tag 0x0
[ 1350.471238][ T5312] hid-generic 00A0:0006:0003.0049: unknown main item tag 0x0
[ 1350.475094][ T5312] hid-generic 00A0:0006:0003.0049: unknown main item tag 0x0
[ 1350.488087][ T5312] hid-generic 00A0:0006:0003.0049: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[ 1350.794116][T12099] loop7: detected capacity change from 0 to 40427
[ 1350.797909][T12099] F2FS-fs (loop7): build fault injection rate: 1
[ 1350.800453][T12099] F2FS-fs (loop7): build fault injection type: 0x3bfe8c
[ 1350.803433][T12099] F2FS-fs (loop7): inject slab alloc in f2fs_alloc_inode of alloc_inode+0x6a/0x1b0
[ 1350.806287][T12099] F2FS-fs (loop7): Failed to read F2FS meta data inode
[ 1350.815167][ T5312] usb 2-1: new full-speed USB device number 65 using dummy_hcd
[ 1350.979636][ T5312] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 1350.982768][ T5312] usb 2-1: config 0 has no interface number 0
[ 1350.985657][ T5312] usb 2-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 1350.996817][ T5312] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1351.005076][ T5312] usb 2-1: config 0 descriptor??
[ 1351.012499][ T5312] usb 2-1: selecting invalid altsetting 1
[ 1351.015017][ T5312] dvb_ttusb_budget: ttusb_init_controller: error
[ 1351.018340][ T5312] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 1351.063860][ T5312] DVB: Unable to find symbol cx22700_attach()
[ 1351.112086][ T5312] DVB: Unable to find symbol tda10046_attach()
[ 1351.114643][ T5312] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 1351.176128][T12114] netlink: 8 bytes leftover after parsing attributes in process `syz.7.16214'.
[ 1351.232737][ T5312] usb 2-1: USB disconnect, device number 65
[ 1351.440823][T12116] loop7: detected capacity change from 0 to 32768
[ 1351.452094][T12116] ocfs2: Mounting device (7,7) on (node local, slot 0) with writeback data mode.
[ 1351.463109][ T5860] (kworker/u8:2,5860,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len is smaller than minimal - offset=0, inode=348545186005064, rec_len=0, name_len=1
[ 1351.476859][T12116] (syz.7.16215,12116,1):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options
[ 1351.533715][ T9151] ocfs2: Unmounting device (7,7) on (node local)
[ 1351.820607][T12128] loop7: detected capacity change from 0 to 512
[ 1351.832630][T12128] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1351.892321][ T9151] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1353.315047][T12196] loop7: detected capacity change from 0 to 1024
[ 1354.304438][   T52] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[ 1354.363254][T12227] netlink: 28 bytes leftover after parsing attributes in process `syz.7.16264'.
[ 1354.476326][   T52] usb 2-1: Using ep0 maxpacket: 8
[ 1354.486979][   T52] usb 2-1: config 36 has an invalid interface number: 44 but max is 0
[ 1354.493751][   T52] usb 2-1: config 36 has an invalid interface descriptor of length 2, skipping
[ 1354.497366][   T52] usb 2-1: config 36 has no interface number 0
[ 1354.500008][   T52] usb 2-1: config 36 interface 44 has no altsetting 0
[ 1354.505278][   T52] usb 2-1: New USB device found, idVendor=0711, idProduct=0902, bcdDevice=ad.ea
[ 1354.508988][   T52] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1354.512200][   T52] usb 2-1: Product: syz
[ 1354.514057][   T52] usb 2-1: Manufacturer: syz
[ 1354.516102][   T52] usb 2-1: SerialNumber: syz
[ 1354.760489][   T52] sisusb 2-1:36.44: Invalid USB2VGA device
[ 1354.763331][   T52] sisusb 2-1:36.44: probe with driver sisusb failed with error -22
[ 1354.774827][   T52] usb 2-1: USB disconnect, device number 66
[ 1356.056266][T12254] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1356.058741][T12254] IPv6: NLM_F_CREATE should be set when creating new route
[ 1356.409509][T12262] overlayfs: failed to clone upperpath
[ 1356.733753][T12271] loop7: detected capacity change from 0 to 128
[ 1356.739504][T12271] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1356.744219][T12271] ext4 filesystem being mounted at /316/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1356.776246][ T9151] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1356.861017][T12277] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[ 1357.096871][T12281] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[ 1357.100430][T12281] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[ 1357.756695][T12289] Malformed UNC in devname
[ 1357.756695][T12289] 
[ 1357.759404][T12289] CIFS: VFS: Malformed UNC in devname
[ 1359.335222][T12328] bridge5: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1359.338423][T12328] bridge5: entered allmulticast mode
[ 1359.549640][T12341] netlink: 56 bytes leftover after parsing attributes in process `syz.2.16314'.
[ 1359.602438][T12343] overlayfs: failed to clone upperpath
[ 1360.182332][T12352] loop7: detected capacity change from 0 to 256
[ 1360.380965][T12363] IPVS: Unknown mcast interface: pimreg0
[ 1360.497370][T12366] overlayfs: failed to clone upperpath
[ 1361.205738][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.208307][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.113601][T12387] loop7: detected capacity change from 0 to 8192
[ 1362.124814][T12387] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1362.270554][T12398] loop7: detected capacity change from 0 to 512
[ 1362.310689][T12398] EXT4-fs error (device loop7): ext4_orphan_get:1418: comm syz.7.16339: bad orphan inode 11862016
[ 1362.315254][T12398] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[ 1362.319374][T12398] ext4 filesystem being mounted at /329/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1363.404150][ T9151] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[ 1363.778892][T12431] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1365.040286][T12468] tmpfs: Bad value for 'mpol'
[ 1365.082289][T12472] overlayfs: failed to clone upperpath
[ 1365.766666][   T10] usb 2-1: new full-speed USB device number 67 using dummy_hcd
[ 1365.932666][   T10] usb 2-1: config 150 has an invalid interface number: 204 but max is 1
[ 1365.936432][   T10] usb 2-1: config 150 has no interface number 1
[ 1365.939749][   T10] usb 2-1: config 150 interface 204 has no altsetting 0
[ 1365.952969][   T10] usb 2-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice=c7.eb
[ 1365.956708][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1365.959996][   T10] usb 2-1: Product: syz
[ 1365.962274][   T10] usb 2-1: Manufacturer: syz
[ 1365.964139][   T10] usb 2-1: SerialNumber: syz
[ 1366.138719][T12507] autofs: Unknown parameter '00000000000000000000'
[ 1366.496535][   T10] gspca_main: spca501-2.14.0 probing 0000:0000
[ 1366.499127][   T10] gspca_spca501: reg write: error -71
[ 1366.500741][   T10] spca501 2-1:150.0: Reg write failed for 0x02,0x0f,0x05
[ 1366.503182][   T10] spca501 2-1:150.0: probe with driver spca501 failed with error -22
[ 1366.507076][   T10] usb 2-1: USB disconnect, device number 67
[ 1367.106398][T12517] netlink: 1041 bytes leftover after parsing attributes in process `syz.1.16388'.
[ 1368.032672][T12561] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) !
[ 1368.223578][T12577] loop7: detected capacity change from 0 to 128
[ 1368.571788][   T52] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[ 1368.744882][   T52] usb 2-1: Using ep0 maxpacket: 16
[ 1368.750473][   T52] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1368.753700][   T52] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1368.757347][   T52] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1368.762303][   T52] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1368.765292][   T52] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1368.767808][   T52] usb 2-1: Manufacturer: syz
[ 1368.772554][   T52] usb 2-1: config 0 descriptor??
[ 1369.037551][   T52] rc_core: IR keymap rc-hauppauge not found
[ 1369.040007][   T52] Registered IR keymap rc-empty
[ 1369.045689][   T52] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1369.085296][   T52] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1369.114028][   T52] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1369.119977][   T52] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input61
[ 1369.126955][   T52] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1369.146237][   T52] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1369.168922][   T52] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1369.189462][   T52] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1369.210993][   T52] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1369.232680][   T52] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1369.261237][   T52] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1369.278905][   T52] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1369.308424][   T52] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1369.340941][   T52] mceusb 2-1:0.0: Error: mce write urb status = -71
[ 1369.375558][   T52] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1369.379296][   T52] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1369.485551][T12581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1369.489281][T12581] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1369.495238][   T52] usb 2-1: USB disconnect, device number 68
[ 1369.795277][   T33] audit: type=1326 audit(1755125688.619:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.2.16430" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1369.809245][   T33] audit: type=1326 audit(1755125688.619:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.2.16430" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1369.826062][   T33] audit: type=1326 audit(1755125688.619:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.2.16430" exe="/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1369.835317][   T33] audit: type=1326 audit(1755125688.619:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.2.16430" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1369.842243][   T33] audit: type=1326 audit(1755125688.619:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12608 comm="syz.2.16430" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1370.037265][    C1] vcan0: j1939_tp_rxtimer: 0xffff888126e91400: rx timeout, send abort
[ 1370.204463][T12631] netlink: 20 bytes leftover after parsing attributes in process `syz.2.16441'.
[ 1370.272796][T12637] vxcan0: tx drop: invalid sa for name 0x0000001000000000
[ 1370.582445][    C1] vcan0: j1939_tp_rxtimer: 0xffff888126e91400: abort rx timeout. Force session deactivation
[ 1371.138483][T12649] loop7: detected capacity change from 0 to 32768
[ 1371.244211][T12649] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_delay=2013266920,journal_reclaim_delay=10,nojournal_transaction_names
[ 1371.244243][T12649]   allowing incompatible features above 0.0: (unknown version)
[ 1371.244254][T12649]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[ 1371.244267][T12649]   with devices loop7
[ 1371.264628][T12649] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0
[ 1371.268906][T12649] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing new filesystem
[ 1371.281188][T12649] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-write
[ 1371.295699][T12649] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking superblocks
[ 1371.305227][T12649] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing freespace
[ 1371.311582][T12649] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done initializing freespace
[ 1371.317360][T12649] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots table
[ 1371.320762][T12649] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots done
[ 1371.370405][T12649] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done starting filesystem
[ 1371.448032][T12649] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown by ioctl type 0emergency read only at seq 2
[ 1371.453418][   T10] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-only
[ 1371.456606][   T10] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): finished waiting for writes to stop
[ 1371.480196][   T10] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators, journal seq 2
[ 1371.485105][   T10] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators complete, journal seq 2
[ 1371.497561][   T10] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): unclean shutdown complete, journal seq 2
[ 1371.502984][ T9151] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutting down
[ 1371.510019][   T10] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done going read-only, filesystem not clean
[ 1371.537849][ T9151] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete
[ 1371.636013][T12686] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1372.079882][T12713] netlink: 36 bytes leftover after parsing attributes in process `syz.1.16476'.
[ 1373.607971][T12774] overlayfs: failed to clone upperpath
[ 1373.656680][T12776] netlink: 12 bytes leftover after parsing attributes in process `syz.7.16504'.
[ 1374.264528][T12800] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[ 1374.707715][T12802] loop7: detected capacity change from 0 to 32768
[ 1376.015493][T27729] usb 2-1: new full-speed USB device number 69 using dummy_hcd
[ 1376.182527][T27729] usb 2-1: unable to read config index 0 descriptor/start: -71
[ 1376.185814][T27729] usb 2-1: can't read configurations, error -71
[ 1376.812846][T12856] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16541'.
[ 1387.686936][T13007] loop7: detected capacity change from 0 to 131072
[ 1387.689891][T13007] F2FS-fs (loop7): Wrong CP boundary, start(512) end(1536) blocks(0)
[ 1387.692485][T13007] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1387.696984][T13007] F2FS-fs (loop7): invalid crc value
[ 1387.735639][T13007] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1387.740256][T13007] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 1387.742465][T13007] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[ 1389.725163][T13041] loop7: detected capacity change from 0 to 64
[ 1389.962979][T13045] loop7: detected capacity change from 0 to 32768
[ 1389.972899][T13045] JBD2: Ignoring recovery information on journal
[ 1390.011731][T13045] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[ 1390.031457][T13045] OCFS2: ERROR (device loop7): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries
[ 1390.032889][T13045] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 1390.041119][T13045] OCFS2: File system is now read-only.
[ 1390.045265][T13045] (syz.7.16623,13045,0):ocfs2_calc_xattr_init:638 ERROR: status = -117
[ 1390.050440][T13045] (syz.7.16623,13045,0):ocfs2_mknod:337 ERROR: status = -117
[ 1390.052837][T13045] (syz.7.16623,13045,0):ocfs2_mknod:505 ERROR: status = -117
[ 1390.055196][T13045] (syz.7.16623,13045,0):ocfs2_mkdir:661 ERROR: status = -117
[ 1390.084330][ T9151] ocfs2: Unmounting device (7,7) on (node local)
[ 1390.303167][T13057] overlayfs: failed to clone upperpath
[ 1390.438354][T13061] overlayfs: failed to clone upperpath
[ 1391.318329][T13073] openvswitch: netlink: Missing key (keys=40, expected=10000000)
[ 1391.495888][T13076] bpq0: entered allmulticast mode
[ 1392.284069][T13100] loop7: detected capacity change from 0 to 1024
[ 1392.338253][T13940] hfsplus: b-tree write err: -5, ino 4
[ 1392.416315][T13104] loop7: detected capacity change from 0 to 64
[ 1392.458260][T13106] loop7: detected capacity change from 0 to 512
[ 1392.468115][T13106] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1393.326396][T13120] netlink: 28 bytes leftover after parsing attributes in process `syz.2.16654'.
[ 1393.428486][T29737] kworker/u9:20: attempt to access beyond end of device
[ 1393.428486][T29737] loop7: rw=1, sector=528, nr_sectors = 32 limit=512
[ 1393.433220][T29737] kworker/u9:20: attempt to access beyond end of device
[ 1393.433220][T29737] loop7: rw=1, sector=592, nr_sectors = 32 limit=512
[ 1393.443341][T29737] kworker/u9:20: attempt to access beyond end of device
[ 1393.443341][T29737] loop7: rw=1, sector=656, nr_sectors = 32 limit=512
[ 1393.445942][T13122] netlink: 'syz.2.16655': attribute type 10 has an invalid length.
[ 1393.450637][T29737] kworker/u9:20: attempt to access beyond end of device
[ 1393.450637][T29737] loop7: rw=1, sector=720, nr_sectors = 32 limit=512
[ 1393.463565][T29737] kworker/u9:20: attempt to access beyond end of device
[ 1393.463565][T29737] loop7: rw=1, sector=784, nr_sectors = 32 limit=512
[ 1393.470153][T29737] kworker/u9:20: attempt to access beyond end of device
[ 1393.470153][T29737] loop7: rw=1, sector=848, nr_sectors = 32 limit=512
[ 1393.477804][T29737] kworker/u9:20: attempt to access beyond end of device
[ 1393.477804][T29737] loop7: rw=1, sector=912, nr_sectors = 32 limit=512
[ 1393.483787][T29737] kworker/u9:20: attempt to access beyond end of device
[ 1393.483787][T29737] loop7: rw=1, sector=976, nr_sectors = 32 limit=512
[ 1393.489046][T29737] kworker/u9:20: attempt to access beyond end of device
[ 1393.489046][T29737] loop7: rw=1, sector=1040, nr_sectors = 32 limit=512
[ 1393.494489][T29737] kworker/u9:20: attempt to access beyond end of device
[ 1393.494489][T29737] loop7: rw=1, sector=1104, nr_sectors = 32 limit=512
[ 1393.758084][T13138] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1394.795328][T13158] netlink: 'syz.7.16672': attribute type 1 has an invalid length.
[ 1394.812414][T13158] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1394.824639][T13158] vlan3: entered allmulticast mode
[ 1394.826297][T13158] team0: entered allmulticast mode
[ 1394.830226][T13158] bond1: (slave vlan3): Enslaving as an active interface with a down link
[ 1395.415542][T13161] loop7: detected capacity change from 0 to 256
[ 1395.424459][T13161] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[ 1395.429744][T13161] exFAT-fs (loop7): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1395.500623][T13161] lo speed is unknown, defaulting to 1000
[ 1397.656646][   T33] audit: type=1326 audit(1755125714.343:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13264 comm="syz.2.16687" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4f7898ebe9 code=0x0
[ 1400.103128][T22394] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1400.111527][T22394] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1400.116421][T22394] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1400.126061][T22394] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1400.128843][T22394] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1400.231126][T13286] lo speed is unknown, defaulting to 1000
[ 1400.368732][ T5877] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1400.411980][T13286] chnl_net:caif_netlink_parms(): no params data found
[ 1400.517313][ T5877] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1400.634217][ T5877] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1400.648149][T13286] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1400.651046][T13286] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1400.651652][T13304] loop7: detected capacity change from 0 to 2048
[ 1400.657710][T13286] bridge_slave_0: entered allmulticast mode
[ 1400.660498][T13286] bridge_slave_0: entered promiscuous mode
[ 1400.665733][T13286] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1400.668411][T13286] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1400.670794][T13286] bridge_slave_1: entered allmulticast mode
[ 1400.674602][T13286] bridge_slave_1: entered promiscuous mode
[ 1400.677755][T13304] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1400.712682][ T9151] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1400.742807][T13311] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16703'.
[ 1400.783720][ T5877] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1400.798696][T13311] tipc: Resetting bearer <eth:team0>
[ 1400.801179][T13311] team_slave_1: left promiscuous mode
[ 1400.807680][T13311] bond_slave_0: left promiscuous mode
[ 1401.162910][T13311] tipc: Disabling bearer <eth:team0>
[ 1401.166070][T13311] team_slave_1: left allmulticast mode
[ 1401.174634][T13311] team0 (unregistering): Failed to send options change via netlink (err -105)
[ 1401.178575][T13311] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[ 1401.185444][T13311] team0 (unregistering): Port device team_slave_1 removed
[ 1401.188522][T13311] bond0: left allmulticast mode
[ 1401.190569][T13311] bond_slave_0: left allmulticast mode
[ 1401.199847][T13311] team0 (unregistering): Failed to send options change via netlink (err -105)
[ 1401.203600][T13311] team0 (unregistering): Failed to send port change of device bond0 via netlink (err -105)
[ 1401.208532][T13311] team0 (unregistering): Port device bond0 removed
[ 1401.231998][T13286] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1401.257223][T13286] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1401.300487][T13286] team0: Port device team_slave_0 added
[ 1401.306465][T13286] team0: Port device team_slave_1 added
[ 1401.367474][T13286] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1401.370339][T13286] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1401.380895][T13286] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1401.395127][T13286] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1401.397330][T13286] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1401.405980][T13286] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1401.459651][T13286] hsr_slave_0: entered promiscuous mode
[ 1401.462022][T13286] hsr_slave_1: entered promiscuous mode
[ 1401.464601][T13286] debugfs: 'hsr0' already exists in 'hsr'
[ 1401.466350][T13286] Cannot create hsr debugfs directory
[ 1401.468270][ T5877] bridge_slave_1: left allmulticast mode
[ 1401.470539][ T5877] bridge_slave_1: left promiscuous mode
[ 1401.472876][ T5877] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1401.478497][ T5877] bridge_slave_0: left allmulticast mode
[ 1401.480776][ T5877] bridge_slave_0: left promiscuous mode
[ 1401.483136][ T5877] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1402.153326][ T5877] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1402.159447][ T5877] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1402.164468][ T5877] bond0 (unregistering): Released all slaves
[ 1402.464277][ T5847] Bluetooth: hci4: command tx timeout
[ 1402.472064][ T5877] bond1 (unregistering): Released all slaves
[ 1402.562549][ T5877] tipc: Disabling bearer <udp:syz2>
[ 1402.567731][ T5877] tipc: Left network mode
[ 1402.984874][ T5877] hsr_slave_0: left promiscuous mode
[ 1402.988107][ T5877] hsr_slave_1: left promiscuous mode
[ 1402.990796][ T5877] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1402.996981][ T5877] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1403.000443][ T5877] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1403.004537][ T5877] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1403.032834][ T5877] veth1_macvtap: left promiscuous mode
[ 1403.037759][ T5877] veth0_macvtap: left promiscuous mode
[ 1403.040136][ T5877] veth1_vlan: left promiscuous mode
[ 1403.042198][ T5877] veth0_vlan: left promiscuous mode
[ 1403.917694][ T5877] team0 (unregistering): Port device team_slave_1 removed
[ 1403.983372][ T5877] team0 (unregistering): Port device team_slave_0 removed
[ 1404.387003][T13364] 9pnet_virtio: no channels available for device syz
[ 1404.714505][ T5847] Bluetooth: hci4: command tx timeout
[ 1404.998239][T13368] sctp: [Deprecated]: syz.2.16727 (pid 13368) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1404.998239][T13368] Use struct sctp_sack_info instead
[ 1405.664882][T13286] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1405.673896][T13286] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1405.692430][T13286] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1405.710644][T13286] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1406.085202][T13286] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1406.117341][T13286] 8021q: adding VLAN 0 to HW filter on device team0
[ 1406.130062][T13185] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1406.133076][T13185] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1406.141974][T13185] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1406.144938][T13185] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1406.354253][ T5877] nci: nci_rf_discover_ntf_packet: unsupported rf_tech_and_mode 0x9
[ 1406.380169][T13286] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1406.633050][T13286] veth0_vlan: entered promiscuous mode
[ 1406.641370][T13286] veth1_vlan: entered promiscuous mode
[ 1406.670179][T13286] veth0_macvtap: entered promiscuous mode
[ 1406.676146][T13286] veth1_macvtap: entered promiscuous mode
[ 1406.688101][T13286] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1406.695489][T13286] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1406.704158][ T5860] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1406.707118][ T5860] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1406.714351][ T5860] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1406.717068][ T5860] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1406.772562][T13424] 9pnet_fd: Insufficient options for proto=fd
[ 1406.957545][ T5847] Bluetooth: hci4: command tx timeout
[ 1407.232425][T13181] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1407.235611][T13181] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1407.289990][T13195] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1407.292675][T13195] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1407.675967][T13457] loop7: detected capacity change from 0 to 4096
[ 1407.845539][   T52] usb 10-1: new high-speed USB device number 32 using dummy_hcd
[ 1408.559321][   T52] usb 10-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[ 1408.565900][   T52] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1408.986363][   T52] usb 10-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice= 0.9c
[ 1408.989165][   T52] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1408.991664][   T52] usb 10-1: Product: syz
[ 1408.993061][   T52] usb 10-1: Manufacturer: syz
[ 1409.008701][   T52] usb 10-1: SerialNumber: syz
[ 1409.016320][   T52] usb 10-1: config 0 descriptor??
[ 1409.020093][   T52] ims_pcu 10-1:0.0: Missing CDC union descriptor
[ 1409.025066][   T52] ims_pcu 10-1:0.0: probe with driver ims_pcu failed with error -22
[ 1409.131656][T13479] loop7: detected capacity change from 0 to 512
[ 1409.151443][T13479] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #15: comm syz.7.16768: casefold flag without casefold feature
[ 1409.162117][T13479] EXT4-fs error (device loop7): ext4_orphan_get:1397: comm syz.7.16768: couldn't read orphan inode 15 (err -117)
[ 1409.171673][T13479] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1409.197916][ T9151] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1409.220147][ T5847] Bluetooth: hci4: command tx timeout
[ 1409.248569][   T52] usb 10-1: USB disconnect, device number 32
[ 1409.454964][T13495] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[ 1409.855371][T13519] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0'
[ 1409.932788][T13523] loop9: detected capacity change from 0 to 4096
[ 1409.936258][T13523] ntfs3(loop9): Different NTFS sector size (2048) and media sector size (512).
[ 1410.513515][T13569] [U] V3Fپ"S/4:XTZWTLW=
[ 1410.517216][T13569] [U] J"E:"
[ 1410.518603][T13569] [U] 
[ 1410.567614][T13571] loop9: detected capacity change from 0 to 2048
[ 1410.570599][T13571] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1410.573047][T13571] EXT4-fs: Ignoring removed bh option
[ 1410.604951][T13571] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1410.625391][T13571] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[ 1410.634614][T13571] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 155 with max blocks 1 with error 28
[ 1410.638579][T13571] EXT4-fs (loop9): This should not happen!! Data will be lost
[ 1410.638579][T13571] 
[ 1410.642301][T13571] EXT4-fs (loop9): Total free blocks count 0
[ 1410.644103][T13571] EXT4-fs (loop9): Free/Dirty block details
[ 1410.645985][T13571] EXT4-fs (loop9): free_blocks=2415919104
[ 1410.647700][T13571] EXT4-fs (loop9): dirty_blocks=32
[ 1410.649521][T13571] EXT4-fs (loop9): Block reservation details
[ 1410.652036][T13571] EXT4-fs (loop9): i_reserved_data_blocks=2
[ 1410.665650][T13199] EXT4-fs (loop9): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[ 1410.758995][T13576] loop9: detected capacity change from 0 to 4096
[ 1410.761918][T13576] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1410.765372][T13576] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1410.773031][T13576] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1410.801346][T13576] futex_wake_op: syz.9.16813 tries to shift op by -1; fix this program
[ 1411.218971][T13583] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1411.221360][T13583] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1411.340708][T13583] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1411.519376][T13583] batman_adv: batadv0: Interface deactivated: ipvlan0
[ 1411.536128][   T12] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1411.540581][   T12] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1411.543450][   T12] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1411.546302][   T12] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1411.651120][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1413.369391][T13642] loop9: detected capacity change from 0 to 32768
[ 1413.464382][T13644] loop9: detected capacity change from 0 to 1024
[ 1413.468021][T13644] EXT4-fs (loop9): stripe (3) is not aligned with cluster size (16), stripe is disabled
[ 1413.495943][T13644] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1413.533177][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1413.586536][T13649] : entered promiscuous mode
[ 1415.956726][T13692] netlink: 'syz.2.16864': attribute type 32 has an invalid length.
[ 1415.959611][T13692] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16864'.
[ 1415.965338][T13692] (unnamed net_device) (uninitialized): option coupled_control: invalid value (227)
[ 1416.845341][T13679] loop9: detected capacity change from 0 to 32768
[ 1416.853018][T13679] BTRFS info: device /dev/loop9 (7:9) using temp-fsid a6a6dca4-6bd0-4b11-a29d-330652d7bc92
[ 1416.856053][T13679] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.16858 (13679)
[ 1416.866678][T13679] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1416.871430][T13679] BTRFS info (device loop9): using sha256 (sha256-lib) checksum algorithm
[ 1416.873981][T13679] BTRFS info (device loop9): using free-space-tree
[ 1417.052078][   T12] BTRFS info (device loop9): qgroup scan completed (inconsistency flag cleared)
[ 1417.107063][T13286] BTRFS info (device loop9): last unmount of filesystem a6a6dca4-6bd0-4b11-a29d-330652d7bc92
[ 1418.035810][T13747] loop7: detected capacity change from 0 to 256
[ 1418.047264][T13747] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[ 1418.059911][T13747] fuse: Bad value for 'fd'
[ 1418.109618][T13753] loop7: detected capacity change from 0 to 8
[ 1418.186069][T13757] loop7: detected capacity change from 0 to 1024
[ 1418.194648][T13757] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1418.233123][ T9151] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1418.281576][T13761] netlink: 4 bytes leftover after parsing attributes in process `syz.7.16886'.
[ 1418.428294][T13763] netlink: 8 bytes leftover after parsing attributes in process `syz.7.16887'.
[ 1419.644104][T13769] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[ 1419.742962][T13774] loop7: detected capacity change from 0 to 2048
[ 1419.754232][T13774] UDF-fs: error (device loop7): udf_process_sequence: Primary Volume Descriptor not found!
[ 1419.767810][T13774] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1419.796328][   T33] audit: type=1800 audit(1755125990.781:717): pid=13774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.16891" name="file1" dev="loop7" ino=1346 res=0 errno=0
[ 1419.915796][T13782] loop9: detected capacity change from 0 to 1024
[ 1419.924396][T13782] hfsplus: Unknown parameter 'creatS'
[ 1419.948329][T13782] CIFS mount error: No usable UNC path provided in device string!
[ 1419.948329][T13782] 
[ 1419.954460][T13782] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1420.234650][T13790] loop9: detected capacity change from 0 to 47
[ 1420.333554][T13792] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[ 1420.637096][T13800] loop9: detected capacity change from 0 to 2048
[ 1420.668841][T13801] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1420.916015][T13812] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1421.118919][T13814] loop7: detected capacity change from 0 to 40427
[ 1421.128705][T13814] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[ 1421.131345][T13814] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[ 1421.152357][T13814] F2FS-fs (loop7): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[ 1421.170438][T13818] loop9: detected capacity change from 0 to 32768
[ 1421.197242][T13814] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1421.202707][T13814] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[ 1421.205657][T13814] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[ 1421.386350][T13826] loop9: detected capacity change from 0 to 4096
[ 1421.393508][T13826] ntfs3(loop9): Different NTFS sector size (4096) and media sector size (512).
[ 1421.411795][T13826] ntfs3(loop9): Mark volume as dirty due to NTFS errors
[ 1421.430317][T13826] ntfs3(loop9): ino=1e, mi_enum_attr
[ 1421.433132][T13826] ntfs3(loop9): ino=1e, mi_enum_attr
[ 1421.498173][T13828] netlink: 'syz.7.16914': attribute type 1 has an invalid length.
[ 1421.597104][T13835] loop7: detected capacity change from 0 to 4096
[ 1421.602054][T13835] ntfs3(loop7): ino=3, Correct links count -> 2.
[ 1421.617206][T13835] ntfs3(loop7): Failed to load $BadClus (-22).
[ 1421.723735][T13844] loop7: detected capacity change from 0 to 256
[ 1421.736203][T13844] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[ 1421.743131][T13844] exFAT-fs (loop7): error, data size is invalid(10)
[ 1421.748763][T13844] exFAT-fs (loop7): Filesystem has been set read-only
[ 1421.752555][T13844] exFAT-fs (loop7): error, data size is invalid(10)
[ 1421.918071][T13846] loop7: detected capacity change from 0 to 32768
[ 1421.922164][T13846] (syz.7.16924,13846,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1421.928361][T13846] (syz.7.16924,13846,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1421.953268][T13846] JBD2: Ignoring recovery information on journal
[ 1421.977638][T13846] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[ 1422.020206][T13846] ocfs2: Unmounting device (7,7) on (node local)
[ 1422.081120][   T52] usb 10-1: new full-speed USB device number 33 using dummy_hcd
[ 1422.220395][T13852] loop7: detected capacity change from 0 to 2048
[ 1422.237958][T13852] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1422.276610][   T52] usb 10-1: config index 0 descriptor too short (expected 539, got 27)
[ 1422.281547][   T52] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 4
[ 1422.285856][   T52] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid maxpacket 15692, setting to 1023
[ 1422.289424][T13856] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16928'.
[ 1422.296114][   T52] usb 10-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[ 1422.302369][   T52] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1422.306394][   T52] usb 10-1: Product: syz
[ 1422.307930][   T52] usb 10-1: Manufacturer: syz
[ 1422.309392][   T52] usb 10-1: SerialNumber: syz
[ 1422.312433][   T52] usb 10-1: config 0 descriptor??
[ 1422.319827][   T52] hub 10-1:0.0: bad descriptor, ignoring hub
[ 1422.321780][   T52] hub 10-1:0.0: probe with driver hub failed with error -5
[ 1422.327548][   T52] input: syz syz as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/input/input63
[ 1422.437944][   T52] usbtouchscreen 10-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -22
[ 1422.445147][   T52] usbtouchscreen 10-1:0.0: probe with driver usbtouchscreen failed with error -22
[ 1422.713044][   T52] usb 10-1: USB disconnect, device number 33
[ 1422.945102][T13866] loop7: detected capacity change from 0 to 1764
[ 1422.948186][T13866] ISOFS: Bad logical zone size 23846
[ 1423.349536][T13882] input: syz0 as /devices/virtual/input/input64
[ 1423.509194][T13895] loop9: detected capacity change from 0 to 512
[ 1423.520432][T13895] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c02c, mo2=0102]
[ 1423.523187][T13895] System zones: 1-12
[ 1423.543769][T13895] EXT4-fs error (device loop9): ext4_xattr_inode_iget:442: comm syz.9.16944: error while reading EA inode 32 err=-116
[ 1423.549704][T13895] EXT4-fs (loop9): Remounting filesystem read-only
[ 1423.551972][T13895] EXT4-fs warning (device loop9): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[ 1423.555450][T13895] EXT4-fs (loop9): 1 orphan inode deleted
[ 1423.558183][T13895] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1423.583759][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1423.735032][T13910] use of bytesused == 0 is deprecated and will be removed in the future,
[ 1423.738032][T13910] use the actual size instead.
[ 1424.044008][T13928] loop9: detected capacity change from 0 to 1024
[ 1424.305458][T13928] bio_check_eod: 281 callbacks suppressed
[ 1424.305471][T13928] syz.9.16955: attempt to access beyond end of device
[ 1424.305471][T13928] loop9: rw=2057, sector=262, nr_sectors = 65274 limit=1024
[ 1424.655599][  T512] usb 10-1: new high-speed USB device number 34 using dummy_hcd
[ 1424.817879][  T512] usb 10-1: Using ep0 maxpacket: 8
[ 1424.826082][  T512] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[ 1424.830316][  T512] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB3, changing to 0x83
[ 1424.834808][  T512] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1424.845706][  T512] usb 10-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.01
[ 1424.849381][  T512] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1424.852970][  T512] usb 10-1: Product: syz
[ 1424.854688][  T512] usb 10-1: Manufacturer: syz
[ 1424.856532][  T512] usb 10-1: SerialNumber: syz
[ 1424.864148][  T512] usb 10-1: config 0 descriptor??
[ 1424.872753][  T512] radioshark 10-1:0.0: Invalid radioSHARK device
[ 1424.875354][  T512] radioshark 10-1:0.0: probe with driver radioshark failed with error -22
[ 1424.878826][  T512] usbhid 10-1:0.0: couldn't find an input interrupt endpoint
[ 1424.974361][T13946] loop7: detected capacity change from 0 to 1024
[ 1424.997241][T13946] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1425.002776][T13946] ext4 filesystem being mounted at /458/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1425.053203][T13199] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #15: block 3: comm kworker/u10:16: lblock 3 mapped to illegal pblock 3 (length 2)
[ 1425.065235][T13199] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 2 with error 117
[ 1425.072077][T13199] EXT4-fs (loop7): This should not happen!! Data will be lost
[ 1425.072077][T13199] 
[ 1425.091242][T13195] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[ 1425.097061][  T512] usb 10-1: USB disconnect, device number 34
[ 1425.107020][T13195] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 36 with error 28
[ 1425.112272][T13195] EXT4-fs (loop7): This should not happen!! Data will be lost
[ 1425.112272][T13195] 
[ 1425.116304][T13195] EXT4-fs (loop7): Total free blocks count 0
[ 1425.118842][T13195] EXT4-fs (loop7): Free/Dirty block details
[ 1425.124180][T13195] EXT4-fs (loop7): free_blocks=4293918720
[ 1425.126583][T13195] EXT4-fs (loop7): dirty_blocks=48
[ 1425.128873][T13195] EXT4-fs (loop7): Block reservation details
[ 1425.183296][T13950] netlink: 79 bytes leftover after parsing attributes in process `syz.7.16961'.
[ 1425.230501][T13952] loop7: detected capacity change from 0 to 128
[ 1425.236779][T13952] FAT-fs (loop7): Directory bread(block 11554) failed
[ 1425.239667][T13952] FAT-fs (loop7): Directory bread(block 11555) failed
[ 1425.242977][T13952] FAT-fs (loop7): Directory bread(block 11556) failed
[ 1425.245819][T13952] FAT-fs (loop7): Directory bread(block 11557) failed
[ 1425.248562][T13952] FAT-fs (loop7): Directory bread(block 11558) failed
[ 1425.252530][T13952] FAT-fs (loop7): Directory bread(block 11559) failed
[ 1425.255598][T13952] FAT-fs (loop7): Directory bread(block 11560) failed
[ 1425.258451][T13952] FAT-fs (loop7): Directory bread(block 11561) failed
[ 1425.261459][T13952] FAT-fs (loop7): Directory bread(block 11562) failed
[ 1425.265150][T13952] FAT-fs (loop7): Directory bread(block 11563) failed
[ 1425.373814][T13956] PM: Enabling pm_trace changes system date and time during resume.
[ 1425.373814][T13956] PM: Correct system time has to be restored manually after resume.
[ 1425.784696][T13982] netlink: 12 bytes leftover after parsing attributes in process `syz.9.16976'.
[ 1425.788121][T13982] netlink: 12 bytes leftover after parsing attributes in process `syz.9.16976'.
[ 1425.795376][T13982] bridge0: port 3(vlan2) entered blocking state
[ 1425.797498][T13982] bridge0: port 3(vlan2) entered disabled state
[ 1425.799754][T13982] vlan2: entered allmulticast mode
[ 1425.801409][T13982] bridge0: entered allmulticast mode
[ 1425.805401][T13982] vlan2: left allmulticast mode
[ 1425.808181][T13982] bridge0: left allmulticast mode
[ 1425.853598][T13972] loop7: detected capacity change from 0 to 32768
[ 1425.856564][T13972] bcachefs (/dev/loop7): error reading default superblock: Not a bcachefs superblock (got magic c68573f6-4e1a-45ca-8231-f2ffffffffff)
[ 1425.861689][T13972] bcachefs (/dev/loop7): error validating superblock: Invalid superblock section members_v2: device 0: not enough buckets (got 0, max 64)
[ 1425.861689][T13972] members_v2 (size 96):
[ 1425.861689][T13972] member_bytes 0
[ 1425.868439][T13972] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[ 1427.766529][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[ 1427.768683][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[ 1427.840939][T14052] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17009'.
[ 1427.875285][T14052] netlink: 34 bytes leftover after parsing attributes in process `syz.2.17009'.
[ 1427.941202][   T33] audit: type=1326 audit(1755125998.234:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14055 comm="syz.9.17010" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8afab8ebe9 code=0x0
[ 1428.000793][T14063] loop9: detected capacity change from 0 to 16
[ 1428.215143][T14063] erofs (device loop9): unidentified algorithms fff0, please upgrade kernel
[ 1428.535993][T14084] netlink: 52 bytes leftover after parsing attributes in process `syz.9.17022'.
[ 1428.539837][T14084] netlink: 16 bytes leftover after parsing attributes in process `syz.9.17022'.
[ 1428.544021][T14084] netlink: 52 bytes leftover after parsing attributes in process `syz.9.17022'.
[ 1428.721805][T14095] loop9: detected capacity change from 0 to 1024
[ 1428.725002][T14095] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[ 1428.729857][T14095] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 1428.734581][T14095] EXT4-fs error (device loop9): ext4_get_journal_inode:5796: inode #32: comm syz.9.17027: iget: special inode unallocated
[ 1428.741914][T14095] EXT4-fs (loop9): Remounting filesystem read-only
[ 1428.747030][T14095] EXT4-fs (loop9): no journal found
[ 1428.749451][T14095] EXT4-fs (loop9): can't get journal size
[ 1428.762754][T14095] EXT4-fs (loop9): filesystem is read-only
[ 1428.765457][T14095] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[ 1428.788544][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1428.830083][T14098] loop9: detected capacity change from 0 to 128
[ 1428.981841][T14112] netlink: 60 bytes leftover after parsing attributes in process `syz.9.17035'.
[ 1429.154427][T14129] loop9: detected capacity change from 0 to 512
[ 1429.166393][T14129] EXT4-fs error (device loop9): ext4_iget_extra_inode:5104: inode #15: comm syz.9.17043: corrupted in-inode xattr: e_value size too large
[ 1429.172987][T14129] EXT4-fs error (device loop9): ext4_orphan_get:1397: comm syz.9.17043: couldn't read orphan inode 15 (err -117)
[ 1429.178455][T14129] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1429.217250][T14129] EXT4-fs error (device loop9): ext4_map_blocks:778: inode #2: block 12: comm syz.9.17043: lblock 3 mapped to illegal pblock 12 (length 1)
[ 1429.240127][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1430.219427][   T33] audit: type=1326 audit(1755126000.404:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14184 comm="syz.7.17070" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f629bd8ebe9 code=0x0
[ 1430.673861][T14194] loop9: detected capacity change from 0 to 512
[ 1430.679705][T14194] EXT4-fs warning (device loop9): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[ 1430.684246][T14194] EXT4-fs warning (device loop9): dx_probe:849: Enable large directory feature to access it
[ 1430.691733][T14194] EXT4-fs warning (device loop9): dx_probe:934: inode #2: comm syz.9.17074: Corrupt directory, running e2fsck is recommended
[ 1430.701774][T14194] EXT4-fs (loop9): Cannot turn on journaled quota: type 1: error -12
[ 1430.704499][T14194] EXT4-fs error (device loop9): ext4_iget_extra_inode:5104: inode #15: comm syz.9.17074: corrupted in-inode xattr: invalid ea_ino
[ 1430.709533][T14194] EXT4-fs (loop9): Remounting filesystem read-only
[ 1430.712824][T14194] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1430.744628][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1430.815683][T14199] loop9: detected capacity change from 0 to 16
[ 1430.819924][T14199] erofs (device loop9): mounted with root inode @ nid 36.
[ 1430.826437][T14199] syz.9.17076: attempt to access beyond end of device
[ 1430.826437][T14199] loop9: rw=0, sector=48, nr_sectors = 16 limit=16
[ 1430.833136][T14199] erofs (device loop9): read error -5 @ 43 of nid 36
[ 1431.442291][T14217] overlayfs: unescaped trailing colons in lowerdir mount option.
[ 1431.483047][T14219] IPVS: stopping backup sync thread 29759 ...
[ 1431.828388][T14230] loop9: detected capacity change from 0 to 512
[ 1431.832813][T14230] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1431.862831][T14230] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1431.916733][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1432.224380][   T52] usb 10-1: new high-speed USB device number 35 using dummy_hcd
[ 1432.414663][   T52] usb 10-1: Using ep0 maxpacket: 8
[ 1432.419499][   T52] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1432.452937][   T52] usb 10-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1432.456466][   T52] usb 10-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1432.461075][   T52] usb 10-1: Product: syz
[ 1432.463133][   T52] usb 10-1: Manufacturer: syz
[ 1432.464967][   T52] usb 10-1: SerialNumber: syz
[ 1432.896786][   T52] usb 10-1: Invalid connection information received from device
[ 1432.953575][   T52] usb 10-1: USB disconnect, device number 35
[ 1434.928589][   T33] audit: type=1326 audit(1755126004.754:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14290 comm="syz.9.17117" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8afab8ebe9 code=0x7ffc0000
[ 1434.955820][   T33] audit: type=1326 audit(1755126004.754:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14290 comm="syz.9.17117" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8afab8ebe9 code=0x7ffc0000
[ 1434.973520][   T33] audit: type=1326 audit(1755126004.754:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14290 comm="syz.9.17117" exe="/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f8afab8ebe9 code=0x7ffc0000
[ 1434.990081][   T33] audit: type=1326 audit(1755126004.754:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14290 comm="syz.9.17117" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8afab8ebe9 code=0x7ffc0000
[ 1435.009848][   T33] audit: type=1326 audit(1755126004.754:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14290 comm="syz.9.17117" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8afab8ebe9 code=0x7ffc0000
[ 1435.410039][T14309] netlink: 276 bytes leftover after parsing attributes in process `syz.2.17126'.
[ 1435.413074][T14309] netlink: 12 bytes leftover after parsing attributes in process `syz.2.17126'.
[ 1435.416065][T14309] netlink: 40 bytes leftover after parsing attributes in process `syz.2.17126'.
[ 1435.416839][T14305] loop9: detected capacity change from 0 to 4096
[ 1435.440940][T14305] NILFS: invalid option "cp=0": invalid checkpoint number 0
[ 1436.569935][T14340] netlink: 'syz.2.17140': attribute type 1 has an invalid length.
[ 1436.572531][T14340] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17140'.
[ 1436.743137][T14354] program syz.9.17147 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1437.419101][T14368] netlink: 12 bytes leftover after parsing attributes in process `syz.7.17153'.
[ 1438.178788][T14381] afs: Unexpected value for 'dyn'
[ 1438.632621][T14393] loop9: detected capacity change from 0 to 512
[ 1438.636226][T14393] EXT4-fs: inline encryption not supported
[ 1438.639624][T14393] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1438.659772][T14393] EXT4-fs (loop9): 1 truncate cleaned up
[ 1438.662474][T14393] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1438.729490][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1439.052576][T14419] loop9: detected capacity change from 0 to 1024
[ 1440.027762][T13195] hfsplus: b-tree write err: -5, ino 4
[ 1440.595410][T14471] 9pnet: p9_errstr2errno: server reported unknown error 184467440737
[ 1440.646333][T14473] loop9: detected capacity change from 0 to 512
[ 1440.651865][T14473] EXT4-fs (loop9): Cannot turn on journaled quota: type 0: error -2
[ 1440.654777][T14473] EXT4-fs (loop9): Cannot turn on journaled quota: type 1: error -2
[ 1440.659468][T14473] EXT4-fs (loop9): 1 truncate cleaned up
[ 1440.664707][T14473] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1440.674943][T14473] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[ 1440.684039][T14473] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[ 1440.699817][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1440.766487][T14476] loop9: detected capacity change from 0 to 512
[ 1440.770139][T14476] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1440.785819][T14476] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1440.791359][T14476] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1440.797423][T14476] EXT4-fs (loop9): resizing filesystem from 256 to 1 blocks
[ 1440.799655][T14476] EXT4-fs warning (device loop9): ext4_resize_fs:2042: can't shrink FS - resize aborted
[ 1440.827360][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1440.969819][T14486] loop9: detected capacity change from 0 to 256
[ 1440.980002][T14486] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[ 1440.985894][T14486] exFAT-fs (loop9): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1441.000918][   T33] audit: type=1800 audit(1755126010.359:725): pid=14486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.17207" name="file0" dev="loop9" ino=1048849 res=0 errno=0
[ 1441.055522][T14488] netlink: 16 bytes leftover after parsing attributes in process `syz.9.17208'.
[ 1441.105512][T14490] loop9: detected capacity change from 0 to 256
[ 1441.115575][T14490] exFAT-fs (loop9): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d)
[ 1441.399893][T14500] loop9: detected capacity change from 0 to 1024
[ 1441.414491][T14500] hfsplus: bad catalog entry type
[ 1441.436113][T13183] hfsplus: b-tree write err: -5, ino 4
[ 1441.517076][T14504] loop9: detected capacity change from 0 to 128
[ 1441.524720][T14504] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1441.529712][T14504] ext4 filesystem being mounted at /187/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1441.682345][T13286] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1441.707196][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1441.820736][T14512] loop9: detected capacity change from 0 to 1024
[ 1441.823812][T14512] EXT4-fs: Ignoring removed bh option
[ 1441.825974][T14512] EXT4-fs: inline encryption not supported
[ 1441.829305][T14512] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1441.835167][T14512] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce028, mo2=0000]
[ 1441.844845][T14512] EXT4-fs error (device loop9): ext4_map_blocks:778: inode #3: block 2: comm syz.9.17220: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1441.853752][T14512] EXT4-fs (loop9): Remounting filesystem read-only
[ 1441.856511][T14512] Quota error (device loop9): qtree_write_dquot: dquota write failed
[ 1441.859662][T14512] Quota error (device loop9): v2_write_file_info: Can't write info structure
[ 1441.866938][T14512] EXT4-fs (loop9): 1 orphan inode deleted
[ 1441.870648][T14512] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1441.877360][T14512] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1442.128882][T14533] dlm: plock device version mismatch: kernel (1.2.0), user (1.4.8)
[ 1443.234112][T14555] netlink: 4 bytes leftover after parsing attributes in process `syz.7.17238'.
[ 1443.235218][ T5847] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 1443.245891][ T5847] Bluetooth: hci3: Injecting HCI hardware error event
[ 1443.251609][ T5847] Bluetooth: hci3: hardware error 0x00
[ 1443.267279][T14555] netlink: 6 bytes leftover after parsing attributes in process `syz.7.17238'.
[ 1443.550907][  T512] usb 10-1: new full-speed USB device number 36 using dummy_hcd
[ 1443.720688][  T512] usb 10-1: config 3 has an invalid interface number: 61 but max is 0
[ 1443.724096][  T512] usb 10-1: config 3 has no interface number 0
[ 1443.726823][  T512] usb 10-1: config 3 interface 61 has no altsetting 0
[ 1443.733125][  T512] usb 10-1: string descriptor 0 read error: -22
[ 1443.737862][  T512] usb 10-1: New USB device found, idVendor=0499, idProduct=101a, bcdDevice=44.26
[ 1443.742420][  T512] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1443.751893][  T512] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1443.766519][  T512] snd-usb-audio 10-1:3.61: probe with driver snd-usb-audio failed with error -2
[ 1443.980957][  T512] usb 10-1: USB disconnect, device number 36
[ 1445.511318][ T5847] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1445.576444][T14628] loop9: detected capacity change from 0 to 2048
[ 1445.583058][T14628] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1446.669994][   T33] audit: type=1326 audit(1755126022.592:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14637 comm="syz.2.17277" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x0
[ 1448.045464][T14667] syz.7.17289: attempt to access beyond end of device
[ 1448.045464][T14667] loop15: rw=4096, sector=2, nr_sectors = 2 limit=0
[ 1448.057197][T14667] EXT4-fs (loop15): unable to read superblock
[ 1448.443201][T14684] netlink: 'syz.2.17297': attribute type 2 has an invalid length.
[ 1448.450585][T14684] netlink: 132 bytes leftover after parsing attributes in process `syz.2.17297'.
[ 1449.054981][T14713] 9pnet_fd: Insufficient options for proto=fd
[ 1450.204190][T14729] overlayfs: failed to clone upperpath
[ 1451.020382][T14736] macvtap0: refused to change device tx_queue_len
[ 1451.184572][T14742] loop9: detected capacity change from 0 to 4096
[ 1451.217972][T14742] ntfs3(loop9): failed to convert "0080" to cp857
[ 1451.221557][T14742] ntfs3(loop9): failed to convert name for inode 1e.
[ 1451.224558][T14742] ntfs3(loop9): ino=1f, mi_enum_attr
[ 1451.226698][T14742] ntfs3(loop9): Mark volume as dirty due to NTFS errors
[ 1451.312574][T14750] loop9: detected capacity change from 0 to 128
[ 1451.327271][T14750] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1451.332615][T14750] ext4 filesystem being mounted at /225/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1451.437932][T13286] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1451.469817][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1451.724510][T14763] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1452.659737][T14792] loop9: detected capacity change from 0 to 4096
[ 1452.687734][T14792] NILFS (loop9): corrupt root inode
[ 1452.689606][T14795] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1453.088707][T14814] loop9: detected capacity change from 0 to 1024
[ 1453.120667][T14814] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1453.163919][T14814] EXT4-fs error (device loop9): __ext4_remount:6736: comm syz.9.17351: Abort forced by user
[ 1453.172613][T14814] EXT4-fs (loop9): Remounting filesystem read-only
[ 1453.174855][T14814] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000.
[ 1453.204125][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1453.502693][T27891] usb 10-1: new high-speed USB device number 37 using dummy_hcd
[ 1453.677314][T27891] usb 10-1: config 0 has an invalid interface number: 17 but max is 0
[ 1453.680574][T27891] usb 10-1: config 0 has no interface number 0
[ 1453.685339][T27891] usb 10-1: config 0 interface 17 altsetting 4 bulk endpoint 0x8F has invalid maxpacket 64
[ 1453.689726][T27891] usb 10-1: config 0 interface 17 has no altsetting 0
[ 1453.692445][T27891] usb 10-1: New USB device found, idVendor=0bb4, idProduct=0a21, bcdDevice=e2.be
[ 1453.695890][T27891] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1453.706703][T27891] usb 10-1: config 0 descriptor??
[ 1453.709681][T14822] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1453.938698][T27891] usb 10-1: USB disconnect, device number 37
[ 1455.260668][T14900] loop9: detected capacity change from 0 to 32768
[ 1455.271277][T14900] XFS (loop9): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1455.287633][T14900] XFS (loop9): Ending clean mount
[ 1455.295273][T14900] XFS (loop9): Quotacheck needed: Please wait.
[ 1455.370577][T14900] XFS (loop9): Quotacheck: Done.
[ 1455.403961][T13286] XFS (loop9): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1456.960179][T14946] loop9: detected capacity change from 0 to 32768
[ 1456.976978][T14946] find_entry called with index >= next_index
[ 1456.981383][T14946] find_entry called with index >= next_index
[ 1456.983289][T14946] find_entry called with index >= next_index
[ 1456.988291][T14946] ERROR: (device loop9): jfs_readdir: JFS:Dtree error: ino = 2, bn=48, index = 1
[ 1456.988291][T14946] 
[ 1456.995106][T14946] ERROR: (device loop9): remounting filesystem as read-only
[ 1456.997407][T14946] ERROR: (device loop9): jfs_readdir: JFS:Dtree error: ino = 2, bn=48, index = 3
[ 1456.997407][T14946] 
[ 1457.001009][T14946] ERROR: (device loop9): jfs_readdir: JFS:Dtree error: ino = 2, bn=48, index = 4
[ 1457.001009][T14946] 
[ 1458.795854][T15002] netlink: 8 bytes leftover after parsing attributes in process `syz.9.17430'.
[ 1458.799708][T15002] netlink: 8 bytes leftover after parsing attributes in process `syz.9.17430'.
[ 1459.053688][T15010] loop9: detected capacity change from 0 to 32768
[ 1459.084031][T15010] XFS (loop9): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1459.094920][T15010] XFS (loop9): Ending clean mount
[ 1459.149178][T13286] XFS (loop9): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1459.566840][T27353] usb 10-1: new high-speed USB device number 38 using dummy_hcd
[ 1459.731776][T27353] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1459.737032][T27353] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1459.743287][T27353] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1459.746461][T27353] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1459.749243][T27353] usb 10-1: SerialNumber: syz
[ 1459.976592][T27353] usb 10-1: 0:2 : does not exist
[ 1459.985399][T27353] usb 10-1: USB disconnect, device number 38
[ 1460.092085][T15052] netlink: 'syz.7.17453': attribute type 3 has an invalid length.
[ 1460.094636][T15052] netlink: 766 bytes leftover after parsing attributes in process `syz.7.17453'.
[ 1460.122571][T15054] netlink: 16 bytes leftover after parsing attributes in process `syz.7.17454'.
[ 1460.572360][T15083] loop9: detected capacity change from 0 to 512
[ 1460.576290][T15083] EXT4-fs: inline encryption not supported
[ 1460.579921][T15083] EXT4-fs (loop9): can't mount with both data=journal and dax
[ 1460.744489][T15088] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(8)
[ 1460.746764][T15088] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1460.751878][T15088] vhci_hcd vhci_hcd.0: Device attached
[ 1461.006247][T27891] usb 51-1: new high-speed USB device number 2 using vhci_hcd
[ 1461.594483][T15089] vhci_hcd: connection reset by peer
[ 1461.596518][   T12] vhci_hcd: stop threads
[ 1461.597939][   T12] vhci_hcd: release socket
[ 1461.605417][   T12] vhci_hcd: disconnect device
[ 1462.992229][T15128] netlink: 28 bytes leftover after parsing attributes in process `syz.2.17487'.
[ 1463.399297][T27353] usb 10-1: new full-speed USB device number 39 using dummy_hcd
[ 1463.568209][T27353] usb 10-1: config 0 has an invalid interface number: 152 but max is 0
[ 1463.572043][T27353] usb 10-1: config 0 has no interface number 0
[ 1463.574878][T27353] usb 10-1: config 0 interface 152 altsetting 7 endpoint 0xA has invalid maxpacket 1024, setting to 64
[ 1463.579592][T27353] usb 10-1: config 0 interface 152 has no altsetting 0
[ 1463.590227][T27353] usb 10-1: New USB device found, idVendor=0e7e, idProduct=1001, bcdDevice=a3.17
[ 1463.595308][T27353] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1463.598622][T27353] usb 10-1: Product: syz
[ 1463.600374][T27353] usb 10-1: Manufacturer: syz
[ 1463.602306][T27353] usb 10-1: SerialNumber: syz
[ 1463.610042][T27353] usb 10-1: config 0 descriptor??
[ 1463.613255][T15136] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[ 1463.850551][T15136] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[ 1463.967181][T27353] cdc_subset 10-1:0.152 usb0: register 'cdc_subset' at usb-dummy_hcd.9-1, Yopy, 16:3a:03:9e:ff:11
[ 1464.251652][T27353] usb 10-1: USB disconnect, device number 39
[ 1464.320412][T27353] cdc_subset 10-1:0.152 usb0: unregister 'cdc_subset' usb-dummy_hcd.9-1, Yopy
[ 1464.952267][T15160] loop9: detected capacity change from 0 to 164
[ 1465.424388][   T52] usb 10-1: new high-speed USB device number 40 using dummy_hcd
[ 1465.609805][   T52] usb 10-1: New USB device found, idVendor=09e1, idProduct=5121, bcdDevice=40.c1
[ 1465.631666][   T52] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1465.634546][   T52] usb 10-1: Product: syz
[ 1465.637824][   T52] usb 10-1: Manufacturer: syz
[ 1465.642047][   T52] usb 10-1: SerialNumber: syz
[ 1465.655461][   T52] usb 10-1: config 0 descriptor??
[ 1465.928073][   T52] int51x1 10-1:0.0: probe with driver int51x1 failed with error -71
[ 1465.938673][   T52] usb 10-1: USB disconnect, device number 40
[ 1466.550692][T27891] vhci_hcd: vhci_device speed not set
[ 1466.744131][T15198] loop9: detected capacity change from 0 to 512
[ 1466.751678][T15198] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1466.754219][T15198] EXT4-fs: inline encryption not supported
[ 1466.760938][T15198] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1466.764123][T15198] EXT4-fs (loop9): Test dummy encryption mode enabled
[ 1466.767537][T15198] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[ 1466.786408][T15198] EXT4-fs (loop9): 1 truncate cleaned up
[ 1466.789513][T15198] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1466.824440][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1466.995099][T15210] loop9: detected capacity change from 0 to 4096
[ 1467.006161][T15212] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1468.879091][T15272] loop9: detected capacity change from 0 to 64
[ 1469.322666][T27891] usb 10-1: new high-speed USB device number 41 using dummy_hcd
[ 1469.403448][T15302] netlink: 392 bytes leftover after parsing attributes in process `syz.2.17564'.
[ 1469.508693][T27891] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1469.512369][T27891] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1469.523424][T27891] usb 10-1: config 0 descriptor??
[ 1469.527540][T27891] cp210x 10-1:0.0: cp210x converter detected
[ 1469.964805][T27891] cp210x 10-1:0.0: failed to get vendor val 0x000e size 3: -32
[ 1469.971834][T27891] usb 10-1: cp210x converter now attached to ttyUSB0
[ 1470.186802][T27729] usb 10-1: USB disconnect, device number 41
[ 1470.193252][T27729] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1470.196495][T27729] cp210x 10-1:0.0: device disconnected
[ 1470.946824][T15328] trusted_key: encrypted_key: master key parameter is missing
[ 1471.125154][T15330] loop9: detected capacity change from 0 to 32768
[ 1471.132364][T15330] XFS (loop9): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1471.148233][T15330] XFS (loop9): Ending clean mount
[ 1471.190912][T13286] XFS (loop9): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[ 1471.412517][T15342] netlink: 8 bytes leftover after parsing attributes in process `syz.9.17578'.
[ 1471.444280][T15342] netlink: 4 bytes leftover after parsing attributes in process `syz.9.17578'.
[ 1471.989561][T27891] IPVS: starting estimator thread 0...
[ 1472.108190][T15366] IPVS: using max 66 ests per chain, 158400 per kthread
[ 1472.521003][T27891] usb 10-1: new high-speed USB device number 42 using dummy_hcd
[ 1472.683112][T27891] usb 10-1: config 7 descriptor has 1 excess byte, ignoring
[ 1472.687036][T27891] usb 10-1: config 7 has 1 interface, different from the descriptor's value: 2
[ 1472.696158][T27891] usb 10-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 7.84
[ 1472.700819][T27891] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1472.713740][T27891] usb 10-1: Product: syz
[ 1472.716832][T27891] usb 10-1: Manufacturer: syz
[ 1472.721019][T27891] usb 10-1: SerialNumber: syz
[ 1472.732367][T27891] rndis_host 10-1:7.0: skipping garbage
[ 1472.734679][T27891] usb 10-1: bad CDC descriptors
[ 1472.737272][T27891] option 10-1:7.0: GSM modem (1-port) converter detected
[ 1472.978254][T27891] usb 10-1: USB disconnect, device number 42
[ 1473.035590][T27891] option 10-1:7.0: device disconnected
[ 1473.856498][T15402] loop9: detected capacity change from 0 to 32768
[ 1474.024871][T15414] netlink: 8 bytes leftover after parsing attributes in process `syz.7.17611'.
[ 1474.028921][T15414] netlink: 8 bytes leftover after parsing attributes in process `syz.7.17611'.
[ 1474.032005][T15414] netlink: 8 bytes leftover after parsing attributes in process `syz.7.17611'.
[ 1474.036153][T15414] netlink: 8 bytes leftover after parsing attributes in process `syz.7.17611'.
[ 1474.039024][T15414] netlink: 8 bytes leftover after parsing attributes in process `syz.7.17611'.
[ 1474.217063][T27729] usb 10-1: new high-speed USB device number 43 using dummy_hcd
[ 1474.395054][T27729] usb 10-1: New USB device found, idVendor=0582, idProduct=0044, bcdDevice=af.57
[ 1474.397915][T27729] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1474.411450][T27729] usb 10-1: Product: syz
[ 1474.414510][T27729] usb 10-1: Manufacturer: syz
[ 1474.416275][T27729] usb 10-1: SerialNumber: syz
[ 1474.419443][T27729] usb 10-1: config 0 descriptor??
[ 1474.647038][T27729] usb 10-1: USB disconnect, device number 43
[ 1475.404007][   T52] lo speed is unknown, defaulting to 1000
[ 1475.407159][ T5860] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1475.411129][ T5860] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1475.413853][   T52] syz2: Port: 1 Link DOWN
[ 1475.414543][ T5860] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1475.424497][ T5860] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1475.433799][T15444] loop9: detected capacity change from 0 to 2048
[ 1475.441468][T15444] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1476.194083][T15464] netlink: 'syz.2.17632': attribute type 4 has an invalid length.
[ 1476.196635][T15464] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.17632'.
[ 1476.406256][T15472] /dev/nbd2: Can't lookup blockdev
[ 1476.572739][T15478] loop9: detected capacity change from 0 to 256
[ 1476.600270][T15478] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[ 1476.622679][T15478] exFAT-fs (loop9): start_clu is invalid cluster(0xffffffff)
[ 1476.743006][T15492] (unnamed net_device) (uninitialized): (slave wg2): Device is not bonding slave
[ 1476.746338][T15492] (unnamed net_device) (uninitialized): option active_slave: invalid value (wg2)
[ 1477.102735][T15498] loop9: detected capacity change from 0 to 32768
[ 1477.138646][T15498] XFS (loop9): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[ 1477.170485][T15498] XFS (loop9): Ending clean mount
[ 1477.300966][T13286] XFS (loop9): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[ 1477.519940][T15522] loop9: detected capacity change from 0 to 1024
[ 1477.522511][T15522] EXT4-fs: Ignoring removed bh option
[ 1477.524791][T15522] EXT4-fs (loop9): stripe (5) is not aligned with cluster size (16), stripe is disabled
[ 1477.544895][T15522] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1478.479507][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1478.504002][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1478.640232][T15550] netlink: 4 bytes leftover after parsing attributes in process `syz.9.17666'.
[ 1478.643763][T15550] netlink: 4 bytes leftover after parsing attributes in process `syz.9.17666'.
[ 1479.058736][T15552] loop9: detected capacity change from 0 to 32768
[ 1479.065425][T15552] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.17667 (15552)
[ 1479.073164][T15552] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1479.077395][T15552] BTRFS info (device loop9): using crc32c (crc32c-lib) checksum algorithm
[ 1479.085440][T15552] BTRFS info (device loop9): using free-space-tree
[ 1479.162263][T15552] BTRFS info (device loop9): rebuilding free space tree
[ 1479.277226][T13286] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1480.385504][T15626] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[ 1480.970380][T15647] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1481.212531][T15661] netlink: 16 bytes leftover after parsing attributes in process `syz.9.17703'.
[ 1481.589936][   T33] audit: type=1326 audit(1755126054.841:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15664 comm="syz.7.17712" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629bd8ebe9 code=0x7ffc0000
[ 1481.600777][   T33] audit: type=1326 audit(1755126054.841:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15664 comm="syz.7.17712" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629bd8ebe9 code=0x7ffc0000
[ 1481.609724][   T33] audit: type=1326 audit(1755126054.859:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15664 comm="syz.7.17712" exe="/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f629bd8ebe9 code=0x7ffc0000
[ 1481.624570][   T33] audit: type=1326 audit(1755126054.859:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15664 comm="syz.7.17712" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629bd8ebe9 code=0x7ffc0000
[ 1481.640793][   T33] audit: type=1326 audit(1755126054.859:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15664 comm="syz.7.17712" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f629bd8ebe9 code=0x7ffc0000
[ 1481.960205][T15685] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1481.965649][T15685] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1481.973768][T15685] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1481.975989][T15685] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1481.978866][T15685] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1481.981000][T15685] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1481.984111][T15685] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1481.986196][T15685] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1481.994841][T15685] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1481.996997][T15685] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1482.812155][T15696] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1482.815298][T15696] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1482.969201][T15696] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1482.980044][T15696] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1483.186161][ T5860] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1483.215315][ T5860] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1483.222960][ T5860] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1483.230041][ T5860] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1484.441918][T15744] loop9: detected capacity change from 0 to 32768
[ 1484.444580][T15744] XFS: attr2 mount option is deprecated.
[ 1484.450234][T15744] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1484.474915][T15744] XFS (loop9): Ending clean mount
[ 1484.483952][T15744] XFS (loop9): Quotacheck needed: Please wait.
[ 1484.765503][T15744] XFS (loop9): Quotacheck: Done.
[ 1484.792932][T13286] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1485.146614][T15772] loop9: detected capacity change from 0 to 40427
[ 1485.149402][T15772] F2FS-fs: heap/no_heap options were deprecated
[ 1485.156660][T15772] F2FS-fs (loop9): invalid crc value
[ 1485.167120][   T33] audit: type=1326 audit(1755126058.156:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15784 comm="syz.2.17761" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1485.196262][   T33] audit: type=1326 audit(1755126058.156:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15784 comm="syz.2.17761" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1485.207194][   T33] audit: type=1326 audit(1755126058.156:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15784 comm="syz.2.17761" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1485.221216][   T33] audit: type=1326 audit(1755126058.156:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15784 comm="syz.2.17761" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1485.237267][T15772] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1485.249623][   T33] audit: type=1326 audit(1755126058.156:736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15784 comm="syz.2.17761" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4f7898ebe9 code=0x7ffc0000
[ 1485.257623][T15772] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[ 1485.583490][T15802] loop9: detected capacity change from 0 to 2048
[ 1485.598044][T15802] UDF-fs: error (device loop9): udf_process_sequence: Primary Volume Descriptor not found!
[ 1485.603990][T15802] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1486.020058][T27353] usb 10-1: new high-speed USB device number 44 using dummy_hcd
[ 1486.182285][T27353] usb 10-1: Using ep0 maxpacket: 32
[ 1486.188008][T27353] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1486.192495][T27353] usb 10-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[ 1486.201532][T27353] usb 10-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[ 1486.205351][T27353] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1486.208506][T27353] usb 10-1: Product: syz
[ 1486.210190][T27353] usb 10-1: Manufacturer: syz
[ 1486.212064][T27353] usb 10-1: SerialNumber: syz
[ 1486.671044][T27353] usb 10-1: Invalid number of CPorts: 0
[ 1486.672811][T27353] es2_ap_driver 10-1:7.0: probe with driver es2_ap_driver failed with error -22
[ 1486.687124][T27891] usb 10-1: USB disconnect, device number 44
[ 1489.249233][T15913] tipc: Invalid UDP bearer configuration
[ 1489.249262][T15913] tipc: Enabling of bearer <udp:3> rejected, failed to enable media
[ 1489.279368][T27729] usb 10-1: new high-speed USB device number 45 using dummy_hcd
[ 1489.319552][T15921] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17825'.
[ 1489.441597][T27729] usb 10-1: Using ep0 maxpacket: 32
[ 1489.445897][T27729] usb 10-1: config index 0 descriptor too short (expected 35577, got 27)
[ 1489.449632][T27729] usb 10-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[ 1489.454607][T27729] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 92
[ 1489.460594][T27729] usb 10-1: config 1 has no interface number 0
[ 1489.467151][T27729] usb 10-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1489.476286][T27729] usb 10-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1489.484761][T27729] usb 10-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1489.496855][T27729] usb 10-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[ 1489.505519][T27729] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1489.531116][T27729] snd_usb_pod 10-1:1.1: Line 6 Pocket POD found
[ 1490.110782][T27729] snd_usb_pod 10-1:1.1: cannot start listening: -90
[ 1490.113304][T27729] snd_usb_pod 10-1:1.1: Line 6 Pocket POD now disconnected
[ 1490.116070][T27729] snd_usb_pod 10-1:1.1: probe with driver snd_usb_pod failed with error -90
[ 1490.135278][T27729] usb 10-1: USB disconnect, device number 45
[ 1490.396577][T15920] comedi comedi3: reset error (fatal)
[ 1491.476547][T15952] netlink: 12 bytes leftover after parsing attributes in process `syz.2.17839'.
[ 1491.786407][   T33] audit: type=1326 audit(1755126064.260:737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15962 comm="syz.7.17844" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f629bd8ebe9 code=0x0
[ 1492.635911][T22394] Bluetooth: hci4: command 0x0405 tx timeout
[ 1492.969858][T15981] loop9: detected capacity change from 0 to 256
[ 1492.973620][T15981] exfat: Deprecated parameter 'utf8'
[ 1492.979553][T15981] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[ 1494.072535][T16008] overlayfs: failed to clone upperpath
[ 1494.286588][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[ 1494.289051][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[ 1494.852897][T16073] 9pnet_fd: Insufficient options for proto=fd
[ 1494.897623][T16075] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17895'.
[ 1494.903399][T16075] netlink: 32 bytes leftover after parsing attributes in process `syz.2.17895'.
[ 1495.402366][T16086] netlink: 'syz.9.17900': attribute type 12 has an invalid length.
[ 1495.700233][T27729] usb 10-1: new high-speed USB device number 46 using dummy_hcd
[ 1495.865861][T27729] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1495.870332][T27729] usb 10-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[ 1495.873978][T27729] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1495.878886][T27729] usb 10-1: config 0 descriptor??
[ 1496.324299][T27729] hid_parser_main: 5 callbacks suppressed
[ 1496.324313][T27729] playstation 0003:054C:0BA0.004A: unknown main item tag 0x0
[ 1496.329946][T27729] playstation 0003:054C:0BA0.004A: hidraw0: USB HID v0.00 Device [HID 054c:0ba0] on usb-dummy_hcd.9-1/input0
[ 1496.539984][T27729] playstation 0003:054C:0BA0.004A: Invalid reportID received, expected 18 got 158
[ 1496.542992][T27729] playstation 0003:054C:0BA0.004A: Failed to retrieve DualShock4 pairing info: -22
[ 1496.546147][T27729] playstation 0003:054C:0BA0.004A: Failed to get MAC address from DualShock4
[ 1496.548939][T27729] playstation 0003:054C:0BA0.004A: Failed to create dualshock4.
[ 1496.553351][T27729] playstation 0003:054C:0BA0.004A: probe with driver playstation failed with error -22
[ 1496.763325][   T52] usb 10-1: USB disconnect, device number 46
[ 1497.198043][T16117] netlink: 'syz.7.17914': attribute type 10 has an invalid length.
[ 1497.201849][T16117] netlink: 'syz.7.17914': attribute type 10 has an invalid length.
[ 1497.206408][T16117] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1497.209834][T16117] bond0: entered allmulticast mode
[ 1497.212473][T16117] team0: Port device bond0 added
[ 1497.660703][T16132] loop9: detected capacity change from 0 to 512
[ 1497.697483][T16132] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1497.702761][T16132] ext4 filesystem being mounted at /373/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1497.732011][T16132] EXT4-fs warning (device loop9): verify_group_input:156: Last group not full
[ 1497.764574][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1497.866558][T16137] tipc: Started in network mode
[ 1497.868245][T16137] tipc: Node identity 02b2529da157, cluster identity 4711
[ 1497.870645][T16137] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1497.873273][T16137] syzkaller0: entered promiscuous mode
[ 1497.875056][T16137] syzkaller0: entered allmulticast mode
[ 1497.904306][T16137] tipc: Resetting bearer <eth:syzkaller0>
[ 1497.912703][T16136] tipc: Resetting bearer <eth:syzkaller0>
[ 1497.936387][T16136] tipc: Disabling bearer <eth:syzkaller0>
[ 1498.067096][T16153] netlink: 8 bytes leftover after parsing attributes in process `syz.2.17929'.
[ 1498.239208][T16163] loop9: detected capacity change from 0 to 4096
[ 1498.257082][T16163] ntfs3(loop9): Different NTFS sector size (2048) and media sector size (512).
[ 1498.283834][T16163] ntfs3(loop9): ino=5, mi_enum_attr
[ 1498.285566][T16163] ntfs3(loop9): Mark volume as dirty due to NTFS errors
[ 1498.303718][T16171] mmap: syz.2.17938 (16171): VmData 37474304 exceed data ulimit 4. Update limits or use boot option ignore_rlimit_data.
[ 1498.761826][T16180] loop9: detected capacity change from 0 to 32768
[ 1498.770083][T16180] (syz.9.17942,16180,0):ocfs2_read_journal_inode:1659 ERROR: status = -13
[ 1498.772771][T16180] (syz.9.17942,16180,0):ocfs2_mark_dead_nodes:1942 ERROR: status = -13
[ 1498.775410][T16180] (syz.9.17942,16180,0):ocfs2_check_volume:2420 ERROR: status = -13
[ 1498.777905][T16180] (syz.9.17942,16180,0):ocfs2_check_volume:2432 ERROR: status = -13
[ 1498.780385][T16180] (syz.9.17942,16180,0):ocfs2_mount_volume:1764 ERROR: status = -13
[ 1498.787187][T16180] (syz.9.17942,16180,0):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 77
[ 1498.800282][T16180] (syz.9.17942,16180,0):ocfs2_fill_super:1177 ERROR: status = -13
[ 1498.897059][T16185] loop9: detected capacity change from 0 to 512
[ 1498.913756][T16185] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1498.918110][T16185] ext4 filesystem being mounted at /381/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1498.934122][T16185] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #2: comm syz.9.17943: corrupted inode contents
[ 1498.938708][T16185] EXT4-fs error (device loop9): ext4_dirty_inode:6538: inode #2: comm syz.9.17943: mark_inode_dirty error
[ 1498.942794][T16185] EXT4-fs error (device loop9): ext4_do_update_inode:5653: inode #2: comm syz.9.17943: corrupted inode contents
[ 1498.946736][T16185] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #2: comm syz.9.17943: mark_inode_dirty error
[ 1498.982804][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1499.264212][T16203] netlink: 300 bytes leftover after parsing attributes in process `syz.7.17951'.
[ 1499.411636][T16212] /dev/nbd2: Can't lookup blockdev
[ 1499.486424][T16216] netlink: 'syz.2.17957': attribute type 1 has an invalid length.
[ 1499.495513][T16216] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.17957'.
[ 1499.545884][T16214] netlink: 'syz.7.17956': attribute type 2 has an invalid length.
[ 1499.559680][T16218] netlink: 20 bytes leftover after parsing attributes in process `syz.2.17958'.
[ 1499.715413][T16224] batman_adv: batadv0: Adding interface: dummy0
[ 1499.718141][T16224] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1499.725945][T16224] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[ 1500.089355][T16228] loop9: detected capacity change from 0 to 128
[ 1500.097866][T16228] ufs: You didn't specify the type of your ufs filesystem
[ 1500.097866][T16228] 
[ 1500.097866][T16228] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[ 1500.097866][T16228] 
[ 1500.097866][T16228] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[ 1500.108542][T16228] ufs: ufstype=old is supported read-only
[ 1500.123017][T16228] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[ 1500.375830][T16234] loop9: detected capacity change from 0 to 32768
[ 1500.382704][T16234] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1500.411818][T16234] XFS (loop9): Ending clean mount
[ 1500.417494][T16234] XFS (loop9): Quotacheck needed: Please wait.
[ 1500.469979][T16234] XFS (loop9): Quotacheck: Done.
[ 1500.501727][T13286] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1500.770189][T16252] loop9: detected capacity change from 0 to 32768
[ 1500.773089][T16252] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.17971 (16252)
[ 1500.778978][T16252] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1500.782154][T16252] BTRFS info (device loop9): using crc32c (crc32c-lib) checksum algorithm
[ 1500.784787][T16252] BTRFS info (device loop9): disk space caching is enabled
[ 1500.786961][T16252] BTRFS warning (device loop9): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1500.817336][T16252] BTRFS info (device loop9): rebuilding free space tree
[ 1500.833453][T16252] BTRFS info (device loop9): disabling free space tree
[ 1500.835843][T16252] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1500.838884][T16252] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1500.937318][T16270] BTRFS info (device loop9 state M): max_inline set to 4096
[ 1501.427579][T16272] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17973'.
[ 1501.554320][T13286] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1501.885819][ T5847] Bluetooth: hci4: unexpected subevent 0x03 length: 244 > 9
[ 1502.393385][T16300] netlink: 'syz.2.17987': attribute type 1 has an invalid length.
[ 1502.423263][T16300] 8021q: adding VLAN 0 to HW filter on device bond6
[ 1502.520188][T16305] loop9: detected capacity change from 0 to 1024
[ 1502.527026][T16305] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1502.560214][T13286] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1502.765952][T16300] bond6 (unregistering): Released all slaves
[ 1503.190438][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1503.214032][T22394] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1503.222278][T22394] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1503.227308][T22394] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1503.230427][T22394] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1503.234879][T22394] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1503.313765][T16312] lo speed is unknown, defaulting to 1000
[ 1503.521426][T16312] chnl_net:caif_netlink_parms(): no params data found
[ 1503.580640][ T5860] bridge_slave_1: left allmulticast mode
[ 1503.582847][ T5860] bridge_slave_1: left promiscuous mode
[ 1503.590937][ T5860] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1503.596164][ T5860] bridge_slave_0: left allmulticast mode
[ 1503.598481][ T5860] bridge_slave_0: left promiscuous mode
[ 1503.601009][ T5860] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1503.911876][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1503.949451][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1504.386345][ T5860] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1504.390175][ T5860] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1504.393325][ T5860] bond0 (unregistering): Released all slaves
[ 1504.563302][ T5860] : left promiscuous mode
[ 1504.716385][ T5860] tipc: Left network mode
[ 1504.841243][T16312] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1504.844101][T16312] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1504.846990][T16312] bridge_slave_0: entered allmulticast mode
[ 1504.851460][T16312] bridge_slave_0: entered promiscuous mode
[ 1504.879610][T16312] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1504.882551][T16312] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1504.886998][T16312] bridge_slave_1: entered allmulticast mode
[ 1504.890755][T16312] bridge_slave_1: entered promiscuous mode
[ 1505.009607][T16312] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1505.018359][T16312] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1505.032909][ T5860] hsr_slave_0: left promiscuous mode
[ 1505.036250][ T5860] hsr_slave_1: left promiscuous mode
[ 1505.039127][ T5860] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1505.046182][ T5860] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1505.319440][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1505.558297][T22394] Bluetooth: hci2: command tx timeout
[ 1505.560249][T16349] RDS: rds_bind could not find a transport for ::ffff:172.20.20.170, load rds_tcp or rds_rdma?
[ 1505.853051][ T5860] team0 (unregistering): Port device team_slave_1 removed
[ 1505.913162][ T5860] team0 (unregistering): Port device team_slave_0 removed
[ 1506.697999][T16355] netlink: 4 bytes leftover after parsing attributes in process `syz.2.18010'.
[ 1506.881170][T16355] batman_adv: batadv0: Removing interface: ipvlan0
[ 1506.887882][T16355] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1506.956145][T16312] team0: Port device team_slave_0 added
[ 1506.962566][T16312] team0: Port device team_slave_1 added
[ 1507.072210][T16312] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1507.075071][T16312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1507.085158][T16312] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1507.090797][T16312] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1507.093850][T16312] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1507.101856][T16312] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1507.193543][T16312] hsr_slave_0: entered promiscuous mode
[ 1507.195959][T16312] hsr_slave_1: entered promiscuous mode
[ 1507.198356][T16312] debugfs: 'hsr0' already exists in 'hsr'
[ 1507.201045][T16312] Cannot create hsr debugfs directory
[ 1507.295424][ T5860] IPVS: stop unused estimator thread 0...
[ 1507.793963][T16312] netdevsim netdevsim8 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1507.806794][T22394] Bluetooth: hci2: command tx timeout
[ 1507.817251][T16312] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1508.004029][T16370] ==================================================================
[ 1508.007275][T16370] BUG: KASAN: slab-out-of-bounds in xfrm_alloc_spi+0x570/0xf30
[ 1508.010324][T16370] Read of size 4 at addr ffff888130d4d2c4 by task syz.2.18015/16370
[ 1508.014275][T16370] 
[ 1508.015578][T16370] CPU: 1 UID: 0 PID: 16370 Comm: syz.2.18015 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[ 1508.015601][T16370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 1508.015612][T16370] Call Trace:
[ 1508.015622][T16370]  <TASK>
[ 1508.015631][T16370]  dump_stack_lvl+0x189/0x250
[ 1508.015655][T16370]  ? __kasan_check_byte+0x12/0x40
[ 1508.015677][T16370]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1508.015695][T16370]  ? lock_release+0x4b/0x3e0
[ 1508.015719][T16370]  ? __virt_addr_valid+0x4a5/0x5c0
[ 1508.015740][T16370]  print_report+0xca/0x240
[ 1508.015756][T16370]  ? xfrm_alloc_spi+0x570/0xf30
[ 1508.015777][T16370]  kasan_report+0x118/0x150
[ 1508.015798][T16370]  ? xfrm_alloc_spi+0x570/0xf30
[ 1508.015823][T16370]  xfrm_alloc_spi+0x570/0xf30
[ 1508.015845][T16370]  ? xfrm_alloc_spi+0x2a0/0xf30
[ 1508.015874][T16370]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[ 1508.015895][T16370]  ? xfrm_find_acq+0x87/0xa0
[ 1508.015918][T16370]  xfrm_alloc_userspi+0x70b/0xc90
[ 1508.015937][T16370]  ? apparmor_capable+0x137/0x1b0
[ 1508.015954][T16370]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[ 1508.015971][T16370]  ? __nla_parse+0x40/0x60
[ 1508.015991][T16370]  xfrm_user_rcv_msg+0x7a3/0xab0
[ 1508.016007][T16370]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 1508.016032][T16370]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1508.016051][T16370]  ? rcu_is_watching+0x15/0xb0
[ 1508.016066][T16370]  ? trace_contention_end+0x39/0x120
[ 1508.016082][T16370]  ? __mutex_lock+0x335/0x1360
[ 1508.016103][T16370]  netlink_rcv_skb+0x208/0x470
[ 1508.016123][T16370]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 1508.016138][T16370]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1508.016160][T16370]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1508.016178][T16370]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1508.016203][T16370]  xfrm_netlink_rcv+0x79/0x90
[ 1508.016217][T16370]  netlink_unicast+0x82f/0x9e0
[ 1508.016236][T16370]  ? __pfx_netlink_unicast+0x10/0x10
[ 1508.016253][T16370]  ? netlink_sendmsg+0x642/0xb30
[ 1508.016270][T16370]  ? skb_put+0x11b/0x210
[ 1508.016291][T16370]  netlink_sendmsg+0x805/0xb30
[ 1508.016312][T16370]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1508.016332][T16370]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1508.016353][T16370]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1508.016370][T16370]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1508.016388][T16370]  __sock_sendmsg+0x21c/0x270
[ 1508.016405][T16370]  ____sys_sendmsg+0x505/0x830
[ 1508.016427][T16370]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1508.016451][T16370]  ? import_iovec+0x74/0xa0
[ 1508.016466][T16370]  ___sys_sendmsg+0x21f/0x2a0
[ 1508.016487][T16370]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1508.016519][T16370]  ? __fget_files+0x2a/0x420
[ 1508.016569][T16370]  ? __fget_files+0x3a0/0x420
[ 1508.016595][T16370]  __x64_sys_sendmsg+0x19b/0x260
[ 1508.016617][T16370]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1508.016643][T16370]  ? rcu_is_watching+0x15/0xb0
[ 1508.016659][T16370]  ? do_syscall_64+0xbe/0x3b0
[ 1508.016680][T16370]  do_syscall_64+0xfa/0x3b0
[ 1508.016697][T16370]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1508.016714][T16370]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1508.016729][T16370]  ? exc_page_fault+0x9f/0xf0
[ 1508.016745][T16370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1508.016760][T16370] RIP: 0033:0x7f4f7898ebe9
[ 1508.016776][T16370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1508.016789][T16370] RSP: 002b:00007f4f797ca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1508.016806][T16370] RAX: ffffffffffffffda RBX: 00007f4f78bb5fa0 RCX: 00007f4f7898ebe9
[ 1508.016819][T16370] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[ 1508.016829][T16370] RBP: 00007f4f78a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1508.016839][T16370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1508.016849][T16370] R13: 00007f4f78bb6038 R14: 00007f4f78bb5fa0 R15: 00007ffdd6eb9298
[ 1508.016867][T16370]  </TASK>
[ 1508.016873][T16370] 
[ 1508.166809][T16370] Allocated by task 2:
[ 1508.168454][T16370]  kasan_save_track+0x3e/0x80
[ 1508.170361][T16370]  __kasan_kmalloc+0x93/0xb0
[ 1508.172244][T16370]  __kmalloc_cache_noprof+0x230/0x3d0
[ 1508.174294][T16370]  set_kthread_struct+0xbb/0x340
[ 1508.176294][T16370]  copy_process+0x10c4/0x3c00
[ 1508.178135][T16370]  kernel_clone+0x21e/0x840
[ 1508.179980][T16370]  kernel_thread+0x10c/0x160
[ 1508.181857][T16370]  kthreadd+0x575/0x770
[ 1508.183543][T16370]  ret_from_fork+0x3fc/0x770
[ 1508.185327][T16370]  ret_from_fork_asm+0x1a/0x30
[ 1508.187247][T16370] 
[ 1508.188196][T16370] The buggy address belongs to the object at ffff888130d4d000
[ 1508.188196][T16370]  which belongs to the cache kmalloc-512 of size 512
[ 1508.193681][T16370] The buggy address is located 444 bytes to the right of
[ 1508.193681][T16370]  allocated 264-byte region [ffff888130d4d000, ffff888130d4d108)
[ 1508.199311][T16370] 
[ 1508.200295][T16370] The buggy address belongs to the physical page:
[ 1508.202864][T16370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x130d4c
[ 1508.206346][T16370] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[ 1508.209684][T16370] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff)
[ 1508.212691][T16370] page_type: f5(slab)
[ 1508.214310][T16370] raw: 057ff00000000040 ffff88801a441c80 dead000000000122 0000000000000000
[ 1508.217711][T16370] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1508.221135][T16370] head: 057ff00000000040 ffff88801a441c80 dead000000000122 0000000000000000
[ 1508.224549][T16370] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[ 1508.227955][T16370] head: 057ff00000000002 ffffea0004c35301 00000000ffffffff 00000000ffffffff
[ 1508.231399][T16370] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[ 1508.234826][T16370] page dumped because: kasan: bad access detected
[ 1508.237252][T16370] page_owner tracks the page as allocated
[ 1508.239451][T16370] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 2, tgid 2 (kthreadd), ts 1396455173539, free_ts 1381435000812
[ 1508.246109][T16370]  post_alloc_hook+0x240/0x2a0
[ 1508.247612][T16370]  get_page_from_freelist+0x21e4/0x22c0
[ 1508.249283][T16370]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1508.250987][T16370]  alloc_pages_mpol+0x232/0x4a0
[ 1508.252453][T16370]  allocate_slab+0x8a/0x370
[ 1508.253832][T16370]  ___slab_alloc+0xbeb/0x1410
[ 1508.255305][T16370]  __kmalloc_cache_noprof+0x296/0x3d0
[ 1508.256970][T16370]  set_kthread_struct+0xbb/0x340
[ 1508.258533][T16370]  copy_process+0x10c4/0x3c00
[ 1508.260050][T16370]  kernel_clone+0x21e/0x840
[ 1508.261543][T16370]  kernel_thread+0x10c/0x160
[ 1508.263301][T16370]  kthreadd+0x575/0x770
[ 1508.264631][T16370]  ret_from_fork+0x3fc/0x770
[ 1508.266100][T16370]  ret_from_fork_asm+0x1a/0x30
[ 1508.267621][T16370] page last free pid 5825 tgid 5825 stack trace:
[ 1508.269620][T16370]  __free_frozen_pages+0xbc4/0xd30
[ 1508.271228][T16370]  __put_partials+0x156/0x1a0
[ 1508.272793][T16370]  put_cpu_partial+0x17c/0x250
[ 1508.274354][T16370]  __slab_free+0x2d5/0x3c0
[ 1508.275739][T16370]  qlist_free_all+0x97/0x140
[ 1508.277214][T16370]  kasan_quarantine_reduce+0x148/0x160
[ 1508.278921][T16370]  __kasan_slab_alloc+0x22/0x80
[ 1508.280411][T16370]  kmem_cache_alloc_node_noprof+0x1bb/0x3c0
[ 1508.282254][T16370]  kmalloc_reserve+0xbd/0x290
[ 1508.283729][T16370]  __alloc_skb+0x142/0x2d0
[ 1508.285109][T16370]  tcp_stream_alloc_skb+0x3d/0x340
[ 1508.286688][T16370]  tcp_sendmsg_locked+0xf38/0x5620
[ 1508.288180][T16370]  tcp_sendmsg+0x2f/0x50
[ 1508.289630][T16370]  __sock_sendmsg+0x19c/0x270
[ 1508.291223][T16370]  sock_write_iter+0x258/0x330
[ 1508.292702][T16370]  vfs_write+0x54b/0xa90
[ 1508.294030][T16370] 
[ 1508.294777][T16370] Memory state around the buggy address:
[ 1508.296667][T16370]  ffff888130d4d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1508.299178][T16370]  ffff888130d4d200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1508.301667][T16370] >ffff888130d4d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1508.304237][T16370]                                            ^
[ 1508.306223][T16370]  ffff888130d4d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1508.308765][T16370]  ffff888130d4d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 1508.311217][T16370] ==================================================================
[ 1508.313770][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1508.315823][T16370] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1508.318078][T16370] CPU: 1 UID: 0 PID: 16370 Comm: syz.2.18015 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[ 1508.321882][T16370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[ 1508.324998][T16370] Call Trace:
[ 1508.326057][T16370]  <TASK>
[ 1508.326995][T16370]  dump_stack_lvl+0x99/0x250
[ 1508.328416][T16370]  ? __asan_memcpy+0x40/0x70
[ 1508.329865][T16370]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1508.331476][T16370]  ? __pfx__printk+0x10/0x10
[ 1508.332918][T16370]  vpanic+0x281/0x750
[ 1508.334158][T16370]  ? __pfx_vpanic+0x10/0x10
[ 1508.335571][T16370]  ? irqentry_exit+0x74/0x90
[ 1508.336991][T16370]  panic+0xb9/0xc0
[ 1508.338190][T16370]  ? __pfx_panic+0x10/0x10
[ 1508.339628][T16370]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[ 1508.341449][T16370]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1508.343329][T16370]  ? xfrm_alloc_spi+0x570/0xf30
[ 1508.344832][T16370]  check_panic_on_warn+0x89/0xb0
[ 1508.346346][T16370]  ? xfrm_alloc_spi+0x570/0xf30
[ 1508.347866][T16370]  end_report+0x78/0x160
[ 1508.349191][T16370]  kasan_report+0x129/0x150
[ 1508.350710][T16370]  ? xfrm_alloc_spi+0x570/0xf30
[ 1508.352632][T16370]  xfrm_alloc_spi+0x570/0xf30
[ 1508.354470][T16370]  ? xfrm_alloc_spi+0x2a0/0xf30
[ 1508.356381][T16370]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[ 1508.358385][T16370]  ? xfrm_find_acq+0x87/0xa0
[ 1508.360190][T16370]  xfrm_alloc_userspi+0x70b/0xc90
[ 1508.362160][T16370]  ? apparmor_capable+0x137/0x1b0
[ 1508.364298][T16370]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[ 1508.366463][T16370]  ? __nla_parse+0x40/0x60
[ 1508.368251][T16370]  xfrm_user_rcv_msg+0x7a3/0xab0
[ 1508.370271][T16370]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 1508.372462][T16370]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1508.374818][T16370]  ? rcu_is_watching+0x15/0xb0
[ 1508.376713][T16370]  ? trace_contention_end+0x39/0x120
[ 1508.378793][T16370]  ? __mutex_lock+0x335/0x1360
[ 1508.380725][T16370]  netlink_rcv_skb+0x208/0x470
[ 1508.382653][T16370]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 1508.384351][T16370]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1508.386017][T16370]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1508.387714][T16370]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1508.389533][T16370]  xfrm_netlink_rcv+0x79/0x90
[ 1508.391354][T16370]  netlink_unicast+0x82f/0x9e0
[ 1508.393341][T16370]  ? __pfx_netlink_unicast+0x10/0x10
[ 1508.395421][T16370]  ? netlink_sendmsg+0x642/0xb30
[ 1508.397376][T16370]  ? skb_put+0x11b/0x210
[ 1508.399027][T16370]  netlink_sendmsg+0x805/0xb30
[ 1508.401068][T16370]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1508.403155][T16370]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1508.405015][T16370]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1508.406762][T16370]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1508.408455][T16370]  __sock_sendmsg+0x21c/0x270
[ 1508.410022][T16370]  ____sys_sendmsg+0x505/0x830
[ 1508.411838][T16370]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1508.413930][T16370]  ? import_iovec+0x74/0xa0
[ 1508.415737][T16370]  ___sys_sendmsg+0x21f/0x2a0
[ 1508.417610][T16370]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1508.419661][T16370]  ? __fget_files+0x2a/0x420
[ 1508.421401][T16370]  ? __fget_files+0x3a0/0x420
[ 1508.423211][T16370]  __x64_sys_sendmsg+0x19b/0x260
[ 1508.425054][T16370]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1508.427111][T16370]  ? rcu_is_watching+0x15/0xb0
[ 1508.428948][T16370]  ? do_syscall_64+0xbe/0x3b0
[ 1508.430746][T16370]  do_syscall_64+0xfa/0x3b0
[ 1508.432519][T16370]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1508.434573][T16370]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1508.436847][T16370]  ? exc_page_fault+0x9f/0xf0
[ 1508.438713][T16370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1508.440998][T16370] RIP: 0033:0x7f4f7898ebe9
[ 1508.442739][T16370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1508.449999][T16370] RSP: 002b:00007f4f797ca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1508.453166][T16370] RAX: ffffffffffffffda RBX: 00007f4f78bb5fa0 RCX: 00007f4f7898ebe9
[ 1508.456143][T16370] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[ 1508.459228][T16370] RBP: 00007f4f78a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1508.462121][T16370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1508.464630][T16370] R13: 00007f4f78bb6038 R14: 00007f4f78bb5fa0 R15: 00007ffdd6eb9298
[ 1508.467084][T16370]  </TASK>
[ 1508.468682][T16370] Kernel Offset: disabled
[ 1508.470062][T16370] Rebooting in 86400 seconds..

VM DIAGNOSIS:
22:02:22  Registers:
info registers vcpu 0

CPU#0
RAX=000000000001e200 RBX=0000000000001465 RCX=000000000001e200 RDX=ffffffff93639338
RSI=0000000000000009 RDI=00000000000c2144 RBP=ffffffff93a797b0 RSP=ffffc90003f6f538
R8 =0000000000000000 R9 =ffffffff81aa82d8 R10=dffffc0000000000 R11=fffffbfff1f46847
R12=000000000005f827 R13=ffffffff93cc3310 R14=ffffffff92ac574c R15=0000000005398714
RIP=ffffffff819dd492 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055555cfb7500 ffffffff 00c00000
GS =0000 ffff8880b8623000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffdd6eb7d78 CR3=000000002ff18000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff8173c947 ffffffff81688869
XMM02=ffffffff8168893f ffffffff81688869 XMM03=ffffffff81688869 ffffffff8167986f
XMM04=00007f629caed100 00007f629bf87460 XMM05=00007f629bf87478 00007f629bf874c0
XMM06=00007f629bf874b8 00007f629bf874b0 XMM07=00007f629bf874a8 00007f629bf874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f629be12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000030 RBX=0000000000000030 RCX=0000000000000000 RDX=00000000000003f8
RSI=000000000000170b RDI=000000000000170c RBP=00000000000003f8 RSP=ffffc900036969f0
R8 =ffff888020948237 R9 =1ffff11004129046 R10=dffffc0000000000 R11=ffffffff854e75e0
R12=dffffc0000000000 R13=ffffffff99af28c8 R14=ffffffff99de74e0 R15=0000000000000000
RIP=ffffffff854e765c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f4f797ca6c0 ffffffff 00c00000
GS =0000 ffff8881a3c23000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c34bab6 CR3=000000012ff18000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=7712c53e93b9f1e8 728370bf3cb3486e
XMM06=63e772d7f3a22482 dabb339f3c035440 XMM07=bd0dad416e16bee6 46815929601aad29
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f629be12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
