last executing test programs:

3m23.981644697s ago: executing program 1 (id=1591):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000340)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000100)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000013000/0x4000)=nil, 0x3000, 0x3})

3m23.822238777s ago: executing program 1 (id=1594):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r0, &(0x7f0000000100)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e20, @broadcast}}, 0x24)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r1, &(0x7f0000000100)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e20, @multicast2}}, 0x24)

3m23.679795987s ago: executing program 1 (id=1595):
r0 = syz_open_dev$amidi(&(0x7f0000000140), 0x2, 0x181)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x810c5701, 0x0)

3m23.590063652s ago: executing program 1 (id=1598):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[], 0x1, 0x6276, &(0x7f0000003680)="$eJzs3c1vHGcdB/Df7JtfStOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFBQogjJ/6AHrhy4w8gUoIE6qmD1n4eZzxde+2k3ln7+XwkZ+Y3z4z3mXx3vLueGT8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Dj81VEXP1VWnAy4nPRj+hFLI3rlYhYWjmZ1x9ExPOx2RzPRcRwIaLKjc9EvBYRH52IePDw7up40YV99uP7f/nnH37y1I/+8efh2f/99Xb/9d3Wu3Pnt//9273H318AAAAoUV3XdZU+5p9Kn+97XXcKAJiJ/PpfJ3m5eu7q9Tnrj1qtVquPYN1UT3avWUTEenOb8XsGp+MB4IhZj4+77gIdkn/RBhHxVNedAOZa1XUHOBQPHt5drVK+VfP1YGWrPV8LsiP/9Wr7/o7dptO0rzGZ1fNrI/rx7C79WZpRH+ZJzr/Xzv/qVvsorXfY+c/KbvmPtm59Kk7Ov9/Ov+X45N+bmH+pcv6DA+Xflz8AAAAAAMyx/Pv/kx2f/1148l3Zl73O/67MqA8AAAAAAAAA8Fl70vH/tlXG/wMAAIB5Nf6sPva7E4+WNa/1H8XO5VeqiKdb6wOFSTfLLHfdDwAAAAAAAAAAAAAoyWDrGt4rVcQwIp5eXq7revzV1K4P6km3P+pK338oWdc/5AEAYMtHJ1r38lcRixFxJf2tv+Hy8nJdLy4t18v10kJ+PztaWKyXGp9r83S8bGG0jzfEg1E9/maLje2apn1entbe/n7jxxrV/X10bDY6DBwAImLr1eiBV6Rjpq6fia7f5XA0OP6PH8c/+9H18xQAAAA4fHVd11X6c96n0jn/XtedAgBmIr/+t88LqNVqtVqtPn51Uz3ZvWYREevNbcbvGQzHDwBHzHp83HUX6JD8izaIiOe77gQw16quO8ChePDw7mqV8q2arwdpfPd8LciO/Nerze3y9pOm07SvMZnV82sj+vHsLv15bkZ9mCc5/147/6tb7aO03mHnPyu75T/ez5Md9KdrOf9+O/+W45N/b2L+pcr5Dw6Uf1/+AAAAAAAwx/Lv/0/O1fnf0ePuzlR7nf9dObRHBQAAAAAAAIDD9eDh3dV832s+//+FCeu5//N4yvlX8i9Szr/Xyv+rrfX6jfn7bz3K/z8P767+8fa/P5+n+81/Ic9U6ZlVpWdElR6pGqTpk+zdp20M+6PxIw2rXn+Qrvmph+/E9bgRa3Fux7q99P/xqP38jvZxT4eb7XV/q/3CjvbBdnve/uKO9mG60qleyu1nYjV+Hjfi7c32cdvClP1fnNJeT2nP+fcd/0XK+Q8aX+P8l1N71ZqO3f+w96njvjmd9DhvXv/ib84d/u5MtRH97X1rGu/fix30Z/P/5KlR/PLW2s0zd67dvn3zfKTJjqUXIk0+Yzn/Yfra/vn/0lZ7/rnfPF7vfzg6cP7zYiMGu+b/UmN+vL8vz7hvXcj5j9JXzv/t1D75+D9A/r0/zWxf9mOv4/+VDvoDAAAAAAAAAAAAAAAAe6nrevMW0Tcj4lK6/6erezMBgNnKr/91kpfPqu7P+PHU6iNeV3PWn5nWn9Tz1R+1+ijWTfVkbzSLiPh7c5vxe4ZfT/pmAMA8+yQi/tV1J+iM/AuW/97feHq6684AM3Xr/Q9+eu3GjbWbt7ruCQAAAAAAAADwuPL4nyuN8Z9P13V9r7XejvFf34qVJx3/dZBntgcY3WWg6v7B92kvG71Rv9cYbvyF2G387+H23F7jfw+mPN5wSvtoSvvClPbFKe0Tb/RoyPm/0Bjv/HREnGoNv/7Y47/Omb3Gf22PeV+CnP+LjefzOP+vtNZr5l///ijn39uR/9nb7/3i7K33P3j1+nvX3l17d+1nF8+fP3fx0qXLly+ffef6jbVzW/922OPDlfPPY1+7DrQsOf+cufzLkvP/UqrlX5ac/5dTLf+y5Pzz+z35lyXnnz/7yL8sOf+XUy3/suT8v5Zq+Zcl5/9KquVflpz/11Mt/7Lk/F9NtfzLkvM/k2r5lyXnfzbV+8x/6bD7xWzk/PMZLsd/WXL++coG+Zcl538h1fIvS87/YqrlX5ac/2upln9Zcv7fSLX8y5Lzv5Rq+Zcl5//NVMu/LDn/y6mWf1ly/t9KtfzLkvP/dqrlX5ac/+upln9Zcv7fSbX8y5Lz/26q5V+WnP/3Ui3/suT830i1/Mvy6O//mzFjxkye6fonEwAAAAAAAAAAAADQNovLibveRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCnt3FyPXWd4B/Mx+eeNAYiCkTmrCxjHGOJvs+iP+oHUx4bPhqySEQj+wXe/aLPgLr10CjWpHgRIJo6KKtuGiLSDU5qbCqrigFaBcoFaVKkF7QW8QFSoXURVQQKrUVsBWM+d9352ZnZ3Z9Y7XZ875/ST78c6cmfedM++c2WfX/zkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANLv7DbOfqmVZVqvV8gs2ZdmL6vWmiU2NS157Y+cHAAAArN3PG3+/cGu64PAKbtS0zT/d9e2vLiwsLGTvG/7T0c8tLKQrJrJsdEOWNa6Lrv7g/bXmbYIns/HaUNPXQz2GH+5x/UiP60d7XD/W4/oNPa4f73H9kh2wxE1ZLd3ZtsY/N+W7NLstG21ct63DrZ6sbRiq77t026zWuM3C6IlsLjuVzWbTLdvn29Ya23/97vpYb83iWENNY22pr5CfPH48zqEW9vG2lrEW7zP60euziZ/+5PHjf33h+Ts61Z67oeX+8nnu2Fqf5yfCJflca9mGtE/iPIea5rmlw3My3DLPWuN29X+3z/OFFc5zeHGa66r9OR/Phhr//k5jP43Usg77aUu47H/uybLs8uK027dZMlY2lG1suWRo8fkZz1dk/T7qS+ml2Uj3dbpQa1mnd69gndbrzLbWddr+mojP/93hdiPLzKH5afrRE2NNz/vPFq5lnUb1R73ca6V9Dfb7tVKUNRjXxXcaD/qpjmtwW3j8j29ffg12XDsd1mB63E1rcGuvNTg0NtyYc3oSao3bLK7BXS3bDzdGqjXqc9u7r8GpC6fPTc1/7OP3zZ0+dnL25OyZPbt2Te/Zt+/AgQNTJ+ZOzU7nf1/j3i6+jdlQeg1sDfsuvgZe3bZt81Jd+OLYkuPvtb4Ox7u8Dje1bdvv1+FI+4Orrc8Lcumazl8b76nv9PErQ9kyr7HG87Nz7a/D9LibXocjTa/Dju8pHV6HIyt4Hda3ObdzZd+zjDT96TSH5d8L1rYGNzWtwfbvR9rXYL+/HynKGhwP6+J7O5d/L9gS5vvU5Gq/HxlesgbTww3Hnvol6fv98QON0mld3lm/4uax7OL87Pn7Hzt24cL5XVko6+JlTWulfb1ubHpM2ZL1OrTq9Xp47q6n7uxw+aawr8bvq/81vuxzVd9m7/3dn6vGu1vn/dly6e4slD4L+3Nhwzrtz07v5vX9OZZln//WEw9/4/HPv2HZ/VnvNz8xtfbvxVNf2nT8HV3m+Bv7/l/k46W7enJ4dCR//Q6nvTPacjxufapGGseuWmPsF6ZWdjweDX/W+3h8W5fj8ea2bft9PB5tf3DxeFzr9dOOtWl/PsfDOjk13f14XN9m8+7VrsmRrsfje0Kthf3/mtAppL6oae0st27TWCMjo+FxjcQRWtfpnpbtR0NvVh/rmd3Xtk533JPf13B6dIvWa51OtG3b73Wafva13Dqt9frp27Vpfz7Hw7q4bU/3dVrf5tm9az923hT/2XTsHOu1BkeHx+pzHk2LsHG8zxZuimvw/ux4djY7lc00rh1rrKdaY6zJB1a2BsfCn/U+Vm7usgZ3tG3b7zWY3seWW3u1kaUPvg/an8/xsC6efqD7Gqxv88b9/f3edUe4JG3T9L1r+8/XlvuZ151tu+l6rZWRMM9v7e/+s9n6NqcOrLbP7L6f7g2X3NxhP7W/fpd7Tc1k67OfNod5Pn9g+f1Un099m88dXOF6Opxl2aWPPNj4eW/4/crfXfzuV1t+79LpdzqXPvLgj1984h9XM38ABt8v8rIxf69r+s3USn7/DwAAAAyE2PcPhZro/wEAAKA0Yt8f/1d4ov8HAACA0oh9/0ioSUX6/81vfH7uF5eylMxfCOL1aTc8lG8XM67T4euJhUX1yx/88ux//8OllY09lGXZzx76g47bb34ozis3EeZ59U2tly/x1ftWNPbRRy+lcZvz618I9x8fz0qXQacI7nSWZV+/9TONcSbef6VRn33oaKM+fPmpJ+vbvHAw/zre/rmX5dv/RQj/Hj5xrOX2z4X98MNQp9/WeX/E233lymu27H/v4njxdrWttzQe9tMfyO83fk7OZ5/Mt4/7ebn5f+PTz3ylvv1jr+o8/0tDnef/TLjfL4f6v6/It29+Dupfx9t9Msw/jhdvd/+Xvtlx/lc/lW9/7s35dkdDjePvCF9ve/Pzc83767HasZbHlb0l3y6OP/3dP25cH+8v3n/7/MePXGnZH+3r49l/y+9nqm37eHkcJ/r7tvHr99O8PuP4z/zR0Zb93Gv8qw8/94r6/baPf2/bduc+srMx/uL9tX5i019+8jMdx4vzOfy351oez+F3h9dxGP/pD4T1GK7/v6v5/bV/usLRd7cef+L2X9h0qeXxRG/9aT7+1dedbNQN4zdtvPlFL77l8ivr+y7LvrMhv79e45/8q7Mt8//i7fn+iNfHjH77+MuJ45//6OSZs/MX52bSXn381sZn57w9n0+c763h2Nr+9ZGzFz44e35iemI6yybK+xF61+xLof44L5e7b72w5Ai689HwfN7551/fuP1fPx0v//f35JdfeVv+vvXqsN1nw+WbwvO3uvGXevru2xuv79qzYYYLSz8veC22bPuvAyvaMDz+9u8L4no/9/IPNvZD/brG+0Z8Xa9x/t+fye/na2G/LoRPZt56++J4zdvHz0a48kj+el/z/guHufi8/k14vt/xw/z+47zi4/1++D7mm5tbj3dxfXzt0lD7/Tc+xeNyOJ5kl/Pr41Zxf1954faO04ufQ5JdvqPx9Z+k+7ljVQ9zOfMfm586NXfm4mNTF2bnL0zNf+zjR06fvXjmwpHGZ3ke+VCv2y8enzY2jk8zs/v2Zo2j1dm8XGc3ev7nHj0+s396+8zsiWMXT1x49Nzs+ZPH5+ePz87Mbz924sTsR3vdfm7m0K7dB/fs3z15cm7m0IGDB/ccnJw7c7Y+jXxSPeyb/vDkmfNHGjeZP7T34K4HHtg7PXn67Mzsof3T05MXe92+8d40Wb/170+enz117MLc6dnJ+bmPzx7adXDfvt09Pw3w9LkT8xNT5y+embo4P3t+Kn8sExcaF9ff+3rdnnKa/4/8+9l2tfyD+LJ33bsvfT5r3ZefWPau8k3aPkD0+fBZNP/8knMHVvJ17PtHQ00q0v8DAABAFcS+fyzURP8PAAAApRH7/g2hJvp/AAAAKI3Y94+HmlSk/y9d/n/zpRWNL/8v/9+8v+T/K5b/f6Ro+f/8eCH/3x9rzd/L/wfy//L/8v8Dk/9fCG9I8v8UUdHy/7HvvynLKtn/AwAAQBXEvn9jqIn+HwAAAEoj9v03h5ro/wEAAKA0Yt//olCTivT/8v/y//L/8v/y/53Hl/8fTPL/3cn/9yD/P5VVK/9/uZ/zd/5/+X+WKlr+P/b9Lw41qUj/DwAAAFUQ+/5bQk30/wAAAFAase+/NdRE/w8AAAClEfv+TaEmFen/5f/l/+X/5f/l/zuPL/8/mOT/u5P/70H+3/n/5f/l/+mrouX/Y9//klCTivT/AAAAUAWx739pqIn+HwAAAIpn5NpuFvv+l4WaLOn/r3EAAAAA4IaLff9tWVsQvCK//5f/l/8vfv5/Q7pO/l/+Pytk/n84k/8vDvn/7uT/e5D/l/+X/5f/p6+Klv9v9P3ZePbyUJOK9P8AAABQBbHvvz3URP8PAAAApRH7/l8KNdH/AwAAQGnEvn9zqElF+n/5f/n/G53/H22bu/P/L95O/j9X/Py/8/8Xifx/d/L/Pcj/y//L/8v/01dFy//Hvv+OUJOK9P8AAABQBbHvvzPURP8PAAAApRH7/l8ONdH/AwAAQGnEvn9LqElF+n/5/4Ln/2NytMT5/97n/5f/l/+X/5f/Xzn5/+7k/3uQ/5f/l/+X/6evipb/j33/K0JNKtL/AwAAQBXEvv+uUBP9PwAAAJRG7PtfGWqi/wcAAIDSiH3/RKhJRfp/+f+C5//zHPxYmc//L/8v/y//L//fT/L/3cn/9xAOcz/Kskz+X/5f/l/+n7UrWv4/9v13h5pUpP8HAACAKoh9/9ZQE/0/AAAAlEbs++8JNdH/AwAAQGnEvn9bqElF+n/5/4HI/2fy//L/8v/y//L/KyP/3538fw/O/y//L/8v/09fFS3/H/v+V4WaVKT/BwAAgCqIff/2UBP9PwAAAJRG7PtfHWqi/wcAAIDSiH3/jlCTivT/8v/y//L/8v/y/53Hl/8fTPL/3cn/9yD/L/8v/y//T18VLf8f+/7XhJpUpP8HAACAKoh9/85QE/0/AAAAlEbs++8NNdH/AwAAQGnEvn8y1KQi/b/8v/y//L/8v/x/5/Hl/weT/H938v89yP/L/8v/y//TV0XL/8e+/75Qk4r0/wAAAFAFse+/P9RE/w8AAAClEfv+qVAT/T8AAACURuz7p0NNKtL/y//L/8v/y/+vKv//ysX7lf/Pyf8Xi/x/d/L/Pcj/y//f8Pz/qPw/pVK0/H/s+3eFmqTGb+waHiUAAABQJLHv3x1qUpHf/wMAAEAVxL5/T6iJ/h8AAABKI/b9e0NNKtL/y//L/8v/y/87/3/n8eX/B5P8f3f9z//Hhyj/L/8v/+/8//L/LFW0/H/s+x8INalI/w8AAABVEPv+faEm+n8AAAAojdj37w810f8DAABAacS+/0CoSUX6f/l/+X/5f/l/+f/O48v/Dyb5/+6c/7+H4uX/X9d88/XM/9fHkv+X/5f/Z/Ue+cPmr4qW/499/8FQk4r0/wAAAFAFse9/baiJ/h8AAABKI/b9vxJq0r3/33B9ZwUAAAD0U+z7fzXUpCK//5f/l/+X/5f/l//vPL78/2CS/+9O/r+H4uX/Wzj/f7HnL/8v/89SRcv/x77/UKhJRfp/AAAAqILY9/9aqIn+HwAAAEoj9v2vCzXR/wMAAEBpxL7/cKhBpzh3Kcn/y/8PZv5/XP5f/r90+f+xeL/y/2si/9+d/H8P8v/y//L/8v/0VdHy/7Hvf32oid//AwAAQGnEvv/BUBP9PwAAAJRG7PvfEGqi/wcAAIDSiH3/G0NNKtL/y//L/w9m/t/5/zP5/9Ll/53/vz/k/7uT/+9B/l/+X/5f/p++Klr+P/b9bwo1qUj/DwAAAFUQ+/43h5ro/wEAAKA0Yt//llAT/T8AAACURuz73xpqUpH+X/5f/v9G5v9zl+X/5f8b5P/l//tB/r87+f8e5P/l/+X/5f/pq6Ll/2Pf/+uhJhXp/wEAAKAKYt//UKiJ/h8AAABKI/b9bws10f8DAABAacS+/+2hJhXp/+X/5f+d/1/+X/6/8/jy/4NJ/r+7Acv///yWcLn8f07+v9jzX23+f6Tt6+uS///Bcvn/hQ3tt5f/53ooWv4/9v3vCDWpSP8PAAAAVRD7/neGmuj/AQAAoDRi3/+uUJOm/r+v//EOAAAAWHex7/+NUJOK/P5f/r8+j8X0svy//H/jAvl/+X/5/4El/9/dgOX/nf+/jfx/sefv/P/y/yxVtPx/7PvfHWpSkf4fAAAAqiD2/Q+Hmuj/AQAAoDRi3/9IqIn+HwAAAEoj9v3vCTWpSP8v/+/8//L/8v/y/53Hl/8fTPL/3cn/9yD/L/9ftPz/f8r/M9iKlv+Pff+joSYV6f8BAACgCmLf/95QE/0/AAAAlEbs+38z1ET/DwAAAKUR+/73hZpUpP+X/x+U/P/EgOb/n5D/v475/7tuybeT/5f/Z5H8f3fy/z3I/8v/Fy3/7/z/DLii5f9j3//+UJOV9//jK94SAAAAuI5Glr0m9v2/FWpSkd//AwAAQBXEvv+3Q030/wAAAFAase//nVCTivT/8v+Dkv93/v9M/t/5/9sej/y//H8n65f/j0ce+X/5/2Ll/zet6gG3utH5+bW60fOvbv4/f2eU/6eTouX/Y9//u6EmFen/AQAAoApi3/+BUBP9PwAAAAyETv8nu13s+4+Emuj/AQAAoDRi33801KQi/b/8v/y//H9B8/9/tvVfvvftdx7dJf8v/y//vyrrev7/+ovf+f/l/wuW/1+LG52fX6/515Y5NZj8v/P/039Fy//Hvv9YqElF+n8AAACogtj3/16oif4fAAAASiP2/cdDTfT/AAAAUBqx758JNalI/y//L/8v/1/Q/P8An/8/7g/5/1Z9y//Hg678f0frmv9/72JOXP5/tfn/sY6Xyv/L/w/y/OX/5f9Zqmj5/9j3z4aaVKT/BwAAgCoIff/QibwuXqH/BwAAgNKIff/JUBP9PwAAAJRG7Ps/GGpSkf5f/l/+X/5f/t/5/zuP3y3/Xxtx/v+ikv/vrjj5/87k/+X/B3n+8v/y/yxVtPx/7PvnQk0q0v8DAABAFcS+/0OhJvp/AAAAKI3Y93841ET/DwAAAKUR+/5ToSYV6f/l/+X/5f/l/+X/O49f2PP/y/93Jf/fnfx/D/L/8v/y//L//8/enXxZWtd3HL8FDV19yCK7LLLJOVnmT2AR1sk+WWSTRXJOTs4JRFFxpnEeUVScFcVZwQEEERXnCZxQnEFFxXnECVFPe6j6fr9dw1P3VlXf6vs8v9/rteCbrlB9r31a6E9Xv31YqrH1/7n7/y9u6WT/AwAAQA9y918ct9j/AAAA0Izc/ZfELfY/AAAANCN3///HLZ3sf/2//r/Z/v+f9f97vb7+X//fMv3/fPr/BfT/+n/9v/6fpRpb/5+7/2FxSyf7HwAAAHqQu//hcYv9DwAAAM3I3X9p3GL/AwAAQDNy9z8ibulk/+/o/9dmffb/mfHq/1vq/z3/f8/X1/+fQf9/rv5/7M5u/3/FQ//k0//r//X/Qf+/r/7/+F6fr/+nRWPr/3P3PzJu6WT/AwAAQA9y9z8qbrH/AQAAoBm5+y+LW+x/AAAAaEbu/kfHLZ3s/+U9///Exscn2v8X/b/+f+MD+n/9/179/7HT39b/j5Pn/8/XU/9/6V0XXHz/zX9/y0FeX/+v//f8f/0/yzW2/j93/2Pilk72PwAAAPQgd/9j4xb7HwAAAJqRu/9xcYv9DwAAAM3I3f/4uKWT/b+8/n/Sz/8v+n/9/8YH9P/6/736/3/z/P+x0//P11P/f5jX1//r//X/+n+Wa9X9f37H+e3c/U+IWzrZ/wAAANCD3P1PjFvsfwAAAGhG7v7L4xb7HwAAAJqRu/9k3NLJ/tf/H33//xf9v/4/rv5f/6//P3r6//n0/wvo//X/+n/9P0u16v5/57dz918Rt3Sy/wEAAKAHufufFLfY/wAAANCM3P1PjlvsfwAAAGhG7v6nxC2d7H/9v+f/6//1//r/4dfX/0+T/n8+/f8C+v8z7efP0/9PsP+PX0jp/zkKB+z/H5zzj+2l9P+5+58at3Sy/wEAAKAHufufFrfY/wAAANCM3P1Pj1vsfwAAAGhG7v5nxC2d7H/9v/5f/6//P3T/v/un3gb9/zD9/9mh/59vNP3/2rHBD+v/J9//e/7/FPv/oP/nKIzt+f+5+58Zt3Sy/wEAAKAHufufFbfM2f8H/s18AAAAYKVy9z87bvH1fwAAAJi8rM5y9z8nbulk/+v/9f/6f/2/5/8Pv/68/v+WLe9P/z8u+v/5RtP/70H/r/+f8vvX/+v/2W1s/X/u/ufGLZ3sfwAAAOhB7v4r4xb7HwAAAJqRu/95cYv9DwAAAM3I3f/8uKWT/T/c/5/+/+v/90f/v/396/+Hf34sq//P71H/P7f/v8jz//uk/5/v7Pf/x/X/279//f8RWvX7b7z/P7Ho8/X/DBlb/5+7/6q4pZP9DwAAAD3I3f+CuMX+BwAAgGbk7n9h3GL/AwAAQDNy978obulk/6/4+f9XnL/X+9L/b9D/6/89/3+cz/+fnfX+/5j+f5/0//N5/v8C+n/9v/7f8/9ZqrH1/7n7r45bOtn/AAAA0IOrH5ht7P4Xz2b2PwAAAEzR1j87sPMPlIbc/S+JW+x/AAAAaEbu/pfGLZ3s/xX3/0f1/P/zFr22/l//v/XHS/+v/x96/XH1/57/v1/6//n0/wvo/4+inz/WWP9/zV6fP4b+/3L9PyOzrf+/7fTHV9X/5+5/WdzSyf4HAACAHuTuf3ncYv8DAABAM3L3vyJusf8BAACgGbn7Xxm3dLL/j7z/P7H3ax9h/7+Q/l//v/XHS/+v/x96ff3/NOn/59P/L6D/9/x/z//X/7NU2/r/LVbV/+fuf1Xc0sn+BwAAgB7k7n913GL/AwAAQDNy918Tt9j/AAAA0Izc/a+JWzrZ/40+/38h/b/+f+uPl/5f/z/0+vr/adL/z6f/X0D/r//X/y/u/3f+izro/xkytv4/d/9r45ZO9j8AAAD0IHf/tXGL/Q8AAADNyN3/urjF/gcAAIBm5O5/fdzSyf7X/x9t/58f1//r/2cH6f/jE/T/m/T/+v+DmFr/v/O/P4fu19eG/k202x79/x3/c/Jft39E/6//1//r/z3/nyUYRf9/6vSvLnP3vyFu6WT/AwAAQA9y978xbrH/AQAAoBm5+98Ut9j/AAAA0Izc/W+OWw64//92qe/q7NH/e/6//n+E/X/Q/2/S/+v/D2Jq/f9Onv+v/9f/T/f96//1/+w2iv5/y7dz978lbvH1fwAAAGhG7v63xi32PwAAADQjd//b4hb7HwAAAJqRu/+6uKWT/a//1//r//X/+v/h1z9s/78+G6b/Pzv0//Pp/xfQ/+v/9f/6f5ZqbP1/7v7r45ZO9j8AAAD0IHf/2+MW+x8AAACakbv/HXGL/Q8AAABTkunYoNz974xbOtn/+n/9v/5f/6//H359z/+fpon2//WPwan2/+dOqf+/Yc4bGOr/Tx3X/+v/9f/6fw5pbP1/7v53xS2d7H8AAADoQe7+G+IW+x8AAACakbv/xrjF/gcAAIBm5O5/d9zSyf7X/+v/9f/6f/3/8Ovr/6dpov1/mWr/7/n/+v+Z/l//r/9nwNj6/9z9N8Utnex/AAAA6EHu/pvjFvsfAAAAmpG7/z1xi/0PAAAAzcjdf0vc0sn+1//r//X/+n/9//Dr6/+n6ej6/9nq+v/7zjnod7Mn/f8C+n/9v/5f/89Sja3/z93/3rilk/0PAAAAPcjdf2vcYv8DAABAM3L3vy9usf8BAACgGbn73x+3dLL/9f/6/2n2/1etD71//b/+f6b/757n/8+n/19A/6//1//r/1mqsfX/ufs/ELd0sv8BAACgB7n7b4tb7H8AAABoRu7+D8Yt9j8AAAA0I3f/h+KWTva//l//v73/n82m0f97/v9M/99C/78+0/8vnf5/vv31/xfp//X/bfX/58wa6v9P7Pn5+n/GaGz9f+7+D8ctnex/AAAA6EHu/o/ELfY/AAAANGDzz87k7v9o3GL/AwAAwJgdO8jfnLv/Y3FLJ/t/+v3/8R2fqP+fzWZ3X9b88//1/zP9fwv9f/2o6v+XR/8/n+f/L6D/b7P/9/x//T8rM7b+P3f/x+OWTvY/AAAA9CB3/yfiFvsfAAAAmpG7/5Nxi/0PAAAAzcjd/6m4pZP9P/3+f+cn6v9nZ/T8f/3/xgf0//p//f9k6f/n0/8voP9f2M+v7fHrnpn+X/+v/2fA2Pr/3P2fjls62f8AAADQg9z9t8ct9j8AAAA0I3f/HXGL/Q8AAADNyN3/mbilk/2v/9f/6/+n2f+v6//1//r/QWPp/y+88F/u1P/r/1vs/+fR/+v/9f/sNLb+P3f/Z+OWTvY/AAAA9CB3/+fiFvsfAAAAmpG7//Nxi/0PAAAAzcjd/4W4pZP9v7v/P2+2WahuGur/o1HT/2+h/9/+/vX/wz8/PP9f/6//P3pj6f89//9w71//r/+f8vs/UP//D7s/X/9Pi8bW/+fuvzNu6WT/AwAAQA9y938xbrH/AQAAoBm5+78Ut9j/AAAA0Izc/XfFLZ3sf8//1//r//X/+v/h19f/T5P+fz79/wL6f/2/5/9f8l/n6v9ZnrH1/7n7vxy3bAy/f/ybQ/7HBAAAAEYkd/9X4pZOvv4PAAAAPcjd/9W4xf4HAACAZuTu/1rc0sn+1//r//X/+n/9//Dr6/+nSf8/n/5/gX76//WhD666nz9Tq37/zfT/nv/PEo2t/8/d//W4pZP9DwAAAD3I3f+NuMX+BwAAgGbk7v9m3GL/AwAAQDNy998dt3Sy//X/+v/2+///1P/veH39v/6/Zfr//Df6MP3/Av30/4NW3c9P/f3r//X/7Da2/j93/z1xSyf7HwAAAHqQu/9bcYv9DwAAAM3I3f/tuMX+BwAAgGbk7v9O3NLJ/tf/99X/r8167P89/1//r//vyXT6/2uPDX3U8//1//r/6b5//b/+n93G1v/n7r937ViX+x8AAACm6t//6X/v2e/fe+/GX9dn341b7H8AAABoRu7+78Ut9j8AAAA0I3f/9+OWTva//r+v/r/P5//r//X/+v+eTKf/H6b/1//r/6f7/vX/+n92G1v/n7v/vrhly/Ab/B/oAQAAACYjd/8P4pZOvv4PAAAAPcjd/8O4Zdf+P7XPP9UOAAAAjE3u/h/FLZ18/V//P/L+f3ZE/X/8ffr/Tfp//f/Q6+v/p6m1/v/4bFT9/6k1/b/+fw79v/5f/89OY+v/c/ffetOsy/0PAAAAjdr2Owo/3vjr+uwncYv9DwAAAM3I3f/TuMX+BwAAgGbk7v9Z3NLJ/tf/j7z/P9Tz/0/U/+X5/533/1euD76+/l//37LW+n/P/9/8uP5/k/5/3O9f/6//Z7cD9P8bg/So+//c/T+PWzrZ/wAAANCD3P2/iFvsfwAAAGhG7v5fxi32PwAAADQjd/+v4pZO9r/+fwX9/1XHZ7Mj7f/38fx//X8f/f8er99O//93F5y8/T/++8br9f+cdjb7//y5oP/X/6+g/78ufv7p/0f0/vX/+n92G9vz/3P3/zpu6WT/AwAAQA9y998ft9j/AAAA0Izc/b+JW+x/AAAAaEbu/t/GLZ3sf/1/i8//n2b/nz/WK+j/T06v/8+muPf+3/P/9f+7ef7/fPr/BabT/2982/P/x/X+9f/6f3YbW/+fu/93cUsn+x8AAAB6kLv/93FL7v+1A//WPQAAADAyufv/ELf4+j8AAAA0I3f/A3FLJ/tf/6//H0v/nzz///Tnef7/Jv2//v8g9P/z6f8X0P/r//X/+n+Wamz9f+7+P8Ytnex/AAAA6EHu/gfjFvsfAAAAmpG7/09xi/0PAAAAzcjd/+e4pZP9r//X/+v/9f/6/+HX1/9Pk/5/Pv3/Q87f+w3o//X/+n/9P0s1tv4/d/9fAwAA//+9M2Fu")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000200)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
open$dir(&(0x7f0000000040)='./file0\x00', 0x800, 0xc8)

3m23.303683281s ago: executing program 1 (id=1604):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000040), 0x8140, 0x0)
ioctl$TCGETS2(r0, 0x802c542a, 0xfffffffffffffffc)

3m22.891639891s ago: executing program 1 (id=1620):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001540)={@cgroup, 0xffffffffffffffff, 0x1b, 0x2c}, 0x20)

3m22.764771652s ago: executing program 32 (id=1620):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001540)={@cgroup, 0xffffffffffffffff, 0x1b, 0x2c}, 0x20)

2m33.873322143s ago: executing program 3 (id=2330):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000001080)={@host})

2m33.770706479s ago: executing program 3 (id=2333):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x1000000, &(0x7f0000000040)={[{@usrjquota}, {}]}, 0x0, 0x248, &(0x7f0000000940)="$eJzs3T9oFFkcB/DfzO5eLsly5O6ag4O7g+M47gIh1x3YxEYhICGICCpERGyURIgJdomVjYXWKqlsgtgZrdMEG0Ww8k+K2AgaLAwWWqzsTiLRbDBxN7uS+Xxg2JnZee/3hp3v221mNoDc6omIgYgoRERvRJQiIll/wB/Z0rO6OdO5MBJRqRx8ndSOy7Yza+26I2I6Iv6PiPk0idPFiMm5o0tvH+//+9JE6a8bc0c6W3qSq5aXFg+sXB+6eHvwv8kHj14OJTEQ5U/Oq/mSOvuKScRPO1HsG5EU2z0CtmL4/K0n1dz/HBF/1vJfijSyD+/y+Hfzpfj32mZtr7x6+Gsrxwo0X6VSqn4HTleA3EkjohxJ2hcR2Xqa9vVlv+GfFrrSM2Pj53pPjU2Mnmz3TAU0Szlicd/djjvdn+X/RSHLP7B7VfN/aHj2WXV9pdDu0QCtVM1/7/Gpf0L+IXfkH/JL/iG/5B/yS/4hv+Qf8kv+Ydf4frsN5B/yS/4hv+Qf8mt9/gGAfKl0tPsOZKBd2j3/AAAAAAAAAAAAAAAAAAAAG810LoysLa2qee9qxPLeiCjWq1+o/R/x2qNNu94k1cM+SrJmDTn2e4MdNOjmDt59vZVHuv3wfOfqb8X935rZW3nbLaZGI6YvRER/sbjx+ktWr7+v9+MX3i+daLBAg/Ycbm/997Otq1Wqs2+wkmQr/fXmnzR+qb3Wn3/Km/S5HWffNdgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALfMhAAD//+M2bGo=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000840)='mnt\x00', 0x0, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0506617, &(0x7f0000000580)={@id={0x2, 0x0, @a}, 0x40, 0x0, '\x00', @a})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='mnt/encrypted_dir\x00', 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000680)='mnt/encrypted_dir\x00', 0x800, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000000c0)=@v2={0x2, @adiantum, 0x4, '\x00', @auto="69e4c1512475d15e55c4b5dacfd46518"})

2m33.691820345s ago: executing program 3 (id=2336):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x0)
move_pages(0x0, 0x1, &(0x7f0000000180)=[&(0x7f0000000000/0x3000)=nil], &(0x7f0000000200), 0x0, 0x2)

2m33.54157842s ago: executing program 3 (id=2340):
syz_mount_image$exfat(&(0x7f0000000100), &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="666d61736b3d30303030303030303030303030303030303030303030322c646973636172642c6572726f72733d72656d6f756e742d726f2c696f636861727365743d63703837342c616c6c6f775f7574696d653d30303030303030303030303030303030303030343030312c6572726f72733d72656d6f756e742d726f2c6572726f72733d636f6e74696e75652c6572726f72733d72656d6f756e742d726f2c696f636861727365743d63703836302c646973636172642c00dced11a2761e8532b2e0199234d7a478a2aec0301261dde220b36942b4f3d68482a89f58807c55940bdceffd4304c6e43f1216c6dc21daa755559823f0b9888dc6900528ec81651ff87269792ed5127d2ee52b9c8db3aa710ae36b906361a733254beccd064f03dab460f16c773d5c6adde92a15560e0a3257ddad10a92455a9655422ea47117f789464f7a779a56cc2a03dd0430e633e2b235ae19b1adf47a79f8970571500a1eac601a0d49337c615e8d5fb2f8384fb9e757ff9b4e3"], 0x3, 0x1510, &(0x7f0000003640)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)

2m33.440260716s ago: executing program 3 (id=2345):
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="0413"], 0xc)

2m33.071665372s ago: executing program 3 (id=2355):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000480)={0x1f, 0x0, @none, 0x4, 0x1}, 0xe)
listen(r0, 0x90004)

2m32.929133215s ago: executing program 33 (id=2355):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000480)={0x1f, 0x0, @none, 0x4, 0x1}, 0xe)
listen(r0, 0x90004)

5.137424436s ago: executing program 0 (id=4667):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_pauseparam={0x13, 0x0, 0xff}})

5.079494839s ago: executing program 0 (id=4669):
capset(&(0x7f0000000080)={0x399f1316}, 0x0)

5.07921141s ago: executing program 0 (id=4670):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e22, @remote}, 0x10)

5.00965118s ago: executing program 0 (id=4673):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x11, &(0x7f0000000040)={[{@norecovery}, {@grpquota}, {@debug}, {@discard}]}, 0xee, 0x498, &(0x7f0000001b40)="$eJzs3E1sFFUcAPD/bL/5kIr4AYJW8YOotLR8yMGLRhMPmpjoAeOplkKQQg2tiZBG0QMeDYl349HEu4knvRj1YEy86t2QENML6GnMzM4s23a3n0sX3N8v2e17M7N97z9vXuf1vd0NoGMNZU9JxLaI+CMidlSzCw8Yqv64OT838c/83EQSafrm30l+3I35uYny0PJ1W6uZNI3oy5J9Dcq98k7E+NTU5IUiPzJ77v2RmYuXDp45N3568vTk+bHjx48c3td7bOxovj9dZ3yV4mcW1409H03v3f3q21dfnzhx9d2fv8nqu63YXx/HuqRLazhUPbuLPZo9Pbmhwu4ov2ZP2+s2JN3NDx7ehAqxel0RkTVXT55LoisGavt2xCuftrFqwG2Wpmna6P4cdfftFPifSvRv6FDlvT77/7d8bM7I485w/cWIOFhk5ucmbtbi767NHfQs+v+2lYYi4sTlf7/MHtGKeQgAgBV8n41/nms0/qvEA3XH3VOsoQxGxL0RsTMi7ouIXRFxf0R+7IMR5x5aY/mLV0iWjn8q19YV2Cpl478XirWtmwvGf+XoLwa7itz2PP6e5NSZqclDxTk5ED19WX50mTJ+ePn3z8t0/6J99eO/7JGVX44Fi3pc6140QXdyfHY8T6Rp+vHGwo/rn0Ts6W4UfxLlMk4SEbsjYs86yzjzzNd7m+1bOf5lLLPOtFrpVxFPV9v/8sLx/62mSurXJwciorY+Ofr8sbGjI/0xNXlopLwqlvrltytvNCt/Q/G3QNb+Wxpe/7VV4MGkP2Lm4qWz+XrtzNrLuPLnZ3V9esHqchZ/5duINV//vclbebq32Pbh+OzshdGI3uS1pdvHbr22zJfHZ/Ef2N+4/++sq/HDEZFdxPsi4pFiETdru8ci4vGI2L9M/D+99MR7zfY1b/9ms/Ktdb04Ucu2f9S3/9oTXWd//K5Z+UPFGmQU56Fx+x/JUweKLbW/f8tYbQXXddIAAADgLlPJ3wOfVIZr6UpleLj6Hv5dsaUyNT0z++yp6Q/On6y+V34weirlTNeOuvnQ0WJuuMyPLcofLuaNv+gayPPDE9NTJ9sdPHS4rU36f+avrnbXDrjtWrCOBtyl9H/oXPo/dC79HzqX/g+dq1H/3+gHC4C7g/s/dK68/z91ud3VANrA/R86l/4PHanpZ+MrG/rIf9NE0upf2DBRfnfCZpS1cqL8LopNL31g3S/vX/nURaW9Z7VjEt1L2iK6W1pEX8NdbfyjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0EL/BQAA///5etKr")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000080)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000200)=""/179, 0xb3)

4.858567286s ago: executing program 0 (id=4676):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f00000000c0)={0xa, {0x4, 0x3, 0x1, 0x401}, {0x0, 0x2, 0x4, 0x1000}, {0xa47, 0x5}})

4.416119666s ago: executing program 0 (id=4684):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, 0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r3, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x5, 0x0, 0x3, 0x6, 0x2, 0x3, 0x6, 0x90, 0x38, 0x298, 0x3, 0x5, 0x20, 0x3, 0x8}, [{0x5, 0x8001, 0x0, 0x1712, 0xfffffffe, 0x0, 0x6, 0x4}, {0x2, 0x0, 0x9, 0x7ff, 0x8000, 0x0, 0x4, 0x2ec}, {0x3, 0x1, 0xff, 0x5, 0x6, 0x6, 0xfffffffd, 0x8}]}, 0x98)
close(r3)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f00000001c0)=ANY=[@ANYRESOCT=0x0, @ANYBLOB="e71a6f2b7e459f587fd64b45345d93796e850342f59c401b99df9a6d1330b6538cd07a15aced199937f93e6e22e71f8e8bced6f622dd0734af40ff83b625cf00891ed6045acabebcd9a0f00a878ac753dacd03de345e6c090643452593c8e1c978a24f2dd19c5e1f1d4c15137307e08a14d4b91e837ef3f1d5", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
io_setup(0x5, &(0x7f0000000000)=<r7=>0x0)
r8 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r8, 0xc0285700, &(0x7f0000000100)={0x3, "421ae3753785259249154c944c28ad063ff47d3bd7a8a45d6bb4c78a3ab4c981", <r9=>0xffffffffffffffff})
io_submit(r7, 0x19, &(0x7f00000003c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r9, 0x0}])
ioctl$SW_SYNC_IOC_INC(r8, 0x40045701, &(0x7f0000000080)=0x10)
ioctl$SG_GET_VERSION_NUM(r6, 0x2284, &(0x7f0000000080))

3.880976561s ago: executing program 34 (id=4684):
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, 0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r3, &(0x7f0000000300)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x5, 0x0, 0x3, 0x6, 0x2, 0x3, 0x6, 0x90, 0x38, 0x298, 0x3, 0x5, 0x20, 0x3, 0x8}, [{0x5, 0x8001, 0x0, 0x1712, 0xfffffffe, 0x0, 0x6, 0x4}, {0x2, 0x0, 0x9, 0x7ff, 0x8000, 0x0, 0x4, 0x2ec}, {0x3, 0x1, 0xff, 0x5, 0x6, 0x6, 0xfffffffd, 0x8}]}, 0x98)
close(r3)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f00000001c0)=ANY=[@ANYRESOCT=0x0, @ANYBLOB="e71a6f2b7e459f587fd64b45345d93796e850342f59c401b99df9a6d1330b6538cd07a15aced199937f93e6e22e71f8e8bced6f622dd0734af40ff83b625cf00891ed6045acabebcd9a0f00a878ac753dacd03de345e6c090643452593c8e1c978a24f2dd19c5e1f1d4c15137307e08a14d4b91e837ef3f1d5", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
io_setup(0x5, &(0x7f0000000000)=<r7=>0x0)
r8 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r8, 0xc0285700, &(0x7f0000000100)={0x3, "421ae3753785259249154c944c28ad063ff47d3bd7a8a45d6bb4c78a3ab4c981", <r9=>0xffffffffffffffff})
io_submit(r7, 0x19, &(0x7f00000003c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r9, 0x0}])
ioctl$SW_SYNC_IOC_INC(r8, 0x40045701, &(0x7f0000000080)=0x10)
ioctl$SG_GET_VERSION_NUM(r6, 0x2284, &(0x7f0000000080))

1.853974058s ago: executing program 4 (id=4700):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000600)={{0x12, 0x1, 0x0, 0x38, 0xff, 0x4f, 0x40, 0x13d3, 0x3219, 0x7a67, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x7a, 0x1, 0x0, 0x5e, 0x8b, 0x15}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)

1.759915621s ago: executing program 2 (id=4701):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000280), 0x14, &(0x7f0000000600)=ANY=[@ANYBLOB="6d706f6c3d62690bbe608ae7a8e257d632a80e6e643a302d4e3a332f", @ANYRESOCT])

1.699120037s ago: executing program 2 (id=4702):
syz_read_part_table(0x1047, &(0x7f0000000000)="$eJzsz8EJwkAQBdCfJRMEQdKSRViJDWgxXizAgmxEISwY8CpI4L3Dsvt3ZmDCn43LWc/hE9Xr6z/JPmnLpVe2nh9bMiXXVc9hznmX6q8pw1wZ88glyW01+XT//T4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsD3vAAAA//+HmAZr")

1.517830011s ago: executing program 2 (id=4703):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth1_to_bridge\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r1})

1.517490442s ago: executing program 2 (id=4704):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x1a, &(0x7f0000000000)=0x6, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x38, 0x10, 0x403, 0x200000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x42}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD1={0x8, 0x2, @udp6=r1}]}}}]}, 0x38}, 0x1, 0xba01}, 0x0)

1.21171894s ago: executing program 4 (id=4705):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x10, 0x2, [@TCA_BASIC_EMATCHES={0xc, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}]}]}}]}, 0x40}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="800000000d0a010800000000000000000a0000010900020073797a31000000000900010073797a310000000054000380500000803e0001"], 0x80}}, 0x8000)

1.09528011s ago: executing program 4 (id=4706):
syz_mount_image$udf(&(0x7f00000002c0), &(0x7f0000000300)='./file0\x00', 0x2000818, &(0x7f0000000340)={[{@shortad}, {@gid}, {@uid_forget}, {@mode={'mode', 0x3d, 0x1}}, {@volume={'volume', 0x3d, 0x3ff}}, {@uid_forget}, {@bs={'bs', 0x3d, 0xd08}}, {@lastblock={'lastblock', 0x3d, 0x2}}, {@iocharset={'iocharset', 0x3d, 'cp874'}}]}, 0x1, 0xc32, &(0x7f000001fd40)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=")

1.006779353s ago: executing program 4 (id=4707):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@mpls_delroute={0x30, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x14, 0x12, {0xa, "a51b69ae9597407dc5518eada89d"}}]}, 0x30}}, 0x0)

48.970138ms ago: executing program 2 (id=4708):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x607, 0x0, 0x4, {0x0, 0x0, 0x0, 0x0, 0x88ad7db5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa}]}, 0x40}}, 0x0)

48.675292ms ago: executing program 4 (id=4709):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8810}, 0x40040d0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000044000701fcffffff00000000017c00000c0002"], 0x20}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)

48.294222ms ago: executing program 4 (id=4710):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f00000003c0)={[{@nodiscard}, {}, {@noheap}, {@alloc_mode_reuse}, {@noquota}, {@disable_roll_forward}, {@background_gc_on}, {@nouser_xattr}, {@checkpoint_diasble}, {@user_xattr}, {@fsync_mode_strict}, {@adaptive_mode}, {@jqfmt_vfsold}, {@noinline_dentry}]}, 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x6)
ioctl$FS_IOC_RESVSP(r0, 0x40305839, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1000})

0s ago: executing program 2 (id=4711):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
read(r1, &(0x7f0000001600)=""/233, 0xe9)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x11c, &(0x7f0000000040)=0x6, 0x0, 0x4)
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000400)={&(0x7f000092b000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x1000})
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r4, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x4e22, @broadcast}, 0x2, 0x9800}}, 0x2e)
ioctl$PPPIOCGL2TPSTATS(r2, 0x80487436, &(0x7f0000000080)="770b0098")

kernel console output (not intermixed with test programs):

21] bcachefs (loop4): initializing new filesystem
[  266.870782][T12421] bcachefs (loop4): going read-write
[  266.886991][T12421] bcachefs (loop4): marking superblocks
[  266.901872][T12421] bcachefs (loop4): initializing freespace
[  266.906227][T12421] bcachefs (loop4): done initializing freespace
[  266.910149][T12421] bcachefs (loop4): reading snapshots table
[  266.912203][T12421] bcachefs (loop4): reading snapshots done
[  266.943155][   T95] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  266.946218][   T95] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[  266.962821][T12421] bcachefs (loop4): done starting filesystem
[  266.981304][   T95] usb 1-1: New USB device found, idVendor=0499, idProduct=103e, bcdDevice=4e.18
[  266.984311][   T95] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.987067][   T95] usb 1-1: Product: syz
[  266.988760][   T95] usb 1-1: Manufacturer: syz
[  266.990473][   T95] usb 1-1: SerialNumber: syz
[  266.994028][   T95] usb 1-1: config 0 descriptor??
[  267.071496][T11557] bcachefs (loop4): shutting down
[  267.073671][T11557] bcachefs (loop4): going read-only
[  267.075737][T11557] bcachefs (loop4): finished waiting for writes to stop
[  267.101163][T11557] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  267.180889][T11557] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  267.192038][T11557] bcachefs (loop4): clean shutdown complete, journal seq 4
[  267.195699][T11557] bcachefs (loop4): marking filesystem clean
[  267.211063][   T95] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  267.227308][T11557] bcachefs (loop4): shutdown complete
[  267.280500][   T95] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -2
[  267.411394][   T95] usb 1-1: USB disconnect, device number 28
[  267.831794][T12456] netlink: 140 bytes leftover after parsing attributes in process `syz.2.2731'.
[  268.147775][ T5858] Bluetooth: hci0: command tx timeout
[  268.588951][T12466] loop0: detected capacity change from 0 to 40427
[  268.592146][T12466] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  268.594993][T12466] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  268.615829][T12466] F2FS-fs (loop0): invalid crc value
[  268.840348][T12466] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  268.855877][T12466] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  268.859106][T12466] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  270.093613][T12509] loop4: detected capacity change from 0 to 128
[  270.098735][T12509] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  270.113679][T12509] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  270.206792][T12515] loop4: detected capacity change from 0 to 128
[  270.574156][T12535] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2762'.
[  270.637856][T12541] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2766'.
[  270.643367][T12541] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2766'.
[  270.667851][T12543] tipc: Started in network mode
[  270.669547][T12543] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[  270.671962][T12543] tipc: Enabled bearer <eth:team0>, priority 10
[  270.811355][T12557] netlink: 'syz.4.2773': attribute type 1 has an invalid length.
[  271.223332][T12570] Invalid ELF header magic: != ELF
[  271.315361][ T5313] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  271.350667][ T5313] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  271.790379][   T51] tipc: Node number set to 11578026
[  271.806572][T12588] loop4: detected capacity change from 0 to 128
[  271.820532][T12588] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  271.830490][T12588] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  271.853544][T12591] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2787'.
[  271.916025][T12598] 9pnet_fd: p9_fd_create_unix (12598): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  271.973694][T12606] netlink: 'syz.2.2793': attribute type 21 has an invalid length.
[  272.009811][T12606] netlink: 'syz.2.2793': attribute type 1 has an invalid length.
[  272.012216][T12606] netlink: 100 bytes leftover after parsing attributes in process `syz.2.2793'.
[  272.012730][   T33] audit: type=1400 audit(1755067190.718:98): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=2626200DFFFFFFFFFFFFFF7FA6 pid=12602 comm="syz.4.2792"
[  272.235777][T12608] loop0: detected capacity change from 0 to 40427
[  272.240849][T12608] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  272.246128][T12608] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  272.253417][T12608] F2FS-fs (loop0): invalid crc value
[  272.298889][T12608] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  272.311481][T12608] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  272.314188][T12608] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  273.584353][T12647] loop0: detected capacity change from 0 to 40427
[  273.593068][T12647] F2FS-fs (loop0): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  273.595648][T12647] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  273.602016][T12647] F2FS-fs (loop0): build fault injection type: 0x6
[  273.605936][T12647] F2FS-fs (loop0): invalid crc value
[  273.650411][T12647] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  273.654071][T12647] F2FS-fs (loop0): Start checkpoint disabled!
[  273.661805][T12647] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  273.664137][T12647] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  273.678713][T12647] syz.0.2813: attempt to access beyond end of device
[  273.678713][T12647] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  273.704030][ T1103] kworker/u9:9: attempt to access beyond end of device
[  273.704030][ T1103] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  273.713032][ T1103] CPU: 0 UID: 0 PID: 1103 Comm: kworker/u9:9 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  273.713050][ T1103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  273.713056][ T1103] Workqueue: writeback wb_workfn (flush-7:0)
[  273.713075][ T1103] Call Trace:
[  273.713080][ T1103]  <TASK>
[  273.713086][ T1103]  dump_stack_lvl+0x189/0x250
[  273.713102][ T1103]  ? __pfx_dump_stack_lvl+0x10/0x10
[  273.713111][ T1103]  ? __pfx_queue_work_on+0x10/0x10
[  273.713120][ T1103]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  273.713131][ T1103]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  273.713146][ T1103]  f2fs_handle_critical_error+0x37c/0x540
[  273.713163][ T1103]  f2fs_write_end_io+0x886/0xb60
[  273.713187][ T1103]  __submit_merged_bio+0x27a/0x6a0
[  273.713201][ T1103]  __submit_merged_write_cond+0x255/0x530
[  273.713214][ T1103]  f2fs_write_data_pages+0x261d/0x3000
[  273.713271][ T1103]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  273.713291][ T1103]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  273.713321][ T1103]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  273.713339][ T1103]  ? trace_f2fs_writepages+0x7f/0x200
[  273.713349][ T1103]  ? f2fs_write_node_pages+0x478/0x6e0
[  273.713362][ T1103]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  273.713379][ T1103]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  273.713390][ T1103]  do_writepages+0x32e/0x550
[  273.713405][ T1103]  ? reacquire_held_locks+0x127/0x1d0
[  273.713414][ T1103]  ? writeback_sb_inodes+0x384/0x1010
[  273.713430][ T1103]  __writeback_single_inode+0x145/0xff0
[  273.713441][ T1103]  ? do_raw_spin_unlock+0x4d/0x240
[  273.713453][ T1103]  writeback_sb_inodes+0x6c7/0x1010
[  273.713483][ T1103]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  273.713533][ T1103]  ? rcu_is_watching+0x15/0xb0
[  273.713550][ T1103]  wb_writeback+0x43b/0xaf0
[  273.713564][ T1103]  ? queue_io+0x341/0x590
[  273.713576][ T1103]  ? __pfx_wb_writeback+0x10/0x10
[  273.713591][ T1103]  ? _raw_spin_unlock_irq+0x23/0x50
[  273.713609][ T1103]  wb_workfn+0x409/0xef0
[  273.713635][ T1103]  ? __pfx_wb_workfn+0x10/0x10
[  273.713653][ T1103]  ? __lock_acquire+0xab9/0xd20
[  273.713684][ T1103]  ? process_scheduled_works+0x9ef/0x17b0
[  273.713704][ T1103]  ? _raw_spin_unlock_irq+0x23/0x50
[  273.713712][ T1103]  ? process_scheduled_works+0x9ef/0x17b0
[  273.713719][ T1103]  ? process_scheduled_works+0x9ef/0x17b0
[  273.713728][ T1103]  process_scheduled_works+0xae1/0x17b0
[  273.713752][ T1103]  ? __pfx_process_scheduled_works+0x10/0x10
[  273.713775][ T1103]  worker_thread+0x8a0/0xda0
[  273.713798][ T1103]  kthread+0x711/0x8a0
[  273.713811][ T1103]  ? __pfx_worker_thread+0x10/0x10
[  273.713819][ T1103]  ? __pfx_kthread+0x10/0x10
[  273.713829][ T1103]  ? _raw_spin_unlock_irq+0x23/0x50
[  273.713837][ T1103]  ? lockdep_hardirqs_on+0x9c/0x150
[  273.713847][ T1103]  ? __pfx_kthread+0x10/0x10
[  273.713857][ T1103]  ret_from_fork+0x3fc/0x770
[  273.713868][ T1103]  ? __pfx_ret_from_fork+0x10/0x10
[  273.713880][ T1103]  ? __switch_to_asm+0x39/0x70
[  273.713890][ T1103]  ? __switch_to_asm+0x33/0x70
[  273.713899][ T1103]  ? __pfx_kthread+0x10/0x10
[  273.713909][ T1103]  ret_from_fork_asm+0x1a/0x30
[  273.713933][ T1103]  </TASK>
[  273.713938][ T1103] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  273.718415][ T5917] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  273.894868][ T5917] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  273.898518][ T5917] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.930357][ T5917] usb 5-1: config 0 descriptor??
[  274.145954][ T5917] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  274.158061][ T5917] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 3
[  274.160462][ T5917] [drm] Initialized udl on minor 3
[  274.350697][ T5917] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[  274.353848][ T5917] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  274.404654][T12679] netlink: 'syz.0.2826': attribute type 2 has an invalid length.
[  274.408950][T12679] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2826'.
[  274.565991][ T5313] usb 5-1: USB disconnect, device number 4
[  274.575303][ T5917] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  274.580095][ T5917] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  275.169028][ T5903] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  275.326781][ T5903] usb 1-1: Using ep0 maxpacket: 32
[  275.331200][ T5903] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  275.334827][ T5903] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  275.338842][ T5903] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  275.342572][ T5903] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  275.345909][ T5903] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.350240][ T5903] usb 1-1: config 0 descriptor??
[  275.352701][T12690] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  275.357096][ T5903] hub 1-1:0.0: USB hub found
[  275.376517][ T5917] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  275.533446][ T5917] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  275.537771][ T5917] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  275.543175][ T5917] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  275.561032][ T5917] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  275.566583][ T5917] usb 5-1: SerialNumber: syz
[  275.570833][ T5903] hub 1-1:0.0: 11 ports detected
[  275.572894][ T5903] hub 1-1:0.0: insufficient power available to use all downstream ports
[  275.774783][ T5903] hub 1-1:0.0: hub_hub_status failed (err = -71)
[  275.777524][ T5903] hub 1-1:0.0: config failed, can't get hub status (err -71)
[  275.785673][ T5903] usbhid 1-1:0.0: can't add hid device: -71
[  275.787779][ T5917] usb 5-1: 0:2 : does not exist
[  275.789581][ T5903] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  275.797121][ T5917] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  275.810225][ T5903] usb 1-1: USB disconnect, device number 29
[  275.821812][ T5917] usb 5-1: USB disconnect, device number 5
[  276.220467][T12701] vlan0: entered promiscuous mode
[  276.359916][T12705] wg1 speed is unknown, defaulting to 1000
[  276.390127][T12710] loop4: detected capacity change from 0 to 256
[  276.415075][T12710] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  276.422919][T12710] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  276.431025][T12710] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  276.774272][T12721] loop4: detected capacity change from 0 to 32768
[  276.785151][T12721] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  276.827241][T12721] XFS (loop4): Ending clean mount
[  276.838547][ T5917] usb 1-1: new low-speed USB device number 30 using dummy_hcd
[  276.899421][T11557] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  277.025766][ T5917] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  277.030731][ T5917] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  277.040494][ T5917] usb 1-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[  277.044201][ T5917] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.083803][ T5917] usb 1-1: config 0 descriptor??
[  277.089078][ T5917] qmi_wwan 1-1:0.0: probe with driver qmi_wwan failed with error -22
[  277.109924][T12739] loop4: detected capacity change from 0 to 1024
[  277.113745][T12739] EXT4-fs: Ignoring removed nobh option
[  277.131827][T12739] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.212483][T11557] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.255693][T12746] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2850'.
[  277.261087][T12746] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2850'.
[  277.264067][T12746] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2850'.
[  277.267373][T12746] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2850'.
[  277.301502][ T5917] usb 1-1: USB disconnect, device number 30
[  277.338535][T12752] bond0: entered promiscuous mode
[  277.340317][T12752] bond_slave_0: entered promiscuous mode
[  277.342401][T12752] bond_slave_1: entered promiscuous mode
[  277.344283][T12752] dummy0: entered promiscuous mode
[  277.354956][T12752] batadv0: entered promiscuous mode
[  277.358606][T12752] 8021q: adding VLAN 0 to HW filter on device hsr1
[  277.566561][ T5903] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  277.749226][ T5903] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  277.752784][ T5903] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.755787][ T5903] usb 5-1: Product: syz
[  277.766570][ T5903] usb 5-1: Manufacturer: syz
[  277.768850][ T5903] usb 5-1: SerialNumber: syz
[  277.782031][ T5903] usb 5-1: config 0 descriptor??
[  277.803603][ T5903] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  277.807122][ T5903] usb 5-1: setting power ON
[  277.808975][ T5903] dvb-usb: bulk message failed: -22 (2/0)
[  277.825829][ T5903] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  277.834285][ T5903] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) error while loading driver (-19)
[  277.839276][ T5903] dvb_usb_cxusb 5-1:0.0: probe with driver dvb_usb_cxusb failed with error -22
[  277.885389][T12772] netlink: 16222 bytes leftover after parsing attributes in process `syz.0.2863'.
[  277.958321][T12776] input: syz1 as /devices/virtual/input/input14
[  278.039816][ T5903] usb 5-1: USB disconnect, device number 6
[  278.329555][T12784] loop0: detected capacity change from 0 to 4096
[  278.333780][T12784] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  278.355101][T12784] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  278.360043][T12784] ntfs3(loop0): ino=19, mi_enum_attr
[  278.372763][T12784] ntfs3(loop0): failed to convert "c46c" to default
[  278.379084][T12784] ntfs3(loop0): ino=20, mi_enum_attr
[  278.442690][T12786] program syz.0.2870 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  278.685593][T12798] loop0: detected capacity change from 0 to 1024
[  278.705451][T12798] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  278.718760][T12798] ext4 filesystem being mounted at /792/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  278.731739][   T33] audit: type=1800 audit(1755067197.439:99): pid=12798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2876" name="file1" dev="loop0" ino=15 res=0 errno=0
[  278.764508][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.793520][T12807] overlayfs: failed to clone upperpath
[  278.866477][ T5903] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  278.945278][T12816] overlayfs: failed to clone upperpath
[  279.030219][ T5903] usb 5-1: Using ep0 maxpacket: 32
[  279.036176][ T5903] usb 5-1: unable to get BOS descriptor or descriptor too short
[  279.040595][ T5903] usb 5-1: config 4 has an invalid interface number: 10 but max is 0
[  279.044726][ T5903] usb 5-1: config 4 has no interface number 0
[  279.052640][ T5903] usb 5-1: config 4 interface 10 has no altsetting 0
[  279.064590][ T5903] usb 5-1: New USB device found, idVendor=06e1, idProduct=a155, bcdDevice=b6.15
[  279.076269][ T5903] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.079275][ T5903] usb 5-1: Product: syz
[  279.080804][ T5903] usb 5-1: Manufacturer: syz
[  279.082523][ T5903] usb 5-1: SerialNumber: syz
[  279.235777][T12824] loop0: detected capacity change from 0 to 512
[  279.272690][T12824] loop0: detected capacity change from 0 to 512
[  279.286511][T12824] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  279.289481][T12824] EXT4-fs (loop0): orphan cleanup on readonly fs
[  279.294720][T12824] EXT4-fs warning (device loop0): ext4_enable_quotas:7168: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  279.309344][T12824] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  279.317644][T12824] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #13: comm syz.0.2887: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  279.325145][T12824] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.2887: couldn't read orphan inode 13 (err -117)
[  279.328474][ T5903] radio-si470x 5-1:4.10: could not find interrupt in endpoint
[  279.332641][T12824] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  279.342542][ T5903] radio-si470x 5-1:4.10: probe with driver radio-si470x failed with error -5
[  279.350311][ T5903] usbhid 5-1:4.10: couldn't find an input interrupt endpoint
[  279.361044][ T5903] usb 5-1: USB disconnect, device number 7
[  279.394075][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.273023][T12887] loop0: detected capacity change from 0 to 128
[  281.278147][T12887] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  281.284102][T12887] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  281.457206][T12903] fuse: Bad value for 'fd'
[  281.536529][T12910] loop4: detected capacity change from 0 to 16
[  281.539182][T12912] loop0: detected capacity change from 0 to 256
[  281.541779][T12912] exfat: Deprecated parameter 'namecase'
[  281.543773][T12912] exfat: Deprecated parameter 'namecase'
[  281.543977][T12910] erofs (device loop4): mounted with root inode @ nid 36.
[  281.551876][T12912] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  281.552435][T12910] syz.4.2925: attempt to access beyond end of device
[  281.552435][T12910] loop4: rw=0, sector=48, nr_sectors = 16 limit=16
[  281.560344][T12910] erofs (device loop4): read error -5 @ 43 of nid 36
[  281.565218][T12910] syz.4.2925: attempt to access beyond end of device
[  281.565218][T12910] loop4: rw=0, sector=48, nr_sectors = 16 limit=16
[  281.576741][T12910] erofs (device loop4): read error -5 @ 43 of nid 36
[  281.865865][   T24] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  281.915906][ T5917] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[  282.015851][   T24] usb 5-1: Using ep0 maxpacket: 32
[  282.020289][   T24] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  282.025336][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  282.030732][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  282.034810][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  282.042295][   T24] usb 5-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  282.046469][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.050046][   T24] usb 5-1: Product: syz
[  282.051910][   T24] usb 5-1: Manufacturer: syz
[  282.054007][   T24] usb 5-1: SerialNumber: syz
[  282.059510][   T24] usb 5-1: config 0 descriptor??
[  282.068846][ T5917] usb 1-1: unable to get BOS descriptor or descriptor too short
[  282.075286][ T5917] usb 1-1: not running at top speed; connect to a high speed hub
[  282.081529][ T5917] usb 1-1: config 8 has an invalid interface number: 24 but max is 0
[  282.084844][ T5917] usb 1-1: config 8 has no interface number 0
[  282.087522][ T5917] usb 1-1: config 8 interface 24 has no altsetting 0
[  282.092734][ T5917] usb 1-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af
[  282.096772][ T5917] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  282.101111][ T5917] usb 1-1: Product: syz
[  282.102887][ T5917] usb 1-1: Manufacturer: syz
[  282.104794][ T5917] usb 1-1: SerialNumber: syz
[  282.269549][   T24] usb 5-1: USB disconnect, device number 8
[  282.320487][ T5917] vmk80xx 1-1:8.24: driver 'vmk80xx' failed to auto-configure device.
[  282.327797][ T5917] usb 1-1: USB disconnect, device number 31
[  282.799908][T12933] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2935'.
[  282.866570][T12939] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2937'.
[  282.926460][T12943] RDS: rds_bind could not find a transport for 0:0:4::1, load rds_tcp or rds_rdma?
[  283.214168][T12963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2950'.
[  284.520976][T12988] loop0: detected capacity change from 0 to 1024
[  284.566309][ T4041] hfsplus: b-tree write err: -5, ino 4
[  284.814650][T13008] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2972'.
[  284.820241][T13008] veth1_macvtap: left promiscuous mode
[  285.235533][ T5917] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  285.385982][ T5917] usb 5-1: Using ep0 maxpacket: 8
[  285.390798][ T5917] usb 5-1: unable to get BOS descriptor or descriptor too short
[  285.397382][ T5917] usb 5-1: config 17 has an invalid interface number: 8 but max is 1
[  285.400808][ T5917] usb 5-1: config 17 has 1 interface, different from the descriptor's value: 2
[  285.404495][ T5917] usb 5-1: config 17 has no interface number 0
[  285.407585][ T5917] usb 5-1: config 17 interface 8 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0
[  285.411567][ T5917] usb 5-1: config 17 interface 8 has no altsetting 0
[  285.417055][ T5917] usb 5-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[  285.420744][ T5917] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.424133][ T5917] usb 5-1: Product: syz
[  285.426450][ T5917] usb 5-1: Manufacturer: syz
[  285.428295][ T5917] usb 5-1: SerialNumber: syz
[  285.649596][ T5917] usb 5-1: selecting invalid altsetting 0
[  285.665239][ T5917] usb 5-1: USB disconnect, device number 9
[  286.790399][T13048] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2990'.
[  286.793254][T13048] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2990'.
[  289.125885][T13113] loop0: detected capacity change from 0 to 16
[  289.131907][T13113] erofs (device loop0): mounted with root inode @ nid 36.
[  289.249115][T13117] loop4: detected capacity change from 0 to 256
[  289.343028][T13123] loop4: detected capacity change from 0 to 1024
[  289.350562][T13123] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  289.354610][T13123] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  289.363954][T13123] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c840e02c, mo2=0000]
[  289.384625][T13123] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.3020: Freeing blocks not in datazone - block = 0, count = 4096
[  289.391090][T13115] netlink: 'syz.0.3016': attribute type 1 has an invalid length.
[  289.394244][T13115] nbd: error processing sock list
[  289.401263][T13115] block nbd0: shutting down sockets
[  289.401381][T13123] EXT4-fs (loop4): Remounting filesystem read-only
[  289.406665][T13123] EXT4-fs (loop4): 1 orphan inode deleted
[  289.410836][T13123] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.429899][ T1088] EXT4-fs (loop4): Quota write (off=3072, len=1024) cancelled because transaction is not started
[  289.446529][ T1088] Quota error (device loop4): write_blk: dquota write failed
[  289.448977][ T1088] Quota error (device loop4): free_dqentry: Can't move quota data block (2) to free list
[  289.518287][T11557] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.621028][T13140] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  289.729474][T13148] loop4: detected capacity change from 0 to 4096
[  289.734148][T13148] NILFS (loop4): mounting unchecked fs
[  289.739389][T13148] NILFS (loop4): recovery required for readonly filesystem
[  289.741770][T13148] NILFS (loop4): write access will be enabled during recovery
[  289.746596][T13148] NILFS (loop4): invalid segment: Checksum error in segment payload
[  289.749219][T13148] NILFS (loop4): trying rollback from an earlier position
[  289.768749][T13148] NILFS (loop4): norecovery option specified, skipping roll-forward recovery
[  290.373131][   T33] audit: type=1400 audit(1755069785.077:100): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A3A0AE10CCA7C2B08C9DFF78977F306B457CA93031D371D06D2E59E863E2FE54118A4EE43068DF6BA88E1B6DC3A552C91AE1C817D6B6014270B8BC51F73363852F4F12EE955F464599F0C485D pid=13190 comm="syz.4.3052"
[  290.590358][T13207] loop4: detected capacity change from 0 to 1024
[  290.610878][T13207] hfsplus: b-tree write err: -5, ino 3
[  290.635948][   T27] hfsplus: b-tree write err: -5, ino 3
[  290.725341][T13215] loop0: detected capacity change from 0 to 4096
[  290.728802][T13215] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  290.742303][T13215] ntfs3(loop0): ino=19, mi_enum_attr
[  290.744073][T13215] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  290.752210][T13215] ntfs3(loop0): failed to convert "c46c" to ascii
[  290.755006][T13216] overlay: ./file0 is not a directory
[  290.758117][T13215] ntfs3(loop0): ino=20, mi_enum_attr
[  290.921038][   T33] audit: type=1326 audit(1755069785.627:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13228 comm="syz.2.3070" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f80ccb8ebe9 code=0x0
[  291.048607][T13239] loop4: detected capacity change from 0 to 64
[  292.512705][T13268] loop4: detected capacity change from 0 to 128
[  292.809175][T13275] loop4: detected capacity change from 0 to 4096
[  293.306385][T13320] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3108'.
[  293.372391][T13323] loop4: detected capacity change from 0 to 1024
[  293.380711][T13323] EXT4-fs: Ignoring removed i_version option
[  293.382672][T13323] EXT4-fs: Ignoring removed oldalloc option
[  293.386084][T13323] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  293.389935][T13323] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  293.393123][T13323] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  293.398404][T13323] EXT4-fs (loop4): filesystem has both journal inode and journal device!
[  293.919124][T13341] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3117'.
[  294.890598][T13371] loop4: detected capacity change from 0 to 8
[  294.921025][T13371] SQUASHFS error: lzo decompression failed, data probably corrupt
[  294.926450][T13371] SQUASHFS error: Failed to read block 0x1d2: -5
[  294.928945][T13371] SQUASHFS error: Unable to read metadata cache entry [1d0]
[  294.931802][T13371] SQUASHFS error: Unable to read directory block [1d0:26]
[  294.953225][T13374] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3133'.
[  294.977504][T13374] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3133'.
[  295.118500][T13388] loop0: detected capacity change from 0 to 1024
[  295.129095][T13388] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.163216][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  295.331986][T13398] loop0: detected capacity change from 0 to 1024
[  295.338908][T13398] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  295.362117][T13398] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  295.375563][T13398] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  295.386725][T13398] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.3143: missing EA_INODE flag
[  295.398350][T13398] EXT4-fs (loop0): Remounting filesystem read-only
[  295.417261][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.259823][T13431] loop4: detected capacity change from 0 to 32768
[  296.277019][T13431] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  296.283937][T13431] (syz.4.3156,13431,0):ocfs2_find_entry:1094 ERROR: status = -117
[  296.292828][T13431] (syz.4.3156,13431,0):ocfs2_find_entry:1094 ERROR: status = -117
[  296.295867][T13431] (syz.4.3156,13431,0):ocfs2_symlink:2080 ERROR: status = -117
[  296.320891][T11557] (syz-executor,11557,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 76
[  296.357123][T11557] ocfs2: Unmounting device (7,4) on (node local)
[  296.495931][T13443] loop4: detected capacity change from 0 to 4096
[  296.693526][ T5313] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  296.798910][T13458] netlink: 4768 bytes leftover after parsing attributes in process `syz.2.3168'.
[  296.843496][ T5313] usb 1-1: Using ep0 maxpacket: 16
[  296.865327][ T5313] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  296.874640][ T5313] usb 1-1: config 0 has no interface number 0
[  296.877181][ T5313] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  296.894911][ T5313] usb 1-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  296.909470][ T5313] usb 1-1: config 0 interface 41 has no altsetting 0
[  296.925662][ T5313] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  296.933452][ T5313] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.936679][ T5313] usb 1-1: Product: syz
[  296.938377][ T5313] usb 1-1: Manufacturer: syz
[  296.949443][ T5313] usb 1-1: SerialNumber: syz
[  296.960379][ T5313] usb 1-1: config 0 descriptor??
[  296.967160][T13441] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  296.971644][T13441] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  297.215696][T13441] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  297.218329][T13441] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  297.635116][ T5313] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -71
[  297.655183][ T5313] usb 1-1: USB disconnect, device number 32
[  298.291020][T13504] loop0: detected capacity change from 0 to 128
[  298.402113][T13498] loop4: detected capacity change from 0 to 32768
[  298.415441][T13498] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  298.458563][T13498] XFS (loop4): Ending clean mount
[  298.462974][T13498] XFS (loop4): Quotacheck needed: Please wait.
[  298.505165][T13498] XFS (loop4): Quotacheck: Done.
[  298.537295][T11557] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  298.704802][ T5903] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  298.830221][T13529] loop4: detected capacity change from 0 to 4096
[  298.856390][ T5903] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  298.866705][ T5903] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  298.871484][T13530] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  298.873602][ T5903] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  298.886957][ T5903] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  298.896207][ T5903] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  298.900045][ T5903] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.906425][ T5903] usb 1-1: config 0 descriptor??
[  298.909398][T13523] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  299.323547][ T5903] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  299.326236][ T5903] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  299.328810][ T5903] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  299.331819][ T5903] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  299.335393][ T5903] plantronics 0003:047F:FFFF.000C: unknown main item tag 0x0
[  299.354595][ T5903] plantronics 0003:047F:FFFF.000C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  299.473002][T13547] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3204'.
[  299.477059][T13546] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3204'.
[  299.481129][T13547] netlink: 60 bytes leftover after parsing attributes in process `syz.2.3204'.
[  299.588666][   T51] usb 1-1: USB disconnect, device number 33
[  300.055437][T13581] netlink: 32 bytes leftover after parsing attributes in process `syz.2.3219'.
[  300.191993][T13594] loop4: detected capacity change from 0 to 8
[  300.452889][ T5313] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  300.617069][ T5313] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  300.620101][ T5313] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  300.632781][ T5313] usb 1-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00
[  300.635615][ T5313] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.655759][ T5313] usb 1-1: config 0 descriptor??
[  300.986945][T13614] netlink: 160 bytes leftover after parsing attributes in process `syz.2.3235'.
[  300.990824][T13614] netlink: 'syz.2.3235': attribute type 1 has an invalid length.
[  300.996645][T13614] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3235'.
[  301.066441][ T5313] wacom 0003:056A:0045.000D: Unknown device_type for 'HID 056a:0045'. Assuming pen.
[  301.082916][ T5313] wacom 0003:056A:0045.000D: hidraw0: USB HID v0.00 Device [HID 056a:0045] on usb-dummy_hcd.0-1/input0
[  301.087705][ T5313] input: Wacom Intuos2 12x18 Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:056A:0045.000D/input/input16
[  301.266347][   T51] usb 1-1: USB disconnect, device number 34
[  301.362047][T13624] loop4: detected capacity change from 0 to 32768
[  301.365342][T13624] XFS: ikeep mount option is deprecated.
[  301.371218][T13624] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  301.400379][T13624] XFS (loop4): Ending clean mount
[  301.409794][T13624] XFS (loop4): Quotacheck needed: Please wait.
[  301.450955][T13624] XFS (loop4): Quotacheck: Done.
[  301.562431][T11557] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  301.714415][T13634] loop4: detected capacity change from 0 to 8192
[  301.878275][T13650] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3249'.
[  301.881186][T13650] netem: unknown loss type 12
[  301.885169][T13650] netem: change failed
[  302.013796][T13666] netlink: 6 bytes leftover after parsing attributes in process `syz.2.3256'.
[  302.657247][T13692] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3268'.
[  302.660512][T13691] netlink: 36 bytes leftover after parsing attributes in process `syz.2.3268'.
[  302.695266][T13694] netlink: 'syz.2.3269': attribute type 12 has an invalid length.
[  302.725660][T13696] (unnamed net_device) (uninitialized): option arp_all_targets: invalid value (16777216)
[  302.817187][T13700] loop0: detected capacity change from 0 to 256
[  302.835946][T13700] FAT-fs (loop0): Directory bread(block 64) failed
[  302.838517][T13700] FAT-fs (loop0): Directory bread(block 65) failed
[  302.842657][T13700] FAT-fs (loop0): Directory bread(block 66) failed
[  302.846335][T13700] FAT-fs (loop0): Directory bread(block 67) failed
[  302.849021][T13700] FAT-fs (loop0): Directory bread(block 68) failed
[  302.851661][T13700] FAT-fs (loop0): Directory bread(block 69) failed
[  302.859933][T13700] FAT-fs (loop0): Directory bread(block 70) failed
[  302.863239][T13700] FAT-fs (loop0): Directory bread(block 71) failed
[  302.865901][T13700] FAT-fs (loop0): Directory bread(block 72) failed
[  302.868494][T13700] FAT-fs (loop0): Directory bread(block 73) failed
[  302.871818][T13704] loop4: detected capacity change from 0 to 1024
[  302.881755][T13704] hfsplus: request for non-existent node 65536 in B*Tree
[  302.886607][T13704] hfsplus: request for non-existent node 65536 in B*Tree
[  302.890064][T13704] hfsplus: failed to load root directory
[  302.975422][T13710] usb usb6: usbfs: process 13710 (syz.0.3277) did not claim interface 0 before use
[  302.980175][T13714] netlink: 'syz.4.3279': attribute type 29 has an invalid length.
[  303.018120][T13720] netlink: 'syz.4.3282': attribute type 9 has an invalid length.
[  303.026449][T13719] loop0: detected capacity change from 0 to 2048
[  303.735919][T13750] netlink: 'syz.2.3296': attribute type 13 has an invalid length.
[  303.762726][T13752] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253
[  303.765787][T13752] PKCS7: Only support pkcs7_signedData type
[  304.086545][T13774] loop4: detected capacity change from 0 to 64
[  304.120726][T13774] syz.4.3308: attempt to access beyond end of device
[  304.120726][T13774] loop4: rw=0, sector=1024, nr_sectors = 2 limit=64
[  304.134226][T13774] Buffer I/O error on dev loop4, logical block 512, async page read
[  304.137316][T13774] syz.4.3308: attempt to access beyond end of device
[  304.137316][T13774] loop4: rw=0, sector=113152, nr_sectors = 2 limit=64
[  304.141589][T13774] Buffer I/O error on dev loop4, logical block 56576, async page read
[  304.162697][T13774] syz.4.3308: attempt to access beyond end of device
[  304.162697][T13774] loop4: rw=0, sector=1024, nr_sectors = 2 limit=64
[  304.167115][T13774] Buffer I/O error on dev loop4, logical block 512, async page read
[  304.170271][T13774] syz.4.3308: attempt to access beyond end of device
[  304.170271][T13774] loop4: rw=0, sector=113152, nr_sectors = 2 limit=64
[  304.176193][T13774] Buffer I/O error on dev loop4, logical block 56576, async page read
[  304.687909][T13784] loop4: detected capacity change from 0 to 32768
[  304.694613][T13784] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  304.700394][T13784] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  304.708692][   T33] audit: type=1800 audit(1755069799.419:102): pid=13784 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3313" name="file1" dev="loop4" ino=17058 res=0 errno=0
[  304.746160][T11557] ocfs2: Unmounting device (7,4) on (node local)
[  304.805263][T13802] (unnamed net_device) (uninitialized): peer notification delay (9) is not a multiple of miimon (100), value rounded to 0 ms
[  304.810384][T13802] (unnamed net_device) (uninitialized): option use_carrier: invalid value (5)
[  305.669271][T13831] loop0: detected capacity change from 0 to 2048
[  305.676667][T13831] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  305.681616][T13831] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  305.690457][T13831] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  305.965529][T13846] loop0: detected capacity change from 0 to 512
[  305.984755][T13846] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  306.010931][T13846] EXT4-fs (loop0): orphan cleanup on readonly fs
[  306.017706][T13846] EXT4-fs error (device loop0): ext4_orphan_get:1418: comm syz.0.3341: bad orphan inode 15
[  306.025601][T13846] ext4_test_bit(bit=14, block=18) = 1
[  306.027816][T13846] is_bad_inode(inode)=0
[  306.030066][T13846] NEXT_ORPHAN(inode)=1023
[  306.032343][T13846] max_ino=32
[  306.034010][T13846] i_nlink=0
[  306.056738][T13846] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2962: inode #15: comm syz.0.3341: corrupted xattr block 19: e_value size too large
[  306.068187][T13846] EXT4-fs warning (device loop0): ext4_evict_inode:274: xattr delete (err -117)
[  306.077170][T13846] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  306.163307][T13859] loop4: detected capacity change from 0 to 512
[  306.166440][T13859] journal_path: Lookup failure for './file0/../file0'
[  306.169121][T13859] EXT4-fs: error: could not find journal device path
[  306.228502][T13861] IPVS: wlc: UDP 224.0.0.2:0 - no destination available
[  306.241867][ T5313] IPVS: starting estimator thread 0...
[  306.333814][T13865] IPVS: using max 62 ests per chain, 148800 per kthread
[  306.393732][T13875] loop4: detected capacity change from 0 to 4096
[  306.414637][T13875] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  306.428749][T13875] ntfs3(loop4): Failed to load $Extend (-22).
[  306.430766][T13875] ntfs3(loop4): Failed to initialize $Extend.
[  306.708063][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.788384][   T33] audit: type=1326 audit(1755069801.500:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13897 comm="syz.4.3363" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  306.814936][   T33] audit: type=1326 audit(1755069801.510:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13897 comm="syz.4.3363" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  306.830504][   T33] audit: type=1326 audit(1755069801.520:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13897 comm="syz.4.3363" exe="/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  306.849792][   T33] audit: type=1326 audit(1755069801.520:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13897 comm="syz.4.3363" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  306.872010][   T33] audit: type=1326 audit(1755069801.520:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13897 comm="syz.4.3363" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  306.879919][   T33] audit: type=1326 audit(1755069801.520:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13897 comm="syz.4.3363" exe="/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  306.888152][   T33] audit: type=1326 audit(1755069801.520:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13897 comm="syz.4.3363" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  306.897305][   T33] audit: type=1326 audit(1755069801.520:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13897 comm="syz.4.3363" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  307.839255][T13912] loop0: detected capacity change from 0 to 64
[  307.891724][T13912] minix_free_block (loop0:21): bit already cleared
[  308.124541][T13922] __nla_validate_parse: 3 callbacks suppressed
[  308.124555][T13922] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3373'.
[  308.165347][T13924] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3374'.
[  308.280464][T13930] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3377'.
[  308.293837][T13930] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3377'.
[  308.297144][T13930] netlink: 'syz.2.3377': attribute type 18 has an invalid length.
[  308.304434][T13930] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3377'.
[  308.330424][T13932] batman_adv: batadv0: Adding interface: dummy0
[  308.338476][T13932] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.361599][T13932] batman_adv: batadv0: Interface activated: dummy0
[  308.633040][T13916] loop0: detected capacity change from 0 to 131072
[  308.636506][T13916] F2FS-fs (loop0): Invalid log sectorsize (67108873)
[  308.638797][T13916] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  308.643396][T13916] F2FS-fs (loop0): invalid crc value
[  308.685417][T13916] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  308.713317][T13916] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  308.716332][T13916] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  308.807810][   T33] audit: type=1800 audit(1755069803.510:111): pid=13916 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3370" name="file1" dev="loop0" ino=7 res=0 errno=0
[  309.878632][T13960] loop0: detected capacity change from 0 to 1024
[  309.935793][T13960] syz.0.3388: attempt to access beyond end of device
[  309.935793][T13960] loop0: rw=2049, sector=31588620, nr_sectors = 2 limit=1024
[  309.943302][T13960] Buffer I/O error on dev loop0, logical block 15794310, lost async page write
[  310.931061][ T5903] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  310.956269][T14002] loop0: detected capacity change from 0 to 16
[  310.965866][T14002] erofs (device loop0): mounted with root inode @ nid 36.
[  310.987284][T14002] erofs (device loop0): read error -117 @ 72 of nid 36
[  311.094128][ T5903] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 183, changing to 11
[  311.102422][ T5903] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 50680, setting to 1024
[  311.106924][ T5903] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  311.120313][T14013] loop0: detected capacity change from 0 to 16
[  311.127392][T14013] erofs (device loop0): unidentified algorithms fff0, please upgrade kernel
[  311.132308][ T5903] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  311.136027][ T5903] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  311.139127][ T5903] usb 5-1: SerialNumber: syz
[  311.157907][T13984] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  311.652864][ T5903] usbtest 5-1:1.0: couldn't get endpoints, -22
[  311.662740][ T5903] usbtest 5-1:1.0: probe with driver usbtest failed with error -22
[  311.681385][ T5903] usb 5-1: USB disconnect, device number 10
[  311.774549][T14032] netlink: 'syz.2.3421': attribute type 5 has an invalid length.
[  312.213361][T14044] loop4: detected capacity change from 0 to 256
[  312.251352][ T5903] usb 1-1: new full-speed USB device number 35 using dummy_hcd
[  312.427366][   T33] audit: type=1800 audit(1755069807.141:112): pid=14050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.3427" name="file1" dev="loop4" ino=1048624 res=0 errno=0
[  312.443411][ T5903] usb 1-1: config 5 has an invalid interface number: 123 but max is 0
[  312.447091][ T5903] usb 1-1: config 5 has no interface number 0
[  312.450010][ T5903] usb 1-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0x6B, changing to 0xB
[  312.458287][ T5903] usb 1-1: config 5 interface 123 altsetting 7 endpoint 0x4 has invalid wMaxPacketSize 0
[  312.463996][ T5903] usb 1-1: config 5 interface 123 has no altsetting 0
[  312.469673][ T5903] usb 1-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[  312.478132][ T5903] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.483238][ T5903] usb 1-1: Product: syz
[  312.485157][ T5903] usb 1-1: Manufacturer: syz
[  312.487059][ T5903] usb 1-1: SerialNumber: syz
[  312.882874][ T5903] ni6501 1-1:5.123: driver 'ni6501' failed to auto-configure device.
[  312.897311][ T5903] usb 1-1: USB disconnect, device number 35
[  314.015410][T14093] !: renamed from dummy0 (while UP)
[  314.158695][T14101] loop4: detected capacity change from 0 to 4096
[  314.372494][ T5903] usb 1-1: new low-speed USB device number 36 using dummy_hcd
[  314.532360][ T5903] usb 1-1: unable to get BOS descriptor or descriptor too short
[  314.542147][ T5903] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  314.545608][ T5903] usb 1-1: config 1 interface 0 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  314.553557][ T5903] usb 1-1: config 1 interface 0 has no altsetting 0
[  314.563573][ T5903] usb 1-1: string descriptor 0 read error: -22
[  314.568853][ T5903] usb 1-1: New USB device found, idVendor=05ac, idProduct=0236, bcdDevice= 0.60
[  314.574751][ T5903] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.585359][ T5903] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input19
[  314.807452][ T5280] bcm5974 1-1:1.0: could not read from device
[  314.814597][ T5280] bcm5974 1-1:1.0: could not read from device
[  314.823514][ T5280] bcm5974 1-1:1.0: could not read from device
[  314.829065][ T5903] usb 1-1: USB disconnect, device number 36
[  315.788282][T14162] loop4: detected capacity change from 0 to 4096
[  315.792377][T14162] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  315.812475][T14162] ntfs3(loop4): Failed to load $Extend (-22).
[  315.815003][T14162] ntfs3(loop4): Failed to initialize $Extend.
[  315.994068][T14176] loop0: detected capacity change from 0 to 256
[  316.005181][T14176] FAT-fs (loop0): Directory bread(block 64) failed
[  316.012149][T14176] FAT-fs (loop0): Directory bread(block 65) failed
[  316.014373][T14176] FAT-fs (loop0): Directory bread(block 66) failed
[  316.016483][T14176] FAT-fs (loop0): Directory bread(block 67) failed
[  316.018657][T14176] FAT-fs (loop0): Directory bread(block 68) failed
[  316.021535][T14176] FAT-fs (loop0): Directory bread(block 69) failed
[  316.024606][T14176] FAT-fs (loop0): Directory bread(block 70) failed
[  316.027016][T14176] FAT-fs (loop0): Directory bread(block 71) failed
[  316.029080][T14176] FAT-fs (loop0): Directory bread(block 72) failed
[  316.032792][T14176] FAT-fs (loop0): Directory bread(block 73) failed
[  316.057537][T14176] syz.0.3486: attempt to access beyond end of device
[  316.057537][T14176] loop0: rw=1, sector=1224, nr_sectors = 64 limit=256
[  316.062858][T14176] syz.0.3486: attempt to access beyond end of device
[  316.062858][T14176] loop0: rw=1, sector=1320, nr_sectors = 36 limit=256
[  316.304134][T14175] loop4: detected capacity change from 0 to 40427
[  316.308980][T14175] F2FS-fs (loop4): invalid crc value
[  316.325101][T14193] tmpfs: Bad value for 'size'
[  316.351958][T14175] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  316.357577][T14175] F2FS-fs (loop4): Start checkpoint disabled!
[  316.372007][T14199] loop0: detected capacity change from 0 to 128
[  316.373828][T14175] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  316.531731][ T1103] kworker/u9:9: attempt to access beyond end of device
[  316.531731][ T1103] loop0: rw=1, sector=145, nr_sectors = 8 limit=128
[  316.536037][ T1103] kworker/u9:9: attempt to access beyond end of device
[  316.536037][ T1103] loop0: rw=1, sector=161, nr_sectors = 8 limit=128
[  316.553709][ T1103] kworker/u9:9: attempt to access beyond end of device
[  316.553709][ T1103] loop0: rw=1, sector=177, nr_sectors = 8 limit=128
[  316.559434][ T1103] kworker/u9:9: attempt to access beyond end of device
[  316.559434][ T1103] loop0: rw=1, sector=193, nr_sectors = 8 limit=128
[  316.572231][ T1103] kworker/u9:9: attempt to access beyond end of device
[  316.572231][ T1103] loop0: rw=1, sector=209, nr_sectors = 8 limit=128
[  316.576667][ T1103] kworker/u9:9: attempt to access beyond end of device
[  316.576667][ T1103] loop0: rw=1, sector=225, nr_sectors = 8 limit=128
[  316.594512][ T1103] kworker/u9:9: attempt to access beyond end of device
[  316.594512][ T1103] loop0: rw=1, sector=241, nr_sectors = 8 limit=128
[  316.598741][ T1103] kworker/u9:9: attempt to access beyond end of device
[  316.598741][ T1103] loop0: rw=1, sector=257, nr_sectors = 8 limit=128
[  316.759085][T14226] netlink: 'syz.0.3509': attribute type 8 has an invalid length.
[  316.868810][ T1365] ieee802154 phy0 wpan0: encryption failed: -22
[  316.872314][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  316.876191][T14237] netlink: 'syz.0.3515': attribute type 1 has an invalid length.
[  316.885832][T14238] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3514'.
[  317.111980][T14260] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3526'.
[  317.238817][   T33] audit: type=1326 audit(1755069811.951:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14271 comm="syz.0.3532" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd7a498ebe9 code=0x0
[  317.302327][T14275] uprobe: syz.0.3532:14275 failed to unregister, leaking uprobe
[  317.942649][T14316] loop4: detected capacity change from 0 to 256
[  317.952604][T14316] FAT-fs (loop4): Directory bread(block 64) failed
[  317.954731][T14316] FAT-fs (loop4): Directory bread(block 65) failed
[  317.957005][T14316] FAT-fs (loop4): Directory bread(block 66) failed
[  317.959136][T14316] FAT-fs (loop4): Directory bread(block 67) failed
[  317.963081][T14316] FAT-fs (loop4): Directory bread(block 68) failed
[  317.965177][T14316] FAT-fs (loop4): Directory bread(block 69) failed
[  317.967351][T14316] FAT-fs (loop4): Directory bread(block 70) failed
[  317.969461][T14316] FAT-fs (loop4): Directory bread(block 71) failed
[  317.972295][T14316] FAT-fs (loop4): Directory bread(block 72) failed
[  317.974434][T14316] FAT-fs (loop4): Directory bread(block 73) failed
[  318.024309][   T33] audit: type=1326 audit(1755069812.742:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14317 comm="syz.4.3554" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x0
[  318.537201][T14353] loop4: detected capacity change from 0 to 1024
[  318.654648][ T1088] hfsplus: b-tree write err: -5, ino 3
[  318.684988][T11557] hfsplus: node 4:3 still has 3 user(s)!
[  319.037675][T14383] input: syz1 as /devices/virtual/input/input20
[  319.168629][T14385] openvswitch: netlink: Flow key attribute not present in set flow.
[  319.350170][T14387] loop4: detected capacity change from 0 to 16
[  319.368630][T14387] erofs (device loop4): rootino(nid 36) is not a directory(i_mode 145700)
[  319.460783][T14389] loop4: detected capacity change from 0 to 1024
[  319.464196][T14389] EXT4-fs: Ignoring removed bh option
[  319.467178][T14389] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  319.496307][T14389] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.564067][T14389] EXT4-fs error (device loop4): ext4_find_dest_de:2052: inode #12: block 7: comm syz.4.3586: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  319.577767][T14389] EXT4-fs (loop4): Remounting filesystem read-only
[  319.617705][T11557] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.765317][T14402] IPv6: sit1: Disabled Multicast RS
[  319.768230][T14402] sit1: entered allmulticast mode
[  319.864547][T14407] serio: Serial port ptm0
[  319.957916][T14416] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3597'.
[  319.964162][T14416] wg1 speed is unknown, defaulting to 1000
[  320.000641][T14422] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3600'.
[  320.127222][T14433] tipc: Started in network mode
[  320.132323][T14433] tipc: Node identity baa84848ceb5, cluster identity 4711
[  320.135564][T14433] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  320.139124][T14433] syzkaller0: entered promiscuous mode
[  320.141667][T14433] syzkaller0: entered allmulticast mode
[  320.148833][T14433] tipc: Resetting bearer <eth:syzkaller0>
[  320.155477][T14431] tipc: Resetting bearer <eth:syzkaller0>
[  320.178306][T14431] tipc: Disabling bearer <eth:syzkaller0>
[  320.359479][ T5917] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  320.523040][ T5917] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  320.526515][ T5917] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.531872][ T5917] usb 1-1: config 0 descriptor??
[  320.535221][ T5917] cp210x 1-1:0.0: cp210x converter detected
[  320.943838][ T5917] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[  321.154944][ T5917] usb 1-1: cp210x converter now attached to ttyUSB0
[  321.371430][ T6088] usb 1-1: USB disconnect, device number 37
[  321.411007][ T6088] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  321.435522][ T6088] cp210x 1-1:0.0: device disconnected
[  322.231481][T14471] erspan0: entered promiscuous mode
[  322.340784][ T6088] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  322.509297][ T6088] usb 1-1: Using ep0 maxpacket: 16
[  322.561162][ T6088] usb 1-1: unable to get BOS descriptor or descriptor too short
[  322.569640][ T6088] usb 1-1: unable to read config index 0 descriptor/start: -71
[  322.572663][ T6088] usb 1-1: can't read configurations, error -71
[  322.963122][T14481] loop4: detected capacity change from 0 to 32768
[  322.966962][T14481] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3627 (14481)
[  322.981762][T14481] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  322.982299][T14489] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3631'.
[  322.985056][T14481] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  322.988016][T14489] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3631'.
[  322.995549][T14481] BTRFS info (device loop4): using free-space-tree
[  322.995689][T14489] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3631'.
[  323.139942][T11557] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  323.303436][T14516] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3637'.
[  323.306439][T14516] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3637'.
[  324.003686][T14542] loop4: detected capacity change from 0 to 32768
[  324.963326][T14573] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  325.818925][ T5903] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  326.050473][ T5903] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  326.055804][ T5903] usb 5-1: config 0 interface 0 has no altsetting 0
[  326.064610][ T5903] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  326.068814][ T5903] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  326.072363][ T5903] usb 5-1: Product: syz
[  326.074135][ T5903] usb 5-1: Manufacturer: syz
[  326.076079][ T5903] usb 5-1: SerialNumber: syz
[  326.086582][ T5903] usb 5-1: config 0 descriptor??
[  326.095510][ T5903] usb 5-1: selecting invalid altsetting 0
[  326.169303][T14607] netlink: 'syz.2.3679': attribute type 5 has an invalid length.
[  326.172733][T14607] netlink: 'syz.2.3679': attribute type 5 has an invalid length.
[  326.175889][T14607] netlink: 3657 bytes leftover after parsing attributes in process `syz.2.3679'.
[  326.316614][   T24] usb 5-1: USB disconnect, device number 11
[  326.647815][T14631] 8021q: adding VLAN 0 to HW filter on device batadv2
[  326.652515][T14631] team0: Failed to send port change of device batadv2 via netlink (err -105)
[  326.656072][T14631] team0: Failed to send options change via netlink (err -105)
[  326.659691][T14631] team0: Port device batadv2 added
[  327.416104][T14660] cgroup: Unknown subsys name 'cpuset'
[  328.054433][T14676] loop4: detected capacity change from 0 to 8
[  328.066000][T14676] SQUASHFS error: Failed to read block 0x2fc: -5
[  328.072543][T14676] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  328.075647][T14676] SQUASHFS error: Unable to read inode 0x11f
[  328.146155][T14682] netlink: 'syz.4.3715': attribute type 3 has an invalid length.
[  329.363377][T14738] netlink: 'syz.2.3741': attribute type 10 has an invalid length.
[  329.567968][ T5903] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  329.720208][ T5903] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  329.724168][ T5903] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x61, changing to 0x1
[  329.736209][ T5903] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 97, changing to 7
[  329.740919][ T5903] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 24929, setting to 1024
[  329.752796][ T5903] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  329.756881][ T5903] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.766642][ T5903] usb 5-1: Product: syz
[  329.769065][ T5903] usb 5-1: Manufacturer: syz
[  329.771057][ T5903] usb 5-1: SerialNumber: syz
[  329.777457][ T5903] usb 5-1: config 0 descriptor??
[  329.797998][ T5903] usb 5-1: 0:0 : invalid sync pipe. bmAttributes 61, bLength 9, bSynchAddress 61
[  330.006338][ T5903] usb 5-1: USB disconnect, device number 12
[  330.533581][T14755] netlink: 300 bytes leftover after parsing attributes in process `syz.4.3749'.
[  331.065355][T14787] netlink: 'syz.2.3764': attribute type 10 has an invalid length.
[  332.156186][T14819] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[  332.522878][T14831] netlink: 'syz.2.3785': attribute type 1 has an invalid length.
[  332.526135][T14831] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3785'.
[  332.865615][T14850] netlink: 'syz.2.3794': attribute type 49 has an invalid length.
[  332.872048][T14850] netlink: 'syz.2.3794': attribute type 49 has an invalid length.
[  333.052239][T14856] IPv6: sit2: Disabled Multicast RS
[  333.875698][T14875] fuse: Bad value for 'fd'
[  334.276251][T14897] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  334.282358][T14896] IPVS: stopping backup sync thread 14897 ...
[  334.316669][T14899] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3815'.
[  334.998834][T14906] overlayfs: failed to clone lowerpath
[  335.338021][T14904] overlayfs: failed to clone upperpath
[  335.764451][T14930] loop4: detected capacity change from 0 to 32768
[  335.770147][T14930] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3828 (14930)
[  335.779720][T14930] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  335.782824][T14930] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  335.785516][T14930] BTRFS info (device loop4): using free-space-tree
[  335.830257][T11557] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  336.103147][T14949] loop4: detected capacity change from 0 to 4096
[  336.270208][T14955] A link change request failed with some changes committed already. Interface vlan0 may have been left with an inconsistent configuration, please check.
[  336.450434][T14970] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3841'.
[  336.549321][T14973] loop0: detected capacity change from 0 to 24
[  336.552682][T14973] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  336.570918][T14973] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  336.590151][T14973] VFS: Lookup of 'file0' in romfs loop0 would have caused loop
[  336.726945][ T5313] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  337.088815][ T5313] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  337.092251][ T5313] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  337.096239][ T5313] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  337.099645][ T5313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  337.102650][ T5313] usb 5-1: SerialNumber: syz
[  337.313751][ T5313] usb 5-1: 0:2 : does not exist
[  337.316429][ T5313] usb 5-1: unit 5: unexpected type 0x09
[  337.335838][ T5313] usb 5-1: USB disconnect, device number 13
[  337.337939][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  337.466168][T14995] loop0: detected capacity change from 0 to 32768
[  337.999102][T15012] loop0: detected capacity change from 0 to 32768
[  338.002301][T15012] XFS (loop0): sunit and swidth options incompatible with the noalign option
[  338.696628][   T51] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  338.868718][   T51] usb 1-1: config 0 has an invalid interface number: 156 but max is 0
[  338.872198][   T51] usb 1-1: config 0 has no interface number 0
[  338.874124][   T51] usb 1-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  338.879611][   T51] usb 1-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  338.882926][   T51] usb 1-1: config 0 interface 156 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  338.888145][   T51] usb 1-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  338.891528][   T51] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.895511][   T51] usb 1-1: config 0 descriptor??
[  338.899817][   T51] gspca_main: spca561-2.14.0 probing abcd:cdee
[  339.069944][T15042] trusted_key: encrypted_key: key description must be 16 hexadecimal characters long
[  339.101596][   T51] spca561 1-1:0.156: probe with driver spca561 failed with error -22
[  339.106768][   T51] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  339.108932][   T51] usb 1-1: MIDIStreaming interface descriptor not found
[  339.150984][   T51] usb 1-1: USB disconnect, device number 40
[  339.372657][T15052] netlink: 'syz.4.3876': attribute type 11 has an invalid length.
[  339.435191][T15054] loop4: detected capacity change from 0 to 256
[  339.519144][T15060] loop4: detected capacity change from 0 to 512
[  339.522335][T15060] EXT4-fs (loop4): Test dummy encryption mode enabled
[  339.524898][T15060] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  339.532006][T15060] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.3880: bad orphan inode 131083
[  339.540535][T15060] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  339.561267][T15060] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  339.592756][T11557] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.700730][T15079] netlink: 2028 bytes leftover after parsing attributes in process `syz.4.3884'.
[  339.703877][T15079] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3884'.
[  340.117400][T15092] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3894'.
[  340.120253][T15092] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3894'.
[  340.879876][T15106] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3901'.
[  340.885214][T15106] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3901'.
[  340.888622][T15106] netlink: 31 bytes leftover after parsing attributes in process `syz.4.3901'.
[  340.892106][T15106] netlink: 'syz.4.3901': attribute type 3 has an invalid length.
[  340.894640][T15106] netlink: 'syz.4.3901': attribute type 2 has an invalid length.
[  340.899508][T15106] netlink: 31 bytes leftover after parsing attributes in process `syz.4.3901'.
[  342.017227][   T33] audit: type=1800 audit(1755069836.726:115): pid=15134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3914" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[  342.123417][T15142] loop0: detected capacity change from 0 to 128
[  342.135642][T15142] EXT4-fs (loop0): Test dummy encryption mode enabled
[  342.142155][T15142] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  342.148937][T15142] ext4 filesystem being mounted at /1026/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  342.178075][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  342.325707][T15157] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3924'.
[  342.514586][T15153] loop0: detected capacity change from 0 to 32768
[  342.521970][T15153] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  342.548830][T15153] XFS (loop0): Ending clean mount
[  342.596879][ T5849] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  342.871106][T15178] loop4: detected capacity change from 0 to 40427
[  342.874211][T15178] F2FS-fs: heap/no_heap options were deprecated
[  342.876095][T15182] netlink: 'syz.0.3931': attribute type 5 has an invalid length.
[  342.883488][T15178] F2FS-fs (loop4): invalid crc value
[  342.883863][T15182] ip6erspan0: entered promiscuous mode
[  342.953708][T15178] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  342.962834][T15178] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  342.982545][   T33] audit: type=1800 audit(1755069837.696:116): pid=15178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3930" name="file1" dev="loop4" ino=10 res=0 errno=0
[  343.003350][T11557] bio_check_eod: 104 callbacks suppressed
[  343.003364][T11557] syz-executor: attempt to access beyond end of device
[  343.003364][T11557] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  343.018895][T11557] CPU: 0 UID: 0 PID: 11557 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  343.018909][T11557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  343.018915][T11557] Call Trace:
[  343.018918][T11557]  <TASK>
[  343.018924][T11557]  dump_stack_lvl+0x189/0x250
[  343.018943][T11557]  ? __pfx_dump_stack_lvl+0x10/0x10
[  343.018953][T11557]  ? __pfx_queue_work_on+0x10/0x10
[  343.018963][T11557]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  343.018974][T11557]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  343.018987][T11557]  f2fs_handle_critical_error+0x37c/0x540
[  343.019004][T11557]  f2fs_write_end_io+0x886/0xb60
[  343.019025][T11557]  __submit_merged_bio+0x27a/0x6a0
[  343.019037][T11557]  __submit_merged_write_cond+0x255/0x530
[  343.019050][T11557]  f2fs_write_data_pages+0x261d/0x3000
[  343.019076][T11557]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  343.019112][T11557]  ? folios_put_refs+0x559/0x640
[  343.019128][T11557]  ? __lock_acquire+0xab9/0xd20
[  343.019147][T11557]  ? do_raw_spin_lock+0x121/0x290
[  343.019162][T11557]  ? do_raw_spin_unlock+0x4d/0x240
[  343.019171][T11557]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  343.019181][T11557]  do_writepages+0x32e/0x550
[  343.019198][T11557]  ? do_raw_spin_unlock+0x4d/0x240
[  343.019209][T11557]  filemap_fdatawrite+0x199/0x240
[  343.019220][T11557]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  343.019251][T11557]  ? do_raw_spin_unlock+0x4d/0x240
[  343.019262][T11557]  f2fs_sync_dirty_inodes+0x31f/0x830
[  343.019309][T11557]  f2fs_write_checkpoint+0x95a/0x1df0
[  343.019330][T11557]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  343.019359][T11557]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  343.019370][T11557]  ? kfree+0x18e/0x440
[  343.019386][T11557]  ? kill_f2fs_super+0x298/0x6c0
[  343.019400][T11557]  kill_f2fs_super+0x2c3/0x6c0
[  343.019413][T11557]  ? __pfx_kill_f2fs_super+0x10/0x10
[  343.019423][T11557]  ? radix_tree_delete_item+0x2b6/0x400
[  343.019436][T11557]  ? shrinker_free+0x2ce/0x3e0
[  343.019446][T11557]  deactivate_locked_super+0xbc/0x130
[  343.019457][T11557]  cleanup_mnt+0x425/0x4c0
[  343.019467][T11557]  ? lockdep_hardirqs_on+0x9c/0x150
[  343.019478][T11557]  task_work_run+0x1d4/0x260
[  343.019491][T11557]  ? __pfx_task_work_run+0x10/0x10
[  343.019500][T11557]  ? __x64_sys_umount+0x122/0x160
[  343.019512][T11557]  ? exit_to_user_mode_loop+0x40/0x110
[  343.019526][T11557]  exit_to_user_mode_loop+0xec/0x110
[  343.019536][T11557]  do_syscall_64+0x2bd/0x3b0
[  343.019546][T11557]  ? lockdep_hardirqs_on+0x9c/0x150
[  343.019554][T11557]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.019563][T11557]  ? exc_page_fault+0x9f/0xf0
[  343.019573][T11557]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  343.019581][T11557] RIP: 0033:0x7f4a4598ff17
[  343.019590][T11557] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  343.019597][T11557] RSP: 002b:00007ffd08132d18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  343.019607][T11557] RAX: 0000000000000000 RBX: 00007f4a45a11c05 RCX: 00007f4a4598ff17
[  343.019612][T11557] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd08132dd0
[  343.019617][T11557] RBP: 00007ffd08132dd0 R08: 0000000000000000 R09: 0000000000000000
[  343.019622][T11557] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd08133e60
[  343.019627][T11557] R13: 00007f4a45a11c05 R14: 0000000000053b60 R15: 00007ffd08133ea0
[  343.019641][T11557]  </TASK>
[  343.019644][T11557] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  343.192844][T15187] loop0: detected capacity change from 0 to 32768
[  343.203468][T15187] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  343.210665][T15187] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  343.243634][T15187] XFS (loop0): Ending clean mount
[  343.276504][ T5849] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  343.302372][T15200] loop4: detected capacity change from 0 to 512
[  343.305759][T15200] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  343.333528][T15200] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  343.339578][T15200] ext4 filesystem being mounted at /473/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  343.411414][T11557] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  343.435205][   T33] audit: type=1326 audit(1755069838.156:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15206 comm="syz.0.3935" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a498ebe9 code=0x7ffc0000
[  343.454775][   T33] audit: type=1326 audit(1755069838.156:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15206 comm="syz.0.3935" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a498ebe9 code=0x7ffc0000
[  343.463718][   T33] audit: type=1326 audit(1755069838.166:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15206 comm="syz.0.3935" exe="/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7fd7a498ebe9 code=0x7ffc0000
[  343.482689][   T33] audit: type=1326 audit(1755069838.166:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15206 comm="syz.0.3935" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd7a498ebe9 code=0x7ffc0000
[  343.670538][T15222] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3943'.
[  344.063785][T15223] loop0: detected capacity change from 0 to 32768
[  344.068627][T15223] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3939 (15223)
[  344.074159][T15223] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  344.077953][T15223] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  344.080845][T15223] BTRFS info (device loop0): using free-space-tree
[  344.139840][T15242] overlayfs: failed to clone upperpath
[  344.480380][ T5849] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  344.709637][T15249] loop4: detected capacity change from 0 to 32768
[  344.722946][T15249] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3948 (15249)
[  344.747178][T15249] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  344.760727][T15249] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  344.763673][T15249] BTRFS info (device loop4): using free-space-tree
[  344.951998][T11557] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  345.936739][T15304] loop0: detected capacity change from 0 to 32768
[  345.940309][T15304] BTRFS warning: excessive commit interval 2147483647, use with care
[  345.946260][T15304] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3965 (15304)
[  345.956988][T15304] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  345.961137][T15304] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  345.964744][T15304] BTRFS info (device loop0): disk space caching is enabled
[  345.970144][T15304] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  346.010156][   T33] audit: type=1326 audit(1755069840.726:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15333 comm="syz.4.3973" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  346.021977][   T33] audit: type=1326 audit(1755069840.726:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15333 comm="syz.4.3973" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  346.032128][   T33] audit: type=1326 audit(1755069840.726:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15333 comm="syz.4.3973" exe="/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  346.049095][T15304] BTRFS info (device loop0): rebuilding free space tree
[  346.062808][   T33] audit: type=1326 audit(1755069840.746:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15333 comm="syz.4.3973" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  346.081023][T15304] BTRFS info (device loop0): disabling free space tree
[  346.084025][T15304] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  346.090620][T15304] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  346.137370][ T5849] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  346.963093][T15372] overlayfs: failed to clone upperpath
[  347.064827][ T5313] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  347.101992][T15386] netlink: 'syz.2.3997': attribute type 8 has an invalid length.
[  347.183422][T15382] loop4: detected capacity change from 0 to 32768
[  347.190370][T15382] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3995 (15382)
[  347.195006][T15392] No source specified
[  347.198962][T15382] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  347.203051][T15382] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  347.209739][T15382] BTRFS info (device loop4): using free-space-tree
[  347.215043][ T5313] usb 1-1: Using ep0 maxpacket: 8
[  347.222243][ T5313] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  347.233715][ T5313] usb 1-1: New USB device found, idVendor=22b8, idProduct=6425, bcdDevice=d3.6c
[  347.238177][ T5313] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.241582][ T5313] usb 1-1: Product: syz
[  347.243309][ T5313] usb 1-1: Manufacturer: syz
[  347.245585][ T5313] usb 1-1: SerialNumber: syz
[  347.250245][ T5313] usb 1-1: config 0 descriptor??
[  347.255279][ T5313] cdc_ether 1-1:0.0: skipping garbage
[  347.257476][ T5313] usb 1-1: bad CDC descriptors
[  347.260381][ T5313] usb 1-1: unsupported MDLM descriptors
[  347.263428][ T5313] cdc_acm 1-1:0.0: skipping garbage
[  347.277838][T15382] BTRFS info (device loop4): rebuilding free space tree
[  347.427708][T11557] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  347.478048][ T5313] usb 1-1: USB disconnect, device number 41
[  347.605467][T15421] netlink: 56 bytes leftover after parsing attributes in process `syz.4.4003'.
[  347.894744][   T51] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  348.031074][T15425] loop0: detected capacity change from 0 to 512
[  348.042291][T15425] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  348.045789][   T51] usb 5-1: Using ep0 maxpacket: 32
[  348.048156][T15425] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  348.062069][   T51] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  348.062336][T15425] EXT4-fs (loop0): 1 truncate cleaned up
[  348.067729][   T51] usb 5-1: config 0 has no interface number 0
[  348.070528][   T51] usb 5-1: config 0 interface 184 has no altsetting 0
[  348.071723][T15425] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  348.076735][   T51] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  348.081322][   T51] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.086013][   T51] usb 5-1: Product: syz
[  348.087760][   T51] usb 5-1: Manufacturer: syz
[  348.089636][   T51] usb 5-1: SerialNumber: syz
[  348.105066][   T51] usb 5-1: config 0 descriptor??
[  348.109813][   T51] smsc75xx v1.0.0
[  348.122437][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.352129][T15431] loop0: detected capacity change from 0 to 32768
[  348.355391][T15431] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4010 (15431)
[  348.363108][T15431] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  348.368843][T15431] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  348.371814][T15431] BTRFS info (device loop0): using free-space-tree
[  348.491900][T15431] BTRFS error (device loop0): target device  is invalid!
[  348.530039][ T5849] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  348.928736][T15450] loop0: detected capacity change from 0 to 32768
[  348.933692][T15450] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section
[  348.933692][T15450] clean (size 2912):
[  348.933692][T15450] flags:          1b70000
[  348.933692][T15450] journal_seq:    65535
[  348.933692][T15450] usage: type=inodes v=8
[  348.933692][T15450] usage: type=key_version v=0
[  348.933692][T15450] usage: type=reserved v=0
[  348.933692][T15450] usage: type=reserved v=0
[  348.933692][T15450] usage: type=reserved v=0
[  348.933692][T15450] usage: type=reserved v=0
[  348.933692][T15450] data_usage: btree: 1/1 [0]=2816
[  348.933692][T15450] data_usage: journal: 1/1 [0]=0
[  348.933692][T15450] data_usage: user: 1/1 [0]=16
[  348.933692][T15450] dev_usage: dev=0  
[  348.933692][T15450]   free: buckets=83 sectors=0 fragmented=0
[  348.933692][T15450]   sb: buckets=25 sectors=6152 fragmented=248
[  348.933692][T15450]   journal: buckets=8 sectors=2048 fragmented=0
[  348.933692][T15450]   btree: buckets=11 sectors=2816 fragmented=0
[  348.933692][T15450]   user: buckets=1 sectors=16 fragmented=240
[  348.933692][T15450]   cached: buckets=0 sectors=0 fragmented=13565952
[  348.933692][T15450]   parity: buckets=0 sectors=0 fragmented=0
[  348.933692][T15450]   stripe: buckets=0 sectors=0 fragmented=0
[  348.933692][T15450]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  348.933692][T15450]   need_discard: buckets=0 sectors=0 fragmented=0
[  348.933692][T15450] clock: read=0
[  348.933692][T15450] clock: write=1280
[  348.933692][T15450] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len
[  348.933928][T15450] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  349.208410][   T51] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[  349.374593][ T5313] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  349.413214][   T51] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  349.420479][   T51] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  349.427505][   T51] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  349.431611][   T51] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  349.446463][   T51] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  349.457265][   T51] usb 5-1: USB disconnect, device number 14
[  349.525065][ T5313] usb 1-1: Using ep0 maxpacket: 32
[  349.529995][ T5313] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  349.534784][ T5313] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  349.540444][ T5313] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  349.544112][ T5313] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  349.547914][ T5313] usb 1-1: Product: syz
[  349.550462][ T5313] usb 1-1: Manufacturer: syz
[  349.558658][ T5313] hub 1-1:4.0: USB hub found
[  349.569228][T15474] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4023'.
[  349.573152][T15474] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4023'.
[  349.761336][ T5313] hub 1-1:4.0: 2 ports detected
[  350.114660][T15481] loop4: detected capacity change from 0 to 32768
[  350.169218][T15481] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  350.169234][T15481]   allowing incompatible features above 0.0: (unknown version)
[  350.169240][T15481]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  350.183620][T15481] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  350.186661][T15481] bcachefs (loop4): initializing new filesystem
[  350.193815][T15481] bcachefs (loop4): going read-write
[  350.206203][T15481] bcachefs (loop4): marking superblocks
[  350.239067][T15481] bcachefs (loop4): initializing freespace
[  350.248012][T15481] bcachefs (loop4): done initializing freespace
[  350.255934][T15481] bcachefs (loop4): reading snapshots table
[  350.257972][T15481] bcachefs (loop4): reading snapshots done
[  350.291652][T15481] bcachefs (loop4): done starting filesystem
[  350.370018][ T5313] usb 1-1: USB disconnect, device number 42
[  350.595793][T11557] bcachefs (loop4): shutting down
[  350.597506][T11557] bcachefs (loop4): going read-only
[  350.599077][T11557] bcachefs (loop4): finished waiting for writes to stop
[  350.605212][T11557] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  350.878357][T11557] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 4
[  350.890130][T11557] bcachefs (loop4): clean shutdown complete, journal seq 5
[  350.893908][T11557] bcachefs (loop4): marking filesystem clean
[  350.912878][T11557] bcachefs (loop4): shutdown complete
[  351.304056][ T5313] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  351.466362][ T5313] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.476720][ T5313] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  351.481856][ T5313] usb 1-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.00
[  351.488913][ T5313] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.498886][ T5313] usb 1-1: config 0 descriptor??
[  351.913503][ T5313] lenovo 0003:17EF:60EE.000E: hidraw0: USB HID v0.00 Device [HID 17ef:60ee] on usb-dummy_hcd.0-1/input0
[  352.111404][ T5313] lenovo 0003:17EF:60EE.000E: Failed to switch middle button: -71
[  352.117933][ T5313] lenovo 0003:17EF:60EE.000E: Fn-lock setting failed: -71
[  352.123112][ T5313] lenovo 0003:17EF:60EE.000E: Sensitivity setting failed: -71
[  352.138939][ T5313] usb 1-1: USB disconnect, device number 43
[  352.293640][T15529] loop4: detected capacity change from 0 to 128
[  352.309863][T15529] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  352.319713][T15529] ext4 filesystem being mounted at /505/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  352.371219][T11557] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  352.477788][T15537] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  353.362886][T15574] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.170638][T15616] 9pnet_fd: Insufficient options for proto=fd
[  354.370920][T15618] loop0: detected capacity change from 0 to 32768
[  354.381285][T15618] ERROR: (device loop0): dbAlloc: the hint is outside the map
[  354.381285][T15618] 
[  354.387896][T15618] ialloc: diAlloc returned -5!
[  354.501429][T15595] orangefs_mount: mount request failed with -4
[  355.082323][T15647] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4093'.
[  355.380248][T15658] mac80211_hwsim hwsim3 wlan1: entered promiscuous mode
[  355.384507][T15658] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode
[  355.481708][T15664] 9pnet_fd: Insufficient options for proto=fd
[  355.550143][T15670] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  355.558891][T15669] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4103'.
[  355.814886][   T51] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  356.013402][   T51] usb 1-1: Using ep0 maxpacket: 16
[  356.045132][   T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  356.059269][   T51] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  356.075206][   T51] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.101368][   T51] usb 1-1: config 0 descriptor??
[  356.522105][   T51] hid-multitouch 0003:1FD2:6007.000F: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0
[  356.717589][ T5917] usb 1-1: USB disconnect, device number 44
[  357.001153][   T33] kauditd_printk_skb: 29 callbacks suppressed
[  357.001165][   T33] audit: type=1326 audit(1755069851.718:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15735 comm="syz.4.4133" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  357.013076][   T33] audit: type=1326 audit(1755069851.728:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15735 comm="syz.4.4133" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  357.020355][   T33] audit: type=1326 audit(1755069851.728:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15735 comm="syz.4.4133" exe="/syz-executor" sig=0 arch=c000003e syscall=450 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  357.086765][T15737] overlayfs: failed to clone upperpath
[  357.237941][   T33] audit: type=1326 audit(1755069851.728:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15735 comm="syz.4.4133" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  357.244932][   T33] audit: type=1326 audit(1755069851.728:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15735 comm="syz.4.4133" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4598ebe9 code=0x7ffc0000
[  357.409556][T15747] ip6gre1: entered allmulticast mode
[  357.552405][T15749] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.570061][T15749] batman_adv: batadv0: Interface deactivated: dummy0
[  357.573124][T15754] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4141'.
[  357.576924][T15754] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4141'.
[  357.580458][T15754] netlink: 'syz.0.4141': attribute type 7 has an invalid length.
[  357.660916][T15749] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  357.671437][T15749] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  357.869018][ T5883] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  357.880558][ T5883] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  357.884596][ T5883] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  357.888500][ T5883] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  357.961306][T15764] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4145'.
[  359.301994][T15809] overlayfs: failed to clone upperpath
[  359.829605][T15813] ip6tnl2: entered promiscuous mode
[  360.023802][T15827] netlink: 'syz.2.4170': attribute type 12 has an invalid length.
[  360.027134][T15827] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4170'.
[  362.329994][T15878] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  362.523080][T15885] overlayfs: failed to resolve './file1': -2
[  362.595285][T15900] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4206'.
[  362.881001][T15907] loop0: detected capacity change from 0 to 40427
[  362.888206][T15907] F2FS-fs (loop0): invalid crc value
[  362.926330][T15907] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  362.930075][T15907] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  362.981064][ T5849] syz-executor: attempt to access beyond end of device
[  362.981064][ T5849] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  362.987805][ T5849] CPU: 0 UID: 0 PID: 5849 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  362.987828][ T5849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  362.987858][ T5849] Call Trace:
[  362.987862][ T5849]  <TASK>
[  362.987866][ T5849]  dump_stack_lvl+0x189/0x250
[  362.987883][ T5849]  ? __pfx_dump_stack_lvl+0x10/0x10
[  362.987893][ T5849]  ? __pfx_queue_work_on+0x10/0x10
[  362.987901][ T5849]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  362.987911][ T5849]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  362.987926][ T5849]  f2fs_handle_critical_error+0x37c/0x540
[  362.987941][ T5849]  f2fs_write_end_io+0x886/0xb60
[  362.987962][ T5849]  __submit_merged_bio+0x27a/0x6a0
[  362.987975][ T5849]  __submit_merged_write_cond+0x255/0x530
[  362.987988][ T5849]  f2fs_write_data_pages+0x261d/0x3000
[  362.988017][ T5849]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  362.988036][ T5849]  ? is_bpf_text_address+0x26/0x2b0
[  362.988062][ T5849]  ? kernel_text_address+0xa5/0xe0
[  362.988073][ T5849]  ? __kernel_text_address+0xd/0x40
[  362.988084][ T5849]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  362.988102][ T5849]  ? stack_trace_save+0x9c/0xe0
[  362.988116][ T5849]  ? __lock_acquire+0xab9/0xd20
[  362.988136][ T5849]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  362.988148][ T5849]  do_writepages+0x32e/0x550
[  362.988165][ T5849]  ? do_raw_spin_unlock+0x4d/0x240
[  362.988177][ T5849]  filemap_fdatawrite+0x199/0x240
[  362.988189][ T5849]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  362.988224][ T5849]  ? do_raw_spin_unlock+0x4d/0x240
[  362.988235][ T5849]  f2fs_sync_dirty_inodes+0x31f/0x830
[  362.988255][ T5849]  f2fs_write_checkpoint+0x95a/0x1df0
[  362.988278][ T5849]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  362.988314][ T5849]  ? kill_f2fs_super+0x298/0x6c0
[  362.988328][ T5849]  kill_f2fs_super+0x2c3/0x6c0
[  362.988342][ T5849]  ? __pfx_kill_f2fs_super+0x10/0x10
[  362.988352][ T5849]  ? radix_tree_delete_item+0x2b6/0x400
[  362.988365][ T5849]  ? shrinker_free+0x2ce/0x3e0
[  362.988376][ T5849]  deactivate_locked_super+0xbc/0x130
[  362.988387][ T5849]  cleanup_mnt+0x425/0x4c0
[  362.988396][ T5849]  ? lockdep_hardirqs_on+0x9c/0x150
[  362.988407][ T5849]  task_work_run+0x1d4/0x260
[  362.988419][ T5849]  ? __pfx_task_work_run+0x10/0x10
[  362.988427][ T5849]  ? __x64_sys_umount+0x122/0x160
[  362.988440][ T5849]  ? exit_to_user_mode_loop+0x40/0x110
[  362.988453][ T5849]  exit_to_user_mode_loop+0xec/0x110
[  362.988464][ T5849]  do_syscall_64+0x2bd/0x3b0
[  362.988473][ T5849]  ? lockdep_hardirqs_on+0x9c/0x150
[  362.988482][ T5849]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.988489][ T5849]  ? exc_page_fault+0x9f/0xf0
[  362.988500][ T5849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  362.988507][ T5849] RIP: 0033:0x7fd7a498ff17
[  362.988516][ T5849] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  362.988524][ T5849] RSP: 002b:00007ffe5f0b0d58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  362.988533][ T5849] RAX: 0000000000000000 RBX: 00007fd7a4a11c05 RCX: 00007fd7a498ff17
[  362.988538][ T5849] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe5f0b0e10
[  362.988542][ T5849] RBP: 00007ffe5f0b0e10 R08: 0000000000000000 R09: 0000000000000000
[  362.988547][ T5849] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe5f0b1ea0
[  362.988552][ T5849] R13: 00007fd7a4a11c05 R14: 0000000000058968 R15: 00007ffe5f0b1ee0
[  362.988567][ T5849]  </TASK>
[  362.988570][ T5849] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  363.107495][ T5849] syz-executor: attempt to access beyond end of device
[  363.107495][ T5849] loop0: rw=2051, sector=36920, nr_sectors = 8144 limit=40427
[  363.114175][ T5849] syz-executor: attempt to access beyond end of device
[  363.114175][ T5849] loop0: rw=2051, sector=45104, nr_sectors = 85968 limit=40427
[  363.131186][ T5849] F2FS-fs (loop0): Issue discard(4615, 4615, 1018) failed, ret: -5
[  363.136616][ T5849] F2FS-fs (loop0): Issue discard(5638, 5638, 10746) failed, ret: -5
[  363.406272][T15932] loop0: detected capacity change from 0 to 128
[  363.415477][T15932] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  363.420681][T15932] ext4 filesystem being mounted at /1085/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  363.455600][ T5849] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  363.812046][ T5917] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  364.012071][ T5917] usb 1-1: Using ep0 maxpacket: 8
[  364.030727][ T5917] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  364.039617][ T5917] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  364.065569][ T5917] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  364.073636][ T5917] usb 1-1: config 1 interface 0 has no altsetting 1
[  364.079357][ T5917] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  364.083272][ T5917] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.086611][ T5917] usb 1-1: Product: syz
[  364.088371][ T5917] usb 1-1: Manufacturer: syz
[  364.091304][ T5917] usb 1-1: SerialNumber: syz
[  364.105488][ T5917] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22
[  364.161307][T15946] netlink: 52 bytes leftover after parsing attributes in process `syz.4.4224'.
[  364.307458][ T5313] usb 1-1: USB disconnect, device number 45
[  364.716703][T15966] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4233'.
[  364.725619][T15966] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4233'.
[  364.779581][T15970] netlink: 24 bytes leftover after parsing attributes in process `syz.4.4235'.
[  365.040817][ T5853] Bluetooth: hci2: command 0x0406 tx timeout
[  365.444421][T15988] netlink: 'syz.0.4242': attribute type 3 has an invalid length.
[  365.450059][T15988] netlink: 'syz.0.4242': attribute type 1 has an invalid length.
[  365.466058][T15988] netlink: 192 bytes leftover after parsing attributes in process `syz.0.4242'.
[  365.474230][T15988] NCSI netlink: No device for ifindex 0
[  365.669136][T16001] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4248'.
[  366.233781][T16040] tmpfs: Bad value for 'mpol'
[  366.663094][T16056] loop0: detected capacity change from 0 to 8192
[  367.711009][T16102] loop0: detected capacity change from 0 to 256
[  367.733574][T16102] FAT-fs (loop0): Directory bread(block 64) failed
[  367.736437][T16102] FAT-fs (loop0): Directory bread(block 65) failed
[  367.739270][T16102] FAT-fs (loop0): Directory bread(block 66) failed
[  367.742288][T16102] FAT-fs (loop0): Directory bread(block 67) failed
[  367.745147][T16102] FAT-fs (loop0): Directory bread(block 68) failed
[  367.748018][T16102] FAT-fs (loop0): Directory bread(block 69) failed
[  367.750842][T16102] FAT-fs (loop0): Directory bread(block 70) failed
[  367.753810][T16102] FAT-fs (loop0): Directory bread(block 71) failed
[  367.756713][T16102] FAT-fs (loop0): Directory bread(block 72) failed
[  367.759448][T16102] FAT-fs (loop0): Directory bread(block 73) failed
[  367.838821][T16104] loop0: detected capacity change from 0 to 2048
[  367.857977][T16104] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  367.932599][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.180233][T16116] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.4301'.
[  368.295911][T16117] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  368.329893][T16117] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  370.120795][ T5917] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  370.273718][ T5917] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  370.278141][ T5917] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  370.286224][ T5917] usb 1-1: New USB device found, idVendor=16c0, idProduct=75e1, bcdDevice= 0.00
[  370.289931][ T5917] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  370.295348][ T5917] usb 1-1: config 0 descriptor??
[  370.303701][ T5917] usbhid 1-1:0.0: can't add hid device: -22
[  370.306030][ T5917] usbhid 1-1:0.0: probe with driver usbhid failed with error -22
[  370.509629][ T5917] usb 1-1: USB disconnect, device number 46
[  371.291869][T16242] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[  371.300563][ T5903] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  371.320350][T16244] Option '    ' to dns_resolver key: bad/missing value
[  371.461716][ T5903] usb 1-1: Using ep0 maxpacket: 32
[  371.466193][ T5903] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  371.471175][ T5903] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  371.474801][ T5903] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  371.483023][ T5903] usb 1-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  371.486881][ T5903] usb 1-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  371.490131][ T5903] usb 1-1: Product: syz
[  371.492669][ T5903] usb 1-1: Manufacturer: syz
[  371.494563][ T5903] usb 1-1: SerialNumber: syz
[  371.505908][ T5903] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input22
[  371.710345][ T5903] usb 1-1: USB disconnect, device number 47
[  371.726353][ T5903] appletouch 1-1:1.0: input: appletouch disconnected
[  371.804282][   T33] audit: type=1800 audit(1755069866.521:159): pid=16263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=set_data cause=unavailable-hash-algorithm comm="syz.4.4370" name="/newroot/642/file0" dev="tmpfs" ino=3346 res=0 errno=0
[  372.166030][T16279] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4376'.
[  373.522269][T16334] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4402'.
[  373.536802][T16334] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.653825][T16334] bridge_slave_1 (unregistering): left allmulticast mode
[  373.656248][T16334] bridge_slave_1 (unregistering): left promiscuous mode
[  373.659250][T16334] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.735685][T16342] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4406'.
[  373.835016][T16348] affs: No valid root block on device nullb0
[  374.270069][ T5903] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  374.430818][ T5903] usb 1-1: Using ep0 maxpacket: 8
[  374.437587][ T5903] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  374.442431][ T5903] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.445468][ T5903] usb 1-1: Product: syz
[  374.447235][ T5903] usb 1-1: Manufacturer: syz
[  374.448838][ T5903] usb 1-1: SerialNumber: syz
[  374.453340][ T5903] usb 1-1: config 0 descriptor??
[  374.457281][ T5903] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  374.459827][ T5903] usb 1-1: setting power ON
[  374.463628][ T5903] dvb-usb: bulk message failed: -22 (2/0)
[  374.475073][ T5903] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  374.478401][ T5903] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  374.483999][ T5903] usb 1-1: media controller created
[  374.496882][ T5903] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  374.515261][ T5903] usb 1-1: selecting invalid altsetting 6
[  374.518783][ T5903] usb 1-1: digital interface selection failed (-22)
[  374.524035][ T5903] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  374.529245][ T5903] usb 1-1: setting power OFF
[  374.535121][ T5903] dvb-usb: bulk message failed: -22 (2/0)
[  374.537513][ T5903] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  374.547188][ T5903] (NULL device *): no alternate interface
[  374.570543][ T5903] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  374.665522][ T5917] usb 1-1: USB disconnect, device number 48
[  375.337705][T16413] overlayfs: failed to resolve './cgroup': -2
[  375.663407][T16426] loop0: detected capacity change from 0 to 1024
[  375.943885][  T450] hfsplus: b-tree write err: -5, ino 3
[  375.961385][ T5849] hfsplus: node 4:3 still has 1 user(s)!
[  376.014973][T16431] loop0: detected capacity change from 0 to 64
[  376.436684][T16435] loop0: detected capacity change from 0 to 512
[  376.445168][T16435] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.4448: casefold flag without casefold feature
[  376.450500][T16435] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.4448: couldn't read orphan inode 15 (err -117)
[  376.456749][T16435] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.561298][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  377.357907][T16462] netlink: 'syz.0.4457': attribute type 9 has an invalid length.
[  377.587456][ T1089] wlan1: Creating new IBSS network, BSSID fe:c4:d2:c3:f5:2e
[  377.685269][T16469] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4459'.
[  377.969947][T16466] loop0: detected capacity change from 0 to 32768
[  377.972531][T16466] XFS: ikeep mount option is deprecated.
[  377.992541][T16466] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  378.013270][T16500] netlink: 348 bytes leftover after parsing attributes in process `syz.2.4470'.
[  378.045426][T16466] XFS (loop0): Ending clean mount
[  378.048578][T16466] XFS (loop0): Quotacheck needed: Please wait.
[  378.132647][T16466] XFS (loop0): Quotacheck: Done.
[  378.166603][ T5849] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  378.293875][ T1365] ieee802154 phy0 wpan0: encryption failed: -22
[  378.296432][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  378.683539][T16515] loop0: detected capacity change from 0 to 32768
[  378.692528][T16515] (syz.0.4476,16515,1):ocfs2_get_clusters:616 ERROR: status = -34
[  378.695293][T16515] (syz.0.4476,16515,1):ocfs2_extent_map_get_blocks:681 ERROR: status = -34
[  378.698504][T16515] (syz.0.4476,16515,1):ocfs2_map_slot_buffers:378 ERROR: status = -34
[  378.703682][T16515] (syz.0.4476,16515,1):ocfs2_init_slot_info:426 ERROR: status = -34
[  378.706252][T16515] (syz.0.4476,16515,1):ocfs2_initialize_super:2222 ERROR: status = -34
[  378.709055][T16515] (syz.0.4476,16515,1):ocfs2_fill_super:1177 ERROR: status = -34
[  379.058929][T16557] netlink: 277 bytes leftover after parsing attributes in process `syz.4.4497'.
[  379.108447][T16563] netlink: 'syz.4.4500': attribute type 1 has an invalid length.
[  379.113815][T16563] netlink: 'syz.4.4500': attribute type 4 has an invalid length.
[  379.116376][T16563] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.4500'.
[  379.128991][T16565] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4501'.
[  379.309921][T16567] loop0: detected capacity change from 0 to 32768
[  379.379407][T16567] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,reconstruct_alloc,no_data_io
[  379.379426][T16567]   allowing incompatible features above 0.0: (unknown version)
[  379.379431][T16567]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  379.396479][T16567] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  379.401288][T16567] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  379.404042][T16567] bcachefs (loop0): Version upgrade required:
[  379.404042][T16567] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  379.404042][T16567] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  379.404042][T16567]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  379.438294][T16567] bcachefs (loop0): dropping and reconstructing all alloc info
[  379.460322][T16567] bcachefs (loop0): accounting_read... done
[  379.466502][T16567] bcachefs (loop0): alloc_read... done
[  379.469522][T16567] bcachefs (loop0): snapshots_read... done
[  379.471873][T16567] bcachefs (loop0): check_allocations... done
[  379.495227][T16567] bcachefs (loop0): going read-write
[  379.497398][T16567] bcachefs (loop0): insufficient writeable journal devices available: have 0, need 1
[  379.497398][T16567] rw journal devs:
[  379.516624][T16567] bcachefs (loop0): done starting filesystem
[  379.651097][ T5849] bcachefs (loop0): shutting down
[  379.653720][ T5849] bcachefs (loop0): going read-only
[  379.656116][ T5849] bcachefs (loop0): finished waiting for writes to stop
[  379.664164][ T5849] bcachefs (loop0): flushing journal and stopping allocators, journal seq 10
[  379.672457][ T5849] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 10
[  379.679942][ T5849] bcachefs (loop0): unclean shutdown complete, journal seq 10
[  379.702348][ T5849] bcachefs (loop0): done going read-only, filesystem not clean
[  379.728319][ T5849] bcachefs (loop0): shutdown complete
[  380.262015][T16630] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4524'.
[  380.440864][   T33] audit: type=1326 audit(1755069875.172:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16639 comm="syz.4.4529" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4a4598ebe9 code=0x0
[  381.062121][T16655] loop0: detected capacity change from 0 to 256
[  381.064861][T16655] exfat: Deprecated parameter 'utf8'
[  381.076878][T16655] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  381.152937][T16663] loop0: detected capacity change from 0 to 8
[  381.161461][T16664] netlink: 'syz.2.4537': attribute type 16 has an invalid length.
[  381.164697][T16664] netlink: 'syz.2.4537': attribute type 17 has an invalid length.
[  381.300481][   T51] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  381.773812][   T51] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  381.952439][T16684] bond0: option tlb_dynamic_lb: mode dependency failed, not supported in mode balance-rr(0)
[  382.011528][T16686] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4547'.
[  382.500389][T16718] team_slave_1: entered promiscuous mode
[  382.502775][T16718] batadv2: entered promiscuous mode
[  382.505373][T16718] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  382.508392][T16718] macvlan2: entered promiscuous mode
[  382.511675][T16718] team0: entered promiscuous mode
[  382.514106][T16718] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  382.764318][T16743] netlink: 116 bytes leftover after parsing attributes in process `syz.4.4575'.
[  383.502073][T16734] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  383.504730][T16734] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  383.601953][T16764] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4583'.
[  383.787986][T16774] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4588'.
[  384.159451][T16814] tipc: Cannot configure node identity twice
[  384.616034][T16831] netlink: 104 bytes leftover after parsing attributes in process `syz.4.4615'.
[  384.768364][T16803] Bluetooth: hci2: command 0x0406 tx timeout
[  384.964619][T16838] loop0: detected capacity change from 0 to 2048
[  384.973989][T16838] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  384.987180][T16838] UDF-fs: error (device loop0): udf_rename: failed to find renamed entry again in directory (ino 1376)
[  385.147225][T16846] loop0: detected capacity change from 0 to 256
[  385.173363][T16846] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  385.229576][T16850] 9pnet_fd: Insufficient options for proto=fd
[  385.568152][ T5917] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  385.736186][ T5917] usb 1-1: unable to get BOS descriptor or descriptor too short
[  385.742535][ T5917] usb 1-1: config 5 has an invalid interface number: 58 but max is 0
[  385.748936][ T5917] usb 1-1: config 5 has no interface number 0
[  385.751670][ T5917] usb 1-1: config 5 interface 58 has no altsetting 0
[  385.757372][ T5917] usb 1-1: New USB device found, idVendor=045e, idProduct=0775, bcdDevice= a.af
[  385.764191][ T5917] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  385.766876][ T5917] usb 1-1: Product: syz
[  385.768751][ T5917] usb 1-1: Manufacturer: syz
[  385.770313][ T5917] usb 1-1: SerialNumber: syz
[  385.983275][ T5917] usb 1-1: USB disconnect, device number 49
[  386.848033][ T5858] Bluetooth: hci2: command 0x0406 tx timeout
[  386.871216][T16913] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4652'.
[  386.874887][T16913] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4652'.
[  387.012815][T16920] openvswitch: netlink: Actions may not be safe on all matching packets
[  387.110028][T16926] netlink: 'syz.0.4657': attribute type 4 has an invalid length.
[  388.366938][T16963] loop0: detected capacity change from 0 to 512
[  388.388123][T16963] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  388.395597][T16963] EXT4-fs (loop0): invalid journal inode
[  388.401051][T16963] EXT4-fs (loop0): can't get journal size
[  388.412754][T16963] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002]
[  388.416341][T16963] System zones: 1-12, 13-13
[  388.422781][T16963] EXT4-fs (loop0): orphan cleanup on readonly fs
[  388.425914][T16963] EXT4-fs (loop0): 1 truncate cleaned up
[  388.430350][T16963] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  388.460609][ T5849] EXT4-fs error (device loop0): __ext4_iget:5464: inode #11: block 1828716567: comm syz-executor: invalid block
[  388.473763][ T5849] EXT4-fs error (device loop0): __ext4_iget:5464: inode #11: block 1828716567: comm syz-executor: invalid block
[  388.726322][T16979] IPVS: length: 24 != 3277873272
[  388.751098][T12825] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.888426][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  388.893145][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.927730][ T5858] Bluetooth: hci2: command 0x0406 tx timeout
[  389.292320][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  389.296366][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.384519][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  389.388717][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.472626][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  389.476626][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.696623][   T51] wg1 speed is unknown, defaulting to 1000
[  389.720773][   T51] syz0: Port: 1 Link DOWN
[  390.059110][   T12] bridge_slave_0: left allmulticast mode
[  390.061221][   T12] bridge_slave_0: left promiscuous mode
[  390.063282][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  390.142079][T16803] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  390.169905][T16803] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  390.184151][T16803] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  390.192048][T16803] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  390.205469][T16803] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  390.871108][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  390.876174][   T12] bond0 (unregistering): Released all slaves
[  391.115268][   T12] bond1 (unregistering): Released all slaves
[  391.136693][   T12] bond2 (unregistering): (slave vcan1): Releasing backup interface
[  391.145118][   T12] bond2 (unregistering): Released all slaves
[  391.161153][T16998] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4687'.
[  391.205842][T16999] wg1 speed is unknown, defaulting to 1000
[  391.291667][   T12] tipc: Disabling bearer <eth:team0>
[  391.303366][   T12] tipc: Left network mode
[  391.599481][T17032] tmpfs: Bad value for 'mpol'
[  391.658433][T16999] chnl_net:caif_netlink_parms(): no params data found
[  391.800762][   T12] hsr_slave_0: left promiscuous mode
[  391.806668][   T12] hsr_slave_1: left promiscuous mode
[  391.812712][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  391.815867][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  391.823350][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  391.826404][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  391.865700][   T12] veth1_macvtap: left promiscuous mode
[  391.868398][   T12] veth0_macvtap: left promiscuous mode
[  391.871934][   T12] veth1_vlan: left promiscuous mode
[  391.874364][   T12] veth0_vlan: left promiscuous mode
[  392.153812][T17043] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4705'.
[  392.161703][T17043] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4705'.
[  392.165437][T17043] netlink: 50 bytes leftover after parsing attributes in process `syz.4.4705'.
[  392.287457][ T5858] Bluetooth: hci0: command tx timeout
[  392.633098][   T12] team0 (unregistering): Port device team_slave_1 removed
[  392.688214][   T12] team0 (unregistering): Port device C removed
[  393.294845][T17052] netlink: 'syz.4.4709': attribute type 2 has an invalid length.
[  393.300514][T16999] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.302794][T16999] bridge0: port 1(bridge_slave_0) entered disabled state
[  393.305017][T16999] bridge_slave_0: entered allmulticast mode
[  393.312896][T16999] bridge_slave_0: entered promiscuous mode
[  393.322884][T16999] bridge0: port 2(bridge_slave_1) entered blocking state
[  393.326867][T16999] bridge0: port 2(bridge_slave_1) entered disabled state
[  393.329258][T16999] bridge_slave_1: entered allmulticast mode
[  393.332024][T16999] bridge_slave_1: entered promiscuous mode
[  393.362574][T16999] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  393.370994][T16999] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  393.414973][T16999] team0: Port device team_slave_0 added
[  393.423067][T16999] team0: Port device team_slave_1 added
[  393.455316][T16999] batman_adv: batadv0: Adding interface: batadv_slave_0
[  393.459453][T16999] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  393.483808][T16999] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  393.501879][T16999] batman_adv: batadv0: Adding interface: batadv_slave_1
[  393.504085][T16999] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  393.513454][T16999] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  393.601530][T16999] hsr_slave_0: entered promiscuous mode
[  393.604364][T16999] hsr_slave_1: entered promiscuous mode
[  393.626364][   T12] ------------[ cut here ]------------
[  393.628464][   T12] WARNING: CPU: 0 PID: 12 at net/ipv6/xfrm6_tunnel.c:341 xfrm6_tunnel_net_exit+0x81/0x100
[  393.632253][   T12] Modules linked in:
[  393.634353][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  393.639495][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  393.642561][   T12] Workqueue: netns cleanup_net
[  393.644167][   T12] RIP: 0010:xfrm6_tunnel_net_exit+0x81/0x100
[  393.646269][   T12] Code: 25 41 e0 f7 4b 83 3c 2c 00 75 19 e8 29 d6 7c f7 49 81 fd f8 07 00 00 74 1d e8 1b d6 7c f7 49 83 c5 08 eb c9 e8 10 d6 7c f7 90 <0f> 0b 90 49 81 fd f8 07 00 00 75 e3 48 81 c3 00 08 00 00 45 31 f6
[  393.654242][   T12] RSP: 0018:ffffc900000f78b0 EFLAGS: 00010293
[  393.656185][   T12] RAX: ffffffff8a42d5a0 RBX: ffff888109d20000 RCX: ffff88801c685640
[  393.658910][   T12] RDX: 0000000000000000 RSI: ffffffff8d9b4408 RDI: ffff888109d20000
[  393.661387][   T12] RBP: ffffc900000f79b0 R08: ffffffff8fa34237 R09: 1ffffffff1f46846
[  393.663869][   T12] R10: dffffc0000000000 R11: fffffbfff1f46847 R12: ffff888109d20000
[  393.666471][   T12] R13: 0000000000000000 R14: ffff88810d5e0000 R15: dffffc0000000000
[  393.669388][   T12] FS:  0000000000000000(0000) GS:ffff8880b8624000(0000) knlGS:0000000000000000
[  393.673040][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  393.675649][   T12] CR2: 000020000040011c CR3: 0000000032b0c000 CR4: 00000000000006f0
[  393.678270][   T12] Call Trace:
[  393.679349][   T12]  <TASK>
[  393.680401][   T12]  ops_undo_list+0x49a/0x990
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  393.682296][   T12]  ? __pfx_ops_undo_list+0x10/0x10
[  393.684613][   T12]  ? do_raw_spin_unlock+0x4d/0x240
[  393.686820][   T12]  cleanup_net+0x4c5/0x800
[  393.688602][   T12]  ? __pfx_cleanup_net+0x10/0x10
[  393.690834][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  393.692952][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  393.695202][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  393.697612][   T12]  process_scheduled_works+0xae1/0x17b0
[  393.700186][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  393.702786][   T12]  worker_thread+0x8a0/0xda0
[  393.704527][   T12]  kthread+0x711/0x8a0
[  393.705869][   T12]  ? __pfx_worker_thread+0x10/0x10
[  393.707603][   T12]  ? __pfx_kthread+0x10/0x10
[  393.709167][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  393.710950][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[  393.713061][   T12]  ? __pfx_kthread+0x10/0x10
[  393.715199][   T12]  ret_from_fork+0x3fc/0x770
[  393.717274][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  393.719423][   T12]  ? __switch_to_asm+0x39/0x70
[  393.721197][   T12]  ? __switch_to_asm+0x33/0x70
[  393.723288][   T12]  ? __pfx_kthread+0x10/0x10
[  393.725258][   T12]  ret_from_fork_asm+0x1a/0x30
[  393.727338][   T12]  </TASK>
[  393.728658][   T12] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  393.731571][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  393.736202][   T12] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  393.740151][   T12] Workqueue: netns cleanup_net
[  393.742055][   T12] Call Trace:
[  393.743340][   T12]  <TASK>
[  393.744546][   T12]  dump_stack_lvl+0x99/0x250
[  393.746388][   T12]  ? __asan_memcpy+0x40/0x70
[  393.748213][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[  393.750046][   T12]  ? __pfx__printk+0x10/0x10
[  393.751475][   T12]  vpanic+0x281/0x750
[  393.752699][   T12]  ? __pfx__printk+0x10/0x10
[  393.754097][   T12]  ? __pfx_vpanic+0x10/0x10
[  393.755541][   T12]  ? is_bpf_text_address+0x292/0x2b0
[  393.757212][   T12]  panic+0xb9/0xc0
[  393.758359][   T12]  ? __pfx_panic+0x10/0x10
[  393.759839][   T12]  __warn+0x31b/0x4b0
[  393.761161][   T12]  ? xfrm6_tunnel_net_exit+0x81/0x100
[  393.762940][   T12]  ? xfrm6_tunnel_net_exit+0x81/0x100
[  393.764682][   T12]  report_bug+0x2be/0x4f0
[  393.766099][   T12]  ? xfrm6_tunnel_net_exit+0x81/0x100
[  393.767788][   T12]  ? xfrm6_tunnel_net_exit+0x81/0x100
[  393.769447][   T12]  ? xfrm6_tunnel_net_exit+0x83/0x100
[  393.771146][   T12]  handle_bug+0x84/0x160
[  393.772838][   T12]  exc_invalid_op+0x1a/0x50
[  393.774247][   T12]  asm_exc_invalid_op+0x1a/0x20
[  393.775812][   T12] RIP: 0010:xfrm6_tunnel_net_exit+0x81/0x100
[  393.777723][   T12] Code: 25 41 e0 f7 4b 83 3c 2c 00 75 19 e8 29 d6 7c f7 49 81 fd f8 07 00 00 74 1d e8 1b d6 7c f7 49 83 c5 08 eb c9 e8 10 d6 7c f7 90 <0f> 0b 90 49 81 fd f8 07 00 00 75 e3 48 81 c3 00 08 00 00 45 31 f6
[  393.783571][   T12] RSP: 0018:ffffc900000f78b0 EFLAGS: 00010293
[  393.785468][   T12] RAX: ffffffff8a42d5a0 RBX: ffff888109d20000 RCX: ffff88801c685640
[  393.787882][   T12] RDX: 0000000000000000 RSI: ffffffff8d9b4408 RDI: ffff888109d20000
[  393.790499][   T12] RBP: ffffc900000f79b0 R08: ffffffff8fa34237 R09: 1ffffffff1f46846
[  393.793200][   T12] R10: dffffc0000000000 R11: fffffbfff1f46847 R12: ffff888109d20000
[  393.795643][   T12] R13: 0000000000000000 R14: ffff88810d5e0000 R15: dffffc0000000000
[  393.798044][   T12]  ? xfrm6_tunnel_net_exit+0x80/0x100
[  393.800216][   T12]  ops_undo_list+0x49a/0x990
[  393.802096][   T12]  ? __pfx_ops_undo_list+0x10/0x10
[  393.804131][   T12]  ? do_raw_spin_unlock+0x4d/0x240
[  393.806143][   T12]  cleanup_net+0x4c5/0x800
[  393.808007][   T12]  ? __pfx_cleanup_net+0x10/0x10
[  393.809990][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  393.811998][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  393.813839][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[  393.815649][   T12]  process_scheduled_works+0xae1/0x17b0
[  393.817386][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[  393.819680][   T12]  worker_thread+0x8a0/0xda0
[  393.821571][   T12]  kthread+0x711/0x8a0
[  393.823258][   T12]  ? __pfx_worker_thread+0x10/0x10
[  393.825349][   T12]  ? __pfx_kthread+0x10/0x10
[  393.827218][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[  393.829333][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[  393.831445][   T12]  ? __pfx_kthread+0x10/0x10
[  393.832964][   T12]  ret_from_fork+0x3fc/0x770
[  393.834415][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  393.836040][   T12]  ? __switch_to_asm+0x39/0x70
[  393.837551][   T12]  ? __switch_to_asm+0x33/0x70
[  393.839390][   T12]  ? __pfx_kthread+0x10/0x10
[  393.841270][   T12]  ret_from_fork_asm+0x1a/0x30
[  393.843279][   T12]  </TASK>
[  393.845049][   T12] Kernel Offset: disabled
[  393.846465][   T12] Rebooting in 86400 seconds..

VM DIAGNOSIS:
06:29:04  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900000f7050
R8 =ffff888020080237 R9 =1ffff11004010046 R10=dffffc0000000000 R11=ffffffff854e7320
R12=dffffc0000000000 R13=ffffffff99af18e3 R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e739c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000020000040011c CR3=0000000032b0c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f4a45a12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000001bf3 RBX=ffff888136623900 RCX=0000000000000838 RDX=0000000000000000
RSI=0000000000001bf3 RDI=0000000000000838 RBP=0000000000000000 RSP=ffffc900001e0e50
R8 =0000000000000000 R9 =ffffffff81ae029e R10=0000000000000003 R11=ffffffff81703490
R12=0000000010005c46 R13=dffffc0000000000 R14=0000000000001bf3 R15=0000000000000020
RIP=ffffffff81716179 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f4a467e36c0 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f4a3c9bd000 CR3=000000012496e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff81748653 ffffffff81748632
XMM02=00007f80ccd87498 ffffffff81748632 XMM03=00007f80ccd874a8 00007f80ccd874a0
XMM04=00007f80cd8ed100 00007f80ccd87460 XMM05=00007f80ccd87478 00007f80ccd874c0
XMM06=00007f80ccd874b8 00007f80ccd874b0 XMM07=00007f80ccd874a8 00007f80ccd874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f80ccc12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
