last executing test programs:

3.647751832s ago: executing program 0 (id=242):
ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000000)={0x3, 'veth0_vlan\x00', {0x7}, 0x5})
r0 = add_key$keyring(&(0x7f0000000280), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000440)='asymmetric\x00', 0x0, &(0x7f0000000000)="30800201", 0x1001, r0)

3.451925975s ago: executing program 2 (id=244):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
syz_mount_image$hfsplus(&(0x7f00000007c0), &(0x7f0000000180)='./file1\x00', 0x0, &(0x7f0000000a00)=ANY=[], 0x4c, 0x708, &(0x7f0000000c00)="$eJzs3U1sHGcZAOB31uuNN5XcTZq0BSHFakQEDSR2lpIgIREqhHyoUCQuvS6J01heu5HtIidCZAsUjnBCOfRQhMyhJ9QDUhEHRDkjIXFFuUfiHnFg0czOrPfH3vUSx07C80iz883M9/POm5nZ2dlYG8D/rcW3Y7oVSSyef2srXX6wXW8+2K6vFuWIOBYRpYhyZxbJWkTyWcTV6EzxuXRl3l2y1zhvPPz0w3P3P653lsr5lNUvjWq3oz1ihFY+xVxETOXzCZX36u96vDnU372Juk66cacJO1skDo5ae0hrkub7OG+Bp929iKnpXdbXIo5HxEx+HxD51aF0yOEduImucgAAAPA0upo9Ax/pxUfxKLZi9nACAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdDEtlvBib5VCrKc5EUv/9fydelKpUjjne0r4zZ/sHNQwoEAAAAAAAAAJ6IT/Iv7s88ikexFbPF+naSfef/WrZwKnt9Id6LjViK9bgQW9GIzdiM9ViImJ7t6bCy1djcXF8YbvnrSFu22+17ectLEVEbannpEHYaAAAAAAAAAJ5fP4nFmD3qIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoFcSMdWZZdOpolyLUjkiZiKiktZrRfypKD/L/nzUAQAAAMCTV83ns8l/OoV2kn3mfzn73D8T78VabMZybEYzluJG9iyg86m/9PdWvflgu76aTsMdf/tfE8WR9RgRU/H+HiPPZzVOd1ssxnfj+3E+5uJarMdy/DAasRlLMRfVdCeiEUnUqp2nF7Uizt3jvdq3dK1vqRxxZiDWV7NIqnEzlrPYLsT1SnQem2T7kI75as9of6hEDIz4fpqd5Fu5feboRs+/16/y5zK59ov77OPJqGV7Pt3NyHya+zwbJ0bnfsLjZHCkhSh1n0Gd2hklXRwcqcj5DybJ+fF8nub65/05P2gTPkobzMSlKOVHX8TL/Tm//cX7J/sbf/kff7l2q7S2cuvmxvknuEuPY25chemiMJiJek8mXhl99OWZaKaZaBWZaI2NbXpwxcz4/TkMlTwb2aVon1fL72SlRrzWcwi+GzdiKS7HfCzElZiPb8SlqHePsHQ63ZfXcn21PyfZuVYavr5VRwR/9ks9lX4xpvLhSvNyoievvVe6WrYtX3P1lzHfc/SdHH30TfwukI7/+bycjvHT7jvO06A3E9HqXJuL6F4anYnftNPXjebayvqtxu19jncun6en7Qf91+bf7j/qwXf3g5AeLyc7Nw9FTqrF8ZJue6kb7Ym+97JK/o1Lp11paNvp7rZazMZyfG/PM7WS38MN99TZ9krvtn/uXDkr+f1Nsa3vLifejWZ2FzJg7KUagEN2/PXjlerD6t+qH1V/Vr1VfWvmzWNXjn2hEtN/Lf9x6vel35W+mbweH8WPY/aoIwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOfBxp27K41mc2m9W4iZwTWPW6jsOdboQpTG1tl+YX8dRi1i9FhJXqgc7L4/i4VqDKwpfmHpcXv+JCJG1Kk8dvDJxMfYUKE0pk6ahwPJc/HDadma9tQEzctFq93rlGNjJlYaSXmXM+7YzlkQtZVG89/tvubV6DllgOfcxc3V2xc37tz96vJq452ld5bWLl25fOVy/esLX7t4c7m5NN953bXp1KEHCxyojTt3nccAAAAAAAAAAADwjMn/9//m0F8RtNv7+zuH8pg6lfWN3Uc+c9i7CgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyjFt+O6VYksTB/YT5dfrBdb6ZTUd6pWY6IUkQkP4pIPou4Gp0paj3dJXuN88bDTz88d//j+k5f5aJ+aVS7/WnlU8xFxFQ+H+/YLt0M93e9p7/W/xRe0t3DNGFni8TBUftvAAAA///5DvWY")
r1 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r1, 0x6880, 0x0)

3.297913596s ago: executing program 2 (id=245):
r0 = syz_open_dev$usbfs(&(0x7f0000000040), 0x77, 0x101301)
ioctl$USBDEVFS_CONNECTINFO(r0, 0x80045520, &(0x7f0000000000))

3.219225551s ago: executing program 0 (id=246):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x3a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1500000000"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0e000000040000000800000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af0ff00000000bfa20000000000000702000000feffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

3.218917501s ago: executing program 2 (id=247):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x7}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f00000002c0)="428280f46aa1d3f08a90b1e2e0dc", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

3.144841349s ago: executing program 0 (id=248):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x20d6, 0xcb17, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
close(0xffffffffffffffff)
ioctl$USBDEVFS_GETDRIVER(0xffffffffffffffff, 0x41045508, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x7, {[@main=@item_4={0x3, 0x0, 0x8, "505c905e"}, @main=@item_012={0x1, 0x0, 0x0, "ec"}]}}, 0x0}, 0x0)
openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x22002)
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x10810, &(0x7f00000027c0)=ANY=[@ANYRES8=0x0, @ANYRESOCT=0x0, @ANYBLOB="835850937b95f44374162c44566e74fa41f0a28b313f97a9f68319454f7e7c0d3c37cdbeeca8bf114af8f31e2e637af143fe9b3e6e7af3f48152e087701ab266bb0d1fc35ea0ebd15e7cf52aa4365a2ca5e291838f09153c76efc059274b252effacb206089f", @ANYRES8, @ANYRESOCT, @ANYRES64, @ANYBLOB="132a9f652b14782f3459346c81553fbe163d802e0c6a794b91dae006df15e7e75452135bf96775f5f5fb102345b4262b22418af5596178d687cf", @ANYRES64], 0xfd, 0x150f, &(0x7f00000028c0)="$eJzs3Au4TtX2MPAx5pyLbefyJrmvMcfiTS6TJAklySVJkpDcE5IkSZLEJrckJCHXneQeck87bff7JfeknSNJkpCQZH7PVn1O53T+nXP+/T/n++/xe5717Dn2WmOuMd/xvPtdaz3Pfr/uOqx6oxpV6jMz/Dv0rwP8+UcSACQAwEAAyAEAAQCUzVk2Z/r+LBqT/q2TiP8hDWZc6QrElST9z9ik/xmb9D9jk/5nbNL/jE36n7FJ/zM26b8QGdqsfFfLlnE3ef7//zn130mWz/8MAf/RDun//zb6Xzpa+p+xSf8zNul/xib9z8iCK12AuMLk/Z+xSf+FyND+9GfKG85d6Wfasv0LmxBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEII8f/AOX+ZAYBfx1e6LiGEEEIIIYQQQvx5/LtXugIhhBBCCCGEEEL8z0NQoMFAAJkgMyRAFkiEqyArZIPskANicDXkhGsgF1wLuSEP5IV8kB8KQEEIgcACQwSFoDDE4TooAtdDUSgGxaEEOCgJpeAGKA03Qhm4CcrCzVAOboHyUOHSOdPdDpXhDqgCd0JVqAbVoQbcBTXhbqgF90BtuBfqwH1QF+6HevAA1IcG0BAehEbwEDSGJtAUmkFzaAEt/yA/Ocfv5T8PPeAF6Am9IAl6Qx94EfpCP+gPA2AgvASD4GUYDK/AEBgKw+BVGA6vwQh4HUbCKBgNb8AYGAvjYDxMgImQDG/CJHgLJsPbD2WDqTANpsMMmAmz4B2YDXNgLrwL82A+LIDkLItgMSyB92ApvA8p8AEsgw8hFZbDClgJq2A1rIG1sA7WwwbYCJtgM2yBrbANPoLtsAN2wi7YDXtgL3wM++AT2A+fQhp+9i/mn/1tPnRDQECFCg0azISZMAETMBETMStmxeyYHWMYw5yYE3NhLsyNuTEv5sUkzI8FsSASEjIyFsJCGMc4FsEiWBSLYnEsjg4dlsJSWBpvxDJYBstiWSyH5bA8VsAKeCveipWwElbGylgFq2BVrIrVsTrehXfh3VgLa2FtrI11sA7WxbpYD+thfayPDbEhNsJG2BgbY1Nsis2xObbEltgKW2FrbI1tsS22w3bYHttjB+yAHbEjdsJO2Bk7Yxfsgl2xK3bD5/A5fB6fxxfwBeyFVVVv7IN9sC/2xf44AAfgSzgIX8aX8RUcgkNxGL6Kr+JrOALP4EgchaNxNFZSY3EcjkdWEzEZkzEzTMLJOBmn4FScitNxBs7EWTgLZ+McnIPv4jycj/NxIS7ExbgEl+BSfB9TMAWX4VlMxeW4AlfiKlyNq3AtrsO1uAE34gbcjJtxK27Fj/Aj3IE7cBfuwj24Bz/Gj/ET/ASHYBqm4QE8gAfxIB7CQ3gYD+MRPIJH8Sgew2N4HI/jCTyJp/AknsbTeAbP4jkAOI/n8QJewIt4Mf3Nr9IZZVQmlUklqASVqBJVVpVVZVfZVUzFVE6VU+VSuVRulVvlVXlVfpVfFVQFFSlSrCJVSBVScRVXRVQRVVQVVcVVceWUU6VUKVValVZlVBlVVt2syqlbVHlVQbVxt6pbVSXV1lVWd6gqqoqqqqqp6qqGqqFqqpqqlqqlaqvaqo6qo+qq+1U91Rv7YwOV3plGaig2VsOwqWqmmqsW6jV8WLVSI7C1aqPaqkfVKByJ7VUr10E9oTqqcdhJPaXG49Oqi5qIXdWzqpt6TnVXz6seqrXrqXqpKdhb9VHTsa/qp/qrAWo2VlPpHauuXlHPZx6qhqlX1WJ8TY1Qr6uRapQard5QY9RYNU6NVxPURJWs3lST1FtqsnpbTVFT1TQ1Xc1QM9Us9Y6areaouepdNU/NVwvUQrVILVZL1HtqqXpfpagP1DL1oUpVy9UKtVKtUqvVGrVWrVPr1Qa1UW1Sm9UWtVVtUx+p7WqH2ql2qd1qj9qrPlb71Cdqv/pUpanP1AH1F3VQfa4OqS/UYfWlOqK+UkfV1+qY+kYdV9+qE+qkOqW+U6fV9+qMOqvOqR/UefWjuqB+UheVV6BRK6210YHOpDPrBJ1FJ+qrdFadTWfXOXRMX61z6mt0Ln2tzq3z6Lwmn86vC+iCOtSkrWYd6UK6sI7r63QRfb0uqovp4rqEdrqkLqVv0KX1jbqMvkmX1TfrcvoWXV5X0BU96Nt0JX27rqzv0FX0nbqqrqar6xr6Ll1T361r6Xt0bX2vrqPv03X1/bqefkDX1w10Q/2gbqQf0o11E91UN9PNdQvdUj+sW+lHdGvdRrfVj+p2+jHdXj+uO+gndEf9pO6kn9Kd9dO6i35Gd9XP6m76Od1d/6Qvaq976l46SffWffSLuq/up/vrAXqgfkkP0i/rwfoVPUQP1cP0q3q4fk2P0K/rkXqUHq3f0GP0WD1Oj9cT9ESdrN/Uk/RberJ+W0/RU/U0PV3P0DN1/19mmvtP5L/1O/mDL519q96mP9Lb9Q69U+/Su/UevVfv1fv0Pr1f79dpOk0f0Af0QX1QH9KH9GF9WB/RR/RRfVQf08f0cX1cn9An9Q/6O31af6/P6LP6rP5Bn9fn9YVfXgMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/y38/+ovpampWllWpnWprVpa9qadqadaW/amw6mg+loOppOppPpbDqbLqaL6Wq6mm6mm+luupsepofpaXqaJJNk+pgXTV/Tz/Q3A8xA85IZZAaZwWawGWKGmGFmmBluhpsRZoQZaUaa0Wa0GWPGmHFmnJlgJphkn8NMMpPMZDPZTDFTzLSBOcwMM8PMMrPMbDPbzDVzzTwzzywwC8wis8gsMUvMUrPUpJgUs8wsM6lmuVluVpqVZrVZbdaatWa9WW82mo1ms9lsUs02s81sN9vNTrPT7Da7zV6z1+wz+8x+s9+kmTRzwBwwB81Bc8gcMofNYXPEHDFHzVFzzBwzx81xc8KcMKfMKXPanDZnzBlzzpwz5815c8FcMBfNxfTLvkAFKjCBCTIFmYKEICFIDBKDrEHWIHuQPYgFsSBnkDPIFVwb5A7yBHmDfEH+oEBQMAgDCmzAQRQUCgoH8eC6oEhwfVA0KBYUD0oELigZlApuCEoHNwZlgpuCssHNQbnglqB8UCGoGNwa3BZUCm4PKgd3BFWCO4OqQbWgelAjuCuoGdwd1AruCWoH9wZ1gvuCusH9Qb3ggaB+0CBoGDwYNAoeChoHTYKmQbOgedAiaPmnzu/9mTyPuJ5hrzAp7B32CV8M+4b9wv7hgHBg+FI4KHw5HBy+Eg4Jh4bDwlfD4eFr4Yjw9XBkOCocHb4RjgnHhuPC8eGEcGKYHL4ZTgrfCieHb4dTwqnhtGB6OCOcGc4K3wlnh3PCueG74bxwfrggXBguCheH+PMlMaSEH4TLwg/D1HB5uCJcGa4KV4drwrXhunB9uCHcGG4KN5cd9POh4fZwR7gz3BXuDveEe8OPw33hJ+H+8NMwLfwsPBD+JTwYfh4eCr8ID4dfhkfCr8Kj4dfhsfCb8Hj4bXgiPBmeCr8LT4ffh2fCs+G58IfwfPhjeCH8KbwY+vSL+/SPdzJkKBNlogRKoERKpKyUlbJTdopRjHJSTspFuSg35aa8lJfyU34qSAUpHRNTISpEcYpTESpCRakoFafi5MhRKSpFpak0laEyVJbKUjkqR+WpPFWkinQb3Ua30+10B91Bd9KdVI2qUQ2qQTWpJtWiWlSbalMdqkN1qS7Vo3pUn+pTQ2pIjagRNabG1JSaUnNqTi2pJbWiVtSaWlNbakvtqB21p/bUgTpQR+pInagTdabO1IW6UFfqSt2oG3Wn7tSDelBP6klJlER9qA/1pb7Un/rTQBpIg2gQDabBNISG0DAaRsNpOI2gETSSRtFoeoPG0FgaR+NpAk2kZEqmSTSJJtNkmkJTaBpNoxk0g2bRLJpNs2kuzaV5NI8W0AJaRItoCS2hpbSUUiiFltEySqVUWkEraBWtojW0htbROtpAG2gTbaIttIW20TbaTttpJ+2k3bSb9tJe2kf7aD/tpzRKowN0gA7SQTpEh+gwHaYjdISO0lE6RsfoOB2nE3SCTtEpOk2n6QydoXN0js7Tj3SBfqKL5CnBZrGJ9iqb1Waz2W0O+7dxXpvP5rcFbEEb2tw2z29istYWtcVscVvCOlvSlrI3/F1c3lawFe2t9jZbyd5uK9vyNgv8dVzT3m1r2XtsbXuvrWHv+k1cx95n69qHbD3bxNa3zWxD28I2sg/ZxraJbWqb2ea2hW1nH7Pt7eO2g33CdrRP/l281L5v19n1doPdaPfZT+w5+4M9ar+25+2PtqftZQfal+wg+7IdbF+xQ+zQ38YAdrR9w46xY+04O95OsBP/Lp5mp9sZdqadZd+xs+2cv4uX2PfsPJtiF9iFdpFdfClOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vuuRSnr2O//dSm2c/sEfuVPWg/t4fsMXvYfnkpTl/fMfuNPW6/tSfsSXvKfmdP2+/tGXv20vrT1/6d/cletN4CIyvWbDjgTJyZEzgLJ/JVnJWzcXbOwTG+mnPyNZyLr+XcnIfzcj7OzwW4IIdMbJk54kJcmON8HRfh67koF+PiXIIdl+RSfAOX5hu5DN/EZflmLse3cHmuwBX5Vr6NK/HtXJnv4Cp8J1flalyda/BdXJPv5lp8D9fme7kO38d1+X6uxw9wfW7ADflBbsQPcWNuwk25GTfnFtySH+ZW/Ai35jbclh/ldvwYt+fHuQM/wR35Se7ET3Fnfpq78DPclZ/lbvwcd+fnuQe/wD25Fydxb+7DL3Jf7sf9eQAP5Jd4EL/Mg/kVHsJDeRi/ysP5NR7Br/NIHsWj+Q0ew2N5HI/nCTyRk/lNnsRv8WR+m6fwVJ7G03kGz+RZ/A7P5jk8l9/leTyfF/BCXsSLeQm/x0v5fU7hD3gZf8ipvJxX8Epexat5Da/ldbyeN/BG3sSbeQtv5W38EW/nHbyTd/Fu3sN7+WPex5/wfv6U0/gzPsB/4YP8OR/iL/gwf8lH+Cs+yl/zMf6Gj/O3fIJP8in+jk/z93yGz/I5/oHP8498gX/ii+wZIoxUpCMTBVGmKHOUEGWJEqOroqxRtih7lCOKRVdHOaNrolzRtVHuKE+UN8oX5Y8KRAWjMKLIRhxFUaGocBSProuKRNdHRaNiUfGoROSiklGp6IaodHRjVCa6KSob3RyVi26JykcVoorRrdFtUaXo9qhydEdUJbozqhpVi6pHNaK7oprR3VGt6J6odnRvVCa6L6ob3R/Vix6I6kcNoobRg1Gj6KGocdQkaho1i5pHLaKW0cNRq+iRqHXUJmobPRq1ix6L2kePRx2iJ6KO0ZOX9xcLfv40/Zv9SVHvSP/yhOwevSi+OL4k/l58afz9eEr8g/iy+Ifx1Pjy+Ir4yviq+Or4mvja+Lr4+viG+Mb4pvjm+Jb41rj3NTKDw/QbYTAucJlcZpfgsrhEd5XL6rK57C6Hi7mrXU53jcvlrnW5XR6X1+Vz+V0BV9CFjpx17CJXyBV2cXedK+Kud0VdMVfclXDOlXSlXAvX0rV0rdwjrrVr49q6R92j7jH3mHs84ZfCXSf3lOvsnnZd3DPuGfes6+aec93d866He8H1dL1ckktyfVwf19f1df1dfzfQDXSD3CA32A12Q9wQN8wNc8PdcDfCjXAj3Ug32o12Y9wYN86NcxPcBJfskt0kN8lNdpPdFDfFTXPT3Aw3w81ys9xsN9vNdXPdPDfPLXAL3CK3KPOvdaW4FLfMLXOpLtWtcCvcKrfKrXFr3Dq3zm1wG9wmt8ltcVvcNrfNbXfb3U630+12u91et9ftc/vcfrffpbk0d8AdcAfdQXfIfeEOuy/dEfeVO+q+dsfcN+64+9adcCfdKef1afe9O+POunPuB3fe/eguuJ/cReddcuzN2KTYW7HJsbdjU2JTY9Ni02MzYjNjs2LvxGbH5sTmxt6NzYvNjy2ILYwtii2OLYm9F1saez+WEvsgtiz2YSw1tjy2IrYytiq2OuZ9ge2RL+QL+7i/zhfx1/uivpgv7kt450v6Uv4GX9rf6Mv4m3xZf7Mv52/x5X0FX9E38U19M9/ct/At/cO+lX/Et/ZtfFv/qG/nH/Pt/eO+g3/Cd/RP+k7+Kd/ZP+27+Gd8V//s/F9eTd/Dv+B7+l4+yff2ffyLvq/v5/v7AX6gf8kP8i/7wf4VP8QP9cP8q364f82P8K/7kX6UH+3f8GP8WD/Oj/cT/ESf7N/0k/xbfrJ/20/xU/00P93P8DP9LP+On+3n+Ln+XT/Pz/cL/EK/yC/2S/x7fql/36f4D/wy/6FP9cv9Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Mf+e1+h9/pd/ndfo/f6z/2+/wnfr//1Kf5z/wB/xd/0H/uD/kv/GH/pT/iv/JH/df+mP/GH/ff+hP+pD/lv/On/ff+jD/rz/kf/Hn/o7/gf/IX5X/WhBBCCCH+KfoP9vf+nd+pX7Z0fQAg2458h/92zk25fx73U/s6xgDgiV5dG/y6NWiQlJT0y7GpGoLCCwEgdjn/0vcP/BIvh7bwWBaANlD6d+vrpypeuu77r+aP3wyQCJDl15z026NE+Kv5oQO0gRv/wfxN3uM/mn8hQNHCl3PST/RrfHn+Mv9g/j3t/mD+LJ8nA7T+q5yscDm+ND+mvz6l4BF4Ejr85kghhBBCCCGEEOJn/dT5bn90f5t+f57fXM7JDJfjy/e3v39//gcq/xlrEEIIIYQQQgghxH/t6ee6P/5whw5tOv9vHmT+zyjjP2CAAPDnztz7P2JdMvjTB1f6L5MQQgghhBDiz3b5ov9KVyKEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQmRc//43hKl/+uArvUYhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBDiSvs/AQAA//9Tq1GA")
syz_open_dev$evdev(0x0, 0x5030ef5b, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

3.04590484s ago: executing program 2 (id=249):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r4 = accept$alg(r3, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000001880)="3ea74815ea3f577ea6449f8b353de500ec8ec15af1c38ff3ccf324880db5d15e223463e7f26e969a35115fa034729d226e85fc54921082ce33db43afb1edec8604d1aab6bd4b19b3bc83f14954723cb8175af1cfc307533bc1d4ab373b029fb427029fe4f7d49897f2ad28a7b5afad64b03976e01d8266a43670ea51817b240180d8bafca9b200a0a6a018c0d6b954f18d5cddf41e4f6237baef652fe4bc7f6a7014887e20c854922be36abf1c53700c5ad92bc04944f9d69d9b0f3bf9a8ac38f3522ddfbab454f292a2a053207c2263ee8311398f7ee9ceaac5f1d7ea287002d151a389dfe8bf8bde731402e4115280f66526d865f90ada6a2ded26261c38c87de2f5d60ecc6dc8d12f63a8375bf55526c754f74cdea9459c78245d9f6185b9947308551624d67f3688a4fe936dc91de837a258ae6468f2f5cd968757dd28f278a2424a9a8fe87027bb4776c5904824b68b16361df1adb992f4a0ecf88799fe96def7ce00c479942a8c4dd225e61cea30b3e483d9e764301dd1d569a2d2fcc91dcc54c8ac6e052ba85d8a8e7744bbd965f799579dd395c49aea7a3ab5df2fe33ceb1a706683a398d166e4e5ef0aee222c8d6e71f61cf9a212b7f1abf05ede37b863d298bee7e28a1917dc06a85dc82dca299d45a1cce10fdf0d7715555e99a9e7d064024aa4004684008421f619538942880b7b9b881431509aebdb47211a79da86c80487423d0eae90916648ebeb47a864b8fffd9c452e3c18036bf286680298e5d20c4e011d47ca47a5e0895d98055eeeb0d1adce72e26a1bb572043b49faae886274b9dea35dcd796ac286b55b6c99179c26ec47f8ed0d16832771047886cbffa10075756f53fd3180d629de87868c5739e89290b845884e155b88f7453e1e949bd7f2708199417c7209db40f46a4f1921e6d82f3d3907eb0c3c7c64cbc0aa0fae57a3b68651488b33ceacf198473e2dbade77babf656d7c9d20e88ebf1625cc7266468fb4ec4f3b5ea65b9dc38f712f44ef1b248b19fb03695d82cd5e4905852647f7a26d88aff7ce4ecfa94f2705c4c58352acdbba36e92f69dd7583c49ecb062b44ef1a3f15bb5a082eb82e7452054612498019dba9becb8b0ff423df99d64472b3528ed8d1dd6b24e714ea5786aa1f618a38cfc70cbb1f8f09fa5f6a56017790ba6d5950557e1d9a8457bc3f5fd461c86ec4b90e8abb9f90debf7dd84f8fedabf25a10c91c70bebb8266599e4e20f6eddf1fba0bcc228e2038ae971bf995ad4f0d680fefce2c4da8c851142d76c1ec4a3b5a627766d803c9e603326d0c9164bb76c19f65f44e62d2ccc488824bc046cc4850701846e9772c5545f02f2536fbbba2f14ee9f2ba4fc2060478f0c90a504b4daabfd1bd24a400785767e05cc5f7f15d205033768592e0a23da6c3419fdcc31a8d6607722932842eff8d8b1220352c06f645ad201acf1e73cc98b0", 0x410}], 0x1, &(0x7f0000000280)=[@assoc={0x18, 0x117, 0x4, 0x400}], 0x18, 0x200040d0}], 0x1, 0x840)
recvmsg(r4, &(0x7f0000001440)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000003a00)=""/4109, 0x100d}], 0x1}, 0x40010021)

2.187644668s ago: executing program 1 (id=252):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x30c})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa04, 0x0)

2.108637955s ago: executing program 1 (id=253):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="98010000100009010000000000000000fc0000000000000000000000000000000000000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000000000320000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005d001400636d616328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b8482712b245b4"], 0x198}}, 0x0)

2.108356619s ago: executing program 1 (id=254):
r0 = socket$netlink(0x10, 0x3, 0x15)
sendmsg$netlink(r0, &(0x7f0000002e00)={0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="e000000013000100000000008bcd36aa5f9eca00000000cde73661dc24b5af93b68b1de20326a6936d2605282c7c1933c59770deb1f14f99d9b210deb0f81282f8bd589f7057ffdbc120712b29428f9591bfb7b7638eca2c6e8203184c66f27dd2beafa90f3dbf3751216c5378b94a3bc2bb0a48ad68548d7106b7b8f9a1d2ebeb3ce55779132b4eed82e03e6a418924"], 0xe0}], 0x1}, 0x0)

2.107493833s ago: executing program 2 (id=255):
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100008}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fed007907001175f37538e486dd63"], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000030a05020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a3000000000080007006e6174003c000000060a01040000000000000000010000001400048010000180090001006d6173710000000008000b40000000000900010073797a30"], 0xcc}, 0x1, 0x0, 0x0, 0x880}, 0x0)

1.979689378s ago: executing program 1 (id=256):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000})
syz_init_net_socket$llc(0x1a, 0x1, 0x0)

1.834711866s ago: executing program 1 (id=257):
syz_io_uring_setup(0x6, 0x0, 0x0, &(0x7f00000001c0))
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000005fc0)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}], 0x1, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
r3 = accept4$x25(0xffffffffffffffff, &(0x7f0000000740)={0x9, @remote}, 0x0, 0x800)
recvfrom$x25(r3, &(0x7f0000000600)=""/54, 0x36, 0x40000000, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x6, 0x19, &(0x7f0000000b00)=ANY=[@ANYBLOB="1800000003000000000000000700000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000000000000850000008600000018130000", @ANYRES32=r6, @ANYBLOB="00000000000000005d610000100000001f5b0000040000006db0e1ffffffffff85100000fcffffffbf91000000000004b7020000010000008500000085000000b7000000000000009500000000000000a9081849412193b7cbc073bcfde5097fc9e19fef00a9ad809fe66b908879bd308bb4089f3cdbfe3120045e822e52d62cbef7063444d1a8e3ba781a58656356b25eb574ad22369c95596457229bfe85242159595676f9711ac63e8dba60605c40d8cf6575fc3b145730f4f9020c9eda65e370b17b5dc0df069c0d82c5ee343f7d4570160eb277fca90010aa4750974d92f3898fc4042165578d80abe66ec04bc3f43cff2a7d48c4c2a0c80a9da7b2f07b64cbcdd48c9d5b7088dd11bc67aff7ae228cef992722f5e78ff781a0869ecab4094e63"], &(0x7f0000000280)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0x11, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000004c0)={0x5, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=[r6], 0x0, 0x10, 0x66c}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r8, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
recvmmsg(r1, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}, 0xd78a}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000380)=""/15, 0xf}], 0x1}}], 0x2, 0x0, 0x0)

1.109799915s ago: executing program 2 (id=258):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa407, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000040)=0x1)
ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000580)=@multiplanar_overlay={0x7, 0x1, 0x4, 0x4, 0x1, {0x77359400}, {0x4, 0x1, 0x65, 0x0, 0x3, 0x5, "9d874313"}, 0x9, 0x3, {0x0}, 0x2})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
recvmmsg$unix(r1, &(0x7f0000004a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10021, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000008, 0x4000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x20002, @local, 0x8}}, 0x0, 0x0, 0x3f, 0x0, "ee8b0e650926a96ecc136e7fb980e989db9e8bf9b93129488f651a8de213eb94cd46e19d9c65a018444a131f4da58ae36556dd38ea6c029607462029add09240005c6776267517308a3d40aa1c788df6"}, 0xd8)
bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0x3, &(0x7f00000006c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, "6ae04425ace3f60c", "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

617.675242ms ago: executing program 1 (id=259):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c6572726f72733d72656d6f756e742d726f2c61636c2c00a9b504852143b698d2e379891a0dde7f9adfca8cbec85bf8e749e04e"], 0x11, 0x443f, &(0x7f00000088c0)="$eJzs3c1PHOcdAOB3BlyD6w9wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXtYLrG3ahbVgqXqwFHKzlFOkHKIcrETKjZPFIVfnT8glR+dsKTnkEimSFaLdnYWdYVds0C7EzvMcmJ33e/c3H+8chjdOVB4ureWW1nKFlVx54f7axdz/yqX15WKID0nL/o8dXv90phfHyVEfez9lt65c+8fdiyF8uvj5y+3t7e1Q1R9aGmv6/M3Xjxeatw1xpk613datdcu/Qwjn9oyrqi+E8K9PQohCCJeTtMlkOxhCOBXqeXcfv3Mv16XRPHtRvJR/Nfdka/zC7ObTrfbfPQrhg9Iv//hg+cvf9I1/8fsudQ8AAAAAAAAAAAAAAAAAwGtu+vatO38fHQvPo9C/Ge19X3c62bZ7P3a7a37d+y8LAAAAAAAAAAAAAAAAAAAAP1K77//norMt3v+fSrYTbepv/7VNxvHujpPemPnbramro2PJ+u/Rnvw/JUlfXe4Lwy3Wfc+u/345U7/1+u97+zmoxvga/Q6FKB7ZfmsnfyjE8chICB8lC7+fj07EpfJa5Q/3y+sri10bxmsrHf/66v2p6CQL+nca/8lM+71f//8Xe46m6v697h1ib7R0/Pvalvv47aij+F/J1DuM+HNw6fj319IGmwtM1C8A1fi/279//Kcy7fcq/qdDCLmoOtZc6gpQncNU09vNV0hLx/9YLS116Ux+yHbn/7eZ+F/NtN8u/me69g1aX/83sjciWkrH/2e1tIFUid3zfzje//y/lmn/KO7/1fFvuP93JB3/5KGtP1Wk9kt2ev2fzrTfq/jfiZNxno5SR8BmVE9v9//qSEvHf2BP/u7zX9zR/O96pv5hPf81+q09/zU9h/wuqj//0Vo6/oNty3V6/s9k6vX6+j9Rm/9xUOn4n6ilpefOQ7W/ncZ/NtN+r+Jfm5UMNOK/ez357ng9/UPzv46k4//zemLcXGKj9rc2/4v2n//fyLR/FPO/6vg34t72+qZIx/9k23LV+H/Wwf3/ZqZe7+Mfwqi5/oGl43+qbbna+T+wf/znMvV6Hf/f9rJxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNfAZLIdClE8ktqP45GREK4k++fDiWi+sJifL5UX/rsWwlSSngtnowel8nyhlF9aKS8W84VSqbwQwtUk/1wYiNZK5Up+ufDo2k5bg9HDYmG1Ml8sVEII00n6r8KpRlvzS5XlwqMQwvWdvDNxefXRw8JKfnFp9S+jo6OjYWZnDMNR8f+V4kql3ns9N4TZnbpDUdPgatk3dsZyMvpPeX11pVCqpd9sqlMqLxRKTXXmkrz3wnBUWV1fWShUivlS+UGjv6M0kWynZm7/8/bNsT3596L6dvJwhwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAD/R8/M/vhxD663txCGGi8SFqVf7Zi+Kl/Ku5J1vjF2Y3n269bFcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB7duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBLxygRA1EYgN+Mhdp5DKuQdLYJimhhRPAEegwPE4/iJbyDhYWthQhmBjTuQprd6vuaB/l5eT8kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACsc3k33t+2XUSKo6/DiJfH17ff+XWZ0zDPvNg/2FNPduPqZjy/aLvy3dO//Kw8eu/zT/r58fQQG2b1PPzdX/5Ps3rneGuvaVjXv/ard08i5SYi+pKfppybZt27AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPhmBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86ir4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//78SIGU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x42, 0x0)
pwrite64(r0, &(0x7f0000000140)='Q', 0x1, 0x200980)
fallocate(r0, 0x3, 0x180004, 0x10000)

549.132174ms ago: executing program 0 (id=260):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000003c0)={0x1, @pix_mp={0xef3, 0x9, 0x34325241, 0x9, 0x7, [{0x9, 0x6}, {0xfffffffe, 0x7f}, {0x5, 0x8}, {0x6, 0x40}, {0x0, 0xd27}, {0x1, 0x2}, {0x9, 0xa56d}, {0x8, 0x2}], 0x7, 0x4, 0x3, 0x1, 0x1}})

278.968363ms ago: executing program 0 (id=261):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000140)="240000005a001f001007f4d655c63589ce9e04020800038005000000ffc8bbb86ec81ffd", 0x24)

0s ago: executing program 0 (id=262):
r0 = userfaultfd(0x801)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000080)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0x6}, 0x18)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:45581' (ED25519) to the list of known hosts.
syzkaller login: [   57.124914][ T5831] cgroup: Unknown subsys name 'net'
[   57.233199][ T5831] cgroup: Unknown subsys name 'cpuset'
[   57.239759][ T5831] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   59.153113][ T5831] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   64.970816][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   64.975045][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   64.978632][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   64.985725][ T5850] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   64.989808][ T5850] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   65.008210][ T5850] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   65.017089][ T5850] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   65.020669][ T5850] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   65.027575][ T5850] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   65.031305][ T5850] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   65.095449][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   65.099424][ T5850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   65.103021][ T5850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   65.106798][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   65.115175][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   65.359401][ T5849] chnl_net:caif_netlink_parms(): no params data found
[   65.502814][ T5845] chnl_net:caif_netlink_parms(): no params data found
[   65.546506][ T5849] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.550531][ T5849] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.553645][ T5849] bridge_slave_0: entered allmulticast mode
[   65.557677][ T5849] bridge_slave_0: entered promiscuous mode
[   65.592914][ T5849] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.595867][ T5849] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.600615][ T5849] bridge_slave_1: entered allmulticast mode
[   65.604350][ T5849] bridge_slave_1: entered promiscuous mode
[   65.677037][ T5849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.681430][ T5854] chnl_net:caif_netlink_parms(): no params data found
[   65.690261][ T5849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.703596][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.705822][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.708084][ T5845] bridge_slave_0: entered allmulticast mode
[   65.711149][ T5845] bridge_slave_0: entered promiscuous mode
[   65.745052][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.747295][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.750056][ T5845] bridge_slave_1: entered allmulticast mode
[   65.753154][ T5845] bridge_slave_1: entered promiscuous mode
[   65.772650][ T5849] team0: Port device team_slave_0 added
[   65.794731][ T5849] team0: Port device team_slave_1 added
[   65.799993][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   65.822652][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   65.864193][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_0
[   65.867000][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.877615][ T5849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   65.916761][ T5849] batman_adv: batadv0: Adding interface: batadv_slave_1
[   65.919973][ T5849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   65.930220][ T5849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   65.943663][ T5854] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.946040][ T5854] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.949874][ T5854] bridge_slave_0: entered allmulticast mode
[   65.952721][ T5854] bridge_slave_0: entered promiscuous mode
[   65.957409][ T5845] team0: Port device team_slave_0 added
[   65.967415][ T5854] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.971952][ T5854] bridge0: port 2(bridge_slave_1) entered disabled state
[   65.974642][ T5854] bridge_slave_1: entered allmulticast mode
[   65.977823][ T5854] bridge_slave_1: entered promiscuous mode
[   65.996393][ T5845] team0: Port device team_slave_1 added
[   66.037746][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0
[   66.040842][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.049763][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   66.055594][ T5854] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   66.062809][ T5854] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   66.081226][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1
[   66.083973][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.094272][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.150917][ T5849] hsr_slave_0: entered promiscuous mode
[   66.153784][ T5849] hsr_slave_1: entered promiscuous mode
[   66.160198][ T5854] team0: Port device team_slave_0 added
[   66.165072][ T5854] team0: Port device team_slave_1 added
[   66.230791][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_0
[   66.233622][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.244016][ T5854] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   66.268972][ T5845] hsr_slave_0: entered promiscuous mode
[   66.271594][ T5845] hsr_slave_1: entered promiscuous mode
[   66.274034][ T5845] debugfs: 'hsr0' already exists in 'hsr'
[   66.275866][ T5845] Cannot create hsr debugfs directory
[   66.278334][ T5854] batman_adv: batadv0: Adding interface: batadv_slave_1
[   66.281831][ T5854] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   66.292811][ T5854] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   66.446369][ T5854] hsr_slave_0: entered promiscuous mode
[   66.450061][ T5854] hsr_slave_1: entered promiscuous mode
[   66.452865][ T5854] debugfs: 'hsr0' already exists in 'hsr'
[   66.455130][ T5854] Cannot create hsr debugfs directory
[   66.686638][ T5849] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   66.703102][ T5849] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   66.712720][ T5849] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   66.726991][ T5849] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   66.780697][ T5845] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   66.796026][ T5845] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   66.809173][ T5845] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   66.831257][ T5845] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   66.920269][ T5854] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   66.934659][ T5854] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   66.942859][ T5854] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   66.954377][ T5854] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   67.021888][ T5849] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.025236][ T5850] Bluetooth: hci0: command tx timeout
[   67.062918][ T5849] 8021q: adding VLAN 0 to HW filter on device team0
[   67.078201][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.085037][ T1090] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.088095][ T1090] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.108814][ T5850] Bluetooth: hci1: command tx timeout
[   67.120962][ T1090] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.123826][ T1090] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.143848][ T5845] 8021q: adding VLAN 0 to HW filter on device team0
[   67.166231][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.169158][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.179681][ T5850] Bluetooth: hci2: command tx timeout
[   67.197768][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.200680][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.256416][ T5854] 8021q: adding VLAN 0 to HW filter on device bond0
[   67.302792][ T5854] 8021q: adding VLAN 0 to HW filter on device team0
[   67.320039][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.323111][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[   67.372367][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.375289][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[   67.426080][ T5854] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   67.434436][ T5854] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   67.533100][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.563595][ T5849] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.607106][ T5845] veth0_vlan: entered promiscuous mode
[   67.635731][ T5845] veth1_vlan: entered promiscuous mode
[   67.674366][ T5849] veth0_vlan: entered promiscuous mode
[   67.692225][ T5845] veth0_macvtap: entered promiscuous mode
[   67.700909][ T5854] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.707154][ T5849] veth1_vlan: entered promiscuous mode
[   67.715220][ T5845] veth1_macvtap: entered promiscuous mode
[   67.739764][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.757855][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.782231][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.786223][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.796660][ T5849] veth0_macvtap: entered promiscuous mode
[   67.806437][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.810461][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.818297][ T5849] veth1_macvtap: entered promiscuous mode
[   67.834627][ T5854] veth0_vlan: entered promiscuous mode
[   67.852499][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.855848][ T5854] veth1_vlan: entered promiscuous mode
[   67.875073][ T5849] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.916109][ T5854] veth0_macvtap: entered promiscuous mode
[   67.923607][ T5909] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.933300][ T5909] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.957444][ T5909] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.961210][ T5909] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   67.971412][ T5854] veth1_macvtap: entered promiscuous mode
[   67.988237][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   67.997398][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.033100][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.057483][ T5854] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.067113][ T1090] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.073275][ T1090] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.087217][ T5909] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.091828][ T5909] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.095688][ T5909] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.101380][ T5909] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.153091][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.156180][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.191165][ T5845] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   68.238223][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.248952][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.299278][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.307739][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.343113][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.350424][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.403923][ T5915] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[   68.674443][ T5913] loop0: detected capacity change from 0 to 32768
[   68.700443][ T5913] Mount JFS Failure: -22
[   68.702162][ T5913] jfs_mount failed w/return code = -22
[   68.717043][ T5925] netlink: 256 bytes leftover after parsing attributes in process `syz.1.7'.
[   68.727299][ T5925] netlink: 72 bytes leftover after parsing attributes in process `syz.1.7'.
[   68.792405][ T5930] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10'.
[   68.795315][ T5930] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   68.855839][ T5933] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.937600][ T5938] loop1: detected capacity change from 0 to 1024
[   68.983689][ T5938] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[   68.987704][ T5938] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   69.032400][ T5938] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   69.077010][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.101839][ T5850] Bluetooth: hci0: command tx timeout
[   69.181322][ T5850] Bluetooth: hci1: command tx timeout
[   69.259587][ T5850] Bluetooth: hci2: command tx timeout
[   69.757201][ T5967] loop0: detected capacity change from 0 to 1764
[   69.790765][ T5967] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   69.797630][ T5967] isofs_fill_super: root inode is not a directory. Corrupted media?
[   69.858161][ T5973] loop1: detected capacity change from 0 to 4096
[   69.868023][ T5973] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[   70.054872][ T5987] loop1: detected capacity change from 0 to 512
[   70.072954][ T5987] EXT4-fs (loop1): orphan cleanup on readonly fs
[   70.076459][ T5987] Quota error (device loop1): v2_read_file_info: Block with free entry 9 out of range (1, 6).
[   70.080989][ T5987] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   70.116811][ T5987] EXT4-fs (loop1): Cannot turn on quotas: error -117
[   70.130169][ T5987] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.30: bg 0: block 248: padding at end of block bitmap is not set
[   70.173497][ T5987] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   70.195486][ T5987] EXT4-fs (loop1): 1 orphan inode deleted
[   70.217343][ T5987] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.223671][ T5994] netlink: 16 bytes leftover after parsing attributes in process `syz.0.32'.
[   70.254518][ T5992] loop2: detected capacity change from 0 to 764
[   70.271731][ T5992] rock: directory entry would overflow storage
[   70.277016][ T5992] rock: sig=0x5850, size=36, remaining=22
[   70.287292][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.353445][ T6000] netlink: 'syz.1.35': attribute type 5 has an invalid length.
[   71.102161][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[   71.105172][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[   71.180315][ T5850] Bluetooth: hci0: command tx timeout
[   71.259475][ T5850] Bluetooth: hci1: command tx timeout
[   71.307674][ T6020] loop2: detected capacity change from 0 to 16
[   71.318905][ T6020] =======================================================
[   71.318905][ T6020] WARNING: The mand mount option has been deprecated and
[   71.318905][ T6020]          and is ignored by this kernel. Remove the mand
[   71.318905][ T6020]          option from the mount to silence this warning.
[   71.318905][ T6020] =======================================================
[   71.345467][ T5850] Bluetooth: hci2: command tx timeout
[   71.381220][ T6020] erofs (device loop2): mounted with root inode @ nid 36.
[   71.426820][ T6020] netlink: 4 bytes leftover after parsing attributes in process `syz.2.43'.
[   71.583018][ T6025] loop2: detected capacity change from 0 to 512
[   71.595888][ T6025] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   71.603800][ T6015] loop0: detected capacity change from 0 to 40427
[   71.620008][ T6025] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   71.642318][ T6025] EXT4-fs (loop2): 1 truncate cleaned up
[   71.645501][ T6015] F2FS-fs (loop0): invalid crc value
[   71.652693][ T6025] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.702795][ T6025] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #12: comm syz.2.44: corrupted in-inode xattr: bad e_name length
[   71.763767][ T6015] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[   71.779488][ T5849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.781797][ T6015] F2FS-fs (loop0): Start checkpoint disabled!
[   71.818035][ T6015] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   71.861354][ T6036] netlink: 8 bytes leftover after parsing attributes in process `syz.2.45'.
[   71.864424][ T6036] netlink: 120 bytes leftover after parsing attributes in process `syz.2.45'.
[   71.867856][ T6036] netlink: 8 bytes leftover after parsing attributes in process `syz.2.45'.
[   71.987386][ T6046] netlink: 16 bytes leftover after parsing attributes in process `syz.1.49'.
[   71.992460][ T6046] netlink: 'syz.1.49': attribute type 1 has an invalid length.
[   71.992545][   T32] kworker/u9:1: attempt to access beyond end of device
[   71.992545][   T32] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[   72.007037][   T32] CPU: 0 UID: 0 PID: 32 Comm: kworker/u9:1 Not tainted syzkaller #0 PREEMPT(full) 
[   72.007061][   T32] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   72.007072][   T32] Workqueue: writeback wb_workfn (flush-7:0)
[   72.007103][   T32] Call Trace:
[   72.007111][   T32]  <TASK>
[   72.007143][   T32]  dump_stack_lvl+0x189/0x250
[   72.007171][   T32]  ? __pfx_dump_stack_lvl+0x10/0x10
[   72.007189][   T32]  ? __pfx_queue_work_on+0x10/0x10
[   72.007206][   T32]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   72.007230][   T32]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   72.007259][   T32]  f2fs_handle_critical_error+0x37c/0x540
[   72.007292][   T32]  f2fs_write_end_io+0x886/0xb60
[   72.007324][   T32]  __submit_merged_bio+0x27a/0x6a0
[   72.007351][   T32]  __submit_merged_write_cond+0x255/0x530
[   72.007376][   T32]  f2fs_write_data_pages+0x261d/0x3000
[   72.007430][   T32]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   72.007464][   T32]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[   72.007512][   T32]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[   72.007547][   T32]  ? trace_f2fs_writepages+0x7f/0x200
[   72.007569][   T32]  ? f2fs_write_node_pages+0x478/0x6e0
[   72.007602][   T32]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[   72.007635][   T32]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   72.007660][   T32]  do_writepages+0x32e/0x550
[   72.007685][   T32]  ? reacquire_held_locks+0x127/0x1d0
[   72.007702][   T32]  ? writeback_sb_inodes+0x384/0x1010
[   72.007730][   T32]  __writeback_single_inode+0x145/0xff0
[   72.007752][   T32]  ? do_raw_spin_unlock+0x4d/0x240
[   72.007775][   T32]  writeback_sb_inodes+0x6c7/0x1010
[   72.007817][   T32]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   72.007875][   T32]  ? rcu_is_watching+0x15/0xb0
[   72.007928][   T32]  wb_writeback+0x43b/0xaf0
[   72.007956][   T32]  ? queue_io+0x321/0x590
[   72.007977][   T32]  ? __pfx_wb_writeback+0x10/0x10
[   72.008004][   T32]  ? _raw_spin_unlock_irq+0x23/0x50
[   72.008026][   T32]  wb_workfn+0x409/0xef0
[   72.008057][   T32]  ? __pfx_wb_workfn+0x10/0x10
[   72.008078][   T32]  ? __lock_acquire+0xab9/0xd20
[   72.008111][   T32]  ? process_scheduled_works+0x9ef/0x17b0
[   72.008133][   T32]  ? _raw_spin_unlock_irq+0x23/0x50
[   72.008149][   T32]  ? process_scheduled_works+0x9ef/0x17b0
[   72.008162][   T32]  ? process_scheduled_works+0x9ef/0x17b0
[   72.008178][   T32]  process_scheduled_works+0xae1/0x17b0
[   72.008219][   T32]  ? __pfx_process_scheduled_works+0x10/0x10
[   72.008250][   T32]  worker_thread+0x8a0/0xda0
[   72.008290][   T32]  kthread+0x711/0x8a0
[   72.008312][   T32]  ? __pfx_worker_thread+0x10/0x10
[   72.008326][   T32]  ? __pfx_kthread+0x10/0x10
[   72.008364][   T32]  ? _raw_spin_unlock_irq+0x23/0x50
[   72.008382][   T32]  ? lockdep_hardirqs_on+0x9c/0x150
[   72.008401][   T32]  ? __pfx_kthread+0x10/0x10
[   72.008419][   T32]  ret_from_fork+0x3fc/0x770
[   72.008440][   T32]  ? __pfx_ret_from_fork+0x10/0x10
[   72.008461][   T32]  ? __switch_to_asm+0x39/0x70
[   72.008479][   T32]  ? __switch_to_asm+0x33/0x70
[   72.008493][   T32]  ? __pfx_kthread+0x10/0x10
[   72.008511][   T32]  ret_from_fork_asm+0x1a/0x30
[   72.008537][   T32]  </TASK>
[   72.137638][   T32] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   72.141682][   T32] CPU: 0 UID: 0 PID: 32 Comm: kworker/u9:1 Not tainted syzkaller #0 PREEMPT(full) 
[   72.141703][   T32] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   72.141713][   T32] Workqueue: writeback wb_workfn (flush-7:0)
[   72.141737][   T32] Call Trace:
[   72.141743][   T32]  <TASK>
[   72.141751][   T32]  dump_stack_lvl+0x189/0x250
[   72.141773][   T32]  ? __pfx_dump_stack_lvl+0x10/0x10
[   72.141789][   T32]  ? __pfx_queue_work_on+0x10/0x10
[   72.141802][   T32]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   72.141821][   T32]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   72.141849][   T32]  f2fs_handle_critical_error+0x37c/0x540
[   72.141908][   T32]  f2fs_write_end_io+0x886/0xb60
[   72.141940][   T32]  __submit_merged_bio+0x27a/0x6a0
[   72.141965][   T32]  __submit_merged_write_cond+0x255/0x530
[   72.141991][   T32]  f2fs_write_data_pages+0x261d/0x3000
[   72.142042][   T32]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   72.142075][   T32]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[   72.142121][   T32]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[   72.142152][   T32]  ? trace_f2fs_writepages+0x7f/0x200
[   72.142173][   T32]  ? f2fs_write_node_pages+0x478/0x6e0
[   72.142197][   T32]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[   72.142229][   T32]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   72.142250][   T32]  do_writepages+0x32e/0x550
[   72.142273][   T32]  ? reacquire_held_locks+0x127/0x1d0
[   72.142287][   T32]  ? writeback_sb_inodes+0x384/0x1010
[   72.142313][   T32]  __writeback_single_inode+0x145/0xff0
[   72.142329][   T32]  ? do_raw_spin_unlock+0x4d/0x240
[   72.142351][   T32]  writeback_sb_inodes+0x6c7/0x1010
[   72.142392][   T32]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   72.142448][   T32]  ? rcu_is_watching+0x15/0xb0
[   72.142472][   T32]  wb_writeback+0x43b/0xaf0
[   72.142497][   T32]  ? queue_io+0x321/0x590
[   72.142518][   T32]  ? __pfx_wb_writeback+0x10/0x10
[   72.142543][   T32]  ? _raw_spin_unlock_irq+0x23/0x50
[   72.142565][   T32]  wb_workfn+0x409/0xef0
[   72.142599][   T32]  ? __pfx_wb_workfn+0x10/0x10
[   72.142619][   T32]  ? __lock_acquire+0xab9/0xd20
[   72.142651][   T32]  ? process_scheduled_works+0x9ef/0x17b0
[   72.142671][   T32]  ? _raw_spin_unlock_irq+0x23/0x50
[   72.142688][   T32]  ? process_scheduled_works+0x9ef/0x17b0
[   72.142701][   T32]  ? process_scheduled_works+0x9ef/0x17b0
[   72.142715][   T32]  process_scheduled_works+0xae1/0x17b0
[   72.142753][   T32]  ? __pfx_process_scheduled_works+0x10/0x10
[   72.142781][   T32]  worker_thread+0x8a0/0xda0
[   72.142820][   T32]  kthread+0x711/0x8a0
[   72.142842][   T32]  ? __pfx_worker_thread+0x10/0x10
[   72.142855][   T32]  ? __pfx_kthread+0x10/0x10
[   72.142872][   T32]  ? _raw_spin_unlock_irq+0x23/0x50
[   72.142914][   T32]  ? lockdep_hardirqs_on+0x9c/0x150
[   72.142932][   T32]  ? __pfx_kthread+0x10/0x10
[   72.142950][   T32]  ret_from_fork+0x3fc/0x770
[   72.142969][   T32]  ? __pfx_ret_from_fork+0x10/0x10
[   72.142990][   T32]  ? __switch_to_asm+0x39/0x70
[   72.143008][   T32]  ? __switch_to_asm+0x33/0x70
[   72.143023][   T32]  ? __pfx_kthread+0x10/0x10
[   72.143041][   T32]  ret_from_fork_asm+0x1a/0x30
[   72.143074][   T32]  </TASK>
[   72.143081][   T32] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   72.431344][ T6051] mmap: syz.1.51 (6051) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   73.002939][ T6055] loop2: detected capacity change from 0 to 4096
[   73.006565][ T6055] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[   73.145713][ T6067] loop1: detected capacity change from 0 to 512
[   73.153773][ T6067] EXT4-fs: Ignoring removed oldalloc option
[   73.156112][ T6067] EXT4-fs: inline encryption not supported
[   73.159725][ T6067] EXT4-fs: Ignoring removed mblk_io_submit option
[   73.165097][ T6068] netlink: 'syz.2.54': attribute type 1 has an invalid length.
[   73.167971][ T6068] netlink: 232 bytes leftover after parsing attributes in process `syz.2.54'.
[   73.180079][ T6067] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   73.224174][ T6067] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.55: bg 0: block 64: padding at end of block bitmap is not set
[   73.233076][ T6067] Quota error (device loop1): write_blk: dquota write failed
[   73.235844][ T6067] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   73.240227][ T6067] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.55: Failed to acquire dquot type 0
[   73.246825][ T6067] EXT4-fs (loop1): 1 truncate cleaned up
[   73.252414][ T6067] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.282141][ T5848] Bluetooth: hci0: command tx timeout
[   73.340268][ T5848] Bluetooth: hci1: command tx timeout
[   73.403378][ T5854] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.419829][ T5848] Bluetooth: hci2: command tx timeout
[   73.574626][ T6084] loop0: detected capacity change from 0 to 512
[   73.586780][ T6083] mac80211_hwsim hwsim2 wlan0: entered promiscuous mode
[   73.591351][ T6083] macvtap1: entered allmulticast mode
[   73.593634][ T6083] mac80211_hwsim hwsim2 wlan0: entered allmulticast mode
[   73.638199][ T6084] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   73.687817][ T6084] EXT4-fs (loop0): 1 truncate cleaned up
[   73.691714][ T6084] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.793523][ T6083] mac80211_hwsim hwsim2 wlan0: left allmulticast mode
[   73.796390][ T6083] mac80211_hwsim hwsim2 wlan0: left promiscuous mode
[   73.850138][ T6092] loop2: detected capacity change from 0 to 1764
[   73.871019][ T6092] iso9660: Corrupted directory entry in block 2 of inode 1920
[   74.185972][ T5845] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.220631][ T6120] __nla_validate_parse: 1 callbacks suppressed
[   74.220653][ T6120] netlink: 4 bytes leftover after parsing attributes in process `syz.2.65'.
[   74.252108][ T6120] A link change request failed with some changes committed already. Interface wg2 may have been left with an inconsistent configuration, please check.
[   74.306452][ T6131] netlink: 'syz.0.68': attribute type 1 has an invalid length.
[   74.325973][ T6131] netlink: 128 bytes leftover after parsing attributes in process `syz.0.68'.
[   74.331459][ T6131] netlink: 'syz.0.68': attribute type 2 has an invalid length.
[   74.334482][ T6131] netlink: 'syz.0.68': attribute type 1 has an invalid length.
[   74.398034][ T6134] mkiss: ax0: crc mode is auto.
[   74.420014][ T6138] netlink: 'syz.1.70': attribute type 21 has an invalid length.
[   74.422569][ T6138] netlink: 8 bytes leftover after parsing attributes in process `syz.1.70'.
[   74.515909][ T6152] : renamed from veth0_vlan (while UP)
[   74.801000][ T6185] netlink: 20 bytes leftover after parsing attributes in process `syz.0.84'.
[   74.944900][ T6202] loop1: detected capacity change from 0 to 16
[   75.033533][ T6211] program syz.1.91 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   75.102654][ T6214] loop1: detected capacity change from 0 to 4096
[   75.178183][ T6220] C: renamed from team_slave_0 (while UP)
[   75.185568][ T6220] netlink: 'syz.1.93': attribute type 2 has an invalid length.
[   75.188062][ T6220] netlink: 116 bytes leftover after parsing attributes in process `syz.1.93'.
[   75.195485][ T6220] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[   75.305644][ T6208] loop2: detected capacity change from 0 to 32768
[   75.322871][ T6208] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.90 (6208)
[   75.381190][ T6208] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   75.385138][ T6208] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[   75.388279][ T6208] BTRFS info (device loop2): disk space caching is enabled
[   75.406656][ T6208] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   75.466155][ T6208] BTRFS info (device loop2): rebuilding free space tree
[   75.498911][ T5848] Bluetooth: hci2: command 0x0405 tx timeout
[   75.500903][ T6208] BTRFS info (device loop2): disabling free space tree
[   75.503744][ T6208] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   75.507978][ T6208] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   75.583816][ T5849] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   75.639630][  T974] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   75.754338][ T6264] netlink: 'syz.2.99': attribute type 1 has an invalid length.
[   75.757269][ T6264] netlink: 4 bytes leftover after parsing attributes in process `syz.2.99'.
[   75.794768][ T6261] Zero length message leads to an empty skb
[   75.811085][  T974] usb 2-1: Using ep0 maxpacket: 32
[   75.822027][  T974] usb 2-1: config 0 has no interfaces?
[   75.830824][  T974] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[   75.834699][  T974] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.860494][  T974] usb 2-1: config 0 descriptor??
[   75.863440][ T6269] loop2: detected capacity change from 0 to 512
[   75.868115][ T6269] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   75.886019][ T6269] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   75.894289][ T6269] EXT4-fs (loop2): 1 truncate cleaned up
[   75.910194][ T6269] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.980733][ T5849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.082686][ T5911] usb 2-1: USB disconnect, device number 2
[   76.164312][ T6277] loop0: detected capacity change from 0 to 32768
[   76.172468][ T6277] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.101 (6277)
[   76.187086][ T6277] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   76.192616][ T6277] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[   76.195931][ T6277] BTRFS info (device loop0): using free-space-tree
[   76.279915][ T6282] loop2: detected capacity change from 0 to 32768
[   76.290802][ T6282] XFS: noikeep mount option is deprecated.
[   76.336829][ T6282] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   76.372322][ T5845] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   76.412231][ T6282] XFS (loop2): Ending clean mount
[   76.427488][ T6282] XFS (loop2): Quotacheck needed: Please wait.
[   76.455756][ T6282] XFS (loop2): Quotacheck: Done.
[   76.479850][ T6322] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   76.484245][   T33] audit: type=1800 audit(1755601728.248:2): pid=6282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.102" name="file1" dev="loop2" ino=9286 res=0 errno=0
[   76.524608][ T5849] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   77.089599][ T6363] loop1: detected capacity change from 0 to 128
[   77.168841][   T33] audit: type=1800 audit(1755601728.938:3): pid=6363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.112" name="file2" dev="loop1" ino=1048592 res=0 errno=0
[   77.285602][ T6374] loop1: detected capacity change from 0 to 256
[   78.232916][ T6405] loop1: detected capacity change from 0 to 736
[   78.491539][ T6408] input: syz1 as /devices/virtual/input/input4
[   79.124871][ T6456] syz.2.134 uses obsolete (PF_INET,SOCK_PACKET)
[   79.367759][ T6476] loop2: detected capacity change from 0 to 512
[   79.378824][ T6476] EXT4-fs: Ignoring removed bh option
[   79.380604][ T6476] EXT4-fs: Ignoring removed mblk_io_submit option
[   79.386179][ T6476] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   79.391981][ T6476] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   79.394702][ T6476] EXT4-fs (loop2): orphan cleanup on readonly fs
[   79.398253][ T6476] Quota error (device loop2): do_insert_tree: Free block already used in tree: block 4
[   79.402605][ T6476] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota
[   79.405480][ T6476] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.138: Failed to acquire dquot type 1
[   79.410662][ T6476] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.138: Invalid block bitmap block 0 in block_group 0
[   79.416674][ T6476] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.138: Invalid block bitmap block 0 in block_group 0
[   79.429930][ T6476] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.138: Invalid block bitmap block 0 in block_group 0
[   79.434800][ T6476] Quota error (device loop2): write_blk: dquota write failed
[   79.437795][ T6476] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota
[   79.442885][ T6476] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.138: Failed to acquire dquot type 1
[   79.448159][ T6476] Quota error (device loop2): write_blk: dquota write failed
[   79.455938][ T6476] Quota error (device loop2): qtree_write_dquot: Error -28 occurred while creating quota
[   79.460779][ T6476] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.138: Failed to acquire dquot type 1
[   79.466791][ T6476] EXT4-fs (loop2): 1 orphan inode deleted
[   79.501656][ T5882] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   79.513830][ T6444] loop1: detected capacity change from 0 to 131072
[   79.518565][ T6444] F2FS-fs (loop1): Test dummy encryption mode enabled
[   79.519943][ T6476] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   79.523180][ T6444] F2FS-fs (loop1): invalid crc value
[   79.561731][ T5849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.591767][ T6444] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   79.605384][ T6444] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   79.637382][ T6444] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[   79.646767][   T33] audit: type=1800 audit(1755601731.418:4): pid=6444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.132" name="file1" dev="loop1" ino=10 res=0 errno=0
[   79.657864][ T5882] usb 1-1: Using ep0 maxpacket: 16
[   79.666187][ T5882] usb 1-1: too many configurations: 9, using maximum allowed: 8
[   79.672979][   T33] audit: type=1804 audit(1755601731.448:5): pid=6444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.132" name="/newroot/48/bus/file1" dev="loop1" ino=10 res=1 errno=0
[   79.711040][ T5882] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   79.728538][ T5882] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   79.735122][ T5882] usb 1-1: Product: syz
[   79.736471][ T5882] usb 1-1: Manufacturer: syz
[   79.743944][ T5882] usb 1-1: SerialNumber: syz
[   79.759210][ T5882] r8152-cfgselector 1-1: Unknown version 0x0000
[   79.761553][ T5882] r8152-cfgselector 1-1: config 0 descriptor??
[   80.280637][ T6512] netlink: 68 bytes leftover after parsing attributes in process `syz.2.145'.
[   81.053419][ T6517] loop2: detected capacity change from 0 to 256
[   81.349452][   T24] cfg80211: failed to load regulatory.db
[   82.317742][   T10] r8152-cfgselector 1-1: USB disconnect, device number 2
[   82.484556][ T6530] loop1: detected capacity change from 0 to 32768
[   82.732679][ T6530] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[   82.732708][ T6530]   allowing incompatible features above 0.0: (unknown version)
[   82.732718][ T6530]   features: 
[   82.752073][ T6530] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[   82.756384][ T6530] bcachefs (loop1): initializing new filesystem
[   82.779135][ T6530] bcachefs (loop1): going read-write
[   82.808256][ T6530] bcachefs (loop1): marking superblocks
[   82.829645][ T6530] bcachefs (loop1): initializing freespace
[   82.837085][ T6530] bcachefs (loop1): done initializing freespace
[   82.847653][ T6530] bcachefs (loop1): reading snapshots table
[   82.850640][ T6530] bcachefs (loop1): reading snapshots done
[   82.877452][ T6554] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   82.881588][ T6530] bcachefs (loop1): done starting filesystem
[   82.906658][ T6554] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   83.061042][ T6530] syz.1.148 (6530) used greatest stack depth: 15800 bytes left
[   83.155633][ T5854] bcachefs (loop1): shutting down
[   83.168538][ T5854] bcachefs (loop1): going read-only
[   83.182573][ T5854] bcachefs (loop1): finished waiting for writes to stop
[   83.218026][ T5854] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[   83.282330][ T5854] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[   83.296031][ T5854] bcachefs (loop1): clean shutdown complete, journal seq 4
[   83.305706][ T5854] bcachefs (loop1): marking filesystem clean
[   83.379571][ T5854] bcachefs (loop1): shutdown complete
[   83.858502][ T5882] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[   84.013568][ T5882] usb 1-1: config 8 has an invalid interface number: 196 but max is 0
[   84.023429][ T5882] usb 1-1: config 8 has no interface number 0
[   84.037747][ T5882] usb 1-1: config 8 interface 196 has no altsetting 0
[   84.040668][ T5882] usb 1-1: New USB device found, idVendor=061d, idProduct=c170, bcdDevice=e5.59
[   84.044287][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   84.283494][ T5882] usb 1-1: string descriptor 0 read error: -71
[   84.297739][ T5882] quatech2 1-1:8.196: Quatech 2nd gen USB to Serial Driver converter detected
[   84.317521][ T5882] usb 1-1: qt2_attach - failed to power on unit: -71
[   84.333926][ T5882] quatech2 1-1:8.196: probe with driver quatech2 failed with error -71
[   84.373558][ T5882] usb 1-1: USB disconnect, device number 3
[   84.643258][ T5850] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[   84.644603][ T6629] netlink: 16 bytes leftover after parsing attributes in process `syz.2.166'.
[   84.647265][ T5850] CPU: 0 UID: 0 PID: 5850 Comm: kworker/u11:3 Not tainted syzkaller #0 PREEMPT(full) 
[   84.647290][ T5850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   84.647301][ T5850] Workqueue: hci1 hci_rx_work
[   84.647329][ T5850] Call Trace:
[   84.647349][ T5850]  <TASK>
[   84.647356][ T5850]  dump_stack_lvl+0x189/0x250
[   84.647383][ T5850]  ? __pfx_dump_stack_lvl+0x10/0x10
[   84.647403][ T5850]  ? __pfx__printk+0x10/0x10
[   84.647436][ T5850]  ? kernfs_path_from_node+0x250/0x290
[   84.647454][ T5850]  ? kernfs_path_from_node+0x2f/0x290
[   84.647474][ T5850]  sysfs_create_dir_ns+0x259/0x280
[   84.647494][ T5850]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[   84.647512][ T5850]  ? do_raw_spin_unlock+0x4d/0x240
[   84.647534][ T5850]  kobject_add_internal+0x59f/0xb40
[   84.647564][ T5850]  kobject_add+0x155/0x220
[   84.647590][ T5850]  ? __pfx_kobject_add+0x10/0x10
[   84.647612][ T5850]  ? _raw_spin_unlock+0x28/0x50
[   84.647633][ T5850]  ? get_device_parent+0x366/0x3a0
[   84.647652][ T5850]  device_add+0x408/0xb50
[   84.647671][ T5850]  hci_conn_add_sysfs+0xd5/0x1e0
[   84.647691][ T5850]  le_conn_complete_evt+0xc3a/0x1220
[   84.647722][ T5850]  ? __pfx_le_conn_complete_evt+0x10/0x10
[   84.647743][ T5850]  ? __mutex_unlock_slowpath+0x1a1/0x760
[   84.647792][ T5850]  ? __asan_memcpy+0x40/0x70
[   84.647815][ T5850]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   84.647837][ T5850]  ? skb_pull_data+0xfb/0x200
[   84.647862][ T5850]  hci_le_conn_complete_evt+0x187/0x450
[   84.647890][ T5850]  hci_event_packet+0x78f/0x1200
[   84.647911][ T5850]  ? __pfx_hci_le_meta_evt+0x10/0x10
[   84.647934][ T5850]  ? __pfx_hci_event_packet+0x10/0x10
[   84.647954][ T5850]  ? kcov_remote_start+0x4d3/0x7f0
[   84.647975][ T5850]  ? lockdep_hardirqs_on+0x90/0x150
[   84.647996][ T5850]  ? hci_send_to_monitor+0xe2/0x570
[   84.648020][ T5850]  hci_rx_work+0x46a/0xe80
[   84.648044][ T5850]  ? process_scheduled_works+0x9ef/0x17b0
[   84.648061][ T5850]  process_scheduled_works+0xae1/0x17b0
[   84.648099][ T5850]  ? __pfx_process_scheduled_works+0x10/0x10
[   84.648127][ T5850]  worker_thread+0x8a0/0xda0
[   84.648145][ T5850]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   84.648170][ T5850]  ? __kthread_parkme+0x7b/0x200
[   84.648192][ T5850]  kthread+0x711/0x8a0
[   84.648213][ T5850]  ? __pfx_worker_thread+0x10/0x10
[   84.648227][ T5850]  ? __pfx_kthread+0x10/0x10
[   84.648246][ T5850]  ? _raw_spin_unlock_irq+0x23/0x50
[   84.648263][ T5850]  ? lockdep_hardirqs_on+0x9c/0x150
[   84.648280][ T5850]  ? __pfx_kthread+0x10/0x10
[   84.648299][ T5850]  ret_from_fork+0x3fc/0x770
[   84.648317][ T5850]  ? __pfx_ret_from_fork+0x10/0x10
[   84.648337][ T5850]  ? __switch_to_asm+0x39/0x70
[   84.648378][ T5850]  ? __switch_to_asm+0x33/0x70
[   84.648396][ T5850]  ? __pfx_kthread+0x10/0x10
[   84.648417][ T5850]  ret_from_fork_asm+0x1a/0x30
[   84.648461][ T5850]  </TASK>
[   84.648624][ T5850] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[   84.772883][ T5850] Bluetooth: hci1: failed to register connection device
[   85.134854][   T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   85.206404][ T6654] loop1: detected capacity change from 0 to 4096
[   85.298666][   T10] usb 3-1: Using ep0 maxpacket: 16
[   85.355854][   T10] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   85.386591][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   85.413602][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   85.448186][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   85.482980][   T10] usb 3-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[   85.506095][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.618740][   T10] usb 3-1: config 0 descriptor??
[   85.621209][ T6636] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   85.651187][ T6654] ntfs3(loop1): failed to convert "0080" to koi8-r
[   85.658090][ T6654] ntfs3(loop1): failed to convert name for inode 1e.
[   85.661550][ T6654] ntfs3(loop1): ino=1f, mi_enum_attr
[   85.665185][ T6654] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[   85.673914][   T10] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input5
[   85.847753][   T10] usb 3-1: USB disconnect, device number 2
[   86.024267][ T6694] loop1: detected capacity change from 0 to 4096
[   86.037709][ T6694] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[   86.068808][ T6694] ntfs3(loop1): Failed to initialize $Secure::$SII (-22).
[   86.076880][ T6694] ntfs3(loop1): Failed to initialize $Secure (-22).
[   86.138164][ T6709] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   86.182498][ T6712] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   86.278661][ T6712] netlink: 4 bytes leftover after parsing attributes in process `syz.0.181'.
[   86.282952][ T6712] bridge_slave_1: left allmulticast mode
[   86.284957][ T6712] bridge_slave_1: left promiscuous mode
[   86.286913][ T6712] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.296595][ T6712] bridge_slave_0: left allmulticast mode
[   86.299069][ T6712] bridge_slave_0: left promiscuous mode
[   86.301913][ T6712] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.789335][ T5850] Bluetooth: hci1: command tx timeout
[   86.818583][ T5911] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   86.833990][ T6739] netlink: 4 bytes leftover after parsing attributes in process `syz.1.190'.
[   86.837693][ T6739] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   86.864254][ T6739] batman_adv: batadv0: Removing interface: batadv_slave_1
[   86.970465][ T5911] usb 3-1: config 7 descriptor has 1 excess byte, ignoring
[   86.973393][ T5911] usb 3-1: config 7 has 1 interface, different from the descriptor's value: 2
[   86.980077][ T5911] usb 3-1: New USB device found, idVendor=19d2, idProduct=1275, bcdDevice= 7.84
[   86.983679][ T5911] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.987111][ T5911] usb 3-1: Product: syz
[   86.990029][ T5911] usb 3-1: Manufacturer: syz
[   86.992510][ T5911] usb 3-1: SerialNumber: syz
[   87.012528][ T5911] rndis_host 3-1:7.0: skipping garbage
[   87.014838][ T5911] usb 3-1: bad CDC descriptors
[   87.018075][ T5911] option 3-1:7.0: GSM modem (1-port) converter detected
[   87.258557][   T10] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   87.274428][ T5911] usb 3-1: USB disconnect, device number 3
[   87.279792][ T5911] option 3-1:7.0: device disconnected
[   87.412113][   T10] usb 2-1: config 0 has an invalid interface number: 64 but max is 0
[   87.415347][   T10] usb 2-1: config 0 has no interface number 0
[   87.421581][   T10] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[   87.425124][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.428258][   T10] usb 2-1: Product: syz
[   87.432210][   T10] usb 2-1: Manufacturer: syz
[   87.434582][   T10] usb 2-1: SerialNumber: syz
[   87.449237][   T10] usb 2-1: config 0 descriptor??
[   87.664922][   T10] usb 2-1: Found UVC 0.00 device syz (046d:0823)
[   87.667122][   T10] usb 2-1: No valid video chain found.
[   87.671381][   T10] usb 2-1: USB disconnect, device number 3
[   88.049683][ T6785] loop2: detected capacity change from 0 to 40427
[   88.055312][ T6785] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   88.058231][ T6785] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   88.063787][ T6785] F2FS-fs (loop2): invalid crc value
[   88.104816][ T6785] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   88.111752][ T6785] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   88.113986][ T6785] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   88.748598][ T5911] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   88.901776][ T5911] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.905963][ T5911] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.909938][ T5911] usb 2-1: New USB device found, idVendor=2179, idProduct=0077, bcdDevice= 0.00
[   88.914410][ T5911] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.920445][ T5911] usb 2-1: config 0 descriptor??
[   89.062254][ T6805] tipc: Started in network mode
[   89.064106][ T6805] tipc: Node identity ac1414aa, cluster identity 4711
[   89.067295][ T6805] tipc: Enabled bearer <udp:syz2>, priority 10
[   89.355809][ T5911] uclogic 0003:2179:0077.0001: interface is invalid, ignoring
[   89.600498][ T5911] usb 2-1: USB disconnect, device number 4
[   89.629962][ T6847] loop0: detected capacity change from 0 to 2048
[   89.643805][ T6847] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   90.060453][ T2201] tipc: Node number set to 2886997162
[   91.948776][ T6903] netlink: 8 bytes leftover after parsing attributes in process `syz.2.217'.
[   92.190652][ T6896] loop0: detected capacity change from 0 to 131072
[   92.193922][ T6896] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[   92.196384][ T6896] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   92.199974][ T6896] F2FS-fs (loop0): invalid crc value
[   92.239667][ T6896] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   92.245764][ T6896] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   92.247957][ T6896] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[   92.466713][ T6908] loop2: detected capacity change from 0 to 32768
[   92.485183][ T6908] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.218 (6908)
[   92.536132][ T6908] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   92.552572][ T6908] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[   92.563738][ T6908] BTRFS info (device loop2): using free-space-tree
[   92.764605][ T5849] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   93.056664][ T6962] loop0: detected capacity change from 0 to 4096
[   93.060143][ T6962] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[   93.074742][ T6962] ntfs3(loop0): ino=19, mi_enum_attr
[   93.076533][ T6962] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[   93.087840][ T6962] ntfs3(loop0): failed to convert "c46c" to cp1255
[   93.099962][ T6962] ntfs3(loop0): ino=20, mi_enum_attr
[   93.167776][ T6974] batadv0: entered promiscuous mode
[   93.170009][ T6974] macvtap1: entered promiscuous mode
[   93.172428][ T6974] 8021q: adding VLAN 0 to HW filter on device macvtap1
[   93.175961][ T6974] batadv0: left promiscuous mode
[   93.209091][ T5882] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   93.312628][ T6983] loop0: detected capacity change from 0 to 8
[   93.351593][ T6983] SQUASHFS error: xz decompression failed, data probably corrupt
[   93.354858][ T6983] SQUASHFS error: Failed to read block 0x108: -5
[   93.357422][ T6983] SQUASHFS error: Unable to read metadata cache entry [106]
[   93.361666][ T5882] usb 2-1: Using ep0 maxpacket: 32
[   93.363843][ T6983] SQUASHFS error: Unable to read inode 0x11f
[   93.368099][ T5882] usb 2-1: config 0 has an invalid interface number: 98 but max is 0
[   93.373171][ T5882] usb 2-1: config 0 has no interface number 0
[   93.375630][ T5882] usb 2-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[   93.390205][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.399885][ T5882] usb 2-1: config 0 descriptor??
[   93.456666][ T6969] loop2: detected capacity change from 0 to 40427
[   93.469102][ T6969] F2FS-fs: heap/no_heap options were deprecated
[   93.472487][ T6969] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[   93.477388][ T6969] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   93.492855][ T6969] F2FS-fs (loop2): invalid crc value
[   93.552629][ T6996] all (unregistering): Released all slaves
[   93.574045][ T6969] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   93.578217][ T6969] F2FS-fs (loop2): Start checkpoint disabled!
[   93.595597][ T6969] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   93.598143][ T6969] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   93.615532][ T5882] usb 2-1: USB disconnect, device number 5
[   93.742145][ T7075] netlink: 512 bytes leftover after parsing attributes in process `syz.0.234'.
[   94.129531][ T7082] loop0: detected capacity change from 0 to 32768
[   94.142272][ T5850] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[   94.145477][ T5850] Bluetooth: hci0: Injecting HCI hardware error event
[   94.149596][ T5848] Bluetooth: hci0: hardware error 0x00
[   94.195581][ T7082] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   94.220747][ T7082] XFS (loop0): Ending clean mount
[   94.315319][ T5845] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   94.521487][ T7122] loop2: detected capacity change from 0 to 1024
[   94.592780][   T26] hfsplus: b-tree write err: -5, ino 4
[   94.617023][ T7127] PKCS8: Unsupported PKCS#8 version
[   94.701189][ T7110] loop1: detected capacity change from 0 to 32768
[   94.743565][ T7110] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   94.824950][ T7110] XFS (loop1): Ending clean mount
[   94.844149][ T7110] XFS (loop1): Quotacheck needed: Please wait.
[   94.900351][ T7110] XFS (loop1): Quotacheck: Done.
[   94.961999][ T5854] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   95.008640][ T5882] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   95.171372][ T5882] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.175142][ T5882] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.178313][ T5882] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   95.209213][ T5882] usb 1-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00
[   95.222884][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.357989][ T5882] usb 1-1: config 0 descriptor??
[   95.542760][ T7171] loop1: detected capacity change from 0 to 128
[   95.575803][   T33] audit: type=1800 audit(1755601747.348:6): pid=7171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.251" name="file2" dev="loop1" ino=1048596 res=0 errno=0
[   95.851015][ T5882] hid-udraw 0003:20D6:CB17.0002: unknown main item tag 0x0
[   95.870826][ T5882] input: THQ uDraw Game Tablet for PS3 Joypad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:20D6:CB17.0002/input/input6
[   95.968867][ T5882] input: THQ uDraw Game Tablet for PS3 Touchpad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:20D6:CB17.0002/input/input7
[   96.006942][ T5882] input: THQ uDraw Game Tablet for PS3 Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:20D6:CB17.0002/input/input8
[   96.021357][ T5882] input: THQ uDraw Game Tablet for PS3 Accelerometer as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:20D6:CB17.0002/input/input9
[   96.051985][ T7149] loop0: detected capacity change from 0 to 256
[   96.055708][ T5882] hid-udraw 0003:20D6:CB17.0002: hidraw0: USB HID v0.00 Device [HID 20d6:cb17] on usb-dummy_hcd.0-1/input0
[   96.149348][ T7149] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x16e2264b, utbl_chksum : 0xe619d30d)
[   96.231577][ T5848] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[   96.736456][ T2201] usb 1-1: USB disconnect, device number 4
[   97.821715][ T7275] netlink: 8 bytes leftover after parsing attributes in process `syz.0.261'.
[   97.994076][ T7266] loop1: detected capacity change from 0 to 32768
[   98.279916][ T7266] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   98.689346][   T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.809071][   T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.927384][ T7266] ocfs2: Unmounting device (7,1) on (node local)
[   98.963758][   T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.043711][   T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.406560][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   99.415324][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   99.419225][   T13] bond0 (unregistering): Released all slaves
[   99.690036][   T13] hsr_slave_0: left promiscuous mode
[   99.692700][   T13] hsr_slave_1: left promiscuous mode
[   99.695126][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   99.697844][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[   99.701489][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   99.704244][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[   99.720247][   T13] veth1_macvtap: left promiscuous mode
[   99.722269][   T13] veth0_macvtap: left promiscuous mode
[   99.724067][   T13] veth1_vlan: left promiscuous mode
[   99.726734][   T13] : left promiscuous mode
[  100.047520][   T13] team0 (unregistering): Port device team_slave_1 removed
[  100.076416][   T13] team0 (unregistering): Port device team_slave_0 removed
[  100.793238][   T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.876980][   T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.962432][   T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.053860][   T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.188522][   T13] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.251350][   T13] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.340134][   T13] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.396986][   T13] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  101.477179][   T13] bridge_slave_1: left allmulticast mode
[  101.479533][   T13] bridge_slave_1: left promiscuous mode
[  101.482835][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.488074][   T13] bridge_slave_0: left allmulticast mode
[  101.490436][   T13] bridge_slave_0: left promiscuous mode
[  101.492531][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.498207][   T13] bridge_slave_1: left allmulticast mode
[  101.500263][   T13] bridge_slave_1: left promiscuous mode
[  101.502666][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.508651][   T13] bridge_slave_0: left allmulticast mode
[  101.510356][   T13] bridge_slave_0: left promiscuous mode
[  101.512317][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.891833][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  101.897621][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  101.902823][   T13] bond0 (unregistering): Released all slaves
[  102.202594][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  102.208117][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  102.213042][   T13] bond0 (unregistering): Released all slaves
[  102.299539][   T13] tipc: Disabling bearer <udp:syz2>
[  102.307354][   T13] tipc: Left network mode
[  102.600285][   T13] hsr_slave_0: left promiscuous mode
[  102.603035][   T13] hsr_slave_1: left promiscuous mode
[  102.606347][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.609413][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.617005][   T13] hsr_slave_0: left promiscuous mode
[  102.620771][   T13] hsr_slave_1: left promiscuous mode
[  102.623488][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.626468][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.630167][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.633162][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.666003][   T13] veth1_macvtap: left promiscuous mode
[  102.668263][   T13] veth0_macvtap: left promiscuous mode
[  102.671201][   T13] veth1_vlan: left promiscuous mode
[  102.673396][   T13] veth0_vlan: left promiscuous mode
[  102.677622][   T13] veth1_macvtap: left promiscuous mode
[  102.680073][   T13] veth0_macvtap: left promiscuous mode
[  102.682417][   T13] veth1_vlan: left promiscuous mode
[  102.684388][   T13] veth0_vlan: left promiscuous mode
[  103.048336][   T13] team0 (unregistering): Port device team_slave_1 removed
[  103.082608][   T13] team0 (unregistering): Port device C removed
[  103.744170][   T13] team0 (unregistering): Port device team_slave_1 removed
[  103.782171][   T13] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
11:09:20  Registers:
info registers vcpu 0

CPU#0
RAX=739315f7e09eb300 RBX=ffffffff819683a8 RCX=739315f7e09eb300 RDX=0000000000000001
RSI=ffffffff8d9b6935 RDI=ffffffff8be33300 RBP=ffffffff8de07eb8 RSP=ffffffff8de07d80
R8 =ffff88804b032f9b R9 =1ffff110096065f3 R10=dffffc0000000000 R11=ffffed10096065f4
R12=ffffffff8fa37e30 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a20
RIP=ffffffff8b7943f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00100
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00100
FS =0000 0000000000000000 ffffffff 00c00100
GS =0000 ffff8880b861c000 ffffffff 00c00100
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fbe474e6bd0 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000ff0000000000 XMM03=0000000000000000 00000000000000ff
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1547ab8e05b84a00 RBX=ffffffff819683a8 RCX=1547ab8e05b84a00 RDX=0000000000000001
RSI=ffffffff8d9b6935 RDI=ffffffff8be33300 RBP=ffffc90000177f20 RSP=ffffc90000177de0
R8 =ffff888136632f9b R9 =1ffff11026cc65f3 R10=dffffc0000000000 R11=ffffed1026cc65f4
R12=ffffffff8fa37e30 R13=0000000000000001 R14=0000000000000001 R15=1ffff110200d0000
RIP=ffffffff8b7943f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000556b2944f600 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000ff0000000000 XMM03=0000000000000000 00000000000000ff
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
