last executing test programs:

4m13.67166881s ago: executing program 2 (id=431):
r0 = fsopen(&(0x7f0000000040)='ceph\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000100)='test_dummy_encryption', &(0x7f0000000240)='v2\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='test_dummy_encryption', &(0x7f0000000080)='v1\x00ul\x00\x00\x00\x00\x00loc\x8d\x8b#\xe0\xb9\xbd\"\xeb.\xc7]\xa67\x97 \xc9\xfc|\x85o7Z\xdc}U\x8c\xdd\n\xaa?4\xafq\x1d\xf6(\xe6\x9em_\x1a\xbfDi\x15\x81\xd47\x8e\x86\xa2u~FC\x9c\xe3\x98\x87\x98\xf7\xa2\xb5\x12\x8cv\xe4_\x91\xa8G!mm\f\xcf\xfb[\xd5Qf\x15\xfe\xc80\xad\xaa\xe9', 0x0)

4m12.898368523s ago: executing program 2 (id=433):
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff)
mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='stats=global'])
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x2020)

4m12.889922285s ago: executing program 2 (id=434):
syz_emit_ethernet(0x42, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @empty, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00V\x00', 0xc, 0x11, 0x0, @remote, @local, {[], {0x0, 0x4e22, 0xc, 0x0, @opaque="03000000"}}}}}}, 0x0)

4m12.889682785s ago: executing program 2 (id=435):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4000004, &(0x7f0000000c00)={[{@block_validity}, {@minixdf}, {@noblock_validity}, {@lazytime}, {@noauto_da_alloc}, {@block_validity}, {@init_itable_val={'init_itable', 0x3d, 0x9}}, {@debug}, {@usrjquota}, {@nolazytime}, {@norecovery}]}, 0xfe, 0x477, &(0x7f0000000780)="$eJzs3M1vFOUfAPDvTLctLz9+rYgvIEgVjcSXlpYXOXjRaMJBExM9YDzVtpDKQg2tiRCi1QMeDYl3439hPOnFqBdNvOrdkBDDBdTLmtmZKUvZLVu67QL7+STTPs/M0z7Pd2ae2Wfm2d0AetZI9iOJ+F9E/B4RQ3n25gIj+a/rVy9M/X31wlQStdpbfyX1cteuXpgqi5Z/tzXP1GpFfrBJvRffjZisVmfOFvmxhdMfjM2fO//C7OnJkzMnZ85MHD166OCegSMThzsSZxbXtV0fz+3eeeydS29MHb/03k9JJfK4Y1kcnTKS792mnu50ZV22rSFd37FL9v5yI93sTKCb+iIiO1z99f4/FH2xeWnbULz2WVcbB6yrWq1WW+GqvFgD7mNJdLsFQHcUtwD1+99y2cDhR9ddeTm/Acrivl4s+ZZKpHlib/+y+9tOGomI44v/fJUtsU7PIQAAGn2XjX+ebzb+S+PhPDGQ/fh/MYcyHBEPRMT2iHgwInZExEMR9bKPRMSjq6x/+QzJreOf9PIdB9eGbPz3UjG3dfP4Ly2LDPcVuW31+PuTE7PVmQPFPtkf/YMnZpOZ8RXq+P7V375ota1x/JctWf3lWLBox+XK4Kab/mZ6cmFyTUE3uPJpxK5Ks/iTKKdxkojYGRG77rCO2WcrLbfdPv4VtP63bat9HfFMfvwXY1n8paTl/OT4i0cmDo9tiurMgbHyrLjVz79efLNV/WuKvwOy47+l6fm/FP9wsili/tz5U/X52vnV13Hxj89b3tO0d/4vZY5tK87/geTt+oqBYsNHkwsLZ8cjBpLXb10/ceO/lfmyfBb//n3N+//2uLEnHouI3RGxJyIez24Ki7Y/ERFPRsS+FeL/8ZWn3l99/BszV5rFP3274x+Nx3/1ib5TP3x7+/iza1yr43+ontpfrGnn+tduA9ey7wAAAOBekdbfA5+ko0mlSKfp6Gj+Hv4dsSWtzs0vPHdi7sMz0/l75YejPy2fdA01PA8dL54Nl/mJZfmDxXPjL/s21/OjU3PV6W4HDz1ua9n/l64Fef/P/NnX7dYB664D82jAPUr/h96l/0NvSvR/6Gn6P/SuZv3/k5alR79Z18YAG8rrP/SuNvr/Yv6r9agAuDd5/Yfepf9DT2r52fh0TR/53/DEv8X3Gd4t7bn/E5HeFc24/xOVtr/MYhWJ2lDe/7M1g03LdPvKBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Bn/BQAA///T8uXN")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

4m12.882913497s ago: executing program 2 (id=436):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0xffffffff, 0x81, 0xffffffff})
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, 0x0, &(0x7f00000000c0))

4m12.563903196s ago: executing program 2 (id=444):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0x210008, &(0x7f0000000540)=ANY=[], 0xff, 0xc42, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy7Fld1WTOwoThoXm7ZIZcVS9S+mYhXuqqbZBpBlIRRzC8CVSKkLUyRBUo1spC3THnroIUAR9JATgdYokKKB0bRBj0zrAsnFhyKnnogWNoKiB7YIkFPAYGbfikuKtGmTlCjr87HJ7+7MezPvzaxmJIJvXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEb/30sVTp9ODbgUAcD9dHv3yqTPu/wDwSLnq3/8AAAAAAAAAAAAAAHDQpSjiiUgxe3k1jVfvO+qX2v2374wNj2xd7XCqavZV5cuv+ukzZ8994bmh89281J5+j/p77dPxyujVi40XZ27Nzk3Oz09ONMam29dnJiZ3vIXd1t/seHUAGrdevT1x48Z848zJsxtW3xl8d+Dxo4MXhp458XS37NjwyMjoepF6b/nah25Ix3YjPA5FEScixbPf/UlqRUQRuz8W9ft77jc7XHXieNWJseGRqiNT7db0QrnySvdAFBGNnkrN7jHa+lxErf++9mF7zYjFsvllg4+X3Rudbc21rk1NNq605hbaC+2Z6Sup09qyP40o4nyKWIqIlYF7N9cfRdQixbePrKZrEdHXPQ6frwYGb9+OYh/7uANlOxv9EUvFQ3DODrCBKOLlSPHTt47F9Xydqa41n4t4uczvR7xR5gsRqfxgnIt4Z4vPEQ+nWhTxl+X5v7CaJqrrQfe6cukrjS9N35jpKdu9rnzA+8M9V4r7f384fPdbT94fB/zaVI8iWtUVfzV9+L/sAAAAAAAAAAAAAAAAALDXDkcRn4oUL/3HH1XjiqMal37kwtDvD/5y75jxp95nO2XZkxGxWOxsTO6hPDDwSrqS0gMeS/woq0cRf5zH/33jQTcGAAAAAAAAAAAAAAAAAADgkVbEjyPF828fS0vRO6d4e/pm42rr2lRnVtju3L/dOdPX1tbWGqmTzZzjORdzLuVczrmSM4pcP2cz53jOxZxLOZdzruSMvlw/ZzPneM7FnEs5l3Ou5Ixarp+zmXM852LOpZyv/Hmnzyv5fRyQuXsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5Kiiji55Him19bTZEiohkxHp1cHnjQrQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASgOpiO9FisYfNO8uq0VEqv7vOFZ+OxfNQ2V+PJpDZb4QzYs5W1XWmt94AO1nd/pTET+KFAP1N++e8Hz++zvv7n4M4o2vr7/7dK2Tfd2Vg+8OPH70yIWhkV97arvXaasGHL/Unr59pzE2PDIy2rO4lvf+8Z5lg3m/xd50nYiYf+31V1tTU5NzH/5F+RHYRfWH6EWqPSo99aJ6EbUPWuufv/Wg27xnfecRUN7/34kUv/32f3Zv+J37fz1+qfPu7h0+fvYn6/f/5zdvaIf3/9rmevn+X97Tt7r/P9Gz7Pn8t5H+WkR94dZs/9GI+vxrr59o32rdnLw5OX3u1KkvDg198eyp/kMR9RvtqcmeV3tyuAAAAAAAAAAAAAAAAADumxRF/G6kaP1oNTUi4k41XmvwwtAzJ57ui75qvNWGcduvjF692Hhx5tbs3OT8/OREY2y6fX1mYnKn+6tXw73Ghkf2pTfv6/A+t/9w/cWZ2dfm2jf/cGHL9Y/VL16bX5hrXd96dRyOIqLZu+R41eCx4ZGq0VPt1nRV9cqWg+k/uP5UxH9FiuvnGumzeVke/795hP+G8f+Lmze0T+P/P9azrNxnSkX8LFL81l89FZ+t2vlY3HPMcrm/jRTHz38ml4tDZbluGzrPFeiMDCzL/l+k+MefbyzbHQ/5xHrZ0zs+sA+J8vwfiRTf+4vvxK/nZRuf/7D1+X9s84b26fw/2bPssQ3PK9h118nn/0SkeOGJN+M38rL3ev5H99kbx3Lhu8/n2Kfz/4meZYN5v7+5N10HAAAAAAAAAAB4qPWnIv4uUvxgpJaey8t28vt/E5s3tE+///XJnmUT289X1Bd7OP3Jrg8qAAAAABwQ/amIH0eKmwtv3h1DvXH8d8/4z99ZH/85nDatrX7O9yvVcwP28ud/vQbzfsd3320AAAAAAAAAAAAAAAAAAAA4UFIq4rk8n/p4NZ5/Ytv51JcjxUv/82wul46W5brzwA9W3+uXZ6ZPXJyamrneWmhdm5psjM62rk+WdZ+MFKt/85lct6jmV+/ON9+Z4319Lva5SDHy992ynbnYu3OTP7le9nRZ9mOR4r//YWPZ7jzWn1gve6Ys+9eR4qv/snXZo+tlz5ZlvxMpfvjVRrfsY2XZ7vNRP7le9uT1mWIfzgoAAAAAAAAAAAAAAAAAAACPmv5UxJ9Fiv+9tXR3LH+e/7+/523lja/3zPe/yZ1qnv/Bav7/7V5vPf//n8Z7zf9fPVdgcbu9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAR1OKIl6PFLOXV9PyQPm+o36pPX37ztjwyNbVDqeqZl9Vvvyqnz5z9twXnhs63833rr/XPhWvjF692Hhx5tbs3OT8/OREY2y6fX1mYnLHW9ht/c2OVwegcevV2xM3bsw3zpw8u2H1ncF3Bx4/Onhh6JkTT3fLjg2PjIz2lKn1f+i93yNts/xQFPGtSPHsd3+SfjAQUcTuj8X7fHb22+GqE8erTowNj1QdmWq3phfKlVe6B6KIaPRUanaP0X04F7vSjFgsm182+HjZvdHZ1lzr2tRk40prbqG90J6ZvpI6rS3704gizqeIpYhYGbh3c/1RxKuR4ttHVtO/DkT0dY/D5y+PfvnUme3bUexjH3egbGejP2KpeAjO2QE2EEX8U6T46VvH4t8GImrR+YrPRbxc5vcj3mic7BQuPxjnIt7Z4nPEw6kWRfx/ef4vrKa3BsrrQfe6cukrjS9N35jpKdu9rjz094f76YBfm+pRxA+rP9ir6d/9uQYAAAAAAAAAAAAAAAA4QIr41Ujx/NvHUjU++O6Y4vb0zcbV1rWpzrC+7ti/7pjptbW1tUbqZDPneM7FnEs5l3Ou5Iwi18/ZLLO+tjae3y/mXMq5nHMlZ/Tl+jmbOcdzLuZcyrmccyVn1HL9nM2c4zkXcy7lXM65kjMOyNg9AAAAAAAAAAAAAAAAAADgo6Wo/kvxza+tprWBzvzS49HJZfOBfuT9IgAA///MXvRq")
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000fc0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd5000fdcbdf251f0000000800010031"], 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
socket$kcm(0x29, 0x7, 0x0)

4m12.337310281s ago: executing program 32 (id=444):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0x210008, &(0x7f0000000540)=ANY=[], 0xff, 0xc42, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy7Fld1WTOwoThoXm7ZIZcVS9S+mYhXuqqbZBpBlIRRzC8CVSKkLUyRBUo1spC3THnroIUAR9JATgdYokKKB0bRBj0zrAsnFhyKnnogWNoKiB7YIkFPAYGbfikuKtGmTlCjr87HJ7+7MezPvzaxmJIJvXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEb/30sVTp9ODbgUAcD9dHv3yqTPu/wDwSLnq3/8AAAAAAAAAAAAAAHDQpSjiiUgxe3k1jVfvO+qX2v2374wNj2xd7XCqavZV5cuv+ukzZ8994bmh89281J5+j/p77dPxyujVi40XZ27Nzk3Oz09ONMam29dnJiZ3vIXd1t/seHUAGrdevT1x48Z848zJsxtW3xl8d+Dxo4MXhp458XS37NjwyMjoepF6b/nah25Ix3YjPA5FEScixbPf/UlqRUQRuz8W9ft77jc7XHXieNWJseGRqiNT7db0QrnySvdAFBGNnkrN7jHa+lxErf++9mF7zYjFsvllg4+X3Rudbc21rk1NNq605hbaC+2Z6Sup09qyP40o4nyKWIqIlYF7N9cfRdQixbePrKZrEdHXPQ6frwYGb9+OYh/7uANlOxv9EUvFQ3DODrCBKOLlSPHTt47F9Xydqa41n4t4uczvR7xR5gsRqfxgnIt4Z4vPEQ+nWhTxl+X5v7CaJqrrQfe6cukrjS9N35jpKdu9rnzA+8M9V4r7f384fPdbT94fB/zaVI8iWtUVfzV9+L/sAAAAAAAAAAAAAAAAALDXDkcRn4oUL/3HH1XjiqMal37kwtDvD/5y75jxp95nO2XZkxGxWOxsTO6hPDDwSrqS0gMeS/woq0cRf5zH/33jQTcGAAAAAAAAAAAAAAAAAADgkVbEjyPF828fS0vRO6d4e/pm42rr2lRnVtju3L/dOdPX1tbWGqmTzZzjORdzLuVczrmSM4pcP2cz53jOxZxLOZdzruSMvlw/ZzPneM7FnEs5l3Ou5Ixarp+zmXM852LOpZyv/Hmnzyv5fRyQuXsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5Kiiji55Him19bTZEiohkxHp1cHnjQrQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASgOpiO9FisYfNO8uq0VEqv7vOFZ+OxfNQ2V+PJpDZb4QzYs5W1XWmt94AO1nd/pTET+KFAP1N++e8Hz++zvv7n4M4o2vr7/7dK2Tfd2Vg+8OPH70yIWhkV97arvXaasGHL/Unr59pzE2PDIy2rO4lvf+8Z5lg3m/xd50nYiYf+31V1tTU5NzH/5F+RHYRfWH6EWqPSo99aJ6EbUPWuufv/Wg27xnfecRUN7/34kUv/32f3Zv+J37fz1+qfPu7h0+fvYn6/f/5zdvaIf3/9rmevn+X97Tt7r/P9Gz7Pn8t5H+WkR94dZs/9GI+vxrr59o32rdnLw5OX3u1KkvDg198eyp/kMR9RvtqcmeV3tyuAAAAAAAAAAAAAAAAADumxRF/G6kaP1oNTUi4k41XmvwwtAzJ57ui75qvNWGcduvjF692Hhx5tbs3OT8/OREY2y6fX1mYnKn+6tXw73Ghkf2pTfv6/A+t/9w/cWZ2dfm2jf/cGHL9Y/VL16bX5hrXd96dRyOIqLZu+R41eCx4ZGq0VPt1nRV9cqWg+k/uP5UxH9FiuvnGumzeVke/795hP+G8f+Lmze0T+P/P9azrNxnSkX8LFL81l89FZ+t2vlY3HPMcrm/jRTHz38ml4tDZbluGzrPFeiMDCzL/l+k+MefbyzbHQ/5xHrZ0zs+sA+J8vwfiRTf+4vvxK/nZRuf/7D1+X9s84b26fw/2bPssQ3PK9h118nn/0SkeOGJN+M38rL3ev5H99kbx3Lhu8/n2Kfz/4meZYN5v7+5N10HAAAAAAAAAAB4qPWnIv4uUvxgpJaey8t28vt/E5s3tE+///XJnmUT289X1Bd7OP3Jrg8qAAAAABwQ/amIH0eKmwtv3h1DvXH8d8/4z99ZH/85nDatrX7O9yvVcwP28ud/vQbzfsd3320AAAAAAAAAAAAAAAAAAAA4UFIq4rk8n/p4NZ5/Ytv51JcjxUv/82wul46W5brzwA9W3+uXZ6ZPXJyamrneWmhdm5psjM62rk+WdZ+MFKt/85lct6jmV+/ON9+Z4319Lva5SDHy992ynbnYu3OTP7le9nRZ9mOR4r//YWPZ7jzWn1gve6Ys+9eR4qv/snXZo+tlz5ZlvxMpfvjVRrfsY2XZ7vNRP7le9uT1mWIfzgoAAAAAAAAAAAAAAAAAAACPmv5UxJ9Fiv+9tXR3LH+e/7+/523lja/3zPe/yZ1qnv/Bav7/7V5vPf//n8Z7zf9fPVdgcbu9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAR1OKIl6PFLOXV9PyQPm+o36pPX37ztjwyNbVDqeqZl9Vvvyqnz5z9twXnhs63833rr/XPhWvjF692Hhx5tbs3OT8/OREY2y6fX1mYnLHW9ht/c2OVwegcevV2xM3bsw3zpw8u2H1ncF3Bx4/Onhh6JkTT3fLjg2PjIz2lKn1f+i93yNts/xQFPGtSPHsd3+SfjAQUcTuj8X7fHb22+GqE8erTowNj1QdmWq3phfKlVe6B6KIaPRUanaP0X04F7vSjFgsm182+HjZvdHZ1lzr2tRk40prbqG90J6ZvpI6rS3704gizqeIpYhYGbh3c/1RxKuR4ttHVtO/DkT0dY/D5y+PfvnUme3bUexjH3egbGejP2KpeAjO2QE2EEX8U6T46VvH4t8GImrR+YrPRbxc5vcj3mic7BQuPxjnIt7Z4nPEw6kWRfx/ef4vrKa3BsrrQfe6cukrjS9N35jpKdu9rjz094f76YBfm+pRxA+rP9ir6d/9uQYAAAAAAAAAAAAAAAA4QIr41Ujx/NvHUjU++O6Y4vb0zcbV1rWpzrC+7ti/7pjptbW1tUbqZDPneM7FnEs5l3Ou5Iwi18/ZLLO+tjae3y/mXMq5nHMlZ/Tl+jmbOcdzLuZcyrmccyVn1HL9nM2c4zkXcy7lXM65kjMOyNg9AAAAAAAAAAAAAAAAAADgo6Wo/kvxza+tprWBzvzS49HJZfOBfuT9IgAA///MXvRq")
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000fc0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010028bd5000fdcbdf251f0000000800010031"], 0x4c}, 0x1, 0x0, 0x0, 0x81}, 0x24044884)
socket$kcm(0x29, 0x7, 0x0)

2m46.370268947s ago: executing program 3 (id=1303):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x800, &(0x7f00000004c0)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00000000000000000003,resv_level=000000006,coherency=full,localflocks,coherency=full,noacl,\x00'/136], 0x1, 0x4421, &(0x7f0000004500)="$eJzs3c9PHGUfAPBnBt63UNsKtYeamLiJTTRqCPSk0kRKaSm0WFNtY7xsF9i26MI2sBgPPeCtiScTD8ZDo4k3Tg0Hr/VP8OKxnpvowYuJSSNmd2eBGXbDSliwzeeTlNl5fu9+d5595jB94kTl9txSbm4pV1jIlWduLp3OfVYuLc8XQ7xPDrp/2tOJOIn9wbly7sIH10+H8NPsL4/X19fXQ1V3aGpoy+s//7g7s/XYEGfqVNtt3tpe+TiEcGLbuKq6Qggf/RhCFEI4m6SNJsfeEMKxUM+7fvfLG7k9Gs2DR8Uz+SdT99aGT02u3l9r/d6jEL4tvfjmrfnfXuka/vX1PeoeAAAAAAAAAAAAAAAAAICn3PjVK9feHxwKD6PQvRptf153PDm2ej52fc+83Pk3CwAAAAAAAAAAAAAAAAAAAP9Rm8//56LjTZ7/H0uOIy3qr7/b+THSORPvXRk7PziU7P8ebct/K0n6/WxX6G+y73t2//ezmfrN93/f3s9uNcbX6LcvRPFA6jyOBwZC+D7Z+P1kdDgulZcqb9wsLy/M7tkwnlrp+Nd3709FJ9nQv934j2ba7/z+/y9s+zZVz2/s3VfsmZaOf1fLcj98EbUV/3OZevsRf3YvHf/uWlrv1gIj9QmgGv+vuneO/1im/U7F/1gIIRdVx5pLzQDVNUw1vdV6hbR0/P9XS0tNnckH2er6/ysT//OZ9g9q/l/J/hDRVDr+/6+l9aRKbF7//fHO1/+FTPsHEf/q+Ff8/rclHf9D9cTuVJHaJ9nu/D+eab9T8b8WJ+M8FqW+AatRPb3V/1dHWjr+PdvyN+//4rbWfxcz9ffr/q/Rb+P+rzH9vxbV7/9oLh3/3pbl2r3+JzL1Oj3/j9TWf+xWOv6Ha2nptXNf7W+78Z/MtN+p+NdWJT2N+G/OJ38fqqd/Z/3XlnT8n6snxltLrNT+1tZ/0c7r/0uZ9g9i/Vcd/0rc2V6fFen4H2lZrhr/n9v4/b+cqdf5+IcwaK2/a+n4H21Zrnb99+wc/6lMvU7H/9VONg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFBhNjn0higdS53E8MBDCueT8ZDgcTRdm89Ol8synSyGMJem5cDy6VSpPF0r5uYXybDFfKJXKMyGcT/JPhJ5oqVSu5OcLdy5stNUb3S4WFivTxUIlhDCepL8Ujjbamp6rzBfuhBAubuQ9H5cX79wuLORn5xbfGRwcHAwTG2Poj4qfV4oLlXrv9dwQJjfq9kVbBlfLvrQxliPRJ+XlxYVCqZZ+eUudUnmmUNpSZyrJ+zr0R5XF5YWZQqWYL5VvNfo7SCPJcWzi6odXLw9ty78R1Y+j+zssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lh8NvfxNC6K6fxSGEXJS8iJJ/KQ8eFc/kn0zdWxs+Nbl6f+1xszIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//z8QH1I=")
open(&(0x7f0000000180)='./file1\x00', 0x60142, 0x102)
lsetxattr(&(0x7f0000000280)='./file1\x00', &(0x7f0000000200)=@known='trusted.overlay.upper\x00', 0x0, 0x0, 0x0)

2m46.167051698s ago: executing program 3 (id=1304):
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x2b, 0x0, 0x0)

2m45.826184859s ago: executing program 3 (id=1305):
socket(0x2b, 0x1, 0x1)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000004c0)=ANY=[], 0x50}, 0x1, 0x0, 0x0, 0x4044050}, 0x40)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r2 = openat$dma_heap(0xffffffffffffff9c, 0x0, 0xa2003, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x20004, <r3=>r1, 0x2})
r4 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f00000000c0)={0x0, 0x0, r3})
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x101042, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x40, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)
mount$nfs(&(0x7f0000000080)='@\a', &(0x7f00000000c0)='./file1\x00', &(0x7f0000000500), 0x20040c1, 0x0)
mount$nfs(&(0x7f0000000000)='@\a', &(0x7f0000000180)='./file1\x00', &(0x7f00000001c0), 0x1000000, 0x0)

2m45.764828126s ago: executing program 3 (id=1306):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000340)={0x0, <r1=>0x0, <r2=>0x0}, &(0x7f0000001000)=0xc)
syz_mount_image$exfat(&(0x7f0000000400), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f0000000080)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=r1, @ANYBLOB=',dmask=00000000000000000000152,fmask=00000000000000000000006,gid=', @ANYRESHEX=r2, @ANYBLOB=',uid=', @ANYRESOCT=r0, @ANYBLOB="2c646973636172642c00fb278330ab3b4884d36adf6908d11f57832035e96a1513231140da182ca77aeedc492bbc501d94f854a7e26909bde6e698d72a15ec808a86c25d"], 0x81, 0x14f3, &(0x7f0000001580)="$eJzs3AuYjlW7OPB1r7UexjTpbZLDsO51P7xpaJkkySGnHJIkCUlOCUmTJAmJcZY0JCHHSXIYkuQwjUnjfD7knDT5pEmSkJBk/S/V3r5v9327vf/f9//b1577d13rsm7Pc9/vWnPPNe963uua+bbXmHot69duRkTinwK//ZMihIgRQowQQlwnhAiEEBXjK8Zfvl5AQco/9yLsX6t5+tVeAbuauP95G/c/b+P+523c/7yN+5+3cf/zNu5/3sb9Zywv2zGv2PU88u7gz//zMn7//18kt9zULzeVu7H3fyOF+5+3cf/zNu5/3sb9z9u4/3kb9/9/v1r/yTXuf97G/WcsL7vanz/zuLrjan//McYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLG877K7QQ4t/m/zDh5z+7gTHGGGOMMcYYY//T+PxXewWMMcYYY4wxxhj7fw+EFEpoEYh8Ir+IEQVErLhGxIlrRUFxnYiI60W8uEEUEjeKwqKIKCqKiQRRXJQQRqCwgkQoSopSIipuEqXFzSJRlBFlxS3CiXIiSdwqyovbRAVxu6go7hCVxJ2isqgiqopq4i5RXdQQNUUtUVvcLeqIuqKeqC/uEQ3EvaKhuE80EveLxuIB0UQ8KJqKh0Qz0Vy0EA+LluIR0Uo8KlqLNqKtaCfa/1/lvyj6iZdEfzFApIiBYpAYLIaIoWKYGC5GiJfFSPGKGCVeFalitBgjXhNjxetinHhDjBcTxETxppgkJospYqqYJqaLNPGWmCHeFjPFO2KWmC3miLkiXcwT88W7YoF4TywU74tF4gOxWCwRS8UykSE+FJliucgSH4kV4mORLVaKVWK1WCPWinVivdggNopNYrPYIraKbWK72CE+ETvFLrFb7BF7xT6xX3wqDojPxEHxucgRX/w388/9h/zeIECABAkaNOSDfBADMRALsRAHcVAQCkIEIhAP8VAICkFhKAxFoSgkQAKUgBKAgEBAUBJKQhSiUBpKQyIkQlkoCw4cJEESlIfboAJUgIpQESpBJagMVaAKVINqUB2qQ02oCbWhNtSBOlAP6sE9cA/cCw2hITSCRtAYGkMTaAJNoSk0g2bQAlpAS2gJraAVtIbW0BbaQntoDx2gA3SEjtAZOkMX6AJdoSskQzJ0g27QHbpDD+gBPaEn9IJe0Bv6QB94EV6El+AlGAB15EAYBINgCAyBYTAchsPLMBJegVfgVUiF0TAGXoPX4HUYB2dhPEyAiTARqsvJMAWmAsnpkAZpMANmwEyYCbNgNsyGuZAO82A+zIcF8B68B+/DIvgAPoAlsASWQQZkQCYshyzIghVwDrJhJayC1bAG1sIaWA8bYD1sgs2wCbbCVtgO2+ET+AR2wS7YA3tgH+yDT+FT+Aw+g1TIgRw4BIfgMByGI3AEciEXjsJROAbH4DgchxNwAk7CKTgNp+AMnIGzcA7Ow3m4ABfgIjyf8HWLfWU2pgp5mZZa5pP5ZIyMkbEyVsbJOFlQFpQRGZHxMl4WkoVkYVlYFpVFZYJMkCVkCYkSJclQlpQlZVRGZWlZWibKRFlWlpVOOpkkk2R5WV5WkBVkRXmHrCTvlJVlFdnJVZPVZHXZ2dWUtWRtWVvWkXVlPVlf1pcNZAPZUDaUjWQj2Vg2lk3kg7KpHAjDoLm83JmWcjS0kmOgtWwj28p28nV4THaQ46Cj7CQ7yyfkBBgPXWUHlyyflt3kFOgun5VT4TnZU06HXvIF2Vv2kX3li7Kf7Oj6ywFyFgyUg+RcGCKHymFyuFwAdeXljtWTr8pUOVqOka/JZfC6HCffkOPlBDlRviknyclyipwqp8npMk2+JWfIt+VM+Y6cJWfLOXKuTJfz5Hz5rlwg35ML5ftykfxALpZL5FK5TGbID2WmXC6z5EdyhfxYZsuVcpVcLdfItXKdXC83yI1yk9wst8itcpvcLnfIT+ROuUvulnvkXrlP7pefygPyM3lQfi5z5BfykPyLPCy/lEfkVzJXfi2Pym/kMfmtPC6/kyfk9/KkPCVPyx/kGfmjPCvPyfPyJ3lB/iwvyl/kJemlUKCkUkqrQOVT+VWMKqBi1TUqTl2rCqrrVERdr+LVDaqQulEVVkVUUVVMJajiqoQyCpVVpEJVUpVSUXWTKq1uVomqjCqrblFOlVNJ6lZVXt2mKqjbVUV1h6qk7lSVVRVVVVVTd6nqqoaqqWqp2upuVUfVVfVUfXWPaqDuVQ3VfaqRul81Vg+oJupB1VQ9pJqp5qqFeli1VI+oVupR1Vq1UW1VO9VePaY6qMdVR9VJdVZPqC7qSdVVPaWS1dOqm3pGdVfPqh7qOdVTPa96qRdUb9VH9VW/qEvKq/5qgEpRA9UgNVgNUUPVMDVcjVAvq5HqFTVKvapS1Wg1Rr2mxqrX1Tj1hhqvJqiJ6k01SU1WU9RUNU1NV2nqLTVDva1mqnfULDVbzVFzVbqap4b9XmnhfyH/7b+TP+rXV9+udqhP1E61S+1We9RetU/tV/vVAXVAHVQHVY7KUYfUIXVYHVZH1BGVq3LVUXVUHVPH1HF1XJ1QJ9RJdUr9pH5QZ9SP6qw6p86pn9QFdUFd/P1rIDRoqZXWOtD5dH4dowvoWH2NjtPX6oL6Oh3R1+t4fYMupG/UhXURXVQX0wm6uC6hjUZtNelQl9SldFTfpEvrm3WiLqPL6lu00+V0kr71n87/s/W11+11B91Bd9QddWfdWXfRXXRX3VUn62TdTXfT3XV33UP30D11T91L99K9dW/dV/fV/XQ/3V/31yk6RQ/Sg/UQPVQP08P1CP2yHqlH6lF6lE7VqXqMHqPH6rF6nB6nx+vxeqKeqCfpSXqKnqKn6Wk6TafpGXqGnqln6ll6lp6j5+h0na7n6/l6gV6gF+qFepFepBfrxXqpXqozdIbO1Jk6S2fpFXqFztYr9Uq9Wq/Wa/VavV6v1xv1Rr1Zb9Zb9VadrXfoHXqn3ql36916r96r9+v9+oA+oA/qgzpH5+hD+pA+rA/rI/qIztW5+qg+qo/pY/q4Pq5P6BP6pD6pT+vT+ow+o8/qs/q8Pq8v6Av6or6oL+lLl499gQxkoAMd5AvyBTFBTBAbxAZxQVxQMCgYRIJIEB/EB4WCG4PCQZGgaFAsSAiKByUCE2BgAwrCoGRQKogGNwWlg5uDxKBMUDa4JXBBuSApuDUoH9wWVAhuDyoGdwSVgjuDykGVoGpQLbgrqB7UCGoGtYLawd1BnaBuUC+oH9wTNAjuDRoG9wWNgvuDxsEDQZPgwaBp8FDQLGgetAgeDloGjwStgkeD1kGboG3QLmj/L63v/dkij7v+ZoBJMQPNIDPYDDFDzTAz3IwwL5uR5hUzyrxqUs1oM8a8Zsaa180484YZbyaYieZNM8lMNlPMVDPNTDdp5i0zw7xtZpp3zCwz28wxc026mVfj90O3WWjeN4vMB2axWWKWmmUmw3xoMs1yk2U+MivMxybbrDSrzGqzxqw168x6s8FsNJvMZrPFbDXbzHazw3xidppdZrfZY/aafWa/+dQcMJ+Zg+Zzk2O+MIfMX8xh86U5Yr4yueZrc9R8Y46Zb81x8505Yb43J80pc9r8YM6YH81Zc86cNz+ZC+Znc9H8Yi4Zf/lwf/ntHTVqzIf5MAZjMBZjMQ7jsCAWxAhGMB7jsRAWwsJYGItiUUzABCyBJfAyQsKSWBKjGMXSWBoTMRHLYll06DAJk7A8lscKWAErYkWshJWwMlbGqlgV78K7sAbWwFpYC+/Gu7Eu1sX6WB8bYANsiA2xETbCxtgYm2ATbIpNsRk2wxbYAltiS2yFrbA1tsa22BbbY3vsgB2wI3bEztgZu2AX7IpdMRmTsRt2w+7YHXtgD+yJPbEX9sLe2Bv7Yl/sh/2wP/bHFEzBQTgIh+AQHIbDcASOwJE4EkfhKEzFVByDY3AsjsVxOA7H4wSciG/iJJyMU3AqTsPpmIZpOANn4EycibNwFs7BOZiO6Tgf5+MCXIALcSEuwkW4GBfjUlyKGZiBmZiJWZiFK3AFZmM2rsJVuAbX4DpchxtwA27CTbgFt+A23IY7cAfuxJ24G3fjXtyL+3E/HsADeBAPYg7m4CE8hIfxMB7BI5iLuXgUj+IxPIbH8TiewBN4Ek/iaTyNZ/AMnsWzeB7P4wX8GS/iL3gJPcZYKWLtNTbOXmsL2utsjC1g/zouaovZBFvclrDGFrZF/iZGa22iLWPL2luss+Vskr31D3FlW8VWtdXsXba6rWFr/iFuYO+1De19tpG939a39/xN3Ng+YJvYR2xT+6htZtvYFradbWkfsa3so7a1bWPb2na2i33SdrVP2WT7tO1mn/lDnGmX2w12o91kN9sD9jN73v5kj9lv7QX7s+1vB9gR9mU70r5iR9lXbaod/Yd4on3TTrKT7RQ71U6z0/8Qz7FzbbqdZ+fbd+0C+94f4gz7oV1ks+xiu8Qutct+jS+vKct+ZFfYj222XWlX2dV2jV1r19n1/77W1Xar3Wa32/32U7vT7rK77R671+77Nb68j4P2c5tjv7BH7Tf2sP3SHrHHba79+tf48v6O2+/sCfu9PWlP2dP2B3vG/mjP2nO/7v/y3n+wv9hL1ltBQJIUaQooH+WnGCpAsXQNxdG1VJCuowhdT/F0AxWiG6kwFaGiVIwSqDiVIENIlohCKkmlKEo3UWm6mRKpDJWlW8hROUqiW6k83UYV6HaqSHdQJbqTKlMVqkrV6C6qTjWoJtWi2nQ31aG6VI/q0z3UgO6lhnQfNaL7qTE9QE3oQWpKD1Ezak4t6GFqSY9QK3qUWlMbakvtqD09Rh3ocepInagzPUFd6EnqSk9RMj1N3egZ6k7PUg96jnrS89SLXqDe1If60ovUj16i/jSAUmggDaLBNISG0jAaTiPoZRpJr9AoepVSaTSNoddoLL1O4+gNGk8TaCK9SZNoMk2hqTSNplMavUUz6G2aSe/QLJpNc2gupdM8mk/v0gJ6jxbS+7SIPqDFtISW0jLKoA8pk5ZTFn1EK+hjyqaVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoE9oJ+2i3bSH9tI+2k+f0gH6jA7S55RDX9Ah+gsdpi/pCH1FufQ1HaVv6Bh9S8fpOzpB39NJOkWn6Qc6Qz/SWTpH5+knukA/00X6hS6RJxFCKEMV6jAI84X5w5iwQBgbXhPGhdeGBcPrwkh4fRgf3hAWCm8MC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Ulg5vDhPDMmHZ8JbQheXCpPDWsHx4W1ghvD2sGN4RVgrvDCuHVcJH7q8W3hVWD2uENcNaYe3w7rBOWDesF9YP7wkbhPeGDcP7wkbh/WGF8IGwSfhg2DR8KGwWNg9bhA+HLcNHwlbho2HrsE3YNmwXtg8fCzuEj4cdw05h5/CJsEv4ZNg1fCpMDp8Ou4XP/On1lHBgOCgcHA4Ovb9PLY0ui2ZEP4xmRpdHs6IfRVdEP45mR1dGV0VXR9dE10bXRddHN0Q3RjdFN0e3RLdGt0W3R72vn184cNIpp13g8rn8LsYVcLHuGhfnrnUF3XUu4q538e4GV8jd6Aq7Iq6oK+YSXHFXwhmHzjpyoSvpSrmou8mVdje7RDe4+W8HiHIuybVz7V1718E97jq6Tq6ze8I94Z50T7qn3FPuadfNPeO6u2ddD/ec6+med8+7F1xv18f1dS+6fu4l198NcCkuxQ1yg9wQN8QNc8PcCDfCjXQj3Sg3yqW6VDfGjXFj3Vg3zo1z4914N9FNdJPcJDfFTXHT3DSX5tLcDDfDzXQz3Sw3y81xc1y6S3fz3Xy3wC1wC91CtyhxkVvsFrulbqnLcBku02W6LJflVrgVLttlu1VulVvj1rh1bp3b4Da4TW6T2+K2uG1um9vhdridbqfb7Xa7vW6v2+/2uwPugDvoDrocl+MOuUPusDvsjrivXK772h1137hj7lt33H3nTrjv3Ul3yp12P7gz7kd31p1z591P7oL72V10v7hLzru0yFuRGZG3IzMj70RmRWZH5kTmRtIj8yLzI+9GFkTeiyyMvB9ZFPkgsjiyJLI0siySEfkwkhlZHsmKfBRZEfk4kh1ZGVkVWR1ZE1kb8b74ztCX9KV81N/kS/ubfaIv48v6W7zz5XySv9WX97f5Cv52X9Hf4Sv5O31lX8VX9Y/61r6Nb+vb+fb+Md/BP+47+k6+s3/Cd/FP+q7+KZ/sn/bd/DO+u3/W9/DP+Z7+ed/Lv+B7+z6+r3/R9/Mv+f5+gE/xA/0gP9gP8UP9MD/cj/Av+5H+FT/Kv+pT/Wg/xr/mx/rX/Tj/hh/vJ/iJ/k0/yU/2U/xUP81P92n+LT/Dv+1n+nf8LD/bz/Fzfbqf5+f7d/0C/55f6N/3i/wHfrFf4pf6ZT7Df+gz/XKf5T/yK/zHPtuv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8dr/Df+J3+l1+t9/j9/p9fr//1B/wn/mD/nOf47/wh/xf/GH/pT/iv/K5/mt/1H/jj/lv/XH/nT/hv/cn/Sl/2v/gz/gf/Vl/zp/3P/kL/md/0f/iL/GvpDHGGGOM/ZeoP7k+8O/8n/x9XDZICHHtrmK5/7HmlsK/zYfKhC4RIcTTA3o1/7dRp05KSsrv92YrEZRaIoSIXMnPJ67EK0Vn8aRIFp1E+b+7vqGyzwX6k/rRO4SI/aucGHElvlL/tn9Q/7EnJmZWCs/H/yf1lwiRWOpKTgFxJb5Sv8I/qF+kw5+sv8CXaUJ0/KucOHElvlI/STwunhHJf3MnY4wxxhhjjDH2m6Gyao8/e36+/HyeoK/k5BdX4j97PmeMMcYYY4wxxtjV91yfvk89lpzcqQdPeMITnvz75Gr/ZGKMMcYYY4z9q1059F/tlTDGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY3nX/48/J3a198gYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xdbf8nAAD//yx2QLk=")
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x10a78c0, 0x0)
read$FUSE(r3, &(0x7f0000004200)={0x2020}, 0x2020)

2m45.69291987s ago: executing program 3 (id=1307):
timer_create(0xfffffffffffffff4, 0x0, &(0x7f0000001400))

2m45.42908266s ago: executing program 3 (id=1309):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000300)=ANY=[@ANYBLOB="050000000000000073114a00000000008510000002000000850000002700000095000000000000009500a505000000001d0721f032527825dbd28ece65a21428962f5c851dcf8d85097db901c61777b22b2ebe62633de19b16e45bde4117a6f561f4fdd2b65b840738ff1f517c0593b1626a71cef5467bd592"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

2m45.311894495s ago: executing program 33 (id=1309):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000300)=ANY=[@ANYBLOB="050000000000000073114a00000000008510000002000000850000002700000095000000000000009500a505000000001d0721f032527825dbd28ece65a21428962f5c851dcf8d85097db901c61777b22b2ebe62633de19b16e45bde4117a6f561f4fdd2b65b840738ff1f517c0593b1626a71cef5467bd592"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

1m43.042766413s ago: executing program 4 (id=1911):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./bus\x00', 0x1, &(0x7f00000017c0)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ec0000000000000000a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06adb7b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02040000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f6505003cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096746a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd970140495fde08532c0a7b65c9ace709805bc67b09e57de7c3d7633515bedda91d7c341c30762156b62c1", @ANYRESOCT=0x0], 0x1, 0x555f, &(0x7f0000004440)="$eJzs3EtvG1UUAOA7TpPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKKhJ48R9fJ80PjPX12fusUaRzkzkADy15tPff03CxXAmhDATQjifhHw/KbbcSgwvhBAuhRBK/9iSYvzvgbkQwtkQwsVR8pgzKd768srw8vIvb/323Q+nT5376tsfp1c1MG0vhhC6m3F/pxtj1orxTjFeG7bz2L0+LGJ8o3u3OM5i3Gmu5xl2auN5tTxea8X52eZ2fxQ3OrX6KLbaG/n4Zi+esD9sjfPkH7hT28qPG831PLb7WR5be3Fdu3vxb9tefxDzNIp8H+fpw2AwjnG8uduM9WzezWO9NyjGY96s0dwdxWERi9OFetZp5OtYP8o3/Wh7u93b3k2Hza1+O+uly5XqS5XqjXJ1K2s0B83r5Vq3ceN6utDqjKaVB81ad6WVZa1Os1LPuovpQqteL1er6cLN5nq71kur1cq1ytXy8mKxdyV9/fb7aaeRLoziq+3e9ly70083sq00fmIxXapce3kxvVxN311dS9feuXVrde29D29+cPuV1TdfKybdt6x0Yenq0lK5erW8VF18cI1zx13/6AQHrH9wlPo/KxZ9iPqTQ10NcEguMIBDu6//D/p/4OFdPOC8x73/D5Ps/0ctlf7/wf1v6ej9/5H634fs/ydW/wTufzxq9cOR6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5aP81+/Ua+Mx+PzxXjF4qh54rjJIRQCiH8+R9mwty+nDNFntn/mT/7rzV8n4Q8w+gcp4vtbAhhpdj+ePa4vwUAAAB4cn3zyaUvYrceX+anvSBOUrxpUzr/0YTyJSGE2fmfJ5StNHp5fkLJ8uv7VNidULb8BtYzE0oWb7mdmlS2A5kZh08v3BvMC0piKJ3ocgAAgBMxsy+cbBcCAADASfp82gtgOpIwfpQ5fhac/+f9vUebZ/a9BwAAADyGkmkvAAAAADh2ef/v9/8AAADgyRZ//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiLnbvJWRqI4wD8b/uWDz8iMe69ijs4hkdw6VI4gJfgCHgFL8AZcOcRDDW0E5IqJMZObSTPk3TKtOQ3M9DNTJMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAMX2rD5svn95+HppzbobJMxoAAADgllN92LQfVl39ebr+Ml16nepFRJQR8fvMfRlVzHqZVcqpb36/aepf+vA1ok24tDFPx7OIeJeO6tXYvwIAAAA8ruNuv+5m612xmrpD/Evdok354n2mvCIi6tX3TGnlpXiTKax9vp/iY6a0dgFrkSmsW3J7un1vlquRvqp3SiNZbNs/sa2V47QLAABMqT8TuDMLAQAA4AF8mLoDTKO4Ftf3jPPulF4ILns1AAAA4D9UTN0BAAAAYHTt/H/4/n9NM/b+fz/s/wcAAAB/rdv/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDGd6sPmuNuv793f/mHOuRkm34gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Mn+vKNACIRBGOxd35nM/Q8rDRoam1SB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABf9Ltf/k9MjTPJ3Glj6XgkWbtqbF019h40jh6Mt38DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv38xtFFQcA/Ls7O0tBibWaHqoGEw96kXZBkKMeNI0H/wSTpmyxuogCByGNphc9mZ5J1OjRGBNNvfE/cKYJF7xx6KEmnjXzqww/lA2pM0v7+SRv3nd2J+993+yG8O2bFgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKttv91/slnGSHaaLuHrt5s7actZv3ddnrm/cmstaFnceNdHXb+198pPtpfrJsdnayZfNJwMAAMDBkFT1fUTcTjcXs747ndX/kVbXZDX/D0eLuKrn76/7t3bWpsq35qr6//ff7jy/O9F0MU826MrqaLjwYCq9/2mJE++ZR17Ry+98/rOXJP9Auu+tP7ed5vez882NG+/08/BQE9kCAI/jeNWXQfX/oawftJkYAAdGr1Z4V/V/Mt1uTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABN2F6Pp6q4ExFzvbtxZmtnbflh/fWNW3NVO33t2kZ9zGyINCJWVkfDtMG1TLpLV65+vDQaDS82HxyLiPZmL4MPxrgm4r+vKb+e0d4q/j3oTEYarQbd8vOZlHz2Mqi+e3s/ckv/IAEAsA8lR6Osx9Oyrr+dbi5mr3VmIv7+8d76/9VaHGPW/3c+PH2zPmO9/h80tcyJ9+13Eec/nb905errq+eXzg3PDT9548TgzcHJM6dOnZnP7tXC/Ep0hwttJwoAAMATrF+2ev3fnXlw//9ILY4x6//Pvh98UZ8rUf8/1N1Nv7YzAQAAOIj6u9GzL//1Z6f+1lTRdfr9+Hzp8uWLg+K4e36iODae8mM4VLZ6/Z/MtJ0VAAAA0ITt9c49+/9na3GMuf//9E8v/FIfM4mIwxEXImJ4fPnC6Gxzy5loTfyicj5Rv+2VAgAA0JbDZSv2/3v5/n+aP//f3X3koRsRr71SxNXfuhqn/k/e/ern+lz15/9PNrfEidSdLe5H3s9G9GbbzggAAID9bKpsWbH/R7q5+NGvR97ve/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoGn/BAAA//+TyzMu")
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0x541b, 0x0)

1m42.552640171s ago: executing program 4 (id=1913):
r0 = epoll_create1(0x0)
epoll_pwait(r0, &(0x7f0000000000)=[{}], 0x1, 0x6e, &(0x7f00000001c0)={[0x7f]}, 0x8)
close(r0)

1m42.124508669s ago: executing program 4 (id=1918):
r0 = fanotify_init(0xf00, 0x0)
fanotify_mark(r0, 0x180, 0x18000002, 0xffffffffffffffff, 0x0)

1m42.124221382s ago: executing program 4 (id=1919):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0xa, 0x522, &(0x7f0000000c00)="$eJzs3U9sI1cZAPBvJsnau02bLfQAqNClFBa0WjvxtlHVC+VUIVQJ0SOHbUicKIodR7FTmrCH7JE7EpU4wYkzByQOSD1xR+IANy7lgFRgBWqQkHDlsZ11/ji2sondjX8/aeQ38zz+3tvRvGd93swLYGLdioj9iLgWEe9GxFzneNLZ4s321nrfJ48eLB88erCcRLP5zj+TrL51LHrOaXmm85n5iPjBWxE/So4F/VNEfXdvY6lSKW93DhUb1a1ifXfv7np1aa28Vt4slRYXFudfv/da6cL6+lL1Nx9fj4jf/+7LH/1x/1s/aTVrtlPX24+L1O76zGGclumI+N5lBBuDqU5/rp3n5HOdxEVKI+JzEfFydv/PxVR2NY86epm+PcLWAQCXodmci+Zc7z4AcNWlWQ4sSQudXMBspGmh0M7hvRA30kqt3rizWtvZXGnnym7GTLq6XinPd3KFN2MmWV2fLi9k5e5+pVxKju7fi4jnI+JnuevZfmG5VlkZ5xcfAJhgzxyb//+Ta8//AMAVl39czI2zHQDA6OTH3QAAYOTM/wAwecz/ADB5zP8AMHnM/wAwecz/ADBRvv/2262tedB5/vXKe7s7G7X37q6U6xuF6s5yYbm2vVVYq9XWsmf2VAd9XqVW21p4NXbeLzbK9Uaxvrt3v1rb2Wzcz57rfb88M5JeAQBnef6lD/+SRMT+G9ezLXqe9z9wrn7xslsHXKZ03A0AxmZq3A0Axubkal/ApJCPh8n1/2azGT1r90bEw8NSz8NA+/4XoQ+GCpNaNxQ+e25/8Qny/8BTTf4fJtf58v++y8NVIP8Pk6vZTKz5DwATRo4fSAbU9/7+P9/s2Rnu938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4kmazLUkLnbXAZyNNC4WIZyPiZswkq+uV8nxEPBcRf87N5Fr7CxFh3SAAeJqlf08663/dnntl9njttdx/c9lrRPz4F+/8/P2lRmN7IeJa8q/D440POsdL42g/ADBId57uzuNdnzx6sNzdRtmej7/TXly0Ffegs7VrpmM6e81nuYYb/046+22t7ytTFxB//2FEfOG0/idZbuRmZ+XT4/FbsZ8dafz0SPw0q2u/tv4tPn8BbYFJ82Fr/HnztPsvjVvZ6+n3fz4boZ5cd/w7ODH+pYfj31Sf8e/WsDFe/cN3TxxszrXrHkZ8aTrioPvhPeNPN37SJ/4rQ8b/64tfeblfXfOXEbfjtP4nR2IVG9WtYn137+56dWmtvFbeLJUWFxbnX7/3WqmY5aiL3Uz1Sf94485z/eK3+n+jT/z8gP5/fcj+/+p/7/7wq2fE/+bXTr/+L5wRvzUnfmPI+Es3fpvvV9eKv9Kn/4Ou/50h43/0t72VEwcHLTgOAFya+u7exlKlUt5+8kL+zPekFxFiiEISsX/JIR4Xcr/+6VuD35wbWXvOWYh+VVOflRZemULuHGflL/Y+HbIw7pEJuGyPb/pxtwQAAAAAAAAAAAAAAOhnFH9ONO4+AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHV9GgAA///+udUz")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)

1m41.983757979s ago: executing program 4 (id=1920):
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f00000051c0))

1m41.569402095s ago: executing program 4 (id=1921):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=E'])
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x84022, &(0x7f0000000140)=ANY=[@ANYBLOB='nr_inodes=6'])

1m41.459675044s ago: executing program 34 (id=1921):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x80, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes=E'])
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x84022, &(0x7f0000000140)=ANY=[@ANYBLOB='nr_inodes=6'])

1m13.334166083s ago: executing program 0 (id=2171):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000001714", @ANYRES8], 0x38}}, 0x0)

1m13.283606985s ago: executing program 0 (id=2172):
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_G_CROP(r0, 0xc014563b, &(0x7f00000000c0)={0xa, {0x2, 0x5, 0x7fffffff, 0x4}})

1m13.197016329s ago: executing program 0 (id=2173):
r0 = syz_open_dev$sg(&(0x7f0000000380), 0x0, 0x8002)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$tun(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="635a0b42000006"], 0xac)

1m13.091568333s ago: executing program 0 (id=2175):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='.\x00', 0x0, 0x8b7848, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)
mount$bpf(0x200000002000, &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x80000, 0x0)

1m13.091124746s ago: executing program 0 (id=2176):
syz_io_uring_setup(0x1eae, 0x0, 0x0, 0x0, &(0x7f0000000000))
r0 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14)
r2 = socket(0x200000000000011, 0x2, 0xd)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'syz_tun\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000080)={0x11, 0x800, r3, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0xfed0, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @multicast, @val={@void, {0x8100, 0x6, 0x1, 0x4}}, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x2, 0x78, 0x0, 0x2, 0x0, 0x11, 0x0, @multicast1, @empty}, {0x4e20, 0xfffc, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x2, "e5410e86db87a41f716be8e1fa0fe2fb143899778cc5c15c1337404bb397c0fc", "0c17d7b0eb591c2a7eb609eb8d2d9d15", {"28cbbe8b3bc8849d1e6124e7e5913283", "00802000003211817ada1e97297a54f5"}}}}}}}, 0x0)

1m11.44484156s ago: executing program 0 (id=2180):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendmsg$inet6(r0, &(0x7f0000000880)={&(0x7f0000000000)={0xa, 0x4e20, 0x2, @rand_addr=' \x01\x00', 0x5}, 0x1c, &(0x7f0000000100)=[{&(0x7f0000000040)="8000e8beec9dbc13", 0x8}], 0x1, &(0x7f0000002c80)=[@pktinfo={{0x24, 0x29, 0x32, {@mcast2}}}], 0x28}, 0x4004000)

1m11.250106134s ago: executing program 35 (id=2180):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
sendmsg$inet6(r0, &(0x7f0000000880)={&(0x7f0000000000)={0xa, 0x4e20, 0x2, @rand_addr=' \x01\x00', 0x5}, 0x1c, &(0x7f0000000100)=[{&(0x7f0000000040)="8000e8beec9dbc13", 0x8}], 0x1, &(0x7f0000002c80)=[@pktinfo={{0x24, 0x29, 0x32, {@mcast2}}}], 0x28}, 0x4004000)

4.704120378s ago: executing program 5 (id=2743):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0x170, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0x4}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x140}}]}, 0x170}}, 0x8840)

4.607935259s ago: executing program 5 (id=2746):
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0xb, &(0x7f0000001c80), &(0x7f00000028c0)=0x4)

4.503472158s ago: executing program 5 (id=2748):
r0 = syz_open_dev$vim2m(&(0x7f00000013c0), 0x8, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x29, 0x2, 0x40, "100000df00000000000000000000000000000000001000", 0x30314752})

4.503241665s ago: executing program 5 (id=2749):
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000100)=@req={0x3fc, 0x0, 0x0, 0x6}, 0x10)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
recvmmsg$unix(r0, &(0x7f0000001f40)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4081, 0xff1}], 0x1}}], 0x1, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000380)=""/52, 0x34}], 0x1}, 0x7}], 0x1, 0x40000182, 0x0)
close(r1)

4.319267553s ago: executing program 5 (id=2750):
socket$kcm(0x11, 0xa, 0x300)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000002000000000000000000001e95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xc}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x2000000, 0xd50, 0x0, &(0x7f00000002c0)="fef351f6b11f421a5b4e415288ca", 0x0, 0x34000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

3.633993712s ago: executing program 6 (id=2757):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000580)={0x0, 0x1, 0x0, &(0x7f0000000080)=""/55, 0x0, 0xeeee8000})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x1, 0x0, 0x0, &(0x7f0000000640)=""/106, 0x0, 0x2000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000002880))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r0, 0x4008af04, &(0x7f0000000040))

2.771259431s ago: executing program 1 (id=2759):
r0 = syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x800001, &(0x7f000000ac40), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_ENCODED_READ(r0, 0x80809440, &(0x7f0000001480)={&(0x7f0000000280)=[{&(0x7f0000000200)='J', 0x1}], 0x1, 0x4, 0x0, 0x5, 0x9, 0x4, 0x5, 0x8})

1.015995768s ago: executing program 6 (id=2760):
r0 = io_uring_setup(0xc01, &(0x7f0000000000)={0x0, 0x1e78, 0x40, 0x0, 0x20b})
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x0, 0x0)

1.01569553s ago: executing program 5 (id=2761):
r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="414c5450434d20274c696e652043617074757265272030303030303030303030303030303030303030300a4c494e45320a4449474954414c330a535045414b4552202753796e7468272030303030303030303030433030303030617374657220506c61796261636b272030303030303030301a30303030303030303030300a4c494e45330a4c494e453120274d617374657220506061"], 0xf7)
r1 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, 0x0, 0x5, 0x4002)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x43}, 0x94)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
dup3(r1, r0, 0x0)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xb0090199)
bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[], 0x48)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r3, 0x0, 0x2, &(0x7f0000000200)={0xfffa, [0x0, 0xfffffffc], 0x4}, 0x10)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x40002020, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58)

1.015051795s ago: executing program 1 (id=2762):
accept4$inet(0xffffffffffffffff, 0x0, 0x0, 0x80000)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x8040, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4004, r0, 0x2})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000cea000/0x1000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000257000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4004005)
r2 = io_uring_setup(0x64a, &(0x7f0000000040)={0x0, 0x8835c, 0xc000, 0x20000a, 0x33c})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x8, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0x3}, {0xe, 0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)

897.774087ms ago: executing program 6 (id=2763):
r0 = socket(0x10, 0x2, 0x0)
r1 = epoll_create1(0x0)
syz_io_uring_setup(0x2421, &(0x7f0000000380)={0x0, 0xf2d8, 0x13090, 0x0, 0x40382}, 0x0, 0x0, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
epoll_pwait(r1, &(0x7f0000000040)=[{}], 0x1, 0xff, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

562.064902ms ago: executing program 6 (id=2764):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0xfffffcf4}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x146)

483.418535ms ago: executing program 1 (id=2765):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.threads\x00', 0x2, 0x0)
open_by_handle_at(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="0c0000000200010004"], 0x408100)

342.129771ms ago: executing program 1 (id=2766):
r0 = timerfd_create(0x0, 0x80000)
read(r0, 0x0, 0x0)

341.822302ms ago: executing program 6 (id=2767):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x2, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000075266f83000000000000000004000000ffffffffc3000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x1b, &(0x7f0000000100)=""/147, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x17, 0x10, 0x0, 0x0, 0x61e5cc96}, 0x22)

119.531992ms ago: executing program 1 (id=2768):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'veth0_vlan\x00', &(0x7f0000000000)=@ethtool_coalesce={0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x400000}})

303.185µs ago: executing program 1 (id=2769):
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x80000000)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000000))
write$char_usb(r1, &(0x7f0000000440)="04", 0x1)

0s ago: executing program 6 (id=2770):
syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x2010080, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f000000c7c0)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='pids.events\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f00000000c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000040)={0x80000005, 0x5, 0x4, 0x47, 0x3, 0x7, 0x1ff, 0x6, 0x35})
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0xffffffffffffffff, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x4004, 0x894, 0x0, 0x2})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x143841, 0x114)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000000)={0x0, 0x1, 0xb, 0xffff})

kernel console output (not intermixed with test programs):

9121][T10578] loop0: lost filesystem error report for type 5 error -117
[  259.850715][T10578] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  259.897784][ T5611] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.979695][   T24] usb 2-1: new full-speed USB device number 31 using dummy_hcd
[  260.178931][   T24] usb 2-1: config 150 has an invalid interface number: 204 but max is 2
[  260.185301][   T24] usb 2-1: config 150 has an invalid descriptor of length 0, skipping remainder of the config
[  260.195506][   T24] usb 2-1: config 150 has 1 interface, different from the descriptor's value: 3
[  260.203695][   T24] usb 2-1: config 150 has no interface number 0
[  260.207850][   T24] usb 2-1: config 150 interface 204 has no altsetting 0
[  260.217776][   T24] usb 2-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  260.229707][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.236333][   T24] usb 2-1: Product: syz
[  260.240495][   T24] usb 2-1: Manufacturer: syz
[  260.243976][   T24] usb 2-1: SerialNumber: syz
[  260.401346][T10587] loop4: detected capacity change from 0 to 32768
[  260.436833][T10587] XFS (loop4): Mounting V5 filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d in no-recovery mode. Filesystem will be inconsistent.
[  260.457267][T10587] XFS (loop4): Metadata corruption detected at xfs_dinode_verify+0x1a9/0x1590, inode 0x1803 dinode
[  260.462480][T10587] XFS (loop4): Unmount and run xfs_repair
[  260.467172][T10587] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  260.470065][T10587] 00000000: 49 4e 41 ed 03 01 00 00 00 00 00 00 00 00 00 00  INA.............
[  260.474499][T10587] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  260.482548][T10587] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 e2 bf 3d  4.Xh....4.Xh...=
[  260.483745][   T24] usb 2-1: USB disconnect, device number 31
[  260.493638][T10587] 00000030: 34 f7 58 68 a5 e2 bf 3d 00 00 00 00 00 00 00 20  4.Xh...=....... 
[  260.500526][T10587] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  260.509573][T10587] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 ca e6 3d c1  ..............=.
[  260.519222][T10587] 00000060: ff ff ff ff 6e d0 e3 2d 00 00 00 00 00 00 00 04  ....n..-........
[  260.526260][T10587] 00000070: 00 00 00 03 00 00 00 10 00 00 00 00 00 00 00 06  ................
[  260.567326][ T9138] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  260.981934][T10617] loop0: detected capacity change from 0 to 512
[  261.009895][T10617] EXT4-fs error (device loop0): ext4_quota_enable:7225: inode #3: comm syz.0.1886: unexpected EA_INODE flag
[  261.013606][T10617] loop0: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  261.013998][T10617] EXT4-fs error (device loop0): ext4_quota_enable:7228: comm syz.0.1886: Bad quota inode: 3, type: 0
[  261.016765][    C0] EXT4-fs (loop0): error count since last fsck: 1
[  261.016776][    C0] EXT4-fs (loop0): initial error at time 2000000171: ext4_quota_enable:7225: inode 3
[  261.016791][    C0] EXT4-fs (loop0): last error at time 2000000171: ext4_quota_enable:7225: inode 3
[  261.029878][T10617] loop0: lost filesystem error report for type 5 error -117
[  261.030140][T10617] EXT4-fs warning (device loop0): ext4_enable_quotas:7269: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  261.039856][T10617] EXT4-fs (loop0): mount failed
[  261.202893][T10625] loop4: detected capacity change from 0 to 256
[  261.523981][T10639] : renamed from wg2 (while UP)
[  262.094565][T10658] loop0: detected capacity change from 0 to 32768
[  262.130397][T10658] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  262.280961][   T24] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  262.366593][T10671] loop4: detected capacity change from 0 to 40427
[  262.372745][T10671] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  262.373093][ T5611] ocfs2: Unmounting device (7,0) on (node local)
[  262.375812][T10671] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  262.377836][T10671] F2FS-fs (loop4): invalid crc value
[  262.444962][T10671] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  262.449039][   T24] usb 2-1: Using ep0 maxpacket: 16
[  262.453254][   T24] usb 2-1: config 1 has an invalid interface number: 105 but max is 0
[  262.455764][T10671] F2FS-fs (loop4): Try to recover 1th superblock, ret: -30
[  262.458434][T10671] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  262.459699][   T24] usb 2-1: config 1 has no interface number 0
[  262.471289][   T24] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  262.476802][   T24] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  262.482488][   T24] usb 2-1: config 1 interface 105 has no altsetting 0
[  262.491027][   T24] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  262.496073][   T24] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  262.501530][   T24] usb 2-1: Product: syz
[  262.506202][   T24] usb 2-1: Manufacturer: syz
[  262.509715][   T24] usb 2-1: SerialNumber: syz
[  262.518984][T10669] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  262.527278][T10669] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  262.603045][T10679] netlink: 'syz.0.1914': attribute type 3 has an invalid length.
[  262.618836][T10679] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1914'.
[  262.958250][T10692] loop4: detected capacity change from 0 to 512
[  262.981451][T10669] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  262.985744][T10669] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  263.008725][T10692] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  263.017975][T10692] ext4 filesystem being mounted at /182/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  263.081276][ T5722] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  263.101615][ T9138] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  263.108050][ T9138] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  263.113193][ T9138] EXT4-fs error (device loop4): ext4_acquire_dquot:7034: comm syz-executor: Failed to acquire dquot type 0
[  263.182868][ T9630] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  263.206520][   T24] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71
[  263.219782][   T24] aqc111 2-1:1.105: probe with driver aqc111 failed with error -71
[  263.236354][   T24] usb 2-1: USB disconnect, device number 32
[  263.246344][ T5722] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  263.256797][ T5722] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  263.264038][ T5722] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  263.287696][ T5722] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.298716][ T5722] usb 1-1: config 0 descriptor??
[  263.733416][ T5618] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  263.740209][ T5618] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  263.745864][ T5618] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  263.757821][ T5618] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  263.780474][ T5618] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  263.971932][ T5722] usb 1-1: string descriptor 0 read error: -22
[  264.173386][T10697] ip6_vti0 speed is unknown, defaulting to 1000
[  264.187212][ T5722] uclogic 0003:256C:006D.000B: interface is invalid, ignoring
[  264.370997][T10724] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1930'.
[  264.376300][T10724] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1930'.
[  264.408603][ T5722] usb 1-1: USB disconnect, device number 28
[  264.454044][T10729] loop1: detected capacity change from 0 to 512
[  264.461962][T10729] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  264.478011][T10729] EXT4-fs (loop1): 1 truncate cleaned up
[  264.488962][T10729] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  264.549911][ T5615] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.568808][T10697] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.570923][T10697] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.573337][T10697] bridge_slave_0: entered allmulticast mode
[  264.578304][T10697] bridge_slave_0: entered promiscuous mode
[  264.583258][T10697] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.589446][T10697] bridge0: port 2(bridge_slave_1) entered disabled state
[  264.595972][T10697] bridge_slave_1: entered allmulticast mode
[  264.599789][T10697] bridge_slave_1: entered promiscuous mode
[  264.626799][T10697] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  264.631982][T10697] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  264.651988][T10697] team0: Port device team_slave_0 added
[  264.655387][T10697] team0: Port device team_slave_1 added
[  264.674631][T10697] batman_adv: batadv0: Adding interface: batadv_slave_0
[  264.677086][T10697] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  264.686213][T10697] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  264.690724][T10697] batman_adv: batadv0: Adding interface: batadv_slave_1
[  264.692874][T10697] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  264.701574][T10697] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  264.729839][T10697] hsr_slave_0: entered promiscuous mode
[  264.732069][T10697] hsr_slave_1: entered promiscuous mode
[  264.734312][T10697] debugfs: 'hsr0' already exists in 'hsr'
[  264.740050][T10697] Cannot create hsr debugfs directory
[  264.887746][T10697] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  264.894448][T10697] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  264.898409][T10697] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  264.903816][T10697] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  264.906530][T10697] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  264.913499][T10697] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  264.916125][T10697] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  264.920753][T10697] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  264.950561][T10697] bridge0: port 2(bridge_slave_1) entered blocking state
[  264.952788][T10697] bridge0: port 2(bridge_slave_1) entered forwarding state
[  264.955076][T10697] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.957426][T10697] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.040663][T10697] 8021q: adding VLAN 0 to HW filter on device bond0
[  265.065725][   T26] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.070968][   T26] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.112568][T10697] 8021q: adding VLAN 0 to HW filter on device team0
[  265.123871][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[  265.126749][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[  265.142845][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[  265.145633][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[  265.294464][T10759] loop0: detected capacity change from 0 to 4096
[  265.462044][T10767] loop0: detected capacity change from 0 to 4096
[  265.511071][T10697] 8021q: adding VLAN 0 to HW filter on device batadv0
[  265.693853][T10779] loop1: detected capacity change from 0 to 128
[  265.804045][ T6949] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.983850][ T6949] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.023087][ T5618] Bluetooth: hci2: command tx timeout
[  266.039583][T10791] loop1: detected capacity change from 0 to 256
[  266.047616][T10791] exfat: Deprecated parameter 'namecase'
[  266.052795][T10791] exfat: Deprecated parameter 'namecase'
[  266.070043][T10791] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[  266.148610][T10792] IPv6: NLM_F_REPLACE set, but no existing node found!
[  266.313789][ T6949] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.338496][T10697] veth0_vlan: entered promiscuous mode
[  266.346670][T10697] veth1_vlan: entered promiscuous mode
[  266.389087][T10697] veth0_macvtap: entered promiscuous mode
[  266.419836][ T6949] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.472814][T10697] veth1_macvtap: entered promiscuous mode
[  266.543402][T10697] batman_adv: batadv0: Interface activated: batadv_slave_0
[  266.557797][T10697] batman_adv: batadv0: Interface activated: batadv_slave_1
[  266.583816][   T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  266.590950][   T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  266.644654][   T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  266.650147][   T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  266.930113][T10803] loop1: detected capacity change from 0 to 1024
[  266.945285][T10803] ext2: block size(16384) > page size(4096) not supported by filesystem
[  266.957127][T10803] EXT4-fs (loop1): bad block size 16384
[  266.987093][ T6949] bridge_slave_1: left allmulticast mode
[  266.996977][ T6949] bridge_slave_1: left promiscuous mode
[  267.011993][ T6949] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.054789][ T6949] bridge_slave_0: left allmulticast mode
[  267.057121][ T6949] bridge_slave_0: left promiscuous mode
[  267.064216][ T6949] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.098854][T10806] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1953'.
[  267.263931][T10812] loop1: detected capacity change from 0 to 4096
[  267.268299][T10812] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  267.282206][T10812] ntfs3(loop1): ino=19, mi_enum_attr
[  267.331167][T10812] ntfs3(loop1): failed to convert "c46c" to cp850
[  267.342942][T10812] ntfs3(loop1): ino=20, mi_enum_attr
[  267.362984][    C1] vcan0: j1939_tp_rxtimer: 0xffff88816de3c800: rx timeout, send abort
[  267.437632][   T27] smc: removing ib device syz2
[  267.608196][   T27] smbdirect: ib_dev[syz2] removed
[  267.647041][ T6949] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  267.655300][ T6949] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  267.663605][ T6949] bond0 (unregistering): Released all slaves
[  267.826505][ T5677] ip6_vti0 speed is unknown, defaulting to 1000
[  267.840971][ T5677] syz2: Port: 1 Link DOWN
[  267.950653][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  267.961101][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.056934][T10823] loop0: detected capacity change from 0 to 2048
[  268.075726][T10823] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  268.111595][ T4399] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  268.116409][ T4399] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  268.162420][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  268.164642][ T1377] ieee802154 phy1 wpan1: encryption failed: -22
[  268.242489][ T5618] Bluetooth: hci2: command tx timeout
[  268.407578][ T5355] 8021q: adding VLAN 0 to HW filter on device eth5
[  268.433602][T10842] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  268.742782][T10861] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1974'.
[  268.918780][T10874] loop1: detected capacity change from 0 to 128
[  268.998278][ T5355] 8021q: adding VLAN 0 to HW filter on device eth6
[  269.001703][T10874] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  269.028251][T10874] ext4 filesystem being mounted at /710/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  269.206059][ T5615] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  269.318650][ T5427] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  269.380353][ T5355] 8021q: adding VLAN 0 to HW filter on device eth7
[  269.482422][ T5427] usb 6-1: Using ep0 maxpacket: 32
[  269.487645][ T5427] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  269.491011][ T5427] usb 6-1: config 0 has no interface number 0
[  269.501647][ T5427] usb 6-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8
[  269.507158][ T5427] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.514577][ T5427] usb 6-1: Product: syz
[  269.518510][ T5427] usb 6-1: Manufacturer: syz
[  269.522052][ T5427] usb 6-1: SerialNumber: syz
[  269.531266][T10882] loop0: detected capacity change from 0 to 131072
[  269.556238][ T5427] usb 6-1: config 0 descriptor??
[  269.574993][ T5427] usb 6-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  269.580615][T10882] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  269.586603][ T5427] usb 6-1: selecting invalid altsetting 1
[  269.591064][T10882] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  269.597502][ T5427] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  269.652634][ T5427] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  269.659594][T10901] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1980'.
[  269.669572][T10899] loop1: detected capacity change from 0 to 164
[  269.678664][ T5427] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  269.685082][ T5427] usb 6-1: media controller created
[  269.723161][ T5427] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  269.754855][T10882] f2fs: Unknown parameter '@'
[  269.762964][T10882] F2FS-fs (loop0): lookup inode (7) has corrupted xattr
[  269.774486][T10882] F2FS-fs (loop0): lookup inode (7) has corrupted xattr
[  269.779589][T10882] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=fff70000, run fsck to fix.
[  269.802087][T10882] F2FS-fs (loop0): access invalid blkaddr:0
[  269.805242][T10882] CPU: 1 UID: 0 PID: 10882 Comm: syz.0.1980 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  269.805259][T10882] Tainted: [L]=SOFTLOCKUP
[  269.805263][T10882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  269.805269][T10882] Call Trace:
[  269.805273][T10882]  <TASK>
[  269.805277][T10882]  dump_stack_lvl+0xe8/0x150
[  269.805292][T10882]  __f2fs_is_valid_blkaddr+0xe52/0x14f0
[  269.805306][T10882]  ? make_kprojid+0x1dd/0x6d0
[  269.805321][T10882]  sanity_check_extent_cache+0x1a3/0x620
[  269.805335][T10882]  ? f2fs_sanity_check_inline_data+0x75/0x780
[  269.805344][T10882]  ? set_nlink+0x5f/0x170
[  269.805356][T10882]  f2fs_iget+0x3f8a/0x5dc0
[  269.805378][T10882]  f2fs_lookup+0x3ff/0x9c0
[  269.805388][T10882]  ? do_raw_spin_lock+0x12b/0x2f0
[  269.805399][T10882]  ? __pfx_f2fs_lookup+0x10/0x10
[  269.805411][T10882]  ? do_raw_spin_unlock+0x4d/0x210
[  269.805424][T10882]  ? _raw_spin_unlock+0x28/0x50
[  269.805433][T10882]  ? d_alloc+0x144/0x190
[  269.805446][T10882]  lookup_one_qstr_excl+0x12d/0x360
[  269.805460][T10882]  filename_create+0x20e/0x370
[  269.805470][T10882]  ? __pfx_filename_create+0x10/0x10
[  269.805483][T10882]  filename_mknodat+0x18c/0x660
[  269.805493][T10882]  ? __pfx_filename_mknodat+0x10/0x10
[  269.805503][T10882]  ? do_getname+0x151/0x250
[  269.805513][T10882]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.805522][T10882]  __se_sys_mknodat+0x3b/0x150
[  269.805530][T10882]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.805539][T10882]  do_syscall_64+0x15f/0xf80
[  269.805549][T10882]  ? trace_irq_disable+0x3b/0x140
[  269.805563][T10882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.805571][T10882] RIP: 0033:0x7fc9ca39cdd9
[  269.805581][T10882] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  269.805588][T10882] RSP: 002b:00007fc9cb1d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[  269.805599][T10882] RAX: ffffffffffffffda RBX: 00007fc9ca615fa0 RCX: 00007fc9ca39cdd9
[  269.805605][T10882] RDX: 0000000000006000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  269.805611][T10882] RBP: 00007fc9ca432d69 R08: 0000000000000000 R09: 0000000000000000
[  269.805616][T10882] R10: 0000000000000701 R11: 0000000000000246 R12: 0000000000000000
[  269.805621][T10882] R13: 00007fc9ca616038 R14: 00007fc9ca615fa0 R15: 00007ffddeae6118
[  269.805636][T10882]  </TASK>
[  269.805657][T10882] F2FS-fs (loop0): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  269.827369][ T5427] usb 6-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  269.832204][T10882] F2FS-fs (loop0): access invalid blkaddr:0
[  269.847247][ T5427] zl10353_read_register: readreg error (reg=127, ret==-32)
[  269.847613][T10882] CPU: 1 UID: 0 PID: 10882 Comm: syz.0.1980 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  269.847629][T10882] Tainted: [L]=SOFTLOCKUP
[  269.847633][T10882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  269.847639][T10882] Call Trace:
[  269.847644][T10882]  <TASK>
[  269.847649][T10882]  dump_stack_lvl+0xe8/0x150
[  269.847664][T10882]  __f2fs_is_valid_blkaddr+0xe52/0x14f0
[  269.847679][T10882]  ? make_kprojid+0x1dd/0x6d0
[  269.847694][T10882]  sanity_check_extent_cache+0x1a3/0x620
[  269.847706][T10882]  ? f2fs_sanity_check_inline_data+0x75/0x780
[  269.847715][T10882]  ? set_nlink+0x5f/0x170
[  269.847727][T10882]  f2fs_iget+0x3f8a/0x5dc0
[  269.847749][T10882]  f2fs_lookup+0x3ff/0x9c0
[  269.847761][T10882]  ? __pfx_f2fs_lookup+0x10/0x10
[  269.847769][T10882]  ? __pfx_d_alloc_parallel+0x10/0x10
[  269.847785][T10882]  ? seqcount_lockdep_reader_access+0xec/0x100
[  269.847799][T10882]  path_openat+0x11ac/0x3860
[  269.847814][T10882]  ? __pfx_stack_trace_save+0x10/0x10
[  269.847833][T10882]  ? __pfx_path_openat+0x10/0x10
[  269.847839][T10882]  ? __x64_sys_openat+0x138/0x170
[  269.847858][T10882]  do_file_open+0x23e/0x4a0
[  269.847868][T10882]  ? __pfx_do_file_open+0x10/0x10
[  269.847885][T10882]  ? _raw_spin_unlock+0x28/0x50
[  269.847894][T10882]  ? alloc_fd+0x64b/0x6c0
[  269.847909][T10882]  do_sys_openat2+0x113/0x200
[  269.847946][T10882]  ? __se_sys_futex+0x3a8/0x450
[  269.847967][T10882]  ? __pfx_do_sys_openat2+0x10/0x10
[  269.847986][T10882]  ? rcu_is_watching+0x15/0xb0
[  269.847999][T10882]  __x64_sys_openat+0x138/0x170
[  269.848012][T10882]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.848022][T10882]  do_syscall_64+0x15f/0xf80
[  269.848033][T10882]  ? trace_irq_disable+0x3b/0x140
[  269.848047][T10882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.848056][T10882] RIP: 0033:0x7fc9ca39cdd9
[  269.848066][T10882] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  269.848081][T10882] RSP: 002b:00007fc9cb1d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  269.848092][T10882] RAX: ffffffffffffffda RBX: 00007fc9ca615fa0 RCX: 00007fc9ca39cdd9
[  269.848098][T10882] RDX: 0000000000000000 RSI: 0000200000004280 RDI: ffffffffffffff9c
[  269.848104][T10882] RBP: 00007fc9ca432d69 R08: 0000000000000000 R09: 0000000000000000
[  269.848110][T10882] R10: 000000000000004b R11: 0000000000000246 R12: 0000000000000000
[  269.848116][T10882] R13: 00007fc9ca616038 R14: 00007fc9ca615fa0 R15: 00007ffddeae6118
[  269.848130][T10882]  </TASK>
[  269.848153][T10882] F2FS-fs (loop0): sanity_check_extent_cache: inode (ino=4) extent info [0, 0, 5178624] is incorrect, run fsck to fix
[  269.850006][    C0] raw-gadget.0 gadget.5: ignoring, device is not running
[  270.004378][ T5355] 8021q: adding VLAN 0 to HW filter on device eth8
[  270.070456][ T5427] usb 6-1: USB disconnect, device number 2
[  270.259254][T10911] comedi comedi2: c6xdigio: I/O base address not correctly aligned
[  270.478706][ T5618] Bluetooth: hci2: command tx timeout
[  271.138841][   T24] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  271.299163][   T24] usb 6-1: Using ep0 maxpacket: 16
[  271.303999][   T24] usb 6-1: unable to get BOS descriptor or descriptor too short
[  271.308585][   T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  271.313179][   T24] usb 6-1: config 1 interface 0 altsetting 127 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  271.318123][   T24] usb 6-1: config 1 interface 0 has no altsetting 0
[  271.324860][   T24] usb 6-1: New USB device found, idVendor=05ac, idProduct=0242, bcdDevice= 0.40
[  271.332995][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.336419][   T24] usb 6-1: Product: syz
[  271.338088][   T24] usb 6-1: Manufacturer: syz
[  271.342591][   T24] usb 6-1: SerialNumber: syz
[  271.371503][   T24] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/input/input13
[  271.452268][T10940] syz.1.1995 (10940) used greatest stack depth: 18792 bytes left
[  271.590399][ T5044] bcm5974 6-1:1.0: could not read from device
[  271.600325][ T5044] bcm5974 6-1:1.0: could not read from device
[  271.611122][   T24] usb 6-1: USB disconnect, device number 3
[  271.850168][ T6949] hsr_slave_0: left promiscuous mode
[  271.853621][ T6949] hsr_slave_1: left promiscuous mode
[  271.858691][ T6949] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.861477][ T6949] batman_adv: batadv0: Removing interface: batadv_slave_0
[  271.864228][ T6949] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.870936][ T6949] batman_adv: batadv0: Removing interface: batadv_slave_1
[  272.180481][ T6949] veth1_macvtap: left promiscuous mode
[  272.185022][ T6949] veth0_macvtap: left promiscuous mode
[  272.198628][ T6949] veth1_vlan: left promiscuous mode
[  272.212517][ T6949] veth0_vlan: left promiscuous mode
[  272.415945][T10962] binder: 10961:10962 ioctl c018620c 200000000040 returned -22
[  272.539127][   T24] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  272.658022][ T6949] team0 (unregistering): Port device team_slave_1 removed
[  272.693456][ T6949] team0 (unregistering): Port device team_slave_0 removed
[  272.703850][   T24] usb 1-1: Using ep0 maxpacket: 8
[  272.706488][ T5618] Bluetooth: hci2: command tx timeout
[  272.715074][   T24] usb 1-1: config 64 has an invalid interface number: 19 but max is 0
[  272.722620][   T24] usb 1-1: config 64 has no interface number 0
[  272.733037][   T24] usb 1-1: config 64 interface 19 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  272.749966][   T24] usb 1-1: New USB device found, idVendor=2201, idProduct=012c, bcdDevice=3f.e0
[  272.753627][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.777475][   T24] usb 1-1: probing VID:PID(2201:012C)   
[  272.805542][   T24] usb 1-1: vub300 testing UNKNOWN EndPoint(0) 02
[  272.809901][   T24] usb 1-1: vub300 ignoring EndPoint(0) 02
[  272.812155][   T24] usb 1-1: Could not find two sets of bulk-in/out endpoint pairs
[  272.853507][   T24] vub300 1-1:64.19: probe with driver vub300 failed with error -22
[  273.019552][   T24] usb 1-1: USB disconnect, device number 29
[  273.156849][T10976] loop1: detected capacity change from 0 to 16
[  273.187285][T10976] erofs (device loop1): mounted with root inode @ nid 36.
[  273.216295][   T33] audit: type=1800 audit(2000000182.656:190): pid=10976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2008" name="file1" dev="loop1" ino=86 res=0 errno=0
[  273.754537][T10982] sock: sock_set_timeout: `syz.1.2011' (pid 10982) tries to set negative timeout
[  274.354283][T11002] loop5: detected capacity change from 0 to 256
[  274.401333][   T31] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  274.580919][   T31] usb 2-1: Using ep0 maxpacket: 8
[  274.584887][   T31] usb 2-1: config index 0 descriptor too short (expected 6427, got 27)
[  274.588203][   T31] usb 2-1: config 0 has an invalid interface number: 21 but max is 0
[  274.592403][   T31] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  274.596403][   T31] usb 2-1: config 0 has no interface number 0
[  274.598827][   T31] usb 2-1: config 0 interface 21 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  274.605981][   T31] usb 2-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  274.609690][   T31] usb 2-1: New USB device strings: Mfr=31, Product=1, SerialNumber=0
[  274.613460][   T31] usb 2-1: Product: syz
[  274.615245][   T31] usb 2-1: Manufacturer: syz
[  274.619995][   T31] usb 2-1: config 0 descriptor??
[  274.698406][ T5427] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  274.853184][T10998] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  274.857291][T10998] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.865161][ T5427] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  274.876643][ T5427] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  274.893005][ T5427] usb 6-1: config 0 descriptor??
[  274.893211][   T31] usb 2-1: USB disconnect, device number 33
[  275.604913][T11025] loop1: detected capacity change from 0 to 256
[  275.821249][T11034] loop1: detected capacity change from 0 to 4096
[  275.838262][T11034] ntfs3(loop1): Failed to load $MFT (-22).
[  275.921159][T11038] loop0: detected capacity change from 0 to 128
[  275.929975][T11038] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  275.943836][T11038] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  276.073395][T11042] loop1: detected capacity change from 0 to 8
[  276.098019][T11042] SQUASHFS error: Unable to read inode 0xe3
[  276.653831][T11055] loop1: detected capacity change from 0 to 128
[  276.667156][   T33] audit: type=1800 audit(2000000185.893:191): pid=11055 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2044" name="bus" dev="loop1" ino=1048670 res=0 errno=0
[  276.997042][ T5427] usb 6-1: Cannot set autoneg
[  277.001605][ T5427] MOSCHIP usb-ethernet driver 6-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  277.025838][ T5427] usb 6-1: USB disconnect, device number 4
[  277.202200][T11068] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  277.272923][T11062] loop0: detected capacity change from 0 to 32768
[  277.276969][T11062] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2047 (11062)
[  277.290189][T11062] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  277.295791][T11062] BTRFS info (device loop0): using blake2b checksum algorithm
[  277.350825][T11087] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2052'.
[  277.355011][T11062] BTRFS info (device loop0): enabling ssd optimizations
[  277.365977][T11062] BTRFS info (device loop0): turning on async discard
[  277.373801][T11062] BTRFS info (device loop0): enabling free space tree
[  277.382006][T11062] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  277.389152][T11087] netlink: 'syz.1.2052': attribute type 4 has an invalid length.
[  277.654853][T11096] overlayfs: empty lowerdir
[  277.835401][T11102] tipc: New replicast peer: 255.255.255.255
[  277.837997][T11102] tipc: Enabled bearer <udp:syz2>, priority 10
[  278.058784][T11105] loop5: detected capacity change from 0 to 32768
[  278.062145][T11105] btrfs: Deprecated parameter 'usebackuproot'
[  278.064322][T11105] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  278.077253][T11105] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2058 (11105)
[  278.199978][T11098] loop1: detected capacity change from 0 to 131072
[  278.206896][ T5427] usb 1-1: new full-speed USB device number 30 using dummy_hcd
[  278.215501][T11105] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  278.218529][T11105] BTRFS info (device loop5): using crc32c checksum algorithm
[  278.283007][T11098] XFS (loop1): Mounting V5 Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846
[  278.354542][T11098] XFS (loop1): Starting recovery (logdev: internal)
[  278.376981][ T5427] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 39, changing to 4
[  278.380782][T11098] XFS (loop1): Ending recovery (logdev: internal)
[  278.380833][ T5427] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[  278.405326][ T4412] BTRFS warning (device loop5): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  278.419182][ T5427] usb 1-1: config 0 interface 0 has no altsetting 0
[  278.423924][T11105] BTRFS error (device loop5): failed to load root extent
[  278.426193][T11105] BTRFS warning (device loop5): try to load backup roots slot 1
[  278.431582][ T4412] BTRFS warning (device loop5): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  278.447958][ T5427] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  278.451652][ T5427] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  278.459730][ T5427] usb 1-1: Product: syz
[  278.462903][ T5427] usb 1-1: Manufacturer: syz
[  278.469013][ T5427] usb 1-1: SerialNumber: syz
[  278.482610][ T5427] usb 1-1: config 0 descriptor??
[  278.486692][T11105] BTRFS warning (device loop5): couldn't read tree root
[  278.489334][T11105] BTRFS warning (device loop5): try to load backup roots slot 2
[  278.492504][   T32] BTRFS error (device loop5): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  278.497269][T11105] BTRFS warning (device loop5): couldn't read tree root
[  278.499606][T11105] BTRFS warning (device loop5): try to load backup roots slot 3
[  278.518407][T11105] BTRFS info (device loop5): rebuilding free space tree
[  278.531510][ T5615] XFS (loop1): Unmounting Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846
[  278.545863][ T5427] usb 1-1: selecting invalid altsetting 0
[  278.556110][T11105] BTRFS info (device loop5): disabling free space tree
[  278.558913][T11105] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  278.562131][T11105] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  278.569177][T11105] BTRFS info (device loop5): checking UUID tree
[  278.572010][T11105] BTRFS info (device loop5): enabling ssd optimizations
[  278.574549][T11105] BTRFS info (device loop5): turning on async discard
[  278.577764][T11105] BTRFS info (device loop5): force clearing of disk cache
[  278.580744][T11105] BTRFS info (device loop5): enabling auto defrag
[  278.582910][T11105] BTRFS info (device loop5): trying to use backup root at mount time
[  278.585690][T11105] BTRFS info (device loop5): use lzo compression, level 1
[  278.730926][T11102] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  278.791690][T11102] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  278.869265][ T5427] usb 1-1: USB disconnect, device number 30
[  278.972245][T10697] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  279.022367][ T6416] udevd[6416]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  279.027709][ T5722] tipc: Node number set to 544977133
[  279.526630][T11140] loop5: detected capacity change from 0 to 4096
[  279.599677][ T5618] Bluetooth: hci1: unexpected event for opcode 0x2028
[  279.808660][ T5427] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  279.968153][ T5427] usb 1-1: Using ep0 maxpacket: 16
[  279.974019][ T5427] usb 1-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  279.977617][ T5427] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.982953][ T5427] usb 1-1: Product: syz
[  279.984603][ T5427] usb 1-1: Manufacturer: syz
[  279.986292][ T5427] usb 1-1: SerialNumber: syz
[  279.990605][ T5427] usb 1-1: config 0 descriptor??
[  279.997574][ T5427] ums-onetouch 1-1:0.0: USB Mass Storage device detected
[  280.043833][   T24] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  280.171465][  T864] usb 2-1: new full-speed USB device number 34 using dummy_hcd
[  280.203363][   T24] usb 6-1: Using ep0 maxpacket: 32
[  280.206626][   T24] usb 6-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  280.209375][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.213616][   T24] usb 6-1: config 0 descriptor??
[  280.222208][ T5427] usb 1-1: USB disconnect, device number 31
[  280.231141][   T24] gspca_main: sunplus-2.14.0 probing 041e:400b
[  280.334897][  T864] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  280.338833][  T864] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  280.343483][  T864] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 65535, setting to 64
[  280.348477][  T864] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  280.355206][  T864] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  280.358718][  T864] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  280.361899][  T864] usb 2-1: Manufacturer: syz
[  280.368093][  T864] usb 2-1: config 0 descriptor??
[  280.652666][   T24] gspca_sunplus: reg_w_riv err -71
[  280.655846][  T864] rc_core: IR keymap rc-hauppauge not found
[  280.660053][  T864] Registered IR keymap rc-empty
[  280.662062][   T24] sunplus 6-1:0.0: probe with driver sunplus failed with error -71
[  280.666783][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  280.671390][   T24] usb 6-1: USB disconnect, device number 5
[  280.697901][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  280.733380][  T864] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  280.739756][  T864] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input14
[  280.751601][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  280.781768][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  280.802966][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  280.824128][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  280.845124][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  280.879253][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  280.909179][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  280.931221][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  280.965137][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  280.987011][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  281.027777][  T864] mceusb 2-1:0.0: Error: mce write urb status = -71
[  281.058259][  T864] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  281.067684][  T864] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  281.100158][  T864] usb 2-1: USB disconnect, device number 34
[  282.306142][T11203] netlink: 220 bytes leftover after parsing attributes in process `syz.0.2083'.
[  282.315011][T11203] netlink: 220 bytes leftover after parsing attributes in process `syz.0.2083'.
[  282.315590][T11202] loop5: detected capacity change from 0 to 1024
[  282.318099][T11203] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2083'.
[  282.921186][T11212] loop1: detected capacity change from 0 to 512
[  282.928382][T11212] FAT-fs (loop1): Directory bread(block 199916) failed
[  282.933230][T11212] FAT-fs (loop1): Directory bread(block 199917) failed
[  282.935785][T11212] FAT-fs (loop1): Directory bread(block 199918) failed
[  282.938357][T11212] FAT-fs (loop1): Directory bread(block 199919) failed
[  282.941033][T11212] FAT-fs (loop1): Directory bread(block 199920) failed
[  282.944115][T11212] FAT-fs (loop1): Directory bread(block 199921) failed
[  282.946306][T11212] FAT-fs (loop1): Directory bread(block 199922) failed
[  282.948659][T11212] FAT-fs (loop1): Directory bread(block 199923) failed
[  282.957428][T11212] FAT-fs (loop1): Directory bread(block 199916) failed
[  282.961952][T11212] FAT-fs (loop1): Directory bread(block 199917) failed
[  283.161220][T11216] loop1: detected capacity change from 0 to 32768
[  283.418731][T11216] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2088 (11216)
[  283.459296][T11216] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  283.466130][T11216] BTRFS info (device loop1): using sha256 checksum algorithm
[  283.582153][T11216] BTRFS info (device loop1): enabling ssd optimizations
[  283.584858][T11216] BTRFS info (device loop1): turning on async discard
[  283.592809][T11216] BTRFS info (device loop1): enabling free space tree
[  284.025885][ T5615] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  284.922288][T11306] loop1: detected capacity change from 0 to 2048
[  284.943372][T11306] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  284.977747][T11294] loop5: detected capacity change from 0 to 32768
[  285.014988][T11294] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  285.071446][T11294] XFS (loop5): Ending clean mount
[  285.095703][T10697] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  285.336865][T11304] loop0: detected capacity change from 0 to 32768
[  285.365055][T11304] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2113 (11304)
[  285.394504][T11304] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  285.399220][T11304] BTRFS info (device loop0): using crc32c checksum algorithm
[  285.487179][T11304] BTRFS info (device loop0): enabling ssd optimizations
[  285.490154][T11304] BTRFS info (device loop0): turning on flush-on-commit
[  285.495522][T11304] BTRFS info (device loop0): enabling free space tree
[  285.501541][T11304] BTRFS info (device loop0): force zlib compression, level 3
[  285.506889][T11304] BTRFS info (device loop0): max_inline set to 4096
[  285.550566][T11318] loop5: detected capacity change from 0 to 40427
[  285.553356][ T5611] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  285.557430][T11318] F2FS-fs: heap/no_heap options were deprecated
[  285.561894][T11318] F2FS-fs (loop5): Invalid log sectors per block(0) log sectorsize(9)
[  285.570149][T11318] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  285.575454][T11318] F2FS-fs (loop5): invalid crc value
[  285.595258][T11318] F2FS-fs (loop5): SIT is corrupted node# 0 vs 7
[  285.619087][T11318] F2FS-fs (loop5): Failed to initialize F2FS segment manager (-117)
[  286.011025][T11342] loop5: detected capacity change from 0 to 4096
[  286.049690][T11344] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  286.091887][   T33] audit: type=1800 audit(2000000194.715:192): pid=11342 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2120" name="file1" dev="loop5" ino=15 res=0 errno=0
[  286.195929][T11346] loop5: detected capacity change from 0 to 256
[  286.207218][T11346] exfat: Deprecated parameter 'utf8'
[  286.227339][T11346] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d)
[  286.235383][T11339] loop0: detected capacity change from 0 to 32768
[  286.241716][T11339] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2119 (11339)
[  286.272272][T11339] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  286.279173][T11339] BTRFS info (device loop0): using sha256 checksum algorithm
[  286.306960][ T5677] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  286.382581][T11339] BTRFS info (device loop0): enabling ssd optimizations
[  286.385192][T11339] BTRFS info (device loop0): turning on async discard
[  286.388165][T11339] BTRFS info (device loop0): enabling free space tree
[  286.481546][ T5677] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  286.485094][ T5677] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  286.485379][ T5611] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  286.489586][ T5677] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  286.494658][ T5677] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  286.496983][ T5677] usb 2-1: SerialNumber: syz
[  286.741464][ T5677] usb 2-1: 0:2 : does not exist
[  286.920584][ T5677] usb 2-1: USB disconnect, device number 35
[  287.040906][ T5620] udevd[5620]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  287.339892][T11388] loop1: detected capacity change from 0 to 256
[  287.346481][T11388] exfat: Deprecated parameter 'utf8'
[  287.355424][T11388] exfat: Deprecated parameter 'namecase'
[  287.358620][T11388] exfat: Deprecated parameter 'namecase'
[  287.363361][T11388] exfat: Deprecated parameter 'utf8'
[  287.376574][T11388] exFAT-fs (loop1): failed to load upcase table (idx : 0x00012153, chksum : 0xc9bffc20, utbl_chksum : 0xe619d30d)
[  287.381547][T11388] exFAT-fs (loop1): failed to test first cluster bit of root dir(5)
[  287.681802][T11392] netlink: 'syz.1.2132': attribute type 15 has an invalid length.
[  288.138785][T11395] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2134'.
[  288.703901][T11405] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2136'.
[  288.740255][T11407] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2137'.
[  289.045579][T11414] loop1: detected capacity change from 0 to 512
[  289.098578][T11414] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #3: comm syz.1.2140: corrupted inode contents
[  289.143201][T11414] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  289.150154][    C1] EXT4-fs (loop1): error count since last fsck: 1
[  289.155960][    C1] EXT4-fs (loop1): initial error at time 2000000197: ext4_do_update_inode:5690: inode 3
[  289.159496][    C1] EXT4-fs (loop1): last error at time 2000000197: ext4_do_update_inode:5690: inode 3
[  289.178001][T11414] EXT4-fs error (device loop1): ext4_dirty_inode:6587: inode #3: comm syz.1.2140: mark_inode_dirty error
[  289.183729][T11421] loop5: detected capacity change from 0 to 512
[  289.185596][T11414] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  289.204946][T11414] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #3: comm syz.1.2140: corrupted inode contents
[  289.207747][T11421] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.208704][T11414] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  289.212906][T11421] ext4 filesystem being mounted at /43/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  289.221733][T11414] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #3: comm syz.1.2140: mark_inode_dirty error
[  289.231807][T11414] loop1: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  289.232133][T11414] Quota error (device loop1): write_blk: dquota write failed
[  289.243336][T11414] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  289.251093][T11414] EXT4-fs error (device loop1): ext4_acquire_dquot:7034: comm syz.1.2140: Failed to acquire dquot type 0
[  289.258880][T11414] loop1: lost filesystem error report for type 5 error -117
[  289.283912][T11414] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #16: comm syz.1.2140: corrupted inode contents
[  289.292518][T11414] loop1: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  289.319022][T11414] EXT4-fs error (device loop1): ext4_dirty_inode:6587: inode #16: comm syz.1.2140: mark_inode_dirty error
[  289.325665][T11421] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.2141: bg 0: block 320: padding at end of block bitmap is not set
[  289.326225][T11414] loop1: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  289.332397][T11414] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #16: comm syz.1.2140: corrupted inode contents
[  289.335620][T11421] EXT4-fs (loop5): Remounting filesystem read-only
[  289.342904][T11414] loop1: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  289.346541][T11414] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #16: comm syz.1.2140: mark_inode_dirty error
[  289.352976][T11414] loop1: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  289.353565][T11414] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #16: comm syz.1.2140: corrupted inode contents
[  289.364274][T11414] loop1: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  289.374007][T11414] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[  289.381333][T11414] loop1: lost filesystem error report for type 5 error -117
[  289.387641][   T26] Quota error (device loop5): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync!
[  289.396125][T10697] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.400457][T11414] EXT4-fs error (device loop1): ext4_do_update_inode:5690: inode #16: comm syz.1.2140: corrupted inode contents
[  289.400546][   T26] Quota error (device loop5): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync!
[  289.404562][T11414] loop1: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  289.410035][T11414] EXT4-fs error (device loop1): ext4_truncate:4690: inode #16: comm syz.1.2140: mark_inode_dirty error
[  289.435154][T11414] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[  289.437942][T11414] loop1: lost filesystem error report for type 5 error -117
[  289.441535][T11414] EXT4-fs (loop1): 1 truncate cleaned up
[  289.451037][T11414] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.455174][T11414] ext4 filesystem being mounted at /780/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  289.490570][T11414] EXT4-fs warning (device loop1): ext4_es_cache_extent:1082: inode #3: comm syz.1.2140: ES cache extent failed: add [1,1,41,0x1] conflict with existing [1,-2,576460752303423487,0x18]
[  289.490570][T11414] 
[  289.575154][ T5615] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.941174][ T5670] usb 2-1: new full-speed USB device number 36 using dummy_hcd
[  290.117600][ T5670] usb 2-1: unable to get BOS descriptor or descriptor too short
[  290.122840][ T5670] usb 2-1: not running at top speed; connect to a high speed hub
[  290.129293][ T5670] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  290.135526][ T5670] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 147, changing to 4
[  290.142171][ T5670] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  290.147370][ T5670] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 255, setting to 64
[  290.154363][ T5670] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  290.157934][ T5670] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.161024][ T5670] usb 2-1: Product: syz
[  290.166273][ T5670] usb 2-1: Manufacturer: syz
[  290.168202][ T5670] usb 2-1: SerialNumber: syz
[  290.430084][ T5670] usb 2-1: USB disconnect, device number 36
[  290.470388][ T6093] udevd[6093]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  290.731423][T11452] tun0: tun_chr_ioctl cmd 1074025675
[  290.734453][T11452] tun0: persist enabled
[  290.736664][T11452] tun0: tun_chr_ioctl cmd 1074025675
[  290.738683][T11452] tun0: persist enabled
[  291.720791][T11492] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2171'.
[  291.877812][T11496] sg_write: data in/out 393180/130 bytes for SCSI command 0x0-- guessing data in;
[  291.877812][T11496]    program syz.0.2173 not setting count and/or reply_len properly
[  291.932297][ T5427] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  292.100685][ T5427] usb 2-1: Using ep0 maxpacket: 16
[  292.120827][ T5427] usb 2-1: unable to get BOS descriptor or descriptor too short
[  292.123560][ T5427] usb 2-1: no configurations
[  292.127330][ T5427] usb 2-1: can't read configurations, error -22
[  293.222416][T11508] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  293.520640][ T5669] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  293.530761][ T5669] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.536973][ T5669] netdevsim netdevsim0 eth3 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  293.598078][ T5677] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  293.619658][ T5669] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  293.623244][ T5669] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.626814][ T5669] netdevsim netdevsim0 eth2 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  293.716716][ T5669] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  293.736167][ T5669] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.741360][ T5669] netdevsim netdevsim0 eth1 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  293.775484][ T5677] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  293.783386][ T5677] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.789670][ T5677] usb 6-1: Product: syz
[  293.797463][ T5677] usb 6-1: Manufacturer: syz
[  293.799501][ T5677] usb 6-1: SerialNumber: syz
[  293.811031][ T5677] usb 6-1: config 0 descriptor??
[  293.845391][ T5669] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  293.848800][ T5669] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.852445][ T5669] netdevsim netdevsim0 eth0 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  293.986462][ T5616] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  294.000541][ T5616] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  294.007801][ T5616] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  294.022503][ T5616] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  294.030255][ T5616] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  294.164535][T11517] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2182'.
[  294.177049][T11517] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2182'.
[  294.183192][T11517] netlink: 4260 bytes leftover after parsing attributes in process `syz.1.2182'.
[  294.267280][ T5677] usb 6-1: Firmware version (0.0) predates our first public release.
[  294.275813][ T5677] usb 6-1: Please update to version 0.2 or newer
[  294.285253][ T5677] usb 6-1: Firmware: build 
[  294.530584][ T5677] usb 6-1: USB disconnect, device number 6
[  294.660716][T11534] loop1: detected capacity change from 0 to 128
[  294.682061][T11534] FAT-fs (loop1): bogus number of reserved sectors
[  294.696005][T11534] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  294.708625][T11534] FAT-fs (loop1): Can't find a valid FAT filesystem
[  294.866665][ T5355] 8021q: adding VLAN 0 to HW filter on device eth9
[  294.972458][ T5669] bridge_slave_0: left allmulticast mode
[  294.974363][ T5669] bridge_slave_0: left promiscuous mode
[  294.977418][ T5669] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.292458][ T5669] bond0 (unregistering): (slave geneve2): Releasing active interface
[  295.455384][ T5669] bond0 (unregistering): Released all slaves
[  295.464422][ T5669] bond1 (unregistering): Released all slaves
[  295.670245][ T5669] tipc: Disabling bearer <udp:syz2>
[  295.677176][ T5669] tipc: Left network mode
[  295.729018][T11561] vivid-000: disconnect
[  295.828577][T11559] vivid-000: reconnect
[  296.078977][ T5355] 8021q: adding VLAN 0 to HW filter on device eth10
[  296.275107][T11511] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.301043][T11511] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.308749][ T5616] Bluetooth: hci0: command tx timeout
[  296.316276][T11511] bridge_slave_0: entered allmulticast mode
[  296.327528][T11511] bridge_slave_0: entered promiscuous mode
[  296.341304][T11511] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.346529][T11511] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.377515][T11511] bridge_slave_1: entered allmulticast mode
[  296.392156][T11511] bridge_slave_1: entered promiscuous mode
[  296.535275][T11511] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  296.555187][T11511] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  296.670808][T11600] IPVS: ip_vs_add_dest(): server weight less than zero
[  296.677369][ T5677] IPVS: starting estimator thread 0...
[  296.736603][T11604] netlink: 'syz.1.2207': attribute type 9 has an invalid length.
[  296.743486][ T5355] 8021q: adding VLAN 0 to HW filter on device eth11
[  296.751152][T11604] netlink: 212340 bytes leftover after parsing attributes in process `syz.1.2207'.
[  296.757377][T11511] team0: Port device team_slave_0 added
[  296.776919][T11511] team0: Port device team_slave_1 added
[  296.794413][T11601] IPVS: using max 66 ests per chain, 158400 per kthread
[  296.873197][T11511] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.878638][T11511] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  296.890803][T11511] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.958907][ T5669] hsr_slave_0: left promiscuous mode
[  296.961628][ T5669] hsr_slave_1: left promiscuous mode
[  296.964238][ T5669] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  296.968157][ T5669] batman_adv: batadv0: Removing interface: batadv_slave_0
[  296.971309][ T5669] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  296.973806][ T5669] batman_adv: batadv0: Removing interface: batadv_slave_1
[  297.000413][ T5669] veth1_macvtap: left promiscuous mode
[  297.002534][ T5669] veth0_macvtap: left promiscuous mode
[  297.004490][ T5669] veth1_vlan: left promiscuous mode
[  297.006515][ T5669] veth0_vlan: left promiscuous mode
[  297.050765][T11606] loop1: detected capacity change from 0 to 32768
[  297.098211][T11606] JBD2: Ignoring recovery information on journal
[  297.119129][T11606] jbd2_journal_bmap: journal block not found at offset 32 on loop1-75
[  297.129297][T11606] JBD2: bad block at offset 32
[  297.142009][T11606] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  297.255134][ T5615] ocfs2: Unmounting device (7,1) on (node local)
[  297.381673][T11610] loop1: detected capacity change from 0 to 512
[  297.407685][T11610] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  297.411700][T11610] ext4 filesystem being mounted at /809/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  297.420899][   T33] audit: type=1800 audit(2000000205.323:193): pid=11610 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2209" name="file2" dev="loop1" ino=16 res=0 errno=0
[  297.459844][ T5615] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.543845][ T5669] team0 (unregistering): Port device team_slave_1 removed
[  297.580299][ T5669] team0 (unregistering): Port device team_slave_0 removed
[  297.594376][T11617] loop5: detected capacity change from 0 to 8
[  297.602915][T11617] squashfs image failed sanity check
[  298.067238][T11511] batman_adv: batadv0: Adding interface: batadv_slave_1
[  298.078867][T11511] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  298.114950][T11511] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  298.514061][ T5616] Bluetooth: hci0: command tx timeout
[  298.983754][T11511] hsr_slave_0: entered promiscuous mode
[  298.987779][T11511] hsr_slave_1: entered promiscuous mode
[  299.131899][T11633] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2215'.
[  299.146572][T11633] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2215'.
[  299.191508][T11633] binder_alloc: 11632: pid 11632 spamming oneway? 1 buffers allocated for a total size of 4096
[  299.202117][T11633] binder_alloc: 11632: pid 11632 spamming oneway? 2 buffers allocated for a total size of 5120
[  299.334407][ T5355] 8021q: adding VLAN 0 to HW filter on device eth12
[  299.641349][ T5669] IPVS: stop unused estimator thread 0...
[  300.113045][T11511] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  300.119655][T11511] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  300.122783][T11511] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  300.131222][T11511] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  300.134831][T11511] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  300.146370][T11511] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  300.152963][T11511] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  300.158404][T11511] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  300.272950][T11511] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.293647][T11511] 8021q: adding VLAN 0 to HW filter on device team0
[  300.300955][   T62] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.303222][   T62] bridge0: port 1(bridge_slave_0) entered forwarding state
[  300.312335][   T62] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.314692][   T62] bridge0: port 2(bridge_slave_1) entered forwarding state
[  300.725858][ T5427] hid_parser_main: 3 callbacks suppressed
[  300.725878][ T5427] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  300.737362][ T5616] Bluetooth: hci0: command tx timeout
[  300.752981][ T5427] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  300.837350][T11511] 8021q: adding VLAN 0 to HW filter on device batadv0
[  301.059200][T11511] veth0_vlan: entered promiscuous mode
[  301.069137][T11511] veth1_vlan: entered promiscuous mode
[  301.102727][T11511] veth0_macvtap: entered promiscuous mode
[  301.116853][T11511] veth1_macvtap: entered promiscuous mode
[  301.156541][T11511] batman_adv: batadv0: Interface activated: batadv_slave_0
[  301.187740][T11511] batman_adv: batadv0: Interface activated: batadv_slave_1
[  301.199418][ T5653] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.202397][ T5653] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  301.206196][ T5653] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  301.210268][ T5653] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  301.366770][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.372020][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.444300][ T5427] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  301.505726][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  301.514173][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  301.625093][ T5427] usb 2-1: Using ep0 maxpacket: 8
[  301.631988][ T5427] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  301.639848][ T5427] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  301.648073][ T5427] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  301.654733][ T5427] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  301.669808][ T5427] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  301.681993][ T5427] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  301.691947][ T5427] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.708124][ T5427] usb 2-1: config 0 descriptor??
[  301.724090][T11694] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  301.927367][T11702] loop5: detected capacity change from 0 to 40427
[  301.933307][T11702] F2FS-fs (loop5): Corrupted extension count (327717 + 1 > 64)
[  301.947114][T11702] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  301.951460][T11702] F2FS-fs (loop5): build fault injection rate: 771
[  301.962613][T11702] F2FS-fs (loop5): invalid crc value
[  302.026032][T11702] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  302.048919][T11702] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[  302.051854][T11702] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  302.175157][   T33] audit: type=1326 audit(2000000209.767:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11714 comm="syz.6.2230" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7cb19cdd9 code=0x7fc00000
[  302.187562][ T5616] Bluetooth: hci3: Opcode 0x0c03 failed: -71
[  302.191641][ T5427] usb 2-1: USB disconnect, device number 39
[  302.199341][   T33] audit: type=1326 audit(2000000209.776:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11714 comm="syz.6.2230" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe7cb19cdd9 code=0x7fc00000
[  302.213879][   T33] audit: type=1326 audit(2000000209.776:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11714 comm="syz.6.2230" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7cb19cdd9 code=0x7fc00000
[  302.222135][   T33] audit: type=1326 audit(2000000209.776:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11714 comm="syz.6.2230" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7cb19cdd9 code=0x7fc00000
[  302.231250][   T33] audit: type=1326 audit(2000000209.776:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11714 comm="syz.6.2230" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7cb19cdd9 code=0x7fc00000
[  302.241267][   T33] audit: type=1326 audit(2000000209.776:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11714 comm="syz.6.2230" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7cb19cdd9 code=0x7fc00000
[  302.251089][   T33] audit: type=1326 audit(2000000209.776:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11714 comm="syz.6.2230" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7cb19cdd9 code=0x7fc00000
[  302.283588][   T33] audit: type=1326 audit(2000000209.776:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11714 comm="syz.6.2230" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe7cb19cdd9 code=0x7fc00000
[  302.332855][T11718] binder: 11717:11718 ioctl c00c6211 ffffffffffffffff returned -14
[  302.951211][T11740] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2240'.
[  302.959672][T11742] xt_hashlimit: size too large, truncated to 1048576
[  302.961012][ T5616] Bluetooth: hci0: command tx timeout
[  303.079574][T11748] netlink: 'syz.1.2244': attribute type 3 has an invalid length.
[  303.082319][T11748] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2244'.
[  303.207926][T11756] loop1: detected capacity change from 0 to 128
[  303.222815][T11756] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  303.229857][T11756] System zones: 1-3, 19-19, 35-36
[  303.236501][T11756] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  303.244532][T11756] ext4 filesystem being mounted at /824/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  303.279053][ T5615] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  303.355644][T11760] team0: Port device syz_tun added
[  303.376894][T11760] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  303.424741][T11762] netlink: 'syz.1.2250': attribute type 13 has an invalid length.
[  303.634204][T11696] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  303.652032][T11762] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.654594][T11762] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.805271][T11696] usb 6-1: Using ep0 maxpacket: 8
[  303.812569][T11696] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  303.816527][T11696] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.819614][T11696] usb 6-1: Product: syz
[  303.821323][T11696] usb 6-1: Manufacturer: syz
[  303.823187][T11696] usb 6-1: SerialNumber: syz
[  303.827554][T11696] usb 6-1: config 0 descriptor??
[  303.995865][T11762] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  304.053820][T11696] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  304.754141][ T5653] netdevsim netdevsim1 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  304.758129][ T5653] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  304.765743][ T5653] netdevsim netdevsim1 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  304.769418][ T5653] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  304.773023][ T5653] netdevsim netdevsim1 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  304.776396][ T5653] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  304.780623][ T5653] netdevsim netdevsim1 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  304.783867][ T5653] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  305.139420][T11696] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  305.149338][T11696] usb 6-1: USB disconnect, device number 7
[  305.153740][ T6093] udevd[6093]: setting owner of /dev/bus/usb/006/007 to uid=0, gid=0 failed: No such file or directory
[  305.363148][T11787] loop1: detected capacity change from 0 to 1024
[  305.366603][T11787] EXT4-fs: Ignoring removed oldalloc option
[  305.397366][T11787] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  305.428621][ T5615] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.546685][T11791] loop1: detected capacity change from 0 to 4096
[  305.554791][T11791] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  305.566058][T11791] ntfs3(loop1): Failed to read $AttrDef (-5).
[  305.862524][T11802] sctp: [Deprecated]: syz.1.2267 (pid 11802) Use of struct sctp_assoc_value in delayed_ack socket option.
[  305.862524][T11802] Use struct sctp_sack_info instead
[  306.243787][T11817] loop1: detected capacity change from 0 to 256
[  306.246297][T11817] exfat: Deprecated parameter 'utf8'
[  306.254272][T11817] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe3908169, utbl_chksum : 0xe619d30d)
[  306.268963][   T33] audit: type=1800 audit(2000000213.593:202): pid=11817 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2272" name="file2" dev="loop1" ino=1048678 res=0 errno=0
[  306.574530][T11822] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2274'.
[  307.324770][T11850] loop6: detected capacity change from 0 to 512
[  307.634195][T11850] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.2284: bg 0: block 4: invalid block bitmap
[  307.644696][T11850] loop6: lost filesystem error report for type 5 error -117
[  307.644994][T11850] EXT4-fs (loop6): Remounting filesystem read-only
[  307.650173][T11850] EXT4-fs (loop6): 1 truncate cleaned up
[  307.652838][T11850] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  307.682204][T11511] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.798271][T11862] loop1: detected capacity change from 0 to 256
[  307.808867][T11862] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[  307.824287][T11864] netlink: 'syz.6.2289': attribute type 20 has an invalid length.
[  307.827422][T11864] IPv6: NLM_F_CREATE should be specified when creating new route
[  307.828380][T11862] exFAT-fs (loop1): error, data valid size is invalid(-9223372036854774758)
[  307.838623][T11862] exFAT-fs (loop1): Filesystem has been set read-only
[  309.876871][  T864] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  310.037053][  T864] usb 2-1: Using ep0 maxpacket: 16
[  310.041168][  T864] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  310.047452][  T864] usb 2-1: New USB device found, idVendor=046d, idProduct=0721, bcdDevice=9c.25
[  310.051165][  T864] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.054207][  T864] usb 2-1: Product: syz
[  310.055980][  T864] usb 2-1: Manufacturer: syz
[  310.057881][  T864] usb 2-1: SerialNumber: syz
[  310.063138][  T864] usb 2-1: config 0 descriptor??
[  310.291068][  T864] usb 2-1: USB disconnect, device number 40
[  310.813001][T11899] loop5: detected capacity change from 0 to 32768
[  310.831384][T11899] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  310.877945][T11899] XFS (loop5): Ending clean mount
[  310.993241][T10697] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  311.262303][T11919] loop1: detected capacity change from 0 to 16384
[  311.297643][T11926] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  311.596146][T11938] loop6: detected capacity change from 0 to 4096
[  311.668178][T11943] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  311.757973][T11696] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  311.950914][T11696] usb 2-1: Using ep0 maxpacket: 32
[  311.956057][T11696] usb 2-1: config 0 has an invalid interface number: 35 but max is 0
[  311.959957][T11696] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  311.965287][T11696] usb 2-1: config 0 has no interface number 0
[  311.967771][T11696] usb 2-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  311.975312][T11696] usb 2-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad
[  311.978901][T11696] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.987337][T11696] usb 2-1: Product: syz
[  311.989203][T11696] usb 2-1: Manufacturer: syz
[  311.991353][T11696] usb 2-1: SerialNumber: syz
[  312.252679][T11696] usb 2-1: config 0 descriptor??
[  312.268071][T11696] radio-si470x 2-1:0.35: could not find interrupt in endpoint
[  312.273580][T11696] radio-si470x 2-1:0.35: probe with driver radio-si470x failed with error -5
[  312.492796][T11696] radio-raremono 2-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  312.828484][T11696] radio-raremono 2-1:0.35: V4L2 device registered as radio48
[  312.954645][ T5677] usb 2-1: USB disconnect, device number 41
[  312.957160][ T5677] radio-raremono 2-1:0.35: Thanko's Raremono disconnected
[  313.414787][  T864] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  313.577396][  T864] usb 6-1: config 220 has an invalid interface number: 76 but max is 2
[  313.581094][  T864] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  313.585224][  T864] usb 6-1: config 220 has no interface number 2
[  313.587965][  T864] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  313.594812][  T864] usb 6-1: config 220 interface 0 has no altsetting 0
[  313.597669][  T864] usb 6-1: config 220 interface 76 has no altsetting 0
[  313.600800][  T864] usb 6-1: config 220 interface 1 has no altsetting 0
[  313.606643][  T864] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  313.611039][  T864] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.618742][  T864] usb 6-1: Product: syz
[  313.622091][  T864] usb 6-1: Manufacturer: syz
[  313.624048][  T864] usb 6-1: SerialNumber: syz
[  313.860527][  T864] uvcvideo 6-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  313.862988][  T864] uvcvideo 6-1:220.0: No valid video chain found.
[  313.865611][  T864] usb 6-1: selecting invalid altsetting 0
[  313.891682][  T864] usb 6-1: selecting invalid altsetting 0
[  313.893990][  T864] usbtest 6-1:220.1: probe with driver usbtest failed with error -22
[  313.902201][  T864] usb 6-1: USB disconnect, device number 8
[  313.947284][T11998] loop6: detected capacity change from 0 to 8
[  313.955602][T11998] squashfs image failed sanity check
[  314.093668][T12006] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2338'.
[  314.302163][T12014] loop1: detected capacity change from 0 to 128
[  314.316088][T12014] hpfs: hpfs_map_sector(): read error
[  314.318386][T12014] hpfs: filesystem error: can't load hotfix map; already mounted read-only
[  314.333136][T12014] hpfs: hpfs_map_sector(): read error
[  314.568288][T12025] loop1: detected capacity change from 0 to 64
[  314.781355][T12036] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2352'.
[  314.786788][T12036] bond0: option arp_validate: invalid value (53)
[  314.789362][T12037] loop1: detected capacity change from 0 to 512
[  314.798752][T12037] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  314.804187][T12037] EXT4-fs (loop1): orphan cleanup on readonly fs
[  314.810293][T12037] Quota error (device loop1): dq_insert_tree: Quota tree root isn't allocated!
[  314.813886][T12037] Quota error (device loop1): qtree_write_dquot: Error -5 occurred while creating quota
[  314.829543][T12037] EXT4-fs error (device loop1): ext4_acquire_dquot:7034: comm syz.1.2351: Failed to acquire dquot type 1
[  314.835042][T12037] loop1: lost filesystem error report for type 5 error -5
[  314.836406][    C0] EXT4-fs (loop1): error count since last fsck: 1
[  314.841880][    C0] EXT4-fs (loop1): initial error at time 2000000221: ext4_acquire_dquot:7034
[  314.845412][    C0] EXT4-fs (loop1): last error at time 2000000221: ext4_acquire_dquot:7034
[  314.896871][T12040] 9pnet_fd: p9_fd_create_unix (12040): address too long: ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  315.002570][T12037] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2351: bg 0: block 40: padding at end of block bitmap is not set
[  315.109671][T12041] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2353'.
[  315.125307][T12037] loop1: lost filesystem error report for type 5 error -117
[  315.138715][T12037] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6679: Corrupt filesystem
[  315.146638][T12037] loop1: lost filesystem error report for type 5 error -117
[  315.146973][T12037] EXT4-fs warning (device loop1): ext4_evict_inode:195: inode #16: comm syz.1.2351: data will be lost
[  315.155503][T12037] EXT4-fs (loop1): 1 truncate cleaned up
[  315.160912][T12037] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  315.215583][ T5615] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.649483][T11696] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  315.830779][T11696] usb 6-1: Using ep0 maxpacket: 16
[  315.835544][T11696] usb 6-1: unable to get BOS descriptor or descriptor too short
[  316.619532][T12064] loop1: detected capacity change from 0 to 131072
[  316.637740][T12064] F2FS-fs (loop1): Test dummy encryption mode enabled
[  316.647625][T12064] F2FS-fs (loop1): invalid crc value
[  316.654547][T11696] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7
[  316.718233][T12064] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  316.730358][T12064] F2FS-fs (loop1): Start checkpoint disabled!
[  316.753635][T12064] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  316.758715][T12069] loop6: detected capacity change from 0 to 8
[  316.764249][T12064] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  316.776842][T11696] usb 6-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40
[  316.795345][T11696] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  316.819684][T11696] usb 6-1: Product: syz
[  316.833463][T11696] usb 6-1: Manufacturer: syz
[  316.846661][T11696] usb 6-1: SerialNumber: syz
[  317.180799][T11696] usb 6-1: Audio class v2/v3 interfaces need an interface association
[  317.193810][T11696] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22
[  317.608756][T11696] usb 6-1: 2:1 : invalid Cluster Descriptor size
[  317.829188][T11696] usb 6-1: USB disconnect, device number 9
[  318.372016][ T5669] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.800955][ T5669] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.929777][ T5669] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.059566][T12100] loop5: detected capacity change from 0 to 4096
[  319.115084][ T5669] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.136822][T12102] loop1: detected capacity change from 0 to 4096
[  319.145427][T12102] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  319.167237][T12102] ntfs3(loop1): mft corrupted
[  319.169296][T12102] ntfs3(loop1): Failed to load $Volume (-22).
[  319.221249][T12100] ntfs3(loop5): Inode r=20 is not in use!
[  319.667243][ T5669] bridge_slave_1: left allmulticast mode
[  319.670821][ T5669] bridge_slave_1: left promiscuous mode
[  319.673013][ T5669] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.678102][ T5669] bridge_slave_0: left allmulticast mode
[  319.685546][ T5669] bridge_slave_0: left promiscuous mode
[  319.688550][ T5669] bridge0: port 1(bridge_slave_0) entered disabled state
[  319.769885][T12110] loop1: detected capacity change from 0 to 32768
[  319.804292][T12110] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  319.855017][T12110] XFS (loop1): Ending clean mount
[  319.913950][ T5615] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  319.948467][T12124] loop6: detected capacity change from 0 to 4096
[  319.952192][T12124] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  319.970945][T12124] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 4096)
[  319.974031][T12124] NILFS (loop6): mounting unchecked fs
[  319.982049][T12124] NILFS (loop6): invalid segment: Checksum error in segment payload
[  319.984665][T12124] NILFS (loop6): unable to fall back to spare super block
[  319.987099][T12124] NILFS (loop6): error -22 while searching super root
[  319.993437][ T6093] udevd[6093]: incorrect nilfs2 checksum on /dev/loop6
[  320.169078][T12130] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  320.487829][T12143] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  320.550036][ T5669] bond0 (unregistering): (slave 70): Releasing backup interface
[  320.563898][ T5669] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  320.575369][ T5669] bond0 (unregistering): Released all slaves
[  320.613300][ T5669] bond1 (unregistering): Released all slaves
[  320.642647][ T5669] bond2 (unregistering): Released all slaves
[  320.873458][T12156] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  321.368286][ T5355] 8021q: adding VLAN 0 to HW filter on device eth13
[  321.859439][ T5616] Bluetooth: hci2: command tx timeout
[  321.968785][ T5669] hsr_slave_0: left promiscuous mode
[  321.973804][ T5669] hsr_slave_1: left promiscuous mode
[  321.980320][ T5669] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  321.983369][ T5669] batman_adv: batadv0: Removing interface: batadv_slave_0
[  321.989659][ T5669] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  321.992650][ T5669] batman_adv: batadv0: Removing interface: batadv_slave_1
[  322.038043][ T5669] veth1_macvtap: left promiscuous mode
[  322.040041][ T5669] veth0_macvtap: left promiscuous mode
[  322.315134][T12186] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2406'.
[  322.453996][ T5669] team0 (unregistering): Port device team_slave_1 removed
[  322.483592][ T5669] team0 (unregistering): Port device team_slave_0 removed
[  323.436827][ T5355] 8021q: adding VLAN 0 to HW filter on device eth14
[  323.659259][T12196] loop1: detected capacity change from 0 to 4096
[  323.708244][T12196] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.910493][ T5669] IPVS: stop unused estimator thread 0...
[  323.936074][ T5355] 8021q: adding VLAN 0 to HW filter on device eth16
[  324.164771][ T5615] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.385323][ T5355] 8021q: adding VLAN 0 to HW filter on device eth15
[  324.615515][T12230] ucma_write: process 335 (syz.5.2420) changed security contexts after opening file descriptor, this is not allowed.
[  324.719875][T12235] l2tp_ppp: sess 2/0: no socket in recv
[  324.856916][T12243] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  325.006713][T12251] loop5: detected capacity change from 0 to 128
[  325.034889][T12251] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  325.040324][T12251] hpfs: filesystem error: improperly stopped
[  325.048999][T12251] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  325.058666][T12251] hpfs: You really don't want any checks? You are crazy...
[  325.063804][T12251] hpfs: hpfs_map_sector(): read error
[  325.070913][T12251] hpfs: code page support is disabled
[  325.073189][T12251] hpfs: hpfs_map_4sectors(): unaligned read
[  325.075917][T12251] hpfs: hpfs_map_4sectors(): unaligned read
[  325.080477][T12251] hpfs: filesystem error: unable to find root dir
[  325.211135][T12261] Falling back ldisc for ttyS3.
[  325.217893][T12259] loop5: detected capacity change from 0 to 256
[  325.228784][T12263] macvlan0: entered promiscuous mode
[  325.235221][T12259] exfat: Deprecated parameter 'utf8'
[  325.263737][T12259] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  325.774636][T12268] loop6: detected capacity change from 0 to 40427
[  325.777897][T12268] F2FS-fs (loop6): build fault injection rate: 174
[  325.779870][T12268] F2FS-fs (loop6): build fault injection type: 0x3bfe8c
[  325.783772][T12268] F2FS-fs (loop6): invalid crc value
[  325.831905][T12268] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  325.846612][T12268] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  325.887460][   T33] audit: type=1326 audit(2000000231.948:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12270 comm="syz.5.2437" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3fed79cdd9 code=0x0
[  326.850048][T12300] loop5: detected capacity change from 0 to 256
[  326.857757][T12300] exfat: Deprecated parameter 'namecase'
[  326.860131][T12300] exfat: Deprecated parameter 'namecase'
[  326.875401][T12300] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[  327.262631][T12323] Bluetooth: MGMT ver 1.23
[  327.265454][T12325] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2460'.
[  327.271399][T12323] Bluetooth: hci0: unsupported parameter 256
[  327.274008][T12323] Bluetooth: hci0: invalid len left 3, exp >= 50
[  327.373414][T12330] loop5: detected capacity change from 0 to 512
[  327.401831][T12330] EXT4-fs error (device loop5): ext4_orphan_get:1397: inode #15: comm syz.5.2462: inode has both inline data and extents flags
[  327.408205][T12330] fserror_report: 1 callbacks suppressed
[  327.408223][T12330] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  327.410847][T12330] EXT4-fs error (device loop5): ext4_orphan_get:1402: comm syz.5.2462: couldn't read orphan inode 15 (err -117)
[  327.418830][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  327.418852][    C0] EXT4-fs (loop5): initial error at time 2000000233: ext4_orphan_get:1397: inode 15
[  327.418875][    C0] EXT4-fs (loop5): last error at time 2000000233: ext4_orphan_get:1397: inode 15
[  327.428861][T12330] loop5: lost filesystem error report for type 5 error -117
[  327.430558][T12330] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000070000 r/w without journal. Quota mode: writeback.
[  327.468832][T12334] loop1: detected capacity change from 0 to 128
[  327.512579][T10697] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000070000.
[  327.513993][T12334] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 54)
[  327.537299][T12334] FAT-fs (loop1): Filesystem has been set read-only
[  327.687034][ T5615] FAT-fs (loop1): error, fat_free: invalid cluster chain (i_pos 54)
[  328.602829][T12345] loop6: detected capacity change from 0 to 32768
[  328.667723][T12345] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  328.760918][T12345] XFS (loop6): Ending clean mount
[  328.879139][T12345] XFS (loop6): Metadata CRC error detected at xfs_rmapbt_read_verify+0x42/0xe0, xfs_rmapbt block 0x14 
[  328.883730][T12345] XFS (loop6): Unmount and run xfs_repair
[  328.885856][T12345] XFS (loop6): First 128 bytes of corrupted metadata buffer:
[  328.888644][T12345] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  328.891846][T12345] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80  ..P.............
[  328.895149][T12345] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  328.898302][T12345] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  328.901594][T12345] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  328.904331][T12345] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  328.907673][T12345] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  328.911001][T12345] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  328.914464][T12345] XFS (loop6): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x14 len 4 error 74
[  328.952609][T12345] XFS (loop6): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x518/0x8f0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  328.958659][T12345] XFS (loop6): Please unmount the filesystem and rectify the problem(s)
[  329.049281][T11511] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  329.428626][T12363] loop1: detected capacity change from 0 to 1024
[  329.519738][T12367] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2475'.
[  329.525513][T12367] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2475'.
[  329.529726][T12367] netlink: 31 bytes leftover after parsing attributes in process `syz.6.2475'.
[  329.540492][T12367] netlink: 'syz.6.2475': attribute type 3 has an invalid length.
[  329.545475][T12367] netlink: 'syz.6.2475': attribute type 2 has an invalid length.
[  329.549497][T12367] netlink: 31 bytes leftover after parsing attributes in process `syz.6.2475'.
[  329.561023][T12367] netlink: 'syz.6.2475': attribute type 2 has an invalid length.
[  330.917019][T12392] macvlan2: entered promiscuous mode
[  330.918813][T12392] macvlan2: entered allmulticast mode
[  331.178952][T12398] xt_hashlimit: max too large, truncated to 1048576
[  331.303087][T12407] loop5: detected capacity change from 0 to 4096
[  331.308349][T12407] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  331.348183][T12407] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  331.427249][  T158] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22.
[  331.433518][T10697] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  331.436018][T10697] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  331.440292][T10697] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  331.443267][  T158] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22.
[  331.923957][T12429] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed
[  331.929100][T12429] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff)
[  332.035627][  T798] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  332.113873][T12431] loop1: detected capacity change from 0 to 40427
[  332.119896][T12431] F2FS-fs (loop1): invalid crc value
[  332.151653][T12431] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  332.159407][T12431] F2FS-fs (loop1): Start checkpoint disabled!
[  332.175393][T12431] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[  332.178465][T12431] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  332.206889][  T798] usb 6-1: Using ep0 maxpacket: 16
[  332.213616][  T798] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  332.218638][  T798] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  332.222495][  T798] usb 6-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  332.226194][  T798] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.234788][  T798] usb 6-1: config 0 descriptor??
[  332.710385][  T798] corsair 0003:1B1C:1B02.000D: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.5-1/input0
[  332.905297][  T798] corsair 0003:1B1C:1B02.000D: Read invalid backlight brightness: ae.
[  332.915194][   T36] kworker/u10:1: attempt to access beyond end of device
[  332.915194][   T36] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  332.927605][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u10:1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  332.927665][   T36] Tainted: [L]=SOFTLOCKUP
[  332.927670][   T36] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  332.927677][   T36] Workqueue: writeback wb_workfn (flush-7:1)
[  332.927693][   T36] Call Trace:
[  332.927697][   T36]  <TASK>
[  332.927702][   T36]  dump_stack_lvl+0xe8/0x150
[  332.927714][   T36]  f2fs_stop_checkpoint+0x3c7/0x590
[  332.927728][   T36]  f2fs_write_end_io+0x1274/0x1740
[  332.927750][   T36]  __submit_merged_bio+0x256/0x6a0
[  332.927762][   T36]  __submit_merged_write_cond+0x3c9/0x4e0
[  332.927776][   T36]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  332.927796][   T36]  f2fs_write_data_pages+0x287e/0x34f0
[  332.927806][   T36]  ? f2fs_build_free_nids+0xdc/0x1810
[  332.927830][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  332.927846][   T36]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  332.927872][   T36]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  332.927890][   T36]  ? __lock_acquire+0x6b5/0x2cf0
[  332.927906][   T36]  ? __lock_acquire+0x6b5/0x2cf0
[  332.927917][   T36]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  332.927928][   T36]  do_writepages+0x32e/0x550
[  332.927940][   T36]  ? reacquire_held_locks+0x104/0x190
[  332.927950][   T36]  ? writeback_sb_inodes+0x463/0x19d0
[  332.927963][   T36]  __writeback_single_inode+0x133/0x10e0
[  332.927974][   T36]  ? do_raw_spin_unlock+0x4d/0x210
[  332.927987][   T36]  writeback_sb_inodes+0x979/0x19d0
[  332.927997][   T36]  ? __lock_acquire+0x6b5/0x2cf0
[  332.928018][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  332.928027][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  332.928055][   T36]  ? rcu_is_watching+0x15/0xb0
[  332.928070][   T36]  wb_writeback+0x445/0xb00
[  332.928081][   T36]  ? queue_io+0x1f1/0x470
[  332.928100][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  332.928109][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  332.928127][   T36]  wb_workfn+0x3f8/0xf10
[  332.928135][   T36]  ? __lock_acquire+0x6b5/0x2cf0
[  332.928143][   T36]  ? look_up_lock_class+0x57/0x110
[  332.928161][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  332.928171][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  332.928182][   T36]  ? lock_acquire+0x106/0x350
[  332.928191][   T36]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  332.928203][   T36]  ? process_scheduled_works+0xa70/0x1860
[  332.928213][   T36]  ? process_scheduled_works+0xa70/0x1860
[  332.928225][   T36]  ? process_scheduled_works+0xa70/0x1860
[  332.928232][   T36]  ? process_scheduled_works+0xa70/0x1860
[  332.928241][   T36]  process_scheduled_works+0xb5d/0x1860
[  332.928263][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  332.928275][   T36]  ? assign_work+0x3d5/0x5e0
[  332.928286][   T36]  worker_thread+0xa53/0xfc0
[  332.928306][   T36]  kthread+0x388/0x470
[  332.928334][   T36]  ? __pfx_worker_thread+0x10/0x10
[  332.928342][   T36]  ? __pfx_kthread+0x10/0x10
[  332.928353][   T36]  ret_from_fork+0x514/0xb70
[  332.928363][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  332.928372][   T36]  ? __switch_to+0xc79/0x1410
[  332.928386][   T36]  ? __pfx_kthread+0x10/0x10
[  332.928397][   T36]  ret_from_fork_asm+0x1a/0x30
[  332.928414][   T36]  </TASK>
[  332.931377][   T36] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  333.132323][  T798] usb 6-1: USB disconnect, device number 10
[  333.396737][T12443] : renamed from vlan0
[  333.693930][ T8998] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  333.802116][   T33] audit: type=1326 audit(2000000239.357:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12450 comm="syz.5.2510" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3fed79cdd9 code=0x0
[  333.833795][ T1377] ieee802154 phy0 wpan0: encryption failed: -22
[  333.836114][ T1377] ieee802154 phy1 wpan1: encryption failed: -22
[  333.854643][ T8998] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 9865, setting to 1024
[  333.859016][ T8998] usb 2-1: New USB device found, idVendor=0b05, idProduct=1abe, bcdDevice= 0.00
[  333.861841][ T8998] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.866437][ T8998] usb 2-1: config 0 descriptor??
[  333.871885][T12445] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  334.318501][ T8998] asus 0003:0B05:1ABE.000E: unknown main item tag 0x0
[  334.321426][ T8998] asus 0003:0B05:1ABE.000E: unknown main item tag 0x0
[  334.324301][ T8998] asus 0003:0B05:1ABE.000E: unknown main item tag 0x0
[  334.326844][ T8998] asus 0003:0B05:1ABE.000E: unknown main item tag 0x0
[  334.329195][ T8998] asus 0003:0B05:1ABE.000E: unknown main item tag 0x0
[  334.331631][ T8998] asus 0003:0B05:1ABE.000E: unknown main item tag 0x0
[  334.334380][ T8998] asus 0003:0B05:1ABE.000E: unknown main item tag 0x0
[  334.336858][ T8998] asus 0003:0B05:1ABE.000E: unknown main item tag 0x0
[  334.339189][ T8998] asus 0003:0B05:1ABE.000E: unknown main item tag 0x0
[  334.341587][ T8998] asus 0003:0B05:1ABE.000E: unknown main item tag 0x0
[  334.365461][ T8998] asus 0003:0B05:1ABE.000E: hidraw0: USB HID v7f.fd Device [HID 0b05:1abe] on usb-dummy_hcd.1-1/input0
[  334.552553][  T798] usb 2-1: USB disconnect, device number 42
[  334.815787][T12468] netlink: 45 bytes leftover after parsing attributes in process `syz.6.2518'.
[  334.889221][T12471] netlink: ct family unspecified
[  334.898096][T12471] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  334.989420][T12477] loop5: detected capacity change from 0 to 16
[  335.004720][T12477] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  335.409513][T12504] loop5: detected capacity change from 0 to 764
[  335.539657][T12509] loop1: detected capacity change from 0 to 2048
[  335.572799][T12514] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  335.721266][T12519] loop1: detected capacity change from 0 to 4096
[  335.732308][T12519] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  335.755740][T12520] loop5: detected capacity change from 0 to 2048
[  335.779543][T12520] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[  336.011352][T12500] loop6: detected capacity change from 0 to 32768
[  336.333282][T12500] JBD2: Ignoring recovery information on journal
[  336.382990][T12500] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode.
[  336.444571][T12539] loop5: detected capacity change from 0 to 1764
[  336.512424][T11511] ocfs2: Unmounting device (7,6) on (node local)
[  336.810518][T12547] tipc: Failed to remove unknown binding: 66,2,2/0:4052032335/4052032339
[  336.871060][T12551] (syz.5.2549,12551,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  336.875466][T12551] (syz.5.2549,12551,1):ocfs2_fill_super:1177 ERROR: status = -22
[  338.353569][ T5616] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  338.360898][ T5616] CPU: 0 UID: 0 PID: 5616 Comm: kworker/u11:3 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  338.360915][ T5616] Tainted: [L]=SOFTLOCKUP
[  338.360919][ T5616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  338.360927][ T5616] Workqueue: hci2 hci_rx_work
[  338.360944][ T5616] Call Trace:
[  338.360951][ T5616]  <TASK>
[  338.360957][ T5616]  dump_stack_lvl+0xe8/0x150
[  338.360970][ T5616]  sysfs_create_dir_ns+0x271/0x2a0
[  338.360984][ T5616]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  338.360997][ T5616]  ? do_raw_spin_unlock+0x4d/0x210
[  338.361013][ T5616]  kobject_add_internal+0x62b/0xd00
[  338.361030][ T5616]  kobject_add+0x163/0x240
[  338.361043][ T5616]  ? __pfx_kobject_add+0x10/0x10
[  338.361055][ T5616]  ? _raw_spin_unlock+0x28/0x50
[  338.361066][ T5616]  ? get_device_parent+0x366/0x3a0
[  338.361079][ T5616]  device_add+0x408/0xbb0
[  338.361091][ T5616]  hci_conn_add_sysfs+0xd5/0x210
[  338.361105][ T5616]  le_conn_complete_evt+0x10e6/0x16b0
[  338.361118][ T5616]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  338.361126][ T5616]  ? lockdep_hardirqs_on+0x7a/0x110
[  338.361140][ T5616]  ? irqentry_exit+0x218/0x730
[  338.361154][ T5616]  ? trace_irq_disable+0x3b/0x140
[  338.361202][ T5616]  ? skb_pull_data+0xfb/0x200
[  338.361227][ T5616]  hci_le_conn_complete_evt+0x187/0x470
[  338.361257][ T5616]  hci_event_packet+0x659/0xef0
[  338.361283][ T5616]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  338.361297][ T5616]  ? __pfx_hci_event_packet+0x10/0x10
[  338.361310][ T5616]  ? kcov_remote_start+0x49a/0x7a0
[  338.361323][ T5616]  ? hci_send_to_monitor+0xe2/0x590
[  338.361333][ T5616]  hci_rx_work+0x3ee/0x1040
[  338.361348][ T5616]  ? process_scheduled_works+0xa70/0x1860
[  338.361358][ T5616]  process_scheduled_works+0xb5d/0x1860
[  338.361380][ T5616]  ? __pfx_process_scheduled_works+0x10/0x10
[  338.361398][ T5616]  ? assign_work+0x3d5/0x5e0
[  338.361409][ T5616]  worker_thread+0xa53/0xfc0
[  338.361432][ T5616]  kthread+0x388/0x470
[  338.361443][ T5616]  ? __pfx_worker_thread+0x10/0x10
[  338.361451][ T5616]  ? __pfx_kthread+0x10/0x10
[  338.361463][ T5616]  ret_from_fork+0x514/0xb70
[  338.361474][ T5616]  ? __pfx_ret_from_fork+0x10/0x10
[  338.361482][ T5616]  ? __switch_to+0xc79/0x1410
[  338.361495][ T5616]  ? __pfx_kthread+0x10/0x10
[  338.361506][ T5616]  ret_from_fork_asm+0x1a/0x30
[  338.361526][ T5616]  </TASK>
[  338.361735][ T5616] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  338.442971][ T5616] Bluetooth: hci2: failed to register connection device
[  338.876781][ T5677] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  339.043137][ T5677] usb 2-1: unable to get BOS descriptor or descriptor too short
[  339.052991][ T5677] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 142, changing to 7
[  339.063385][ T5677] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  339.071589][ T5677] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.079205][ T5677] usb 2-1: Product: syz
[  339.084984][ T5677] usb 2-1: Manufacturer: syz
[  339.088361][ T5677] usb 2-1: SerialNumber: syz
[  339.147215][T12607] tls_set_device_offload_rx: netdev not found
[  339.275990][T12611] loop6: detected capacity change from 0 to 512
[  339.327788][ T5677] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  339.337303][ T5677] usb 2-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  339.341701][T12611] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  339.363724][T12611] ext4 filesystem being mounted at /83/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  339.491419][T12623] netlink: 80 bytes leftover after parsing attributes in process `syz.6.2567'.
[  339.543675][T12623] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2567'.
[  339.751998][ T5677] usb 2-1: USB disconnect, device number 43
[  339.816735][T12628] deleting an unspecified loop device is not supported.
[  340.043688][T12630] loop5: detected capacity change from 0 to 2048
[  340.088169][T12630] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  340.645346][ T6093] udevd[6093]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  340.945976][T12643] loop1: detected capacity change from 0 to 512
[  340.954034][T12643] ext4: Unknown parameter 'subj_type'
[  341.128095][T11511] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  342.034687][T12660] netlink: 'syz.6.2587': attribute type 1 has an invalid length.
[  342.236035][ T5616] Bluetooth: hci1: unexpected event for opcode 0x0c7c
[  342.733721][T12688] vim2m vim2m.0: Fourcc format (0x47524247) invalid.
[  343.507000][T12696] loop5: detected capacity change from 0 to 32768
[  343.511313][T12696] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2601 (12696)
[  343.521112][T12696] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  343.524290][T12696] BTRFS info (device loop5): using sha256 checksum algorithm
[  343.593546][T12696] BTRFS info (device loop5): enabling ssd optimizations
[  343.595902][T12696] BTRFS info (device loop5): turning on async discard
[  343.598085][T12696] BTRFS info (device loop5): enabling free space tree
[  343.774920][T12722] binder: 12721:12722 ioctl 40046205 0 returned -22
[  343.777943][T12722] binder: 12721:12722 ioctl 4008586f 0 returned -22
[  343.802394][T10697] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  343.993003][T12728] loop1: detected capacity change from 0 to 1024
[  344.025565][T12728] hfsplus: extend alloc file! (16384,256,150995124)
[  345.034758][ T5618] Bluetooth: hci2: command 0x0406 tx timeout
[  345.069935][T12736] loop1: detected capacity change from 0 to 512
[  345.097094][T12736] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  345.115937][T12736] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.121671][T12736] ext4 filesystem being mounted at /965/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  345.460973][T12743] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  346.819189][ T5615] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.528211][T12766] netlink: 268 bytes leftover after parsing attributes in process `syz.1.2622'.
[  347.806674][T12761] loop5: detected capacity change from 0 to 40427
[  347.812838][T12761] F2FS-fs (loop5): Corrupted extension count (64 + 1 > 64)
[  347.819235][T12761] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  347.826179][T12761] F2FS-fs (loop5): Image doesn't support compression
[  347.832620][T12761] F2FS-fs (loop5): invalid crc value
[  347.885772][T12761] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  347.911767][T12772] loop6: detected capacity change from 0 to 4096
[  347.950975][T12761] F2FS-fs (loop5): Start checkpoint disabled!
[  348.017806][T12761] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[  348.022986][T12761] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  348.025730][T12761] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  348.049007][   T33] audit: type=1800 audit(2000000252.689:205): pid=12772 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2625" name="file1" dev="loop6" ino=33 res=0 errno=0
[  350.041308][T12807] loop1: detected capacity change from 0 to 32768
[  350.046127][T12807] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2640 (12807)
[  350.192836][T12807] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  350.204717][T12807] BTRFS info (device loop1): using sha256 checksum algorithm
[  350.628594][T12807] BTRFS info (device loop1): enabling ssd optimizations
[  350.633723][T12807] BTRFS info (device loop1): turning on async discard
[  350.637740][T12807] BTRFS info (device loop1): enabling free space tree
[  350.645943][T12846] loop6: detected capacity change from 0 to 256
[  350.654038][T12846] exFAT-fs (loop6): failed to load upcase table (idx : 0x0001213e, chksum : 0x0cc630aa, utbl_chksum : 0xe619d30d)
[  350.707454][ T5615] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  350.718164][T12846] exFAT-fs (loop6): error, in sector 160, dentry 12 should be unused, but 0x85
[  350.722504][T12846] exFAT-fs (loop6): Filesystem has been set read-only
[  351.204080][T12861] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2657'.
[  351.393923][ T8998] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  351.624681][ T8998] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  351.634548][ T8998] usb 6-1: config 0 has no interface number 0
[  351.644344][ T8998] usb 6-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[  351.649542][ T8998] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  351.655475][ T8998] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  351.662515][ T8998] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  351.666300][ T8998] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  351.669529][ T8998] usb 6-1: Product: syz
[  351.671111][ T8998] usb 6-1: SerialNumber: syz
[  351.681453][ T8998] usb 6-1: config 0 descriptor??
[  351.683671][T12869] loop1: detected capacity change from 0 to 4096
[  351.716564][T12870] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  351.723313][ T8998] cm109 6-1:0.8: invalid payload size 0, expected 4
[  351.737921][ T8998] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input18
[  351.939229][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  352.272205][ T5722] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  352.343085][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  352.343199][ T8998] usb 6-1: USB disconnect, device number 11
[  352.345732][    C0] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  352.384629][ T8998] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  352.441393][ T5722] usb 2-1: Using ep0 maxpacket: 16
[  352.445726][ T5722] usb 2-1: config 254 has an invalid interface number: 235 but max is 0
[  352.449227][ T5722] usb 2-1: config 254 has no interface number 0
[  352.452063][ T5722] usb 2-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32
[  352.456115][ T5722] usb 2-1: config 254 interface 235 altsetting 2 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  352.461726][ T5722] usb 2-1: config 254 interface 235 altsetting 2 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  352.465934][ T5722] usb 2-1: config 254 interface 235 altsetting 2 endpoint 0x8F has invalid wMaxPacketSize 0
[  352.469561][ T5722] usb 2-1: config 254 interface 235 has no altsetting 0
[  352.475497][ T5722] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1
[  352.478769][ T5722] usb 2-1: New USB device strings: Mfr=1, Product=251, SerialNumber=3
[  352.481799][ T5722] usb 2-1: Product: syz
[  352.483532][ T5722] usb 2-1: Manufacturer: syz
[  352.485590][ T5722] usb 2-1: SerialNumber: syz
[  352.491400][T12874] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  352.722168][ T5722] usbtest 2-1:254.235: couldn't get endpoints, -71
[  352.726466][ T5722] usbtest 2-1:254.235: probe with driver usbtest failed with error -71
[  352.736844][ T5722] usb 2-1: USB disconnect, device number 44
[  352.998117][T12886] loop5: detected capacity change from 0 to 128
[  353.823437][T12905] netlink: 'syz.1.2675': attribute type 3 has an invalid length.
[  353.826504][T12905] netlink: 'syz.1.2675': attribute type 1 has an invalid length.
[  353.829636][T12905] netlink: 196 bytes leftover after parsing attributes in process `syz.1.2675'.
[  353.837190][T12905] NCSI netlink: No device for ifindex 0
[  354.395115][T12915] loop5: detected capacity change from 0 to 32768
[  354.405428][T12915] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  354.432809][T12915] XFS (loop5): Ending clean mount
[  354.586269][T10697] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  355.081807][ T5722] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  355.521988][ T5722] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  355.527572][ T5722] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  355.531843][ T5722] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  355.537135][ T5722] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  355.540872][ T5722] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.546991][ T5722] usb 2-1: config 0 descriptor??
[  356.006352][ T5722] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  356.228498][T12951] erspan0: entered promiscuous mode
[  356.428077][T12961] loop6: detected capacity change from 0 to 512
[  356.434631][T12961] EXT4-fs: user quota file already specified
[  357.720957][T13001] loop6: detected capacity change from 0 to 512
[  357.741735][T13001] EXT4-fs error (device loop6): ext4_orphan_get:1397: inode #15: comm syz.6.2712: inode has both inline data and extents flags
[  357.752178][T13001] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  357.752373][T13001] EXT4-fs error (device loop6): ext4_orphan_get:1402: comm syz.6.2712: couldn't read orphan inode 15 (err -117)
[  357.755167][    C1] EXT4-fs (loop6): error count since last fsck: 1
[  357.755179][    C1] EXT4-fs (loop6): initial error at time 2000000261: ext4_orphan_get:1397: inode 15
[  357.755194][    C1] EXT4-fs (loop6): last error at time 2000000261: ext4_orphan_get:1397: inode 15
[  357.768143][T13001] loop6: lost filesystem error report for type 5 error -117
[  357.771273][T13001] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  357.802118][T13001] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  357.829734][T11511] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.140958][T13026] loop6: detected capacity change from 0 to 128
[  358.145007][T13026] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  358.153640][T13026] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  358.189661][ T5677] usb 2-1: USB disconnect, device number 45
[  358.321439][T13033] loop6: detected capacity change from 0 to 512
[  358.331118][T13033] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  358.350374][T13033] EXT4-fs (loop6): 1 truncate cleaned up
[  358.358562][T13033] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.422105][T11511] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.912473][    C1] vcan0: j1939_tp_rxtimer: 0xffff8881758e5800: rx timeout, send abort
[  359.012649][T13039] loop5: detected capacity change from 0 to 131072
[  359.048528][T13039] XFS (loop5): Mounting V5 Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846
[  359.060880][T13048] netlink: 'syz.1.2731': attribute type 30 has an invalid length.
[  359.095865][T13039] XFS (loop5): Starting recovery (logdev: internal)
[  359.126352][T13054] netlink: 'syz.1.2731': attribute type 30 has an invalid length.
[  359.133057][ T5653] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  359.148746][T13039] XFS (loop5): Ending recovery (logdev: internal)
[  359.154366][ T5653] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  359.159926][ T5653] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  359.167557][ T5653] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  359.304891][T10697] XFS (loop5): Unmounting Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846
[  359.450011][    C1] vcan0: j1939_tp_rxtimer: 0xffff8881758e5800: abort rx timeout. Force session deactivation
[  359.527552][T13066] netlink: 'syz.6.2738': attribute type 1 has an invalid length.
[  359.535979][T13066] netlink: 212 bytes leftover after parsing attributes in process `syz.6.2738'.
[  359.973798][T13073] loop9: detected capacity change from 0 to 7
[  359.979989][T13073] Buffer I/O error on dev loop9, logical block 0, async page read
[  359.984732][T13073] Buffer I/O error on dev loop9, logical block 0, async page read
[  359.987390][T13073] Buffer I/O error on dev loop9, logical block 0, async page read
[  360.007868][T13073] Buffer I/O error on dev loop9, logical block 0, async page read
[  360.012640][T13073] Buffer I/O error on dev loop9, logical block 0, async page read
[  360.016428][T13073] Buffer I/O error on dev loop9, logical block 0, async page read
[  360.019510][T13073] Buffer I/O error on dev loop9, logical block 0, async page read
[  360.022831][T13073] ldm_validate_partition_table(): Disk read failed.
[  360.025342][T13073] Buffer I/O error on dev loop9, logical block 0, async page read
[  360.028469][T13073] Buffer I/O error on dev loop9, logical block 0, async page read
[  360.031979][T13073] Buffer I/O error on dev loop9, logical block 0, async page read
[  360.034637][T13073] Dev loop9: unable to read RDB block 0
[  360.036623][T13073]  loop9: unable to read partition table
[  360.038823][T13073] loop9: partition table beyond EOD, truncated
[  360.041160][T13073] loop_reread_partitions: partition scan of loop9 () failed (rc=-5)
[  360.378674][T13082] netlink: 316 bytes leftover after parsing attributes in process `syz.5.2743'.
[  361.166035][ T5427] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  361.334776][ T5427] usb 2-1: Using ep0 maxpacket: 32
[  361.342339][ T5427] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  361.359598][ T5427] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  361.363375][ T5427] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.370151][ T5427] usb 2-1: Product: syz
[  361.375893][ T5427] usb 2-1: Manufacturer: syz
[  361.383014][ T5427] usb 2-1: SerialNumber: syz
[  361.396785][ T5427] usb 2-1: config 0 descriptor??
[  361.434335][ T5427] gs_usb 2-1:0.0: Required endpoints not found
[  361.628998][ T8998] usb 2-1: USB disconnect, device number 46
[  362.510717][T13117] loop1: detected capacity change from 0 to 32768
[  362.521327][T13117] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.2759 (13117)
[  362.553327][T13117] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  362.562342][T13117] BTRFS info (device loop1): using sha256 checksum algorithm
[  362.656098][T13117] BTRFS info (device loop1): enabling ssd optimizations
[  362.658854][T13117] BTRFS info (device loop1): turning on async discard
[  362.661834][T13117] BTRFS info (device loop1): enabling free space tree
[  364.038490][ T5615] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  364.264231][T13141] futex_wake_op: syz.5.2761 tries to shift op by 144; fix this program
[  365.354119][  T798] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  365.514384][  T798] usb 2-1: Using ep0 maxpacket: 32
[  365.520645][  T798] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  365.524986][  T798] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  365.530571][  T798] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  365.534407][  T798] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  365.539992][  T798] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  365.544203][  T798] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  365.544559][T13161] loop6: detected capacity change from 0 to 32768
[  365.551013][  T798] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  365.554878][  T798] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.554986][T13161] (syz.6.2770,13161,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  365.561333][  T798] usb 2-1: config 0 descriptor??
[  365.576457][T13161] (syz.6.2770,13161,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  365.592208][T13161] JBD2: Ignoring recovery information on journal
[  365.650819][T13161] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  365.779184][T13161] 
[  365.779947][T13161] ======================================================
[  365.782053][T13161] WARNING: possible circular locking dependency detected
[  365.784202][T13161] syzkaller #0 Tainted: G             L     
[  365.786469][T13161] ------------------------------------------------------
[  365.788771][T13161] syz.6.2770/13161 is trying to acquire lock:
[  365.790746][T13161] ffff8881b346a2e8 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_init_acl+0x2fd/0x7e0
[  365.793747][T13161] 
[  365.793747][T13161] but task is already holding lock:
[  365.795922][T13161] ffff88816de5c8e0 (&journal->j_trans_barrier){.+.+}-{4:4}, at: ocfs2_start_trans+0x3ab/0x700
[  365.799699][T13161] 
[  365.799699][T13161] which lock already depends on the new lock.
[  365.799699][T13161] 
[  365.803398][T13161] 
[  365.803398][T13161] the existing dependency chain (in reverse order) is:
[  365.806153][T13161] 
[  365.806153][T13161] -> #3 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  365.808659][T13161]        down_read+0x47/0x2e0
[  365.810073][T13161]        ocfs2_start_trans+0x3ab/0x700
[  365.811859][T13161]        ocfs2_shutdown_local_alloc+0x1f5/0xa40
[  365.813635][T13161]        ocfs2_dismount_volume+0x1ec/0x8d0
[  365.815497][T13161]        generic_shutdown_super+0x13d/0x2d0
[  365.817344][T13161]        kill_block_super+0x44/0x90
[  365.818890][T13161]        deactivate_locked_super+0xbc/0x130
[  365.820617][T13161]        cleanup_mnt+0x437/0x4d0
[  365.822094][T13161]        task_work_run+0x1d9/0x270
[  365.823897][T13161]        exit_to_user_mode_loop+0xed/0x480
[  365.826111][T13161]        do_syscall_64+0x33e/0xf80
[  365.827656][T13161]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.829526][T13161] 
[  365.829526][T13161] -> #2 (sb_internal#4){.+.+}-{0:0}:
[  365.831702][T13161]        ocfs2_start_trans+0x2ac/0x700
[  365.833608][T13161]        ocfs2_xattr_set+0xebb/0x13e0
[  365.835484][T13161]        __vfs_setxattr+0x43c/0x480
[  365.837265][T13161]        __vfs_setxattr_noperm+0x12d/0x660
[  365.839373][T13161]        vfs_setxattr+0x163/0x360
[  365.841189][T13161]        filename_setxattr+0x296/0x630
[  365.843027][T13161]        path_setxattrat+0x3eb/0x440
[  365.844555][T13161]        __x64_sys_lsetxattr+0xbf/0xe0
[  365.846166][T13161]        do_syscall_64+0x15f/0xf80
[  365.847955][T13161]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.850406][T13161] 
[  365.850406][T13161] -> #1 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}:
[  365.854184][T13161]        down_write+0x96/0x200
[  365.855929][T13161]        ocfs2_reserve_suballoc_bits+0x16d/0x4840
[  365.857915][T13161]        ocfs2_reserve_new_metadata_blocks+0x415/0x9a0
[  365.860198][T13161]        ocfs2_init_xattr_set_ctxt+0x2f5/0x760
[  365.862251][T13161]        ocfs2_xattr_set+0xc42/0x13e0
[  365.863911][T13161]        __vfs_setxattr+0x43c/0x480
[  365.865463][T13161]        __vfs_setxattr_noperm+0x12d/0x660
[  365.867173][T13161]        vfs_setxattr+0x163/0x360
[  365.868646][T13161]        filename_setxattr+0x296/0x630
[  365.870258][T13161]        path_setxattrat+0x3eb/0x440
[  365.872144][T13161]        __x64_sys_lsetxattr+0xbf/0xe0
[  365.873755][T13161]        do_syscall_64+0x15f/0xf80
[  365.875476][T13161]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.877504][T13161] 
[  365.877504][T13161] -> #0 (&oi->ip_xattr_sem){++++}-{4:4}:
[  365.880592][T13161]        __lock_acquire+0x15a5/0x2cf0
[  365.882358][T13161]        lock_acquire+0x106/0x350
[  365.883840][T13161]        down_read+0x47/0x2e0
[  365.885269][T13161]        ocfs2_init_acl+0x2fd/0x7e0
[  365.886789][T13161]        ocfs2_mknod+0x1679/0x2260
[  365.888384][T13161]        ocfs2_create+0x195/0x460
[  365.889849][T13161]        path_openat+0x1395/0x3860
[  365.891345][T13161]        do_file_open+0x23e/0x4a0
[  365.892826][T13161]        do_sys_openat2+0x113/0x200
[  365.894379][T13161]        __x64_sys_openat+0x138/0x170
[  365.895986][T13161]        do_syscall_64+0x15f/0xf80
[  365.897498][T13161]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.899630][T13161] 
[  365.899630][T13161] other info that might help us debug this:
[  365.899630][T13161] 
[  365.903487][T13161] Chain exists of:
[  365.903487][T13161]   &oi->ip_xattr_sem --> sb_internal#4 --> &journal->j_trans_barrier
[  365.903487][T13161] 
[  365.907645][T13161]  Possible unsafe locking scenario:
[  365.907645][T13161] 
[  365.909882][T13161]        CPU0                    CPU1
[  365.911445][T13161]        ----                    ----
[  365.913036][T13161]   rlock(&journal->j_trans_barrier);
[  365.914628][T13161]                                lock(sb_internal#4);
[  365.916689][T13161]                                lock(&journal->j_trans_barrier);
[  365.919251][T13161]   rlock(&oi->ip_xattr_sem);
[  365.920723][T13161] 
[  365.920723][T13161]  *** DEADLOCK ***
[  365.920723][T13161] 
[  365.923658][T13161] 8 locks held by syz.6.2770/13161:
[  365.925646][T13161]  #0: ffff8881bcbda410 (sb_writers#36){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  365.928630][T13161]  #1: ffff8881b346a5a0 (&type->i_mutex_dir_key#14){++++}-{4:4}, at: path_openat+0xb4c/0x3860
[  365.931772][T13161]  #2: ffff8881b35597a0 (&ocfs2_sysfile_lock_key[INODE_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x16d/0x4840
[  365.935680][T13161]  #3: ffff8881b355a5a0 (&ocfs2_sysfile_lock_key[EXTENT_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x16d/0x4840
[  365.939515][T13161]  #4: ffff8881b3466ba0 (&ocfs2_sysfile_lock_key[LOCAL_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_local_alloc_bits+0x11f/0x2660
[  365.943492][T13161]  #5: ffff8881bcbda600 (sb_internal#4){.+.+}-{0:0}, at: ocfs2_mknod+0x1181/0x2260
[  365.946113][T13161]  #6: ffff88816de5c8e0 (&journal->j_trans_barrier){.+.+}-{4:4}, at: ocfs2_start_trans+0x3ab/0x700
[  365.949224][T13161]  #7: ffff888110852938 (jbd2_handle#2){.+.+}-{0:0}, at: start_this_handle+0x2054/0x2290
[  365.952041][T13161] 
[  365.952041][T13161] stack backtrace:
[  365.953738][T13161] CPU: 1 UID: 0 PID: 13161 Comm: syz.6.2770 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  365.953751][T13161] Tainted: [L]=SOFTLOCKUP
[  365.953755][T13161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  365.953761][T13161] Call Trace:
[  365.953767][T13161]  <TASK>
[  365.953771][T13161]  dump_stack_lvl+0xe8/0x150
[  365.953783][T13161]  print_circular_bug+0x2e1/0x300
[  365.953796][T13161]  check_noncircular+0x12e/0x150
[  365.953808][T13161]  __lock_acquire+0x15a5/0x2cf0
[  365.953823][T13161]  ? ocfs2_init_acl+0x2fd/0x7e0
[  365.953834][T13161]  lock_acquire+0x106/0x350
[  365.953841][T13161]  ? ocfs2_init_acl+0x2fd/0x7e0
[  365.953923][T13161]  down_read+0x47/0x2e0
[  365.953937][T13161]  ? ocfs2_init_acl+0x2fd/0x7e0
[  365.953948][T13161]  ? ocfs2_init_acl+0x181/0x7e0
[  365.953960][T13161]  ocfs2_init_acl+0x2fd/0x7e0
[  365.953971][T13161]  ? ocfs2_mknod_locked+0x158/0x290
[  365.953982][T13161]  ? __pfx_ocfs2_init_acl+0x10/0x10
[  365.953992][T13161]  ? dquot_alloc_inode+0x8ba/0xa50
[  365.954003][T13161]  ? dquot_alloc_inode+0x166/0xa50
[  365.954012][T13161]  ? ocfs2_block_signals+0x9a/0xe0
[  365.954028][T13161]  ? ocfs2_init_security_get+0x139/0x1a0
[  365.954036][T13161]  ocfs2_mknod+0x1679/0x2260
[  365.954050][T13161]  ? __pfx_ocfs2_mknod+0x10/0x10
[  365.954059][T13161]  ? __pfx_ocfs2_find_entry+0x10/0x10
[  365.954071][T13161]  ? ocfs2_inode_lock_full_nested+0xaec/0x1bd0
[  365.954085][T13161]  ? register_lock_class+0x31/0x2e0
[  365.954096][T13161]  ? __lock_acquire+0x6b5/0x2cf0
[  365.954109][T13161]  ? do_raw_spin_lock+0x12b/0x2f0
[  365.954122][T13161]  ? do_raw_spin_unlock+0x4d/0x210
[  365.954133][T13161]  ? _raw_spin_unlock+0x28/0x50
[  365.954141][T13161]  ? rcu_is_watching+0x15/0xb0
[  365.954150][T13161]  ? ocfs2_lookup+0x60f/0xa20
[  365.954159][T13161]  ? __pfx_apparmor_path_mknod+0x10/0x10
[  365.954168][T13161]  ocfs2_create+0x195/0x460
[  365.954178][T13161]  ? __pfx_ocfs2_lookup+0x10/0x10
[  365.954187][T13161]  ? __pfx_ocfs2_create+0x10/0x10
[  365.954196][T13161]  ? bpf_lsm_inode_permission+0x9/0x20
[  365.954206][T13161]  ? security_inode_permission+0xb7/0x2e0
[  365.954214][T13161]  ? may_o_create+0x2d2/0x370
[  365.954221][T13161]  ? bpf_lsm_inode_create+0x9/0x20
[  365.954230][T13161]  ? __pfx_ocfs2_create+0x10/0x10
[  365.954239][T13161]  path_openat+0x1395/0x3860
[  365.954252][T13161]  ? __pfx_path_openat+0x10/0x10
[  365.954258][T13161]  ? __x64_sys_openat+0x138/0x170
[  365.954272][T13161]  do_file_open+0x23e/0x4a0
[  365.954279][T13161]  ? irqentry_exit+0x218/0x730
[  365.954289][T13161]  ? __pfx_do_file_open+0x10/0x10
[  365.954299][T13161]  ? _raw_spin_unlock+0x28/0x50
[  365.954307][T13161]  ? alloc_fd+0x64b/0x6c0
[  365.954318][T13161]  do_sys_openat2+0x113/0x200
[  365.954328][T13161]  ? __se_sys_futex+0x3a8/0x450
[  365.954337][T13161]  ? __pfx_do_sys_openat2+0x10/0x10
[  365.954348][T13161]  ? rcu_is_watching+0x15/0xb0
[  365.954357][T13161]  __x64_sys_openat+0x138/0x170
[  365.954367][T13161]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.954375][T13161]  do_syscall_64+0x15f/0xf80
[  365.954386][T13161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.954394][T13161] RIP: 0033:0x7fe7cb19cdd9
[  365.954403][T13161] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  365.954410][T13161] RSP: 002b:00007fe7cc10d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  365.954419][T13161] RAX: ffffffffffffffda RBX: 00007fe7cb415fa0 RCX: 00007fe7cb19cdd9
[  365.954426][T13161] RDX: 000000000000275a RSI: 0000200000000540 RDI: ffffffffffffff9c
[  365.954432][T13161] RBP: 00007fe7cb232d69 R08: 0000000000000000 R09: 0000000000000000
[  365.954437][T13161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  365.954442][T13161] R13: 00007fe7cb416038 R14: 00007fe7cb415fa0 R15: 00007fff95ae6f48
[  365.954452][T13161]  </TASK>
[  366.087288][  T798] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 47 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  366.137066][T11511] ocfs2: Unmounting device (7,6) on (node local)
[  366.304566][   T24] usb 2-1: USB disconnect, device number 47
[  366.309373][   T24] usblp0: removed
