last executing test programs:

2m29.65216305s ago: executing program 1 (id=188):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r0}, &(0x7f0000000840), &(0x7f0000000880)=r1}, 0x20)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x8000000000000001}}, 0x30)
syz_emit_ethernet(0xdc9, &(0x7f0000000a00)={@empty, @broadcast, @void, {@ipv6={0x86dd, @generic={0x2, 0x6, "7bbafa", 0xd93, 0x3148286a35062e53, 0xfe, @rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', {[], "543a6ee4dda2533323f1c5af4ce19532c2a89bc0ad131e61f6dee460124c797ca7c9a93ea1541257fde117b8c0c0e5ca87cda5bd24e022b63591f855abdbfb37bd275cdc47a74a5492dbb85e30f8fd3202993d3a76cc0c409718a2f320b948101904ef0b9faa822d0cb3a832a331bc0b1ea109a5ecb1ec17410a80b8b5342302b620a87dc5f703f5af8514a2169b00862a6d3db93bf97206eee2d9427e31dbaa3b9b3e0b187622664c3b10014a07b24c0bd658d4eda6be2fb2a9ef8a129a8a1cdbd8dedce81d7af96b9b63a39843aa2566f183eb99b73fd55c4bae8f12b694c936132252f317f958fbc3b5e5ce81d6016648ccb98093a8a8b4ddce2fda0bb796fee2bbbcc78fa5767af860a0f6e6a99f4e6261f2cd18c703c73fe4553828ed4a29c279e86eecde16f5fa93b24f38348b23c6235c009f515fc6e20a33a12df0ec630afb0374bc3a2b6bb0b5ebc488a9426eac0acab3e6d79b4243337c1d177adf7e2c6a74b8ac6debe32d24ba60c9e13ca023f83ec4c4446f35c15be68df0ac8fd59a7041924d7a2ba0346fcdeecdfbf4123c46b3f58da57de0df7c2d27354bea44b33581b476f573e03abb53571d2b09ee4a16db45d59154a6aadee448b2540b10025c4e4f4cbe45fa702d1117b39075f70f1bbfcf2061b08e399479bfdd0aa69a671054f2444fc5aba859f00efff9a863000e3d64165e55b4a3ae91e91eca2c2f55f31cd9f63650e8da241528e2acf2c35d48441c9ea547d7a718454bb3b3364b68ba638192e9e449462d9c449d33f94ef000cfb0d1ff18b30fdf93e84903e2b00cbf3b82baced7ed509df4b001db87bddde9352e6bf0b413d808088d430ffd7cdc90e86d0719fa8d08f37f5eb34a3c881aec1887d60d64c9c78e3707da46880649629992d71b42514c7a1ca772ba335c7b579521b503b0bd98891aa8e905b81b6e198d5b40e23859983dac2625674d8481edac4dc0b68c8c832edc0c9f2e440ddd56b585c8039e074edc811605bd72ad19a849003c63ff507b29e3463bb64795a08de1b7d2161035a2dbaa15bf633514d8214c4e644b3da884ead821e9a93544a10b27b4877cab91c4a4f8999c6ad6038829e0c39725e9f9d76536b0b3fe87caa2393062979811e33b4bb188f6d91927ce54531bc1684530f8d54052d9676a0d7042f3e7a92afbdc69f5ae14be4a692b7cc53fce2b6382b5bc8078ff6797da6a789ab0c5d4e16aad7378feee36e35e5fdecf5e00340ae139725e2ba84bfd74fe01025a0466ed025e5c7add6f3c65694f2aa66239e336e1255b801c49975f1e3e587ecc525ce16e6072834ea3512b73652639cd7432dc247b8c155bc4a104e679eef5a658bbab9abab13d8ea6eddcce68061c1b7aca38386063356a72c295930c1d5a3b967a680433c04817b1412fc884dc53826e5c50f6efb1d003e060aaa8e84a59d6c243d82b7763d741f64df397805a7c51fc46db22566fa9edaaeda77ad95fd6782d81dd205927e97dea4128f697e6610851c447274a77b50a8e939c7481382346986a8713ed8ae9e33f4b81ca6a1caea70946ffde9e8afbdfccdfeb7abe1e999f36057b4c5ddad1a85bac5a5a37b2bdb74f6b1cb912c6b9c4b2a16d2ec61a4251f1ea195427670ea2c9dc454c64ffd1b32c047ea1123eef6227721e16750e65291d08bb2432c250301d251f1cfc278dad374211f547697a1092b24ea850f60fa6d48d2c692d6e0c730e0edd8c0066067c7c661f756148e84469ec76e318caa0aff2950d8985da7fdcdd2df6f10e64b37cf1992b259dbcdaf000b6fa4a369d6aaec35095a98f2d5ef72947ad2e29d5f6a69779d064aea640e4e124920075d60f0219ffe4e37132f1c0f3685f549481a9d6b591802e9b830a2fb8a088be9624c718db68d47dca2622cacaf2c8b14ca38571abe3a82f97d7620acde981c66c7643632f86f190a34383947b36b6ee02e7ff5c365bee7423c311825b593324fd70e31f4ee77cfff55d7741ba8cbb95fd1a6d5d12592f4a4cfda7607c304653bda7f3b95c56ff5b0a08ec042171dc49923b4d3454818b71e0b23a5098b4ff899596d8538119adbe69bf6768477510ae87205410dbde6e66dc8b9ab5bf0c82dc8e03c00be36a697ed2dc265780ce55c60dbf2dda93287732e405f6c8743c4b34498d3005d9d3088b97200a7d412c295f71706adee09f751036a48822982d2d271d1e7b4f6143148a16ec34e6d1bef3fa0792f18acd51384546a69d638288fb6c72eebd3f511d95b3efe39abb71e8680c9be9a736752b5fc42f9b29022a749ab0fba57948b5830f20926f195858c1810120e9c73fa90ba847004d302e8222b18f4ed9602ddd147c489b0d41fbc38450ca0b5e7935e4960ec776ab6805d457003ccd206106c8996c1dd435e1e6acfdfbb16f6c4ffdff5c359ee505e7b8e40cec9a682cda8439cfcde94bb25a96fcf20f363c534e27be9dd3c0842284190ab4a4d6c8c97145faf43396ceeb2e63910558e7db5fb6ed0f610b7bbcc13e4dca9fe4cbd473e84be24e4ca9f5353614ee9359475cd73a6848eac84ff412319d308fd57a5680163f6b0d08a27e4318963076ba2e8d239bf8b581b876d3fe309dd248a10bc5a741e31fdadabd20c5837a90797909d0256baed97c423270c9d49b716b339faa05986a860ad5eef28d92524ad8a3c485f24c11c286e8bec6d253fa7ceac1f6d830ece13f8eee197af10d2496e2774511f7af15be5e4318cba63cfa9b4c42e6efd277559eb813d8ed997532f89c084cdf53920cea70c804f53740afd02ec46827b2cf7e83f1edd9e1699a62ef9afbef82688811e02744f1ac5c34b6ef30170ca720739c0f3b9cc81dfb643ea6c549a1f13626849f2a3f7f94754caa94d858168ece1813440fbc1584a8c660bfa7e8770622a73dcc6ec02c5b3085cec8ed1deede342abb81f6a9320f5c7a7912403d5c9aaa90f11dda74e52e18f8d8a3b35249324e2f7e621eff8a52f956b16c280eafcbf281d40c960cbfc3168ef8b7dcadc396012b4582e108d9537b4715c89bcba40f14e37909fc1b0c937aaf2b8077ffc0e30141ad54d611feaafbb925b870e4c889cabab93277d435c0185490ac914ee934cf370132531132fc6661ade20458ddd09608ec80fd7d4273179ba0a7934d04f2599b4890fa915b740e8f99705130e451eef2798a2c39ed2612971c85a12a4ac8e29566265c70e0feee58f83a3ffb226b215657331e02137386013996a60217c2523cee1d0c4714b5755cf9a88f89c782ddcc187079ada21b6b61aa6cab4251a3e1a6e00d99570bdfb6c682c1d8245a412c5ce85854b62e559476852db61606250bf08ae6507142d05c7c89ddfc9a2ea8e93c3ee06e9abb4c9147205051f3e223b33e6423583f01f5fa2a7c8b10230a9ad069742f4a31fdeb841877a59d15212525544e87129f994fac11e0a23ba68de47ef9f72f0d4ce4fddb988b6e5a7caa70caaed9930d35f4fa4492e50a269b1f0fa07e107d748682fcd001d31915a302e268008ff756ec6fd0066ae5784a58d3f63e6a5dce79b8572ec8090c83314808153dcf31087846b3de34362dfefde63b4278f853c569743c873ae8f4447d26eaf4e276f40f46f6f0ace9b8fad69ff2e26a545e275fe6113c4bf6242c276cf8b07a515c4f095d538e0bb5ce5144689ac4b92cf28608528a0468136cb6b2d8e5cc7ab4c96c23f41dd42ab9d31c4b7758083c4c8f90b525d005b81c061061351228fdc1fd804d9d831e6412f106c839c9fa05caf10ad2e3859b327ac8f36aa9ff023fc58cea6ad97d415966fe2bb8e3fab0ccb5177229fbf7cdb24784b493f584d8dc13fd5c162e989fde538d05b47c0a479df29eba70a0cdf80b893c4ac1b7e932203ae500f2864ed9fd43e5c96fe4bab317c6e2098b126280ea7f32eb5d780b3bd438ecbf34df786352e7eec27d68fad1d2cff702a9dcad06cb33c5e3bf4ce61b0a79792aa7d79b71a2e8e8caf89d5af680fccff7f28d896a0748895f8e23a3e53c069def21f042854bdb8f947e5851499f6ccbe67c424a7aa1a3d154f26eb363a74f9318e3793289f2c00ba7f6adfa50edd10bfc8a2607905a2cf269c24d8f1a5a793bad9cfc3a867a1416afa0ebfd9406c9da6dfafb409f8ac6bd5eb20a8b6ddbababfea42aef6451f8fd8acc8f03412f9baee43f2008d2d5d0ec2be1cee920bcbd40fdc39a3ec8292ed162b12d232dc21851ddcab0eae4302574de56a75f2dfbdb56c213b0a2c2f23505c85ae5c284028aaf154b24833a5e15bb8b668406dfd96b15691b2aacb12cfb5fd5270405efb9ce2f1bcc80c4753feb735c1cf9126b9b80a98a10ded1a84a5e18cf095a6cf5bb888af69f2d599841a3bc02e09ca03d5f818bc64ddefd5971722d02aae6f69a23a7646b68d948704e54e813c6c66066876f9ed45fc2f628aed7d0cf51d9aaf5db9fa2588258b5b9c4dab550241c98ef3264c51b438116b4791326c809b52ff96fb9a09b94ad39857d9f413d1b989c77e66319e3ca4d8a4b54581701c64dce4599ce32b4502f2e5778beaeaf62b15b7ef6f807d2d95cf5328ba8ec37a33ad7256c4b4df523939ff6e5303f3397c45620efbf999f7b4ecf4ef7212c3c1820a165f8ece629a6984cd43dbb2970715ae701498e7419efc866dda15c40736e6135d395f0dd3e6513f85ef9b1b0f3caacdde102b72a45496420a2c8ccf027d92740af5d3a3b1a2bddd7dc3186a8d987f38c8c30a1897d7cee0756db276c2be79a50b804418a17d9b05ee7d9a45d8b7ab521cad20f66984be03d9b583c16657cc19833357e7248b10dc9c25b74ba901c38f4b56f54ca4a2f1ec957a2aca5aeed7f1218ec025bb7a9cceb1efc0372b5ecad9a6b000ca8c18cd63384610d33bf956ce23be4b249"}}}}}, 0x0)
syz_emit_ethernet(0xe1, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd60b08df300ab8401fe8000000000000000000000000000bbfe8000000000000000000000000000aa67b9b68843d253738d6d9af8007be66f814ed05663549cd47a429562fdfdd2a85dc76a2bc365488335ea03a036b42926a1f5f2cb60c31f737fec5bfad0e809785b3f36e76ed306a2e42ee3030adca29a8e03e919537bfd3c12d6b273cf6e7a7430484f96fb279018d946e9a5f87edcc27d191f2952233b2b0c03c5bab356c254a7d220418a30ddfe3ebed56f5e5bc648b8f019518403d1f91c9e804d157b6a8d54cf3c4f33ab2f53db8111c319a4fa47de2213b31c298f6d6ddf90284f501fd4f05c4813f0716d1379af9cb5858ea9f00440c9fd00"], 0x0)

2m29.517809877s ago: executing program 1 (id=190):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4080)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a64000000060a0b040000000000000000020000000900010073797a30000000000900020073797a32000000003800048034000180090001007866726d00000000240002800500030000000000080001400000000008000440000000830800024000000005"], 0x8c}}, 0x0)

2m29.371430893s ago: executing program 1 (id=191):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1000000004000000040000000100000000000000", @ANYRES32=0x1], 0x50)
r0 = socket$kcm(0xa, 0x5, 0x0)
r1 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r1, &(0x7f00000004c0)={&(0x7f0000000180)={0x2, 0x2, @dev}, 0x10, &(0x7f0000000300)=[{&(0x7f0000001800)='@', 0x1}], 0x1}, 0x10004024)
setsockopt$sock_attach_bpf(r1, 0x84, 0x1e, &(0x7f0000000000), 0x10)
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8916, &(0x7f0000000000)={r2})
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8936, &(0x7f0000000000)={r2})

2m29.294526027s ago: executing program 1 (id=192):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@noblock_validity}]}, 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3M1rVFcbAPDn3nwYNb6JL/LyWkoNtGChOBrFSl2py9ZFof0DDHEiIdcPkhRMcBHbhXRVC910UWgXpX9AoetstNBV6aaVFrqXShHdp9zJnWQwM0mqMx4/fj84c8/HZM7z5JK555C5E8BLa6x8yCP2R8S5LGKk6s8jYrBRG4pYWn3eg/vXJh/evzaZxcrKB39nkVV9zdfKquPuqjEUEb+cyeK/n2ycd25hcWaiKOqzVfvw/MUrh+cWFg9NX5y4UL9QvzR+YvzY8RPHjr99pGu5vrv35tmvxk/t+f7Mrauv3fj9yyxOxXA11ppHt4zFWKxUWvv7I2Ki25Ml0lflk7X0Zf0JAwIAYFN5yxrufzESfbG+eBuJW78mDQ4AAADoipW+WPsfFQAAAPCiyuz/AQAA4AXX/BzAg/vXJpsl7ScSnq57pyNitF3+/bHUOA7FQETsepBF622t2eqPPbGxiNj30+iPZYke3Ye8maXrEfH/dvlnjfxHG3dxb8w/j4hu3Jk99kj7ecr/VBfmT50/AC+n5dOrF7KN1798bf0Tba5//W2uXY8j9fWv8/pvPf++Duu/97c5R/3Ap593Gmtd/xXfvnq7nL88PlFS/8K96xGv9Hde/5T5Zx3yP7fNOQb++PmHTmNl/mW+zfK081/5JuJg2/3P+jfaZJt/P9HhqemiXj22nePG7e/2dZq/9fyXpZy/uRd4Gsrzv6tD/lud/yvbnGP5r4N/dhrbOv/87mD2YaM2WPVcnZifnx2PGMzObuw/unkszec0X6PM/83XN//7b5d/+Z6wVP0eyr3A9epYtj9+ZM5D773zxuPn31tl/ucf8/zf3OYcX382e7fTWOr8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+5BExHFleW6vnea0WsTsi9sWuvLg8N//W1OWPLp0vxyJGYyCfmi7qRyJiZLWdle3xRn29ffSR9rGI2BsRX4zsbLRrk5eL86mTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM3uiBiOLK9FRB4RD0fyvFZLHRUAAADQdaOpAwAAAAB6zv4fAAAAXnz2/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTY3gPLd7KIWDq5s1FKg9XYQNLIgF7LUwcAJNOXOgAgmf7UAQDJ2OMD2RbjQx1HdnQ9FgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeXQf3L9/JImLp5M5GKQ1WYwNJIwN6LU8dAJBMX+oAgGT6UwcAJGOPD2RbjA91HNnR9VgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHYNN0qW1yIib9TzvFaL2BMRozGQTU0X9SMR8Z+I+G1kYEfZHk8dNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF03t7A4M1EU9VkVFRWVtUrqdyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFKYW1icmSiK+uxc6kgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA1OYWFmcmiqI+28NK6hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEjnnwAAAP///JMJmQ==")
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x104000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0)
mount$fuse(0x0, &(0x7f00000005c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$9p_unix(&(0x7f0000000100)='./file0/file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x2a05004, 0x0)
umount2(&(0x7f0000000180)='./file0/file0\x00', 0x0)

2m29.104886797s ago: executing program 1 (id=194):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x3, 0x12)

2m28.741992495s ago: executing program 1 (id=200):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x9, [@type_tag={0x6, 0x0, 0x0, 0x12, 0x2}, @typedef={0x7, 0x0, 0x0, 0x8, 0x4}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0x8}}, @func_proto]}, {0x0, [0x0, 0x30, 0x2e, 0x5f, 0x61, 0x61, 0x5f]}}, 0x0, 0x5d, 0x0, 0x1}, 0x28)

2m28.397338112s ago: executing program 32 (id=200):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f00000001c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x9, [@type_tag={0x6, 0x0, 0x0, 0x12, 0x2}, @typedef={0x7, 0x0, 0x0, 0x8, 0x4}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0x8}}, @func_proto]}, {0x0, [0x0, 0x30, 0x2e, 0x5f, 0x61, 0x61, 0x5f]}}, 0x0, 0x5d, 0x0, 0x1}, 0x28)

2m9.512344536s ago: executing program 3 (id=321):
r0 = socket(0x848000000015, 0x805, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0xa, 0x0, 0x0, @dev}, 0x1c)

2m9.182168668s ago: executing program 3 (id=322):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000080), 0x8)
sendmmsg$sock(r0, &(0x7f00000008c0)=[{{&(0x7f0000000440)=@in={0x2, 0x4e21, @loopback}, 0x80, 0x0, 0x0, &(0x7f0000000880)=[@txtime={{0x18, 0x1, 0x3d, 0x7fffffffffffffff}}], 0x18}}], 0x1, 0x0)

2m8.980016385s ago: executing program 3 (id=324):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r0, 0x4610, &(0x7f00000002c0)={0x1f})

2m8.671664413s ago: executing program 3 (id=326):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000840)={[{@mblk_io_submit}, {@min_batch_time={'min_batch_time', 0x3d, 0xffd}}, {@nolazytime}, {@jqfmt_vfsold}, {@errors_remount}, {@minixdf}, {@errors_remount}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000280)='./bus\x00', 0x0, 0x0, 0xff, 0x0, &(0x7f00000007c0))
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
truncate(&(0x7f0000000180)='./file0/file1\x00', 0x73d)

2m8.405170259s ago: executing program 3 (id=332):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x4, 0x8, 0xb, 0x2}, 0x50)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x80000000, 0x1, 0xffffffffffffffff, 0xfffffffc}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xd, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000850000002300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)='%pI4   \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)

2m7.892299907s ago: executing program 3 (id=337):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r0, 0x5386, &(0x7f0000000540))

2m7.730437992s ago: executing program 33 (id=337):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r0, 0x5386, &(0x7f0000000540))

3.173389488s ago: executing program 4 (id=1640):
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000040)={0x8, @sliced={0x0, [0x80, 0x9, 0xd6eb, 0x5, 0x5, 0xda, 0xbf, 0x1000, 0x3, 0xffff, 0x200, 0x7f, 0x2, 0x7, 0x1, 0x3, 0xc7, 0x3, 0x1, 0x7c5c, 0x3ff, 0x4332, 0x5, 0x6914, 0x2, 0x1, 0xfff, 0xfff1, 0x1, 0x5, 0x81, 0x5, 0xe3, 0x10, 0x1, 0x1, 0x1, 0x8000, 0xe63, 0x833a, 0xfff1, 0xffff, 0xa16e, 0xf1ca, 0xf880, 0x6, 0x4, 0x1], 0x1000}})
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000080)={@private0, 0x8000000, 0x0, 0xff, 0x1}, 0x20)
r1 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r1, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback, 0x5}, 0x1c)
sendto$inet6(r1, 0x0, 0x20, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x8, @loopback}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000040)=0x1000, 0x4)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000200)=0x3d10, 0x4)
sendto$inet6(r1, &(0x7f0000000000)="8d", 0x1, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000000080), 0x5e2, 0x2001, 0x0)

2.818307124s ago: executing program 0 (id=1650):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)={'team0\x00', <r2=>0x0})
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'dummy0\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000ffff26bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="15170000bcb7040008000a00", @ANYRES32=r2, @ANYBLOB="140012800c0001006d616376746170000400028008000500", @ANYRES32=r4], 0x44}, 0x1, 0x0, 0x0, 0x24004844}, 0x8000002)

2.816777598s ago: executing program 0 (id=1652):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000140)="ad76b6c5", 0x4)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmmsg$alg(r3, &(0x7f0000004c00)=[{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="a9861869a75f66ef7d128ae4230965648a021cdf93508c9706dc1e4d9e1d4c436faf1d2786", 0x25}, {&(0x7f0000000040)="eeb9ff4efd6ce05a6ccd7c", 0xfe85}, {&(0x7f00000001c0)="7a33e678762b32820b", 0x9}], 0x3, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x0, 0x117, 0x4, 0x9}, @iv={0x0, 0x117, 0x2, 0x0, "f0f60d0c8902cf02f6b345465a9f37b8b08a34e37624210d147505c64ef863f3e92bdce7c78a97d195340fc205cb4d52df937b35fc82582e5336d068b9a373697c4f24a8e4efa23f6a88875820a3a9e9119b89cddd18e0b8cf0728795a25524638976252bbfb956836c3426d96dba29885768fd964a8f46163b5157e1ba472de8f5c632bcab5165f3803b9b8d522f43b15267997bac0fd56c1da3e7240d9d8a134f61bd3c128ed73c73042cc4cd86fda92"}, @iv={0x0, 0x117, 0x2, 0x0, "4120670317223487130737cff4ca48e94911518a0a09220df4ffb94454290c0c1bd03a7bbaaa5e00f366488ae89f6a649e50ddf3c31a5d60392aba468d99f37c1810dd578a6b99b8dd7f925c5dddcfa62f6d"}], 0x18, 0x4012}], 0x1, 0x0)
recvmmsg$unix(r3, &(0x7f0000000840)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f00000034c0)=""/4096, 0x1000}], 0x1}}], 0x1, 0x20, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

2.739053726s ago: executing program 0 (id=1655):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x86, &(0x7f00000010c0)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x4, 0x2, 0x0, @broadcast=0x1000000, {0x17, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @dev={0xac, 0x14, 0x14, 0x38}, @dev={0xac, 0x14, 0x14, 0x15}, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x5, [{@private=0xa010102, 0x4e20fffc}]}, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast1}, {}, {@loopback}, {@initdev={0xac, 0x1e, 0x1, 0x0}}, {@local, 0x800}, {@multicast2}, {@dev, 0x4}]}]}}}}}}}, 0x0)

2.671869145s ago: executing program 0 (id=1657):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='syz_tun\x00', 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000300)={{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x1, @remote}, 0x0, {0x2, 0x0, @private}, 'syz_tun\x00'})

2.371650886s ago: executing program 2 (id=1666):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x5, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1}, @ldst={0x3, 0x0, 0x3, 0xa, 0x0, 0xfffffffffffffffc}]}, &(0x7f0000000100)='GPL\x00'}, 0x94)

2.371301624s ago: executing program 2 (id=1667):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
ioctl$TCSETS(r2, 0x5402, &(0x7f0000000080)={0x1, 0x2, 0x0, 0xfbff, 0x8, "008ef14ba278887cb0baba08431799317e6324"})
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520100ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x100d}}, 0xfffffdef)

2.15772715s ago: executing program 4 (id=1668):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f757365725f78617474722c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c646174613d77726974656261636b2c6572726f72733d72656d6f756e742d726f2c6e6f61636c2c0033b67a38edf7ca65cff4aecf1bccac7b7847e83ec6928ad9eff2281ff7a2314d9a8541a9772b98d067c1463bb01ed3ebf5764745d29402107611df2e22d6cfb25eb0a8b970f339cf6413aaef25cee228060d70ce0ade90d917a9c5"], 0x1, 0x442f, &(0x7f0000004480)="$eJzs3c9rHFUcAPA3k7RJan8ktYcKggsWFJWQ9KRGME3TH0lbI9UWESHdJNs2ssmWZCMeeog3wZPgQTwUBW85SQ5e65/gxaOeC3rwIghiZHdn053JLlnrbmLL53PYt/N+J9+Z2TeH3RcnyrcXV3OLq7n8cq40f3P1dO6jUnFtqRDiPdJ0/AN7Nz7t6cZ50kafff995jQzc/b8O9dPh/DDwk8Ptra2tkJFb2hqtOH9H7/fnW9M6+JMm0q/zXvrlPdDCCd2zKuiJ4Tw3vchRCGEM0neRJIOhBCOhFrZ9buf3ch1aDZ9Sbo5dmp6495m6789CuGr4jOv3Fr69fmesV9e6tDwAAAAAAAAAAAAAAAAAAA85i5cnbn29shouB+F3o2o9n3dvsbyJG31/ditjnluD/5aAAAAAAAAAAAAAAAAAAAA+H96+P3/XHQ82rlf92SSjrdov/Vm9+dI90y9NTN5bmQ02f89aiiZOVZ5fTXJ+u1MTxhqsu97dv/3M5n+m+//HnVs/vX51ccdDFE8nDqO4+HhEL5JNn4/GR2Ki6XV8ss3S2vLCx2bxmMrHf/a7v2p6CQb+rcb/4lM/93f///pHWdT5fhG506xJ1o6/j0t6/WHqK34n82024v48+jS8e+t5g00Vhiv3QC+/SQKn/fuHv/JTP/div/REEIuqsw1l7oDVNYwlfxW6xXS0vE/UM1L3TqTf2Ql/s2u/z8z8T+X6X+/7v/r2Q8imkrH/2A1rz9V4+H1PxTvfv2fz/S/H/GvzH/d539b0vFPfvmtN1Wl+p9s9/5/IdN/t+J/LU7meTRKnQEbUS2/1e/VkZaOf/+O8ofPf3Fb67+LmfZ79fxXH7f+/Fe//b8Y1Z7/aC4d/4GW9dq9/qcy7bp9/x+vrv94VOn4H6rmpdfOg9XXduM/nem/O/E/uP1uPLP+/7uvtgD42vqvLen4P1XLjBtrrFdfq+u/aPf1/6VM//ux/qvMfz3u7qhPinT8D7esV4n/j218/l/OtOt+/EMYsdZ/ZOn4H2lZr3r99+8e/yuZdt2O/wvd7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMTCRpIMhiodTx3E8PBzC2eT4ZDgUzeUXZueKpfkPVkOYTPJz4Xh0q1iayxdnF5dLC4XZfLFYmg/hXFJ+IvRHq8VSeXYpf+f8dl8D0e1CfqU8V8iXQwgXkvxnw5F6X3OL5aX8nRDCxe2yY3Fp5c7t/PLswuLK6yMjIyNhansOQ1Hh43JhuVwbvVYawvR228GoYXLV4kvbczkcfVhaW1nOF6v5lxvaFEvz+WJDmytJ2RdhKCqvrC3P58uF2WLpVn28/TSepJNTV9+9enl0R/mNqJZO7O20AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiX7o+99mUIobd2FIcQxutvomb1v/u58MbsX1c+3Rw7Nb1xb/NBq3oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWGXjlEqBoIwAM+uRazEY1iFpLONKKKFEcETaO0JPIwexUt4BwsLWwsR4gYkL3mkea/6vmZgf3Z2YAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1rm86+9vmzYixeFPVcXb4/vH//y61Jez+fsHe5iR3bm66c8vmrb8e9rIT8vRZ5eH9Pvr+SFm6uh1sifTffozNH062jLX0r4tzTe+exwp1xHRlfwk5VzX63oBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUXfBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArwAAAP//hykaaw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, 0x0, 0x0)
pwrite64(r0, &(0x7f0000000980)='2', 0x51, 0xe7c)
lseek(r0, 0x5, 0x3)

1.830764953s ago: executing program 4 (id=1669):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000900)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000080)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0xa, 0x0, 0x80000005, 0x1}}, 0x20)

1.782548675s ago: executing program 0 (id=1670):
socket$inet6(0xa, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000240), 0x2, 0x40102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2f)
r1 = syz_io_uring_setup(0x498, &(0x7f0000000f80)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
eventfd(0x401)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_READ_FIXED={0x4, 0x8, 0x2000, @fd=r1, 0x4, 0x6, 0xe, 0x14, 0x0, {0x1}})
io_uring_enter(r1, 0x627, 0x4c1, 0x43, 0x0, 0x0)

1.51248861s ago: executing program 4 (id=1671):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0x14, 0x4, 0x4, 0x1, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f00000003c0)={r0, &(0x7f0000000680), 0x20000000}, 0x20)

1.463706057s ago: executing program 4 (id=1672):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc14)
gettid()
setresgid(0x0, 0xee01, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8000, &(0x7f00000024c0)=ANY=[@ANYBLOB='quota'])
r3 = openat(0xffffffffffffff9c, &(0x7f0000004d00)='./file1\x00', 0x250942, 0x1cd)
r4 = openat(r3, &(0x7f0000000400)='./file1\x00', 0x80c0, 0x4)
fchown(r4, 0x0, 0x0)
quotactl_fd$Q_GETNEXTQUOTA(r3, 0xffffffff80000901, 0xee00, 0x0)

1.174882314s ago: executing program 2 (id=1673):
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5c, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001500)="1c00000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)

842.842278ms ago: executing program 0 (id=1674):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001080)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0xc8300, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "5660359c3245d1c42317afad7d48ed51000000000000000100"})
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f0000000040)={0xa, @sliced={0x1, [0x4, 0x7, 0x7, 0xc, 0x6, 0x1, 0x4, 0x2, 0xc46d, 0x6, 0x200, 0x4, 0xe5, 0x80, 0xa104, 0x400, 0x6e, 0xea, 0x400, 0xd, 0x8, 0x7f, 0x3, 0x7ff, 0x0, 0x3ff, 0x77, 0x3, 0xfe34, 0x9b1a, 0x0, 0x4c4d, 0x7, 0x4000, 0x85, 0x5, 0x1, 0x3ff, 0x0, 0x5da4, 0x4, 0x7f, 0xffff, 0x2, 0x9, 0x8, 0x4, 0x81], 0x2}})
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8108c4, &(0x7f0000000300)={[{@resv_level={'resv_level', 0x3d, 0x400}}, {@heartbeat_none}, {@resv_level={'resv_level', 0x3d, 0x1}}, {@coherency_full}, {@err_ro}, {@localalloc={'localalloc', 0x3d, 0x1}}, {@intr}, {@localalloc}]}, 0x1, 0x442f, &(0x7f000000e480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZP3sIlNNGoI9KTSREppKbRYU21jvGwX2LbowjawNSb2gLcmnkw8GA+NJt44NfwD9ejRi8d6bqIHLyYmjZjdnQVm2A0rYUHq53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/uoXLo3XwzxHmna/6G965/2dOI62e9r75/s6vmL79w4E8J3sz8+XVtbWwtV3aGpoU2///br/ZnNx4Y4U6fabvPWdsv7IYSTW8ZV1RVCeC+EEIUQziVpo8mxN4RwLMm7cf+zm7ldGs2jJ8Wz+WdTD1aHT0+uPFxt/bdHIXxV+t+rt+d/fqFr+KeXd6l7AAAAAAAAAAAAAAAAAAAOuPFrV6+/PTgUHkeheyXa+r7ueHJs9X7s2q75vvN/LAAAAAAAAAAAAAAAAAAAAPxNbbz/n4tONHn/fyw5jrSov/Zm58dI50y8dXXswuBQsv97tCX/tSTpl3Ndob/Jvu/Z/d/PZeo33/99az871Rhfo9++EMUDqfM4HhgI4Ztk4/dT0ZG4VF6qvHKr3BVmd20YB1Y6/vXd+1PRSTb0bzf+o5n2O7///3+3XE3V85u7d4k919Lx72pZ7ttPo7bifz5Tby/iz86l499dS+vdXGCkPgFU4/959/bxH8u036n4Hw8h5KLqWHOpGaC6hqmmt1qvkJaO/6FaWmrqTD7IVvf/75n4X8i0v1/z/3L2i6jmk84O5QBKx/9ftbSeVImN+78/3v7+v5hpfz/iXx3/su//tqTjf7ie2J0qUvsk253/xzPtdyr+1+NknMej1BWwEtXTW/2/OtLS8e/Zkr/x/Be3tf67lKm/V89/jX4bz3+N6f+lqP78R3Pp+Pe2LNfu/T+Rqdfp+X+ktv5jp9LxP1JLS6+d+2o/243/ZKb9TsW/tirpacR/Yz7543A9/eum6z+y0vH/dz0x3lxiufaztv6Ltl//X860vx/rv+r4l+PO9vq8SMf/aMty1fj/0Mb3/5VMvc7HP4RBa/0dS8f/WMtytfu/Z/v4T2XqdTr+L3aycQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIADYDQ59oUoHkidx/HAQAjnk/NT4Ug0XZjNT5fKMx8uhTCWpOfCieh2qTxdKOXnFsqzxXyhVCrPhHAhyT8ZeqKlUrmSny/cvbjeVm90p1hYrEwXC5UQwniS/v9wrNHW9FxlvnA3hHBpPe8/cXnx7p3CQn52bvGNwcHBwTCxPob+qPhxpbhQqfdezw1hcr1uX7RpcLXsy+tjORp9UL63uFAo1dKvbKpTKs8USpvqTCV5X4T+qLJ4b2GmUCnmS+Xbjf7200hyHJu49u61K0Nb8m9G9ePo3g4LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgL/o8fDrX4YQuutncQhhpPFL1Kz8oyfFs/lnUw9Wh09PrjxcfdqqHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzJDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbpGKWBIAoD8JuxUDuPYbXsdrYrimjhiuAJ9BgeRo/iJbxDihRpU4RAMgthswvbJNX3NQ/mZ+Y9mAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADM8/TefbzVTUSKq81lxN/X/+Iwfyn15378/sUZZuR0nl+7h8e6Kf+ejvK7crRs8y5dr74/Y6T2fgd7Mtynvb7P9eRcU/s2NV/f9yZSriKiLfltyrmq5r0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGUHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AsAAAAACDM3zqKvg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXwEAAP//zQceng==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000001c0), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r2, 0x2007ffc)
sendfile(r2, r2, 0x0, 0x800000009)
open(&(0x7f0000000200)='./file1\x00', 0x4827e, 0xdc)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r1, 0x0)
socket$unix(0x1, 0x1, 0x0)

540.607869ms ago: executing program 4 (id=1675):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x5, 0xc9, 0x1}}}, 0x7)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x84, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e24, 0x9, @dev={0xfe, 0x80, '\x00', 0x11}, 0x7}}, 0x0, 0x7}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xc)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f000001aa40)=""/102400, 0x19000)
r2 = syz_init_net_socket$ax25(0x3, 0x3, 0xca)
ioctl$SIOCAX25GETUID(r2, 0x89e0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r4 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='source', &(0x7f00000019c0)='//\xf2/\x06\b//\\o\xdc\xea\x95\x9a)\x00bb\x8a\x80\x91\xdf\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xf8\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6h\xd1\x1d\xac\xaa\xfb\xc7Y\xcd\xc5k\xeb\xab\xf70\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\x9c\x00\x00\x00\x00\x00\x00\x00&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc50\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\r\x03j,N\xe1lw\n\xad\xe8\xf0\xad\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc\t\x00\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\x05\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1oO\xe4\x99\xd6\xed\x83\xb0\x18q\xb9\xda\xf1kk\xb0N\xe69D\x12\x1f\x96\x85y\xe1\xf6\x83\x81\xc1\xcb\x169\xa5A%\xcb\n\xaby\x9f\x97\xde\xcf\x14\x0f\xffl\xb0e\xa2m\xb3\x8fsI\xc8v<\x8a\\7\xbaA\xef\x92\x98K\xfd\xaa\xdb\x00'/468, 0x0)
r5 = open(&(0x7f0000000040)='./file1\x00', 0xc0242, 0x1df2a23c5997fa5f)
write$FUSE_CREATE_OPEN(r5, &(0x7f0000000180)={0xa0, 0x0, 0x0, {{0x4, 0x1, 0x5, 0x4, 0x3, 0x1, {0x0, 0x9, 0x2100, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x2, 0x0, 0x0, 0x3ff, 0x3}}, {0x0, 0x13}}}, 0xa0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x20fffe82)

307.005184ms ago: executing program 2 (id=1676):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000001f40)=""/4102, 0x18, 0x1006, 0x1}, 0x28)

202.065509ms ago: executing program 2 (id=1677):
io_setup(0x5, &(0x7f0000000240)=<r0=>0x0)
r1 = inotify_init()
io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
inotify_add_watch(r1, &(0x7f0000000340)='.\x00', 0xa50003d1)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)

0s ago: executing program 2 (id=1678):
r0 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[], 0x68}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[], 0x68}}, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000280)='./file1\x00', &(0x7f0000000240)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r2, 0xffffffff80000800, 0x0, &(0x7f00000000c0)={0x0, 0x9, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffff7})
r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/mnt\x00')
setns(r3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r4 = syz_mount_image$bcachefs(&(0x7f0000000200), &(0x7f0000000000)='./file1\x00', 0x1800402, &(0x7f0000000840)=ANY=[@ANYBLOB="6a6f75726e616c5f7472616e73616374696f6e5f6e616d65732c6d657461646174615f636865636b73756d3d63726336342c7f6174615f636865636b73756d3d6372633332632c6673636b2c6a6f75726e616c5f666c7573685f64697361626c65642c726174656cd6ee984c5f6572726f72732c7265636f766572795f706173735f6c6173743d7365745f6d61795f676f5f72772c7265636f6e7374727563745f616c6c6f632c6e6f5f646174615f696f2c7374725f686173683d736970686173682c000f456c33737c01c96a485301f57184319607791e0389515818ee65b05741a83e2d3412b274e683f19cb37b6975e95e26fbf8", @ANYRES16=0x0, @ANYRESDEC, @ANYRESHEX=0x0, @ANYRES32], 0x1, 0x5962, &(0x7f0000001400)="$eJzs3W2QXFXdIPB7u3syPTOZZBJAIshkCEQR1Ex4K3wpja5vBUjFwlLCRmEgE4xOQioZBAJKcMGFAiy0tBT1A7pILRotqmCFSIm8bMIqSrG61BZSq/ugH7SQh5RAHsrycZ6a6Xs63Xf6zu3p7skL/H6VzO17+vT/nnvu6dv3f7pnOgIAAOA1Yff1W/eec9QHfvnF0Zev+fBPN14b9RWnysuhwkCyvOJAtZD9qbu0ZGqZHhdvuuoHfxq6+H2/uLv3+6/sWnfs+t+9/7CLH/jMmTtv+/bDL/Xf+89n8+KG8XTivvX4+TiKyj/b8/Uv7Xr8yMmyOIqiYjywPYoWxYsfXhSnQgz/PYqidcnKktSd97x8yvrJ5bU3ddeVL0zVM95f28rJONu29/KTot+/d811v1764x917Xhu+74qcblmPEXRggtrH98VRVFP8n9SGG1hPIZBuzqKot6ax52R067jmmz/ioz1o5PlvGTZlxMn3L8stV5I1UuvB12pZW/O9tqV1Y5W6+WZn1pPn4zaldXOUL4oWd6XLE+cZfxi8r8cR4U4KlWbPxbvGyNRzXGLo3jqWJar64XqsY2S/U+tx6n1Qmq92JXar6ntJgOtGMf15aFeqjycjktJ+bG15+oGzs0of32yLCdP1FfCepS+UdE37UZ1v6aEdu2ZoS37Q6HmHNSovHrgk4PRl5T1xYunPWaigXDfrjU3Ly+ufWT3QEY74rvjJH7cUvxtv1o0/1M/vPGy9Ot6Nf6FhSR+oaX4fzjriRfOv/F738qMf2uIX2wp/skP9j5/1qPXL8vsnz2hf0otxR959rFblh5+0Y7M9t8e4pdbir9q5xPd/XsffCiz/cOhf3paiv/MOz/4x7ueuv+5zPhRiN/bUvy1Ozd/uXtw7wmZ8R8K/dPX2vh5ccfpTw8O/nkoK/6TIX5/S/Hv3H7bO+5YeNOZmcd3deifgZbin338A9fN33v/MVnnzvj2Tr1yArw2HZZcY92QrLeaZ7arJl/45lCpcs03P/nf38kNpS4+J7ezoJPxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACCKoiNO+l8f+pePDzxfSta7kxvPFCrLUD4viuKeKIq2jo9sGd+w6ZKhz1x62ZZNI2NDI+NDo5vGt1w5dOpbhraMbh4buXLy3uG3nlJ53OIorizjY6Ztu3tiYqIwUF8Wtvefjt/x++Vn/OWvUTR8xG8HS5ntX3HbxjsOb/AzJV418Z6Nl53z29O+m+zXQNKugQbtmpiYmIgy2vWv5/3jjq/u+dMJUTT8upna9dgz7/55XYOmCvbFSRS6o0qDuuPehu2otjppT+iv0voNY6PDM/fv5OOLGfvxn6967u/rr/jKPyr9W87cjyb7t2fVxFjhG2vO/vdvXF0pyGvXgTruef0d9iK0L/RfOenvBcl+LcjYr1LGfl3/64ee+tlRN760PRouvbh0+rbz9qsrGQBd8eub2m7YQm+8qK68nNQPRzw8bsX4xs0rtl657a0bNo5cMnrJ6Ka3rzx15enDp51+2oqpPV/R4f0P239jk/u/f8bTws9tvy/8bG485bUrrz8m25XfH7Utynr+9Z77pa+9/bZHz6kU5I3zULt6PkmWvZPHeWVUM96m91Wj/crrhyiKhhr1wwsvnRkd+X83XJd3Hqo9MrU/U+JVE48v+9t3z/jOkndVCvbLeb62QbXn+e5qtdzzfLXV+9oz1V/l5HhMHOj+LU79nNa/3ckd3XFfw3atfPzRrpt3//Xz1fbNmxddMTI+vmVl5ef8pKXz46MbtitdGvZraWhUMj6rw7TBeJ3UFVXalz5/hurpXu1L7uuLFzfcr7Rw3641Ny8vrn1kd1ZPx3dXttgT9VeW8Rsyao6lHlisNrjR9g/W51/e+Bj80Hfu/fi9Pzm1bnz0JBXGt5yct19xxn79+Kk7v/b9r/zXn3Ruvz707icG/vb/Pr28UnBAzyv75J5Xqq1O2hPXnldOjqK859/SqPF+ZD7/Co33J+/5l97OvvqN4w2l1vuiYkvP15Mf7H3+rEevX5b5fN3T7PP16rq1Ys7z9WAZP+nnV1yqb8fcPb/qBkq8auIXNxy2/eFrVh9VKcgb19Xajcb1KU3kHxn79fPznx68dOi//J/OnTd+8JZ7LvjdyKovVApaP+6hLZ057uWkf8sZ/Vttdcg7a/v3bRdfOrauUn4Arn8b7XyD699kmZP/hFPJ1iu3fXZkbGx0y9bm9qvZ19OwnXQvt/p6Gs5ui3P2qzBtv+buRjP91ezzLbR/Xcv9Vf9864vill4Xtv1q0fxP/fDGywamPSrZ0IWFJH6hpfh/OOuJF86/8Xvfyox/a4hfain+yLOP3bL08It2ZMa/PU7il1uKv2rnE939ex98KDP+cGh/T0vxn3nnB/9411P3P5cZPwrx+1rr/xd3nP704OCfM+M/GSfbmbxGiqJ7Xj5lfWU9jrqS51toR1ddu6L0epxaL6TWi7XxCpW51mpBMY7ry0O9pPzYmsc28omM8nAVVl5SWb4S1qP0jZnLDzaFurR7ennedSoAwKtdeP8/XJOG9/9Hkwul7JkG2KfdPGxJRtyQh+2bz5lXd/+SJH54fJgHHHxbNDy5vHaocqE/2/cRwvMhPc8ZtnPCcfUxWp3nzJt/X5ZaD+2qzJeXavLQxPS8phQ1Mf8+fTszz7+ndj9/fnzohmnNGqqZt0ofv65kxqzR5x1S7S1NRsgaH+l5sfB5jsEF0eqp7TU5PtKfownHIf05mrCdo1InzlY/R9Pu+AjNnmF8TDU5//2N6ccvmqF/9x2/xtHSx28Wx7s8WX+u35/twLxhw1Pa/ps3nNv3w8xLZsRPnmD7a94wmO28YSgP+1Fqcj7x4xnlnZpPDKeL0K49M7RlfzCfCLxahfw/vEZM5v+TF+D/lqqXdx2avmoM8TI/J1Rs3J68vGP65/R6W3odX7tz85e7B/eekHmd81Czn/vZXLfWm/O5n7x+XJ5az+3HjAmavHwvvZ28fk9/LqMv6m+p3+/cfts77lh405mZ/b668kKa3+9fq1vrz+n3QyBfaBxfvnDA8oXSIfQ5hrz5swOWjyQffJqrfORjGeWzzUd6p92o7teUQy4f6dq/7QIADh0h/6++f5bk//8/VEiuI/Ly1hNT6yFew7z1vv+W2Z6svPUjyfKKVP2+5DcqZnvdfPbxD1w3f+/9x2TmLbc3m4f+97q1gdw8tL28OTOPWN2Zz4tn5hHVPKu9PDGz/dU8sb08PTN+NU9vL4/O7J9qHt3ePEBm/Oo8wKH9vljufF1qY2G12fm6V20enfz67Fzl0edmlM82j+6bdqO6X1MOxjy6p0G5PBoAeLUK+X+4jAv5/6Opeu2+z56ZF3Touj3990Cq8Z/cX3nlXOd9c523znVeP9fzEod6XjzX80JzO0/2ms+Lk42+mvLiRuXyYgCAQ1vI/8N7INn5f3v5SaP8rasuP+l8fj5ZS34uP58pfsfet86If/DMf8n/vS+eT/4PAPDqFvL/8GuP4e///c9kPf13672PnhFfni5Pn2n8NJ2nd36eLfI5gAM7D1DzAXPzAAAAHAhdU5nS9N+z/2SyTP+efdbv5Z+fUb9ZpeTy+KLxLaOjF1y2ed3I+OgFmy5dN7r1gsu3bBgfH91Uqddu3piZtyR5Y1dUSvqjcb103rYw+XsICzP+HkK6fgh79NSN6X/HL73Znpy/I7Dv+DXX3qzjV5ihfqPxkXW8s+J/IqN+UD3+F3/65AvWb71gw6YN4xtGxjZsG62vN5m19s7iezNDt8zq+1JTP6YpzP77O2fTjr9ktqMwrR1dSX9kfT97nGrHoqQli7K+/yCj3b/831/93PET/7grioaPKL6hrf6LV038j/NGPzK++7ebJ9tfmLH91ZpJu/K+rzRdP+xPaezSreMnrb/0sk3pb5RsTZjPKFTX52g+I3n6F5ucn1ibUT7bzykUp904ODU9PwEAQJ3w/n+4ng3vH34luYAK5c3n6e29f5yZpw83l6env5csL09P1w/722yeXm4zT09vPy9Pb1S/UZ6elXdnxf9YRv3Zan6ctPc5j8xxcmFz4yT9fQZ54yRdf7bjJG5znKS3nzdOGtVvNE6yjntW/I9m1M/S/Hho73M5mePh1ubGw5tT63njIV1/tuOh0OZ4SG8/bzw0qt9oPGQd36z452TUb1b9+JgcGFPjYvSCyy/d8tmaenP9/Rftty8+/qKMGM2cz/K+/6NVzbd/bj/3Nfftn9vPlXW8/amp1HY/V5bZ/ifbmwlrvv/n9vtdWrXf5muTD5vlff4sbx53TUb5bOdx5027cXAyjwsHTsj/w9s9If+/KVl2+m2glvO+yRehg+J70g697zGL9uvn7+f2Osbr+QwbOwh4PQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoTndpydRy9/Vb955z1Ad++cXRl6/58E83Xvumq37wp6GL3/eLu3u//8qudceu/937D7v4gc+cufO2bz/8Uv+9/3w2N/DA1M/SiclqOYri5+MoKv9sz9e/tOvxIyfL4iiKivHA9ihaFC9+eFGcijD89yiK1lXbWX/nPS+fsn5yee1N3XXlC1NB0vsV9RVDe2rbGUVXhIKu3F3j0FFOxtm2vZefFP3+vWuu+/XSH/+oa8dz2/dVics14ymKFlxY+/jJ0dCT/J8URtuS8OBkuTqKot6ax52R067jmmz/ioz1o5PlvGTZlxMn3L8stV5I1UuvB12pZW/O9tqV1Y5W6+WZn1pPn4zaldXOUL4oWd6XLE+cZfxi+B9HhTgqVZs/Fu8bI1HNcYujeOpYlqvrhbozX5w6E8ZRFKfWC6n1Yldqv6a2mwy0YhzXl4d6qfJwOi4l5cfWnqsbODej/PXJspw8UV8J61H6RkXftBvV/ZoS2rVnhrbsD4Wac1Cj8uqBTw5GX1LWFy+e9piJBsJ9u9bcvLy49pHdAxntiO+Ok/hxS/G3/WrR/E/98MbLlmTFv7CQxC+0FP8PZz3xwvk3fu9bmfFvDfGLLcU/+cHe58969Pplmf2zJ/RPqaX4I88+dsvSwy/akdn+20P8ckvxV+18ort/74MPZbZ/OPRPT0vxn3nnB/9411P3P5cZPwrxe1uKv3bn5i93D+49ITP+Q6F/+lobPy/uOP3pwcE/D2XFfzLE728p/p3bb3vHHQtvOjPz+K4O/TPQUvyzj3/guvl77z8m69wZ396pV06A16bDkmusG5L1VvPMdtXkC98cKlWu+eYn//s7uaGUye0smMP4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8Ov3m6lM/ed57PrqmFEdRnFFnooFwX3HeqlVDLWx35NnHbll6+EU7asuWtBAHAAAAyBfy8EK1pBwtiS6Pe6KjG9YPcwRHh7W4vjw9hxDipOcIWo1T6FCcYofilDoUp6tDceZ1KE53h+KUc+KUo+bi9MwQpzQ5KppsT++M7Wk+Tl+H4szvUJz+DsVZ0KE4CzsUZ2DGOM2Pw0UdirO4Q3EO61CcwzsU54gOxXldh+Ic2aE46TnleKK7Jk7+OOxPah6V1Z6pG8XcOKW4WL2j0Xz6kcl2jmlzO3052+nPez1ucjs9TW7nuNTjCrPcTrnJ7byxze3ETW7nzW1up5CznTBur0i3L2wnrDU5/q/sUJxtHYpzVYfiXN2hOJ/vUJwvdCjONW3GAWhWyP/35XsDUXfpXVFvcsZJzwKEfHfp1M/pr3dZJ6QQ7w2p8nl58dKJeire0tm2Lz2BkIq3LFXeVRevVM1HZohXro23PHVn7v6mJxRS7TsxVd6dFy89sQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAc+g3V5/6yfPe89E1URxN/mtoooFwX3HeqlVDLWx315qblxfXPrK7tqy71EIgAAAAIFfIw7uqJeWou7Qy6o7n1dUrJ/MA5WS9OFBZDi6IVk8u46HC1HpvvGjGx5WSx60Y37h5xdYrt711w8aRS0YvGd309pWnrjx9+LTTT1uxfsPY6HDlZxR1N4g3L1kmpqYftl657bMjY2OjW7ZWCtPtX5K0Y0nUU/e4wbdFw5PLa5P2L85pf2Ha9ubuRu7BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/oNd+wt186zjAP68SU6Sna0usn9ZWU9D/4yqw7X1TDodywuCha0tPQwkmR5HcS0OT9eytaPOuBXcZosibBRKpRdW6nBzeLM/boj7Q6EyqwXPscg2dBd6oWw66UYvpCPSc/LmJDlJc4yj3ernc5E3eZ7f8/zeJxcHvu8JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwjk3WRscr5bHqcBRC1KOm3kUyl87GcWmAvl95YfsPciOnVrSO5TIDbAQAAAD0leTwoeZIPuQy6ZAOV09/WhJaJsJs7gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7/TNZGxyvlserFUQhRj5p6F8lcOhvHpQH6vvnuU599bWTkb61jxQH2AQAAAPpLcniqOZIPxbA0DEVXt9UlzwYWdqzvrEv2WTTPus5nB73qls6z7tp51n2iT92GxnVXAAAAgI++JP9nmiOFkMss6Jb/14Z55PrkOcHijrp04zrIbwUAAACA/02S/3PNkWLIZYrNvD7fvL+koy5Z3+//9sn65T3W9/t//vrG1f/pAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCjY7I2Ol4pj1XTUQhRj5p6F8lcOhvHpQH6rn5x+B+3Hnl4SetYLjPARgAAAEBfSQ6fjd75kMsMh6Fw8XTuH1l78JkvPfPcaAhhJuZns2HXph077lk985rUrTp2ZOj7R9/+9py6VTOv5+2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB2ayNjpeKY9VL4pCiHrU1LtI5tLZOC4N0PeNz3/xL0+ceP6t1rHiAPsAAAAA/SU5fDb750MxZEM2XDn9qTXrn5HqWN/rmQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw4bj3m/d/Y9PExOZ7vPHGG2+ab873XyYAAOCDtjhEof5fumrj+b5rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgw2CyNjpeKY9V81EIUY+aehfJXDobx6UB+sYvHM8tOPXiy61jxQH2AQAAAPpLcvhs9s+HYhgKQ+GK6U/dnglM5//CObxJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4ENlsjY6XimPVRdEIUQ9aupdJHPpbByXBuj7+O4Dnzt86fduaR3LZQbYCAAAAOgryeHZ5kg+5DKfDLlwTePzRPuCKN24dn8uMLtue9uy4Xmvq7WtS8973Z6Ok2Uap5lZl0/2K8xcm+tKc9eVWtYVQ7N9qW1d2Ne2akGf+wwAAABwHiX5P9ccKYRcJteSc3/aVl+QcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHiZro+OV8lg1ikKIetTUu0jm0tk4Lg3Q9/7ffvySr/5s787WseIA+wAAAAD9JTl8NvvnQzEsCh8Li6Zzfyi01yd1/6ycPvzYv/66IoSVV06NZDq3/VHy5tdv3PxS50sIqfbqVAiXNvpFPfr95veP3besfvqJEFZekb5mTr9w9n7tW8b1Zyub1+84OrW9z5cDAAAAF4gk/w81Rwohl7m7Z/5Pknef/N80HcAvvW/3Ly5vvDYSeceKVKHRL9Wj3xeWPfXn5Wv+/vaZ/H+2ftcf2Hr48raGMyMdorhe3rpzw9QNh1LJqWf6pzv6J9/Ll7/11r+37Hr09Ez/fMg3xhdmuvWf+9rhorg+kdpfXff+/lp7/0yP8z/8u5dP/Grh3vfO9H938XCz/7VnOf/Z+w/f9si+Gw8c2dDeP4RQ6tb/nfduCVf98a6HOs8/3LFx6zff+tohiuvHlpw8tOZg8ab2/lFH/+T7//mJx/f95NHvPpf0T34rsmLpfPunOvq/uuey3a88uHFhe/9Uj/O/dPtrI9tK3/lD5/nvbNs10/Mu5p7/yeuevuP1TfEDnVMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXlsna6HilPFZNRSFEPWrqXSRz6Wwclwbo++atx9+5fe+Pf9g6VhxgHwAAAKC/JIfPZv98KIZsyIbh6dz/bGXz+h1Hp7aHwsxs1LhmJrbdu+NTW7btvPvO9g2vT53L2wcAAADmIcn/meZIIeQyy8JQI/+Xt+7cMHXDoVSS/1NJ/t9y18TmlaFZ9+qey3a/8uDGhc3nBCFM/ywgf6buM7N1a28+Xjj5p68v71q3erbu2JKTh9YcLN6U1IXWulWh+XziyeuevuP1TfEDzftrrfv017ZNNB5PJPsO3/bIvhsPHNnQPEfjOtzYN6mbSO2vrnt/fy2pSzeu+ca5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC5Jmuj45XyWDWkQ4h61NS7SObS2TguDdB33bJfPnTJqecXtY7lMgNsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyHHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzXX4hUVRwH8HNmdttxZ1d3NciK1tWKwh6Sgoh6qagIjRB6MiQszYcoCCIKe2gNjcSKXoKsF4kKqi2Egtwk0WKN/kkvPVRQYD0EIi2Ug/RQsTPnjrPXuU3etaD6fOBy9px77/f+7r1nzuwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL/KQN/SZnto+4ON28676ZPH7zn+2C3v3b/1kkdf/2F84w0f7xl85cT0puWbv75xycZ9966e2vXiwV+G3/ntSM/gR1rNytSthRCPxRBq788898T0p+fMjsUQQjWOTIQwGhcfHI25hFW/hhA2teucu/Pt41dunm237hyYM74oF5K/r1CvZvW0jMytl/+WWppnWxoPXxa+vX7dts+XvfVm/+TRiZOHxFrHfAph4YbO8/tDCAvSNiubbUuzk1O7NoQw2HHe1T3quvAv1n95Qf/81J6V2nqPnGz/ily/kjsu38/059rBHtebr6I6yh7Xy1Cun1+M5quozmx8NLXvpnblaeZXsy2GSgx97fLviyfnSAihvYrGEJvvstbuV9rvNqT7z/Vjrl/J9av9uftqXjdNtGqMc8ez43Lj2XLcl8aXd67VXdxeMH5uamvpg3oi64f8Hy31U/5o31dTVtfMn9TyT6h0rEHdxtsvPr2Mehqrx+op5/zeRbZvet1TF1fXf3BopKCOuCem/JjyF59W/pbPRofufGPHQ0uL8jdUUn6lVP53aw7/dMeOl14ozH82y6+Wyr9i/+CxNR9uX1H4fGay59NXKv+uIx89vezsuye7vetm/u4sv1Yq/7qpwwPDjf0HCutflT2fBaXyv7n25u9f+3Lv0cL8kOUPlspfP/XAMwNjjUsL8w+0Pgr15gwtMX9+nrzqq7GxH8eL8r/Inv9wl/zYM//ViV3XvLxo5+rC+bk2ez4jpeq/9aJ924Yaey8oWjvj7jP1zQnw/7Qk/Y/1ZOqX/Z05Xx2/F54f72t9Aw2lbfhMXihn9joL/8Z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4A924IAEAAAAQND/1+0IFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAngoAAP//V8UipA==")
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000600), &(0x7f0000000200)='./file0\x00', 0x1a00010, &(0x7f00000001c0)=ANY=[@ANYRESDEC=r4, @ANYRESHEX=0xee01, @ANYRESOCT=0x0], 0x1, 0x635, &(0x7f0000000c80)="$eJzs3c1rHOcdB/DvrFZryQVHSezELYGKGNJSUVsvKK16iVtK0SGUkB56FrYcC6+VIClFCaWo79BTD/kD0oNuPRV6N6Tn9parjoFCLznppjKzs9LaWil6s1ZqPx/z7PM888w888xvZ2Zndi0mwP+t+Yk0n6TI/MTb62V9a3OmvbU5c6Vubicpy42k2clSLCfFZ8nddFK+Xk6s5y8OWs8nS3Pvfv7l1hedWrNO1fyNw5Y7mo06ZTzJUJ0/o/Wn4/Q33CmU/dzr398xFLtbWAbsVjdwMGg7+2wcZ/FTHrfARVB0Pjf3GUuuJhmprwNSnx0a5zu6s3essxwAAABcUi9sZzvruTbocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBlUj//v6hTo1seT9F9/n+rnpa6fKk9GfQAAAAAAAAAAOAMfHM721nPtW59p6h+83+9qlyvXr+WD7OaxazkdtazkLWsZSVTScZ6OmqtL6ytrUwdYcnpvktOn8/2AgAAAAAAAMD/qN9kfu/3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGKShOi86xaJO17vlsTSaSUaStMr5NpJ/dcuXRNFv4pPzHwcAAACcysgJlnlhO9tZz7Vufaeo7vlfqe6XR/JhlrOWpaylncXcr++hy7v+xtbmTHtrc+Zxmfb3+8P/HGsYVY+7X0P0W/PNao7RPMhSNeV27lWDuZ9GtWTpZnc8/cf163JMxVu1I47sfp2XK/vzQd8iDMRYFZHh3YhM1mMro/Hi4ZH4yneneeiaptLY/ebn+nOI+dU6L7fnDxcz5o1UkZju2fteOTwSybf+/tefP2wvP3r4YHXi4mzSCT27T8z0ROLVSx2J5jHnn6wicWO3Pp+f5GeZyHjeyUqW8ossZC2L2anbF+r9uXwdOzxSd5+qvfNVI2nV70vnLHqUMY3nx1VpIa9Xy17LUoq8n/tZzJvVv+lM5XuZzWzmet7hGweOu9q26qhvHO+ov/XtujCa5I91Pmidj9Qyri/2xLX3nDtWtfVO2YvSS2d/bmx+oy6U6/htnV8Mz0ZiqicSLx8eib9Ux8Zqe/nRysOFDw7of+OZ+ht1Xu5xv79QnxLl/vJSRuozydN7R9n28u5Z5ul4tepfXDptjX1tN6q2ougeqT898Eht1ddw+3uartpe7ds2U7Xd7Gl76nor76e9ez0EwAV29TtXW6P/Hv3n6Kejvxt9OPr2yI+ufP/Ka60M/2P4B83JoTcarxV/y6f51d79PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcHKrH338aKHdXlzpX2gc3HS2haJ+kM95rEth0IXuQwRP3eHdC7E5l7owlKRfU/0WneThosClcGft8Qd3Vj/6+LtLjxfeW3xvcXl4dnZucm72zZk7D5bai5Od10GPEnge9j70+7cXF+oBmwAAAAAAAAAAAECO9vc2O/X//zvxXxoMehsBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAy21+Is0nKTI1eXuyrG9tzrTL1C3vzdlM0mgkxS+T4rPkbjopYz3dFW8dsJ5Plube/fzLrS/2+mpW85ed1vkpbNQp40mG6vys+rt36v6K3S0sA3arGzgYtP8GAAD//+IHAOM=")
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x400, &(0x7f0000000040), 0x3, 0x4a6, &(0x7f0000000a40)="$eJzs3c9rXNUeAPDvzDRpkua9/niPR9sHr4U+6HtKM/mBNFEXulIXBbHgRqHGZBprJpmQmdQmdJHqrgsXoiiIC/f+BW7syiKIa92LC6lojaCCMHLvzKT5NXXQNAO5nw/czrn33M73nAzfw51z750bQGadTv7JRQxGxBcRcbixunmH042XtbvXp5IlF/X6xe9z6X7JemvX1v87FBGrEdEXEc89FfFybnvc6vLK7GS5XFpsrhdrcwvF6vLKuStzkzOlmdL8yPj5iYnx4bHRiV3r6803X7154eNnej/6+Y07t9/69JOkWYPNuo392E2NrvfE0Q3bDkTE4w8iWBcUmv3p73ZD+FOSz+8fEXEmzf/DUUg/TSAL6vV6/bf6wXbVq3Vg38qnx8C5/FBENMr5/NBQ4xj+nzGQL1eqtYcvV5bmpxvHykeiJ3/5Srk03PyucCR6csn6SFq+tz66ZX0sIj0GfrvQn64PTVXK03s71AFbHNqS/z8VGvkPZISv/JBd8h+yS/5Ddsl/yC75D9kl/yG75D9kl/yH7JL/kF3yH7JL/kMmPXvhQrLUW/e/T19dXpqtXD03XarODs0tTQ1NVRYXhmYqlZn0np25P3q/cqWyMPJILF0r1krVWrG6vHJprrI0X7uU3td/qdSzJ70COnH01K2vchGx+mh/uiR6m3VyFfa3ej0X3b4HGeiOQrcHIKBrTP1BdvmOD+zwE72b9LWrWNj9tgB7I9/tBgBdc/aE83+QVeb/IbvM/0N2OcYHzP9D9pj/h+wabPP8r79teHbXcET8PSK+LPQcbD3rC9gP8t/mmsf/Zw//d3BrbW/ul/QUQW9EvPb+xXevTdZqiyPJ9h/Wt9fea24f7Ub7gU618rSVxwBAdq3dvT7VWvYy7ndPNi5C2B7/QHNusi89Rzmwltt0rUJul65dWL0REcd3ip9rPu+8ceZjYK2wLf6x5muu8RZpew+kz03fm/gnNsT/z4b4J//yXwWy4VYy/gzvlH/5NKdjPf82jz+Du3TtRPvxL78+/hXajH+nOozxygevf9M2/o2IkzvGb8XrS2NtjZ+07WyH8e+8+Py/2tXVP2y8z07xW5JSsTa3UKwur5xLf0dupjQ/Mn5+YmJ8eGx0opjOURdbM9XbPXb889v36/9Am/jt+v9Es03/77D/v/77sxdO3yf+/87s/PkfaxM/0R8RD3UY/8fRr19qV5fEn27T//x94ifbxjqMX33n6YMd7goA7IHq8srsZLlcWlRQUFBYL3R7ZAIetHtJ3+2WAAAAAAAAAAAAAJ3ai8uJu91HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID94PcAAAD//5j81ps=")
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)

kernel console output (not intermixed with test programs):

09250][ T6406] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   87.214535][ T6406] batman_adv: batadv0: Adding interface: batadv_slave_1
[   87.217645][ T6406] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   87.227168][ T6406] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   87.272978][ T6406] hsr_slave_0: entered promiscuous mode
[   87.275353][ T6406] hsr_slave_1: entered promiscuous mode
[   87.327733][   T12] IPVS: stop unused estimator thread 0...
[   87.468714][ T6406] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   87.478425][ T6406] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   87.490895][ T6406] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   87.498867][ T6406] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   87.532072][ T6406] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.534271][ T6406] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.586819][ T6406] 8021q: adding VLAN 0 to HW filter on device bond0
[   87.599875][  T187] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.614300][ T6406] 8021q: adding VLAN 0 to HW filter on device team0
[   87.652010][  T187] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.654750][  T187] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.658729][  T187] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.661603][  T187] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.677656][ T5241] Bluetooth: hci0: command tx timeout
[   88.034479][ T6406] 8021q: adding VLAN 0 to HW filter on device batadv0
[   88.037592][ T6450] netlink: 16 bytes leftover after parsing attributes in process `syz.0.205'.
[   88.139207][ T6406] veth0_vlan: entered promiscuous mode
[   88.151411][ T6406] veth1_vlan: entered promiscuous mode
[   88.170951][ T6454] netlink: 'syz.0.206': attribute type 10 has an invalid length.
[   88.174020][ T6454] netlink: 40 bytes leftover after parsing attributes in process `syz.0.206'.
[   88.206904][ T6406] veth0_macvtap: entered promiscuous mode
[   88.211653][ T6454] dummy0: entered promiscuous mode
[   88.215807][ T6454] bridge0: port 3(dummy0) entered blocking state
[   88.236172][ T6454] bridge0: port 3(dummy0) entered disabled state
[   88.238810][ T6454] dummy0: entered allmulticast mode
[   88.244072][ T6454] bridge0: port 3(dummy0) entered blocking state
[   88.246809][ T6454] bridge0: port 3(dummy0) entered forwarding state
[   88.282361][ T6406] veth1_macvtap: entered promiscuous mode
[   88.325219][ T6406] batman_adv: batadv0: Interface activated: batadv_slave_0
[   88.354422][ T6406] batman_adv: batadv0: Interface activated: batadv_slave_1
[   88.378617][ T5865] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   88.400382][ T5865] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   88.409648][ T5865] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   88.412978][ T5865] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   88.440522][ T6443] loop2: detected capacity change from 0 to 32768
[   88.573139][ T1203] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.588857][ T1203] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   88.655362][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   88.660180][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.109590][ T5241] Bluetooth: hci0: command tx timeout
[   90.138964][ T6492] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[   90.499119][ T6506] netlink: 316 bytes leftover after parsing attributes in process `syz.3.220'.
[   90.617785][ T6513] netlink: 'syz.0.223': attribute type 153 has an invalid length.
[   90.703596][ T6511] loop3: detected capacity change from 0 to 32768
[   90.784805][ T6511] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   90.945108][ T6511] XFS (loop3): Ending clean mount
[   91.023770][ T6406] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   91.678074][ T6537] loop3: detected capacity change from 0 to 512
[   91.683123][ T6537] EXT4-fs: Ignoring removed bh option
[   91.712959][ T6537] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   91.782992][ T6537] EXT4-fs (loop3): 1 truncate cleaned up
[   91.854770][ T6537] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.167200][ T5241] Bluetooth: hci0: command tx timeout
[   92.201324][ T6406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.348887][ T6543] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   93.238222][ T6567] loop2: detected capacity change from 0 to 256
[   94.256051][ T5241] Bluetooth: hci0: command tx timeout
[   94.763937][ T6584] capability: warning: `syz.3.248' uses deprecated v2 capabilities in a way that may be insecure
[   94.876050][    T9] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   95.005665][ T6594] loop3: detected capacity change from 0 to 1764
[   95.027604][ T6594] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   95.039715][    T9] usb 3-1: Using ep0 maxpacket: 8
[   95.045211][    T9] usb 3-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[   95.049399][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.056293][    T9] usb 3-1: config 0 descriptor??
[   95.071458][    T9] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[   95.078017][    T9] input: xirlink-cit as /devices/platform/dummy_hcd.2/usb3/3-1/input/input5
[   95.273916][   T10] usb 3-1: USB disconnect, device number 4
[   95.845200][ T6610] loop0: detected capacity change from 0 to 256
[   95.853239][ T6610] exfat: Deprecated parameter 'namecase'
[   95.867952][ T6610] exfat: Deprecated parameter 'utf8'
[   95.881257][ T6610] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x22785e93, utbl_chksum : 0xe619d30d)
[   96.217772][   T10] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   96.366673][   T10] usb 1-1: Using ep0 maxpacket: 32
[   96.383995][   T10] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[   96.392814][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.405479][   T10] usb 1-1: config 0 descriptor??
[   96.658436][   T10] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[   96.680591][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   96.697183][   T10] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[   96.699560][   T10] usb 1-1: media controller created
[   96.795540][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   96.877774][   T10] az6027: usb out operation failed. (-71)
[   96.884783][   T10] az6027: usb out operation failed. (-71)
[   96.888651][   T10] stb0899_attach: Driver disabled by Kconfig
[   96.893915][   T10] az6027: no front-end attached
[   96.893915][   T10] 
[   96.899814][   T10] az6027: usb out operation failed. (-71)
[   96.902457][   T10] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[   96.912749][   T10] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input6
[   96.927522][   T10] dvb-usb: schedule remote query interval to 400 msecs.
[   96.933042][   T10] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[   96.949495][   T10] usb 1-1: USB disconnect, device number 4
[   97.108873][   T10] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[   97.689622][ T6633] loop2: detected capacity change from 0 to 32768
[   97.718000][ T6633] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   97.734972][ T6633] XFS (loop2): Ending clean mount
[   97.748765][ T6633] XFS (loop2): Quotacheck needed: Please wait.
[   97.778988][ T6633] XFS (loop2): Quotacheck: Done.
[   97.819614][ T5852] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   98.672539][ T6691] loop3: detected capacity change from 0 to 1764
[   98.693221][ T6691] iso9660: Corrupted directory entry in block 2 of inode 1920
[   99.714514][ T6713] loop2: detected capacity change from 0 to 4096
[  100.222585][ T6726] netlink: 4 bytes leftover after parsing attributes in process `syz.2.291'.
[  100.684475][ T6718] loop0: detected capacity change from 0 to 32768
[  100.759675][ T6718] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  100.944916][   T33] audit: type=1800 audit(1758278007.683:4): pid=6718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.288" name="bus" dev="loop0" ino=17058 res=0 errno=0
[  101.099365][ T5857] ocfs2: Unmounting device (7,0) on (node local)
[  101.766871][ T6720] loop3: detected capacity change from 0 to 262144
[  101.773060][ T6720] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.289 (6720)
[  101.796238][ T6720] BTRFS info (device loop3): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  101.800425][ T6720] BTRFS info (device loop3): using xxhash64 (xxhash64-generic) checksum algorithm
[  101.901660][   T32] BTRFS warning (device loop3): checksum verify failed on logical 30654464 mirror 1 wanted 0x6191332ca3bfabbd found 0x8b2fa3fcc24d5127 level 0
[  101.919265][ T6720] BTRFS info (device loop3): read error corrected: ino 0 off 30654464 (dev /dev/loop3 sector 76256)
[  101.923611][ T6720] BTRFS info (device loop3): read error corrected: ino 0 off 30658560 (dev /dev/loop3 sector 76264)
[  101.927766][ T6720] BTRFS info (device loop3): read error corrected: ino 0 off 30662656 (dev /dev/loop3 sector 76272)
[  101.932734][ T6720] BTRFS info (device loop3): read error corrected: ino 0 off 30666752 (dev /dev/loop3 sector 76280)
[  101.955332][ T6720] BTRFS info (device loop3): enabling ssd optimizations
[  101.958554][ T6720] BTRFS info (device loop3): enabling free space tree
[  102.029545][ T6406] BTRFS info (device loop3): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  102.041429][ T6776] loop0: detected capacity change from 0 to 128
[  102.215570][ T6781] loop0: detected capacity change from 0 to 1024
[  102.527905][ T6791] loop3: detected capacity change from 0 to 1764
[  102.575848][ T6791] iso9660: Corrupted directory entry in block 2 of inode 1920
[  102.755111][ T6804] loop2: detected capacity change from 0 to 1024
[  102.864663][ T6806] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[  102.873823][ T5865] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  102.880683][ T5865] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  102.894478][ T5865] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  102.905640][ T5865] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  103.065139][ T6809] netlink: 4 bytes leftover after parsing attributes in process `syz.3.315'.
[  103.080076][ T6809] veth0_macvtap: left promiscuous mode
[  103.810526][ T6817] netlink: 4 bytes leftover after parsing attributes in process `syz.3.319'.
[  104.844166][ T6840] loop3: detected capacity change from 0 to 512
[  104.864714][ T6840] EXT4-fs: Ignoring removed mblk_io_submit option
[  104.902679][ T6840] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  104.957790][ T6840] EXT4-fs (loop3): 1 truncate cleaned up
[  104.962246][ T6840] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.000759][ T6840] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  105.014153][ T6840] EXT4-fs error (device loop3): ext4_lookup:1787: inode #14: comm syz.3.326: invalid fast symlink length 39
[  105.019127][ T6840] EXT4-fs (loop3): Remounting filesystem read-only
[  105.300042][ T6855] loop0: detected capacity change from 0 to 2048
[  105.364201][ T6855] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.427587][ T5857] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.471762][ T6406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.537286][ T6863] loop0: detected capacity change from 0 to 2048
[  105.572880][   T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  105.583874][ T6863] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.589274][   T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.668181][ T6867] EXT4-fs (loop0): shut down requested (0)
[  105.721550][   T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  105.724805][   T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.805711][   T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  105.815951][   T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.874408][   T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  105.879253][   T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.993014][   T55] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  106.000813][   T55] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  106.005182][   T55] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  106.011359][   T55] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  106.014905][   T55] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  106.018727][ T6881] Zero length message leads to an empty skb
[  106.105096][   T13] bridge_slave_1: left allmulticast mode
[  106.112986][   T13] bridge_slave_1: left promiscuous mode
[  106.116785][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  106.140159][   T13] bridge_slave_0: left allmulticast mode
[  106.142497][   T13] bridge_slave_0: left promiscuous mode
[  106.144928][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  106.291874][ T6893] netlink: 32 bytes leftover after parsing attributes in process `syz.2.347'.
[  106.356327][ T5857] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.425581][   T13] bond0 (unregistering): (slave vxlan0): Releasing backup interface
[  106.530143][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  106.534772][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  106.539696][   T13] bond0 (unregistering): Released all slaves
[  106.561110][ T6893] team0: Port device team_slave_1 removed
[  106.820427][ T6879] chnl_net:caif_netlink_parms(): no params data found
[  106.979969][   T13] hsr_slave_0: left promiscuous mode
[  106.982973][   T13] hsr_slave_1: left promiscuous mode
[  106.985854][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  106.989887][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  106.993642][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  106.996778][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  107.015208][   T13] veth1_macvtap: left promiscuous mode
[  107.019033][   T13] veth1_vlan: left promiscuous mode
[  107.021310][   T13] veth0_vlan: left promiscuous mode
[  107.450301][   T13] team0 (unregistering): Port device team_slave_1 removed
[  107.482627][   T13] team0 (unregistering): Port device team_slave_0 removed
[  108.068388][ T6879] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.071302][ T6879] bridge0: port 1(bridge_slave_0) entered disabled state
[  108.074237][ T6879] bridge_slave_0: entered allmulticast mode
[  108.076954][   T55] Bluetooth: hci0: command tx timeout
[  108.093215][ T6879] bridge_slave_0: entered promiscuous mode
[  108.107890][ T6879] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.112940][ T6879] bridge0: port 2(bridge_slave_1) entered disabled state
[  108.122752][ T6879] bridge_slave_1: entered allmulticast mode
[  108.128722][ T6879] bridge_slave_1: entered promiscuous mode
[  108.241106][ T6879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  108.254999][ T6879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  108.368311][ T6879] team0: Port device team_slave_0 added
[  108.391353][ T6879] team0: Port device team_slave_1 added
[  108.511470][ T6879] batman_adv: batadv0: Adding interface: batadv_slave_0
[  108.514208][ T6879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.567775][ T6879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  108.574535][ T6879] batman_adv: batadv0: Adding interface: batadv_slave_1
[  108.588631][ T6879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.625594][ T6879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  108.701921][ T6879] hsr_slave_0: entered promiscuous mode
[  108.715477][ T6879] hsr_slave_1: entered promiscuous mode
[  109.161356][ T6945] loop2: detected capacity change from 0 to 32768
[  109.163361][ T6879] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  109.210959][ T6879] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  109.222223][ T6945] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  109.239473][ T6945] (syz.2.361,6945,0):ocfs2_read_blocks_sync:112 ERROR: status = -12
[  109.243733][ T5865] (kworker/u8:2,5865,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2
[  109.244420][ T6945] (syz.2.361,6945,0):ocfs2_group_add:503 ERROR: Can't read the group descriptor # 33554432 from the device.
[  109.267112][ T6879] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  109.302566][ T5852] ocfs2: Unmounting device (7,2) on (node local)
[  109.320010][ T6879] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  109.579848][ T6879] 8021q: adding VLAN 0 to HW filter on device bond0
[  109.630817][ T6879] 8021q: adding VLAN 0 to HW filter on device team0
[  109.644742][ T1203] bridge0: port 1(bridge_slave_0) entered blocking state
[  109.647742][ T1203] bridge0: port 1(bridge_slave_0) entered forwarding state
[  109.674384][  T187] bridge0: port 2(bridge_slave_1) entered blocking state
[  109.677337][  T187] bridge0: port 2(bridge_slave_1) entered forwarding state
[  109.921065][ T7003] netlink: 104 bytes leftover after parsing attributes in process `syz.0.375'.
[  110.156198][   T55] Bluetooth: hci0: command tx timeout
[  110.339785][ T7009] netlink: 104 bytes leftover after parsing attributes in process `syz.0.377'.
[  110.398476][ T6879] 8021q: adding VLAN 0 to HW filter on device batadv0
[  111.314077][ T6879] veth0_vlan: entered promiscuous mode
[  111.380173][ T6879] veth1_vlan: entered promiscuous mode
[  111.580384][ T6879] veth0_macvtap: entered promiscuous mode
[  111.590672][ T6879] veth1_macvtap: entered promiscuous mode
[  111.641758][ T6879] batman_adv: batadv0: Interface activated: batadv_slave_0
[  111.661210][ T7032] openvswitch: netlink: IP tunnel dst address not specified
[  111.664502][ T6879] batman_adv: batadv0: Interface activated: batadv_slave_1
[  111.709056][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.730294][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.743162][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.758600][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  112.076735][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.087139][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.140304][ T4271] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  112.144039][ T4271] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  112.246333][   T55] Bluetooth: hci0: command tx timeout
[  112.948865][ T7048] Driver unsupported XDP return value 0 on prog  (id 46) dev N/A, expect packet loss!
[  113.121783][ T7054] netlink: 'syz.0.392': attribute type 1 has an invalid length.
[  113.272586][ T7065] netlink: 'syz.0.397': attribute type 10 has an invalid length.
[  113.279055][ T7065] bridge0: port 3(dummy0) entered disabled state
[  113.281642][ T7065] bridge0: port 2(bridge_slave_1) entered disabled state
[  113.285288][ T7065] bridge0: port 1(bridge_slave_0) entered disabled state
[  113.294011][ T7065] bridge0: port 3(dummy0) entered blocking state
[  113.296830][ T7065] bridge0: port 3(dummy0) entered forwarding state
[  113.301156][ T7065] bridge0: port 2(bridge_slave_1) entered blocking state
[  113.304009][ T7065] bridge0: port 2(bridge_slave_1) entered forwarding state
[  113.307096][ T7065] bridge0: port 1(bridge_slave_0) entered blocking state
[  113.309837][ T7065] bridge0: port 1(bridge_slave_0) entered forwarding state
[  113.322403][ T7065] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  113.686696][   T47] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  113.839173][   T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  113.842759][   T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  113.847653][   T47] usb 3-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  113.850970][   T47] usb 3-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  113.854587][   T47] usb 3-1: Manufacturer: syz
[  113.860188][   T47] usb 3-1: config 0 descriptor??
[  114.316150][   T55] Bluetooth: hci0: command tx timeout
[  114.508259][   T47] cougar 0003:060B:700A.0001: unknown main item tag 0x0
[  114.511172][   T47] cougar 0003:060B:700A.0001: unknown main item tag 0x0
[  114.513911][   T47] cougar 0003:060B:700A.0001: unknown main item tag 0x0
[  114.517082][   T47] cougar 0003:060B:700A.0001: unknown main item tag 0x0
[  114.519730][   T47] cougar 0003:060B:700A.0001: unknown main item tag 0x0
[  114.539134][   T47] cougar 0003:060B:700A.0001: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  114.624494][ T5916] usb 3-1: USB disconnect, device number 5
[  115.720206][ T7109] netlink: 320 bytes leftover after parsing attributes in process `syz.2.412'.
[  115.794115][ T7113] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  115.860575][ T7115] loop2: detected capacity change from 0 to 16
[  115.867360][ T7115] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  115.945989][   T47] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  116.065144][ T7119] syz.2.417 uses obsolete (PF_INET,SOCK_PACKET)
[  116.136083][   T47] usb 1-1: Using ep0 maxpacket: 16
[  116.142168][   T47] usb 1-1: New USB device found, idVendor=5fc9, idProduct=0063, bcdDevice=93.52
[  116.145676][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.150095][   T47] usb 1-1: Product: syz
[  116.151790][   T47] usb 1-1: Manufacturer: syz
[  116.153645][   T47] usb 1-1: SerialNumber: syz
[  116.158569][   T47] usb 1-1: config 0 descriptor??
[  116.180115][ T7123] loop4: detected capacity change from 0 to 1024
[  116.226975][ T7123] hfsplus: detected inconsistent attributes file, running fsck.hfsplus is recommended.
[  116.382448][ T5903] usb 1-1: USB disconnect, device number 5
[  116.464951][ T7133] loop4: detected capacity change from 0 to 4096
[  116.666839][ T7131] loop2: detected capacity change from 0 to 40427
[  116.672414][ T7131] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  116.675349][ T7131] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  116.682797][ T7131] F2FS-fs (loop2): invalid crc value
[  116.731256][ T7133] ntfs3(loop4): failed to convert "0080" to koi8-ru
[  116.740278][ T7133] ntfs3(loop4): failed to convert name for inode 1e.
[  116.742370][ T7131] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  116.743798][ T7133] ntfs3(loop4): ino=1f, mi_enum_attr
[  116.749748][ T7133] ntfs3(loop4): failed to convert "255d" to koi8-ru
[  116.750619][ T7131] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  116.755011][ T7131] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  117.543858][ T7150] netlink: 4 bytes leftover after parsing attributes in process `syz.4.429'.
[  118.585195][ T7185] trusted_key: encrypted_key: insufficient parameters specified
[  118.784383][ T7183] loop2: detected capacity change from 0 to 32768
[  118.838943][ T7183] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  118.902149][ T5852] ocfs2: Unmounting device (7,2) on (node local)
[  118.907881][ T7180] loop0: detected capacity change from 0 to 32768
[  118.936689][ T7180] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.440 (7180)
[  119.014265][ T7180] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  119.037856][ T7180] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  120.018793][ T7180] BTRFS info (device loop0): enabling ssd optimizations
[  120.031901][ T7180] BTRFS info (device loop0): enabling free space tree
[  120.326308][ T5857] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  121.292989][ T7261] netlink: 4 bytes leftover after parsing attributes in process `syz.0.459'.
[  121.816255][ T7272] syz.2.465 uses old SIOCAX25GETINFO
[  121.899519][ T7266] loop0: detected capacity change from 0 to 32768
[  121.938339][ T7266] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  121.943087][ T7266] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  121.995210][ T7266] XFS (loop0): Ending clean mount
[  122.009914][ T7266] XFS (loop0): Quotacheck needed: Please wait.
[  122.050012][ T7266] XFS (loop0): Quotacheck: Done.
[  122.157113][ T5917] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  122.191695][ T5857] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  122.339027][ T5917] usb 3-1: config 201 has an invalid interface number: 249 but max is 0
[  122.342498][ T5917] usb 3-1: config 201 has an invalid descriptor of length 0, skipping remainder of the config
[  122.356250][ T5917] usb 3-1: config 201 has no interface number 0
[  122.361723][ T5917] usb 3-1: config 201 interface 249 altsetting 4 has an endpoint descriptor with address 0xF1, changing to 0x81
[  122.369431][ T5917] usb 3-1: config 201 interface 249 altsetting 4 endpoint 0x3 has an invalid bInterval 0, changing to 10
[  122.372723][ T5917] usb 3-1: config 201 interface 249 altsetting 4 endpoint 0x3 has invalid maxpacket 255, setting to 64
[  122.387723][ T5917] usb 3-1: config 201 interface 249 altsetting 4 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  122.392374][ T5917] usb 3-1: config 201 interface 249 has no altsetting 0
[  122.419028][ T5917] usb 3-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=fa.df
[  122.422417][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.425083][ T5917] usb 3-1: Product: syz
[  122.430650][ T5917] usb 3-1: Manufacturer: syz
[  122.432489][ T5917] usb 3-1: SerialNumber: syz
[  122.437573][ T7276] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  122.745805][ T5917] ath6kl: Failed to submit usb control message: -71
[  122.748905][ T5917] ath6kl: unable to send the bmi data to the device: -71
[  122.751608][ T5917] ath6kl: Unable to send get target info: -71
[  122.756142][ T5917] ath6kl: Failed to init ath6kl core: -71
[  122.759619][ T5917] ath6kl_usb 3-1:201.249: probe with driver ath6kl_usb failed with error -71
[  122.779259][ T5917] usb 3-1: USB disconnect, device number 6
[  122.924008][ T7318] netlink: 8 bytes leftover after parsing attributes in process `syz.0.476'.
[  122.927398][ T7318] netlink: 8 bytes leftover after parsing attributes in process `syz.0.476'.
[  123.004356][ T7322] netlink: 8 bytes leftover after parsing attributes in process `syz.0.480'.
[  123.500511][ T7330] loop4: detected capacity change from 0 to 32768
[  123.526402][ T7330] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.482 (7330)
[  123.574376][ T7330] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  123.582390][ T7330] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  123.734169][ T7336] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.737852][ T7336] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.779089][ T7330] BTRFS info (device loop4): enabling ssd optimizations
[  123.785533][ T7330] BTRFS info (device loop4): enabling free space tree
[  123.795048][ T7330] BTRFS info (device loop4): use lzo compression, level 1
[  123.971962][   T33] audit: type=1800 audit(1758278030.843:5): pid=7330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.482" name="file1" dev="loop4" ino=260 res=0 errno=0
[  124.222967][ T7336] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.284614][ T7336] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.529504][ T6879] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  124.711045][   T12] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.716324][   T12] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.721706][   T12] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.729601][   T12] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.982645][ T7377] loop4: detected capacity change from 0 to 1024
[  125.016055][  T793] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  125.039499][   T26] hfsplus: b-tree write err: -5, ino 4
[  125.171846][  T793] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  125.174798][  T793] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.180986][  T793] usb 3-1: config 0 descriptor??
[  125.198833][  T793] cp210x 3-1:0.0: cp210x converter detected
[  125.229688][ T7383] loop4: detected capacity change from 0 to 2048
[  125.262476][ T7383] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  125.295826][ T7384] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  125.606081][  T793] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  125.698930][ T7398] netlink: 20 bytes leftover after parsing attributes in process `syz.4.499'.
[  125.821755][  T793] usb 3-1: cp210x converter now attached to ttyUSB0
[  125.892513][ T7405] loop4: detected capacity change from 0 to 2048
[  125.921429][ T7405] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  126.012650][ T2330] usb 3-1: USB disconnect, device number 7
[  126.023487][ T2330] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  126.035639][ T2330] cp210x 3-1:0.0: device disconnected
[  126.051581][ T7409] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  126.063967][ T7409] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 836 with error 28
[  126.070891][ T7409] EXT4-fs (loop4): This should not happen!! Data will be lost
[  126.070891][ T7409] 
[  126.074631][ T7409] EXT4-fs (loop4): Total free blocks count 0
[  126.078917][ T7409] EXT4-fs (loop4): Free/Dirty block details
[  126.081104][ T7409] EXT4-fs (loop4): free_blocks=2415919104
[  126.083123][ T7409] EXT4-fs (loop4): dirty_blocks=848
[  126.085208][ T7409] EXT4-fs (loop4): Block reservation details
[  126.087818][ T7409] EXT4-fs (loop4): i_reserved_data_blocks=53
[  126.164642][   T26] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  126.898411][ T7443] loop4: detected capacity change from 0 to 128
[  126.947108][ T7445] loop0: detected capacity change from 0 to 1024
[  126.965420][ T7445] hfsplus: failed to load root directory
[  127.382385][ T7459] loop0: detected capacity change from 0 to 32768
[  127.397005][ T7459] 
[  127.397005][ T7459]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  127.397005][ T7459] 
[  127.422150][ T5857] 
[  127.422150][ T5857]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  127.422150][ T5857] 
[  127.431865][ T5857] 
[  127.431865][ T5857]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  127.431865][ T5857] 
[  127.583407][ T7473] netlink: 'syz.0.530': attribute type 3 has an invalid length.
[  127.591204][ T7473] netlink: 'syz.0.530': attribute type 27 has an invalid length.
[  127.722785][ T7481] misc userio: No port type given on /dev/userio
[  128.278317][ T7516] loop4: detected capacity change from 0 to 16
[  128.290273][ T7516] erofs (device loop4): mounted with root inode @ nid 36.
[  128.460149][ T7522] process 'syz.0.553' launched '/dev/fd/11' with NULL argv: empty string added
[  128.810794][ T7529] netlink: 12 bytes leftover after parsing attributes in process `syz.2.557'.
[  128.838401][ T7529] 8021q: adding VLAN 0 to HW filter on device bond1
[  129.061487][ T7543] IPVS: Error connecting to the multicast addr
[  129.160781][ T7551] loop2: detected capacity change from 0 to 512
[  129.192416][ T7551] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.206919][ T7551] ext4 filesystem being mounted at /190/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  130.100234][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.737038][ T7600] netlink: 16 bytes leftover after parsing attributes in process `syz.0.583'.
[  132.801517][ T1365] ieee802154 phy0 wpan0: encryption failed: -22
[  132.804046][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  133.483224][ T7609] overlayfs: only single ':' or double '::' sequences of unescaped colons in lowerdir mount option allowed.
[  133.936376][   T10] usb 3-1: new full-speed USB device number 8 using dummy_hcd
[  134.056937][ T7618] loop0: detected capacity change from 0 to 4096
[  134.068293][ T7618] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  134.088811][ T7620] netlink: 4 bytes leftover after parsing attributes in process `syz.4.592'.
[  134.091648][ T7620] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  134.094691][ T7618] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  134.098884][   T10] usb 3-1: config 16 has an invalid interface number: 19 but max is 0
[  134.101816][ T7618] ntfs3(loop0): ino=19, mi_enum_attr
[  134.111220][   T10] usb 3-1: config 16 has no interface number 0
[  134.113631][ T7618] ntfs3(loop0): failed to convert "c46c" to cp852
[  134.115503][   T10] usb 3-1: New USB device found, idVendor=0499, idProduct=cdf4, bcdDevice=78.ee
[  134.119263][ T7618] ntfs3(loop0): ino=20, mi_enum_attr
[  134.120261][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.124387][   T10] usb 3-1: Product: syz
[  134.127085][   T10] usb 3-1: Manufacturer: syz
[  134.128655][   T10] usb 3-1: SerialNumber: syz
[  134.151650][ T7620] batman_adv: batadv0: Removing interface: batadv_slave_1
[  134.333080][ T7625] loop0: detected capacity change from 0 to 256
[  134.356433][ T7625] exfat: Deprecated parameter 'utf8'
[  134.358751][ T7625] exfat: Invalid uid '0xffffffff'
[  134.417938][ T7625] loop0: detected capacity change from 0 to 8
[  134.441618][ T7625] SQUASHFS error: lzo decompression failed, data probably corrupt
[  134.444498][ T7625] SQUASHFS error: Failed to read block 0x91: -5
[  134.481639][ T7625] SQUASHFS error: Unable to read metadata cache entry [8f]
[  134.491311][ T7625] SQUASHFS error: Unable to read inode 0x11f
[  134.556616][ T5241] Bluetooth: hci0: command 0x0405 tx timeout
[  134.752820][ T7635] loop4: detected capacity change from 0 to 4096
[  134.766552][ T7635] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  134.821865][ T7635] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  134.825005][ T7635] ntfs3(loop4): Failed to load $Extend (-22).
[  134.830156][ T7635] ntfs3(loop4): Failed to initialize $Extend.
[  135.076745][ T7641] netlink: 1319 bytes leftover after parsing attributes in process `syz.2.602'.
[  135.200103][   T10] usb 3-1: USB disconnect, device number 8
[  135.251707][ T5862] udevd[5862]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:16.19/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  135.369483][ T7652] loop4: detected capacity change from 0 to 256
[  135.372009][ T7652] exfat: Deprecated parameter 'utf8'
[  135.389515][ T7652] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  135.602579][ T7657] tipc: Started in network mode
[  135.611048][ T7657] tipc: Node identity , cluster identity 4711
[  135.616068][ T7657] tipc: Failed to obtain node identity
[  135.618201][ T7657] tipc: Enabling of bearer <eth:gre0> rejected, failed to enable media
[  135.769458][ T7660] loop2: detected capacity change from 0 to 2048
[  135.777735][ T7658] loop4: detected capacity change from 0 to 2048
[  135.813821][ T7661] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  135.823060][ T7653] loop0: detected capacity change from 0 to 32768
[  135.830881][ T7658] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #2: comm syz.4.608: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  135.836858][ T7653] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.606 (7653)
[  135.843442][ T7658] EXT4-fs (loop4): get root inode failed
[  135.845143][ T7658] EXT4-fs (loop4): mount failed
[  135.847856][ T7653] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  135.851602][ T7653] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  135.900116][ T7661] NILFS (loop2): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  135.904347][ T7661] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=4)
[  135.938113][ T7661] Remounting filesystem read-only
[  135.969885][ T5241] Bluetooth: hci0: unexpected event for opcode 0x2062
[  136.065628][ T7653] BTRFS info (device loop0): enabling ssd optimizations
[  136.068686][ T7653] BTRFS info (device loop0): enabling free space tree
[  137.512213][ T5857] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  137.811362][ T7715] netlink: 'syz.0.617': attribute type 1 has an invalid length.
[  137.814356][ T7715] netlink: 144 bytes leftover after parsing attributes in process `syz.0.617'.
[  137.839937][ T7715] netlink: 96 bytes leftover after parsing attributes in process `syz.0.617'.
[  137.904151][ T7720] loop0: detected capacity change from 0 to 64
[  137.963959][ T7720] syz.0.627: attempt to access beyond end of device
[  137.963959][ T7720] loop0: rw=0, sector=1024, nr_sectors = 2 limit=64
[  137.973840][ T7720] Buffer I/O error on dev loop0, logical block 512, async page read
[  137.978141][ T7720] syz.0.627: attempt to access beyond end of device
[  137.978141][ T7720] loop0: rw=0, sector=113152, nr_sectors = 2 limit=64
[  137.986122][ T7720] Buffer I/O error on dev loop0, logical block 56576, async page read
[  138.156417][ T7723] loop4: detected capacity change from 0 to 32768
[  138.295419][ T7723] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,checksum_err_retry_nr=12,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,degraded=yes,nojournal_transaction_names
[  138.295448][ T7723]   allowing incompatible features above 0.0: (unknown version)
[  138.295457][ T7723]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  138.314336][ T7723] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  138.317662][ T7723] bcachefs (loop4): initializing new filesystem
[  138.328915][ T7723] bcachefs (loop4): going read-write
[  138.366520][ T7723] bcachefs (loop4): marking superblocks
[  138.382251][ T7723] bcachefs (loop4): initializing freespace
[  138.388171][ T7723] bcachefs (loop4): done initializing freespace
[  138.393263][ T7723] bcachefs (loop4): reading snapshots table
[  138.395653][ T7723] bcachefs (loop4): reading snapshots done
[  138.433075][ T7723] bcachefs (loop4): done starting filesystem
[  138.481364][ T7723] syz.4.628 (7723) used greatest stack depth: 15384 bytes left
[  138.492639][ T6879] bcachefs (loop4): shutting down
[  138.494615][ T6879] bcachefs (loop4): going read-only
[  138.498731][ T6879] bcachefs (loop4): finished waiting for writes to stop
[  138.511940][ T6879] bcachefs (loop4): flushing journal and stopping allocators, journal seq 2
[  138.564810][ T6879] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  138.572275][ T6879] bcachefs (loop4): clean shutdown complete, journal seq 4
[  138.577547][ T6879] bcachefs (loop4): marking filesystem clean
[  138.617595][ T6879] bcachefs (loop4): shutdown complete
[  139.202840][ T7795] warning: `syz.0.655' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  139.439885][ T7803] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  139.997940][ T5241] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  140.002116][ T5241] Bluetooth: hci0: Injecting HCI hardware error event
[  140.007831][   T55] Bluetooth: hci0: hardware error 0x00
[  140.593974][ T7837] netlink: 4 bytes leftover after parsing attributes in process `syz.0.670'.
[  140.713504][ T7843] loop0: detected capacity change from 0 to 512
[  140.731633][ T7843] EXT4-fs: Ignoring removed i_version option
[  140.733980][ T7843] EXT4-fs: Ignoring removed mblk_io_submit option
[  140.745167][ T7843] EXT4-fs (loop0): Test dummy encryption mode enabled
[  140.757722][ T7843] EXT4-fs (loop0): orphan cleanup on readonly fs
[  140.760365][ T7843] EXT4-fs error (device loop0): ext4_orphan_get:1392: comm syz.0.673: inode #13: comm syz.0.673: iget: illegal inode #
[  140.765377][ T7843] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.673: couldn't read orphan inode 13 (err -117)
[  140.770786][ T7843] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  140.785617][ T7843] EXT4-fs error (device loop0): ext4_resize_begin:60: comm syz.0.673: resize_inode disabled but reserved GDT blocks non-zero
[  140.811366][ T5857] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.086263][   T55] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  142.172590][ T7881] : renamed from veth0_vlan (while UP)
[  142.223456][ T7883] loop4: detected capacity change from 0 to 512
[  142.232537][ T7883] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.274649][ T6879] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.314898][ T7887] netlink: 'syz.4.691': attribute type 11 has an invalid length.
[  142.552798][ T7894] loop4: detected capacity change from 0 to 1024
[  142.558555][ T7894] hfsplus: invalid catalog max_key_len 0
[  142.561247][ T7894] hfsplus: failed to load catalog file
[  142.625754][ T7896] netlink: 8 bytes leftover after parsing attributes in process `syz.4.695'.
[  142.633257][ T7896] netlink: 36 bytes leftover after parsing attributes in process `syz.4.695'.
[  143.836150][   T10] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  143.986121][   T10] usb 3-1: Using ep0 maxpacket: 16
[  143.992707][   T10] usb 3-1: config 1 interface 0 altsetting 206 endpoint 0x81 has invalid maxpacket 1080, setting to 1024
[  143.997578][   T10] usb 3-1: config 1 interface 0 has no altsetting 0
[  144.003095][   T10] usb 3-1: New USB device found, idVendor=046d, idProduct=c53a, bcdDevice= 0.40
[  144.008412][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.011848][   T10] usb 3-1: Product: syz
[  144.013788][   T10] usb 3-1: Manufacturer: syz
[  144.016088][   T10] usb 3-1: SerialNumber: syz
[  144.024995][ T7924] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  144.242472][   T10] usbhid 3-1:1.0: can't add hid device: -71
[  144.244693][   T10] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  144.250926][   T10] usb 3-1: USB disconnect, device number 9
[  145.130379][ T7946] netlink: 165 bytes leftover after parsing attributes in process `syz.2.710'.
[  145.820355][ T7985] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input7
[  145.855281][ T7988] loop0: detected capacity change from 0 to 512
[  145.868252][ T7988] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  145.876010][ T7988] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  145.880844][ T7988] System zones: 0-1, 15-15, 18-18, 34-34
[  145.883549][ T7988] EXT4-fs (loop0): orphan cleanup on readonly fs
[  145.887395][ T7988] Quota error (device loop0): v2_read_header: Failed header read: expected=8 got=0
[  145.891572][ T7988] EXT4-fs warning (device loop0): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  145.898487][ T7988] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  145.903680][ T7988] EXT4-fs (loop0): 1 truncate cleaned up
[  145.907816][ T7988] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  145.943767][ T5857] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.239789][  T793] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  146.436596][  T793] usb 3-1: Using ep0 maxpacket: 16
[  146.440641][  T793] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  146.446605][  T793] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  146.455290][  T793] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  146.461314][  T793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.464557][  T793] usb 3-1: Product: syz
[  146.467202][  T793] usb 3-1: Manufacturer: syz
[  146.469207][  T793] usb 3-1: SerialNumber: syz
[  146.681910][  T793] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  146.706205][   T10] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  146.706436][  T793] usb 3-1: USB disconnect, device number 10
[  146.856037][   T10] usb 5-1: Using ep0 maxpacket: 8
[  146.859876][   T10] usb 5-1: unable to get BOS descriptor or descriptor too short
[  146.863200][   T10] usb 5-1: config 7 has an invalid interface number: 213 but max is 0
[  146.865794][   T10] usb 5-1: config 7 has no interface number 0
[  146.868873][   T10] usb 5-1: config 7 interface 213 altsetting 15 bulk endpoint 0x8F has invalid maxpacket 16
[  146.872197][   T10] usb 5-1: config 7 interface 213 altsetting 15 endpoint 0xD has an invalid bInterval 128, changing to 7
[  146.875801][   T10] usb 5-1: config 7 interface 213 altsetting 15 endpoint 0xD has invalid wMaxPacketSize 0
[  146.880387][   T10] usb 5-1: config 7 interface 213 altsetting 15 endpoint 0xC has invalid maxpacket 1023, setting to 64
[  146.884143][   T10] usb 5-1: config 7 interface 213 has no altsetting 0
[  146.890806][   T10] usb 5-1: language id specifier not provided by device, defaulting to English
[  146.895062][   T10] usb 5-1: New USB device found, idVendor=15e8, idProduct=9100, bcdDevice=61.61
[  146.898877][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.911179][   T10] usb 5-1: Product: syz
[  146.912525][   T10] usb 5-1: Manufacturer: syz
[  146.913947][   T10] usb 5-1: SerialNumber: syz
[  146.918541][ T8004] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  147.133182][   T10] pegasus 5-1:7.213: probe with driver pegasus failed with error -71
[  147.141164][   T10] usb 5-1: USB disconnect, device number 2
[  147.368649][ T8022] loop2: detected capacity change from 0 to 512
[  147.430088][ T8022] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.435795][ T8022] ext4 filesystem being mounted at /258/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.138286][ T8048] openvswitch: netlink: Unknown VXLAN extension attribute 0
[  149.282465][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.414121][ T8056] netlink: 'syz.2.755': attribute type 15 has an invalid length.
[  149.418004][ T8056] netlink: 24 bytes leftover after parsing attributes in process `syz.2.755'.
[  149.761182][ T8066] loop2: detected capacity change from 0 to 1024
[  149.829891][ T8066] syz.2.761: attempt to access beyond end of device
[  149.829891][ T8066] loop2: rw=0, sector=917504, nr_sectors = 2 limit=1024
[  149.835681][ T8066] Buffer I/O error on dev loop2, logical block 458752, async page read
[  149.841163][ T8066] syz.2.761: attempt to access beyond end of device
[  149.841163][ T8066] loop2: rw=0, sector=917504, nr_sectors = 2 limit=1024
[  149.847389][ T8066] Buffer I/O error on dev loop2, logical block 458752, async page read
[  150.071607][ T8075] loop4: detected capacity change from 0 to 4096
[  150.095271][ T8078] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  150.827666][ T8090] loop2: detected capacity change from 0 to 1024
[  150.844400][ T8090] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.856197][ T8090] ext4 filesystem being mounted at /269/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.958126][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.993056][ T8097] netlink: 'syz.4.774': attribute type 3 has an invalid length.
[  151.079162][   T33] audit: type=1326 audit(1758278057.943:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.0.779" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff343f8eba9 code=0x7ffc0000
[  151.103322][   T33] audit: type=1326 audit(1758278057.943:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.0.779" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff343f8eba9 code=0x7ffc0000
[  151.130651][   T33] audit: type=1326 audit(1758278057.953:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.0.779" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff343f8eba9 code=0x7ffc0000
[  151.148254][   T33] audit: type=1326 audit(1758278057.953:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.0.779" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff343f8eba9 code=0x7ffc0000
[  151.186065][   T33] audit: type=1326 audit(1758278057.953:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.0.779" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff343f8eba9 code=0x7ffc0000
[  151.194247][   T33] audit: type=1326 audit(1758278057.953:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.0.779" exe="/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7ff343f8eba9 code=0x7ffc0000
[  151.202136][   T33] audit: type=1326 audit(1758278057.953:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.0.779" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff343f8eba9 code=0x7ffc0000
[  151.212503][   T33] audit: type=1326 audit(1758278057.953:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.0.779" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff343f8eba9 code=0x7ffc0000
[  151.221287][   T33] audit: type=1326 audit(1758278057.953:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.0.779" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff343f8eba9 code=0x7ffc0000
[  151.228538][   T33] audit: type=1326 audit(1758278057.953:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8107 comm="syz.0.779" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff343f8eba9 code=0x7ffc0000
[  152.001610][ T8111] loop0: detected capacity change from 0 to 32768
[  152.009936][ T8111] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.780 (8111)
[  152.028845][ T8111] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  152.034366][ T8111] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[  152.160827][ T8111] BTRFS info (device loop0): allowing degraded mounts
[  152.163867][ T8111] BTRFS info (device loop0): enabling ssd optimizations
[  152.166766][ T8111] BTRFS info (device loop0): enabling free space tree
[  152.169428][ T8111] BTRFS info (device loop0): force zlib compression, level 3
[  152.380968][ T5857] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  152.517271][ T8141] loop2: detected capacity change from 0 to 128
[  152.796005][   T10] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  152.956068][   T10] usb 3-1: Using ep0 maxpacket: 16
[  152.969151][   T10] usb 3-1: config 0 interface 0 has no altsetting 0
[  152.971742][   T10] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  152.975286][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.984380][   T10] usb 3-1: config 0 descriptor??
[  153.338904][ T8151] block nbd0: Attempted send on invalid socket
[  153.342111][ T8151] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  153.346987][ T8151] EXT4-fs (nbd0): unable to read superblock
[  153.409265][   T10] hid (null): unknown global tag 0xe
[  153.411106][   T10] hid (null): unknown global tag 0xc
[  153.413105][   T10] hid (null): unknown global tag 0xc
[  153.415064][   T10] hid (null): report_id 2132627207 is invalid
[  153.418278][   T10] hid (null): invalid report_count -915061764
[  153.420460][   T10] hid (null): global environment stack underflow
[  153.525829][ T8163] loop4: detected capacity change from 0 to 8
[  153.713144][ T5903] usb 3-1: USB disconnect, device number 11
[  154.831790][ T8173] program syz.2.797 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  154.846819][ T8175] netlink: 4 bytes leftover after parsing attributes in process `syz.4.799'.
[  155.096270][ T8181] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  155.430047][ T8210] loop0: detected capacity change from 0 to 256
[  156.212224][ T8230] loop4: detected capacity change from 0 to 164
[  157.287601][ T8269] loop2: detected capacity change from 0 to 128
[  157.315024][ T8269] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  157.318428][ T8269] System zones: 1-3, 19-19, 35-36
[  157.402449][ T8269] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  157.428153][ T8269] ext4 filesystem being mounted at /283/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  157.486480][   T33] kauditd_printk_skb: 1 callbacks suppressed
[  157.486494][   T33] audit: type=1800 audit(1758278064.323:17): pid=8269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.837" name="file1" dev="loop2" ino=12 res=0 errno=0
[  157.549993][ T5852] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  158.557048][   T10] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  158.716333][   T10] usb 5-1: Using ep0 maxpacket: 16
[  158.739751][   T10] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBB, changing to 0x8B
[  158.743911][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  158.749186][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  158.756654][   T10] usb 5-1: New USB device found, idVendor=0b57, idProduct=2bbd, bcdDevice=e7.cc
[  158.759653][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.762320][   T10] usb 5-1: Product: syz
[  158.763767][   T10] usb 5-1: Manufacturer: syz
[  158.765632][   T10] usb 5-1: SerialNumber: syz
[  158.774308][   T10] usb 5-1: config 0 descriptor??
[  158.842509][ T8316] loop0: detected capacity change from 0 to 512
[  158.964910][ T8324] mmap: syz.2.862 (8324): VmData 37482496 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  158.992476][   T10] usb 5-1: USB disconnect, device number 3
[  159.007033][ T8326] loop0: detected capacity change from 0 to 256
[  159.019447][ T8328] loop2: detected capacity change from 0 to 512
[  159.030720][ T8328] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.035615][ T8328] ext4 filesystem being mounted at /288/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.074994][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.448739][ T5903] usb 3-1: new full-speed USB device number 12 using dummy_hcd
[  159.584272][ T8358] netlink: 16 bytes leftover after parsing attributes in process `syz.4.877'.
[  159.599543][ T5903] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  159.603128][ T5903] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 128, changing to 4
[  159.625660][ T5903] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 30, changing to 4
[  159.630650][ T5903] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 1023
[  159.636742][ T5903] usb 3-1: config 1 interface 1 has no altsetting 0
[  159.653531][ T5903] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  159.661412][ T5903] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.664811][ T5903] usb 3-1: Product: syz
[  159.668834][ T5903] usb 3-1: Manufacturer: syz
[  159.670789][ T5903] usb 3-1: SerialNumber: syz
[  159.770960][ T8362] loop0: detected capacity change from 0 to 512
[  159.773942][ T8362] EXT4-fs: Ignoring removed oldalloc option
[  159.811716][ T8362] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  159.816844][ T8362] ext4 filesystem being mounted at /290/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.825640][ T8362] EXT4-fs warning (device loop0): verify_group_input:156: Last group not full
[  160.082394][ T5857] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.105711][ T5903] usb 3-1: 2:1 : unsupported format bits 0x40
[  160.129448][ T5903] usb 3-1: USB disconnect, device number 12
[  160.253361][ T8374] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  160.256631][ T8374] IPv6: NLM_F_CREATE should be set when creating new route
[  160.259507][ T8374] IPv6: NLM_F_CREATE should be set when creating new route
[  160.605095][ T8380] loop0: detected capacity change from 0 to 32768
[  160.610541][ T8380] (syz.0.886,8380,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  160.615723][ T8380] (syz.0.886,8380,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  160.669174][ T8380] JBD2: Ignoring recovery information on journal
[  160.713425][ T8380] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  161.168708][ T5857] ocfs2: Unmounting device (7,0) on (node local)
[  161.391424][ T8397] netlink: 8 bytes leftover after parsing attributes in process `syz.2.891'.
[  161.410461][ T8395] loop0: detected capacity change from 0 to 32768
[  161.420215][ T8395] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  161.464374][ T5857] ocfs2: Unmounting device (7,0) on (node local)
[  161.547983][ T8402] netlink: 129704 bytes leftover after parsing attributes in process `syz.2.892'.
[  161.636662][ T8406] loop0: detected capacity change from 0 to 128
[  161.659445][ T8406] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  161.666385][ T8406] ext4 filesystem being mounted at /299/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  161.681781][ T8406] EXT4-fs warning (device loop0): verify_group_input:137: Cannot add at group 127 (only 1 groups)
[  161.704140][ T5857] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  162.346279][ T2330] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  162.786076][ T2330] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  162.789922][ T2330] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  162.793736][ T2330] usb 3-1: config 220 has an invalid descriptor of length 184, skipping remainder of the config
[  162.800256][ T2330] usb 3-1: config 220 has no interface number 2
[  162.802609][ T2330] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  162.807628][ T2330] usb 3-1: config 220 interface 0 has no altsetting 0
[  162.810690][ T2330] usb 3-1: config 220 interface 76 has no altsetting 0
[  162.813098][ T2330] usb 3-1: config 220 interface 1 has no altsetting 0
[  162.822809][ T2330] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  162.826393][ T2330] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.829070][ T2330] usb 3-1: Product: syz
[  162.830551][ T2330] usb 3-1: Manufacturer: syz
[  162.832711][ T2330] usb 3-1: SerialNumber: syz
[  163.191149][ T2330] usb 3-1: selecting invalid altsetting 0
[  163.211813][ T2330] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  163.217010][ T2330] usb 3-1: No valid video chain found.
[  163.320663][ T8428] loop4: detected capacity change from 0 to 512
[  163.321127][ T2330] usb 3-1: selecting invalid altsetting 0
[  163.325286][ T2330] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  163.331887][ T2330] usb 3-1: USB disconnect, device number 13
[  163.365451][ T8428] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  163.391934][ T8428] EXT4-fs error (device loop4): ext4_get_first_dir_block:3529: inode #12: comm syz.4.902: Directory block failed checksum
[  163.429950][ T6879] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.606059][ T5917] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  163.776763][ T5917] usb 1-1: Using ep0 maxpacket: 32
[  163.783665][ T5917] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  163.787895][ T5917] usb 1-1: config 0 has no interfaces?
[  163.790075][ T5917] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  163.801418][ T5917] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.809240][ T5917] usb 1-1: config 0 descriptor??
[  163.975994][ T5903] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  164.128312][ T5903] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD6, changing to 0x86
[  164.132820][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  164.303610][ T5903] usb 3-1: New USB device found, idVendor=05f3, idProduct=0240, bcdDevice=1b.24
[  164.307758][ T5903] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.318722][ T5903] usb 3-1: Product: syz
[  164.320389][ T5903] usb 3-1: Manufacturer: syz
[  164.334810][ T5903] usb 3-1: SerialNumber: syz
[  164.341498][ T5903] usb 3-1: config 0 descriptor??
[  164.560001][ T5903] powermate: unknown product id 0240
[  164.574337][ T5903] input: Griffin SoundKnob as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input9
[  164.625272][    C1] powermate: config urb returned -71
[  164.628020][    C1] powermate: config urb returned -71
[  164.630308][    C1] powermate: config urb returned -71
[  164.632594][    C1] powermate: config urb returned -71
[  164.652956][ T5903] usb 3-1: USB disconnect, device number 14
[  164.655474][    C1] powermate 3-1:0.0: powermate_irq - usb_submit_urb failed with result: -19
[  164.792028][ T8445] capability: warning: `syz.4.908' uses 32-bit capabilities (legacy support in use)
[  165.022860][ T8451] loop4: detected capacity change from 0 to 512
[  165.028990][ T8451] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  165.049444][ T8451] EXT4-fs error (device loop4): ext4_init_orphan_info:611: comm syz.4.910: orphan file block 0: bad magic
[  165.054316][ T8451] EXT4-fs (loop4): Remounting filesystem read-only
[  165.060210][ T8451] EXT4-fs (loop4): mount failed
[  165.383643][ T8466] loop2: detected capacity change from 0 to 512
[  165.390339][ T8466] EXT4-fs: Mount option(s) incompatible with ext3
[  165.870639][ T5917] usb 1-1: USB disconnect, device number 6
[  166.226841][ T8471] loop2: detected capacity change from 0 to 1024
[  167.046148][ T8477] syz.0.919 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  167.141843][ T8481] loop4: detected capacity change from 0 to 2048
[  167.180499][ T8481]  loop4: p1 p2 p3 < > p4 < p5 p6 >
[  167.182762][ T8481] loop4: partition table partially beyond EOD, truncated
[  167.188054][ T8481] loop4: p1 start 458755 is beyond EOD, truncated
[  167.190260][ T8481] loop4: p2 start 16908804 is beyond EOD, truncated
[  167.193477][ T8481] loop4: p3 start 4284289 is beyond EOD, truncated
[  167.201786][ T8481] loop4: p5 start 458755 is beyond EOD, truncated
[  167.204550][ T8481] loop4: p6 start 16908804 is beyond EOD, truncated
[  167.316821][ T8493] openvswitch: netlink: IP tunnel dst address not specified
[  167.599691][ T8498] loop2: detected capacity change from 0 to 40427
[  167.603243][ T8498] F2FS-fs (loop2): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  167.606103][ T8498] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  167.609571][ T8498] F2FS-fs (loop2): build fault injection type: 0x6
[  167.613338][ T8498] F2FS-fs (loop2): invalid crc value
[  167.649813][ T8498] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  167.654077][ T8498] F2FS-fs (loop2): Start checkpoint disabled!
[  167.667270][ T8498] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  167.670086][ T8498] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  167.765670][ T8513] afs: Unknown parameter 'f2fs'
[  167.903589][ T8520] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  169.182487][   T53] kworker/u9:2: attempt to access beyond end of device
[  169.182487][   T53] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  169.206304][   T53] CPU: 0 UID: 0 PID: 53 Comm: kworker/u9:2 Not tainted syzkaller #0 PREEMPT(full) 
[  169.206324][   T53] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  169.206334][   T53] Workqueue: writeback wb_workfn (flush-7:2)
[  169.206360][   T53] Call Trace:
[  169.206366][   T53]  <TASK>
[  169.206373][   T53]  dump_stack_lvl+0x189/0x250
[  169.206415][   T53]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.206429][   T53]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  169.206449][   T53]  ? __pfx_queue_work_on+0x10/0x10
[  169.206464][   T53]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  169.206483][   T53]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  169.206512][   T53]  f2fs_handle_critical_error+0x37c/0x540
[  169.206539][   T53]  f2fs_write_end_io+0x886/0xb60
[  169.206568][   T53]  __submit_merged_bio+0x27a/0x6a0
[  169.206593][   T53]  __submit_merged_write_cond+0x255/0x530
[  169.206623][   T53]  f2fs_write_data_pages+0x261d/0x3000
[  169.206660][   T53]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  169.206682][   T53]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  169.206724][   T53]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  169.206751][   T53]  ? trace_f2fs_writepages+0x7f/0x200
[  169.206771][   T53]  ? f2fs_write_node_pages+0x478/0x6e0
[  169.206793][   T53]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  169.206808][   T53]  ? lock_list_lru_of_memcg+0x238/0x4c0
[  169.206835][   T53]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  169.206849][   T53]  do_writepages+0x32e/0x550
[  169.206871][   T53]  ? reacquire_held_locks+0x127/0x1d0
[  169.206885][   T53]  ? writeback_sb_inodes+0x384/0x1010
[  169.206909][   T53]  __writeback_single_inode+0x145/0xff0
[  169.206926][   T53]  ? do_raw_spin_unlock+0x4d/0x240
[  169.206945][   T53]  writeback_sb_inodes+0x6c7/0x1010
[  169.206982][   T53]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  169.207029][   T53]  ? rcu_is_watching+0x15/0xb0
[  169.207052][   T53]  wb_writeback+0x43b/0xaf0
[  169.207075][   T53]  ? queue_io+0x2f1/0x590
[  169.207094][   T53]  ? __pfx_wb_writeback+0x10/0x10
[  169.207116][   T53]  ? _raw_spin_unlock_irq+0x23/0x50
[  169.207139][   T53]  wb_workfn+0x409/0xef0
[  169.207164][   T53]  ? __pfx_wb_workfn+0x10/0x10
[  169.207183][   T53]  ? __lock_acquire+0xab9/0xd20
[  169.207212][   T53]  ? process_scheduled_works+0x9ef/0x17b0
[  169.207232][   T53]  ? _raw_spin_unlock_irq+0x23/0x50
[  169.207272][   T53]  ? process_scheduled_works+0x9ef/0x17b0
[  169.207284][   T53]  ? process_scheduled_works+0x9ef/0x17b0
[  169.207298][   T53]  process_scheduled_works+0xae1/0x17b0
[  169.207332][   T53]  ? __pfx_process_scheduled_works+0x10/0x10
[  169.207357][   T53]  worker_thread+0x8a0/0xda0
[  169.207373][   T53]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  169.207397][   T53]  ? __kthread_parkme+0x7b/0x200
[  169.207419][   T53]  kthread+0x711/0x8a0
[  169.207437][   T53]  ? __pfx_worker_thread+0x10/0x10
[  169.207449][   T53]  ? __pfx_kthread+0x10/0x10
[  169.207465][   T53]  ? _raw_spin_unlock_irq+0x23/0x50
[  169.207482][   T53]  ? lockdep_hardirqs_on+0x9c/0x150
[  169.207494][   T53]  ? __pfx_kthread+0x10/0x10
[  169.207509][   T53]  ret_from_fork+0x439/0x7d0
[  169.207526][   T53]  ? __pfx_ret_from_fork+0x10/0x10
[  169.207543][   T53]  ? __switch_to_asm+0x39/0x70
[  169.207559][   T53]  ? __switch_to_asm+0x33/0x70
[  169.207572][   T53]  ? __pfx_kthread+0x10/0x10
[  169.207589][   T53]  ret_from_fork_asm+0x1a/0x30
[  169.207623][   T53]  </TASK>
[  169.207697][   T53] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  169.371512][   T53] CPU: 0 UID: 0 PID: 53 Comm: kworker/u9:2 Not tainted syzkaller #0 PREEMPT(full) 
[  169.371531][   T53] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  169.371540][   T53] Workqueue: writeback wb_workfn (flush-7:2)
[  169.371561][   T53] Call Trace:
[  169.371567][   T53]  <TASK>
[  169.371574][   T53]  dump_stack_lvl+0x189/0x250
[  169.371603][   T53]  ? __pfx_dump_stack_lvl+0x10/0x10
[  169.371618][   T53]  ? __pfx_queue_work_on+0x10/0x10
[  169.371631][   T53]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  169.371651][   T53]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  169.371678][   T53]  f2fs_handle_critical_error+0x37c/0x540
[  169.371703][   T53]  f2fs_write_end_io+0x886/0xb60
[  169.371730][   T53]  __submit_merged_bio+0x27a/0x6a0
[  169.371753][   T53]  __submit_merged_write_cond+0x255/0x530
[  169.371773][   T53]  f2fs_write_data_pages+0x261d/0x3000
[  169.371811][   T53]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  169.371835][   T53]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  169.371874][   T53]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  169.371902][   T53]  ? trace_f2fs_writepages+0x7f/0x200
[  169.371921][   T53]  ? f2fs_write_node_pages+0x478/0x6e0
[  169.371942][   T53]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  169.371957][   T53]  ? lock_list_lru_of_memcg+0x238/0x4c0
[  169.371982][   T53]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  169.371996][   T53]  do_writepages+0x32e/0x550
[  169.372017][   T53]  ? reacquire_held_locks+0x127/0x1d0
[  169.372030][   T53]  ? writeback_sb_inodes+0x384/0x1010
[  169.372052][   T53]  __writeback_single_inode+0x145/0xff0
[  169.372069][   T53]  ? do_raw_spin_unlock+0x4d/0x240
[  169.372087][   T53]  writeback_sb_inodes+0x6c7/0x1010
[  169.372123][   T53]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  169.372172][   T53]  ? rcu_is_watching+0x15/0xb0
[  169.372193][   T53]  wb_writeback+0x43b/0xaf0
[  169.372215][   T53]  ? queue_io+0x2f1/0x590
[  169.372259][   T53]  ? __pfx_wb_writeback+0x10/0x10
[  169.372283][   T53]  ? _raw_spin_unlock_irq+0x23/0x50
[  169.372305][   T53]  wb_workfn+0x409/0xef0
[  169.372331][   T53]  ? __pfx_wb_workfn+0x10/0x10
[  169.372348][   T53]  ? __lock_acquire+0xab9/0xd20
[  169.372375][   T53]  ? process_scheduled_works+0x9ef/0x17b0
[  169.372393][   T53]  ? _raw_spin_unlock_irq+0x23/0x50
[  169.372410][   T53]  ? process_scheduled_works+0x9ef/0x17b0
[  169.372421][   T53]  ? process_scheduled_works+0x9ef/0x17b0
[  169.372435][   T53]  process_scheduled_works+0xae1/0x17b0
[  169.372471][   T53]  ? __pfx_process_scheduled_works+0x10/0x10
[  169.372498][   T53]  worker_thread+0x8a0/0xda0
[  169.372514][   T53]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  169.372539][   T53]  ? __kthread_parkme+0x7b/0x200
[  169.372560][   T53]  kthread+0x711/0x8a0
[  169.372578][   T53]  ? __pfx_worker_thread+0x10/0x10
[  169.372596][   T53]  ? __pfx_kthread+0x10/0x10
[  169.372613][   T53]  ? _raw_spin_unlock_irq+0x23/0x50
[  169.372631][   T53]  ? lockdep_hardirqs_on+0x9c/0x150
[  169.372643][   T53]  ? __pfx_kthread+0x10/0x10
[  169.372659][   T53]  ret_from_fork+0x439/0x7d0
[  169.372675][   T53]  ? __pfx_ret_from_fork+0x10/0x10
[  169.372693][   T53]  ? __switch_to_asm+0x39/0x70
[  169.372708][   T53]  ? __switch_to_asm+0x33/0x70
[  169.372722][   T53]  ? __pfx_kthread+0x10/0x10
[  169.372738][   T53]  ret_from_fork_asm+0x1a/0x30
[  169.372767][   T53]  </TASK>
[  169.372846][   T53] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  170.883041][ T8550] loop2: detected capacity change from 0 to 512
[  170.907410][ T8550] EXT4-fs warning (device loop2): ext4_xattr_inode_get:542: inode #11: comm syz.2.953: ea_inode file size=4 entry size=6
[  170.911622][ T8550] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  170.916902][ T8554] loop0: detected capacity change from 0 to 256
[  170.920227][ T8554] exfat: Deprecated parameter 'utf8'
[  170.926994][ T8554] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x4d7dfc9d, utbl_chksum : 0xe619d30d)
[  170.927319][ T8550] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #15: comm syz.2.953: corrupted inode contents
[  170.946325][ T8550] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #15: comm syz.2.953: mark_inode_dirty error
[  170.951722][ T8550] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #15: comm syz.2.953: corrupted inode contents
[  170.971600][ T8550] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #15: comm syz.2.953: mark_inode_dirty error
[  170.978176][ T8550] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #15: comm syz.2.953: mark inode dirty (error -117)
[  170.984691][ T8550] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  170.992857][ T8550] EXT4-fs (loop2): 1 orphan inode deleted
[  170.999158][ T8550] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.151491][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.741314][ T8573] loop0: detected capacity change from 0 to 4096
[  171.749281][ T8573] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  171.789902][ T8573] ntfs3(loop0): ino=19, mi_enum_attr
[  171.794429][ T8573] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  171.829711][ T8573] ntfs3(loop0): failed to convert "c46c" to euc-jp
[  171.833930][ T8573] ntfs3(loop0): ino=20, mi_enum_attr
[  172.043256][ T8565] loop2: detected capacity change from 0 to 32768
[  172.895103][ T8592] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  172.918120][ T8583] loop4: detected capacity change from 0 to 32768
[  172.921322][ T8583] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.969 (8583)
[  173.171991][ T8583] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  173.179097][ T8583] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  173.253994][ T8583] BTRFS info (device loop4): enabling ssd optimizations
[  173.260129][ T8583] BTRFS info (device loop4): enabling free space tree
[  173.262732][ T8583] BTRFS info (device loop4): use zstd compression, level 3
[  173.289670][ T8583] BTRFS info (device loop4): setting compat-ro feature flag for VERITY (0x4)
[  173.331127][ T6879] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  173.352067][ T8594] loop0: detected capacity change from 0 to 32768
[  173.362869][ T8594] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  173.384015][ T8594] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  173.406053][   T12] (kworker/u8:0,12,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  173.498242][ T8616] trusted_key: encrypted_key: master key parameter 'trusted:' is invalid
[  173.523956][ T5857] ocfs2: Unmounting device (7,0) on (node local)
[  173.881654][ T8638] netlink: 24 bytes leftover after parsing attributes in process `syz.4.981'.
[  173.912333][ T8639] ubi31: attaching mtd0
[  173.920713][ T8639] ubi31: scanning is finished
[  173.922718][ T8639] ubi31: empty MTD device detected
[  174.012477][ T8639] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  174.016934][ T8639] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  174.019658][ T8639] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  174.022564][ T8639] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  174.025757][ T8639] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  174.028897][ T8639] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  174.032103][ T8639] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1214466248
[  174.036351][ T8639] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  174.041033][ T8640] ubi31: background thread "ubi_bgt31d" started, PID 8640
[  174.090237][ T8642] loop0: detected capacity change from 0 to 2048
[  174.101966][ T8645] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  174.105698][ T8644] netlink: 'syz.2.986': attribute type 9 has an invalid length.
[  174.111769][ T8644] netlink: 4 bytes leftover after parsing attributes in process `syz.2.986'.
[  174.136242][   T12] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  174.139934][ T8644] netlink: 'syz.2.986': attribute type 9 has an invalid length.
[  174.140599][   T12] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  174.145969][ T8644] netlink: 4 bytes leftover after parsing attributes in process `syz.2.986'.
[  174.152360][   T12] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  174.155715][   T12] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  174.174915][ T8645] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  174.181886][ T8645] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  174.189223][ T8645] Remounting filesystem read-only
[  174.192154][ T5857] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  174.418724][ T8658] netlink: 24 bytes leftover after parsing attributes in process `syz.0.991'.
[  175.474455][ T8665] loop4: detected capacity change from 0 to 2048
[  175.502392][ T8665] NILFS (loop4): couldn't find nilfs on the device
[  176.319388][ T8679] loop0: detected capacity change from 0 to 256
[  176.323904][ T8679] exfat: Deprecated parameter 'utf8'
[  176.335803][ T8679] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x4d7dfc9d, utbl_chksum : 0xe619d30d)
[  176.701152][ T8686] loop2: detected capacity change from 0 to 256
[  176.736921][ T8686] FAT-fs (loop2): Directory bread(block 64) failed
[  176.739571][ T8686] FAT-fs (loop2): Directory bread(block 65) failed
[  176.742264][ T8686] FAT-fs (loop2): Directory bread(block 66) failed
[  176.745209][ T8686] FAT-fs (loop2): Directory bread(block 67) failed
[  176.750372][ T8686] FAT-fs (loop2): Directory bread(block 68) failed
[  176.753741][ T8686] FAT-fs (loop2): Directory bread(block 69) failed
[  176.756698][ T8686] FAT-fs (loop2): Directory bread(block 70) failed
[  176.759135][ T8686] FAT-fs (loop2): Directory bread(block 71) failed
[  176.761594][ T8686] FAT-fs (loop2): Directory bread(block 72) failed
[  176.767901][ T8686] FAT-fs (loop2): Directory bread(block 73) failed
[  176.893564][   T12] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  176.906064][   T12] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  176.913516][   T12] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  176.921034][   T12] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  177.021102][ T8707] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  177.089998][ T8710] loop4: detected capacity change from 0 to 512
[  177.094230][ T8710] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 not in group (block 2)!
[  177.098632][ T8710] EXT4-fs (loop4): group descriptors corrupted!
[  177.145998][ T5917] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  177.297919][ T5917] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.309237][ T5917] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  177.312899][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.325967][ T5917] usb 3-1: Product: syz
[  177.327676][ T5917] usb 3-1: Manufacturer: syz
[  177.329603][ T5917] usb 3-1: SerialNumber: syz
[  177.696644][ T5917] cdc_ncm 3-1:1.0: bind() failure
[  177.703790][ T5917] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  177.707523][ T5917] cdc_ncm 3-1:1.1: bind() failure
[  177.714029][ T5917] usb 3-1: USB disconnect, device number 15
[  177.880997][ T8722] tun0: tun_chr_ioctl cmd 35111
[  179.100554][ T8752] loop2: detected capacity change from 0 to 128
[  179.103639][ T8752] EXT4-fs (loop2): Test dummy encryption mode enabled
[  179.111668][ T8754] vxcan0: tx address claim with different name
[  179.118824][ T8752] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  179.124807][ T8752] ext4 filesystem being mounted at /326/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  179.220381][ T8752] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  179.224872][ T8762] loop4: detected capacity change from 0 to 2048
[  179.247794][ T8762] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  179.292568][ T5852] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  179.359145][ T8773] loop4: detected capacity change from 0 to 1024
[  179.539757][ T8783] loop0: detected capacity change from 0 to 256
[  179.555833][ T8783] FAT-fs (loop0): bogus logical sector size 0
[  179.562842][ T8783] FAT-fs (loop0): Can't find a valid FAT filesystem
[  179.939822][ T8785] loop4: detected capacity change from 0 to 32768
[  179.967143][ T8785] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  179.994311][ T8785] XFS (loop4): Ending clean mount
[  180.009516][ T8785] XFS (loop4): Quotacheck needed: Please wait.
[  180.039910][ T8785] XFS (loop4): Quotacheck: Done.
[  180.069762][ T6879] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  180.076146][ T5917] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  180.239279][ T5917] usb 1-1: Using ep0 maxpacket: 32
[  180.253124][ T5917] usb 1-1: config 0 has an invalid interface number: 183 but max is 0
[  180.265461][ T5917] usb 1-1: config 0 has no interface number 0
[  180.268120][ T5917] usb 1-1: config 0 interface 183 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  180.282554][ T5917] usb 1-1: New USB device found, idVendor=eb1a, idProduct=e305, bcdDevice=92.53
[  180.287004][ T5917] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.304285][ T5917] usb 1-1: Product: syz
[  180.306134][ T5917] usb 1-1: Manufacturer: syz
[  180.307958][ T5917] usb 1-1: SerialNumber: syz
[  180.315230][ T5917] usb 1-1: config 0 descriptor??
[  180.541354][ T5917] usb 1-1: USB disconnect, device number 7
[  180.568259][ T8813] loop2: detected capacity change from 0 to 2048
[  180.602457][ T8813]  loop2: p1 p2 < > p3 < p5 p6 > p4
[  180.604680][ T8813] loop2: partition table partially beyond EOD, truncated
[  180.610652][ T8813] loop2: p2 start 4278190080 is beyond EOD, truncated
[  180.614394][ T8813] loop2: p4 size 8192 extends beyond EOD, truncated
[  180.618625][ T8813] loop2: p6 size 8192 extends beyond EOD, truncated
[  182.395998][ T5917] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  182.546051][ T5917] usb 3-1: Using ep0 maxpacket: 8
[  182.549287][ T5917] usb 3-1: unable to get BOS descriptor or descriptor too short
[  182.553459][ T5917] usb 3-1: config 4 has an invalid interface number: 147 but max is 0
[  182.557250][ T5917] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  182.561133][ T5917] usb 3-1: config 4 has no interface number 0
[  182.571063][ T5917] usb 3-1: string descriptor 0 read error: -22
[  182.573627][ T5917] usb 3-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  182.577602][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.586616][ T5917] usb 3-1: Found UVC 0.02 device <unnamed> (04f2:b746)
[  182.589459][ T5917] usb 3-1: No streaming interface found for terminal 6.
[  182.794878][   T10] usb 3-1: USB disconnect, device number 16
[  183.214423][ T8858] Bluetooth: MGMT ver 1.23
[  183.919638][ T8889] loop0: detected capacity change from 0 to 32768
[  183.926665][ T8889] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  183.941008][ T8889] XFS (loop0): Ending clean mount
[  183.948279][ T8889] XFS (loop0): Quotacheck needed: Please wait.
[  183.984734][ T8889] XFS (loop0): Quotacheck: Done.
[  184.027300][ T5857] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  184.524930][ T8915] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.1095'.
[  184.604295][   T33] audit: type=1326 audit(1758278091.473:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8908 comm="syz.2.1092" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5cbd38eba9 code=0x0
[  184.753289][ T8928] loop0: detected capacity change from 0 to 512
[  184.791393][ T8928] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.801486][ T8928] ext4 filesystem being mounted at /396/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  184.823710][ T8928] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.1101: corrupted inode contents
[  184.834511][ T8928] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #2: comm syz.0.1101: mark_inode_dirty error
[  184.840538][ T8928] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.1101: corrupted inode contents
[  184.847159][ T8928] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.1101: mark_inode_dirty error
[  184.891324][ T5857] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.575683][ T8961] netlink: 'syz.0.1115': attribute type 3 has an invalid length.
[  186.394577][ T8980] loop2: detected capacity change from 0 to 128
[  186.874485][ T8981] trusted_key: encrypted_key: insufficient parameters specified
[  186.882295][ T8980] hpfs: Bad version 183,140. Mount readonly to go around
[  186.885586][ T8980] hpfs: please try recent version of HPFS driver at http://artax.karlin.mff.cuni.cz/~mikulas/vyplody/hpfs/index-e.cgi and if it still can't understand this format, contact author - mikulas@artax.karlin.mff.cuni.cz
[  187.090872][   T10] IPVS: starting estimator thread 0...
[  187.218221][ T9000] IPVS: using max 46 ests per chain, 110400 per kthread
[  187.333164][ T9005] loop2: detected capacity change from 0 to 512
[  187.656947][ T9005] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.1131: bad orphan inode 15
[  187.663854][ T9005] ext4_test_bit(bit=14, block=18) = 1
[  187.665703][ T9005] is_bad_inode(inode)=0
[  187.668317][ T9005] NEXT_ORPHAN(inode)=1023
[  187.668651][ T9016] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1136'.
[  187.669820][ T9005] max_ino=32
[  187.669841][ T9005] i_nlink=0
[  187.671897][ T9005] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2962: inode #15: comm syz.2.1131: corrupted xattr block 19: invalid header
[  187.682540][ T9005] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  187.688841][ T9005] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  187.693546][ T9005] ext4 filesystem being mounted at /352/qY3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  188.680079][ T9013] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 449: padding at end of block bitmap is not set
[  189.060210][ T9027] loop4: detected capacity change from 0 to 4096
[  189.854913][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  189.958214][ T9048] delete_channel: no stack
[  189.963409][ T9047] delete_channel: no stack
[  190.003765][ T9054] loop4: detected capacity change from 0 to 2048
[  190.068685][ T9054] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.154050][ T6879] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.392602][ T9092] loop2: detected capacity change from 0 to 1024
[  190.412550][ T9092] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  190.418945][ T9092] ext4 filesystem being mounted at /363/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.439403][ T9092] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: comm syz.2.1167: lblock 0 mapped to illegal pblock 0 (length 1)
[  190.456430][ T9092] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  190.461558][ T9092] EXT4-fs (loop2): This should not happen!! Data will be lost
[  190.461558][ T9092] 
[  190.478777][ T9092] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: comm syz.2.1167: lblock 0 mapped to illegal pblock 0 (length 1)
[  190.497080][ T9092] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  190.501218][ T9092] EXT4-fs (loop2): This should not happen!! Data will be lost
[  190.501218][ T9092] 
[  190.535801][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  190.683667][ T9107] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1171'.
[  190.892089][ T9097] loop4: detected capacity change from 0 to 32768
[  190.911940][ T9097] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  190.941936][ T9097] XFS (loop4): Ending clean mount
[  190.967480][   T33] audit: type=1800 audit(1758278097.843:19): pid=9097 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1168" name="file1" dev="loop4" ino=6150 res=0 errno=0
[  191.013223][ T6879] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  191.206136][ T5241] Bluetooth: hci1: command 0x0406 tx timeout
[  192.862756][ T9145] loop4: detected capacity change from 0 to 32768
[  192.869523][ T9145] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1184 (9145)
[  192.984361][ T9145] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  192.995596][ T9145] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  193.042486][ T9145] BTRFS info (device loop4): enabling ssd optimizations
[  193.045156][ T9145] BTRFS info (device loop4): enabling free space tree
[  193.049913][ T9145] BTRFS info (device loop4): use zstd compression, level 3
[  193.065785][   T33] audit: type=1800 audit(1758278099.933:20): pid=9145 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1184" name="file1" dev="loop4" ino=260 res=0 errno=0
[  193.213585][ T6879] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  193.740698][ T9179] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  193.751890][ T9179] CIFS mount error: No usable UNC path provided in device string!
[  193.751890][ T9179] 
[  193.756650][ T9179] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  193.837776][ T9183] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1193'.
[  194.240551][ T1365] ieee802154 phy0 wpan0: encryption failed: -22
[  194.243598][ T1365] ieee802154 phy1 wpan1: encryption failed: -22
[  194.364402][ T9188] loop4: detected capacity change from 0 to 40427
[  194.371377][ T9188] F2FS-fs (loop4): build fault injection rate: 14
[  194.372935][ T9202] loop0: detected capacity change from 0 to 128
[  194.374837][ T9188] F2FS-fs (loop4): build fault injection type: 0x3bfe8c
[  194.379816][ T9202] FAT-fs (loop0): bogus number of reserved sectors
[  194.382611][ T9202] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  194.383162][ T9188] F2FS-fs (loop4): invalid crc value
[  194.386710][ T9202] FAT-fs (loop0): Can't find a valid FAT filesystem
[  194.391045][    C0] F2FS-fs (loop4): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  194.407440][    C0] F2FS-fs (loop4): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  194.545754][ T9188] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  194.553344][ T9188] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  194.573357][ T9188] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  194.658383][ T9188] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  194.670112][ T9188] F2FS-fs (loop4): inject dquot initialize in f2fs_dquot_initialize of f2fs_mknod+0x155/0x5d0
[  194.678762][ T9188] F2FS-fs (loop4): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x18b/0xa40
[  194.699838][ T9188] F2FS-fs (loop4): inject no more block in inc_valid_block_count of f2fs_reserve_new_blocks+0x11a/0xab0
[  194.768928][ T6879] syz-executor: attempt to access beyond end of device
[  194.768928][ T6879] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  194.782515][ T6879] CPU: 0 UID: 0 PID: 6879 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  194.782553][ T6879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  194.782562][ T6879] Call Trace:
[  194.782568][ T6879]  <TASK>
[  194.782575][ T6879]  dump_stack_lvl+0x189/0x250
[  194.782599][ T6879]  ? __pfx_dump_stack_lvl+0x10/0x10
[  194.782615][ T6879]  ? __pfx_queue_work_on+0x10/0x10
[  194.782628][ T6879]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  194.782649][ T6879]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  194.782677][ T6879]  f2fs_handle_critical_error+0x37c/0x540
[  194.782703][ T6879]  f2fs_write_end_io+0x886/0xb60
[  194.782730][ T6879]  __submit_merged_bio+0x27a/0x6a0
[  194.782754][ T6879]  __submit_merged_write_cond+0x255/0x530
[  194.782778][ T6879]  f2fs_write_data_pages+0x261d/0x3000
[  194.782817][ T6879]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  194.782857][ T6879]  ? kernel_text_address+0xa5/0xe0
[  194.782900][ T6879]  ? stack_depot_save_flags+0x40/0x860
[  194.782937][ T6879]  ? __lock_acquire+0xab9/0xd20
[  194.782963][ T6879]  ? do_raw_spin_lock+0x121/0x290
[  194.782987][ T6879]  ? do_raw_spin_unlock+0x4d/0x240
[  194.783002][ T6879]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  194.783016][ T6879]  do_writepages+0x32e/0x550
[  194.783042][ T6879]  ? do_raw_spin_unlock+0x4d/0x240
[  194.783061][ T6879]  filemap_fdatawrite+0x199/0x240
[  194.783080][ T6879]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  194.783136][ T6879]  ? do_raw_spin_unlock+0x4d/0x240
[  194.783183][ T6879]  f2fs_sync_dirty_inodes+0x31f/0x830
[  194.783210][ T6879]  f2fs_write_checkpoint+0x95a/0x1df0
[  194.783250][ T6879]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  194.783301][ T6879]  ? kill_f2fs_super+0x298/0x6c0
[  194.783319][ T6879]  kill_f2fs_super+0x2c3/0x6c0
[  194.783338][ T6879]  ? __pfx_kill_f2fs_super+0x10/0x10
[  194.783350][ T6879]  ? radix_tree_delete_item+0x2b6/0x400
[  194.783376][ T6879]  ? shrinker_free+0x2ce/0x3e0
[  194.783393][ T6879]  deactivate_locked_super+0xbc/0x130
[  194.783412][ T6879]  cleanup_mnt+0x425/0x4c0
[  194.783428][ T6879]  ? lockdep_hardirqs_on+0x9c/0x150
[  194.783444][ T6879]  task_work_run+0x1d4/0x260
[  194.783462][ T6879]  ? __pfx_task_work_run+0x10/0x10
[  194.783477][ T6879]  ? __x64_sys_umount+0x122/0x160
[  194.783497][ T6879]  ? exit_to_user_mode_loop+0x40/0x110
[  194.783520][ T6879]  exit_to_user_mode_loop+0xec/0x110
[  194.783539][ T6879]  do_syscall_64+0x2bd/0x3b0
[  194.783554][ T6879]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.783566][ T6879]  ? asm_sysvec_call_function_single+0x1a/0x20
[  194.783581][ T6879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.783593][ T6879] RIP: 0033:0x7f76aa18fed7
[  194.783606][ T6879] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  194.783619][ T6879] RSP: 002b:00007ffd16b92938 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  194.783633][ T6879] RAX: 0000000000000000 RBX: 00007f76aa211c05 RCX: 00007f76aa18fed7
[  194.783642][ T6879] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd16b929f0
[  194.783649][ T6879] RBP: 00007ffd16b929f0 R08: 0000000000000000 R09: 0000000000000000
[  194.783657][ T6879] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd16b93a80
[  194.783665][ T6879] R13: 00007f76aa211c05 R14: 000000000002f818 R15: 00007ffd16b93ac0
[  194.783689][ T6879]  </TASK>
[  194.783857][ T6879] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  197.951232][ T9273] loop4: detected capacity change from 0 to 512
[  197.961249][ T9273] EXT4-fs (loop4): Test dummy encryption mode enabled
[  197.964253][ T9273] EXT4-fs (loop4): Encoding requested by superblock is unknown
[  199.196039][  T793] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  199.288860][   T55] Bluetooth: hci2: link tx timeout
[  199.292434][   T55] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  199.302011][ T5241] Bluetooth: hci2: link tx timeout
[  199.304089][ T5241] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  199.307440][ T5241] Bluetooth: hci2: link tx timeout
[  199.309445][ T5241] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  199.357447][  T793] usb 1-1: Using ep0 maxpacket: 8
[  199.365635][ T5241] Bluetooth: hci2: link tx timeout
[  199.368556][ T5241] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  199.371577][ T5241] Bluetooth: hci2: link tx timeout
[  199.373581][ T5241] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  199.377248][  T793] usb 1-1: unable to get BOS descriptor or descriptor too short
[  199.386236][  T793] usb 1-1: config 7 has an invalid interface number: 142 but max is 0
[  199.389792][  T793] usb 1-1: config 7 has no interface number 0
[  199.400593][  T793] usb 1-1: New USB device found, idVendor=045e, idProduct=0775, bcdDevice=dd.6d
[  199.404213][  T793] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.407501][  T793] usb 1-1: Product: syz
[  199.409534][  T793] usb 1-1: Manufacturer: syz
[  199.411436][  T793] usb 1-1: SerialNumber: syz
[  199.647739][  T793] usb 1-1: USB disconnect, device number 8
[  201.366328][ T5241] Bluetooth: hci2: command 0x0406 tx timeout
[  201.637774][ T9327] loop4: detected capacity change from 0 to 512
[  201.661547][ T9327] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.666838][ T9327] ext4 filesystem being mounted at /285/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  201.718210][ T6879] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.996035][ T9349] loop4: detected capacity change from 0 to 2048
[  202.017640][ T9354] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  202.098742][ T9359] loop0: detected capacity change from 0 to 128
[  202.105304][ T9359] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  202.111767][ T9359] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  202.388763][ T9369] NILFS error (device loop4): nilfs_dotdot: directory #12 missing '..'
[  202.420243][ T9369] Remounting filesystem read-only
[  202.659443][ T2330] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  202.809281][ T9383] netlink: 'syz.2.1271': attribute type 1 has an invalid length.
[  202.816356][ T2330] usb 5-1: Using ep0 maxpacket: 16
[  202.819862][ T2330] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  202.822793][ T2330] usb 5-1: New USB device found, idVendor=04b4, idProduct=bca1, bcdDevice= 0.00
[  202.833552][ T2330] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.838335][ T2330] usb 5-1: config 0 descriptor??
[  204.980517][ T2330] usbhid 5-1:0.0: can't add hid device: -71
[  204.987518][ T2330] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  204.998159][ T2330] usb 5-1: USB disconnect, device number 4
[  205.052140][ T6879] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  205.111970][ T9414] Invalid source name
[  206.969239][ T9431] loop0: detected capacity change from 0 to 32768
[  206.984925][ T9431] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  207.007353][ T9431] XFS (loop0): Ending clean mount
[  207.042430][ T5857] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  207.410257][ T9465] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1297'.
[  207.419762][ T9465] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1297'.
[  207.751838][ T9460] loop4: detected capacity change from 0 to 32768
[  207.755564][ T9460] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1298 (9460)
[  207.765832][ T9460] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  207.770177][ T9460] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  207.801791][ T9460] BTRFS info (device loop4): enabling ssd optimizations
[  207.804714][ T9460] BTRFS info (device loop4): enabling free space tree
[  207.832655][ T9460] BTRFS info (device loop4): setting incompat feature flag for SIMPLE_QUOTA (0x10000)
[  207.938638][ T6879] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  208.426473][ T9513] usb usb8: usbfs: process 9513 (syz.0.1314) did not claim interface 0 before use
[  208.507897][ T9521] loop4: detected capacity change from 0 to 512
[  208.511739][ T9521] EXT4-fs: Ignoring removed nomblk_io_submit option
[  208.521545][ T9521] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  208.524692][ T9521] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  208.528841][ T9521] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[  208.532676][ T9521] EXT4-fs (loop4): Skipping orphan cleanup due to unknown ROCOMPAT features
[  208.544112][ T9521] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  208.565550][ T9521] EXT4-fs: Ignoring removed nomblk_io_submit option
[  208.577213][ T9521] EXT4-fs (loop4): couldn't mount RDWR because of unsupported optional features (80)
[  208.609902][ T6879] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.668372][ T9528] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1322'.
[  208.795109][ T9537] loop0: detected capacity change from 0 to 2048
[  208.803537][ T9537] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  209.309490][ T9546] netlink: 'syz.2.1330': attribute type 7 has an invalid length.
[  209.315346][ T9546] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1330'.
[  209.424841][ T9557] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  209.688883][ T9577] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  209.688883][ T9577] The task syz.4.1340 (9577) triggered the difference, watch for misbehavior.
[  209.689771][ T9563] loop0: detected capacity change from 0 to 32768
[  209.720213][ T9563] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  209.753520][ T9563] XFS (loop0): Ending clean mount
[  209.768449][ T9563] XFS (loop0): Quotacheck needed: Please wait.
[  209.803133][ T9563] XFS (loop0): Quotacheck: Done.
[  209.878624][ T5857] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  210.199675][ T9612] loop0: detected capacity change from 0 to 1024
[  210.219511][ T9612] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.223743][ T9612] ext4 filesystem being mounted at /491/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.241115][ T9612] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 3: comm syz.0.1356: lblock 3 mapped to illegal pblock 3 (length 13)
[  210.249048][ T9612] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  210.253855][ T9612] EXT4-fs (loop0): This should not happen!! Data will be lost
[  210.253855][ T9612] 
[  210.297587][ T5857] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.300860][ T9620] geneve2: entered promiscuous mode
[  210.300912][ T9620] geneve2: entered allmulticast mode
[  211.262228][ T9661] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1377'.
[  211.411141][ T9671] netlink: 'syz.0.1381': attribute type 3 has an invalid length.
[  211.508511][ T9677] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1385'.
[  212.102981][    T9] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  212.260566][    T9] usb 1-1: config index 0 descriptor too short (expected 35577, got 27)
[  212.263942][    T9] usb 1-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  212.267429][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  212.271400][    T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 92
[  212.274803][    T9] usb 1-1: config 1 has no interface number 0
[  212.278416][    T9] usb 1-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  212.282004][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.291932][    T9] snd_usb_pod 1-1:1.1: Line 6 Pocket POD found
[  212.513159][    T9] snd_usb_pod 1-1:1.1: endpoint not available, using fallback values
[  212.516835][    T9] snd_usb_pod 1-1:1.1: invalid control EP
[  212.519245][    T9] snd_usb_pod 1-1:1.1: cannot start listening: -22
[  212.522051][    T9] snd_usb_pod 1-1:1.1: Line 6 Pocket POD now disconnected
[  212.525219][    T9] snd_usb_pod 1-1:1.1: probe with driver snd_usb_pod failed with error -22
[  212.581105][ T9692] netlink: 'syz.2.1391': attribute type 7 has an invalid length.
[  212.583856][ T9692] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1391'.
[  212.703531][  T793] usb 1-1: USB disconnect, device number 9
[  213.278829][ T9705] loop0: detected capacity change from 0 to 256
[  213.281898][ T9705] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  213.286136][ T9705] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  213.292742][ T9705] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  213.400656][ T9711] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1399'.
[  213.404309][ T9711] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1399'.
[  213.408412][ T9711] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1399'.
[  213.413173][ T9711] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1399'.
[  213.416891][ T9711] netlink: 'syz.0.1399': attribute type 6 has an invalid length.
[  213.463734][ T9713] loop0: detected capacity change from 0 to 1024
[  213.466664][ T9713] EXT4-fs: Ignoring removed nobh option
[  213.468384][ T9713] EXT4-fs: Ignoring removed bh option
[  213.479760][ T9713] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.517408][   T33] audit: type=1800 audit(1758278120.393:21): pid=9713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1400" name="file2" dev="overlay" ino=16 res=0 errno=0
[  213.517825][ T9713] evm: overlay not supported
[  213.621734][ T5857] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.918370][ T9735] bond1: entered promiscuous mode
[  213.920307][ T9735] 8021q: adding VLAN 0 to HW filter on device bond1
[  214.673216][ T9748] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1414'.
[  214.767665][ T9753] loop0: detected capacity change from 0 to 8
[  215.502335][ T9771] loop4: detected capacity change from 0 to 16
[  215.514827][ T9771] erofs (device loop4): mounted with root inode @ nid 36.
[  216.753729][ T9788] loop0: detected capacity change from 0 to 256
[  216.768219][ T9788] FAT-fs (loop0): Directory bread(block 64) failed
[  216.770310][ T9788] FAT-fs (loop0): Directory bread(block 65) failed
[  216.772912][ T9788] FAT-fs (loop0): Directory bread(block 66) failed
[  216.774975][ T9788] FAT-fs (loop0): Directory bread(block 67) failed
[  216.778276][ T9788] FAT-fs (loop0): Directory bread(block 68) failed
[  216.780783][ T9788] FAT-fs (loop0): Directory bread(block 69) failed
[  216.783108][ T9788] FAT-fs (loop0): Directory bread(block 70) failed
[  216.785245][ T9788] FAT-fs (loop0): Directory bread(block 71) failed
[  216.789247][ T9788] FAT-fs (loop0): Directory bread(block 72) failed
[  216.791457][ T9788] FAT-fs (loop0): Directory bread(block 73) failed
[  217.091285][ T9795] loop0: detected capacity change from 0 to 512
[  217.128206][ T9795] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.133259][ T9795] ext4 filesystem being mounted at /517/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  217.811501][ T9806] loop4: detected capacity change from 0 to 16
[  217.814780][ T9806] erofs (device loop4): mounted with root inode @ nid 36.
[  217.959800][ T9814] netlink: 'syz.4.1440': attribute type 10 has an invalid length.
[  218.039824][ T5857] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.103461][ T9816] loop0: detected capacity change from 0 to 1024
[  218.117465][ T9816] EXT4-fs: Ignoring removed bh option
[  218.142139][ T9816] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.181789][ T5857] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.248501][ T9824] loop0: detected capacity change from 0 to 256
[  218.252344][ T9824] exfat: Deprecated parameter 'utf8'
[  218.254454][ T9824] exfat: Deprecated parameter 'utf8'
[  218.270593][ T9824] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36d2a6b4, utbl_chksum : 0xe619d30d)
[  218.279421][ T9828] vivid-008: disconnect
[  218.282129][ T9827] vivid-008: reconnect
[  218.478771][ T9842] loop0: detected capacity change from 0 to 64
[  218.491127][   T33] audit: type=1800 audit(1758278125.363:22): pid=9842 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1452" name="file2" dev="loop0" ino=6 res=0 errno=0
[  218.547320][ T9844] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1454'.
[  218.585404][ T9848] netlink: 'syz.0.1456': attribute type 5 has an invalid length.
[  218.588960][ T9848] netlink: 'syz.0.1456': attribute type 5 has an invalid length.
[  218.592636][ T9848] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.1456'.
[  218.771880][ T9862] loop4: detected capacity change from 0 to 256
[  218.778450][ T9862] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  218.782394][ T9862] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  218.798528][ T9862] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  218.817862][   T33] audit: type=1800 audit(1758278126.692:23): pid=9862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1463" name="file1" dev="loop4" ino=1048624 res=0 errno=0
[  218.876128][ T9866] kAFS: unable to lookup cell 'syz169@=R'
[  219.096269][ T9884] loop4: detected capacity change from 0 to 1024
[  219.130652][ T4273] hfsplus: b-tree write err: -5, ino 4
[  219.373226][ T9886] loop0: detected capacity change from 0 to 32768
[  219.374539][ T9886] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1475 (9886)
[  219.393335][ T9886] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  219.393832][ T9886] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  219.446510][ T9886] BTRFS info (device loop0): enabling ssd optimizations
[  219.449230][ T9886] BTRFS info (device loop0): enabling free space tree
[  219.543056][ T5857] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  219.543251][ T9917] loop4: detected capacity change from 0 to 8
[  219.568910][ T9917] cramfs: empty filesystem
[  219.720358][ T9921] bridge1: entered promiscuous mode
[  220.076495][  T793] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  220.236254][  T793] usb 5-1: Using ep0 maxpacket: 8
[  220.242368][  T793] usb 5-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  220.247409][  T793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.250619][  T793] usb 5-1: Product: syz
[  220.252302][  T793] usb 5-1: Manufacturer: syz
[  220.254184][  T793] usb 5-1: SerialNumber: syz
[  220.267663][  T793] usb 5-1: config 0 descriptor??
[  220.478662][  T793] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  220.747328][ T9961] loop0: detected capacity change from 0 to 1024
[  220.774406][  T187] hfsplus: b-tree write err: -5, ino 4
[  220.884766][  T793] gspca_sunplus: reg_w_riv err -71
[  220.889451][  T793] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  220.893233][  T793] usb 5-1: USB disconnect, device number 5
[  221.086275][    T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  221.159717][ T9984] overlayfs: failed to clone upperpath
[  221.254451][    T9] usb 1-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  221.259081][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.263032][    T9] usb 1-1: Product: syz
[  221.264710][    T9] usb 1-1: Manufacturer: syz
[  221.267378][    T9] usb 1-1: SerialNumber: syz
[  221.271687][    T9] usb 1-1: config 0 descriptor??
[  221.276755][    T9] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  221.946198][    T9] gspca_sunplus: reg_w_riv err -71
[  221.948330][    T9] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  221.952998][    T9] usb 1-1: USB disconnect, device number 10
[  223.234380][T10030] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1533'.
[  223.506837][    T9] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  223.628977][T10041] 9pnet_rdma: rdma_create_trans (10041): problem binding to privport: 13
[  223.659121][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  223.663541][    T9] usb 5-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  223.667789][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.672250][    T9] usb 5-1: config 0 descriptor??
[  223.843623][T10046] wg1: entered promiscuous mode
[  223.845645][T10046] wg1: entered allmulticast mode
[  223.911908][T10050] overlayfs: failed to clone upperpath
[  224.042373][T10059] netlink: 'syz.0.1546': attribute type 29 has an invalid length.
[  224.046382][T10059] netlink: 'syz.0.1546': attribute type 29 has an invalid length.
[  224.051024][T10059] netlink: 500 bytes leftover after parsing attributes in process `syz.0.1546'.
[  224.089187][    T9] uclogic 0003:5543:0522.0003: unbalanced delimiter at end of report description
[  224.098117][    T9] uclogic 0003:5543:0522.0003: parse failed
[  224.100491][    T9] uclogic 0003:5543:0522.0003: probe with driver uclogic failed with error -22
[  224.297958][  T793] usb 5-1: USB disconnect, device number 6
[  224.352065][T10077] loop0: detected capacity change from 0 to 512
[  224.355014][T10077] EXT4-fs: Ignoring removed bh option
[  224.358429][T10077] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  224.367551][T10077] EXT4-fs (loop0): 1 truncate cleaned up
[  224.370050][T10077] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.404427][ T5857] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.689889][T10083] loop0: detected capacity change from 0 to 4096
[  224.769459][T10083] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  225.008785][  T187] ntfs3(loop0): ino=9, ntfs3_write_inode failed, -22.
[  225.011716][ T5857] ntfs3(loop0): ino=9, ntfs_sync_fs failed, -22.
[  225.462453][T10120] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1574'.
[  225.745996][  T793] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  225.900443][  T793] usb 1-1: config 2 has an invalid interface number: 233 but max is 0
[  225.903725][  T793] usb 1-1: config 2 has no interface number 0
[  225.906575][  T793] usb 1-1: config 2 interface 233 has no altsetting 0
[  225.911950][  T793] usb 1-1: New USB device found, idVendor=1b3d, idProduct=0109, bcdDevice=33.00
[  225.914902][  T793] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.923345][  T793] usb 1-1: Product: syz
[  225.925064][  T793] usb 1-1: Manufacturer: syz
[  225.929052][  T793] usb 1-1: SerialNumber: syz
[  226.159905][  T793] ftdi_sio 1-1:2.233: FTDI USB Serial Device converter detected
[  226.163830][  T793] usb 1-1: Detected FT232HP
[  226.183922][  T793] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  226.188500][  T793] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  226.206443][  T793] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  226.215621][  T793] usb 1-1: USB disconnect, device number 11
[  226.220044][  T793] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  226.223515][  T793] ftdi_sio 1-1:2.233: device disconnected
[  226.295101][T10138] netlink: 'syz.2.1583': attribute type 17 has an invalid length.
[  226.299133][T10138] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1583'.
[  226.689308][T10155] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check.
[  226.807392][T10161] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1594'.
[  226.829567][T10161] team1: entered promiscuous mode
[  226.831891][T10161] team1: entered allmulticast mode
[  226.879120][T10163] netlink: 'syz.0.1595': attribute type 10 has an invalid length.
[  226.882711][T10163] bond0: (slave bond_slave_0): Releasing backup interface
[  226.962218][T10165] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  226.965681][T10165] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.046901][T10165] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  227.050526][T10165] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.124957][T10165] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  227.130150][T10165] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.223445][T10165] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  227.228723][T10165] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.313513][T10175] syzkaller1: entered promiscuous mode
[  227.316208][T10175] syzkaller1: entered allmulticast mode
[  227.364250][ T5865] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  227.369068][ T5865] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  227.386326][ T5865] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  227.390427][ T5865] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  227.423230][ T5865] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  227.434374][ T5865] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  227.454123][ T5865] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  227.458017][ T5865] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  227.690161][T10198] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1612'.
[  227.714933][T10198] : entered promiscuous mode
[  227.725307][T10198] : left promiscuous mode
[  228.035700][T10189] loop0: detected capacity change from 0 to 131072
[  228.038996][T10189] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[  228.041481][T10189] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  228.045362][T10189] F2FS-fs (loop0): invalid crc value
[  228.084523][T10189] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  228.089483][T10189] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  228.092234][T10189] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  228.115284][   T33] audit: type=1800 audit(1758278135.982:24): pid=10189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1607" name="file1" dev="loop0" ino=7 res=0 errno=0
[  228.482743][T10213] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.1617'.
[  228.487085][T10213] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.1617'.
[  229.577839][T10262] netlink: 'syz.4.1637': attribute type 21 has an invalid length.
[  229.580951][T10262] IPv6: NLM_F_CREATE should be specified when creating new route
[  230.359477][ T7754] block nbd0: Receive control failed (result -32)
[  230.423004][T10280] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1643'.
[  231.390747][T10332] loop4: detected capacity change from 0 to 32768
[  231.414595][T10332] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  231.642161][ T6879] ocfs2: Unmounting device (7,4) on (node local)
[  232.831244][T10354] loop0: detected capacity change from 0 to 32768
[  232.852332][T10354] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  232.859789][T10354] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  232.905399][   T33] audit: type=1800 audit(1758278140.772:25): pid=10354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1674" name="file1" dev="loop0" ino=17059 res=0 errno=0
[  234.121792][   T33] audit: type=1800 audit(1758278141.992:26): pid=10361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1674" name="file1" dev="loop0" ino=17059 res=0 errno=0
[  234.153782][T10361] 
[  234.154863][T10361] ======================================================
[  234.157711][T10361] WARNING: possible circular locking dependency detected
[  234.160445][T10361] syzkaller #0 Not tainted
[  234.162441][T10361] ------------------------------------------------------
[  234.166264][T10361] syz.0.1674/10361 is trying to acquire lock:
[  234.168617][T10361] ffff88802b3a4ee0 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xb6/0x320
[  234.173103][T10361] 
[  234.173103][T10361] but task is already holding lock:
[  234.175982][T10361] ffff88802b3a4f78 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xa4/0x320
[  234.179567][T10361] 
[  234.179567][T10361] which lock already depends on the new lock.
[  234.179567][T10361] 
[  234.182627][T10361] 
[  234.182627][T10361] the existing dependency chain (in reverse order) is:
[  234.185884][T10361] 
[  234.185884][T10361] -> #4 (&oi->ip_xattr_sem){++++}-{4:4}:
[  234.188824][T10361]        lock_acquire+0x120/0x360
[  234.190642][T10361]        down_read+0x46/0x2e0
[  234.192363][T10361]        ocfs2_init_acl+0x2f9/0x720
[  234.194316][T10361]        ocfs2_mknod+0x1321/0x2050
[  234.196341][T10361]        ocfs2_mkdir+0x191/0x440
[  234.198301][T10361]        vfs_mkdir+0x306/0x510
[  234.199961][T10361]        do_mkdirat+0x247/0x590
[  234.201514][T10361]        __x64_sys_mkdirat+0x87/0xa0
[  234.203205][T10361]        do_syscall_64+0xfa/0x3b0
[  234.204773][T10361]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.206759][T10361] 
[  234.206759][T10361] -> #3 (jbd2_handle){++++}-{0:0}:
[  234.208997][T10361]        lock_acquire+0x120/0x360
[  234.210598][T10361]        start_this_handle+0x1fa7/0x21c0
[  234.212363][T10361]        jbd2__journal_start+0x2c1/0x5b0
[  234.214494][T10361]        jbd2_journal_start+0x2a/0x40
[  234.216483][T10361]        ocfs2_start_trans+0x376/0x6d0
[  234.218225][T10361]        ocfs2_mknod+0xe93/0x2050
[  234.219883][T10361]        ocfs2_create+0x1a5/0x440
[  234.221584][T10361]        path_openat+0x14f4/0x3830
[  234.223370][T10361]        do_filp_open+0x1fa/0x410
[  234.224926][T10361]        do_sys_openat2+0x121/0x1c0
[  234.226476][T10361]        __x64_sys_open+0x11e/0x150
[  234.228212][T10361]        do_syscall_64+0xfa/0x3b0
[  234.229887][T10361]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.232034][T10361] 
[  234.232034][T10361] -> #2 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  234.234816][T10361]        lock_acquire+0x120/0x360
[  234.236715][T10361]        down_read+0x46/0x2e0
[  234.238291][T10361]        ocfs2_start_trans+0x36a/0x6d0
[  234.240056][T10361]        ocfs2_mknod+0xe93/0x2050
[  234.241892][T10361]        ocfs2_create+0x1a5/0x440
[  234.243684][T10361]        path_openat+0x14f4/0x3830
[  234.245608][T10361]        do_filp_open+0x1fa/0x410
[  234.247347][T10361]        do_sys_openat2+0x121/0x1c0
[  234.249202][T10361]        __x64_sys_open+0x11e/0x150
[  234.250758][T10361]        do_syscall_64+0xfa/0x3b0
[  234.252398][T10361]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.254214][T10361] 
[  234.254214][T10361] -> #1 (sb_internal#4){.+.+}-{0:0}:
[  234.256766][T10361]        lock_acquire+0x120/0x360
[  234.258632][T10361]        ocfs2_start_trans+0x26b/0x6d0
[  234.260707][T10361]        ocfs2_setattr+0x969/0x1b40
[  234.262817][T10361]        notify_change+0xb36/0xe40
[  234.264872][T10361]        do_truncate+0x1a4/0x220
[  234.266991][T10361]        do_ftruncate+0x489/0x540
[  234.268949][T10361]        __x64_sys_ftruncate+0x92/0xf0
[  234.270924][T10361]        do_syscall_64+0xfa/0x3b0
[  234.272652][T10361]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.274929][T10361] 
[  234.274929][T10361] -> #0 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}:
[  234.278352][T10361]        validate_chain+0xb9b/0x2140
[  234.280433][T10361]        __lock_acquire+0xab9/0xd20
[  234.282502][T10361]        lock_acquire+0x120/0x360
[  234.284490][T10361]        down_write+0x96/0x1f0
[  234.286384][T10361]        ocfs2_try_remove_refcount_tree+0xb6/0x320
[  234.288931][T10361]        ocfs2_truncate_file+0xda0/0x1420
[  234.291152][T10361]        ocfs2_setattr+0x1520/0x1b40
[  234.293242][T10361]        notify_change+0xb36/0xe40
[  234.295240][T10361]        do_truncate+0x1a4/0x220
[  234.297178][T10361]        path_openat+0x306c/0x3830
[  234.299205][T10361]        do_filp_open+0x1fa/0x410
[  234.301202][T10361]        do_sys_openat2+0x121/0x1c0
[  234.303262][T10361]        __x64_sys_open+0x11e/0x150
[  234.305287][T10361]        do_syscall_64+0xfa/0x3b0
[  234.307217][T10361]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.309758][T10361] 
[  234.309758][T10361] other info that might help us debug this:
[  234.309758][T10361] 
[  234.313712][T10361] Chain exists of:
[  234.313712][T10361]   &ocfs2_file_ip_alloc_sem_key --> jbd2_handle --> &oi->ip_xattr_sem
[  234.313712][T10361] 
[  234.319014][T10361]  Possible unsafe locking scenario:
[  234.319014][T10361] 
[  234.321301][T10361]        CPU0                    CPU1
[  234.322967][T10361]        ----                    ----
[  234.325020][T10361]   lock(&oi->ip_xattr_sem);
[  234.326793][T10361]                                lock(jbd2_handle);
[  234.329063][T10361]                                lock(&oi->ip_xattr_sem);
[  234.331203][T10361]   lock(&ocfs2_file_ip_alloc_sem_key);
[  234.333052][T10361] 
[  234.333052][T10361]  *** DEADLOCK ***
[  234.333052][T10361] 
[  234.336207][T10361] 3 locks held by syz.0.1674/10361:
[  234.338245][T10361]  #0: ffff888023578428 (sb_writers#22){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  234.341850][T10361]  #1: ffff88802b3a5240 (&sb->s_type->i_mutex_key#30){+.+.}-{4:4}, at: do_truncate+0x171/0x220
[  234.345913][T10361]  #2: ffff88802b3a4f78 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_try_remove_refcount_tree+0xa4/0x320
[  234.349875][T10361] 
[  234.349875][T10361] stack backtrace:
[  234.352229][T10361] CPU: 0 UID: 0 PID: 10361 Comm: syz.0.1674 Not tainted syzkaller #0 PREEMPT(full) 
[  234.352247][T10361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  234.352256][T10361] Call Trace:
[  234.352264][T10361]  <TASK>
[  234.352278][T10361]  dump_stack_lvl+0x189/0x250
[  234.352298][T10361]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.352313][T10361]  ? __pfx__printk+0x10/0x10
[  234.352332][T10361]  ? print_lock_name+0xde/0x100
[  234.352351][T10361]  print_circular_bug+0x2ee/0x310
[  234.352368][T10361]  check_noncircular+0x134/0x160
[  234.352385][T10361]  validate_chain+0xb9b/0x2140
[  234.352405][T10361]  __lock_acquire+0xab9/0xd20
[  234.352425][T10361]  ? ocfs2_try_remove_refcount_tree+0xb6/0x320
[  234.352441][T10361]  lock_acquire+0x120/0x360
[  234.352459][T10361]  ? ocfs2_try_remove_refcount_tree+0xb6/0x320
[  234.352476][T10361]  ? lock_acquire+0x175/0x360
[  234.352496][T10361]  down_write+0x96/0x1f0
[  234.352512][T10361]  ? ocfs2_try_remove_refcount_tree+0xb6/0x320
[  234.352528][T10361]  ? __pfx_down_write+0x10/0x10
[  234.352546][T10361]  ocfs2_try_remove_refcount_tree+0xb6/0x320
[  234.352563][T10361]  ? __pfx_ocfs2_try_remove_refcount_tree+0x10/0x10
[  234.352579][T10361]  ? up_write+0x1c4/0x420
[  234.352593][T10361]  ocfs2_truncate_file+0xda0/0x1420
[  234.352616][T10361]  ? __pfx_ocfs2_truncate_file+0x10/0x10
[  234.352634][T10361]  ? do_raw_spin_unlock+0x4d/0x240
[  234.352652][T10361]  ? _raw_spin_unlock+0x28/0x50
[  234.352670][T10361]  ? ocfs2_inode_lock_tracker+0x3ec/0x660
[  234.352687][T10361]  ? __pfx_ocfs2_inode_lock_tracker+0x10/0x10
[  234.352701][T10361]  ? ocfs2_rw_lock+0x13a/0x240
[  234.352714][T10361]  ? __pfx___dquot_initialize+0x10/0x10
[  234.352728][T10361]  ? __pfx_ocfs2_rw_lock+0x10/0x10
[  234.352739][T10361]  ? setattr_prepare+0x1e7/0xac0
[  234.352757][T10361]  ? jbd2_journal_begin_ordered_truncate+0xbb/0x150
[  234.352777][T10361]  ocfs2_setattr+0x1520/0x1b40
[  234.352796][T10361]  ? __pfx_ocfs2_setattr+0x10/0x10
[  234.352834][T10361]  ? ktime_get_coarse_real_ts64_mg+0x52/0x1e0
[  234.352850][T10361]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  234.352870][T10361]  ? ktime_get_coarse_real_ts64_mg+0x1be/0x1e0
[  234.352917][T10361]  ? current_time+0x222/0x370
[  234.352931][T10361]  ? evm_inode_setattr+0x1b6/0x7d0
[  234.352948][T10361]  ? __pfx_current_time+0x10/0x10
[  234.352962][T10361]  ? try_break_deleg+0x79/0x130
[  234.352978][T10361]  ? __pfx_ocfs2_setattr+0x10/0x10
[  234.352998][T10361]  notify_change+0xb36/0xe40
[  234.353017][T10361]  do_truncate+0x1a4/0x220
[  234.353036][T10361]  ? __pfx_do_truncate+0x10/0x10
[  234.353051][T10361]  ? apparmor_file_truncate+0x23e/0x2d0
[  234.353077][T10361]  path_openat+0x306c/0x3830
[  234.353092][T10361]  ? arch_stack_walk+0xfc/0x150
[  234.353113][T10361]  ? stack_depot_save_flags+0x40/0x860
[  234.353133][T10361]  ? __pfx_path_openat+0x10/0x10
[  234.353148][T10361]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.353167][T10361]  do_filp_open+0x1fa/0x410
[  234.353181][T10361]  ? __lock_acquire+0xab9/0xd20
[  234.353200][T10361]  ? __pfx_do_filp_open+0x10/0x10
[  234.353222][T10361]  ? _raw_spin_unlock+0x28/0x50
[  234.353237][T10361]  ? alloc_fd+0x64c/0x6c0
[  234.353257][T10361]  do_sys_openat2+0x121/0x1c0
[  234.353283][T10361]  ? __pfx_do_sys_openat2+0x10/0x10
[  234.353297][T10361]  ? exc_page_fault+0x76/0xf0
[  234.353311][T10361]  ? do_user_addr_fault+0xc8a/0x1390
[  234.353334][T10361]  __x64_sys_open+0x11e/0x150
[  234.353347][T10361]  do_syscall_64+0xfa/0x3b0
[  234.353361][T10361]  ? lockdep_hardirqs_on+0x9c/0x150
[  234.353374][T10361]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.353386][T10361]  ? exc_page_fault+0x9f/0xf0
[  234.353398][T10361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.353412][T10361] RIP: 0033:0x7ff343f8eba9
[  234.353426][T10361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.353439][T10361] RSP: 002b:00007ff344eb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  234.353453][T10361] RAX: ffffffffffffffda RBX: 00007ff3441d6090 RCX: 00007ff343f8eba9
[  234.353464][T10361] RDX: 00000000000000dc RSI: 000000000004827e RDI: 0000200000000200
[  234.353473][T10361] RBP: 00007ff344011e19 R08: 0000000000000000 R09: 0000000000000000
[  234.353482][T10361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  234.353490][T10361] R13: 00007ff3441d6128 R14: 00007ff3441d6090 R15: 00007fff39a8a6d8
[  234.353505][T10361]  </TASK>
[  234.541741][ T5857] ocfs2: Unmounting device (7,0) on (node local)

VM DIAGNOSIS:
10:35:41  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000002d RBX=000000000000002d RCX=0000000000000000 RDX=00000000000003f8
RSI=000000000007ffff RDI=0000000000080000 RBP=00000000000003f8 RSP=ffffc9000a0c6850
R8 =ffff888020610237 R9 =1ffff110040c2046 R10=dffffc0000000000 R11=ffffffff854faab0
R12=dffffc0000000000 R13=ffffffff99b008dc R14=ffffffff99df5440 R15=0000000000000000
RIP=ffffffff854fab2c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007ff344eb46c0 ffffffff 00c00000
GS =0000 ffff8880b8615000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b328eeff8 CR3=00000001111b6000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007ff344012fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000e3a001 RBX=00007f5cbe264540 RCX=00000000000000d5 RDX=0000000000000000
RSI=0000000000000001 RDI=00007f5cbe2645e0 RBP=0000000000000102 RSP=00007f5cbe2644a0
R8 =00007f5cb3000000 R9 =0000000000e3a000 R10=0000000000000000 R11=00007f5cbe264550
R12=0000000000000001 R13=00007f5cbd42da20 R14=0000000000000000 R15=00007f5cbe2645e0
RIP=00007f5cbd250c46 RFL=00010206 [-----P-] CPL=3 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA]
SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f5cbe2656c0 ffffffff 00c00000
GS =0000 0000000000000000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f5cb3e3a000 CR3=00000000280b3000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=00007f5cbe2645a0 00007f5cbe264580
XMM02=00007f5cbe2646e0 00007f5cbe264560 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00007f5cbe2645a0 XMM05=0000000000000000 00007f5cbe2646e0
XMM06=00007f5cbe2646e0 00007f5cbe264560 XMM07=00007f5cbe2645a0 00007f5cbe264580
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f5cbd412fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
